Help Zi against the RIAA
p2p news / p2pnet: The members of the Big Four Organized Music cartel spare no expense in their bitter war against the ‘consumers’ whom, they claim, are thieves and criminals who “illegally” download music without paying for it.
This isn’t, however, a criminal matter, efforts by the cartel’s RIAA to elevate it to that level notwithstanding. It’s a civil one. And what’s at issue isn’t if someone’s broken a law – it’s whether or not he or she has infringed a copyright, which is a very long way from “criminal” or “illegal”.
But this time the Big Four aren’t merely beating up on defenceless men, women and children who have no hope of matching their bottomless legal and financial resources.
Now the labels have You and the World Wide Web to contend with.
John Doe Number 8 – one of the cartel’s more than 17,000 victims – wants a court to throw out an RIAA ex parte discovery order filed in Atlantic Recording v Does 1-25. But the RIAA’s (Recording Industry Association of America) Jonathan Whitehead claims the metadata in John Doe Number 8’s shared files folder shows illegal copying took place.
JDN 8’s lawyer, Ray Beckerman, recently asked Zi Mei to check this out in detail.
Zi submitted an affidavit and now he’s asking you to give him a hand.
Hello p2pnet readers:
Many of you have been following developments on the RIAA lawsuits for a while here and at Ray Beckerman’s blog.
This time, we really need your help.
The RIAA has responded to my affidavit and I’m gathering research to put together a response that we need to send back to the courts by February 7.
This is a tight timeframe, so I’m calling on everyone to put on their thinking caps and contribute their thoughts on how we can fight this latest effort to misuse the American legal system.
Let’s pull together and make a difference.
Please post thoughts and comments here or on Ray’s blog http://tinyurl.com/9vejz.
Thanks folks.
Zi
And as he says on the blog, Recording Industry vs The People, “I’m just one guy, and I don’t have the unlimited time and financial resources that the RIAA most certainly does. In the true spirit of p2p and distributed computing, let’s put our brains together and fight these idiotic lawsuits. We’re a lot smarter than the RIAA’s hired goons, so let’s put on our thinking caps and end this attack on our freedoms.
“Most of all, let’s end this nightmare for dozens of the helpless people who are being sued.”
By way of back-ground, as we said an an earlier post on this, ‘ex parte’ means, “one side has communicated to the Court without the knowledge of the other parties to the suit,” says Beckerman in an earlier explanation of the way the RIAA identifies its victims. It’s, “very rarely permitted, since the American system of justice is premised upon an open system in which, whenever one side wants to communicate with the Court, it has to give prior notice to the other side, so that they too will have an opportunity to be heard,” he says.
But, Zi goes on in the document, the RIAA doesn’t even begin to explain how it manages to reach the cnclusion that the metadata are proof of copyright infringement.
And that’s not surprising, he says, “since there is no correlation whatsoever between (a) metadat in the files allegedly downloaded by the RIAA and (b) the origin of these files.”
He also emphasises that mp3 metadata are optional and may, or may not, be present in a file, and may or may not be accurate.
Since they’re aren’t part of the audio data, a computer or mp3 player can play files regardless of the existence or content of metatags, he says, also pointing out that literally anyone can create, edit or remove ID3/ID4 tags with software bundled with mp3 players, or any other easy to find applications.
“Simply put, there is no correlation between metadata in a file and the origin of the file,” states Zi in his document. “In no way can it be used as a tracking mechanism like a FEDEX or UPS tracking number.
“It certainly cannot be used to determine whether the files allegedly found on the defendants’ computers got there legally or illegally, since those files could have been downloaded from an authorized online service, or copied legally from commercially purchased audio CDs.
Zi also explains that moreover, hash files are equally useless as proof of wrong-doing.
On Recording Industry vs The People, IndieFeed’s Chris MacDonald posts:
I’m not so sure this is a technical question so much as an identification question. The metadata tag in question appears to be the “comments” field where ripping entities provide information about their software, or the individual who does the ripping. So to the extent that your collection has various and sundry comment “signatures” you could establish that the possessor of the file obtained the files from various and sundry sources, debunking any claim that the person lawfully transcoded the file from their cd to their own music management system. It’s an interesting argument but it would seem to make sense.
Larry Rosenstein says he agrees MacDonald.
