US Copyright Group Lawsuits Based On Highly Questionable Evidence

from the here-we-go-again dept

US Copyright Group was the first US operation to really dive into the whole copyright trolling business of suing thousands of people based on weak evidence of infringement and then offering to “settle” for less than it would cost to go to court. It was known that US Copyright Group was a front for DC-based law firm Dunlap, Grubb and Weaver, and a few months later it came out that US Copyright Group was actually a combined effort between Dunlap, Grubb and Weaver and a German “anti-piracy” tracking company named GuardaLey, who had set up similar partnerships elsewhere.

However, as TorrentFreak reveals, in a lawsuit filed against US Copyright Group over its legal strategy (more than 100,000 sued!), it appears that GuardaLey was the real driving force behind US Copyright Group… and its technology for identifying “pirates” has been found wanting (at best). A German court in a similar case found GuardaLey’s tracking software to not be very good at actually identifying infringement, since it fails to determine if any work is actually shared. Now, though the RIAA may be pushing for the idea that “making available” equals distribution, some courts have already disagreed. If it can’t show actual uploads or downloads, USCG may have a tough time proving infringement.

Even more troubling are claims that GuardaLey set up honeypots to try to get IP addresses to sue. If there’s a honeypot, then, as long as the content is accurate, the download is authorized since the companies doing such copyright trolling usually have licenses over the content. Or, if the file is fake, then there’s no infringement, since the actual file wasn’t downloaded (let alone available).

Of course, we see this kind of thing all the time, with copyright supporters insisting that all you need is an IP address to identify someone. It’s a lot more complicated than that, and making that assumption while going after 100,000 people suggests that any nuances around IP addresses are completely ignored.

Filed Under: ,
Companies: guardaley, us copyright group

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “US Copyright Group Lawsuits Based On Highly Questionable Evidence”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Re: Re: Re: Re:

… by seeing what IP addresses downloads from GuardaLey


One of the big points is that IP addresses listed in the swarm do not necessarily have anything to do with anything.

The University of Washintton study ?Tracking the Trackers? finds:

? Practically any Internet user can be framed for copyright infringement today. By profiling copyright enforcement in the popular BitTorrent file sharing system, we were able to generate hundreds of real DMCA takedown notices for computers at the University of Washington that never downloaded nor shared any content whatsoever.

Further, we were able to remotely generate complaints for nonsense devices including several printers and a (non-NAT) wireless access point. Our results demonstrate several simple techniques that a malicious user could use to frame arbitrary network endpoints.

? Even without being explicitly framed, innocent users may still receive complaints. Because of the inconclusive techniques used to identify infringing BitTorrent users, users may receive DMCA complaints even if they have not been explicitly framed by a malicious user and even if they have never used P2P software!

GuardaLey accuses IP addresses. But GuardaLey does not verify that those accused IP addresses actually connect or run BitTorrent.

G Thompson (profile) says:

Re: Re:

A honeypot is any type of trap that allows the owner of the honeypot to lure and entice for the purpose to either detect, counteract, and sometimes deflect (though this is unusual) any attempt to do something that is unauthorised, illegal, or unlawful.

They are widely used in criminal investigations for such things as unauthorised computer access (hacking/cracking/phreaking), indecent images (childporn etc), fraud, embezzlement, and anything else that can lure a criminal into a ‘controlled’ environment that there actions can be tracked and used as evidence in any matters that might lead to a charge/conviction.

The problem in criminal investigations is that they are basically a controlled and legal form of entrapment in certain situations where the governmental authority gets granted immunity. It is still a VERY VERY gray area that is a legal quagmire.

