Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

NY Judge Rules IP Addresses Insufficient To Identify Pirates

timothy posted more than 2 years ago | from the that-pesky-proof-thing dept.

Security 268

milbournosphere writes "New York Judge Gary Brown has found that IP addresses don't provide enough evidence to identify pirates, and wrote an extensive argument explaining his reasoning. A quote from the judge's order: 'While a decade ago, home wireless networks were nearly non-existent, 61% of U.S. homes now have wireless access. As a result, a single IP address usually supports multiple computer devices – which unlike traditional telephones can be operated simultaneously by different individuals. Different family members, or even visitors, could have performed the alleged downloads. Unless the wireless router has been appropriately secured (and in some cases, even if it has been secured), neighbors or passersby could access the Internet using the IP address assigned to a particular subscriber and download the plaintiff's film.' Perhaps this will help to stem the tide of frivolous mass lawsuits being brought by the RIAA and other rights-holders where IP addresses are the bulk of the 'evidence' suggested."

cancel ×

268 comments

Sorry! There are no comments related to the filter you selected.

Does this apply to all cases? (4, Interesting)

CriticalAnalysis (2631225) | more than 2 years ago | (#39883295)

Does this ruling apply if someone downloads child porn, makes bomb threats, discusses with terrorists or other larger crimes? Just saying it should be consistent if pirates get a pass.

It's about time. (-1, Offtopic)

BootysnapChristAlive (2629837) | more than 2 years ago | (#39883313)

It's time to show everyone my true ferocity!

My true ferocity has been revealed!

Re:Does this apply to all cases? (5, Informative)

Anonymous Coward | more than 2 years ago | (#39883343)

This still means that an IP address is sufficient for them to seize and search your computer hard disks and such, so if you have corroborating evidence there you'd still be fucked. It's just not sufficient in the absence of anything else.

Re:Does this apply to all cases? (0)

Anonymous Coward | more than 2 years ago | (#39883423)

Wait, if you need corroborating evidence, then wouldn't that mean an IP address is inherently insufficient cause to do such search and seizures?

My understanding of "sufficient" is that it doesn't require additional support to make it's point, is that not the legal definition?

Re:Does this apply to all cases? (5, Informative)

slater.jay (1839748) | more than 2 years ago | (#39883483)

The standard for probable cause in the case of a search warrant is significantly lower than the standard for conviction.

Re:Does this apply to all cases? (4, Informative)

girlintraining (1395911) | more than 2 years ago | (#39883925)

The standard for probable cause in the case of a search warrant is significantly lower than the standard for conviction.

Yes, but everyone is hungup on the idea that the plaintiff has to prove an individual is responsible. At the moment, this may be true, but it's not much of an obstacle. Whenever you park your car illegally, they write a ticket out to the vehicle owner; And there have been many cases where the vehicle's owner was later arrested for not paying a fine they didn't know about because they had loaned their vehicle out to someone else. And unless the vehicle owner can prove they weren't the ones operating the vehicle, the courts have held they are responsible; They can't simply say "It was Ghost Man that parked my car downtown, not me!"

So for now, in that jurisdiction, they may be able to stop people from being sued for copyright infringement based on the IP address alone; But laws can and will be passed within a few years there where the ip address "owner" is responsible (and by owner, I mean ISP subscriber).

At best, this is an empty victory: It may stall copyright enforcement in that juridsdiction temporarily, but it will resume, and the cat and mouse game will move forward. They'll just start using things like timing, traffic analysis, client version identification, etc., to form digital fingerprints that (after they've seized your computer) will be used to individually identify you even from behind your standard NAT router.

Re:Does this apply to all cases? (4, Insightful)

Arancaytar (966377) | more than 2 years ago | (#39883619)

If a search warrant required as much evidence as a conviction, there would be no point to search warrants.

Re:Does this apply to all cases? (0)

Anonymous Coward | more than 2 years ago | (#39883683)

Taking away servers and equipment can in itself be damaging. They need to be pretty damned sure the person who did it is in that building. If not, too bad for them.

Re:Does this apply to all cases? (0)

Anonymous Coward | more than 2 years ago | (#39883693)

lol so good. so true. no idea how AC didn't grasp that.

Re:Does this apply to all cases? (1)

Githaron (2462596) | more than 2 years ago | (#39883363)

I don't know if it does but one would think so.

Re:Does this apply to all cases? (3, Informative)

CanHasDIY (1672858) | more than 2 years ago | (#39883443)

Those are criminal infractions; 'piracy' is technically a civil matter.

Re:Does this apply to all cases? (2)

Githaron (2462596) | more than 2 years ago | (#39883507)

Wouldn't it be even more important in a criminal trial to not equate an IP address with an individual without additional evidence?

Re:Does this apply to all cases? (2)

CanHasDIY (1672858) | more than 2 years ago | (#39883703)

I think so, but then again I never said it wouldn't.

Was merely pointing out that a precedent-setting decision in civil court doesn't apply to criminal matters, and vice versa.

Re:Does this apply to all cases? (4, Insightful)

MoonBuggy (611105) | more than 2 years ago | (#39883553)

Surely that reinforces the point, though? Criminal cases have higher standards of proof than civil ("beyond reasonable doubt" compared to "on the balance of probabilities"), so if it's not enough for a civil case it sure as hell isn't enough for a criminal one.

