[Ecommerce] Music Industry Unveils Tracking Methods

[Joy Spencer]

Music Industry Unveils Tracking Methods
Wed Aug 27, 5:09 PM ET
	
http://news.yahoo.com/news?tmpl=story2&cid=562&u=/ap/20030827/ap_on_hi_te/downloading_music_2&printer=1

By TED BRIDIS, AP Technology Writer

WASHINGTON - The recording industry provided its most detailed glimpse 
to date Wednesday into some of the detective-style techniques it has 
employed as part of its secretive campaign to cripple music piracy over 
the Internet.

The disclosures were included in court papers filed against a Brooklyn 
woman fighting efforts to identify her for allegedly sharing nearly 
1,000 songs over the Internet. The recording industry disputed her 
defense that songs on her family's computer were from compact discs she 
had legally purchased.

Using a surprisingly astute technical procedure, the Recording Industry 
Association of America (news - web sites) examined song files on the 
woman's computer and traced their digital fingerprints back to the 
former Napster (news - web sites) file-sharing service, which shut down 
in 2001 after a court ruled it violated copyright laws.

The RIAA, the trade group for the largest record labels, said it also 
found other hidden evidence inside the woman's music files suggesting 
the songs were recorded by other people and distributed across the Internet.

Comparing the Brooklyn woman to a shoplifter, the RIAA told U.S. 
Magistrate John M. Facciola that she was "not an innocent or accidental 
infringer" and described her lawyer's claims otherwise as "shockingly 
misleading." The RIAA papers were filed in Washington overnight Tuesday 
and made available by the court Wednesday.

The woman's lawyer, Daniel N. Ballard of Sacramento, Calif., said the 
music industry's latest argument was "merely a smokescreen to divert 
attention" from the related issue of whether her Internet provider, 
Verizon Internet Services Inc., must turn over her identity under a 
copyright subpoena.

"You cannot bypass people's constitutional rights to privacy, due 
process and anonymous association to identify an alleged infringer," 
Ballard said.

Ballard has asked the court to delay any ruling for two weeks while he 
prepares detailed arguments, and he noted that his client — identified 
only as "nycfashiongirl" — has already removed the file-sharing software 
from her family's computer.

The RIAA accused "nycfashiongirl" of offering more than 900 songs by the 
Rolling Stones, U2, Michael Jackson and others for illegal download, 
along with 200 other computer files that included at least one 
full-length movie, "Pretty Woman."

The RIAA's latest court papers describe in unprecedented detail some 
sophisticated forensic techniques used by its investigators. These 
disclosures were even more detailed than answers the RIAA provided weeks 
ago at the request of Sen. Norm Coleman, R-Minn., who has promised 
hearings into the industry's use of copyright subpoenas to track 
downloaders.

For example, the industry disclosed its use of a library of digital 
fingerprints, called "hashes," that it said can uniquely identify MP3 
music files that had been traded on the Napster service as far back as 
May 2000. Examining hashes is commonly used by the FBI (news - web 
sites) and other computer investigators in hacker cases.

By comparing the fingerprints of music files on a person's computer 
against its library, the RIAA believes it can determine in some cases 
whether someone recorded a song from a legally purchased CD or 
downloaded it from someone else over the Internet.

Copyright lawyers said it remains unresolved whether consumers can 
legally download copies of songs on a CD they purchased rather than 
making digital copies themselves. But finding MP3 music files that 
precisely match copies that have been traded online could be evidence a 
person participated in file-sharing services.

"The source for nycfashiongirl's sound recordings was not her own 
personal CDs," the RIAA's lawyers wrote.

The recording industry also disclosed that it is examining so-called 
"metadata" tags, hidden snippets of information embedded within many MP3 
music files. In this case, lawyers wrote, they found evidence that 
others — including one user who called himself "Atomic Playboy" — had 
recorded the music files and that some songs had been downloaded from 
known pirate Web sites.

An RIAA vice president, Jonathan Whitehead, said evidence proved the 
Brooklyn woman was "hardly an unwitting or passive participant in the 
events that involve her computer."

The recording industry has won approval for more than 1,300 subpoenas 
compelling Internet providers to identify computer users suspected of 
illegally sharing music files on the Internet.

The RIAA has said it expects to file at least several hundred lawsuits 
seeking financial damages as early as next month. U.S. copyright laws 
allow for damages of $750 to $150,000 for each song offered illegally on 
a person's computer, but the RIAA has said it would be open to 
settlement proposals from defendants.

The campaign comes just weeks after U.S. appeals court rulings requiring 
Internet providers to readily identify subscribers suspected of 
illegally sharing music and movie files.

The 1998 Digital Millennium Copyright Act (news - web sites) permits 
music companies to force Internet providers to turn over the names of 
suspected music pirates upon subpoena from any U.S. District Court 
clerk's office, without a judge's signature required.


-- 
Joy Spencer

Consumer Project on Technology
1.202.387.8030 (p)
1.202.234.5176 (f)
joy.spencer@cptech.org