Privacy & Security Considerations For Your Laptop Computer

[This is a post about security and privacy.  In this post, I speak about what could go wrong if you do not properly secure your computer, and my thoughts about encryption and privacy.]

I am reviewing a case where a group of “zombie” infected computers have been hacked to work together (a “botnet”), and it appears as if the courts are going after ZeroAccess as the crime ring behind the botnet. In my readings, a federal judge has blocked the IP addresses belonging to ZeroAccess-infected computers because they allegedly directed many of their millions of infected computers to click on a number of paid ads, where the advertisers using Google, Bing, and Yahoo! have paid out an estimated $2.7 Million per month from the ad revenue generated as a result of these clicks. The lawsuit is for what is known as “click fraud,” and it got me thinking about 1) the application to the bittorrent lawsuits, and 2) to privacy and security in general.

While I have NO REASON to think the following is happening, it is completely plausible that one or more “infected” computers could be directed to connect to various bittorrent files without the computer owners being aware of the “zombie” status of their computers (e.g., the software is being run as a service, or minimized without an icon showing on the desktop).  While the connections to the bittorrent swarms are happening, the copyright trolls could be “coincidentally” monitoring the bittorrent swarms as the downloads are happening unbenownst to the computer owner. When the copyright holders (“copyright trolls”) send the DMCA letters to the ISPs, or when they file John Doe copyright infringement lawsuits against the subscribers, the ISPs would correctly confirm and coroborate that it was the subscriber’s ISP who was connected to the bittorrent swarm at that particular date and time, and the problematic conclusion would be that it was the subscriber who downloaded the file. And, when the download was complete, even though the malware would likely “cover its tracks” by deleting all traces of itself, it would be programmed to leave the downloaded copyrighted file in some obscure randomized file folder on the subscriber’s computer to be “conveniently” found by the forensic examiners during the lawsuit. I understand that malware could also actually alter the computer’s logs based on analyzing the computer owner’s past browsing history and program usage (most people do not clean this) to make it look as if it was the ACCUSED SUBSCRIBER who was “at his computer at the time of the download.” This could all happen without the knowledge of the subscriber being aware that the computer was infected with the malware or that the illegal downloads were taking place.

While this feels a bit sci-fi’ish, and again, I have no reason to think this is actually taking place, the technology is certainly around for this to happen.  I have personally watched enough podcast videos on Hak5 demonstrating how this could be done, and I could figure out ways to alter the malware program to gain administrator access to the computer and change the system logs on the computer before deleting itself.  If someone as simple as me could figure out how to do it, for sure the more crafty ones will eventually stumble onto this scheme as well. For this reason, I am writing this article as a warning to take your computer’s security and your online privacy seriously, and here are the simple steps I would take if it were my own computer.

Step 1: Don’t balk, but make sure you have antivirus software and anti-malware software running on your machine. Also make sure your software and virus definitions are up to date. I have my personal favorites as far as software goes, but quite frankly, free or paid software both do their job fine. There are many free anti-malware programs out there, so make sure the one you use is not malware itself. For free malware detection, I find SuperAntiSpyware and MalwareBytes to be sufficient.

Step 2: Protect your identity and your browsing habits. This depends on how much “tin hat” you want to go, but I personally use JonDoFox’s version of the Firefox browser. There is a STEEP learning curve to use it (meaning, the add-ons will initially break most of the websites you use, and most websites need to be configured once before you get it the way you like it), but in my opinion it is worth the effort to learn. You can check your current browser security at (by the way, I do not use JonDo anonymization software because they charge by the actual usage; rather, I opt for the less secure route of encrypting my traffic using a secure VPN provider). On the flip side, for convenience, I also use Comodo Dragon Chrome which is a faster, less secure browser, but I have many add-ons that I’ve installed (e.g., Scriptsafe, AdBlock Plus, etc.), and I keep the software running in the Sandboxie software. That way, if some critter gets past my defenses (e.g., think, “CryptoLocker,” or other ransomware which encrypts your files and charges you hundreds of dollars in bitcoins as ransom to decrypt them), it won’t get access to my hard drive files.

