Movie Institute Feels Pain Of IP Address-Only Piracy ‘Evidence’

The Swedish Film Institute (SFI) is in the middle of a crisis after an anti-piracy company revealed that it had tracked several leaked movies on The Pirate Bay back to its servers. Desperate to deflect the accusations, today the SFI made a long statement. It turned out to be a perfect illustration that allegations of piracy based on an IP address and nothing else, simply must be backed up by something more solid.

Early September it came to light that the Swedish Film Institute (SFI) was being sucked into a scandal.

While monitoring movies leaked to The Pirate Bay, anti-piracy company DoubleTrace said it had discovered that IP addresses in the BitTorrent swarms belonged to none other than the SFI. The drama only escalated when Sweden’s Ministry of Culture and angry movie-industry figures became involved.

After first playing down the news, SFI managing director Bengt Toll later made an announcement which indicated that following an internal audit of firewalls and other logs, no wrong-doing could be found.

Considering the embarrassment of becoming the focus of movie piracy allegations and the importance of dealing with them effectively, some might look at SFI’s initial denial and say, “Well they would say that, wouldn’t they?”

But let’s slow down and take a look at information made available today by the Institute.

Although SFI acknowledge that the IP address (or addresses) logged by DoubleTrace does indeed belong to them, they reveal that it’s hardly trivial to discover the real-life person behind it. Not only do all of SFI’s staff share that IP, but several tenants (such as film and TV producers) do too. And visitors to their library, and visitors to some of their cinemas, and diners in the restaurant, not to mention those using the open WiFi in the cafe and foyer areas.

As indicated by the way they have been proactive in this case by calling in the police, the SFI really seem to want to get to the bottom of the allegations. They say they have firewall logs that could show when and from where in their infrastructure the movies were being shared.

But – and little surprise here – DoubleTrace, the anti-piracy company behind the allegations, aren’t being forthcoming with their evidence.

“The week before the incident became public we carried out intensive work in which we asked the information technology company DoubleTrace AB and production company Strix to show us the data that they claim to have, to get a chance to see if the sharing actually took place here, and if so, from where,” the SFI explains. “Since we are being denied the material it means that we can not verify whether the information is correct.”

In an effort to show how it has attempted to find the source of the problem, SFI goes on to list a whole range of activities carried out to locate any infringement including searching all PCs, servers, networks and logs, calling in auditors, advising the Ministry of Culture and engaging the wider film industry.

As previously detailed, the police were also called in to investigate and are apparently concentrating on the illegal distribution of four films. Their focus is said to be on the illegal activities, not the SFI themselves, yet because the SFI’s IP address was allegedly used to carry out the uploads, they are getting all the bad press.

Now, it’s certainly possible that the SFI person who handles the Internet account could be responsible for the uploads, but equally a passing Pirate Bay fan with access to the free cafe WiFI could have carried out the offenses too. Maybe it was more than one person, maybe DoubleTrace’s systems screwed up – who knows?

The important thing here is that when it comes to the allegations against SFI, and the refusal of the anti-piracy company to make their ‘evidence’ available, SFI should be given the benefit of the doubt.

But, unlike the hundreds of thousands of other ISP account holders around the world who receive letters claiming that they illegally uploaded a movie or song and therefore should pay compensation or, increasingly, be disconnected from the Internet, they are treated more respectfully, quite simply because of who they are.

An IP address is not a person, and unless anti-piracy companies want to let their ‘evidence’ be seen and tested in public, perhaps it’s better if they keep their allegations to themselves.

Previous Post | Next Post

Follow @torrentfreak

AskTheShulgins

First! LOLL.
- Guest
  
  (flagged)
  
  Today’s lesson, kids: an IP address does not equal a person.
  - http://profiles.google.com/zerianis10 Christopher Kidwell
    
    Bottom line, that is the absolute truth of the matter. IP address will NEVER equate to an actual real person sitting at a computer. It shouldn’t even be enough evidence to get a warrant for monitoring in criminal cases.
  - http://tinyurl.com/ANoiXioNA-personal-info ANoiXioNA
    
    maybe ?……..?
    