On the civil litagation side of things it is even more of a gray area, in fact it goes into the area of the actual owner of the honeypot actually committing a form of entrapment. Though since entrapment is a defence to a criminal prosecution, and the IP owner of the honeypot is not actually law enforcement entrapment itself cannot actually be used. Though this doesn’t mean that the legal elements of entrapment like fraud, misleading conduct, or undue persuasion/influence have not been breached. As I said ‘a form’ of entrapment

IP owners using honeypots, whether as single torrents, torrent indexers, mp3 folders on servers, whatever, are by definition specifically authorising and/or licensing the usage of their IP to the user of the honeypot therefore destroying the infringement claim that they try to bring. Since someone can not only infringe something that is authorised

This could lead to cross claims of fraud, privacy violations, deception, extortion, hacking, conspiracy (RICO???), enticement, just to name a few. In the case of children (under 18) being led to the honeypot an interesting situation could occur in that the IP owner could be liable under the attractive nuisance doctrine if damage/injury occurs to the child, and that injury could be the emotional or financial damage of fighting the infringement claim.

Even worse, as far as can be seen there are no actual precedents for the use of honeypots in the USA or common law countries courts, nor even non common law countries for that matter (this info was as at Nov 2010 though I have never heard of anything since either). This further makes it a highly contentious and legal minefield for any IP owner to even try to justify their usage.

Most legal advice suggests when considering honeypots that are dealing about a highly contentious, political, and social area, as in this situation. DONT!

Anonymous Coward says:

Re: Re: Re:

You mean like this guy does?

The judge in one of his cases has ordered the Plaintiff Attorney to produce some interesting documents.

Thanks to Jane Doe!

aldestrawk says:

Re: Re: Re: Re:

It is not clear at all from your first link that CEG is setting up honeypots. Their statement about operations is ambiguous. They could just be participating in a swarm and not setting up a tracker or acting as the initial seed. Do you have any other information that clearly shows they are setting up honeypots like GuardaLey?

G Thompson (profile) says:

Re: Re: Re: Re:


We are playing the word association game aren’t we?

If not you might be interested to know that Gray is a colour, 50% black actually, though not my favourite it is still in an honourable position. Though I realise some will kick it to the kerb I take no offence at this, and think it is just a pretence.

BTW, the above is spelt correctly for real English speaking countries ๐Ÿ˜‰

Anonymous Coward says:

Re: whats a honeypot

at a guess, its when you download a file but the file is zipped up and password protected. The file says that you have to go to an address to get the password. The websit eaddess has a page asking for your email address? or something identifier??
So, you download a file that may be fake (in which case its not infringement, or its real in which case they authorised it. They obviously know IP address is not very accurate – which is why they ask for some identifier.
at a guess.

That Anonymous Coward (profile) says:

Re: Re: whats a honeypot

Not that I know anything about it, but usually the password protected zip files that direct you to websites (or in other cases Windows Media player redirects you to a website to “get a codec” or the file is 30 seconds in actual length saying you need to download a special player) usually involves trying to get you to pay for access to a website to get the information. Of course its not actually in the file, but its really hard to chargeback when you have to explain you were paying to get access to a copy of Earnest Goes to Jail you found online.

Rekrul says:

Re: Re:

Forgive my ignorance, but what is a “honeypot” in this context?

Bait. Imagine a box of commercial DVDs left sitting on the sidewalk outside a store after closing. There’s nobody around, so you grab a couple. The second you do, the lights come on, cops appear and you get arrested.

In BitTorrent, it would be putting up files (either real or fake) for the express purpose of allowing people to download them, so that those people can then be sued.

Anonymous Coward says:

Re: Re: Re:

No, think of it more as a “bait car” sting. You know, a car that is outfitted with remote contolled cameras and shut down devices. Police have cars like this, park them in high car theft areas, leave the keys in them, and then arrest whoever steals them.

No matter the circumstances, you don’t have a right to take something that is not yours. It isn’t abandoned property.

I suspect in this case Torrent Mike and Techfreak left out the simple “bounce” test, which is once an IP downloads a segment, you turn around and request it back (you know, P2P works in two directions). If that piece comes back to you, then that IP address made it available.

That Anonymous Coward (profile) says:

Re: Re: Re:3 Re:

I will use small words for you.
To make the magic thinking box do the bounce test, you need a piece of code that tells the magic thinking box to do it. The companies who gather ip addresses do not like to pay any more than they have to, so they do not buy programs that do it. programs are what code is turned into.