Step 2.1: This belongs to the previous step, but encrypting your traffic is very important. There is a phrase, “I have nothing to hide… from people I trust,” and I stand by that phrase. With the NSA and government snooping, and the ISPs watching your every move, regardless of whether you are doing something wrong or not, it is a smart idea to not give all of your shopping and browsing activities to your ISP and to Uncle Sam. There are also many commercial trackers and social networks who track you for commercial purposes as well — everything I say above applies for them too.

Step 3: Secure e-mail, secure chat… The best way to protect your e-mail is to encrypt it.  Unfortunately, e-mail by its nature is insecure, and even if you encrypt the contents of your e-mail, the METADATA (e.g., your own e-mail address, to whom you are e-mailing, the time and date of your e-mail, along with the geolocation of you IP address you use to connect to the e-mail server, etc.) remains exposed.  The only foolproof way I know to encrypt e-mail is to use Pretty Good Privacy (PGP) software.  The problem is that it is simply inconvenient.  In order to encrypt your e-mail, you need to not only setup and share your own public and private keys, but you need to find and look up the keyrings of those you want to communicate with.  While there are attempts to incorporate encryption into e-mails (e.g., projects such as gnupg), the average person does not encrypt their e-mails, and trying to get everyone to do so is just an exercise in futility.  Plus, we know that the NSA saves encrypted e-mails for the sole purpose of trying to “break” the encryption because “if you use encryption, you are presumed to be using it for a criminal purpose.”  Thus, I am unhappy with the current state of technology with the adoption of encryption for sending e-mails, but for the time being, this is the way it is.

Secure chat is very easy, and there are many convenient ways to encrypt your instant messages.  Whether you are using the Pidgin software with the encryption plug-in, or whether you are using Cryptocat or any of the secure chat softwares readily available for the PCs, iPhones, and Androids, achieving perfect security is very doable.  For me, I do not encrypt my e-mails, and whenever I have a friend or peer who has the capability to encrypt our chat sessions, I have him do so just for the “geeky” fun excitement of it.

Step 4: Keeping your own computer clean and neat. Your Microsoft Windows operating system keeps logs of pretty much everything you do, and it is specifically the failure to clean up after yourself which can give malware the chance to impersonate you. Similarly, by not regularly cleaning up after yourself, should you one day face a lawsuit, a forensics expert can glean an ungodly amount of information about you, your whereabouts on a certain date and time, and your activities (e.g., whether you were surfing the web or writing a text file, and, which text file you were writing at that particular time and date) just by reviewing your logs. Now I personally do not trust my Microsoft Windows operating system not to “spy” on me, and if I had it my way, I’d run a Linux operating system (I have in the past, and I may in the future), but for the time being, be aware that the “privacy” settings in Windows stops NOBODY from snooping on you. I have not figured this one out yet (especially since most of my law firm’s software are Windows-based), but Windows is simply a minefield of privacy leaks and data you don’t want about yourself recorded and logged.

While this is certainly not even close to a solution, I run CCleaner from Piriform regularly to clean up the logs and to keep my computer relatively clean.  I would love to delve into the depths of my operating system and tweak certain settings to shut off the “phone home” leaks in my system — I simply do not have the time, the “tin hat” motivation, or the skill to do so.

Step 5: Lastly (and there are probably a million other steps I could take, but I like to keep things simple). I encrypt my hard drive data 1) in my computer, 2) outside of my computer (e.g., external drives and thumb drives), and 3) in the cloud. There are many ways to do this, most popularly is the “TrueCrypt” software. If you cannot encrypt your drives (I cannot, since my computer is a Windows 8 machine and TrueCrypt has not figured out how to encrypt UEFI systems yet), then create a large container, and set up your programs (e.g., Thunderbird Mail) to store your files in your encrypted container.  Better yet, install the program onto the encrypted drive so that it is not in your C:\Program Files folder.  That way, if your computer is ever stolen or lost, your programs and your data will remain unusable and encrypted. I often take this one step further and have Windows configured (to the extent possible) to use the encrypted drive to store my “Desktop” and my “My Documents” folder. Thus, if I do not unlock the encrypted drive when I first log in, my computer does not work properly, and I get a blank desktop. Along with this, my computers have log-in passwords which I have activated before the operating systems even boot. I have this running because even little me knows which piece of software one can run to bypass the password on Microsoft Windows machines.