    My real name is “” 127.0.0.1 “” : )
    - 7th_Guest
      
      Omg, that’s my name too, what a coincidence! We should totally hang out and stuff, see what else we have in common!!11
  - Scary Devil Monastery
    
    I’m not surprised about the refusal by DoubleTrace to actually tell what evidence they have and where it comes from – Henrik Pontén, head of the swedish Ifpi has repeatedly said “We never reveal our methods”.
    
    The common concensus among IT people is that this is because Mr. Pontén knows full well that the methods, if revealed, would be subject to intense scrutiny and almost immediately become a major source of embarrassment.
    
    To my knowledge (and I’d say that is extensive in this case) there are no viable ways of investigating or tracing IP numbers én másse which will provide data of sufficient relevance to build a court case on other than real-time surveillance on a proxy level.
manix

So are they going to get disconnect or not?
- Anonymous
  
  That would depend on their level of double standards.
  
  According to common 3-strikes rules then a person is responsible for securing their own system which rules out the usual “I don’t know who did it” and “I was hacked” excuses. So based on 3-strikes rules they would be in line for punishment simply because their IP address came up.
  
  Take this a step further then they can be thankful this is Sweden and not Italy where the latest proposal would be to kick them off the Internet on first strike, appeals are limited and would fail, and they would be black listed with all ISPs denying them Internet access for months or years.
  
  I got to love hearing these stories when you can simply turn around and say they should not be treated any different to the rest of us. I can then reply “Sorry SFI but your IP came up, punishment is due, and we are not interested in your excuses.”
- Quasit
  
  Sweden has no 3-strike law.
  - Anon
    
    Know body does it is all self regulatory crap from the media moguls to force ISP’s to cut people off. I am not aware of any nation having it on their statute books or if it is even possible to do so legally.
    
    The idea is they will not sue ISP’s that do this. Well that will be the threat. Do what WE say and your safe. Funny as some of these silly moguls underestimate the sheer wealth of some of the worlds ISP’s and how they could drain the media moguls $ for $ in legal actions.
    
    It is all threats to really go at it with a big ISP could destroy a media mogul. All they do is threaten them and go after individuals like old grannies who won’t own up but one of her silly grand kids came in hooked up to her wifi and started BT up. Like she is going to own up to that when she is old and they are children. Again IP address does not equal a person.
    - Anonymous
      
      Wrong. New Zealand does, thanks to the US government.
Zan

A perfect example of the whole ip isn’t a person argument. I hope lawyers defending other alleged file sharers can use this news to their advantage.
Anonymous

tinyurl.com/2df4ccp
Anonymous

tinyurl.com/2df4ccp
- Randy McCoypu
  
  Flagged for spam.
Guest

i hope that some one put all of goverment ipadress of usa and italian on the piratebay as p0rn uploaders.
Truth

Wow so a number is not a person. But it COULD be one of 1, 253 or 65534 people or a very large arrow pointing in the wrong direction. Strange how new laws are being implemented around the world on probabilities and not facts.
- DarknezzMadnezz
  
  They have been doing that for years… Its more commently known these days as Religion.
omg

what !!! wait ? they just figured out that spoofing exist ?! oh wait an ip can be someone else !!! what a bugger !! lmao ….
Herbert

how many times has it been said that an IP address DOES NOT IDENTIFY A PERSON? how many times has this fact been ignored when it is an ordinary member of the public that has been accused of the heinous crime of ‘file sharing’? how many times has the information used to identify a ‘file sharer’ been called into question and not been forthcoming?
what this shows more than anything is that as per usual, there are rules for ‘joe bloggs’ and a completely different set of rules for everyone else. ‘joe bloggs’ is presumed guilty and has to prove innocence, and pay for the privilege of doing so; everyone else is presumed innocent and investigations carried out to try to verify that, not to prove their guilt!
YarickZan

Let’s see how they try and wriggle out of paying themselves millions of dollars in damage and having a judge order their website to be blocked and their employees to be sent to jail.
- http://pulse.yahoo.com/_IZ5BM5GNLA54OADSWGSXAMA7SY Jay
  
  But the US isn’t going for them for copyright infringement. They’re going after them because they’re Swedish. There’s a difference.
RIAAtarded