Re:Does this apply to all cases? (2)

CanHasDIY (1672858) | more than 2 years ago | (#39883743)

One would think that... then again, considering that a person can be arrested, prosecuted, and convicted of "resisting arrest" without any other charge, I have my doubts about these 'higher standards' of which you speak...

Re:Does this apply to all cases? (1)

icebike (68054) | more than 2 years ago | (#39883947)

One would think that... then again, considering that a person can be arrested, prosecuted, and convicted of "resisting arrest" without any other charge, I have my doubts about these 'higher standards' of which you speak...

I've seen this raised several time over the past few days, (perhaps by you), and I fail to see the point of this argument.

If the police or the prosecutor declined (for what ever reason) to press on with the original charges for which you were being arrested, I fail to see how you can expect to get away with resisting arrest, which is a separate offense.

The original charge may not be provable in court, or perhaps they find out you really didn't do it. Doesn't matter.
That you in fact resisted what was believed to be at the time a valid arrest, is sufficient all by itself.

This is a silly argument: that you are free to do anything, perhaps up to murdering the cop, to avoid arrest simply because you (claim) you didn't do the original crime.

Re:Does this apply to all cases? (2)

brit74 (831798) | more than 2 years ago | (#39883633)

Okay, but wouldn't "can't identify a person" still apply in both cases? Afterall, if you're going to go to jail for making a bomb threat (or child porn, etc), then it's even more important to disregard IP-address based evidence in criminal cases.

Re:Does this apply to all cases? (3, Insightful)

gnasher719 (869701) | more than 2 years ago | (#39883445)

Does this ruling apply if someone downloads child porn, makes bomb threats, discusses with terrorists or other larger crimes? Just saying it should be consistent if pirates get a pass.

In the context of this ruling, an IP address is not enough evidence to justify giving your name and address to someone who claims that his copyright is infringed, but isn't really interested in sorting out the copyright infringement but only to blackmail you into a settlement. Especially if someone tries to get the names of dozens of people while paying only one court fee.

On the other hand, it is surely enough evidence to get the police started investigating serious crimes.

Re:Does this apply to all cases? (4, Interesting)

pavon (30274) | more than 2 years ago | (#39883451)

Well, the ruling doesn't really set any legal precedent since it is just a district judge, and it is about a civil case not a criminal one. But it is consistent with how most judges have ruled across the country. The consensus is that it is more than sufficient evidence to get a warrant, is not even close to enough to secure a conviction by itself, but when combined with other evidence may do the job. Just follows common sense really.

Re:Does this apply to all cases? (1)

Bengie (1121981) | more than 2 years ago | (#39883457)

Copy-infringement is a civil issue. I'm sure they could get a warrant for your computer equipment if bomb-threats/child-porn/etc happened from your IP as those are Federal crimes.

Re:Does this apply to all cases? (4, Insightful)

dbet (1607261) | more than 2 years ago | (#39883511)

I think if someone made bomb threats from an IP address, the FBI would FULLY investigate, because jailing the wrong person means the bomb still goes off, where the RIAA doesn't care if they sue the wrong person.

Re:Does this apply to all cases? (1)

betterunixthanunix (980855) | more than 2 years ago | (#39883601)

I think if someone made bomb threats from an IP address, the FBI would FULLY investigate, because jailing the wrong person means the bomb still goes off,

Judging by how the FBI handled the Pittsburgh bomb threats, I do not give much credit to their ability to "fully" investigate anything online. The FBI's approach to computers is to lobby for backdoors, then point to examples where a lack of a backdoor impeded their investigation when they do not get their way.

Re:Does this apply to all cases? (0)

CanHasDIY (1672858) | more than 2 years ago | (#39883803)

Judging by how the FBI handled the Pittsburgh bomb threats, I do not give much credit to their ability to "fully" investigate anything online. The FBI's approach to computers is to lobby for backdoors, then point to examples where a lack of a backdoor impeded their investigation when they do not get their way.

Word.

The only thing the FBI seems to know how to do correctly is pose for photo ops.

Re:Does this apply to all cases? (2)

Moses48 (1849872) | more than 2 years ago | (#39883579)

Here's my take on the matter:

If someone dies because a TV is thrown out of a window, you shouldn't just arrest the person with the open window. Maybe that's sufficient evidence to go search the room for a missing TV, but maybe it was the neighbor. In that scenario they would look at who might have sent the TV flying, not just the weak evidence that it was someone from within my apartment.

Same with bomb threats. If bomb threats are originating from my IP address, I would imagine society (ie: throough the police authority) would like to see my computer and know more about me. They shouldn't send a class action lawsuit against me, and/or bully me just because a hacker has hijacked my computer.

Well in the cases we've seen info on (1)

Sycraft-fu (314770) | more than 2 years ago | (#39883719)

The FBI does their homework. They don't try to take someone to court based on an IP address. They get more evidence, a whole lot more, because they have a higher standard to meet than civil court (beyond a reasonable doubt instead of preponderance of the evidence).

I haven't read the ruling but I very much doubt the judge said an IP address couldn't be used AT ALL, just that it alone is not grounds for "identification" and as such filing a lawsuit against a person. They'd need to do more work.