In sum, you could take privacy to an extreme. The best privacy is the “trust no one” type of privacy. For some cases (e.g., our cloud storage backup servers are “trust no one,” meaning not even the company who hosts our data has the keys to unencrypt the encrypted data which is stored on their servers), using the best security is feasible and doable. But there are limits and there are sacrifices to your privacy, and it usually comes at the benefit of having more convenience. Truly, the most secure password is one not stored in a text file, or written on a piece of paper, but one that is in someone else’s head (not even your own).  The best security is not using a computer or connecting to the internet at all. Then again, that is not feasible to most of us who live in the internet. However, learning to take steps to protect your privacy (within reason) can only work towards your benefit.

CONTACT FORM: If you have a question or comment about what I have written, and you want to keep it *for my eyes only*, please feel free to use the form below. The information you post will be e-mailed to me, and I will be happy to respond.

NOTE: No attorney client relationship is established by sending this form, and while the attorney-client privilege (which keeps everything that you share confidential and private) attaches immediately when you contact me, I do not become your attorney until we sign a contract together.  That being said, please do not state anything “incriminating” about your case when using this form, or more practically, in any e-mail.

Cashman Law Firm 2013, A Year In Review.

As we near the end of 2013, I expect to see “2013 Year in Review” articles. I decline to write my own here, but it has been a very busy, work-intensive year. I would compare it to using nothing but strength and muscle to push metal against a spinning wheel with the result of seeing sparks flying.

Prenda is dead. Or, is it. Lawyers spent most of the year enjoying the exposure of Prenda Law, Inc.’s failings (or more accurately, “fallings”) where their scams and schemes became unraveled over and over again for all to see. Judges called them on their bluff, brought the principals into court, and ordered them to pay large sums of money. Yet, what was actually paid (and what will actually be paid) is still hidden from our eyes. My guess is that they’ll pay something, but compared to the millions they raked in since 2010, it will only be a tiny fraction of their windfall profits.

It is my opinion that what undid them was greed. Had they continued to sue defendants en masse, and had they continued to “name and serve” defendants and move forward with the lawsuits in good faith (if there ever was good faith), they may still be in business. Thankfully, where there is “rolling in dough,” there is also born greed and corruption. AF Holdings was born, the “Alan Cooper” alter-ego was invented, papers were forged, settlement money was sent offshore to various entities, honeypots were discovered (where it was discovered that Prenda Law Inc. was seeding the pornography they later sued on), and so-called paralegals became the named “owners” of the entities who were suing to enforce their copyrights. If all this (and getting caught) was not enough, they threw their own local counsel attorneys “under the bus,” they sued the internet and bloggers for defamation, and they started a war with the internet service providers (ISPs) and Cable Companies, a fight they could not have won. Why they went after the ISPs, nobody will know, but in my opinion, this was their mistake.

But this article is not only about Prenda, or the Steele|Hansmeier gang, or the Mark Lutz characters of the world (or their many life-altering experiences over the year), but it is also about what has been happening outside the federal courts (“out-of-court”).

[2017 UPDATE: Carl Crowell has created a new entity called RIGHTS ENFORCEMENT which has reverse-engineered CEG-TEK’s proprietary DMCA copyright infringement notice system.  Many of you have visited CEG-TEK links thinking that RIGHTS ENFORCEMENT was CEG-TEK, but really they are an ‘evil twin’ competitor.  I would even suggest that now that the “Six Strikes System” described below is DEAD and CEG-TEK has been dormant since August of last year, any obstacles stopping RIGHTS ENFORCEMENT have been erased, so caveat emptor.]

A year ago, I wrote a few articles about Copyright Enforcement Group (CEG-TEK), a brainchild of Ira Siegel. After his experiences in the Northern District of California, followed by the experiences of his local counsel Mike Meier, Marvin Cable, and for a time, Terik Hashmi, their cases went silent in the federal courts. No new cases were filed, and for a time, all we saw were dismissals of our law firm’s clients.  Then, tens of thousands of so-called “DMCA Letters” began pouring out from various ISPs directing accused internet users to their website (no link, this is on purpose) to entangle themselves in their settlement system.

