BBC BLOGS - dot.Rory
« Previous | Main | Next »

ACS:Law: The leaked list and the Digital Economy Act

Rory Cellan-Jones | 17:18 UK time, Tuesday, 28 September 2010

The names of thousands of people accused of illegal file-sharing have been leaked onto the internet, along with their addresses, and in some cases the titles of adult films they're alleged to have shared and even their credit card details.


Christopher Graham: 'Anyone who holds personal information has got to take their responsibilities seriously'

Information Commissioner Christopher Graham: 'Anyone who holds personal information has got to take their responsibilities seriously'

The ACS:Law case, covered in detail on this site, is obviously deeply worrying for anyone whose name is on the leaked lists, and raises data-protection issues which the information commissioner is now investigating. But are there wider implications for a future campaign of action against file-sharers?

You may remember the hoo-hah about the Digital Economy Act which was rushed into law at the end of the last Parliament. Much of the controversy about the act surrounded measures which might see alleged file-sharers having their broadband connections temporarily suspended.

But that was only ever going to happen as the second stage of an anti-piracy drive. First, the plan is to get thousands of letters sent out by internet service providers to customers suspected of involvement in file-sharing. The idea is that these warning letters will prove a sufficient deterrent, and that there will be no need to move to more draconian action.

But the ISPs, which lobbied hard against the Digital Economy Act, are still furious about its implications. They say it's unfair that they will have to pay some of the cost of the letter-writing campaign - even though 75% will be paid by the copyright owners - and the effect on their relationship with their customers.

The ACS:Law case may provide ammunition to their case. The law firm's technique has involved trawling the internet for evidence of people who are illegally sharing files. That produces a list of IP addresses and the next stage is to get a court order to force the ISPs to hand over the actual names and addresses of the broadband customers involved.

ACS:Law - one small law firm operating on behalf of a handful of copyright owners - appears to have sent out thousands of letters to broadband users demanding compensation for its clients. I've been speaking to just one of those who found himself on the list. He is a Sky subscriber and received a demand for £1,200 from ACS:Law, along with an allegation that he had shared a couple of porn movies online.

He insists he is innocent and has refused to pay. But his anger is directed not just at the law firm but at Sky for handing over his details without telling him. The company points out that it had no choice after receiving a High Court order, and that it cannot contact customers in advance because that might pre-empt an investigation undertaken by a third party.

But the result of ACS:Law's campaign is that thousands of people are now angry not only with the law firm but with their broadband supplier. The ISPs have already estimated that when the Digital Economy Act kicks in, they will end up sending out hundreds of thousands, possibly millions of letters to their customers, with what they believe will be disastrous effects.

TalkTalk, the ISP which has been most vociferous in its opposition to the Act, has already leaped on the ACS:Law security breach as an example of what happens when you hand over customer information. Here's what TalkTalk's Andrew Heaney said in a blog post:
"It's a stark reminder of the dangers of giving out customer details to third parties in trying to combat filesharing. While we do not condone illegal filesharing, we have consistently argued for better ways of combating copyright theft. Handing over customer details to law firms to seek 'compensation', based on accusations from rightsholders, is not the answer."

Mr Heaney says TalkTalk has never handed over customer data to ACS:Law or any other legal firm. Other ISPs suggested that was because no demand had ever been made, but Mr Heaney told me that was not the case: "We're continually approached by lawyers from ACS:Law and other firms and have consistently said 'no'. We've said, 'Let's have a debate in court if you think you've a reasonable case.' None of them have ever taken us up on the offer." He went on: "I'm not going to expose my customers to letters that they would consider bullying and threatening."

TalkTalk, which is seeking judicial review of the Digital Economy Act, seems to be preparing for battle if and when it is put into effect. But others may be less eager to join in. Sky, which of course is both a content owner and an ISP, is keen to stress that it supports action against file-sharers, and may even co-operate with ACS:Law again, if and when the law firm puts its house in order.

But this week's events will certainly make all internet service providers even more aware that they face an uncomfortable period ahead when they may be forced to hand over data which could incriminate their customers.

Comments

  • Comment number 1.

    Illegal file sharers caught short. Oh dear what a shame. There's little sympathy since you are physically tied to your IP address so the porn downloaders are all guilty. And to the inevitable person who always claims they are not guilty that the media like to create/ or dredge up as a counterargument err yeh ok mate we beleive you. Of course if you are not guilty then you'll be telling ACS to try and have ago at you and when they fail you'll see them in court when you counter sue for defamation and subsequently win. And for all the stupid people who got caught downloading porn try a private VPN next time.

  • Comment number 2.

    "Sky, which of course is both a content owner and an ISP, is keen to stress that it supports action against file-sharers, and may even co-operate with ACS:Law again, if and when the law firm puts its house in order."

    You couldn't make it up, could you? It's a wonder they still have customers right now.. you'd wonder how big a gaff they'd need to make before people start leaving in droves.

    To recap, the "safe" ISPs are Virgin Media, and TalkTalk. Some of the leaked emails confirm this - neither company has handed over customer data despite demands, so their customer's details aren't going to be leaked. Sky has lost the most customer details so far, Plusnet has lost a few, and a some encrypted files supposedly from some other ISPs have also been found. Just how long they'll stay encrypted remains to be seen.

  • Comment number 3.

    Having followed the story on TorrentFreak, it's come as a surprise to me that the headlines today have focused on pornography. Metro's front page read something along the lines of "Names of people illegally downloading pornography released" the BBC had a similar headline this morning. It's almost as if it isn't important enough unless it involves porn... I'm fairly sure that the majority of the names were not for pornography.

    It's worth mentioning that the personal details (some including bank account details, telephone numbers and addresses) are still available for anyone to get hold of. This isn't something that has been fixed, this is something that thousands of people around the world now have. ACS:Law should NOT be trusted with personal details, and the fact that Sky would co-operate with them again is shocking!

    ACS:Law should go under for this. Not only for their poor data protection (unencrypted email attachments) but for thier scaremongering tactics, and the fact that they are working to make a profit. It isn't about copyright with them, it's about easy targets and making money.

    As you touched on in your blog, any ISP that comes down on File-Sharers is going to suffer. The most recent figures were an estimated 7 million in the UK - of those questioned, I'll bet that a large percentage were untruthful, and that the figure would be closer to 20 million; There are probably only 25 million in the UK with an adequate internet connection and large enough hard drive to even bother in the first place.

  • Comment number 4.

    @gusone - it's perfectly plausible that somebody could be wrongly accused. ACS:Law based their accusations on the access logs held by the ISPs, which from personal experience may well have been gathered by a script that was written by a junior sysadmin or a placement student.

  • Comment number 5.

    1. At 6:24pm on 28 Sep 2010, gusone wrote:
    Of course if you are not guilty then you'll be telling ACS to try and have ago at you and when they fail you'll see them in court when you counter sue for defamation and subsequently win.

    =======================
    I'm no lawyer, but i'm pretty sure it's simpler than that anyway. This legal firm has lost people's financial details, including credit card numbers. And a handy list of names and addresses of those who "may have suffered financial loss as a result" is available for every law firm in the entire country.

  • Comment number 6.

    > gusone wrote:
    > Of course if you are not guilty then you'll be telling ACS to try and have ago at you and when they fail you'll see them in court when you counter sue for defamation and subsequently win.

    How many people, innocent or otherwise, are willing to gamble in what is still a terribly grey area thanks to our technologically impaired government? Would you also be willing to associate yourself publicly with the kind of titles (notice that the BBC can't even publish them) being targeted?

    Something needs to be done about file-sharing, but intimidating people for the sake of profit (less than 10% goes to the actual rights holders) is not the answer.

