I Didn’t Download it, My Router Got Hacked!

Home > Piracy >

People accused of uploading the game 'Dream Pinball' who claim they are the victim of a hacker, are starting to get letters back from lawyers explaining what they should do next. Among other things, the lawyers are demanding that the accused demonstrate computer security skills in providing evidence detailing exactly how their equipment was exploited.

Earlier this year, 500 people received letters accusing them of illegally distributing a computer game. The letters demand a settlement payment, or a court appearance was threatened.

Many people wondered how they were caught at all, while others claimed they had no knowledge of such a game and stopped to consider that their router security may have been compromised. If security features are not enabled on a router, anyone can easily fall victim to an authorized connection. In this case, it’s feared that someone may have accessed an unsecured router, downloaded and redistributed even just a tiny piece of this file via BitTorrent or eMule, with the router’s owner getting the blame.

Lawyers representing the game’s publisher state as fact that a full copy of a game must have been uploaded to their monitors for the infringement to be flagged – clearly the lawyers have no idea how a protocol like BitTorrent operates. It would be virtually impossible to download a large file in it’s entirety from just one source and the time it would take would prove totally impractical. There is a very real probability that a tiny transfer of a few hundred kilobytes can trigger legal action against an alleged infringer, a transfer easily achieved by someone accessing a victim’s router for just a few seconds.

People who are using this defense are now starting to receive letters, part of which reads;

If it is your contention that at the relevant time you did all that you could to secure your network and PC but that, nevertheless, an intrusion occurred and that the infringing act complained of was perpetrated by a person or a person unknown who gained access to the network without your permission, please provide (in accordance with the Practice Directions for Pre-Action Protocol) all copies of the essential documents on which you rely.

In other words, forget ‘Innocent Until Proven Guilty‘ and start getting used to ‘Guilty! Now Prove Yourself Innocent!

In terms of evidence, the lawyer Davenport Lyons representing the publisher Zuxxez, demands to see;

1. A copy of the instructions accompanying the router
2. Evidence to prove the use of anti-virus software and firewall
3. Evidence detailing exactly how the computer was compromised.
4. Evidence to prove the victim took adequate measures to prevent the intrusion.

Despite the fact that producing evidence should be up to the lawyers when dealing with cases, quite how the production of a router manual will affect this case is unclear. Presumably you send off the manual for their tech people to look at, then they use the fact that your router is ‘easily secured’ or the fact that you didn’t read the book, against you.

The manner in which PC based anti-virus and firewall software protects an illegally accessed router is also unclear. More worrying is the implication in point 3 that the accused must give a technical report as to how the breach took place, something no-one but an expert could provide – clearly trying to put a fair defense out of reach for the less well-off. The reality of the situation is that an assertion by the accused that the claimed activity was not carried out by him, is sufficient.

As for point 4, I do not believe there is a legal requirement for an internet user to train themselves in security before operating a router and connecting to an ISP, nor has there been a decision in an English court to state that an internet subscriber is responsible for the actions of others whilst using his connection. Davenport Lyons have informed users that people in Germany are responsible for what happens on their connections but German law isn’t valid in the UK. This is another important point which these lawyers seem to have purposely overlooked and one which makes them appear to be attempting to misdirect people by quoting an irrelevant case from from a completely different country.

Furthermore, even though they demand ‘evidence’, don’t think for one minute that corresponding with these lawyers is something that can bear fruit. One unfortunate gentleman whose wife has been wrongly accused of distributing the game has been talking to Davenport Lyons via letter, trying to sort the matter out, until he received a letter from them with this paragraph;

….we consider that to enter into further correspondence with you on technical or evidential points is unnecessary and unhelpful and will serve only to increase costs. We are therefore instructed not to continue this circular correspondence.

So by this measure, trying to clear your name is deemed “unecessary and unhelpful’ by the lawyers, something which is considered by many as one of the cornerstones of British justice and a fundamental right of it’s citizens. Of course, if you’re a lawyer working on tight profit margins, any correspondence will cut into that profit. ‘Unhelpful’ indeed.

The letter finishes up;

‘If we do not receive a response from you within the next fourteen days we will take our client’s instructions regarding the issuing of proceedings against you’

“Instructions which could be to ‘drop it’…” says a regular Usenet poster on the issue.


Popular Posts
From 2 Years ago…