Many of the lawyers who are doing these kinds of cases, use the same client programs as other people, with no changes made to them. This means that they are helping the infringement to be more wide spread so they can extort money from more people.

Ip spoofing is like using fake caller id information, and makes the people looking think the call came from somewhere else.

Your not fun to play with, you can’t keep up.

aldestrawk says:

Re: Re: Re: Re:

The problem with your analogy is that it assumes that everyone knows that P2P protocols are only used to download files illegally. There are a lot of cases where files are offered for legal distribution using P2P protocols. If legal downloading exists and the copyright owners themselves make the file available for downloading it’s not just a question of whether it is entrapment or not. There is a real question as to whether downloading is illegal at all in this scenario. This is quite different from your bait car scenario.

That Anonymous Coward (profile) says:

Re: Re: Re:2 Re:

The “Daily AC Talking Points Memo” encourages them to make sure at every chance to note all of the possible illegal way things can be used.
This helps to try and form the public association of P2P and Crime.

People believe that “pirates” are “stealing” billions of dollars a year, because of the claims of the industry and various AC agents keeping that idea alive.
The problem is these billions of dollars are not appearing anywhere else, because they do not exist.
Commercial Copyright infringers can’t compete with the free sharing and in most cases do not bother.
There is little if any money generated in regular people file sharing, and that money would be generated by advertising allowing the site to stay in business, not allow the criminal masterminds to retire to a warm island with no extradition treaty.

But they will be making comparisons of apples to oranges to elicit a response they want by leading people by the nose.

Anonymous Coward says:

Re: Re: Re: Re:

No matter the circumstances, you don’t have a right to take something that is not yours. It isn’t abandoned property.

They’ve done that with other things too, like bicycles. Basically, the idea is just to take something of value and leave it out in the open, go hide, and then wait for someone to come along and take it. Then, BAM, jump out and make a “bust”. The interesting thing is that they seem to never target wealthy areas. I think it’d be funny for them to do one of those cop show stings by leaving bundles of $100 bills laying around a country club. I wonder how many wall street bankers they could snag.

DannyB (profile) says:

Re: Re:

An example of (but not the only kind of) honeypot would be if I set up a computer that pretends to be a vulnerable Windows PC. (although the word “vulnerable” is redundant.)

The purpose is to wait for a system that is infected with Windows to attempt to infect the honeypot computer. Then I can record the techniques used to infect the honeypot, and collect actual samples of the malware.

Another example honeypot would be one to trap spam robots. Some spammers use robots that crawl the web (just as Google and Yahoo crawl the web to build their search index). Spammers do this to gather email addresses that they find on web pages. A honeypot in this context would generate fake pages with fake email addresses. Each page would have links to other honeypot pages. Since the honeypot generates these fake pages on the fly, it is a website with an unlimited number of fake pages and fake email addresses. This pollutes the spammer’s database with fake email addresses, and wastes the spammers time trying to connect to the email servers of these fake email addresses — and those email servers may be programmed to respond v e r r r r r r y s l o o o o o w l y in accepting the connection and incoming email from the spammer. No human would ever have received these fake email addresses nor would be attempting to send email to these fake email addresses.

Anonymous Coward says:

Re: Re:

I’m surprised no one has used this on the PROTECT IP and COICA sponsors.

By ?sponsors? you’re referring to the individual senators?

You do understand that there does not exist a one-to-one correspondence between IP addresses and individuals.

Further, what makes you think that these senators even use computers? It may be hard for you younger kids to wrap your minds around this, but most senators belong to a generation, and a mindset, that relegated computers and typing to secretaries. It wasn’t an executive-level skill. It was something women did ?and not even all women? certainly not women senators who wanted to distinguish themselves from the typing pool!

(Engineers and computer scientists don’t count in that mindset either. Perhaps engineers and computer scientists aren’t women, but they certainly aren’t senators.)