Re:Does this apply to all cases? (1)

Sir_Sri (199544) | more than 2 years ago | (#39883887)

It does sort of create this odd incentive to run an unsecured WAP to dodge the potential liability for what you're going to use it for. Which is just bad security practice in general, and can tend to risk problems with everything you mentioned, because people who want to engage in things which are definitely illegal, and should be illegal don't usually want to get caught doing it.

In the case of a household of multiple people, sure, they can't specify which of the 4 members of the household are responsible for it. If that's a married family basically 'one of them, doesn't matter which' is probably good enough for civil on a secured access point, if it's roommates, not so much, but you're still better off with an open access point so that you can say 'well, it might have been some random guy on the street'. Which seems really stupid overall.

There are so many ways that rulings like this is going to clash with technology that aren't going to help the situation. It's a fundamental issue with what should and should not be legal, making it about the specifics of how technology used is only delaying the problem. I would argue prohibition went through the same thing, with 'alcohol is illegal, so you can't drink except where we exempted it to be legal or where the law is unenforcible'. Which is simply not a viable or sustainable system.

Judges. (5, Insightful)

AG the other (1169501) | more than 2 years ago | (#39883301)

Some of them are teachable.

Worse than that (1)

Anonymous Coward | more than 2 years ago | (#39883305)

Different family members, or even visitors, could have performed the alleged downloads.

Or your computer may be (probably is) compromised, and anyone on the planet could be doing it.

Seems Optimistic... (2)

g0es (614709) | more than 2 years ago | (#39883321)

that it will stem the tied of frivolus mass lawsuits. My guess is they will just pick a different tactic. I suspect that we will see some court decisions and or laws past that will make the person paying for the service assocated with the IP address responsible for all traffic that is sent or received.

Re:Seems Optimistic... (1)

Githaron (2462596) | more than 2 years ago | (#39883547)

By extension, that would make the ISP responsible for all the traffic that goes through their networks.

Re:Seems Optimistic... (1)

betterunixthanunix (980855) | more than 2 years ago | (#39883645)

The law will just have the words "residential" or "consumer" in it, and thus only target the majority of Americans. Even if it did not specifically say that, the law would only be applied to individual people, and never to the wealthy.

Three strikes (0)

Anonymous Coward | more than 2 years ago | (#39883323)

Soon a law prosecuting unsecured network owners...

And what about dynamically assigned ones? (0)

Anonymous Coward | more than 2 years ago | (#39883339)

My IP address changes a few times a week depending on what AT&T is doing - I have a plain old DSL. I mean if someone who was pirating something on a particular IP logs off and my router bounces or re-logs in, I'll have the pirate's previous IP within seconds.

Re:And what about dynamically assigned ones? (2)

Bengie (1121981) | more than 2 years ago | (#39883721)

Your assigned IP's are logged for something like 6 months-2 years. Mistakes can be made, but most of the time, they shouldn't "accidentally" pick you.

Yes, this does appear to be a federal court (5, Informative)

slimjim8094 (941042) | more than 2 years ago | (#39883347)

Don't know why it wasn't in the writeup. This ruling was in the federal court for New York's East District [wikipedia.org] , which I think (IANAL) means it is precedent there (but not necessarily elsewhere in the country)

Re:Yes, this does appear to be a federal court (1)

bhcompy (1877290) | more than 2 years ago | (#39883409)

That would be more or less correct. Non-binding caselaw everywhere but there.

Doesn't matter if it is federal (1)

Sycraft-fu (314770) | more than 2 years ago | (#39883663)

If a court actually rules on a case that they have jurisdiction over, then there is precedent. Doesn't mean other courts will always respect the precedent, but it is a precedent, it can be cited in cases throughout the country, and so on. It is case law.

What is not precedent is when there is a settlement. If the court doesn't actually rule, no precedent is created.

To be fair.... (0, Offtopic)

mark-t (151149) | more than 2 years ago | (#39883367)

It's not unreasonable for a home (ie, non-commercial, not another ISP, etc) subscriber to a subscription service such as Internet to be accountable for the activities of other people who use the services in his home. As a parent, I'm held responsible for the activities of my children. I see no reason why I, as an ISP subscriber, should not be also accountable for what people do with a network connection that I pay for. If I don't trust someone to do things that I don't want them to, I shouldn't be letting them on my network.

And as for people who run unlocked wireless routers and let anybody in the neighborhood utilize their bandwidth, I have zero sympathy.

This comment will probably be misinterpreted as as a troll, but it's not. I'm just a hard-ass who follows the rules and it just plain pisses me off that some other people figure they can ignore them just because their chance of being caught is infinitesimal.

Re:To be fair.... (5, Insightful)

MrEricSir (398214) | more than 2 years ago | (#39883403)

And as for people who run unlocked wireless routers and let anybody in the neighborhood utilize their bandwidth, I have zero sympathy.

Right, because we should expect 100% of the US population to understand network security and know how to properly secure a wifi router. Makes perfect sense!

Re:To be fair.... (4, Insightful)

CanHasDIY (1672858) | more than 2 years ago | (#39883461)

And as for people who run unlocked wireless routers and let anybody in the neighborhood utilize their bandwidth, I have zero sympathy.