    Crossley's own adviser expressed grave doubts over the validity of the methods. I believe he said a first year statistics undergraduate wouldn't have trouble nullifying their case in a courtroom. They've also had clients leave who were sceptical about their ethics and legality.

    I'm guessing mainstream media can't report the juicy stuff from the leaks for legal reasons, because they seem to be completely ignoring it.

  • Comment number 7.

    There are three headlines here depending on your perspective:
    1. Alleged porn file sharers have their details leaked online
    2. Anarchist network targets law firm involved in anti-piracy drive
    3. Law firm security errors cause thousands of card details to go online.

    As a security professional, it's the last of these which gets my focus. In the process of restarting their website following an attack it seems that ACS:Law or it's IT services company left a gaping hole for several hours. This allowed someone to steal information which anyone would want to be kept private. Remember, none of the people who's details have been leaked have been found guilty of file-sharing! It also causes the leak of legally privileged information and full credit card details including the "last three numbers on the back of the card". This last point is particularly worrying as credit card industry regulations demand that card numbers be encrypted and the "digits on the back" are never stored.

    By my reckoning, in not encrypting their information and allowing their computer defences to be weakened so that anyone could wander in and take this information they've broken laws, codes and regulations including The Data Protection Act, The Payment Card Industry Data Security Standards, and Law Society standards on data protection and legal privilege.

    You'd hope a law firm would know better!

  • Comment number 8.

    I would suggest that this has very little to do with illegal file sharing or the conduct of ISPs and everything to do with legal malpractice. Knowing little about ACS:Law, I sought out their web site only to find that it has been taken off line. Checking their Wikipedia entry, I find that "its only registered solicitor,is Andrew Crossley . . (who) has twice been found guilty of conduct unbefitting a solicitor by the Solicitors Regulation Authority . . (and that) in August 2010, the Solicitors Regulation Authority confirmed that Crossley was being summoned to his third disciplinary tribunal, in response to ACS:Law's action against suspected file sharers".

    It seems to me that any legal professional who is reduced to publishing the confidential bank information of people against whom they have failed to secure judgments is dragging their profession into a state of such disrepute as to be unfit to practice law. The practice of file sharing in copyright material may well be unlawful but, in the great scheme of things, pales into insignificance compared with possible gross professional misconduct in what is supposed to be a trusted and trustworthy profession.

  • Comment number 9.

    @gusonone

    You are only tied to your IP address if you have a static IP - companies usually charge extra for this which is why the vast majority of people have a dynamic address.

    Checking through their emails, I'm surprised that someone with the email address XXXXXXXX.legal@btinternet.com should be acting as a locum for ACS-Law.

  • Comment number 10.

    As a musician and composer I have an interest in seeing unauthorised sharing of copyrighted material stopped.

    However, I find the tactics of thug lawyers as distasteful as the mindless immature fools on 4chan - they probably deserve each other.

    And in the middle are a huge number of people, some of who have shared stuff they shouldn't, and many that probably haven't, but are being forced to prove their innocence or just pay up.

    Out legal system is not meant to work like this - we should not allow companies like ACS:Law to operate.

  • Comment number 11.

    This comment was removed because the moderators found it broke the house rules. Explain.

  • Comment number 12.

    A few things of interest here.

    1. The key word is "alleged". Innocent until proven guilty and all that.

    2. The silence from Sky News is truly deafening. Nothing on their website at all. So much for "First for Breaking News"...

    3. If you're on Virgin Media (VM), you're name won't be on the list. ACS:LAW never went after VM customers due to the well known issue of cloned modems.

    4. There is an email chain that shows documents had password protections deliberately removed before being backed up on a web server. Not an encrypted file on a secure server, or even a USB drive stored in a safe overnight, but a public-facing web server!!!!! It would have been more secure on a pen drive or left in bar.

    5.Many of the titles alleged to have been downloaded do not have a BBFC rating and cannot be legally sold in the UK. Therefore, there has been no loss.

    6. There is a huge potential for damages here. If I were accused of downloading hardcore pronography, I wouldn't be too worried. But imagine the effect on teachers, social workers, doctors etc. etc. A mere allegation can be enough to end a career.

    7. For all those who say "serves you right for being a pirate", I leave you with this thought. Pray that a letter demanding £500 "or else" doesn't land on your mat because someone mis-typed your broadband IP address.

  • Comment number 13.

    Hi all.
    I'm a certified PC tech, no matter what security you have on your wireless modem/router IE your wep/wpa key it can be hacked, so anybody within your modem/router range can gain access to your Internet connection using the correct software which can be downloaded from the net for free. The only way to stop this is not to have a wireless network, i can pick up my wireless network 80 meters from my house. So if some one wants to sit outside in a car or van using my Internet connection to download music and films then they could it's not hard. From what i have been told regarding the Acs law leak not only was it porn but quite a few down loads of music by scooter, and that most of the people that payed up, admitted it in reply to the letter they received, so if you are a sky broadband customer and you are unfortunate enough to receive a letter from Acs law do not admit to anything let them prove that it was You and You alone that downloaded the music or film. just because they have your Ip saying that a film or music was downloaded to it, doesn't mean that it was you when it could have been anybody within you wireless network range.

  • Comment number 14.

    So, you have to share files online to get caught up in this ...right?

    This is new to me....we don't have this kind of newsite (CNN is not like this, I do not think) here, so I have to come here to find out weird news about this stuff.

  • Comment number 15.

    I find it both amusing and disturbing that this company appears to be saying...YOU are responsible for YOUR computer, YOUR internet connection and anyone using these with your consent or not, so pay up now.
    However, when the Information watchdog investigates this mess, with he possiblility of a large fine at stake, will it then be a case of...We are not responsible for the leaking this information, we were hacked, our computers and internet services were obviously misused? Can anyone else see the potential double standards here? It will be interesting to see how they handle this.

  • Comment number 16.

    Firstly, having your IP address does not mean it was you who downloaded the files. Neighbours can hack into wireless broadband connections fairly easily as can someone in a parked car. Especially if the default name/passwords are used during set up. Even the hard-wired modems have been accessed via the telephone line junction boxes
    It is not file sharing that is the problem and it can never be resolved anyway. We need to go back to basics.
    Why are film stars, pop groups and singers paid more individually than all the scientists’, academics and medics put together. Our priorities and values are totally wrong.
    Pop groups, singers and others are all paid for years into the future for simply a few days work. Sure it takes time to train and some are gifted but so are scientists and doctors who generally only get paid for the work they do. They do not normally receive royalties from every patient they treat or every discovery they make.
    Pay the entertainment industry in the same way. Turn up for work and get paid for that day. The resulting DVD/CD/download covers the material costs and management. There would be nothing to steal and so put an end to the pirate law industry.

  • Comment number 17.

    ACS:Law claim in their letters that the IP address alone is enough to "prove" guilt.

    Yet when questioned on the leak, the BBC article says this:

    "All our evidence does is identify an internet connection that has been utilised to share copyright work," he [Andrew Crossley] told BBC News when pressed about the lists of personal data.

    "In relation to the individual names, these are just the names and addresses of the account owner and we make no claims that they themselves were sharing the files," he added.

    Well Andrew, which is it? You can't have it both ways.

  • Comment number 18.

    What I don't get is why anyone would be illegally sharing adult movies in the first place.

    There are countless websites out there taking the youtube model which allow you to download them for free after all.

  • Comment number 19.

    10. At 10:17pm on 28 Sep 2010, Hastings wrote:

    As a musician and composer I have an interest in seeing unauthorised sharing of copyrighted material stopped.
    ----------------

    Really? Do you have a myspace? Stream your music somewhere for exposure? Because this is pretty much the same thing as allowing people to download for free, what does the source matter?

