Wednesday, October 10, 2007

Will St. George be the next big file-sharing verdict? and the impact on anonymous bloggers

Remember that Minnesota woman who got a $222,000 bill last week for file-sharing (i.e., violating copyright laws on) 24 songs? Now the Recording Industry Association of America, which pursues these cases on behalf of its members, has filed a similar lawsuit in Utah.

The lawsuit (2:07cv00746) accuses Lorna Davis of "Saint George" of using the peer-to-peer network Gnutella to make available 10 songs for others to download. Actually, the studios say she made 321 songs available, but they only included 10 in the suit. Apparently that was how many they sampled: According to another lawsuit filed in Utah last June against "Does 1-4," RIAA finds its culprits in a fiendishly clever way: By having someone surf file-copying services like any ol' file swapper. When it finds music files available for download -- which takes, oh, about 15 seconds -- it downloads some, logs the date, time, I.P. address of the computer providing them, and then listens to be sure the songs are as labeled. (Considering some of the songs downloaded in Doe -- think Jessica Simpson -- someone isn't getting paid enough.)

So far, we don't have a problem. File-sharing in that way is illegal and, as the anti-immigrant faction likes to remind us, the law is the law. We may question whether a $9,250 fine per song is reasonable -- the Minnesota court did not require evidence of actual harm to the studios, such as proof that the songs had been uploaded by anyone -- and we may wonder about going after 10-year-olds, but it's still theft.

Our concern is this: RIAA's common practice of obtaining ex parte (no notice to the other side) court orders allowing them to get names, addresses, and e-mail addresses of Internet Service Provider subscribers. As an RIAA V.P. said in the Doe case, "Since 1998, the RIAA and others have used subpoenas thousands of times to learn the names, addresses, telephone numbers, and e-mail addresses of infringers" -- don't they mean alleged infringers? -- "for the purposes of bringing legal actions against those infringers." (Declaration of Carlos Linares, June 27, 2007, Warner Bros. Records, Inc., et al., v. Does 1-4, 2:07cv424.)

Obviously, they can't pursue their lawsuits if they don't know a defendant's real name. But the RIAA has made some embarrassing mistakes in these lawsuits (see here and here), so alleging guilt does not necessarily make it so. In our view, subscribers should always have an opportunity to resist the disclosure of their private information before it is a fait accompli.

Admittedly, we don't lose sleep over file-sharing defendants. However, suppose some angry reader filed a lawsuit against an anonymous blogger or commenter that looked legit on paper but was really just retaliatory. Some ISPs provide subscriber information without even a court order if they are notified that a lawsuit has been filed. It's easy to see how that could be abused.

In Doe, the ISP was Off Campus Telecommunications on University Avenue in Provo. The judge's order did not require OCT to tell its subscribers that their identities had been subpoenaed. It may well have done so (we didn't see a policy on its website), but it shouldn't hinge on a particular ISP's internal practice. Courts should require that any subpoena of an ISP contain an instruction to notify subscribers before handing over private info.

9 times out of 10, there will be no legitimate basis to oppose the disclosure of a potential defendant's name and address. It's that other 1 that bothers us.

P.S. We couldn't find a picture of Ms. Davis or Does 1-4, so we'll post this funny "RIAA Lawsuit Decision Matrix" instead, courtesy of It's worth clicking on to read the full-size image.


Part of the Plan said...

This is scary, but pales in comparison to that shadowy software industry organization that allegedly (I've heard) can enter a business and demand that proof of ownership of all commercial software installed be immediately provided...I'm wondering, is a warrant required for that? I do know that there used to be a little software company in Orem that provided mainframe business software for certain "healthcare product" MLM's in Utah Valley (i.e., ephedra-based stuff). That company went under shortly after being visited by this group...they were supposedly fined about twice their annual revenue, because they "accidently" bought one copy of MS Office but had installed it on all 20 company desktops. I know about this because I worked as a technology consultant for one of their MLM clients. The names of these two companies must, of course, remain anonymous in order to protect the guilty.

Jesse Harris said...

Wouldn't Utah's strong anti-SLAPP statutes keep this kind of thing from happening?

Voice of Utah said...

Not really. State anti-SLAPP statutes don't affect claims brought under federal law, and they don't actually prevent the filing of retaliatory or harassing lawsuits. Judges aren't going to review a lawsuit and decide for themselves if it's retaliatory (they are usually worded to avoid that appearance) before issuing an order like this allowing the ISP to be subpoenaed.

Utah has had a statute in place for decades that is supposed to discourage frivolous or harassing lawsuits, but it doesn't kick in until after the lawsuit is underway (and, frankly, isn't applied that often even then). So our concern about disclosure of private information still comes into play.

Jesse Harris said...

Huh. I guess the solution is to move to an ISP with a backbone. I wonder how many of those exist.

Misty Fowler said...

Jesse - I don't know of Pete ever facing anything like this with XMission, but I'm fairly certain he's got that type of backbone (can't wait till he runs again, btw!) Is Xmission an option where you live?