Salon: Who is spying on your downloads?

Replies:

  • None.

Parents:

  • None.
Interesting article, I have been wondering about some of this stuff.

http://www.salon.com/tech/feature/2001/03/27/media_tracker/index.html

> Who is spying on your downloads?
>
> The recording industry would love to keep tabs on every Napster
> trader or Gnutella user, but even the sneakiest software won't
> stop music piracy.
>
> - - - - - - - - - - - -
> By Janelle Brown
>
> March 27, 2001 | I can see you. I know that you recently
> downloaded the latest Limp Bizkit album off Gnutella, plus a few
> Korn singles and as much of Dr. Dre's back catalog as you could
> find. I know that you dabble in pornography, especially pictures
> of buxom cheerleaders. I know that you have been struggling to
> download a DivX copy of "The Matrix" -- although every copy you
> find is incomplete -- and that you own pirated versions of Quake
> and Photoshop. I know that your IP address is 28.294.22.1, your
> ISP is Earthlink, and you logged in last at 2:26 a.m.
>
> The recording industry is watching you. Or so the most recent
> media reports would have you believe. As the Napster wars keep
> escalating, the recording industry is redoubling its efforts in
> the hunt for new and improved ways to keep its music out of your
> shared databases. The newest tactic is surveillance.
> Increasingly, the recording industry is watching individual users
> on any given peer-to-peer (P2P) network, using programs like
> Copyright Agent and Media Tracker to discern who is downloading
> what and when.
>
> You always knew that it was possible to peek into the hard drive
> of another user on a peer-to-peer network; that's what P2P is all
> about, right? Using Napster's "Hotlist" feature, for example, you
> yourself might even track daily changes in your favorite users'
> collections. And of course, you always knew that your username
> was attached to an IP address, and an IP address was attached to
> an ISP, and that it was possible that someone could figure out
> who you were and what you were downloading. Maybe you were even
> one of the lucky few who were blocked from Napster because you
> had a Metallica song in your collection: You were a pioneer in
> discovering that file trading isn't quite as inconspicuous as
> most people once imagined.
>
> But P2P networks always seemed anonymous. There were, after all,
> millions of users on them; what were the odds that anyone was
> personally watching you?
>
> Perhaps you shouldn't have bet against those odds, because these
> days the record industry is trying to watch you. But that doesn't
> mean that it's time for you to log off in fear of Big Brother.
> P2P industry veterans believe the surveillance campaign is more
> of a scare tactic than an effective tool; and despite the
> recording industry's attempts to watch you, they are sure it
> won't make a difference to P2P in the long run. As Eben Moglen,
> professor of law and legal history at Columbia University, puts
> it, "Is the RIAA and its friends doing some kind of technology
> surveillance? Yes. Is it going to work? No. It's really dumb.
> It's another serious mistake by an industry going out of business
> in the stupidest way, bumping its head on the steps on the way
> down, because the record industry was always a bunch of thugs and
> that's what they still are."
>
>
> This week, the technology news site 7amnews exposed a program
> called Media Tracker, which the International Federation of the
> Phonographic Industry (IFPI), the British equivalent of the
> Recording Industry Association of America (RIAA), has reportedly
> begun using to track individual users on any given peer-to-peer
> network. 7amnews published screenshots depicting a program that
> can track a user's collection of shared files, grab his IP
> address and then automatically send a warning letter to the
> user's ISP demanding that the user stop sharing his or her files.
>
> Although neither the IFPI nor the RIAA was reachable by press
> time to confirm whether Media Tracker was in fact being used by
> the recording industry, it seems a fair bet that if it hasn't yet
> happened, it's just a matter of time until it does.
>
> Marketing firms such as Big Champagne have already launched
> programs that track usage of P2P networks in the name of market
> research and sell the results to entertainment industry clients.
> Although Big Champagne promises that it tracks only general
> trends, and doesn't share information about specific users,
> there's nothing to stop the recording industry from developing
> its own programs that do.
>
> Similarly, Napster is now contending with a company called
> Copyright.net, which conducts stings on P2P users. In late
> February, at the request of dead singer Roy Orbison's estate,
> Copyright.net's "Copyright Agent" software tracked over 1 million
> Orbison songs being traded on Napster.  After grabbing the IP
> addresses of those Roy Orbison fans, Copyright.net subpoenaed
> their ISPs and requested the users' names. The company then
> forced Napster to block 60,000 fans from its service. (Playing
> both sides of the fence, however, Copyright.net also helps
> blocked users get reinstated back on the Napster system.)
>
> Is such snooping an invasion of privacy? Technically, no.
> Anything you put in the public directory of your P2P software is
> fair game -- that's why the surveillance software can find it.
> And if you get in trouble for having those Limp Bizkit tunes in
> your public directory, well, that's your own problem too. You are
> allowing the general public to pirate copyrighted tunes off your
> hard drive -- no matter if your own MP3 copies are perfectly