Right, because we should expect 100% of the US population to understand network security and know how to properly secure a wifi router. Makes perfect sense!

Also, this. [neowin.net]

And WEP vulnerabilities (4, Insightful)

Sycraft-fu (314770) | more than 2 years ago | (#39883781)

A lot of people still have WEP only routers. My parents are some of those people. They are not tech people, they bought a router back in the day when WEP was all you got. It still works so they won't get a new one.

They aren't the only ones either. While I don't see a whole lot of APs from my house, of the ones I do see two are WPA1, two are WEP, none (except mine) are WPA2.

And if we want to start to make it illegal to have bad security, well then we first need to start with door locks. Residential houses always have shitty locks. They are just regular ass locks from Home Depot that are vulnerable to bumping, ice picking, have no key control, and so on. You can get better locks no problem, they just cost a whole lot more so people don't bother.

However if you want to say "You have to buy a new router any time the old ones are found to have security issues, otherwise you are liable for any breakins," then I think you also have ot say "You have to buy better locks, otherwise you are liable for any breakins."

Re:To be fair.... (1)

g0es (614709) | more than 2 years ago | (#39883537)

And as for people who run unlocked wireless routers and let anybody in the neighborhood utilize their bandwidth, I have zero sympathy.

Right, because we should expect 100% of the US population to understand network security and know how to properly secure a wifi router. Makes perfect sense!

Exactly, and i will take it one step further. What if they do thier best to secure their device but it only allows the use of protocols with know security issues. Think WEP when that was about all there was for a home user. Hell my parents got a new cable modem/router/access point from their ISP and the thing only supprted WEP. That was last year! I also think people should be able to share their wifi with whoever they want and not have to worry about being held responsible for what someone else does with it.

Re:To be fair.... (0)

Anonymous Coward | more than 2 years ago | (#39883891)

I'll take it one step further than that.
Why exactly do you call it an access point if you don't want people to access it?
Free as in internet.

Re:To be fair.... (1)

mark-t (151149) | more than 2 years ago | (#39883555)

It takes about 60 seconds to teach somebody to secure their wireless router. The only remotely time consuming part is getting them to believe that it's actually a smart idea. Generally, the analogy of leaving one's house with their front door unlocked tends to convey the right amount of concern that most people are willing to do it... particularly when it is so easy to do.

Re:To be fair.... (5, Insightful)

amicusNYCL (1538833) | more than 2 years ago | (#39883687)

It takes about 60 seconds to teach somebody to secure their wireless router. The only remotely time consuming part is getting them to believe that it's actually a smart idea.

I think you've got those backwards.

OK, listen, if you leave this unlocked then anyone who finds it can download anything. They can download child porn, illegal movies, terrorist documents, whatever, and it's all linked to you.

Well that sounds bad, better lock it up.

Right. OK, so the first thing you do is open your browser and go to one nine two dot one six ...

Wait, what's a browser?

Just double-click on the blue "E".

Got it. OK, I type in one nine two ...

Wait, not in the Bing search bar, you type it into the address field.

What's the address field?

Re:To be fair.... (1)

slimjim8094 (941042) | more than 2 years ago | (#39883613)

Actually, yes. Between the buttons you can press to do it automatically, the instructions in the box that make it dead easy, the fact that you usually have to do it to even get it to work at all, and the fact that millions of people around the country would be happy to do it for a few bucks, I think it's reasonable.

It's a bog-simple procedure with potential consequences for not completing. We expect people to do their taxes, and this is substantially easier, quicker, and cheaper than that. In any case it's not a requirement, just highly recommended to prevent your ass from being burned by someone else. Even if this guy didn't download the porn, he spent a lot of his time in a federal court.

Re:To be fair.... (-1)

Anonymous Coward | more than 2 years ago | (#39884043)

Don't use the excuse of some evil doer using your network to download child porn. thats lame. The odds of some random person happening upon your open network, and using it for some distasteful qct such as kiddy porn is as likely that the majority of women who get abortions are because of rape. Also, if I chose to have an open network, and some neighbor does use it for some illegal purpose, that makes me as responsible as if the same neighbor stole my car to commit a crime. Even if I left my keys in it.

Re:To be fair.... (0)

Anonymous Coward | more than 2 years ago | (#39883671)

Right, because we should expect 100% of the US population to understand network security and know how to properly secure a wifi router.

Bullshit. We expect them to be able to operate a motor vehicle safely and keep it in good repair, compute their taxes, maintain their home, keep themselves and their family and pets in good health, etc. If they don't know how to do those things, they hire a professional to take care of it for them.

Hate to burst the inflated egos of some /.ers but computers are just not all that special. Get over it.

Re:To be fair.... (1)

CanHasDIY (1672858) | more than 2 years ago | (#39883883)

I call bullshit on your bullshit call:

We expect them to be able to operate a motor vehicle safely and keep it in good repair

Because if they don't someone could get killed; who's going to die if my grandpa doesn't set up a WEP key?

compute their taxes,

Because someone has to pay for the government to operate. For the record, there's no law that says you have to "compute [your] taxes" - you are more than welcome to send the IRS a check for however much you like. Just know if the amount you send isn't sufficient, you will be held accountable.

maintain their home

Again, because if you don't someone could get killed.

keep themselves and their family and pets in good health

Uh, yea, obviously not a law; as an example, this one is absolutely stupid.