There was a moment where I thought the “Six Strikes System” would kill CEG-TEK’s business model because the ISPs would no longer forward their “pay us now or else we will sue you” scare letters, and by depriving the copyright enforcement companies of their ability to contact accused internet downloaders in their homes and out-of-court (without the supervision of a federal judge), this would cause CEG-TEK and their ilk to go out of business, but this was a disappointment.

The “Six Strikes System” ended up being a dud. It only applied to a few of the “elite” ISPs, and those ISPs used the Six Strikes System to demand large sums of money from the copyright owners and sent the notices to their subscribers anyway, but only a truncated version of CEG-TEK’S “scare” letter. Comcast, case in point. I watched as a fight broke out between Comcast and CEG-TEK, where Comcast only forwarded a snippet of CEG-TEK’s letter, but still directed users to their website so that the settlements can continue. Then in other letters, they botched the CEG-TEK settlement link alltogether, and then, did not include the link [in their letters] at all. (And, just for “me too” news as of today, “Johnny-come-late” to the game, RightsCorpis reported by Torrentfreak to have experienced the same thing).

In sum, the Six Strikes System did not kill CEG-TEK as I thought it would, nor did it hurt the “copyright trolls” or stop them from filing lawsuits. CEG-TEK merely found other ISPs and universities to cooperate with them by forwarding their settlement demand letters to the ISP’s subscribers, and CEG-TEK’s collection attempts have continued unhindered.

Lastly, there has been little slowdown to the copyright infringement lawsuits. As I predicted a few years back (link), the lawsuits merely got smaller and more focused (link). The days of suing 5000 “John Doe” defendants bunched together in one federal lawsuit are over. Similarly, the smaller lawsuits having just a handful of defendants [where the lawsuits are filed in the states in which the defendants live] are also over. Now, the lawsuits are so small and focused that it is common to have only one defendant in a lawsuit, and this has made it impossible for our firm to watch, read, and report on every case that is filed in every jurisdiction.  Then again, it has made it more expensive for the copyright trolls, and (ugh) more scary for the carefully targeted defendant.

In sum, it has been a year of grinding and a year of watching the effects of previous years of work change, alter, and shape the bittorrent lawsuits to the form in which they are today. Congress and lawmakers have been useless in making this copyright trolling phenomenon disappear, as have been the attorney generals and the various state bar ethics boards, who [with some very notable exceptions] have been sitting on their hands. I do not think the copyright troll problem has been solved in any way. Rather, the plaintiff attorneys have gotten smarter, smaller, and more focused.  As a result, they have flown below the radar of those who have the power to stop them. And, while the lawsuits continue, former copyright troll attorneys (Ira Siegel / CEG-TEK) have continued their efforts, just outside of the court’s ability to monitor, sanction, and control their out-of-court settlement activities. And, I need not say this, but many new copyright trolls have popped up based on the lack of legal supervision, and I am concerned to say that I do not see this going away any time soon.

John Steele and his Prenda Law Inc. gang are down. CEG-TEK is thriving. Old copyright trolls such as Lipscomb & Eisenberg, along with their many local counsel across the US [and their lawsuits] are thriving. Other no-name “baby” copyright trolls are growing up and have learned to navigate the broken federal court system. And most important of all, more and more people are getting entangled into their legal spiderweb of extortion, settlement demands, and lawsuits, both in and out of court. This is grim, I know.

But there are still voices out there — SJD’s Fight Copyright Trolls website, DieTrollDie‘s website, along with organizations such as the Electronic Frontier Foundation (EFF) who, [while they have been rightly so enveloped with dealing with privacy issues, government corruption, secret FISA courts, and fighting NSA police-state-like snooping techniques] are still very helpful in the copyright troll lawsuits with their countless efforts to make the problem go away once and for all.

So please allow me to be the first to wish everyone Happy Holidays, a safe winter, and a Happy New Year.

Warm regards,
Rob Cashman

“Swarm joinder theory” & “Judicial Economy” ruling refuted.