I see a problem with this and both the law makers and the info gathering specialists should take note. Firstly the system you put in place has to be a template for deal with ALL cases. If there are flaws found in it then the system needs to be changed or abolished. We can’t have rules that are applied at the discretion of the few as that create a process that is discriminatory towards the individual. If you’re suing John Does then sue them all whether a resident, business, government etc. All should be judged equally under the law and if it calls your methods into question they should be strong enough to stand up on their merits. In that however lies the rub. They will not chase this further because it calls their collection methods into question and they would indeed lose as IP doesn’t equal an individual. In addition when they drop these cases which they will it sets precedent showing a flawed two tier system for dealing with these cases.
Anonymous

Awesome.., I just got a $829.99 for only $103.37 and my mom got a $1499.99 HDTV for only $251.92, they are both coming with USPS tomorrow. I would be an idiot to ever pay full retail prices at places like Walmart or Bestbuy. I sold a 37″ HDTV to my boss for $600 that I only paid $78.24 for. I use Gr?bPenny.?om
http://pulse.yahoo.com/_FCNK7C55CBUYFVSC5LNWKB322E Buglord

wait… I can remember hearing or reading something about ip-adresses changing each time you log on the net.. how can they actually say it was MY ip if it changes each time I connect? and doesn’t p2p software show fake ips anyway? and wouldn’t the only way to find people sharing be joining the downloading, making them part of it?
- Anon
  
  “I can remember hearing or reading something about ip-adresses changing each time you log on the net.. how can they actually say it was MY ip if it changes each time I connect?”
  
  No, that’s not true at all. But it used to be with dialup. But I doubt anyone uses dial up anymore and if they do, their piracy is probably not threatening. However, tracing an IP with a time stamp, even a changing IP from a dialup provider is not impossible.
  
  “and doesn’t p2p software show fake ips anyway?”
  
  No.
  
  “and wouldn’t the only way to find people sharing be joining the downloading, making them part of it?”
  
  No. They’re actually looking for uploaders. Clearly they wouldn’t log themselves as an uploader if they weren’t uploading, only downloading.
  
  You’ll learn as you become more experienced on the internet.
  - Anonymous
    
    Actually, IP addresses change depending on how the ISP sets up their routing. A connection will keep an IP address until such time that it requests another (due to a disconnect or modem reset), and if the same IP address isn’t available, it’ll hand out a new one. It isn’t as cut and dry as “no, but dialup did.”
    
    And while P2P software doesn’t plug in fake IPs, plenty of trackers and services do. Saying anything less is either abject stupidity or false information, because you knew exactly what he meant.
    
    As for uploading, your black and white answer of “no” doesn’t work. Do you have proof that 100% of the anti-piracy companies never upload anything? Of course you don’t, because you’re an ignorant troll.
    
    Lastly, I love your little closing line. I hope you don’t mind that I use it too:
    
    You’ll learn as you become more experienced on the internet.
  - Another Anon
    
    It’s pretty easy to force a dynamic IP to change whenever you want. I do it all the time. One way is to release your IP address, change your MAC address, then reconnect. Another is to simply turn off your modem for several hours whenever it is not in use. Just exactly how long varies so you need to be patient.
    
    ISP’s can use time stamps, but that means a whole lot of tracking and storage, which can be costly. The more users you have, the more it eats into profits. Plus it is impractical to keep them indefinitely for several reasons, and possibly because of privacy laws as well depending on where you live.
    
    Trackers interject random IP addresses that are fake, not the p2p software that downloaders use. The only way to know which ones are fake is to try and download from each of them, but not being able to do so doesn’t necessarily mean it is a fake IP address as there are lots of reasons for not being able to connect to someone specific.
- Anonymous
  
  An IP address has something called a lease time. It can be a day, a week or a month where your ISP leases the address to you. I get a new one every week for example or sooner if i change mac address.
  
  (Every computer has its own mac address. So to avoid having to give my ISP my registration info every time, i tell my router to use the mac address of the computer i logged in with the first time).
  
  An ISP has a log of what IP address is assigned to what account holder at a previous point in time. This data can be obtained with a court order.
  