Zi Mei describes the technical aspects of metadata, including that it is optional (does not affect playing the tracks) and easily modified.
It becomes a legal question whether having tracks with a lot of different metadata characteristics is proof of infringement.
An analogy might be someone who has a collection of books with hand-written notes in the margins, all with different handwriting. Is that proof that the books are stolen?
And jaded posts:
In his declaration, Messr Whitehead indicates that ‘Doe 8 is a user of the Limewire system’ and that ‘all of the Doe Defendants in this case are users of the Gnutella network’. This is interesting in light of the fact that all of the Exhibits associated with the original filing were screen-shots of Kazaa, which is not, from what I understand, a Gnutella network. It is its own network, I believe. This is an inconsistency that cannot be resolved with the material available, but does suggest there is some confusion on the part of the RIAA.
Beyond that, the User Log that is attached to the current declaration is a fabricated document (i.e., I do not believe that it is a report that can be readily produced by LimeWire, or probably even Kazaa). The only way that an association can be made between a users IP and the list of songs is to have a screen capture showing a download occurring from Doe 8 with Doe 8’s IP address and nickname clearly visible (ergo the comment above re the depiction of Kazaa screen captures in the initial filing). The other piece that would be needed is a screen capture that associates Doe 8’s nickname with the list of shared songs that are included in the attachment to the exhibit. I don’t believe that LimeWire even provides a way for a user to dump (i.e., print) a copy of what files they might have in their own share folder. Given that, there obviously would be no way to easily print, or capture, the files shared by another. If there is a utility that the RIAA agents have used to automate this, it has not been disclosed and subjected to scrutiny.
Beyond that, there is the issue of metadata (and the hash codes, which was not discussed in this declaration). There is certainly a wealth of circumstantial evidence that suggests that the files might have been obtained from other sources, but there is no conclusive evidence. All of the evidence points to the use of a Comment field that anyone can alter at will. Now, would anyone not associated with a particular web-site type that web-sites URL into a file’s ID3 comment field - one can only speculate. Is it possible - ABSOLUTELY. Anyone can do so.
There are, however, tell-tale markings that encoders do introduce into a file that serve to identify which encoder was used, but this is not metadata and only available by perusal of the binary file itself (there are some tools out there that attempt to do that - it’s not an exact science). One must have physical copies of the actual files to do this level of investigation.
What has not been shown, and would be a simple matter to do, is an indication of exactly which files it is that the RIAA had downloaded from that list (one would expect that this file would be the same file shown to be down-loaded from the above screen capture). If this file has none of the attributes that Messr Whitehead alludes to in his declaration, then nothing is proven. Absent that, all that exists is a listing that purports to represent a number of files that contain arbitrarily changeable metadata (for the most part - bit rate and length is not changeable, obviously).
But what is there to prove that an arbitrary file that the RIAA has is, in fact, the specific file that was downloaded by the RIAA agents? There will be a time-tag associated with the created file, but that is also something that can be readily altered. There is, in fact, NOTHING that can be used to show conclusively that any file that the RIAA might have in its possession came from the alleged Doe 8. Even the hash code, which presumably would be shown as being the same as others shared files could come from any one of those sources (or even fabricated, as discussed below).
WRT the hash code, as has been previously indicated and captured in Zi’s declaration, any rip/encode of a CD track with the same version of an encoder and quality setting (etc., etc.) should result in files with the same hash code. [I've not tried this myself, but am sufficiently intrigued to contemplate doing so.] Further, going to commonly available on-line metadata repositories would result in the same data being inserted as metadata which, once again, should result in the same hash code. Unique aspects of a files metadata, such as the Comment field discussed above, should also result in the same hash code if entered identically between the two files.
Says Zi in response (noting he’s replying without having had a lot of sleep ; )
Yes, Whitehead conspicuously switches to Limewire in this document whereas previous RIAA documents I responded to referred only to Kazaa. They consisted of several Kazaa screenshots and no screenshots of Limewire or any associated exhibits mentioning Limewire.