Add Missouri to the list of states unfriendly to copyright trolls. And, congratulations to the Cashman Law Firm, PLLC clients who have been severed and dismissed from the Purzel Video GMBH v. Does 1-91 (Case No. 4:12-cv-02292) lawsuit!

Now what was exciting about this Purzel Video GMBH case ruling was U.S. District Judge Audrery Fleissig’s 1) refutation of the “judicial economy” justification for joinder, and 2) her clarification of the relationship between bittorrent users for joinder purposes (and similarly, what she left open for future rulings by referring to bittorrent transfers as mere “pieces”).

Courts in other federal jurisdictions which allow multiple defendants to be sued together in bittorrent cases (pro-joinder jurisdictions) allow joinder of non-related defendants based on the fact that it is easier to have one “John Doe 1-500” case with five hundred (500) defendants in it rather than to have five hundred “single John Doe” lawsuits. The defendants in these cases are all accused of violating the same copyright laws; the defendants are all accused of using bittorrent to download the same title; the courts are all deciding the same issues for each defendant — whether the court has “personal jurisdiction” over each defendant (whether the plaintiffs sued defendants in the wrong state, depriving that federal court of personal jurisdiction over each John Doe Defendant), and whether the defendants are properly joined together as co-defendants in the same lawsuit.

I suspect that Judge Flessig caught on to the extortion scheme, and she made her ruling with the understanding that everything in the above justifications for “judicial economy” is true… if the plaintiffs are running a settlement extortion scheme. However, if the plaintiffs indeed intend in good faith to move forward with their case “on the merits,” then as the judge points out, the “judicial economy” approach falls apart.

The rule now in Missouri federal courts (binding on other Missouri cases, persuasive in non-Missouri cases) is that suing multiple defendants in a “John Doe 1-X” lawsuit is improper because of the prejudice to the co-defendants and the confusion that will result *if* the plaintiffs actually have a good faith intent on pursuing their claims (e.g., if they are “not” running a settlement extortion scheme).

For example, a rule in federal courts is that every named defendant needs to be provided copies of all documents for the case in which they are accused. The judge points out that it would prejudice Defendant #2 if he started receiving motions and rulings relating to the depositions and interrogatories for Defendant #1. Multiply the confusion that would occur if there are ten defendants, or one hundred defendants, and so on. Similarly, each defendant will end up having his own lawyer. If the lawyer for Defendant #1 makes a motion and the court orders his client to a case management hearing, Defendant #2 will receive a copy of this order and may think that he has to attend the hearing.

This gets even more burdensome as soon as defendants are named and discovery begins to take place. Judge Fleissig points out that every defendant has the right to attend the depositions of the other co-defendants. Imagine the chaos that would ensue if every John Doe Defendant crowds into a small office to hear the other defendants’ depositions. My own addition — imagine if all the accused defendants and each of their lawyers try to crowd into one small courtroom for a hearing.

Lastly, we all know that the justifications for joinder in a federal lawsuit is the “same transaction or occurrence” standard. In other words, courts have ruled that defendants can be joined together in one lawsuit if they were participating in the same bittorrent swarm at the same time — this is known as the “swarm joinder theory” asserted by the plaintiffs in every bittorrent lawsuit complaint.

In plaintiff attorney Paul Lesko’s cases, it is interesting to note that he was trying to extend the definition of a bittorrent swarm to span 18 weeks — from August 5th, 2012 to December 5th, 2012. This would obviously include internet users who never uploaded or downloaded from each other, and it would place them together as being part of the same transaction [big ongoing swarm] or occurrence [the “happening” of the swarm, for as long as “it” stays “alive”].

This secondary swarm theory has no official name, but it could be described as the “temporal swarm theory,” which asserts that defendants who participate in a bittorrent swarm can be sued with all other defendants who ever uploaded or downloaded to that swarm (as opposed to a more legitimate “snapshot swarm theory” which joins bittorrent users together in a lawsuit based on who is uploading and downloads to whom at a particular point in time).