Re:To be fair.... (0)

Anonymous Coward | more than 2 years ago | (#39883449)

Someone uses your cordless phone system to call your local school and put in a bomb threat. Should you be charged with terrorism?

Re:To be fair.... (0)

Anonymous Coward | more than 2 years ago | (#39883453)

There are other ways to "spoof" your ip address. I.e. make their ip address lok like it is yours

Re:To be fair.... (1)

ZeroSumHappiness (1710320) | more than 2 years ago | (#39883459)

If someone steals your car and crashes it into a bus full of children you're not criminally liable. You're unlikely to be found liable in a civil court for wrongful death, depending on jury.

If you lend someone your car and they crash it into a bus full of children then you're not criminally liable unless you are found to have known that it was likely the crash would occur. Say, if your friend were drunk or didn't have a license at the time. I think you're still unlikely to be found liable for wrongful death, again unless you could have known it was likely to occur, but that would be much more jury-dependent, I think.

So yeah, I don't think you should be liable unless you knew nefarious happenings were going on with your internet for people that are not your legal minor dependents.

Re:To be fair.... (1)

Anonymous Coward | more than 2 years ago | (#39883475)

Because there's an incredible technical burden on a layperson to expect him/her to maintain full stewardship over their internet connection. What if someone roots their computer, or cracks the encryption on their router? Do you expect them to watch WireShark 24 hours a day to make sure all of the packets are legitimate? I could give a shit if you follow the rules (and you should too), because someone could ruin your life despite your good intentions (e.g. accessing your internet connection in a way you weren't expecting, and downloading kiddie porn) and your life is over despite your good intentions.

Re:To be fair.... or why China must be arrested (1)

WillAffleckUW (858324) | more than 2 years ago | (#39883587)

So if a Chinese bot network rooted your connection, obviously we should arrest China.

Works for me!

Re:To be fair.... (1)

cpu6502 (1960974) | more than 2 years ago | (#39883515)

>>> home subscriber... to be accountable for the activities of other people who use the services in his home

Agreed.
And while we're at it, if a visitor knifes another visitor while in your home, YOU should be held responsible for assault because it's your house and kitchen knife. You get the 10 years in jail while the killer walks free. (No wait... I think I find a flaw in your "I am responsible for all activies in my house" logic.)

Re:To be fair.... (1)

gnasher719 (869701) | more than 2 years ago | (#39883541)

It's not unreasonable for a home (ie, non-commercial, not another ISP, etc) subscriber to a subscription service such as Internet to be accountable for the activities of other people who use the services in his home. As a parent, I'm held responsible for the activities of my children. I see no reason why I, as an ISP subscriber, should not be also accountable for what people do with a network connection that I pay for. If I don't trust someone to do things that I don't want them to, I shouldn't be letting them on my network.

It's not unreasonable to say that since you signed the contract with the ISP, you are responsible to the ISP for the use of that service. If you are allowed 10 GB of downloads plus extra data at $10 per GB, and I download 100 GB at your home, then the ISP can come to you for the money. You may then sue me to recover the money.

However, if the service is used for copyright infringement or more serious crimes, that has nothing to do with the contract between you and the ISP. If you had quit the contract but the ISP hadn't turned off the service yet by mistake, the same crime would have happened. As far as you are responsible for your children because you are the parent, surely you would be responsible if they downloaded stuff at my home and not at yours.

Re:To be fair.... (1)

LostOne (51301) | more than 2 years ago | (#39883545)

Not flaming here. However, how can you be sure that your visitor using his own device is not doing something illegal? The answer is that you can't know, especially if you, like the vast majority, are not a computer expert. It's too easy to hide a process that is sitting around cracking passwords or downloading movies.

And that doesn't even take into account the fact that even a reasonably secured access point is crackable in a reasonable time frame, mac addresses are generally trivially spoofable, and so on. Thus, because wireless is easilly accessed compared to hard-wired networks, it is a reasonable argument that even a consciencious home network operator may not be aware of the infringing activity which may not even be happening on his property where he can see it.

And finally, the insanely stupid argument: are you going to hold the homeowner responsible for a burglar using his network to download illegal files? After all, a burglar is clearly not authorized by the homeowner but he will also appear to come from the IP address. Thus it is reasonable that the person alleging wrongdoing should have something other than an IP address.

Re:To be fair.... (1)

brit74 (831798) | more than 2 years ago | (#39883725)

If your arguments are true, then if your car is caught on photo-radar speeding, can you use the "maybe someone borrowed my car, but I'm not quite sure who it might be" defense to avoid paying the traffic fine?

Re:To be fair.... (1)

betterunixthanunix (980855) | more than 2 years ago | (#39883841)

Actually, when they tried to install some red-light cameras near me that automatically sends tickets to people who run red lights, the courts ruled that nobody was obligated to pay those tickets -- a police officer needs to hand the ticket to the driver of the vehicle, who may not be the owner. It is absurd to claim that a license plate identifies a person, just like it is absurd to claim that an IP address does so.

