Fwd: Don't quite get this?
Chiming in late here -- someone pointed me to the thread, I don't follow nznog closely these days… Made later by trying to post this from a private email address and having mailman bounce it. I have been heavily involved over a long period (over 10 years) in (trying;) to enforce the University's (UoA) policy on copyright. Note I say copyright policy *not* p2p ban policy. People here use BT to get legit stuff all the time although we do point out to them the torrents are inefficient use of our bandwidth and that we would prefer them to use ftp or http if they can. We occasionally get notices from the likes of BayTSP and we always check them out and warn the user concerned. There has been one case iirc where I had to warn someone more than once (and by that time the student was already in the disciplinary process for other reasons). A disclaimer: I am speaking for myself not as an official of the university (hence my attempt to post this from a non university address. I don't like this legislation at all it is poorly drafted and I believe it will likely result in the persecution of (relatively) innocent folk while the big fish go completely unhindered. I hope for everyones sake that the RHs behave in a sensible and responsible manner. Quite a few technical points/questions have been raised and I'll try and answer a few of them. Firstly, my experience is that all the reports I have had over the last 2 years say around 10 in total) have been accurate and timely. As Martin says I believe that the agents of the rights holders run client honeypot in the swarm which try and download specific titles. If your peer responds then they have a very positive link back to the IP and what it is offering for upload. We (the university) have been told by RH representatives that they are only going to target 'works' that are currently in the cinemas or have just been release on DVD. This is actually supported by the last couple of notices we got which were both for very topical items. I am sure that they do also have honey pots to catch down loading as well but my understanding is that the focus has moved to up loaders. The days where people were accused purely on the basis of their IP being in the list of peers indexes have long gone. The RH lost enough expensive court cases in the US that they now rely on active connection to their own honeypots to finger culprits. Passive methods have been demonstrated to be highly unreliable. I would be surprised if the notice that ISP receive from RH agents are unreliable and I would also be surprise if anyone who gets fingered can mount a credible defence even if they are innocent without strong support from their ISP. I've seen Matt P's posts and from a legal standpoint he is dead right, but about the only counter argument I can think of is along the lines "We were away that week and the ADSL router was turned off" something that the ISP can verify. One of the nasty features of this legislation is that the account holder is responsible for *all* traffic from their connection no matter who actually generated the traffic. At least we have three strikes which I am sure is to around the defence "the neighbour must have been piggy backing on my open wifi" I am sure the tribunal would assert that 'a reasonable person' would secure their wifi after the initial notice. ISP usage records are going to become very important and I would hope that when IPSs get a notice that they will at least verify that a credible data flow existed at the time in question. Months later when the matter gets to the tribunal is way too late. I don't recall seeing any requirement on the ISP other than identifying the user of the IP at the time. Some folk have raise questions about whether the RHs can meet the standards for the notices proposed by the legislation. My belief is that they can and have been doing this under the DMCA in the for years. My guess is that the requirements were lifted straight out of the DMCA. [DMCA == Digital Millennium Copyright Act (US) millennium give a hint of how old the act is]. Others have suggested challenging accuracy of times. You can bet that all RH agents can produce evidence that their time stamps are synched with reliable time sources. Any ISP that isn't able to do the same are arguably not fulfilling their obligations under the act. And if you ISPs think things are bad just spare a thought for the universities and other outfits that own their own address space. I know of three different legal interpretation of our status under the act: 1/ that the legislation does not apply at all 2/ that we are IPAPs 3/ that we are AHs and there are different expensive lawyers (a QC in our case) arguing for all three interpretations :( Different universities have come to different conclusions. I am pretty sure (given the preamble to the original bill) that 1/ is what parliament intended, but the legislation is unclear and hinges on what one considers "Core business" to mean. It is also unclear if an IP address holder must be either an IPAP or an AH with no possibility of being neither. The legislation is silent. As I said at the beginning I hope that the RHs will use this legislation responsibly and that this time next year we will wonder what all the fuss was about. I won't go as far as to say that this is what I expect but who knows I might be surprised. Russell
Lovely post thanks Russell.
