Sophos Cloud Optix
Last week saw the US debut of the “six strikes” pirate wrist-slapping system, officially known as the Copyright Alert System (CAS).
With the new “six strikes” piracy alert system, Comcast plans to hijack offenders’ browsers, Cablevision will suspend subscribers for 24 hours after a fifth offense, and other ISPs are looking at throttling infringers’ connections down to a crawl.
CAS was birthed by the Center for Copyright Information (CCI), made up of five of the US’s biggest Internet Service Providers (ISPs): AT&T, Cablevision, Comcast, Time Warner Cable and Verizon, as well as the Recording Industry Association of America (RIAA) and Motion Picture Association of America (MPAA).
Two CCI ISPs, Verizon and Comcast, activated the service on Wednesday.
Here’s how the alert system will work, according to a post from CCI Executive Director Jill Lesser that went up on Monday:
"Our content partners will begin sending notices of alleged P2P copyright infringement to ISPs, and the ISPs will begin forwarding those notices in the form of Copyright Alerts to consumers."
The CCI is scrupulously avoiding sounding punitive, insisting that “Most consumers will never receive Alerts under the program.” Lesser adds that the alerts sent out are meant “to educate rather than punish.”
If you’d like a preview of the alerts, you can eyeball them at Ars Technica.
For those people who think they’ve erroneously received alerts, the CCI promises an easy to use process to seek independent review.
Yea, well, good luck with that, some say, pointing to past performance as indicative of future results.
Speederk, a commenter on Ars Technica’s coverage, had this to say about the futility of engaging Comcast in a two-way conversation:
"If future results are based on past performance of theirs when trying to get a blacklisted IP address removed from their Network Abuse group back in [New Jersey], every time you call you will be prompted to leave a message and someone will [maybe] call you back promptly never. I know as I used to work for them in a … [technician's] role where I had to work with the poor souls standing in the customers house trying to get their service restored."
The alerts get cranked out generally after four copyright offenses, at which time the following so-called “Mitigation Measures” [PDF] might kick in:
- Temporary reductions of internet speeds,
- Redirection to a landing page until the subscriber contacts the ISP to discuss the matter or reviews and responds to some educational information about copyright, or
- Other measures (as specified in published policies) that the ISP may deem necessary to help resolve the matter.
According to Wired, the crackdown doesn’t (yet) cover cyberlockers, e-mail attachments, shared Dropbox folders and other ways that might infringe copyright law.
As Ars Technica outlines, the system appears broken from the outset, in that the CAS alerts lack context or true educational content.
In addition, a tech law professor at the University of Arizona quoted by Ars Technica, Derek Bambauer, points out that the alert system fails to define what is “improper” use of copyrighted work:
"Making a fair use of a copyrighted work is not infringement. Thus, even if I download an entire copy, if it's fair use, I am not an infringer - and yet, the private law of six strikes treats me as one."
Bambauer, in conjunction with the American Civil Liberties Union, has submitted Freedom of Information Act requests to learn more about the creation of the six strikes program.
He told Ars that six strikes is “fundamentally flawed” and that users never had a say in its conception. Rather, it’s a creation of content owners and ISPs, for whom defense of free speech is not exactly what you might call a major motivation.
Bambauer and Chris Soghoian, a policy analyst at the ACLU, have brought charges against the Obama Administration’s Office of Management and Budget in an attempt to squeeze out more information on the system.
Thanks are due, as always, to those such as Bambauer and Soghoian who fight on behalf of free speech and consumer rights.
Accused isn't Proof. Period!
So…. Is it just me that sees this getting abused wildly?
Say for instance my neighbor is bothering me somehow, not cutting his grass short enough or whatever. I can then jump on his wifi and download a few things here and there, before long getting his internet cut off.
Considering how poorly secure most home wifi points are this is a real possibility. It also will do nothing to stop piracy as it will not touch those who use VPNs. It also will not bother those who just do their downloads while sipping their starbucks.
So basically what this is going to do is punish the poor fools who do not know much about computers. The real pirates will go around this in a number of ways.
I can agree to that. Remember the ten-year old kids who were accused of downloading music off the web and with their parents being asked to pay a million or so in "damages"?