This time Whitehead specifically and conspicuously names Limewire, stating that “ALL” users in the suit were Limewire users. It is important to note that their long SHA-1 list is the same format as the list in the Kazaa affidavit, and presumably generated from the same software. They’re submitting this kind of list again now for Limewire. Doesn’t this contradict earlier statements, Ray? They showed screenshots of Kazaa, not Limewire, but now they’re attaching this “log”. This is an obvious bait and switch tactic and reveals that they know their Kazaa attempts were fruitless and unfounded, so they’re beginning anew with Limewire. Does anyone know what this is a “UserLog” of (item 5 in Whitehead)? A “log” has to be a log to something! I know Kazaa doesn’t produce logs like this, and am pretty sure that neither does Limewire or any p2p application, but I have not used Limewire in a long time. This looks like some unnamed and unknown mumbo-jumbo software the RIAA goons are using, the validity and accuracy of which needs to be examined. It is not produced by any software that I know. I stand with jaded in his assertion that it is fabricated by the RIAA and not produced by any p2p application.
Given that Whitehead’s earlier affidavit talks at length about Kazaa, but now he’s switched completely to Limewire, how can we be certain that these are not TWO SEPARATE individuals? First, he showed us Kazaa screenshots in an attempt show unlawful downloading (which is not true, since they are just files in a shared folder). Now he’s removed the screenshots and just left a SHA-1 list. No screenshots of Limewire are shown. Kazaa and Limewire are two completely different programs. This seems to be a clear case of misidentification. By way of an analogy, if I went to the police and said the burglar drove a white Ford Bronco one day, and then went back and said, no, it was a blue Honda Civic the next, they are not going to believe me. Whitehead simply says John Doe 8 is using Limewire, without presenting a screenshot or any evidence whatsoever. Where are these hundreds of files? I question their existence.
But more seriously, Whitehead deliberately chooses to ignore all of my questions regarding their investigative techniques and appeals to document their procedures. This lack of transparency to me and independent technical experts who are able to verify the veracity of their claims, or lack thereof, is not surprising. Their methods are unknown, so it cannot be determined whether they are scientific or not. They most likely are unscientific. Right now, it is just RIAA hocus pocus as to how they’ve obtained the defendant’s IP address in this case and all other cases. Given the highly inaccurate, reckless, and fallacious claims that the RIAA has brought against numerous innocent people (Sarah Ward [a 66 year old woman who uses a Mac-- there is no Mac version of Kazaa ], Candy Chan [a computer illiterate mom ], Gertrude Walton [a deceased 83 year old grandmother], mistaking a child’s Harry Potter book report as an illegal download, etc.), it behooves them to reveal the means through which they have identified John Doe 8, as it behooves the plaintiff in any case. The burden of proof has not been satisfied. Whitehead very deliberately avoids answering my probes as to how they got this IP address in the first place, so how can we be sure this is not another case of mistaken identity. Discussion on the extreme unreliability and inaccuracies of the metadata tags is moot until he can show definitive proof that this IP address is irrefutably accurate and properly ascertained, particularly when IP addresses are so easily spoofed, that many users use unprotected wireless networks, that ISP’s assign the same IP address over any given period of time to a number of different people, among other important technical facts. Basically, Whitehead is saying “we found this smoking gun, and it’s yours and you’re in a lot of trouble” without any proof and expects the courts to accept that at face value. To this date, my technical challenge remains unanswered and their process cannot
be verified by an network engineer or internet professional. They’re doing it all behind closed doors, and who knows what shenanigans they’re pulling. When so much is at stake for John Doe 8 and other defendants, this question cannot go unanswered. Given the RIAA’s awful record of getting things wrong, even basic facts such as whether an individual is even alive or not, we cannot trust them to be meticulous. The internet bountry hunters employed by the RIAA have an economic interest in identifying large numbers of people to sue and their carelessness is reflected in their work. The courts need to hold the RIAA to a higher standard instead of allowing them free reign to accuse and invade the privacy of users with these dangerous lawsuits.
Stay tuned, and if you have any thoughts you’d like passed on to Zi privately, please email me and I’ll make sure they reach him. And - post his request anywhere useful you can think of.
Cheers!
Jon
January 27th, 2006 at 8:48 pm
The Bible teaches to share. Religion and Law are not to be mixed under the Constitution. Hence, law suits for file sharing, would be confronting religious beliefs/morals/teachings before the law.
January 28th, 2006 at 6:01 am
http://recordingindustryvspeople.blogspot.com/2006/01/calling-all-techs-riaa-defends-its.html#113842782331240142
January 28th, 2006 at 2:13 pm
If I understand this correctly, the pivot point is whether the attached metadata is unambiguous in identifying the origin, etc. of any given file. From what I understand from reading this article this is clearly not the case. However, in order for the proof to be most effective, it must be laid out in layman’s terms.
