The lawsuit (2:07cv00746) accuses Lorna Davis of "Saint George" of using the peer-to-peer network Gnutella to make available 10 songs for others to download. Actually, the studios say she made 321 songs available, but they only included 10 in the suit. Apparently that was how many they sampled: According to another lawsuit filed in Utah last June against "Does 1-4," RIAA finds its culprits in a fiendishly clever way: By having someone surf file-copying services like any ol' file swapper. When it finds music files available for download -- which takes, oh, about 15 seconds -- it downloads some, logs the date, time, I.P. address of the computer providing them, and then listens to be sure the songs are as labeled. (Considering some of the songs downloaded in Doe -- think Jessica Simpson -- someone isn't getting paid enough.)
So far, we don't have a problem. File-sharing in that way is illegal and, as the anti-immigrant faction likes to remind us, the law is the law. We may question whether a $9,250 fine per song is reasonable -- the Minnesota court did not require evidence of actual harm to the studios, such as proof that the songs had been uploaded by anyone -- and we may wonder about going after 10-year-olds, but it's still theft.
Our concern is this: RIAA's common practice of obtaining ex parte (no notice to the other side) court orders allowing them to get names, addresses, and e-mail addresses of Internet Service Provider subscribers. As an RIAA V.P. said in the Doe case, "Since 1998, the RIAA and others have used subpoenas thousands of times to learn the names, addresses, telephone numbers, and e-mail addresses of infringers" -- don't they mean alleged infringers? -- "for the purposes of bringing legal actions against those infringers." (Declaration of Carlos Linares, June 27, 2007, Warner Bros. Records, Inc., et al., v. Does 1-4, 2:07cv424.)
Obviously, they can't pursue their lawsuits if they don't know a defendant's real name. But the RIAA has made some embarrassing mistakes in these lawsuits (see here and here), so alleging guilt does not necessarily make it so. In our view, subscribers should always have an opportunity to resist the disclosure of their private information before it is a fait accompli.
Admittedly, we don't lose sleep over file-sharing defendants. However, suppose some angry reader filed a lawsuit against an anonymous blogger or commenter that looked legit on paper but was really just retaliatory. Some ISPs provide subscriber information without even a court order if they are notified that a lawsuit has been filed. It's easy to see how that could be abused.
In Doe, the ISP was Off Campus Telecommunications on University Avenue in Provo. The judge's order did not require OCT to tell its subscribers that their identities had been subpoenaed. It may well have done so (we didn't see a policy on its website), but it shouldn't hinge on a particular ISP's internal practice. Courts should require that any subpoena of an ISP contain an instruction to notify subscribers before handing over private info.
9 times out of 10, there will be no legitimate basis to oppose the disclosure of a potential defendant's name and address. It's that other 1 that bothers us.
P.S. We couldn't find a picture of Ms. Davis or Does 1-4, so we'll post this funny "RIAA Lawsuit Decision Matrix" instead, courtesy of BBspot.com. It's worth clicking on to read the full-size image.