Re:To be fair.... (1)

BootysnapChristAlive (2629837) | more than 2 years ago | (#39883849)

If they can't prove that it was you in the car, then yes. I've always thought that it's ridiculous that you're basically punished before you even see a judge. The cop should have to provide actual evidence before being able to dish out punishment (although they'd need to stop you to get your name to begin with).

Re:To be fair.... (1)

Maxo-Texas (864189) | more than 2 years ago | (#39883573)

It's a fair point.

But you do realize that your opinion puts you personally on the hook for $150k per song fines if someone else uses your IP address.

The judge is basically saying, "IP address is not a finger print, not a unique identifier".

I don't follow the rules as much as I used to, because the rules are no longer as fair and reasonable as they were 30 years ago. You may have heard that the average citizen commits 3 felonies a day now without being aware of it.

Re:To be fair.... (1)

mark-t (151149) | more than 2 years ago | (#39883901)

But you do realize that your opinion puts you personally on the hook for $150k per song fines if someone else uses your IP address

Yup.

Which is why I don't let my kids friends connect to my wifi, even when they ask nicely. I have no problem if they want to use the family computer, however.

Like I said... I'm a hard-ass.

That said... I'll agree that an IP address is not a fingerprint... but it does identify the home subscriber, and I really don't see a problem with subscribers to services being held responsible for how those services are used by people who they gave permission to. As for people who didn't have permission, that would constitute unauthorized computer access, and is also a criminal offense. One would be remiss to not file a police report upon discovery, and cooperate with the police to discover the perpetrator. To not do this, in fact, would be indication of implied consent of the activity, and therefore you'd be held responsible again.

Re:To be fair.... (1)

YodasEvilTwin (2014446) | more than 2 years ago | (#39883583)

By the same logic, you would say that your ISP is accountable for the actions of those who use their service. A ridiculous notion.

Re:To be fair.... (1)

John3 (85454) | more than 2 years ago | (#39883621)

And as for people who run unlocked wireless routers and let anybody in the neighborhood utilize their bandwidth, I have zero sympathy.

I think the grey area is in the unlocked wireless routers. These are often/usually provided pre-configured by the ISP, and the user might not ever change the settings. The ISP's are securing them (at least Verizon FIOS does in my area) but an average user that adds their own wireless access point may not know all the ins and outs of configuration. I applaud the judges ruling as it does require a bit more investigation before allowing lawsuits that are IMHO frivolous and intended to annoy and intimidate rather than actually protect artists.

Re:To be fair.... (1)

Githaron (2462596) | more than 2 years ago | (#39883647)

If I don't trust someone to do things that I don't want them to, I shouldn't be letting them on my network.

If ISPs did this, no one would have interest. If an ISP was fined for every time someone else transferred bomb threats, child porn, or copyrighted material; they would go out of business by the next day. You are forgetting the only real different between the Internet and a home network is scale.

Re:To be fair.... (1)

mark-t (151149) | more than 2 years ago | (#39883955)

Whether "scale" is the only difference between them doesn't change the fact that anybody with an iota of sense can tell the difference between them.

Re:To be fair.... (1)

Githaron (2462596) | more than 2 years ago | (#39884097)

It is the similarities are that important here. Why should someone who sells network access to a lot of people have less responsibility than those who give it away to a few. If I believed that either party was responsible, I would argue the reverse! People should only be responsible for their kids' actions and there own actions. Not someone else's.

Re:To be fair.... (1)

WizADSL (839896) | more than 2 years ago | (#39883655)

It's not unreasonable for a home (ie, non-commercial, not another ISP, etc) subscriber to a subscription service such as Internet to be accountable for the activities of other people who use the services in his home. As a parent, I'm held responsible for the activities of my children. I see no reason why I, as an ISP subscriber, should not be also accountable for what people do with a network connection that I pay for. If I don't trust someone to do things that I don't want them to, I shouldn't be letting them on my network.

And as for people who run unlocked wireless routers and let anybody in the neighborhood utilize their bandwidth, I have zero sympathy.

This comment will probably be misinterpreted as as a troll, but it's not. I'm just a hard-ass who follows the rules and it just plain pisses me off that some other people figure they can ignore them just because their chance of being caught is infinitesimal.

Firstly if we are talking about visitors to your home, any adults should be responsible for their own behavior and if there are children involved then THEIR parents should be responsible. Furthermore, how do you know malware on your visiting uncle Bob's laptop didn't do it (and yes this could still happen even if Bob had taken reasonable precautions against it)? The point is that in this situation all of this would end up on your doorstep, it would be like being held responsible for something a care thief did with your stolen car.

Re:To be fair.... (1)

mark-t (151149) | more than 2 years ago | (#39884061)

First of all, I don't typically allow visitors to connect to my wifi just because they are in my home. They are welcome to use the family desktop computer, however.

Second, it "ending on my doorstep" as it were, would only be an issue if I were giving permission to people to do stuff that they shouldn't be anyways. I don't... so it won't. If somebody hacks into my network without my consent (which I don't consider a very plausible scenario, but I address it for sake of completeness), I will file a police report of unauthorized computer network use as soon as the use is discovered, and cooperate with the police to find the perpetrator, providing whatever logs or evidence they might require.