Shame on those greedy seniles who insist on dancing to the big media's tune of corruption.
so what about people and ip addresses that is not static — i might get one next week some other person using my same internet provider has now and i get screwed for getting their ip address assigned to me on rotation — screws all people under a isp service unless you pay to get business service and upgrade to paying for a static ip address
Your ISP's logs will correctly determine what IP was assigned to you during what time.
This is commonly used during disputes about allowances by ISPs that monitor user's bandwidth usage.
This should not be a shock. It's too much trouble for the "content providers" to actually get enough information to sue someone, so now they can simply create an automated script that forwards the ip address of any p2p transfer, legitimate or not, to the ISP and have it taken care of. It's a win-win for the "content provider", they cut off the majority of p2p usage (legitmate and otherwise) and the public is mad at their ISP instead. Whats not to like?
After reading the site, it is amazing. You cannot even ask for a review until after 3 (or 4) alerts, after which you get a maximum of 14 days to file the claim. I looked hard on the site and although I did find information that filing a claim will cost you $35, I could not even find the actual steps of how to file a claim. I can imagine how difficult its actually going to be and how high the bar is – since its not an actual legal defense, the "presumption of innocence" principle doesn't apply – you will be guilty unless you can prove your innocence.
According to CopyrightInformation.org, (see http://www.copyrightinformation.org/the-copyright… ), copyright holders join a P2P network, search for content and download it, then confirm that the download is actual copyrighted content being shared without authorization. They record the offending IP address, (from which they download the copyrighted content), and send it to the ISP, who then sends a warning to the subscriber. If this is true, just downloading content will not cause a "strike", only hosting it for others to download will trigger a strike.
That sounds good, but there are no checks or balances to confirm that the steps above have been followed or to prevent abuse of this system. Also, innocent users are required to pay a $35 fee for the priveledge to defend themselves against false accusations. This system is fundamentally flawed in many respects. See https://www.eff.org/deeplinks/2012/11/us-copyrigh…
Most of Mark's point still applies, since someone hacking into their neighbor's wifi network could host files just as easily as they could download them.
And of course, by "content providers" they mean only the big hollywood film companies. How would I, as a humble part-time software author, stop my creations being distributed under this regime? Whom would I contact?
Copyright law is a sham; it does nothing for anybody other than the big boys.
Bambauer's point about "if I download an entire copy…" unfortunately misses the point about P2P – he may be downloading but he's also unavoidably uploading, and that's not covered by "fair use" copyright laws.
In fact any usage of P2P must by definition involve more than one peer. You can't download by P2P without there being someone to download from. And even if there's only 2 of you, and you're therefore not uploading…the other guy is, because he's uploading to you.
P2P will always involve copyright infringement, which is probably why they're going after it first – it's by far the easiest target.
On the other hand, cyberlockers, blogspots and newsgroups are cases where not only is there an element of anonymity involved, but also an imbalance between the many downloaders (who don't upload at the same time, shifting them more towards Bambauer's "fair use" group) and the single uploader who put the content there in the first place (and is the only one who is clearly infringing).
Dave wrote: "P2P will always involve copyright infringement…"
Wrong.
Quoting the TeachingCopyright.org web site, "peer-to-peer technology itself is not illegal, nor is using the technology to make fair uses, to share copyrighted materials designated for sharing, or to share materials in the public domain".
For more information, see: http://www.teachingcopyright.org/curriculum/hs/4 https://www.eff.org/issues/file-sharing https://www.eff.org/deeplinks/2012/11/us-copyrigh…
So, 5 ISPs and 2 Content Providers have formed CCI to tell the 5 ISPs the IP numbers of offending internet customers. Seems to me that the 5 ISPs are the ones collecting the information, giving it to CCI, which then gives it back to the ISPs ? There’s gotta be a reason I’m not seeing for this circular games.
If P2P transfers were encrypted, then the ISPs wouldn’t be able to tell what kind of data one is transferring. But, from what I’m reading, proof is not needed; suspicion is sufficient to accuse the customer of illegal content.