  The person that actually infringed a copyright is often not the account holder. And in a torrent swarm there are IP addresses that are not real. If you know someones IP address you could spoof it and insert it into a swarm. Much like writing your friends return address on a bomb package. And ofcourse there are VPN’s and proxies and what not, that give you a false IP address.
  - http://profiles.google.com/zerianis10 Christopher Kidwell
    
    Most ISP’s only keep that information for AT MOST 2 weeks. Anything longer than that and they simply don’t have the information anymore.
    - Anonymous
      
      No, as evidenced by the BitTorrent lawsuits, many ISPs do retain records of customer IP assignments for some months. I know Comcast currently has a policy of retaining them for 180 days and some other major ISPs are the same.
- Scary Devil Monastery
  
  “I can remember hearing or reading something about ip-adresses changing each time you log on the net…”
  
  What Anon said.
  
  It is more reasonable to assume that a number of “uploaders” are simply stepping stones, I.e. proxies. What you want to do is take a look at a study performed by the University of Washington from 2008 regarding the amount of false positives generated by tracking software.
  
  It’s a rather amusing read:
  http://dmca.cs.washington.edu/uwcse_dmca_tr.pdf
  
  Or for the easily digested summary:
  http://www.zeropaid.com/news/9535/study_bittorrent_users_prone_to_false_copyright_infringement_claims/
Jeff Bekcer

Protip to the RIAA / MPAA:

127.53.134.1, 127.42.13.66 and 127.44.44.4 point to the same machine. It’s a loopback address. An IP address is NOT a person.
Anon

We should all lump our money together to sue SFI for illegally downloading movies.
Niggy

Only one thing is for certain : the guy who uploaded those movies was a skilled troll.
Reader

There’s one way to settle this.. get the court to allow multiple portable computers into the court room and get them to post information on the internet, then get one of those research companies to pinpoint who exactly from that room posted the comment/file/image/etc.

Assuming they’re all using the same internet connection, then… who was it? it would publicly show that they have NFI what they’re doing and their “evidence” is useless >_<
Gargamel

I call Bull$hit.

They found whoever leaked those movies, but they are either so high up or so embarrassed about WHO it actually was that they’ve simply covered it up with smoke and mirrors and buried it.

Governments and businesses do this all the time. Its just another day at the office.
Okarin

if this doesn’t go to mainstream news, as far as the mass is concerned it didn’t happen
Okarin

if this doesn’t go to mainstream news, as far as the mass is concerned it didn’t happen
http://www.facebook.com/eric.boehm Jack Murdock

Since I am obviously not nearly as tech savy as people here, would someone mind explaining this to me. I realize that computers these days have dynamic ips where it changes from time to time, but doesn’t that still mean that that a certain IP adress that was downloading something still corresponded to a certain computer at the time of downloading(even if it was given a new one later)? Would those IPs overlap with another system? I mean, aren’t the given set of IPs that that computer is attributed with unique? So, as long as you could get one of them, that would be as good as getting all of them..right? Like I said, I probably aren’t as well informed as most people here.

IP addresses are how computers are located on a network afaik and if that isn’t enough, then what is?
- Anonymous
  
  The catch with respect to these BitTorrent tracking schemes is that in practice the IP address of the downloader often identifies an entire computer network and not a specific computer or user. I’ll avoid getting overly technical but an analogy would be like how a hotel has a street address and then room numbers. The IP address for a home or corporate network is like having the building address without a specific room number, so if some computer on that network is using BitTorrent, these trackers can identify the network, but are unable to identify specifically which computer behind the network did the downloading (and more importantly who did it, even if they could identify the computer). This is due to the use of a technology called NAT (network address translation, you can Wiki or Google it), which allows multiple computers on a private network to share a single IP address to communicate with the rest of the Internet. The use of NAT is actually due to deficiencies in the IPv4 networking protocol, but in practice it means that most of the IP addresses on the internet are actually entire networks and not individual machines, major exceptions being servers. The reason this incident is so amusing to the community here is that these anti-piracy groups like to claim and pretend that an IP address is good enough to identify a specific person or at least a specific computer, but now they have been embarrassed by their own lies.
- No
  
  There are several problems with trying to tie an ip to a person.
  1) Who had that IP at the time? You would think this would be easy to just look up in the logs, but at the very least comcast repeatedly made mistakes of fingering people who had either not yet joined or already left at the time of the infringement, so having this logged clearly, reliably and in a tamper proof way is important. Otherwise a pissed of network tech could easily net you three strikes by messing with the logs.
  