That Anonymous Coward (profile) says:

Re: Re: Re:

“We” have busted their staffers making wikipedia edits, so some of their staff can work computers.
I am willing to bet that despite the claims by the copyright trolls that they can’t tell where they are, that addresses that resolve to .gov never get placed into any filings.
I know they have targeted .mil addresses, so they know who not to bother.

What would be wonderful is if Google sued USCG preemptively.
USCG named a Google owned IP address in one of their filings, Google has enough money to make USCG look silly in court and a slam dunk case to raise real questions about these extortion attempts.

That Anonymous Coward (profile) says:

I wonder given this information if anyone on the EFF defense list would like to represent anyone who paid the extortion.

Because we know that innocent people will pay the small amount to avoid a long expensive battle. (See the blind man case.)

If they are still using the exact same technology, and no infringement occurred, they extorted these people.
They had nothing to back their claims in court that could prove infringement.
They lied to a court, they used the power of that court to extort money.

This could also be the reason at least 1 or 2 of the German tracking firms have opened US branch offices.
To show that the connections happened within the US, to bolster the shaky IP identifications.

I mean the people behind the Expendables just dropped the entire 24K Doe case once they figured out only a few people were in the DC courts jurisdiction and they would be blocked from getting anyone outside of that courts jurisdiction.

This has never been about protecting copyright, this has been about creating another revenue stream.
You can not tell me USCG was totally unaware of GuardaLey being called on the carpet in court, they are stupid but that aren’t that stupid are they?

This is a case of hoping the technobabble combined with the battlecry of Intellectual Property is our most important thing in the United States would get them rubber stamped.
Even as ACS:Law blew up they added more clients, as the lawyers from whatchamajiger Lyons got reprimanded they continued with this extortion campaign.

I wonder how many other operations are going to be trying to go faster or fold given that a court is now currently aware that this technology has been proved to be flawed, and in some cases there was no real infringement.

That Anonymous Coward (profile) says:

Re: Re: Re:

Forgive me most of my legal knowledge comes from Matlock episodes, could you put those in easier to understand bites please.

When the case that generated this information was filed, most people didn’t pay much attention to it.
They thought it was just someone fighting a windmill.
It really has been off the radar for a long time.
I remember it being filed and hoping they would see some success, I never expected that there would be something as amazing as a court ruling that the gathering firm was not legit.

The use of honeypots has always bothered me, some of them seem to be the real files seeded by “someone”.
Then a wild lawsuit appears, it uses terrify… its very successful.

Oh and to live up to the AC portion of my name…
there not their ๐Ÿ™‚

G Thompson (profile) says:

Re: Re: Re: Re:

There is nothing wrong with Matlock episodes? Though I’d prefer Boston Legal ๐Ÿ˜‰

Can you imagine Denny Crane against these trolls, he’d just shoot em *lol*

Barratry is an interesting old-world crime & tort that can sometimes be referred pejoratively as ‘ambulance chasing’

It is basically the practice of a plaintiff constantly bringing repeated legal actions solely to harass that will over time lead to financial windfall for the plaintiff because it wears down the fortitude of the respondent(s). It’s more to do with the professional conduct (or not) of the legal representation.

Wikipedia [note: I loathe quoting Wikipedia] has a very basic usage of the California Penal Code in regards to barratry [ ] where it is a misdemeanor (yep criminal) though it is a felony in Texas.

Maintenance though (which is also referred to as the medieval doctrine of Champertry) is the wrongful action of an uninterested third party encouraging a lawsuit on the presumption that any damages collected are shared with that third party (Righthaven anyone???). Maintenance is not the same as Contingency Fees between clients and their lawyers though.

Maintenance & barratry should never occur anymore due to legal ethics and Rules of Professional Conduct as set forth by bar associations in each jurisdiction, though sadly it looks like it is coming back into vogue by unscrupulous and unethical parties.