If it were up to the ISPs, they’d prefer their customers to never leave the ISP’s network and consume only the ISP’s content – at an additional cost, of course. Only when the ISP can monopolize the customer’s source of content, can the ISP charge outrages rates. Much like they do now with the internet connection they provide. In most of the areas, customers have only one vendor for internet access. The lucky ones can chose from 3 or 4.
I'm still waiting to hear how they manage to inject their alerts into the user's browser. Is this a variant of the "Phorm" box? Can the ISPs be trusted to only use this for this type of alert, or will they start to abuse it and push their own adverts into other people's pages?
Another example of how to stick it to ISP customers. This is open to abuse and knowing how large companies communicate (NOT) this is nothing but abuse and started by the recording and movie industries who think everyone is stealing their products.
Unless, legislators get on the ball and give us rights to access, this will continue. Unfortunately these people don't have Internet users very high on the list. Only when we get together and vote these legislators out with new open minded persons will be advance.
I guess we are all saying the same thing!
So this is where the Censorship of the Internet begins, and the ISPs are being turned into the slavering lackeys of Big Corporations who seek to decide what user may or may not access. Oh well. had to start somewhere.
One way to stop it is for all Comcast subscribers to quit their internet service and I bet you that would change their policy very quickly! boycott Comcast internet service until they lift this ridiculus service policy!
so just P2P is being targetted? interesting…. is it just downloading or just uploading or both via P2P? What if the traffic is encrypted, sounds like they have zero visibility there…. What if the traffic is FTP, dropbox, HTTP over an odd port, NNTP, etc etc
what a useless piece of poop, seriously…. they're gunna send a message to an email address that no-one ever uses…. or try to inject into my port 80 https stream or hijack my DNS in order to pop up a window that states absolutely nothing useful?
LOL… interestingly enough… there's no *real* punishment, other than a message going to a non-used email box….. so why even bother or why should anyone care? at least Comcast customers…
How are the ISPs going to differentiate between legitimate and pirate content? How does packet sniffing tell them that someone is downloading a CNN news video vs. a pirated movie? How would they know if a download of an app like Norton A/V is a purchase from the manufacturer or a copy from a fileshare? Are they going to think streaming from Hulu or Netflix is stealing, too?
I think ISPs have a legal challenge proving that one of their customers is transferring illegal content. Just admitting they have the ability to see what a customer does on the internet poses privacy issues. So, indeed, how will ISPs be able to accuse customers of illegal activities and still claim they maintain a user’s privacy online (whatever that means).
My guess is that the other two behemots of CCI, MPAA and RIAA, come into play. If they operate their own “honey pot” P2P service then they can actually have proof of the IP number engaged in illegal activity. Of course, that would be entrapment which might pose a different set of legal issues.
So, MPAA/RIAA could collect IP numbers that they then pass on to the ISPs. Now, the ISPs send out the warning because with the proof they have it is still impossible to know if the customer did it, or someone who hacked the customer’s network.
Looks like it time to create a petition to have this removed.
This is an unofficial form of the SOPA law. Which in turn will some how become official.
I am surprised we haven't heard about anonymous doing something about this.
Seriously, WE NEED SOMEONE TO CREATE PETITION, before this gets out of hand.
I am not that guy, but I'm sure one of you is good at writing up something like this.
The post the link and text of it on the Craigslist rant raves post, social networking sites like Twitter and facebook, and on every tech sites comments section when they write about this subject.
I guess You guys didn't like What I had to say. I do not feel I was out of line.
I do feel this new policy is a way to slowly bring SOPA into effect by calling it something else. If no one else reads this, I know the moderator has read it to delete or keep it.
You guys should create a petition and I will help get it seen like I said my last post, that's seems to have disappeared.
I got the cell phone lock petition "seen" over 300,000 times. I have no idea how many signed it. I am just a horrible writer.
The cell phone unlock petition had hit 114K signatures by yesterday, I think it was. The make-jailbreaking-legal petition had 60 participants after I signed it yesterday.
It's a pity they are not putting as much effort into arresting banksters.
If that problem was cured people would have money to buy nice copyrighted material.
The way things are going only the elite few would be customers anyway.