However, Judge Fleissig rejected both the “swarm joinder theory” and the “temporal swarm theory” (“snapshot swarms” were not discussed) because in both cases, the bittorrent users did not download and upload from EACH OF ALL the other bittorrent users in that swarm. In other words, a bittorrent swarm consists of many small “transactions and occurrences” between multiple users, and the judge essentially ruled that association with a “bittorrent swarm” does not properly connect [for joinder purposes] one defendant with another defendant from whom or to whom he did not specifically download or upload.

Food for thought for future Missouri federal cases: I want to also mention that Judge Fleissig refers to the accused bittorrent users as merely transferring “pieces” of the copyrighted files to each other rather than the entire copyrighted title [to be found liable for copyright infringement (under the “substantial similarity” prong), courts have ruled that the entire copyrighted file needs to be transferred; not merely “pieces” of it].

I would love to interpret her words as meaning that ‘because no user transfers a complete copyrighted file to any other user (only data bits and “pieces” of the copyrighted file that the downloader’s bittorrent software pieces together into a file), no user can be found liable for copyright infringement,’ but I do not think this is what she was referring to.

Rather, by mentioning bittorrent transfers from one user to another user as mere “pieces” of a copyrighted file, Judge Fleissig leaves open the question (perhaps to be elaborated in a future ruling) whether transferring bits and “pieces” of a copyrighted file (but not the entire file) can constitute copyright infringement.

NOTE: This ruling directly affects as binding upon the following Missouri bittorrent cases* (sorted by filing date):

reFX Audio Software Inc. v. Does 1-39 (Case No. 4:13-cv-00895)
Georgia Film Fund Four, LLC v. Does 1-75 (Case No. 4:13-cv-00832)
The Bicycle Peddler, LLC v. Does 1-28 (Case No. 4:13-cv-00583)
Elf-Man, LLC v. Does 1-17 (Case No. 4:13-cv-00576)
The Thompsons Film, LLC v. Does 1-23 (Case No. 4:13-cv-00577)
PHE, Inc. v. Does 1-27 (Case No. 4:13-cv-00480)
Purzel Video GMBH v. Does 1-32 (Case No. 4:13-cv-00449)
Purzel Video GMBH v. Does 1-67 (Case No. 4:13-cv-00450)
Riding Films, Inc. v. John Does 1-11 (Case No. 4:13-cv-00430)
Bayou Pictures, LLC v. John Does 1-11 (Case No. 4:13-cv-00433)
The Good Doctor, LLC v. John Does 1-36 (Case No. 4:13-cv-00434)
Maxcon Productions, Inc. v. Does 1-88 (Case No. 4:13-cv-00428)
reFX Audio Software Inc. v. Does 1-97 (Case No. 4:13-cv-00409)
reFX Audio Software Inc. v. Does 1-53 (Case No. 4:13-cv-00408)
Breaking Glass Pictures, LLC v. Does 1-188 (Case No. 4:13-cv-00388)
Vision Films, Inc. v. Does 1-10 (Case No. 4:13-cv-00290)
Vision Films, Inc. v. Does 1-30 (Case No. 4:13-cv-00020)

*some of these may have already been dismissed on other grounds.

CONTACT FORM: If you have a question or comment about what I have written, and you want to keep it *for my eyes only*, please feel free to use the form below. The information you post will be e-mailed to me, and I will be happy to respond.

NOTE: No attorney client relationship is established by sending this form, and while the attorney-client privilege (which keeps everything that you share confidential and private) attaches immediately when you contact me, I do not become your attorney until we sign a contract together.  That being said, please do not state anything “incriminating” about your case when using this form, or more practically, in any e-mail.

Why suing downloaders for infringement is misguided.

Much of the work that I do in copyright litigation circles not only around defending John Doe Defendants who have been implicated in some lawsuit or who have received a notice or a DMCA letter from their ISP.  Rather, a lot of what I do involves having discussions with copyright holders and their attorneys swaying them from suing individual downloaders.

I wouldn’t say that a newly minted attorney (or a seasoned veteran attorney) who chooses to fund his law firm’s coffers with tons of settlement cash by suing individual downloaders is unethical for doing so — I simply think their attempts to stop piracy by suing downloaders are simply misguided.