Sent from my iPhone
On 3/09/2011, at 4:38 PM, "Russell Fulton"
Chiming in late here -- someone pointed me to the thread, I don't follow nznog closely these days… Made later by trying to post this from a private email address and having mailman bounce it.
I have been heavily involved over a long period (over 10 years) in (trying;) to enforce the University's (UoA) policy on copyright. Note I say copyright policy *not* p2p ban policy. People here use BT to get legit stuff all the time although we do point out to them the torrents are inefficient use of our bandwidth and that we would prefer them to use ftp or http if they can.
We occasionally get notices from the likes of BayTSP and we always check them out and warn the user concerned. There has been one case iirc where I had to warn someone more than once (and by that time the student was already in the disciplinary process for other reasons).
A disclaimer: I am speaking for myself not as an official of the university (hence my attempt to post this from a non university address. I don't like this legislation at all it is poorly drafted and I believe it will likely result in the persecution of (relatively) innocent folk while the big fish go completely unhindered. I hope for everyones sake that the RHs behave in a sensible and responsible manner.
Quite a few technical points/questions have been raised and I'll try and answer a few of them.
Firstly, my experience is that all the reports I have had over the last 2 years say around 10 in total) have been accurate and timely. As Martin says I believe that the agents of the rights holders run client honeypot in the swarm which try and download specific titles. If your peer responds then they have a very positive link back to the IP and what it is offering for upload. We (the university) have been told by RH representatives that they are only going to target 'works' that are currently in the cinemas or have just been release on DVD. This is actually supported by the last couple of notices we got which were both for very topical items.
I am sure that they do also have honey pots to catch down loading as well but my understanding is that the focus has moved to up loaders.
The days where people were accused purely on the basis of their IP being in the list of peers indexes have long gone. The RH lost enough expensive court cases in the US that they now rely on active connection to their own honeypots to finger culprits. Passive methods have been demonstrated to be highly unreliable.
I would be surprised if the notice that ISP receive from RH agents are unreliable and I would also be surprise if anyone who gets fingered can mount a credible defence even if they are innocent without strong support from their ISP. I've seen Matt P's posts and from a legal standpoint he is dead right, but about the only counter argument I can think of is along the lines "We were away that week and the ADSL router was turned off" something that the ISP can verify. One of the nasty features of this legislation is that the account holder is responsible for *all* traffic from their connection no matter who actually generated the traffic. At least we have three strikes which I am sure is to around the defence "the neighbour must have been piggy backing on my open wifi" I am sure the tribunal would assert that 'a reasonable person' would secure their wifi after the initial notice.
ISP usage records are going to become very important and I would hope that when IPSs get a notice that they will at least verify that a credible data flow existed at the time in question. Months later when the matter gets to the tribunal is way too late. I don't recall seeing any requirement on the ISP other than identifying the user of the IP at the time.
Some folk have raise questions about whether the RHs can meet the standards for the notices proposed by the legislation. My belief is that they can and have been doing this under the DMCA in the for years. My guess is that the requirements were lifted straight out of the DMCA. [DMCA == Digital Millennium Copyright Act (US) millennium give a hint of how old the act is].
Others have suggested challenging accuracy of times. You can bet that all RH agents can produce evidence that their time stamps are synched with reliable time sources. Any ISP that isn't able to do the same are arguably not fulfilling their obligations under the act.
And if you ISPs think things are bad just spare a thought for the universities and other outfits that own their own address space. I know of three different legal interpretation of our status under the act: 1/ that the legislation does not apply at all 2/ that we are IPAPs 3/ that we are AHs
and there are different expensive lawyers (a QC in our case) arguing for all three interpretations :( Different universities have come to different conclusions.
I am pretty sure (given the preamble to the original bill) that 1/ is what parliament intended, but the legislation is unclear and hinges on what one considers "Core business" to mean. It is also unclear if an IP address holder must be either an IPAP or an AH with no possibility of being neither. The legislation is silent.
As I said at the beginning I hope that the RHs will use this legislation responsibly and that this time next year we will wonder what all the fuss was about. I won't go as far as to say that this is what I expect but who knows I might be surprised.
Russell
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
participants (2)
-
Paul Brislen -
Russell Fulton