  2) Does that IP actually infringe? Some trackers like to add random IP’s to the list of peers, and it’s easy to inject dummy IP’s in the swarm, this is how researchers where able to get DMCA notices sent to printers. If you tried to connect to those IP’s you would probably get connection refused messages, or garbled data (different service using the same port) but most analysis companies don’t perform this basic step, and if they did you could spoof them using peer guardian or similar tools.
  
  3) Who was using that IP? Sometimes this is easy to answer, if it is a bachelor living alone in the countryside and he doesn’t have a wireless connection it was probably him, if it was a group of students sharing a connection with an open wireless in a apartment building it could be any one hundreds of people. If it is an IP that belongs to a business (Starbucks or a library for example) it doesn’t help at all.
  
  Those are just the basic problems there are others but this is the bare bones version.
http://twitter.com/AlyssaBlindy Alyssa Blindy

Wow. I was actually considering replying to Jack Murdock, but I don’t have all the info about IP addresses and what not to be able to explain it. Wow.
One minute, the guy’s trolling, the next minute, the guy’s asking for explanations of how IP addresses work, when he has been implying for so long that the lawfirms are doing all the right things to stop piracy, including accusing people based on IP addresses.
Does anyone smell irony here?
That is quite insane; I wonder what happened.
You know, there are infinite sides to every story, the truth, blatant lies, and everything in between.
Is the movie people telling the truth here?
It’s very interesting…
- Scary Devil Monastery
  
  It’s true that Jack’s general trend tends to be in the trolling category. Internet-savvy commenters know, however, that “Jack Murdock” may be anyone deciding to use that particular nickname at the time.
  
  Which is why the only reasonable way to carry out a conversation in a chat room without set nickname registration is to answer to the actual content of the message instead of the name.
  
  Hence when someone posts utter garbage under the nick of Jack we respond to that message. If the same nick (may or may not be the same person) posts a reasonable question requesting information – then smart commenters respond in a more reasoned manner.
Anonymous

http://www.lovetoshopping.org
Cheapest DG Shoes,Discount Brand Purses,Baby Phat Clothing
Anonymous

tinyurl.com/2df4ccp
Anonymous

tinyurl.com/2df4ccp
Pingback: Movie Institute Feels Pain Of IP Address-Only Piracy ‘Evidence’ | TorrentForce Blog
RARPSLF

Since there can be incorrect/invalid IPNs in the peer list (inserted by the tracker) as well as inactive IPNs (ie: Ones who peers but are not seeding/downloading) the appearance of an IPN in the peer list is not proof. The only valid proof is to run a BT client and to receive pieces from a peer on the list. Even this is only proof that someone using that IPN at that time was the user at the other end. If the IPN is a NAT router then you need a log from that router to see who was assigned that NAT port at the time (ie: What the IPN address on the LAN side that was mapped to the WAN Port Number). That LAN address then needs to be tracked to the user who was DHCP or Statically assigned the LAN IPN.
Pingback: makin257 - Movie Institute Feels Pain Of IP Address-Only Piracy Evidence
Pingback: makin257 - Movie Institute Feels Pain Of IP Address-Only Piracy Evidence
Shaggy

Therefore – never use a password on your wireless networks… :) That way you can say – it wasn’t me… ;)
Pingback: Tech from a Man
http://fuzzytutorials.com Richard Gailey

…..and the left foot said to the right foot, “how does it feel?”

#kharma
http://fuzzytutorials.com Richard Gailey

…..and the left foot said to the right foot, “how does it feel?”

#kharma
http://twitter.com/pigsonthewing Andy Mabbett

This is very odd, because Sion Simon (at the time a member of the United Kingdom government, as Parliamentary Under-Secretary of State for Creative Industries) assured me that it’s “still possible to have open networks whose settings protect the host from unlawful activity on the network” (Twitter status 5951557332) while acknowledging that some torrent activities are legal (Twitter status 5951733756).