So my suggestion would be to author/construct several files with the same metadata and hashmarks and whatever else, but with different contents, and present them all as proof that the file’s actual contents need not be indicated by the labeling in question. Defy any parties arrayed against you to tell the actual contents of the file based purely on the labeling information, such as size,metadata, whatever. If they can then your claims are baseless. If they can’t then their claims are baseless. And most any person of normal intelligence, even those with mininal computer literacy skills should be able to clearly understand this argument.
No need to get technical. Simply present the files, and ask “Can you tell for sure what the actual contents of this file are based solely on the labeling data ?” If they can’t, and I were the judge, they wouldn’t have a case if that’s their only evidence.
January 28th, 2006 at 4:45 pm
“No need to get technical. Simply present the files, and ask “Can you tell for sure what the actual contents of this file are based solely on the labeling data ?” If they can’t, and I were the judge, they wouldn’t have a case if that’s their only evidence.”
The most abundant example of that would be the mislabling of porn, movies, music entities already present on gnutella/fasttrack.
January 29th, 2006 at 12:50 am
Previous comments may have touched on the points I would like to make. I would, however, like to add my thoughts to those already presented.
Meta-data:
1. Manual Entry - Although this should be obvious it is apparently not to some. The meta-data is divided into a number of named fields such as “Title”, “Artist”, etc. So if 1000 people converted their legal copy of “Yesterday” by the Beatles to an MP3 file and then manually entered the meta data how many do you think would enter “Yesterday” in the Title field and “Beatles” in the Artist field? You would havre to wonder about the mental compentancy of the ones who didn’t wouldn’t you?
2. Automatic Entry - Although this was mentioned previously I am not sure it was stressed how common this is and is becomming. There are numerous MP3 cataloging and organizing programs, such as MusicBranz” that automatically fill in meta-data from internet hosted databases. Some of these are maintained by comercial entities and some are maintained the the actual users of the database the same as the Wiki encyclopedia. So anyone making entries to such a database can make errors or use cute, unique language. Everyone accessing the database for this meta-dat would get the same results just from playing cataloging their file(s). Many programs that play or catalog do this when they are installed or the first time they are run. A non-technical user may not even realize what is going on under the hood.
MediaSentry/Detection Programs:
1. Testimony - The program used to produce the log files presented as evidence is essentially providing testimony against the defendants is it not? A defendant has the right to confront and discredit his accusers. In the case of a software program, this would include the testimony of the designers and programmers who created the program, documentation of the program, and the program itself, in the form of source code. This should all be public testimony subject to scrutiny of professional world wide.
2. GPL Violations - By all means investigate if the plantiffs have temselves comitted copyright violations via GPL or other means and if so takem to the cleaners for it.
Hope you find this helpful.
February 2nd, 2006 at 8:32 pm
One thing I never understand, is how people can justify theft.
I am a retired musician. I will not name the groups I worked with, but I know that you have heard of them. And one of the things that helps me get by has been my residual checks.
These are the checks I get for sales and radio play of the songs I worked on 20 years ago. In the early 1990’s, it was roughly $18,000 per year. Even as recently as 1996 it was $21,000 per year. Roughly 75% of this was from CD sales, the other 25% was from radio airplay. Not a lot of money, but it was nice to see.
By 2000, I was expecting this amount to go up. I was most active in the early 1980’s, so most of my works were about to start being played on “Oldies Stations”. In addition, 20 years is when a lot of songs are picked up for “Oldies Collections”. You know, those 10 CD packs with all the music you grew up with.
I was shocked to see my income DECREASE however. At the current time, I am bringing in about $8,000 a year. And over half of that is from radio airplay. Only about 40% is from CD sales anymore.
You may think it is the RIAA you are cheating. In reality, it is us musicians you are cheating. The RIAA acts as our banker, collecting money owed to us, and making sure that our contracts are upheld. They also give us our insurance and pensions.
So keep stealing music. Then you will only have music that all sounds like Christina Spears, and nothing new or original. After all, why should we do all the cost and effort of recording songs if it is only going to be stolen from us?
