Researchers get MPAA/RIAA to bust a Printer for P2P File Sharing

After receiving over 200 inadvertent complaints and DMCA takedown notices while studying BitTorrent traffic in 2007, researchers at the University of Washington decided to evaluate the accuracy and effectiveness of monitoring agents employed by copyright stakeholders.  What they found was not a particularly encouraging state of justice.

• Arstechnica: Study paints grim picture of automated P2P enforcement
• Challenges and Directions for Monitoring P2P File Sharing Networks –or– Why My Printer Received a DMCA Takedown Notice

In the recently published paper, researchers Michael Piatek, Tadayoshi Kohno, Arvind Krishnamurthy, Department of Computer Science & Engineering at the University of Washington, set out to attract bogus DMCA takedown notices to determine what methods were used to identify P2P file sharers, to evaluate their accuracy, and determine how easy it would be to deliberately or accidentally implicate an innocent IP address.  In the course of the research to reverse engineer enforcement methods, there were no infringing files were shared with any torrent, but between both projects, 487 false positive complaints were received, the majority for movies and television followed by software, books, and finally music.

The copyright thieves, I mean culprits that were implicated: networked printers, a wireless access point, and a desktop computer without any infringing content on it.

Of course, we all know that printers enjoy downloading and watching the latest Hollywood blockbusters without paying for them as much as anyone does.

Based on the data collected, the authors came to the following conclusions:

Copyright holders utilize inconclusive methods for identifying infringing BitTorrent users. We were able to generate hundreds of DMCA takedown notices for machines under our control at the University ofWashington that were not downloading or sharing any content.

We also find strong evidence to suggest that current monitoring agents are highly distinguishable from regular users in the BitTorrent P2P network. Our results imply that automatic and fine-grained detection of monitoring agents is feasible, suggesting further challenges for monitoring organizations in the future.

Challenges and Directions for Monitoring P2P File Sharing Networks –or– Why My Printer Received a DMCA Takedown Notice

DMCA takedown notices sent to ISPs typically include the IP address of the infringing host, metadata identifying the infringing file, and the date and time of detection.  Detection agents like Media Sentry and Media Defender, typically hired by the likes of the MPAA and the RIAA, have two basic methods available to them.  Direct detection involves actually contacting a peer in a torrent swarm identified by a tracker and downloading at least part of an infringing file.  The other method is indirect detection where IP addresses associated with a swarm are provided by the torrent tracker, which are presumed to be file sharing without any actual file sharing taking place.  The latter method is predicated on an assumption of guilt without any proof that the supposed crime was actually committed by the accused; the witness never saw any crime actually being committed.

The basic experimental setup was to identify candidate BitTorrent swarms and query the accompanying tracker for bootstrapping peers.  This allowed the researchers to determine swarm membership as well as identify themselves as a possible replica to the swarm without any infringing files exchanged.  Any contact between computers on the internet always requires IP address to route communications, but the researchers were able to deliberately falsify their client IP addresses as well as cause accidental misreporting of their IP address to the swarm.

There are a number of different scenarios possible as to how a tracker can end up with the wrong IP address by forgery or error, how the wrong computer can be associated to an IP address, or how a computer can be unknowingly used for file sharing:

• Certain trackers allow clients to specify alternate an IP address for files to allow compatibility with proxy servers and network address translation (NAT)
• Tracker metadata is user generated and can be altered to include any arbitrary IP address as a peer
• IP address are reallocated to other users on public Wi-Fi when a previous P2P user fails to disconnect properly from the torrent
• Tracker responses to queries are unencrypted, allowing for interception and alteration by anyone between transmission points
• Malware running on a machine that hosts or downloads infringing content
• An open network access point that is used by other to transfer infringing content

During the experiment, the researchers were able to frame a random collection of networked devices at the University of Washington that were incapable of infringement by simply providing incorrect IP addresses to the trackers.  Because they never provided any infringing files to the torrent trackers, all of the DMCA notices that they received could only come from indirect detection.

Direct detection eliminates the possible false positives because an erroneous address will not have any infringing files available for download.  So, with all the possible sources of error, why are content providers and their watchdogs relying on unreliable methods?

To cut costs.

Direct detection of file sharing for copyright infringement is bandwidth and effort intensive, i.e. it costs more.  After identifying an IP address with potentially infringing content, someone has to take the time to download the file and it has to be stored somewhere.  This would quickly add up over the many possible occurrences and the costs to catch actual copyright infringement are then multiplied further by downloading the false positives.  It’s far easier to find a place were crimes might be committed and start accusing anyone they happen to find in the vicinity.

The flipside to sending out DMCA notices to prevent illegal file sharing is that it is technically also illegal to send out bogus notices under Section 512(f) which provides penalties for knowing misrepresentation of copyright claims.  With the obvious flaws and inconclusive evidence provided by indirect detection, it is not very believable that these self-appointed copyright cops are unaware of the high probability that they implicate innocent people.

It’s nice to see that organizations like the MPAA and the RIAA don’t mind breaking the law to ensnare innocent people in their effort to prevent illegal copyright infringement as a cost saving measure all to enhance the corporate bottom line.