    Produce something that people want to listen to and they will pay for it by choice, this has been proven time and again via "pay what you want2 schemes as well as studies that show illegal filesharers are also the largest spenders on music and movies, especially on those niche areas that without the sharing they would have likely never stumbled accross in the first place.

    I know several musicians who have seen massive improvements in sales by tagging their music with the phrase "feel free to share and only pay if you enjoy" in recent times.

  • Comment number 20.

    PcGeek wrote:

    Hi all.
    I'm a certified PC tech, no matter what security you have on your wireless modem/router IE your wep/wpa key it can be hacked, so anybody within your modem/router range can gain access to your Internet connection using the correct software which can be downloaded from the net for free.

    ########

    In addition to encryption, I also have my router set so that I have to authorise a specific MAC Address first before that machine can have access.

    Does that help?

  • Comment number 21.

    hackerjack wrote:

    10. At 10:17pm on 28 Sep 2010, Hastings wrote:

    As a musician and composer I have an interest in seeing unauthorised sharing of copyrighted material stopped.
    ----------------

    Really? Do you have a myspace? Stream your music somewhere for exposure? Because this is pretty much the same thing as allowing people to download for free, what does the source matter?

    #############

    But that is my choice - I choose to allow people to download lower quality versions of some of my music for free if they wish. Or they can choose to buy the high quality version from places like iTunes.

    However, I also write music on commission for others, and those pieces are NOT available as a free download, and the clients would not be impressed if they were. It should be up to me whether I allow someone to have my work for free, not decided by the downloader and/or hacker.

    As for the rest of your post, the evidence is all over the place. Some file sharers do also pay for downloads, some never do - many people out there have huge collections and have never downloaded illegally - it seems the two sides of the argument just cherry pick the statistics.

    Before home taping became easy (and cheap) this was really such a small issue. Yes, you got bootlegs (they were often dreadful and you still had to buy them), but most people did not stomp around demanding that they got given singles for free. They either bought a copy for themselves to play when they liked, or they listened to the radio. Why is that philosophy such a a difficult concept these days? I don't think this is anything to do with some weird concept of freedom or rights, I think it is just that society has got more greedy.

    Also you are limiting this to music and movies; illegal file sharing is also about downloading hacked versions of software like photoshop and MS office and hacking e-books is on the increase. I am not sure the justification of someone saying "I bought some pencils, so I should be allowed to use £2000 worth of graphics software!"

  • Comment number 22.

    @Hastings
    It will help but again it a MAC address can be spoofed so someone who is able to get past your WIFI encryption is likely to be able to spoof a MAC address.

    I have to point out that wifi hacking and mac address spoofing while entirely possible not many people are likely to do it so I wouldn't instantly go and switch off your wireless router and go wired (unless you want increased performance :))

  • Comment number 23.

    @AndyD

    Heh, yes, I wasn't planning to turn it off - the smart phone users in the house would riot!

    However, my location means that anyone wanting to use my wifi would be sharing parking space with my neighbours cows, so I am not overly worried. All the desktops are also wired, since that is rather more reliable and one hell of a lot faster.

  • Comment number 24.

    Rory,

    I agree with a lot of what you're highlighted here. However, you've completely ignored the illegality of what the hackers did in the ACS:Law case. Hackers are usually glorified for what they do by the media, which sends a very wrong signal as if to say people who're hacked are to blame entirely instead. Yes, those that store private data about members of the public have a responsibility in ensuring its safe-keeping, but the law against hacking should not be undermined by the media. In the same way that burglers who steal from locked or unlocked homes are breaking the law, so are hackers.

    There are several angles to this story, but focusing only on the bits you don't agree with in the Digital Economy Act does not do much justice.

  • Comment number 25.

    To anyone interested I would suggest getting hold of a copy of "The speculative invoicing handbook" (just do a search for it)which is a great place to get some initial information regarding these payment demand letters.

  • Comment number 26.

    17. At 08:08am on 29 Sep 2010, Dave wrote:
    ACS:Law claim in their letters that the IP address alone is enough to "prove" guilt.

    Yet when questioned on the leak, the BBC article says this:

    "All our evidence does is identify an internet connection that has been utilised to share copyright work," he [Andrew Crossley] told BBC News when pressed about the lists of personal data.

    "In relation to the individual names, these are just the names and addresses of the account owner and we make no claims that they themselves were sharing the files," he added.

    If VM and TT refuse the court order, then does this make it invalid as the court order is either sufficient or not?
    If ACS declined to pursue VM and TT does this mean they know they have insufficient evidence in the court of law?

  • Comment number 27.

    @EMC

    The ACS computer wasn't hacked, it had a DDOS attack which is just bombarding it with data and basically rendering the site unattainable. the site was taken down and brought back up by the IT at ACS, it is they that gave access to the root of the server to anyone that typed in the web address. anyone visiting the site would have seen the folders on the first page and had full access.

    If you had gone to the site on Friday during the period they were exposed you could have read them all.

  • Comment number 28.

    The action of bullying is rife - they attack the weak and vulnerable

    People implicated in downloading Porn are more much likely to settle out of court - guilty or innocent - shame factor.

    IP address - serious sharers can get around this simply - so only the mugs & the innocent are caught.
    Most sharing sites spoof IPs as red herrings most are false - some are real

    I just did a test with a low cost (Eur0 11) piece of kit and found 47 open Wi-fi routers where I can use their IP to download problem material.
    No hacking is needed.

    The site rip of ACS law - it makes very interesting reading

    If ACS law was 5% professional this could never happen. Hope they get hammered

    Most UK people do not have the money or expertise to stand up in court to refute to such accusations - the 300 pounds makes it cheaper to settle than hire a lawyer.

    Many older people will be (soft) targeted just because they do not know how to secure their connections - they will settle out of fear and intimidatiob while they did nothing wrong

    Virgin is not stupid they know full well why customers buy premium fiber 100Mbps service - they do not want all these prime customers to be banned - so they use variable IP address to protect them.

    ACS is in the business of easy cash in

    A few years ago some countries put a tax on audio cassettes to take care of copying
    I pay Eu 10 per month to watch all the movies I can see and also to store them - I get 200 digital radio stations

    Surely a fair monthly "download" tariff on Internet connection would serve all parties.
    In the end you can only listen to so much music and only watch so many films

    Much of the lost revenue in the music industry is caused by switching to individual tracks on i tunes and not whole albums so people cherry pick.

    Average file sharers pay for more legal contant than non sharers

  • Comment number 29.

    Hastings wrote:
    "I don't think this is anything to do with some weird concept of freedom or rights, I think it is just that society has got more greedy."
    You've hit the nail on the head. Greed has led to the phenomenon of file sharing but not the greed of those I suspect you are referring to. In the old days, you harp back to, making a record was relatively expensive. Pirates couldn't make high quality copies as you so rightly say. A quality copy would need to be sold at a similar price to the original in order to make a profit which would negate the purpose of making one. Nowadays a CD or DVD costs pennies to produce. It costs a legal online distributor virtually nothing per copy to supply music and movies.
    With the introduction of digital media, costs per copy have been reduced even further but prices have continued to rise "because it's higher quality". Conveniently the reduced supply costs are brushed the under the carpet as always.
    Society takes it's lead from those at the top. The entertainment industry is guilty of instigating the greed. The world watched as the they rode on their over inflated egos using technology to feed their greed for ever increasing profits whilst giving back nothing in technological cost savings to the hands that were feeding them.
    Then the internet exploded, file transfer became easy for millions of people and the entertainment industry was caught napping. Their overvalued balloon has burst, the market has changed, the party of excess is over. It's time for them to bring their egos back down earth and accept the reality of the world they're living in.
    This shouldn't be a bad thing for them if they can grasp the concept of very low per copy profits selling into the massively increased market. The iTunes model does not answer that. £10 for an album when you don't even get a hard copy with a pretty case ... get real! They need to be looking closer to 10p for a song and £1 for a downloaded album to make it not worth people's effort to share.