Re:To be fair.... (1)

Bengie (1121981) | more than 2 years ago | (#39883799)

This is how you sound to the average Joe.

"I see no reason why I, as a passenger, should not know how to build a 747 from scratch."

Re:To be fair.... (1)

betterunixthanunix (980855) | more than 2 years ago | (#39883801)

I see no reason why I, as an ISP subscriber, should not be also accountable for what people do with a network connection that I pay for.

Here is a relevant anecdote that a friend of mine in the security research community gave me: the police were investigating a child pornography case, and the determined the address of the person paying for an Internet connection that had come up during that investigation. When the police showed up, a pair of old ladies who were barely able to operate their computer were living there; they did not fit the profile for that crime, and there was no evidence of child pornography in their home.

Down the block, someone had a high-gain antenna mounted on his roof, pointed at the house where the police were.

The reason you do not want to be responsible for what happens over your Internet connection is that there is no guarantee that you are its only user. You think putting a passphrase on your wireless network is enough to protect you? You or a relative might accidentally install some malware; a guest with malware on his laptop might stay overnight; there might be a vulnerability in WPA; your router might be hacked; someone you trust might just do something stupid; etc., etc., etc. There are a lot of ways that your Internet connection could be used by someone else.

I'm just a hard-ass who follows the rules

Are you sure you have not broken any laws over the past 12 months? Why not take a look through some law books and double check that for us...

Re:To be fair.... (1)

dissy (172727) | more than 2 years ago | (#39883863)

And as for people who run unlocked wireless routers and let anybody in the neighborhood utilize their bandwidth, I have zero sympathy.

I'm glad to hear you say that! When I let myself into your home while you are at work, you just accepted all the blame for anything and everything I do!

After all, people who can't properly secure their front door or windows such as yourself, we have zero sympathy for."

Perhaps you should fix that problem and install a 6" 40 bolt security door, and cement all your fragile shaterable glass windows up. Such lax security on your part would require you to turn yourself in to the police after I let myself in, take all your unsecured stuff, and use your unsecured telephone to call in a hostage situation.

Most people would simply blame ME for the crime I committed, but not hard asses like us, right?

Re:To be fair.... (0)

Anonymous Coward | more than 2 years ago | (#39883945)

It's not unreasonable for a home (ie, non-commercial, not another ISP, etc) subscriber to a subscription service such as Internet to be accountable for the activities of other people who use the services in his home. As a parent, I'm held responsible for the activities of my children. I see no reason why I, as an ISP subscriber, should not be also accountable for what people do with a network connection that I pay for.

Gee, I forget. Was this Chris (MPAA) or Carly (RIAA)? Of course you want to make it easy for your cronies, the 'settlement lawyers'. Now YOU have to prove your innocence (that didn't download anything). Reminds me of the European photo speed traps: license holder is guilty, unless they present another head on the platter along with the evidence needed.

Unlocked wireless is courteous and neighborly (1)

ODBOL (197239) | more than 2 years ago | (#39884001)

for people who run unlocked wireless routers and let anybody in the neighborhood utilize their bandwidth, I have zero sympathy.

Before showing contempt for those who run open wireless nodes, please read what Bruce Schneier writes [schneier.com] about the courtesy of sharing network access.

I'm just a hard-ass who follows the rules

Perhaps you follow some set of rules that you picked up somewhere, but there is no compelling foundation in law or ethics for requiring restricted access on network nodes.

I drink to that! (1)

tatman (1076111) | more than 2 years ago | (#39883381)

About time--and even if its only applicable for NY, at least someone has it right and maybe other judges will read his writing.

Does this speed up IPv6 rollouts? (2)

mtvsucks (223302) | more than 2 years ago | (#39883407)

If this ruling stands, I wonder if **AA will start pushing for IPv6. It'd be their best interest to eliminate NAT to protect their new revenue stream of suing their consumers. Years of technical arguments never got traction, but maybe a Judge just kicked us over the hump.

Something or other about the ends not justifying the means.

Re:Does this speed up IPv6 rollouts? (1)

WillAffleckUW (858324) | more than 2 years ago | (#39883575)

The VA servers are all IPv6 already.

What are you waiting for?

Re:Does this speed up IPv6 rollouts? (1)

Dagger2 (1177377) | more than 2 years ago | (#39883599)

Re:Does this speed up IPv6 rollouts? (0)

Anonymous Coward | more than 2 years ago | (#39883991)

I've got dibs on 0041:0052:0052:0052:0052:0052:0052:0052 [branah.com] , matey...

The subscriber (0)

Anonymous Coward | more than 2 years ago | (#39883413)

This simply means the blame will rest squarely on the subscriber. Whoever gets the bill. So if you live in your parents' basement, it's all good!

Re:The subscriber (1)

YodasEvilTwin (2014446) | more than 2 years ago | (#39883595)

No it doesn't.

stem the tide of frivolous mass lawsuits by RIAA (1)

cpu6502 (1960974) | more than 2 years ago | (#39883425)

No.
They just choose a different venue with a more-compliant judge. Just as MPAA found a Congressman willing to be their new CEO.

Finally some common sense in the judiciary (5, Insightful)

Galestar (1473827) | more than 2 years ago | (#39883427)

Thank you Judge Gary Brown

I live near a coffee shop in a high tech city (2)

WillAffleckUW (858324) | more than 2 years ago | (#39883527)

And on my block there are hundreds of unsecured wireless routers, cellphones acting as hotspots, and laptops and iPads.