February 2nd, 2006 at 9:06 pm
Obviously your checks for less than $21,000 a year indicate you never made it very far in the music industry. Any artist that “makes” it in the industry makes far more than you ever would have or will, even after they are retired. In fact I would like to compare your paychecks to Britney Spear’s potential retirement paychecks, someone you are directly insulting.
Many of the victims of the frivolous lawsuits presented by the RIAA are not guilty and have not even used a computer to do the so-called copyright infringing. They are everyday people, some making just as much a year from regular jobs as you may make in a year from your retirement checks. They deserve to have voice that will fight for them, because they are innocent. These people do not understand how to fight these lawsuits, nor do they understand where they are even coming from as they do not have any computer expertise at all.
Please take your one-sided view and idiotic threats somewhere else please. You are not helping any side of the situation.
February 3rd, 2006 at 9:33 am
“I was shocked to see my income DECREASE however. At the current time, I am bringing in about $8,000 a year. And over half of that is from radio airplay. Only about 40% is from CD sales anymore.”
GEE, you were shocked to see your income decrease, so people MUST be stealing from you. That is a fallacy of causation and one of the first things you learn in intro Econ class, or were you sleeping? PC manufacturers saw a sharp decline in revenues a few years ago and many struggle, but we don’t see them blaming people for stealing computers instead of buying them. Wake up from your silly oversimplified world and face facts. Times are changing and people aren’t buying CDs as much anymore. How about thinking.. hm… people aren’t buying my stuff because they’re not interesting in hearing shit from the 70’s their parents listen to? Kids buy Britney Spears, not Oldies.. regardless of the creative merit of the songs.
Apple sold 14,043,000 iPods during the quarter ending Dec 31, 2005. 14 million iPods in 3 months. Quite an achievement. All these people are buying music from the iTunes store or converting their CDs to mp3’s. The record companies can have a taste of this pie, but they’re too stupid. And when the public sees the RIAA suing little kids and single moms on welfare, this looks bad for you and your bosses. And when we see stuff like the Sony XCP crap, we see how dangerous and reckless your bosses are, putting users at risk intentionally and knowingly.
Shock? how about some shock for the people who get sued for thousands of dollars who don’t even own computers and never downloaded a song in their life? or would you say they’re all lying?
P.S. paycheck getting smaller? perhaps people think your stuff is shit? hm…
April 13th, 2006 at 8:11 pm
You have been brain washed by the RIAA pigs!
If you think that the lossy and crappy compressed files distributed via the internet for money or for free is replacing a CD you are wrong! (By the way do they pay you for the audio files they are saling via internet?)
Yes the sale of CD is down Deu! We are boycoting! This is what you are noticing. Pretty nasty hum? This is only the begining.
Tell the RIAA to stop their OPERATION EXTORTION! Tell them that there is consequences for trampling our laws, our constitution and corrupting our governement. Tell them that they are fool and that they are going to get more than they bargain for. Tell them that they are hurting YOU!
You see people song are not like food, gas or housing and people can go without it.
People use to buy CD not because they have too but because it was cool. It is not cool anymore. You are not cool! Madocrap is not cool! Brtiney Slut is not cool! None of you are cool and look like a pack of greedy bastards! Nobody like you anymore.
You can tell your friend at the RIAA that they can take their CDs and their music files and fuck theselves with it!
The RIAA decided to attack their customer? Fine! Face the consequences! The customers are striking back!
The RIAA and their corrupted lawers are a pack of fools!
Instead try to relauch your carrier with one of these indies that oppose the RIAA lawsuit. You see I am still bying CDs but now I use the RIAA radar to make sure the RIAA pigs don’t get a penny out of this!
Bottom line:
THE RIAA IS ATTACKING YOUR CHILDREN!
SONY IS INSTALLING ROOTKITS IN YOUR COMPUTER!
BOYCOTT THE RIAA!
http://www.boycott-riaa.com/
http://www.downhillbattle.org/
April 13th, 2006 at 8:34 pm
“how many do you think would enter “Yesterday” in the Title field and “Beatles” in the Artist field? You would havre to wonder about the mental compentancy of the ones who didn’t wouldn’t you? ”
Why not?
Me I will enter tomorow and my dog name.
Why? Because tomorow the RIAA pigs will be dead and my dog is my best friend.
I don’t know the Beattles nor do I want to know them although they use to hair-dress like dogs and this was funny.
Maybe now they are hair-dressing like wales?