  • Comment number 30.

    @quber1

    I wouldn't disagree with that because I don't know the exact details of what transpired in this case. However, ACS are claiming their systems were broken into, or something to that effect.

    It is also true that the media have some sort of glamorous spotlight shining on hackers.

  • Comment number 31.

    It's interesting to see a few common mistakes in the user comments on this article. Bust also it's good to see some people (e.g. PCGeek and Hastings) pointing out the security we should all be looking at on routers etc.

    However, it is important to remember that unlike Gusone said - you are not tied to an IP address. Firstly it depends on your ISP, and these address can change therefore depending on what system they use to assign addresses. Secondly some sites (and therefore possibly trackers for P2P networks etc) don;t see your IP address but a gateway or dynamically allocated one - e.g try downloading form sites such as megashare or similar and you may find it wont allow you to because your IP address has downloaded xyz bytes of data - and you know you haven't.

    Also, IP addresses tend to be assigned (but not always) by recognition of the MAC address of the router or your computer if on a LAN. These MAC addresses can be easily spoofed and therefore if this is the case then your computer is actually run by someone else. Indeed for unsecure Wi-fi connections anyone with a moderate knowledge of linux based wi-fi applications can, with a compatible wi-fi card/dongle, hack someones wi-fi connection within an hour just by sitting in their car.


  • Comment number 32.

    1. At 6:24pm on 28 Sep 2010, gusone wrote:

    Illegal file sharers caught short. Oh dear what a shame. There's little sympathy since you are physically tied to your IP address

    BTFon is a wonderful thing.. It can tie at least 15 people to my ip address this month...

  • Comment number 33.

    This comment was removed because the moderators found it broke the house rules. Explain.

  • Comment number 34.

    @EMC

    You didn't actually expect ACS:LAW to admit they broke the DPA by putting all that personal information on a public-facing web server.

    The best defence is a good offence.

  • Comment number 35.

    Yet another good reason not to use Sky and well done Talk Talk for standing up for their customers.

  • Comment number 36.

    Fujikid wrote:

    "In the old days, you harp back to, making a record was relatively expensive. Pirates couldn't make high quality copies as you so rightly say. A quality copy would need to be sold at a similar price to the original in order to make a profit which would negate the purpose of making one. "

    Actually, getting the vinyl pressed was dirt cheap (also pennies, especially in Hungary) and there were various pressing plants around that would not question the source material. Quality was fine, and getting the plates made up from the cuts was not a problem - most of the pressing houses would do it. That was why small bands managed to afford to press up their demos for sale at gigs.

    Where it fell down was in the recording. Mostly these were not copies of other records (though some were) as since both had to be bought people would go for the original, rather they were often illegal concert recordings. Some actually were quite good and were taken off the back of the monitor desk on stage or even out the back of the mobile unit if there was one. But many were somebody standing in the crowd with a stereo pair of mics pointed more or less at the front of the stage.

    It was with cassettes that the big change happened - open reel recording was prohibitively expensive so had never been a problem. Suddenly people could copy their friends albums, not great quality, but you could do it. This home taping was suddenly a major issue as it was happening on a huge scale. A person might only doing a few copies, but thousands of people were doing only a few copies each - it started adding up.

    Strangely, the record industry, realising that this was uncontrollable, came up with a simple system - add a levy on blank tapes and people would be free to home tape as much as they liked. But there was an objection by the few people who used cassettes for recording their own voice and so on, so it never happened.

    With modern media, there isn't really an equivilent that I can think of, unless it is charging a small royalty tax on everyone's internet connection - but I cant see how that would work. And anyway, all those thousands of people who download illegally would suddenly start yelling "civil liberties" about it.

    One more thing about "greed." I think this is a trend in society that goes back way before the internet and has nothing to do with the entertainment industry. I can think back to Cabbage Patch Kids and parents almost fighting each other in toy stores to get the last one for their precious little kid. Greed is an offshoot of consumerism. Once everyone has the idea that they can buy anything, then they suddenly want everything.

    When there was no such thing as software and everything was hardware, then the only way to fulfil the want on a low budget was to shop lift - and most people would not do that at any price. However, with entertainment now being neatly downloadable digits, suddenly, shoplifting is so easy, and the risks so low, that loads of people do it.

    It is still shoplifting, sort of, but it is easy to convince yourself it isn't if you dont have a physical CD in your hand.

  • Comment number 37.

    @gusone, please stop posting incorrect information.

    An IP address is tied to a customer account for a period of time. It is not tied to a computer, it is not tied to an address, and it is not tied to a person. No matter what security you use, there is always the chance of your network getting hacked. Nothing is 100% foolproof.
    Thus, you can never know who actually did something on a network.

  • Comment number 38.

    #34 @Darren

    It's for the Information Commissioner, not me nor you, to determine whether ACS Law broke the DPA. You and I can only speculate.

    Reading through some comments above, what I find rather absurd is the insinuation that all (or at least the majority) of those named on the leaked listed, are well and truly ignorant about the porn-sharing allegations. I appreciate the difficulty of linking any one individual to the 'offence', but to claim each and everyone of them is a victim of some perverted hacker is just ludicrous!

  • Comment number 39.

    We now have the issue where BT are not only being investigated over a DPA breach, but admit breaching a High Court order. Namely sending customers details by email, in an unencrypted spreadsheet.

    I can see Chief Master Winegarten being very displeased about the blatant Contempt of Court

  • Comment number 40.

    One thing that always seems to be skipped over is the ease of which people can stream copyrighted content. I suppose it's not often mentioned so as not to advertise it's availablity, but there are thousands of sites, just like Youtube, out there where a user can type in a film and just stream it through their browser.

    @ Hastings: "With modern media, there isn't really an equivilent that I can think of, unless it is charging a small royalty tax on everyone's internet connection - but I cant see how that would work. And anyway, all those thousands of people who download illegally would suddenly start yelling "civil liberties" about it."

    It's quite a few more than thousands; and besides there are millions who are crying out for an alternative in the new digital age. I'd gladly pay a royalty tax on my broadband connection... perhaps £1 per month per MB(connection speed, not amount downloaded... that would be insane!) - which would allow me access to an unlimited amount of movies/music/software.

    Unfortunately the technically backward government and the entertainment industry that is still living in the 80's would have no idea how to set up a system even half as efficient as torrent clients and indexing websites.

    The people that share on a huge scale, the people that set up the websites to stream and share, the people who program applications and release them for free are shaping the future of the internet. These people, for right or wrong, are always going to be 10 steps ahead of legislation and investigations. They are passionate about their cause and will always be the first to experience and create the new technologies that the rest of us plebs will use or see in the news years down the line. With a huge interest in hardware and software development, they do this kind of thing for fun.

    The authority (for lack of a better word) will never be able to catch up because they will never be able to motivate anyone enough to learn, and to continue to understand, at the same pace as technology is moving.

  • Comment number 41.

    24. At 11:43am on 29 Sep 2010, EMC wrote:

    In the same way that burglers who steal from locked or unlocked homes are breaking the law, so are hackers.

    =================
    Ermmm... no. Not really.
    The "hacking" involved here is basically on the same level as protesting outside a shop, and having such a massive amount of people ("traffic") there that "real" customers can't get in. Kinda like a glorified picket line. Of course, this can lead to financial loss for the company effected (due to less business, and cleaning up the mess after), and media coverage for the protesters.