My repeated requests that he justify this remarkable claim remained unanswered until, when no longer an MP, he referred me (Twitter status 14958695761) to the House of Commons debate on the Digital Economy Bill on 6 April 2010, where, as Parliamentary Under-Secretary of State for Creative Industries, he said:

“We should, however, be very careful that the Bill does not have the unintended consequence of bringing about the end of public wi-fi. I was assured by the experts in the various Departments involved in this legislation that there were clearly existing technical measures that made it perfectly possible to run public wi-fi with these measures.

“I do not claim to know what the technical measures are, but when I am told that they exist, I take it in good faith that they do exist…”

http://www.theyworkforyou.com/debates/?id=2010-04-06b.836.0#g879.3

(However, BIS and Simon himself have both subsequently refused to reveal the advice he was given:

http://www.whatdotheyknow.com/request/briefings_on_digital_economy_bil )
Mike Rod

Looking for a seebox? or perhaps wanting to move to a new place cause your current provider is charging too much? Check out Pulsed media…

http://pulsedmedia.com/clients/aff.php?aff=006

They have a ton of different options. Both 100mbps and 1gbps servers. And, they dont get all their servers from OVH like a lot of resellers, they get servers from many different providers to always have the best and fastest speeds. Currently they have a 1TB HDD, 2GB ram server for only 21.95€/Mo, unmanaged! And with your choice of OS!

They also have a starter version with 70GB HDD, 250MB Ram unmetered for only 11USD a month as well as a 8TB hdd, 8gb ram server for 150 USD a month!

One of the greatest things is that you can pay in monthly,quarterly, semi-annually, or annually payments…the more months you pay for the better the price per month!

Check them out…

http://pulsedmedia.com/clients/aff.php?aff=006
Pingback: Austin Police Department’s “Operation Wardrive” Postponed in Light of Criticisms from Digital Rights Activists « News Worldwide
Anonymous

http://www.lovetoshopping.org Cheapest Vans Shoes,Tiffany Jewelry Company,Wholesale Hollister Clothing
Anonymous

http://www.lovetoshopping.org Cheapest Vans Shoes,Tiffany Jewelry Company,Wholesale Hollister Clothing
Anonymous

IF IT IS NOT ALREADY OBVIOUS THEY SEEDED THE MOVIES THEMSELVES TO BE ABLE TO SUE PEOPLE AND MAKE MONEY FOR THEIR SHIT MOVIES!
Anonymous

http://www.lovetoshopping.org Cheapest Vans Shoes,Tiffany Jewelry Company,Wholesale Hollister Clothing
Pingback: NHL’s Montreal Canadiens Accused of Pirating The Hurt Locker | TorrentFreak

TorrentFreak

The place where breaking news, BitTorrent and copyright collide

Movie Institute Feels Pain Of IP Address-Only Piracy ‘Evidence’

Related Posts

Previous Post | Next Post

NewsBits

The Pirate Bay Isn’t Down Completely, Just Having a Few Issues

Pirate Bay Founder Gottfrid Svartholm on Freedom of Speech

Blu-ray Anti-Piracy Tech Stops Discs and Promotes Purchases

Foxtel Breeds Pirates by Locking Up Game of Thrones

UK Student Admits Breaching Sony Copyrights With Leak of PS3 SDK

MostDiscussed

Pirate Bay Takes Over Distribution of Censored 3D Printable Gun

McAfee Patents Technology to Detect and Block Pirated Content

Pirate Bay Finds Safe Haven in Iceland, Switches to .IS Domain

Copyright Trolls Threaten to Call Neighbors of Accused Porn Pirates

The Pirate Bay Moves to .SX as Prosecutor Files Motion to Seize Domains

CopyQuote

PopularArticles

VPN Services That Take Your Anonymity Seriously, 2013 Edition

Top 10 Most Popular Torrent Sites of 2013

Which VPN Service Providers Really Take Anonymity Seriously?

What’s The Best VPN / Proxy for BitTorrent?

BTGuard Review: How Does it Work?

Optimize Your BitTorrent Download Speed