Honeypot’s don’t bother me that much any more as long as they are used for the correct and specific purpose and are available for scrutiny by all parties. Though they should only be used as an investigative aid, not as a be all and end all, and NEVER for civil situations where there is no immunity.

That Anonymous Coward (profile) says:

Re: Re: Re:2 Re:

Thank you… Denny Crane.

I watched both, but people seem to understand better when I use Matlock as my example of my legal knowledge. I moreso know whats right and whats wrong.

My real curiosity right now is it looks like GuardaLey sought out DGW.
I wonder if they rolled up with a set of IP addresses, and then contacted the clients they represent.
The German law used to let people collect on behalf of people who had no idea the lawsuit was going on.
The award would be split between the IP tracker, the lawyer and a small amount then sent onto the infringed party.

Might explain why Uwe Bolle bothered….

I have mentioned in the past to people that there were real serious questions about unclean hands in these cases, and I think someone might have proof of that aligning.

That Anonymous Coward (profile) says:

Re: Re:

I look forward to seeing a Judge raging soon.

By chance did you ever hear what the outcome in the Evan Stone beat down was? Last I heard he had to turn over the IPs, letters, settlement records and the Judge was evaluating the possibility of sanctions… and then nothing… and then Stone popped back up working for Funamation suing people for IP Man and IP Man 2.

Q?r Tharkasd?ttir (profile) says:

Something fishy there. “Guardaley” means more or less “Custody of the law”, “Guardianship of the law”, but that’s in Spanish???i.e. nothing most Germans would understand. So what is such a company registered in England but with a telephone based in south-west Germany (+?49 7…) and yet not owning a registered German domain exactly up to? One searches in vain after a real name, either on their site or on WHOIS…

That Anonymous Coward (profile) says:

Re: Re:

Perhaps GuardaLey was hoping people would do what you did, Google the name and see it means something of the law.

They are registered in England most likely because they might have had dealings with Davenport Lyons or ACS:Law or another clone there.

It is quite possible they have no online presence to avoid people trying to hack them, or are buried deep inside another company as another division.

They name could be a rebrand for one of the other IP hunting firms, most of them seem to be based out of Germany (which I do believe was the original source of this type of lawsuit).

That Anonymous Coward (profile) says:

Re: Re:

Hurm… this might be fishy… Check this…

“”An independent expert’s report is in place for Guardaley, but your monitoring will be done through a different legal entity,” wrote Terence. “This will mean that we will need to get a new one created. There will be no problems, as the technology used will be exactly the same as Guardaley’s.” And later: “We are in correspondence with an expert and the report can be finalised fairly quickly, well in advance of the first court order.”

So, while Tom Dunlap suggests that “Guardaley” doesn’t work for ACS Law, some other company with a new name and the same tech is. This gives Guardaley a hand in the two major “settlement letter” factories in the US and UK.”

They cycle names, but always the same tech.

They use and .net

I notice their former sales manager in CA has removed her linked in profile, she ran a group that was the source of many of the first USCG cases.

Joshy says:

Downloading a movie or MP3 is like stealing lawn clippings. No one would be sued for taking from a pile of lawn clippings. Further more the fine wouldn’t be based on a “per clipping stolen” The owner of the Lawn clippings was not deprived of the use of the lawn (it’s not like the lawn was rolled up and trucked away) The owner of the lawn was still able to utilize and monetize in innumerable ways i.e. just look out window and enjoy. Rent out lawn for parties. Rent for photo shoots. Cut it up and sell it…or some new creative way un-yet mentioned means.

That Anonymous Coward (profile) says:

I wonder if someone wants to clue Beryl Howell into this.
She has been refusing to listen to all of the people who claim they are innocent in this because the ONLY time they could is when they are named in the case. Of course that time never comes, because USCG will never name anyone because then the evidence could be reviewed and decimated.

She also ruled that Does have no right to quash motions seeking records about them as they are not a party to the case.

How is it well over 120 days after the Hurt Locker case began is anyone still on the hook in this? None of them have been named and served and this is a violation of the rules.

Oh and lets not forget one of the letters was returned to the court, the recipient was deceased.