    The "real hacking" involved is that to increase the numbers, they could have used botnets ("zombie" computers) to help, but the concept is still the same. So yeh... imagine some of the picket line being made up of zombies if that helps... and down goes the site after a few too many zombie protesters are clogging up the doorway...

    What ACS law have done, while trying to bring their services back up, they've left all this confidential information publicly available on their website for every man+dog to take as many copies as they like, no "hacking" required. Just show up and take one. And they apparently left this there for HOURS.

    Since all these protesters were milling about, it was no surprise that some of them took a copy. Which leads us to where we are now...

  • Comment number 42.

    I would be interested to know exactly how many people ACS Law have successfully prosecuted in court over alleged file-sharing? I suspect the answer is one big fat ZERO.

    Their tactics are exactly the same as the private parking company scammers, who tell you you've illegally parked your car, and must pay the penalty charge. It's nothing but a scam. Everybody who receives a letter from ACS LAw should refuse to pay, I'm willing to bet ACS will send a few more threatening letters, but won't have the courage to take a test case to court, as (if they're any good as lawyers) they already know it will be thrown out. They rely on people's ignorance and fear for an income. This unwholesome and unsavoury practice needs to be banned, it's actually worse than file-sharing, and probably as illegal.

  • Comment number 43.

    @ grusone. excuse me but an IP address points to the bill payer and that is all. Its is also very easy to spoof. On top of that WPA encryption (what your router uses) can be broken in 3 minutes with no special hardware or tools. What you are suggesting is that everyone accused is guilty and should have to prove thier innocence which is simply impossible unless you are suggesting that people homes should be raided and equipment stolen. At the end of the day copyright "theft" has existed since the introduction of sheet music. It was also a "misdomeaner" crime until the introduction of the mandybill. A bill that was rushed through on the principles of capitalism and NOT democracy. I hope one day you recieve letter threatening menace for something you didnt do.

  • Comment number 44.

    Unfortunately I was moderated out yesterday but I do think my comments were correct seeing the horror stories of this morning.

  • Comment number 45.

    @Salamol

    You make a simple but good point about technology evolving. As part of the entertainment industry, actually they are not living in the 80s and in reality push the boundaries of internet development continuously.

    However, I know from some of the more reasonable people in the industry that they feel that they are banging their heads against a wall. Because information technology will without doubt get faster and cleverer, they feel their only recourse is to preach their message, to try and get people to understand that if you take something for nothing that you are meant to have paid for, then you are either stealing, or dealing in stolen goods.

    The actual law on this is clear and surprisingly easy, but a huge amount of the public, people who are not natural criminals, just don't get it. The feeling is that it is because there is not a tangible, physical lump of something involved.

    If it is a CD - yep, that would be stealing something, but if it is just the software contents of the CD, then no it is not.

    I think that the lawyers of the big companies have gone overboard and will achieve nothing - I suspect that ACS is making more than they out of this - and they are just making the message sound like a big corporate bully. Bad marketing all round.

    Then again, if John Lewis put up big signs around their stores that shop lifting was illegal and they will catch you and prosecute you, the vast number of people would think that was perfectly all right.

  • Comment number 46.

    We had a member of 4chan in an online game I did a little work on. He was spouting on about how piracy was fine and the record companies could go ... well, he was less than polite about it.

    Later that day, another player broke into the 4chan's virtual house in game, and stole his virtual veggies (note that in this game items do no cost real money, you only pay monthly to play).

    The 4chan went through the roof. We had days of ranting and raving about how he had been violated, how the other person should be banned from the game and how we should compensate him financially.

    You would have thought from his earlier lofty position that he would have been happy about his veggies being taken without his permission.

    Strange that.

  • Comment number 47.

    #41 @Calaba

    Sigh!

    #46 @Hastings

    Indeed! It seems it's not so funny when one falls victim of this otherwise inglorious activity, as this story highlights too:

    http://uk.news.yahoo.com/21/20100930/tuk-men-charged-over-online-money-theft-6323e80.html

    Funny though, that it appears the suspects in that case have only been charged with money laundering.

  • Comment number 48.

    Companies like ACS:Law are the equivalent of wheel clampers on the internet and just as private wheelclamping has been banned, so the Digital Economy Act will have to repealed or reformed to stop it becoming a charter for internet scammers.

  • Comment number 49.

    46 - Hastings: The trouble with your comparison is there is something that you can point to and say "That's a loss" He paid for his item, (via his suubscription) and it was taken from him. The file-sharing angle only provides a loss of "potential sales", and there is great debate as to whether that counts as a loss. There isn't even a cost to the manufacturer, as file-sharing is done primarily via peer to peer or through filelocker websites, so there's no storage or bandwidth cost to the manufacturer.

  • Comment number 50.

    Hastings - It's not clear whether you're deliberately attempting to mislead people, or you're simply ignorant, but it is clear that you are wrong when you say "if you take something for nothing that you are meant to have paid for, then you are either stealing, or dealing in stolen goods". Copyright infringement is not theft, and the laws dealing with them are very separate and very different.

    Part of the reason that the media industry gets so little public sympathy is because of their constant hectoring lies. It's not 'piracy', it's not 'theft', it isn't like stealing a car, and home taping didn't kill music. The best thing the industry can do at this point would be to shut up and stop demonising their customers and potential customers.

  • Comment number 51.

    @_ewan

    No, I am not being misleading.

    You are talking of copyright infringement - actually the term is Breach of Copyright as defined in the 1911 copyright act and extended in the 1988 act. It is a criminal offence and is treated the same as theft. So, yes, it is like stealing a car, in the eyes of the law, though rather more complicated to demonstrate - and that is where it all gets messy.

    @DuellistOrigins

    That is the problem - it is not clear. Actually, whether it is about potential sales or not would depend on how you obtained it.

    For instance. if someone leant you a CD and you copied it, then your potential sales argument might work, though if the CD says "do not copy" on it, then I am not sure if the potential sales argument is even relevant.

    However, if someone broke encryption or bypassed security measures on a website or even didn't hack into anything, but simply downloaded from an area where they should not, basically they intentionally took steps to avoid paying, then that is directly obtaining something that they should be paying for - and that would be theft.

    File sharing is a bit more complicated, from what I gather. In that case, one person goes to the trouble of creating a distributable file which is in breach of the copyright - everyone else that shares that file and assists in its distribution is also guilty by association.

    The problem is probably that it IS so complicated. Maybe if the copyright act of 1911 (which has many of the basis for all this) had been written to clearly define someone's creative work as a physical object, then at least the arguing around the semantics would be not so complicated. However, it was defined as someone's property, and that they have the right to assign how that property is used to individuals.

    In the end, no one has an automatic right to something belonging to someone else - neither do they have an automatic right to copy it, listen to it or do anything else to it. If I compose and record a piece of music, surely I should have the right to decide if anyone can listen to it and under what circumstances? If I want to give it away free, that is my choice. If I want to charge, then that should be respected. If I dont want anyone to hear it apart from me and my family, then, that again should be respected.

    Although I have little sympathy with how the record companies have dealt with this, and none at all for the lawyers who make a fat wage, I am bemused by the argument from those that file share without permission that if I try and stop them I am somehow infringing their rights.

    Why? They didn't write the piece of music or film or book, or fund its production. How are their rights infringed here?

    It brings us back to where this started - greed. Everyone goes on about the greed of the record companies (which it true enough), but less is said about the greed of the individual who will obtain illegally a piece of music simply because they don't want to or cannot pay for it.

    This is not something essential to life - if you cannot afford it, do without.

  • Comment number 52.

