TorrentSpy ruling a 'weapon of mass discovery'

It was a pro-copyright ruling that stunned nearly everyone dealing with the issue of online piracy.

In a decision reported late Friday by CNET News.com, a federal judge in Los Angeles found (PDF) that a computer server's RAM, or random-access memory, is a tangible document that can be stored and must be turned over in a lawsuit.

If allowed to stand, the groundbreaking ruling may mean that anyone defending themselves in a civil suit could be required to turn over information in their computer's RAM hardware, which could force companies and individuals to store vast amounts of data, say technology experts. Roaming the Web anonymously was already nearly impossible. This ruling, which brings up serious privacy issues, could make it a lot harder.

"I think that people's fears about a potential invasion of privacy are quite warranted," said Ken Withers, director of judicial education at The Sedona Conference, an independent research group. "The fear is that we're putting in the hands of private citizens and particularly well-financed corporations the same tools that heretofore were exclusively in the hands of criminal prosecutors, but without the sort of safeguards that criminal prosecutors have to meet, such as applying for search warrants."

"I think that people's fears about a potential invasion of privacy are quite warranted."

--Ken Withers,
The Sedona Conference

U.S. Magistrate Judge Jacqueline Chooljian issued the decision while presiding over a court fight between the film industry and TorrentSpy, which is accused of copyright infringement in a lawsuit filed last year by the Motion Picture Association of America. Following her decision, Chooljian ordered TorrentSpy to begin logging user information and allowed the company to mask the Internet Protocol addresses belonging to visitors of the Web site. TorrentSpy must then turn the data over to the MPAA. The judge stayed the order pending an appeal, which the company filed on Tuesday. It's not clear when the appeal will be heard.

The question now, of course, is whether Chooljian's ruling will hold up legally or technically. From a legal standpoint, Withers said he feared the judge's decision may mean a "tremendous expansion" of the scope of discovery in civil litigation. The trend in the courts lately has been to create what Withers called "weapons of mass discovery." Discovery is the legal process by which lawyers obtain documents and other materials to help defend their case.

He also said that the judge's order for a defendant (TorrentSpy) to create logs of user activity so they can be turned over to a plaintiff (MPAA) is unprecedented.

"There's never been a requirement that (defendants) must create documents that they wouldn't ordinarily maintain for the purpose of satisfying some (plaintiff's) discovery requests," said Withers.

But on the technical side, Dean McCarron, principle analyst at Mercury Research, said the judge erred by defining volatile computer memory as "electronically stored information."

RAM is a computer's ephemeral and temporary memory that helps it access data quickly. Think of RAM as the yellow post-it notes that people keep to remind themselves of tasks. Once completed, the note is tossed out. Data in a computer's hard drive is stored permanently and is more like filing documents away in a cabinet.

"RAM is the working storage of a computer and designed to be impermanent," McCarron said. "Potentially your RAM is being modified up to several billions of times a second. The judge's order simply reveals to me a lack of technical understanding."

A "tap" can be installed in a server, McCarron offered. But that means keeping a running log of IP addresses and other information. A tap would also require a company to store enormous amounts of data, an expensive process, he said.

But lawyers who represent copyright holders cheered Chooljian's decision.

"Unfortunately for TorrentSpy, Judge Chooljian's decision may herald the end of an era," Richard Charnley, a Los Angeles-based attorney, said in a statement. "The process, if affirmed, will expose TorrentSpy's viewer-users and, in turn, will allow the MPAA to close another avenue of intellectual property abuse."

Lauren Nguyen, an MPAA attorney, maintains that because TorrentSpy is allowed to redact IP addresses, nobody's privacy is in jeopardy. "The user privacy argument is simply a red herring," Nguyen said. She also said that the judge "broke no new ground in the case." The courts have long considered computer RAM as "electronically stored information," she said.

To understand the significance of the decision, one must consider that many Web sites promise to keep users' information private. Some, like TorrentSpy, do this by switching off their servers' logging function, which typically records visitors' IP addresses as well as their activity on the site.

While protecting its users' privacy, TorrentSpy also makes it easier for those who download pirated material to work in the shadows, MPAA's attorneys argued. The MPAA has estimated that the illegal downloading of copyright movies costs the six largest U.S. studios more than $2 billion annually.

To prove that TorrentSpy was making it easier to share files, the studios told Chooljian that it was necessary that they obtain records of user activity. They convinced her that the only way to do this was to obtain the data from RAM.

Ultimately, pulling user information off a server's RAM might be a bigger privacy problem than it's worth, said one file sharer, who asked to remain anonymous.

"To imagine my information being disseminated without my written or verbal consent is unnerving," she said. "Then again, if I'm doing something I know is illegal, can I protest?"

[Hardrada]

Want My RAM? Here you go...

Let me just pop it out of the slot and give it too you.

[gm2net]

Stored in RAM?

Whoops, sorry, I tripped over the server's power cable while
performing "maintenance" on the UPS battery. Oh dear, all the
evidence is gone as the server shuts down.

[saa001]

This judge is nuts

The judges ruleing shows that she has no grasp whatsoever on techincal issues, anyone who has a ruidmentary understanding of how RAM works would see that this is not feasible (unless of course she intends to make it so difficult for TorrentSpy that they cave in and settle).