Many attorneys justify their attempts to sue individual downloaders by the “death of a thousand cuts” theory, which acknowledges that one “lost sale” from a download won’t hurt anyone. However, multiply that by thousands, and a copyright holder can go bankrupt from the loss of revenue from piracy. While I understand their concerns (and agree somewhat in theory), I still say that going after the direct infringers (e.g., the internet users who copied and distributed the copyrighted content via the use of bittorrent software) is the WRONG approach to solve the piracy problem.

Below is a snippet of an e-mail I sent to an attorney who has been quite proactive on the copyright infringement front. His approach was somewhat different from the Prenda / Lipscomb / Dunlap Grubb & Weaver, PLLC approach to suing internet users, and while I will keep his information private for the purposes of this article, I agree that these predatory lawyers (the “copyright trolls” we speak about on the blogs) have made a mess for the copyright holders, “poisoning the well” for copyright holders who still wish to sue downloaders. I hope reading the following snippet may sway them to pursue other avenues to solve the piracy problem.

Dear [attorney],

I agree with the “death of a thousand cuts” problem when it comes to piracy and bittorrent. I am not sure what percentage of downloaders would actually purchase the copyrighted title (or a subscription to a copyright holder’s service) if the pirated title was not readily available to be downloaded, but it would be interesting to take an unbiased study and research the issue.

I also suspect that much of piracy is a distribution problem. I’ve heard this real-world example [from a few years back] as a justification for piracy. If someone wanted to see the “Game of Thrones” HBO series and they did not have access to HBO’s online website service (e.g., no cable; not going to subscribe), then they go to rent it on Redbox, Netflix, or Amazon Prime, and it is not available, and then they even go to purchase a season online and even that is not available, then they’ll pirate the series and feel justified about it (and they’ll be angry at the company as the bittorrent software moves the files onto their hard drives). I doubt this is the same for much of the adult content litigation (which I suspect infringement is a result of “browse, click and download, then watch”), but I’ve often commented that a wholesale iTunes store-like site (“Red Light Box”) would be a good source for purchasing or renting adult content (which is the subject of many of the lawsuits, as you know).

The jist is that I understand the desire to sue individual downloaders, and I understand the justifications for doing so. I am also certainly not going to sway you from suing individual downloaders with an e-mail.

However, I have always believed that internet users are not the correct parties to sue because many of them do not appreciate the severity for the acts of infringement they commit quite regularly. In other words, they are not the correct parties on whom to put the risk and/or the burden of violating the copyright laws because there are better alternatives available to solve the piracy problem and to mitigate damages from lost revenues. In my opinion, it is better to approach the issue from the “eliminate-the-available-content” approach via DMCA takedown letters, removing links, and taking down bittorrent trackers. Suing the content hosting companies is another approach, as you have explored successfully (although I understand the frustrations of this approach as well — how many times can someone sue The Pirate Bay).

[2017 UPDATE: FYI, Carl Crowell has created a new entity called RIGHTS ENFORCEMENT which has reverse-engineered CEG-TEK’s proprietary DMCA copyright infringement notice system.  Many of you have visited CEG-TEK links thinking that RIGHTS ENFORCEMENT was CEG-TEK, but really they are an ‘evil twin’. Nevertheless, keep reading, and think of “RIGHTS ENFORCEMENT” instead.]

I even don’t like the CEG-TEK $200 per title infringement software system / website solution where they send letters to the infringers days after the download, however, this appears to be the most efficient way to get a quick settlement and teach the downloaders a civic lesson on the dangers of downloading copyrighted titles.

But as for “poisoning the well,” yes, I fully see your point and appreciate the damage these law firms have done with their copyright trolling lawsuits.

Warm regards,

CONTACT FORM: If you have a question or comment about what I have written, and you want to keep it *for my eyes only*, please feel free to use the form below. The information you post will be e-mailed to me, and I will be happy to respond.

NOTE: No attorney client relationship is established by sending this form, and while the attorney-client privilege (which keeps everything that you share confidential and private) attaches immediately when you contact me, I do not become your attorney until we sign a contract together.  That being said, please do not state anything “incriminating” about your case when using this form, or more practically, in any e-mail.

Motions to Quash ISP Subpoena Letters, Malibu Media Lawsuits, Rightscorp DMCA Settlement Notices, and Helping John Does.