    Just a little side note on this story. A quick search on google trends (at the time of writing) for acs law -

    http://www.google.com/trends?q=+acs+law

    shows the top 9 cities searching are British but in at number 10 is Washington DC.

    Seems our friends across the pond are keeping an eye on this.

  • Comment number 53.

    51. At 6:54pm on 30 Sep 2010, Hastings wrote:
    Why? They didn't write the piece of music or film or book, or fund its production. How are their rights infringed here?


    They bought a copy. Bought, not rented. They believe they are free to do with it whatever they please. Either throw it out of balcony, burn it in a fire... Or simply invite some friends to look at the copy they bought. Or maybe lend it to the friends. Or maybe even share it with them.

    If everyone just wants to keep their work for themselves, why make copies then? Probably to sell them and at the same time retain the exclusive right to copy them. But they never said the users don't have the right to share their copy with other users. In fact this was often encouraged, so that other users might also want to buy their own copy.

    It's all a mess to me.

  • Comment number 54.

    The process and policy here is relatively simple:

    + ACS Law have been asked to check out filesharers - OK, individuals have a right to complaint and prove their innocence.

    + ACS did not control the personal data records - as a legal firm they and the provider who failed to ensure data security should have the book thrown at them.

    That this problem has arisen from BT, is no surprise, the business is characterised by incompetence and bureaucracy on a massive scale. I trust the Information commisioner will fine both companies significantly. In the case of BT it should be millions - given the deficit we need the money.

  • Comment number 55.

    Having read some of the stories on the BeingThreatend site and some of the comments on here, it seems apparent that anyone with a WiFi connection is at risk of getting one of these letters.

    The breach of privacy is bad (very bad) but isn't the real issue here how we find ourselves with a legal system that supports bullying of innocent people on the basis of flawed / unproven evidence such a profitable activity?

    With all respect to the dotRory blog, this really ought to be getting a much higher profile.

  • Comment number 56.

    #54: 'ACS Law have been asked to check out filesharers - OK, individuals have a right to complaint and prove their innocence.'

    Aside from over-turning concepts of burden of proof, you must surely recognise that it will be beyond the technical and financial reach of the majority of people accused to defend themselves against this sort of litigation machinery?

    For me this is very much not OK and outweighs any good they might possibly do by catching genuine pirates



  • Comment number 57.

    Remember details were not stolen from ACS:Law. ACS:Law made them free available over the internet, just like the BBC makes its stories freely available from www.bbc.co.uk. You click a link, your browser asks the server for data, the server returns data and you read the contents.

    Anonymous [from 4chan] only returned the favour to ASC:Law. Remember ASC:Law were attacking other websites first using a Denial of Service attack. ASC:Law made the mistake of thinking they had the biggest guns. The irony is ASC:Laws' site is now mirrored on the site they originally attacked. Denial of Service attacks are illegal in British Law, if anyone is interested. And there is no botnet, Anonymous are the botnet.

    If someone steals your car then ram-raids the local electrical shop, are you guilty of the ram-raid? Should you expect a letter from the DVLA demanding £500 to repair the window? No, that would be ridiculous.

  • Comment number 58.

    Given how prolific file-sharing is, be it music, porn or whatever, I don't think the perpetrators are necessarily those that are piggy-backing on someone else's unprotected or hacked wifi. Both sides of this argument are exploiting loop-holes in the law for their own benefit!

  • Comment number 59.

    What really gets me about this is the implication that an IP address is the same as an individual. It most certainly is not.

    It would be good to get some legal understanding on what would be required by ACS:Law and people like them to first of all identify an individual and secondly to prove it was them who shared the files concerned.

    Without some serious forensic examination of kit I cannot see that they would be able to do this. With this in mind, everyone who receieves a letter from these firms should simply deny it.

    If more worryingly the law assumes the account holder responsible rather than an individual then this is a whole new kettle of fish and needs to be made absolutely clear. I cannot see how this can be made law as there is not enough protection or information available for the avergage consumer about making your wireless connection safe.

    I think that the law needs to be made very clear. Is it the individual or is it the account holder who is responsible?

  • Comment number 60.

    Re:
    53. At 08:44am on 01 Oct 2010, gregor3000 wrote:

    They bought a copy. Bought, not rented. They believe they are free to do with it whatever they please. Either throw it out of balcony, burn it in a fire... Or simply invite some friends to look at the copy they bought. Or maybe lend it to the friends. Or maybe even share it with them.

    *********

    I'm not an expert, but in buying the product, they did not buy the right to do with the product what you wanted. The terms of the contract are detailed but specific. The material at all times belongs to the copyright holder, you merely have purchased rights to use the material in a limited number of ways.

    Copyright law is very detailed, encompassing and precise. Virtually everybody has violated it at one point or another with music, film or PC software.

  • Comment number 61.

    @60. While I follow the concept of the buying a license for use system, I'm curious whether we ever need to be told this. I can't say I've ever really read a CD case closely, but do they state on them you're only buying a license? Presumably, unless you enter into some form of contract, (and I believe a recent court case, admittedly in the US showed that things like a EULA don't really count), how are you only buying a license? You've bought a CD, and you've also bought the collection of 1s and 0s it contains.

  • Comment number 62.

    I made my opinions clear on this subject a while back,and now it is all coming back to haunt them all,yes I am against illegal file sharing,as i pay for all of my music,but most UK households don't know what their children are doing in there name,as parents are not net savvy,kids always d/l music,video's etc and their parents just don't know till the letter comes through the door,but on the other hand,a lot of music (online) stores have not long put up the prices by 30% for single downloads,that's a lot of money for just one track,if they keep hiking it up,there will be no music industry as such,as bands/solo's don't make hardly any money from it as it is.
    the music industry must stop thinking of itself as god and as James brown said (god rest his soul) get on the good foot and make peace.....

  • Comment number 63.


    I dont see how ACS can prove a thing, an IP address can be used on any machine. I am writing this on my home PC. I could set the IP address to any other IP address in the world in under 30 seconds.

    In most personal computing devices the MAC address is built into the network card but again there is nothing to stop someone building a network card with a reconfigurable MAC address.

    These firms of lawyers peddle fear and work on margins built up on a statistical basis of those who will comply to avoid a fuss and a certain percentage of the mud flung sticking, they are the adult equivilent the school yard bully and it is about time we stood upto them and reclaim the courts for the purpose they were intended, catching, prosecuting and locking up violent thugs and other serious criminals

  • Comment number 64.

    DuellistOrigins wrote:

    ... how are you only buying a license? You've bought a CD, and you've also bought the collection of 1s and 0s it contains.

    ###

    Actually, you have kind of bought two things - you have bought a CD (plastic, metal, bits and pieces, nice booklet, with any luck, and so on.)

    And with that CD, you have the right to listen to the music (for instance) for you own pleasure. You can play it to friends, you can play it in your car - all that kind of thing.

    However, you cannot (strictly speaking) copy the music onto another medium, play it in a public place like a shop, broadcast it, claim it is your own and so on.

    For all that, you have other licences that allow you to do that. I used to work for a company that supplied compilation CDs for shops. Aside from the shops requiring a PRS licence to be able to play PRS administered music (that is most of it), we also had licences that allowed us to copy the music and so on.

    The reasons were very simple - we were making money out of someone else's song by renting it to a retailer, and the retailers were using the music to help persuade people to stay and spend more money in the shop. Seemed only fair that the originator of the music get their bit of it, really.

    Movie rental shops had a more basic system - whereas I could buy a VHS for £10 (or what ever it was years ago) they would pay nearer a £100 for the same VHS. However, they could then rent it out as many times as they wished until it fell apart and keep all the profit.

