Good times lie ahead for the companies that gather information on BitTorrent and other file-sharing networks. In the US, the MPAA and RIAA are negotiating with ISPs on how to deal with alleged copyright infringers, and in the UK citizens could lose their Internet access for this alleged offense if overall levels of file-sharing aren’t reduced to meet government targets.
While the evidence gathering techniques differ from agency to agency, they all have one thing in common. None of them can provide proof that the account holder has actually committed copyright infringement. In fact, some anti-piracy outfits cannot even prove that the IP-address they have on file was used in an actual file transfer, although they claim otherwise.
The Video Protection Alliance’ (VPA) belongs to the latter group. Instead of simply warning the alleged infringers, they take it one step further and actually ask for cash to settle immediately on behalf of the copyright holder, a known extortion-like technique that is also used by spammers.
The process used by VPA and others is simple. Their software monitors BitTorrent swarms and other file-sharing networks and records the IP-addresses of those people who share their clients’ copyright works. It then automatically sends an email to the ISP linked to the IP-address with a request to forward it to the associated customer.
“Someone using this account has engaged in illegal copying or distribution (downloading or uploading) of [title],” the VPA writes in one copyright/settlement notice, adding: “The information in this notification is accurate.”
But is it really accurate? We beg to differ and we’re certainly not the only ones.
As outlined in an elaborate article posted on on Freedom to Tinker earlier this week, the VPA does not verify whether the IP-address is actually uploading or downloading content. They simply take it from the swarm list reported by the tracker.
This is wrong for several reasons. First of all, some trackers are known to insert random IP-addresses into swarm reports to provide plausible deniability. Secondly, anyone can easily create a url that would put someone in the swarm list when it’s clicked. This link can be posted everywhere on the Internet and it wouldn’t even require the recipient to have a BitTorrent client installed.
Of course, this information is nothing new to people who are familiar with these anti-piracy evidence gathering techniques. Last year researchers from the University of Washington revealed the same flaws, but outfits such as VPA apparently don’t see the need to back up their claims with solid evidence.
Meanwhile, hundreds of thousands of these notices are sent out every year, some of which include cash requests to settle the case. Even worse perhaps, in countries that adopt three-strike legislation millions face the threat of being disconnected by their ISP, based on shoddy and unverified evidence, and without judicial oversight.
Unfortunately, the outfits that collect the evidence for the copyright holders are not very open about the techniques they use. When the RIAA’s evidence was disputed (pdf) in court earlier this year they decided to drop the case and settle with prejudice for $0.00. How convenient.