UK court to unmask 'file-sharers'
- Thread starter HaX
- Start date
One thing I'd be interested to know is how they identify high volume/persistent offenders (normally the ones they prosecute). Most ISPs assign dynamic IP addresses, so how do law enforcement agencies collect evidence about an individual prior to gaining court approval to get their details from the ISP.
Associate
- Joined
- 26 Oct 2002
- Posts
- 1,714
HaX said:
Persistent? High volume? well they don't know. They will pick users based on the number of files they are sharing, or they may be targeting users sharing a particular program/album/movie/tv show. In reality it's probably fairly random. What they do get is your IP address and the time the file is available, they may even download part/all of the file to make sure it is what it says it is.
(There are now a number of companies that specialise in gathering this sort of information for the music/movie/software companies.)
They will let the ISP know that they are going to initiate legal proceedings (in court) to get the information for a user that was on IP address x.x.x.x on date dd/mm/yyyy.
The ISP has those details because at any time they should know what IP address has been allocated to what username, and at what time. ISP's are legally obliged to keep these records.
The ISP will then make sure that they have a copy of those details for when they receive the summons to court, and are told (or not as the case may be) to hand those relevant details over.
These 150 cases will be the tip of the iceberg as far as the UK is concerned.
derfderfley said:
Almost correct - legally we dont *have* to keep the records for any length of time (yet) the actual law for that hasnt been passed yet. However any "grown up" ISP will keep such records (known as Radius Accounting fyi). A law is soon to be passed where we have to keep such records for I think its 1 year or 2 years (cant remember which).
http://www.infosecurity-magazine.com/news/260105.ISPtrafficcollection.html
Also the ISP will not make any appearance in court - all we need to release the information is a Data Release form signed by the suitable authorities (a judge I believe) and the name + address + the requested logs will be handed over. We do this semi regularly anyway so this so called "Head Line News" is just the usual over the topness (real word?) of the british media.
So , from a legal perspective,
If the average Joe Bloggs has downloaded a copy of MS Office off a bit torrent site (thus sharing it at the same time), he would be liable for prosecution, even if this was the only thing he had downloaded.
As I understand it, FAST intend to throw the book at people to make an example of them. Does this therefore mean that people will not be given the option of out of court settlements and what kind of effects will this have on criminal records etc. What kind of fines will fast most likely give out? Will they be means based? I can imagine this action is going to ruin a fair few lives.
Will FAST be mainly looking for people pirating MS software, or all the different brands and games etc?
If the average Joe Bloggs has downloaded a copy of MS Office off a bit torrent site (thus sharing it at the same time), he would be liable for prosecution, even if this was the only thing he had downloaded.
As I understand it, FAST intend to throw the book at people to make an example of them. Does this therefore mean that people will not be given the option of out of court settlements and what kind of effects will this have on criminal records etc. What kind of fines will fast most likely give out? Will they be means based? I can imagine this action is going to ruin a fair few lives.
Will FAST be mainly looking for people pirating MS software, or all the different brands and games etc?
Last edited:
HaX said:
I doubt anyone could say at this stage - looks like its being used as a test case. The second you are sharing something you are breaking the law, I imagine this case is going to set precedants(sp?) so whether its a fine/how much/jail term... who knows.
Soldato
you get less for manslaughter, totally out of preportion
Associate
- Joined
- 26 Oct 2002
- Posts
- 1,714
Noxis said:
2 years is what we've been told to prepare for, 5 is the nasty rumour going around. That's a lot of data because it's not just radius logs they want, it's everything mail/proxy/nntp logs. The real biter is that they are pushing for ISP's to record all web traffic, not just what passes through proxy servers. This is not going to be cheap to do
Still, there's money to made from it, we've already seen the first of the companies specialising in black box solutions for mining the mountains of data that are going to be produced. And very nice it was
derfderfley said:2 years is what we've been told to prepare for, 5 is the nasty rumour going around. That's a lot of data because it's not just radius logs they want, it's everything mail/proxy/nntp logs. The real biter is that they are pushing for ISP's to record all web traffic, not just what passes through proxy servers. This is not going to be cheap to do
Still, there's money to made from it, we've already seen the first of the companies specialising in black box solutions for mining the mountains of data that are going to be produced. And very nice it was
Yea been prepping for this - at the moment we are lucky to get 2 months apache logs. All our syslog servers are full of exim/pop3 logs.
Associate
- Joined
- 26 Oct 2002
- Posts
- 1,714
HaX said:
Once they have the information, I would assume that the first court cases will be brought within a month.
Tommy B said:
I advise you to remove that - such things generally earn holidays on this forum. Dont forget that OCUK are not going to protect you - admitting such things on here is pretty foolish. Lawyers can just as easily send a data release form to OCUK/Spie who would then be forced to give them your IP.
Associate
- Joined
- 26 Oct 2002
- Posts
- 1,714
Noxis said:
This raises one of the issues that they really need to clarify. How long do you keep online log storage (0-6 months) and how much of it do you keep offline (6-24 months)? in the form of tape backups.
Quick, buy shares in any of the big NAS manufactures
Soldato
Sounds like a plan, especially if you're the one who sets the length of time that ISPs need to log forderfderfley said:Quick, buy shares in any of the big NAS manufactures
.
Associate
- Joined
- 26 Oct 2002
- Posts
- 1,714
HaX said:
Yes
Since these will (I assume) be civil cases, it's a possibility that they will offer 'out of court' settlements, judging by what happens in the US, they will be in the £2000-10,000 range.HaX said:
A the Judge will decide how much is given out in damages.
FAST will make out everyone to be a major pirate, and will probably claim that every one of those 100's of bittorrent seeds have downloaded a copy of the software from the person involved. Resulting in them asking for multiple times the software's value as damages.
I also fully expect them to stand there and tell us that software piracy funds terrorism.
And yes, lives will be needlessly ruined in the process.
HaX said:
FAST is (I believe) funded by the software industry as a whole, so it will be a mixed bag they are looking for.
Personally, I feel that the chances of getting caught and prosecuted are very slim. You would have to be very unlucky to be one of the unlucky few.
FAST are going to prosecute 150 people - A miniscule amount when compared to the number of people in the UK who will be frequently downloading ISOs for Games, Windows and Office etc off bit torrent or other p2p app. It is not uncommon for 150 people to be seeding a single torrent.
If you get caught, you're screwed - through and through - though I imagine a number of people will end up going bankrupt through not being able to pay off the fines or settlements.
Whether or not people feel that it is worth the risk is another thing. I stopped downloading music and films years ago when the BPI jumped on the suing band wagon. Its' just not worth the hastle. W
In short while there may only be a small risk, its' not worth taking. Unfortunately we live in a society where £10k isn't much to one person or organisation, but a life time of savings for another.
FAST are going to prosecute 150 people - A miniscule amount when compared to the number of people in the UK who will be frequently downloading ISOs for Games, Windows and Office etc off bit torrent or other p2p app. It is not uncommon for 150 people to be seeding a single torrent.
If you get caught, you're screwed - through and through - though I imagine a number of people will end up going bankrupt through not being able to pay off the fines or settlements.
Whether or not people feel that it is worth the risk is another thing. I stopped downloading music and films years ago when the BPI jumped on the suing band wagon. Its' just not worth the hastle. W
In short while there may only be a small risk, its' not worth taking. Unfortunately we live in a society where £10k isn't much to one person or organisation, but a life time of savings for another.