  • Comment number 65.

    IndaUK wrote:

    Remember details were not stolen from ACS:Law. ACS:Law made them free available over the internet .... Anonymous [from 4chan] only returned the favour to ASC:Law. Remember ASC:Law were attacking other websites first using a Denial of Service attack.

    ###

    Er, you lost me here.

    ACS:Law didn't make the emails freely available, they were leaked, probably - hardly the same thing.

    As far as I am aware ASC:Law were the VICTIMS of a Denial of Service attack, not the instigators - something 4chan do regularly every time they don't get their own way. Most of the time they don't do it against a huge corporation as some sort of Freedom Fighter ideal, but just against a lone person with a little website who happened to upset them.

    Bully mentality basically - as I said earlier, ACS:Law and 4Chan were made for each other. They both should have their toys taken away.

  • Comment number 66.

    Im afraid no sympanthy for people who are clearly breaking the law but it should have been done in a more secure manner its not the first time and surely wont be the last for sensitive information to get lost or released into the public.

  • Comment number 67.

    Lots of people seem to be banging on about hacking wifi and people sitting in cars or robbing their neighbours. Whilst this is extremely easy to do, the reality is its not really that widespread, and I would find it hard to believe its the root of most of these "it wasnt me" claims.

    Search the BBC Tech site and youll find the rather contentious item from last year where the BBC created its own botnet. The point was to demonstrate how it is done and what these botnets achieve, and for all of its sins, I think it did a good job.

    Many of the reports from users who claim they were not responsible for these alleged infringments, didnt come across as nerds, and I will wager a decent sum with anyone here that a fair few of these cases of filesharing were as a result of malware installed on the person's PC. It takes seconds to infect a machine with simple and innovative malware that dodges/disables anti virus tools. That software can then be instructed by the Command and Control system to do many different things like spamming, denial of service attacks, and yes - serving up copyrighted content. To the everyday user they would have very little indication that they were infected, and would be essentially oblivious to the fact it was doing all these nefarious things.

    In these circumstances I would suggest liability is shakey at best, as much like ACS:Law themselves, the distribution of information was as a result of "illegal actions" by a third party.

    User education about internet threats is important, and legal instruments for protection of content need to be modernised to take into account the nefarious methods bad guys use. If you want to go legal with someone about content distribution, then you need better evidence than "it was your IP". This can introduce great complexity into the process, such as system forensics, but the basis of our law is innocent until proven guilty, and crucially, beyond reasonable doubt.

  • Comment number 68.

    1. At 6:24pm on 28 Sep 2010, gusone wrote:
    And to the inevitable person who always claims they are not guilty that the media like to create/ or dredge up as a counterargument err yeh ok mate we beleive you.

    --------------------------------------------------------------



    There's three easy ways to be completely innocent and yet be deemed guilty:

    1. Having WIFI - you could be unsecured or have a % of it open to public use, or you could be secured and simply have that security broken (it's not a big deal, a certain Linux distribution is tailored for it).

    Basically ANYONE that has WIFI has a potential security breach, the only solution it to only use wired networking. WIFI is plain insane from a security point of view.


    2. IP spoofing - the methods used to "track" people supposedly downloading aren't that difficult to fool.


    3. Botnets - their PC may well have downloaded, but it's not "them" - a tricky legal area for enforcing copyright I imagine (like arresting someone for BEING mugged).


    Until those 3 things are detectable an awful lot of people are going to be genuinely innocent and yet accused.... and whilst that's the case how can you have a legal case against anyone?

    Which is undoubtedly why none of these cases have gone to caught, they are just after the threat money.

  • Comment number 69.

    65. At 8:14pm on 02 Oct 2010, Hastings wrote:

    As far as I am aware ASC:Law were the VICTIMS of a Denial of Service attack, not the instigators - something 4chan do regularly every time they don't get their own way. Most of the time they don't do it against a huge corporation as some sort of Freedom Fighter ideal, but just against a lone person with a little website who happened to upset them.

    ------------------------------------------------------------------


    Firstly they are in breach of the data protection act by having peoples data on ANY PC (or anywhere else) without encryption - it doesn't matter if it's stolen, lost or never leaves the office - the protection has to legally be in place - it wasn't (even if someone else sends it like that it's no defence as you become responsible once you receive it).

    Secondly apparently they put it up on the web when they restored their site from a back up server after the attack, a mistake, but their mistake. So it wasn't "stolen", just openly downloaded after they mistakenly made it completely public (which is of course the reason why data ALWAYS has to be encrypted, as in the first point above).

  • Comment number 70.

    As usual if only I had £1 for every "it's easy to" whenever one of these stories are blogged. I won't respond to individual posts as many are saying pretty much the same thing.

    RE the point of the story, if the police suspect your car is involved in a crime then the DVLA will give up your personal details in an instant. Likewise with your ISP, this has always been the case and always will be. If your ISP is UK-based then it will offer you *no* hiding place from the law.

    RE IP addresses, the public IP address you use can indeed be traced to your account. If you reboot your router or are allocated 100 different addresses in an hour then every one of those addresses can be traced to your account. It doesn't matter if it is static, dynamic or made of blue cheese - the ISP that allocates your IP address tracks *everything*.

    RE IP spoofing. On a TCP network (like the web) you *cannot* spoof a *working* IP address. You also can't allocate any IP you want as has been suggested.

    RE the "IP isn't proof" arguments - that is what courts are for. Nothing is absolute proof, if you are caught with a smoking gun you still have your day in court if you plea innocence. Ambiguity is not a defence. Also this idea of people downloading from your WiFi and yadda yadda…let’s be honest, I'll eat my hat if 95% of the people accused are not guilty. Sure there are *possibilities* of hackers with laptops in the bushes just to download some smutty movies….but it's not very likely, is it? It's a faint glimmer of hope that people are exaggerating as they are scared that one day the knock will be on their own door as they're probably illegally downloading themselves. For the people who claim to be unaware then the most likely scenario is that someone else (probably a relation) has done the downloading. For the people who genuinely *have* been a victim of a hacker or unsecured network then PCs can be analysed for proof of innocence as has been done in the past.

    RE there being "no loss" as the movies have no BBFC rating…funny how when it is standard movies or music there is "no loss" as "I wouldn't have bought it anyway", but for un-rated movies there is no loss as it's not available to buy in the UK. That is just the self-justifying opinion of the person posting, the law disagrees.

    RE the analogies between this firm and parking companies, that's pretty much the size of it. I'd be surprised if any of these people are actually brought to court, the company will just be happy with the people who pay off their own back.

    @ D Dortman #69

    > Firstly they are in breach of the data protection act by having peoples data on ANY PC
    > (or anywhere else) without encryption

    Not so. More info here;

    http://www.ico.gov.uk/Global/faqs/data_protection_for_organisations.aspx

    Specifically see "Must I encrypt all the information I store on computer?"

  • Comment number 71.

    70. At 10:31am on 05 Oct 2010, Aidy wrote:
    --------------------------------------------------------------


    1. The DVLA - last year I was sent a threatening letter by an insurance company telling me I'd been in a car accident 6 months earlier in a town I've never been too, and given false details and driven away.
    The licence plate given in the letter was for my motorbike.
    When I rang up the company they immediately said the DVLA had given them my details and started the hard push to get me to admit I'd been involved in said accident, and to be honest I struggled to provide any evidence that I'd NOT been somewhere 6 months earlier.

    It was only when they mentioned it was a green CAR that had driven into theirs client that I said my vehicle was a motorbike.... at that point the call changed tone completely and they basically hung up and I never heard from them again (even though I sent several letter and made several calls asking about the case as clearly someone was using my registration fraudulently).