How much more does Beryl Howell have to do before anyone refers her to the “ethics” people for Judges?

She has facilitated the shakedown of thousands of people based on evidence that has never been shown to have merit.
She has stuck her thumb on the scales of justice, and is weighing the rights of a copyright troll firm above the rule of law.

It will be nice to see USCG implode and hopefully make sure that some of the blast hits Beryl Howell as well.

That Anonymous Coward (profile) says:

Re: Extortion

The downside is – this is completely “legal”.

They have presented “evidence” to support their position that these IP addresses hold to key to finding the infringer.
The Judge assumes no lawyer would be stupid enough to mislead the court.
The Judge approves the order, because these have to be issued quickly else the records be gone and they will lead them to the infringer.
They get the name of the person assigned the IP address during the alleged infringement.
They then send a letter to the account holder offering to settle what would be a long protracted case costing them much more than getting legal representation.
They make statements in these letters and point to other “wins” to increase the pressure.
They sometimes call the account holder to get them to say something that can be considered an admission of guilt.
If you mention your stupid roommate they still imply your responsible (this has yet to have its day in court).
They collect money and dismiss some Does, and then cycle the list trying to scare more people.
They at somepoint if forced, dismiss all of the other Does – with prejudice so they can try again in the future, as they still have the records.

If the original “evidence” was validated by an outside expert, if Judges understood an IP address is not like a fingerprint, there would be a much more difficult time for these cases.

This entire shakedown scheme started in Germany, then moved out to the UK, and now it has hit our shores. The sad thing is everywhere it has been the lawyers running it have ended up facing charges infront of a disciplinary board. Obviously anything a board can do to these lawyers is not enough that they would do the exact same thing as has been done before.

wvhillbilly (profile) says:

Why IP address alone is not a reliable identifier

IP addresses are not unique identifiers for at least two reasons:

1) DHCP-Dynamic addressing, Most ISPs use DHCP to assign IP addresses to users on an as-needed basis. When a user logs on he is assigned an IP address from a pool of IP addresses the ISP maintains. When he logs off that address goes back into the pool, and the next time that user logs on he may get an entirely different IP address, and someone else may get the IP address the first user previously had used. Most Internet users get their IP addresses by DHCP, as ISPs usually charge extra for a fixed IP address.

2) IP addresses can be spoofed-that is the person doing the spoofing can make his IP address to appear as someone else’s.

The only reliable unique identifier that can be tied to a particular piece of equipment is the MAC address of the router, Ethernet card or other device that interfaces to the Internet. That number (more like a serial number) is unique to each and every device that connects to a network, but to the best of my knowledge is not recorded, and would probably be difficult to tie to a particular user from ISP or other records.

That Anonymous Coward (profile) says:

Re: Why IP address alone is not a reliable identifier

These record pulls often ask for any MAC addresses associated with it.
The problem is that MAC address is usually for the modem, but does not get to the MAC addresses of the router or the connected computers.

And you can spoof a MAC address, its often built into routers to deal with some ISPs trying to keep you from using the modem with a router. The router clones the MAC address of the machine registered to access the modem.

Oh and there are several programs that let you change MAC addresses.

ohmylord says:

Its Lawyers Like this That Make So Many Not Trust Anytihng Anywhere Anytime AnyPlace

this is not the way Lawyers should behave. Mass Mailings in first class mail. Many 1st time Offense with children or grandchildren. Which colleges basically first offense of 25 or 50 dollars. Government needs to step in and See what is going on with Lawyers who do Mass Mailings to Unites States addresses. It just does not seem American and Legal. What are State General Attorneys saying about this sort of thing. Do they Care of take time to follow up. I can only see ths getting worse with copy cat lawyers if Government or the College Board doesnt step in and give limits in monetary settlements, accusing guitly before innocent (that in itself is against our rights and accusations)and mass mailings out all over the United States. What is happening here. How can this be part of the American Way. This just isnt right. This just isnt right.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop ยป

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...