> legal.
>
> But that doesn't mean that surveillance is justified; can the
> recording industry really find no other solution to piracy except
> to play Big Brother and snoop on its fans? And will the tools
> really work, anyway?
>
> Under the terms of the Digital Millennium Copyright Act, an ISP
> is required to remove a user from its system if a copyright owner
> insists that that user is infringing. In other words, the
> recording industry could force ISPs to monitor their own users or
> face the legal consequences. But it's an onerous burden on the
> ISPs to be constantly tackling them with legal warnings; some
> ISPs are already refusing to comply with such subpoenas. Verizon
> recently refused to comply with a Copyright.net subpoena,
> insisting that the request was not legal under the DMCA.
>
> So, would the recording industry then sue the ISPs -- which are,
> increasingly, enormous telecommunications monopolies? Unlikely,
> says Eben Moglen. Nor, he says, would it make sense for the
> recording industry to try to sue, or even legally threaten, the
> individual users who are swapping those files.
>
> First of all, there are simply too many P2P users to track.
> Moglen has been monitoring over 100 OpenNap and Napster servers,
> and estimates that there is approximately a terabyte of
> information available at any given time, essentially "vast
> amounts of useless data." "So given that terabyte of music shared
> by tens of thousands of people, is it technically feasible to
> collect information on those people?" asks Moglen. "Yes. it's
> feasible. So let's say they're collecting information on a
> terabyte of music. What are they going to do with that? Send a
> lot of e-mail messages at best. What will the people do with
> those e-mails? Throw them away. Is the record industry going to
> sue each and every one? Let's get real."
>
> But perhaps the entertainment industry merely wants to put the
> fear of God into music fans who are trading copyrighted MP3 tunes
> (and porn, and warez, and pirated films, and whatever else you
> might imagine). It's possible that by picking out a few dozen of
> the most egregious offenders on various P2P networks, the
> recording industry would scare the rest of the user base into
> good behavior. RIAA counsel Cary Sherman has already hinted that
> the RIAA is considering employing this tactic against Gnutella
> users. In that case, programs like Media Tracker aren't really
> weapons -- they are elements in a public relations campaign of
> terror.
>
> Scaring your customers isn't, however, a particularly logical
> move. If the Metallica P.R. debacle of last year proved anything,
> it's that insulting and alienating your fan base isn't likely to
> make you any new fans. Instead, Napster users redoubled their
> efforts to pirate Metallica tunes in order to thumb their noses
> at the band that was threatening to close down their favorite
> software. As Moglen puts it, "It's a dumb thing to scare people,
> because if you scare them they will hate you, and they are your
> customers."
>
> Furthermore, can the record industry really keep ahead of the
> latest peer-to-peer software developments? Although Media Tracker
> or Copyright Agent may be effective monitors of networks like
> Napster or Gnutella, more distributed systems like Freenet or
> Mojo Nation are relatively immune to surveillance. When a file is
> uploaded to Freenet, for example, it gets passed around the
> servers on the network and comes to rest on various "nodes,"
> which don't necessarily belong to the person who originally
> uploaded the file. In other words, while the recording industry
> might observe that Limp Bizkit tune being stored at a certain IP
> address, it's not a given that that IP address even knows that
> the file is there.
>
> Explains Ian Clarke, developer of Freenet, "If you request a file
> from a Freenet node it will get it for you, without betraying
> whether it was on that node previously or not. It might be stored
> on that node after you requested it, but it would be silly to
> blame someone for having some data on their computer that you put
> there. That would be akin to planting drugs on someone before
> arresting them."
>
> As Gene Kan, the de facto spokesperson for Gnutella, observes,
> the game of P2P surveillance is a kind of arms race.
> Technologists are going to keep inventing ever-more-wily software
> in order to evade industry snoops. And the industry will continue
> to evolve new strategies for working around that new software.
> Says Kan, "It's like an auction dilemma. This is a case where the
> tracking technique is going to incrementally catch up with the
> technology -- You bid a dollar, I bid a dollar and 1 cent.
> Technology and tracking are moving in lockstep with each other,
> and technology is always going to lead the way."
>
> Arguably, the most effective way to stop music fans from pirating
> tunes would be to create alternatives for them: to work with
> Napster, or Gnutella, or any other P2P software to create a
> viable, legal alternative. More than a year into the war against
> Napster, fans are still innovating new ways to beat the system,
> and the recording industry has yet to produce a subscription
> model service that gives fans access to the music they apparently
> crave.
>
> And so, the weapons of Big Brother are developed, while it
> remains unclear exactly how they will be wielded in the future.
> Sighs Kan, "Whatever happens, it certainly is going to alienate a
> lot of music fans."

--
Gerald Oskoboiny <[email protected]>
http://impressive.net/people/gerald/

HURL: fogo mailing list archives, maintained by Gerald Oskoboiny