Even though I secure my wireless N router, anyone using Google warganging software from their streetview team could still slurp up all the IPs and then brute fake it on another device.

The judge is right.

Response from IT Community: (1)

CanHasDIY (1672858) | more than 2 years ago | (#39883559)

No shit, Sherlock.

Since most IP are owned by corporations (1)

WillAffleckUW (858324) | more than 2 years ago | (#39883563)

Since most IP addresses are owned by corporations, and only leased or rented by people, and since Corporations are not People, then obviously the thing to do is arrest the Corporation.

And if someone doesn't have a wireless network ... (1)

fahrbot-bot (874524) | more than 2 years ago | (#39883615)

... like me, then another person could have surreptitiously broken into my house and just used the wired LAN. Farfetched? Sure, but I'm just putting it out there for any future defense that it *could* happen - damn "only want to steal my bandwidth" thieves.

Re:And if someone doesn't have a wireless network (1)

WillAffleckUW (858324) | more than 2 years ago | (#39883637)

Stop trying to slurp my network from the coffee shop, homeless guy ...

Re:And if someone doesn't have a wireless network (1)

betterunixthanunix (980855) | more than 2 years ago | (#39883867)

How about something more realistic: one of the numerous computers connected to your LAN might have been infected with malware, and a remote attacker used your connection to break the law. It has happened in the past:

http://www.itworld.com/security/84077/child-porn-malwares-ultimate-evil [itworld.com]

PhotoRadar Example? (1)

brit74 (831798) | more than 2 years ago | (#39883685)

Would this mean, then, that fines would be applied against the homeowner or internet-service owner? Afterall, when they catch you speeding with photo-radar, they don't apply traffic tickets against the driver (they don't know for sure who the driver might be), but you still have to pay a fine and it's sent to the owner of the vehicle - something you can't get out of by simply going "Gee, I don't know who that driver might be, I guess I don't need to pay the ticket!"

Re:PhotoRadar Example? (0)

Anonymous Coward | more than 2 years ago | (#39883789)

I've successfully gotten out of a photo ticket by arguing that I was not the driver, even though it was my vehicle.

Re:PhotoRadar Example? (1)

NonUniqueNickname (1459477) | more than 2 years ago | (#39883823)

Not quite suitable for a car analogy. You're not required to register your wifi routers with the State, and you don't have to be licensed to operate wifi routers. So there's no reason for the legal consequences of ownership and usege to be similar.

Re:PhotoRadar Example? (1)

roothog (635998) | more than 2 years ago | (#39883875)

Not true. Usually they need photographic evidence of both your car and your face.

Re:PhotoRadar Example? (1)

betterunixthanunix (980855) | more than 2 years ago | (#39883913)

- something you can't get out of by simply going "Gee, I don't know who that driver might be, I guess I don't need to pay the ticket!"

Around me, that is how it is: tickets must be given by a police officer, who physically hands the ticket to the driver of a car. It is perfectly valid to say, "Yes that was my car, no it was not me driving it," and it is perfectly valid to say, "I do not know who was driving it." People lend their cars to others sometimes, and if they lend their car to a group of people, they really cannot know who in the group was driving.

IPv6 (2)

roothog (635998) | more than 2 years ago | (#39883737)

Hey, we can finally get IPv6 adopted everywhere now that the entertainment mafiaas will lobby for every system to have a unique address.

Where is IPv6 anti-NAT crowd now? (3, Informative)

ugen (93902) | more than 2 years ago | (#39883831)

This is a great argument. Unfortunately, once we are all moved to IPv6, and with help of IPv6 zealots who are against NAT privacy protection "on a principle" - each device behind home router will receive its very own unique IP (perhaps more than one, if temporary IPs are used, but certainly unique address). Once that is in place, the argument no longer holds and we are back to square one.

I certainly hope that Linux network stack crowd (because they are the ones whose product will be used, as is customary, in large chunk of wifi routers and other home network devices) will get something done before copyright holders wisen up, and poke Comcast/Cox cable/Verizon to roll out IPv6 to end users.

Re:Where is IPv6 anti-NAT crowd now? (1)

BootysnapChristAlive (2629837) | more than 2 years ago | (#39884013)

Once that is in place, the argument no longer holds and we are back to square one.

A single computer can be used by more than one person, wireless connections hijacked, etc. Not to mention viruses

what about party lines? (1)

OrangeTide (124937) | more than 2 years ago | (#39883921)

"which unlike traditional telephones can be operated simultaneously by different individuals"

Does anyone remember party lines. several houses with the same line, and you had to listen to a specific ring.

Get a free pass; unsecure your wireless! (1)

Sir Realist (1391555) | more than 2 years ago | (#39883987)

So its only insufficient because your wireless might be insecure? Does that mean that if they can prove that your particular setup was reasonably secure, then it _was_ your responsibility? So you should leave a spare wireless router open for plausible deniability?

[/sarcasm]

I'd like (0)

Anonymous Coward | more than 2 years ago | (#39884047)

to nominate Gary Brown to the Supreme Court!

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?