    Now if the people that cloned my bike plates had been clever and matched it to the same make and model of car, then I'd have been in real trouble trying to prove I'd not done something, because there is a presumption of guilt, unlike the supposed Innocence until proven Guilty presumption that is supposed to underpin the British legal system.


    2.IP spoofing - they don't fool their ISP, they just fool the "litigation" companies systems that they used to "track" your IP, the two are very different things.


    3. WIFI - no WIFI is secure. It's insane how many totally unsecured WIFI (and Bluetooth) connections there are out there (smartphones are the new massive security black holes these days), and of course there's people that freely give open WIFI too (naive perhaps, but not a crime). But I reiterate no WIFI is secure, it's a gaping hole into your system that can potentially be exploited by those that want too do so.




    4. Personal Data - technically you can keep it unencrypted on a completely SECURE system, but as soon as that data is removed from that secure system it is YOUR fault (no matter how it happens).
    Given that I've only ever seen 1 genuinely secure system (in a BAE Systems weapons research lab), the default is always to keep the data encrypted.

    In this case the company mistakenly posted it up on the web, it wasn't "stolen", it was just downloaded by people that realised it was there to download before they did. A classic case.

  • Comment number 72.

    @ D Dortman # 71

    2 Not really as the methods used by these firms to collect suspect IPs would not have spoofed traffic as a possible culprit as the spoofed traffic won't be downloading anything. As I said, you cannot spoof *working* TCP data.

    3 - Whatever. As I said, I'll eat my hat if 95% of those people are not guilty.

    4 - You're muddying the waters. You stated that it was a legal requirement under DPA to encrypt personal data and I was simply pointing out that you were wrong.

  • Comment number 73.

    72. At 12:33pm on 05 Oct 2010, Aidy wrote:
    ----------------------------------------------------------------

    1. I notice you ignore 1., which is basically what these companies do, threaten people with spurious and often completely wrong information in the hope they'll admit it/pay up.

    Should there be a legal requirement of "evidence" for the DVLA to hand your information out (or sell it for that matter)? Quite possibly.


    2. There's several ways to spoof it (so using legal and other illegal methods), yes most (although not all) could probably be tracked eventually, but no copyright holder is going to the lengths required.


    3. Most will be unsecured or open WIFI cases to be sure, which is stupid (even more daft than having WIFI in the first place) but it's not illegal to have an unsecured WIFI connection, any more than it is to leave your house/car/safe door unlocked.


    4. Fair enough like I said technically under the 10th Law of Pedantism (:p) you're correct, but as soon as its stolen, lost or put on the web for anyone to download (as in this case) it's their responsibility. So unless it on a 100% secure system (which like I said almost nothing is - and clearly theirs was NOT!) it must be encrypted - because how can you know when it's going to be lost/stolen/mistakenly publicly published. In this case if it were encrypted there'd be no case to answer even if it had been put up on the web, but as it wasn't, there is. So it's chicken and egg.






    Now none of this is saying downloading copyrighted material is right or correct, but what is saying is that until they have 100% certainty they shouldn't be perusing people with threaten and hope for payment policies.
    And indeed that they SHOULD be actually be pursuing people legally...... as it is very telling that none of these cases go to court.... but then A) it probably wouldn't stand up in court and B) they are after cash not convictions.

  • Comment number 74.

    @ D Dortman #73

    1 I didn't "ignore" 1, it was just things about the DVLA that I didn't think particularly relevant. My DVLA example was merely an analogy that I felt most people would be familiar with. How the DVLA works is neither here nor there, it could be a bank giving your details after your credit card is found at a crime-scene, or the bus company after your travel card is found at a crime-scene. The agency is irrelevant, the important bit is that your personal details can and will be passed on to relevant agencies if there is legitimate need.

    2 I can't make this any simpler….there is *no* way to spoof working TCP traffic. The problem with comments on this blog is that people like to pass themselves off as knowledgeable when they are just passing on misinformation and rumour as fact. That then gets seen by others and taken as fact and passed on again in a big game of Chinese Whispers. Working TCP traffic can *not* be spoofed by any means, legal or otherwise. If you understood how TCP works you would understand why.

    3 That depends. If your house contains firearms and someone walked in through an open door, took those firearms and committed an offence with them then, yes, you would be liable. If your hallway contained a bear-trap and someone walked in through an open door again hurt themselves you would be liable. If someone leaves an unsecured wifi connection in the knowledge that it might be used for illegal activities then that person would probably find themselves liable. Just because having an unsecured wifi is not a crime in itself doesn't mean that no offence can ever come from it. The law is rarely black and white and as I have already said, this is why we have courts.

    4 Yes, I knew I was right.

  • Comment number 75.

    70. At 10:31am on 05 Oct 2010, Aidy wrote:

    Also this idea of people downloading from your WiFi and yadda yadda…let’s be honest, I'll eat my hat if 95% of the people accused are not guilty. Sure there are *possibilities* of hackers with laptops in the bushes just to download some smutty movies….but it's not very likely, is it?

    ---------------------------------------------------------------------

    Thankfully we live in a country where there is a presumption of innocence established by law.
    The 5% you refer to is enough to cast reasonable doubt.

    Whether you like it or not, ACS is extorting money from users, be they guilty or innocent simply because it is too expensive, both in terms of time and money, to have your day in court, whether you're guilty or innocent.

    There's good reason not one case has yet been contested in court.

  • Comment number 76.

    74. At 3:48pm on 05 Oct 2010, Aidy wrote:

    3 That depends. If your house contains firearms and someone walked in through an open door, took those firearms and committed an offence with them then, yes, you would be liable. If your hallway contained a bear-trap and someone walked in through an open door again hurt themselves you would be liable. If someone leaves an unsecured wifi connection in the knowledge that it might be used for illegal activities then that person would probably find themselves liable. Just because having an unsecured wifi is not a crime in itself doesn't mean that no offence can ever come from it. The law is rarely black and white and as I have already said, this is why we have courts.

    ------------------------------------------------------------------

    Slightly flawed analogy in that the firearm can only be misused for a criminal offence, while copyright infringement is a civil offence... the difference being that for a criminal offence you are prosecuted by the state, rather than being sued in a civil court.
    Technically copyright infringement is an offence, not a crime.

  • Comment number 77.

    Actually even for wired internet connections the position is virtually impossible for ACS Law to prove in many cases.

    Let me take as an example my home system. I have access, my wife has access, my daughter has access, guests have access. There may be 6 people in the house at the time the file was alledgedly downloaded. ACS Law have to prove who it was - how?

    It is similar to a situation (speed cameras are more sophisticated now) where a speed camera catches my car doing 40 mph in a 30 mph zone. It is the driver who is convicted of speeding not the car owner. The police have to show who is driving. If they have no evidence (for example because the speed camera photo only shows back of car and number plate and not the driver) then they cannot prosecute

  • Comment number 78.

    Just to make this absolutely clear so even those who are concentrating on jerking their knees rather than looking at the facts will understand.

    The definition of theft, as taken from "The Theft Act 1968" is "A person is guilty of theft if he dishonestly appropriates property belonging to another with the intention of permanently depriving the other of it"

    When file sharers share files, they are depriving no-one of anything.

    As we all know, the propaganda that the BPI and the like put out is simply that. Did they not scream that "Home taping was killing music" back in the 80's. Much the same with pirate software, I remember the comics that ELSPA used to give away with computer magazines about how if you grassed up your friend who was giving away copied tapes in the playground they would give you a grand in cash.

    Nothing has changed. Internet piracy WILL NEVER, EVER, GO AWAY. The P2P protocols are here to stay. Copyright holders, get used to it, it comes with the territory.

 

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.