[Professor Cornbread]

I agree

What she is asking is really unfeasable. Does she expect to take a snapshot of the RAM every milisecond? Even every second would probably cripple the system. It just can't be done how the ignorant judge thinks it can be.

Can RAM be encrypted......?

[bob donut]

Impossible ruling

This is going to get overturned, I'm sure. It's unenforceable, for hundreds of technical reasons.good grief.

[ratdog1996]

Crazy

Just another way that normal people trying to run a business now have to pay hundreds of dollars for giant hard drives to store the RAM data. THis is completely ridiculous.

[ColdMast]

You may take my RAM

but you'll never take my freedom.
whats next the processor? (better check the cache)

this is great, love the drama in C|NET's News.com story

[Professor Cornbread]

Torrentspy is a tracker?

Correct me if I am wrong, but isn't TorrentSpy just a link to torrent files tracked by other servers? If so, then there is nothing illegal about download a .torrent file, which is simply a hash and server info, and contains no copyrighted content. If TorrentSpy isn't a tracker, how is downloading text files illegal?

[mbenedict]

Disclosure vs. legality

TorrentSpy monitors trackers; TorrentSpy is not technically a 'tracker' itself.

The issue isn't whether or not TorrentSpy is illegal, but 1) if they have a duty to disclose information about an illegal activity, and 2) by acting to hide information about illegal activities, are they now complicit as well.

An imperfect analogy is... what if an AOL user downloads child porn. Does AOL as the ISP have an obligation to turn over their IP logs? Sure it does. Even though AOL isn't party to the illegal activity, it still has obligations. Suppose AOL purposefully erases logs related to these child molesters; what now?

Similarly TorrentSpy has information about which IP addresses are sharing which files. If those files are being shared illegally, then TorrentSpy can be compelled to turn over information.

TorrentSpy tries to be clever by "turning off" its log files. Yet the information is really still there (in RAM.) So after all the legalities, TorrentSpy will be compelled to turn its logs back on, and then disclose the contents of those logs.

There is similiar precedent in the Grokster case. Grokster tried to be clever by having certain information passed through them in encrypted form, so they claim "no knowledge" of what is happening. But this strategy backfired, because the court instead viewed this encryption step as tacit acknowledgement from Grokster's part that illegal file sharing was happening.

So with TorrentSpy, the court sees that the only reason the logs are turned off is because TorrentSpy knows full-well illegal sharing is happening. Instead of just being a site that monitors trackers, they've become an involved actor, and maybe legally complicit in the act of illegally sharing files.

[braindelay]

happy to give up my RAM

You want just the RAM or should I give you my video card also?? You can have everything but my hard drive! :)

[i_am_still_wade]

We need tech savvy judges

Let us just think about it for a half a second.

The program that takes a snapshot of RAM is in RAM, right? How do we know that RAM snapshot program takes a snapshot of the RAM after every execution? The OS, which is also in RAM, doesn't schedule programs so that all they do is one RAM write and then switch to another. So how do we know that what is in RAM is everyone? And what about swap files, than is an extension of RAM, do we have to take a snapshot of them too?

You have to then write the size of your memory to the hard drive, which is always slower than RAM. And if you had 4 GB of memory, you are looking at filling up a 1 TB in hours (because HD are slower). If a HD was as fast as RAM, a 1 TB HD would fill up in seconds. The whole process would make the Intel 4004 chip seem as fast as lightning.

It is technically impossible. A tech savvy judge wouldn't cave in because the RIAA or MPAA says it is possible. They would laugh and tell them to fight piracy some practical way. I don't have a problem with RIAA and MPAA fighting piracy, my problem with them is how they fight piracy.

[cocos2000]

why every millisecond

who says how often and when?
restart your server, make RAM snapshot, give it to MPAA/RIAA
there we go!

[tonyokerson]

Indeed

Reminds me of the judge in England who had to interrupt proceedings at a trial to ask someone to explain to him what a web site is.....

[mikeburek]

Torrent Spy

Doesn't torrent spy also have links on it's front page to news or other legal video clips or legal video sharing sites.

Yeah, and it has links to torrents. Using the DMCA, I think even mentioning that a site like this exists is illegal. Or it was some type of added enforcement they wanted to add.

I remember there was one bill going around that would make it illegal to own anything that would enable the copying of copyrighted material. So I snail-mailed a blank CD to my legislators, including a nicely worded letter about rejecting that bill, and notified them that by even have touched that CD, they would also be in jail along with most of America for having handled something that enables copyright enfringement.

Anyway, I there is legal content on Bittorrent. So just my visiting the site does not make you an automatic crimial. Heck, that's where I've gotten tons of open source software when their mirror sites are slow. When the latest Ubuntu came out, the only had a web/ftp download first and not the bittorrent, so I went to torrentspy and downloaded it there blazingly fast. And then left my copy up for 2 weeks to help others get it fast.

Do you detain everyone who goes to the grocery store in the shady part of town. Sure, there's a "house of ill-repute" next door, but just because a person visits that shopping center, are they condemed as a criminal?

[chris_d]

Stick to typewriters, judge

I hope this judge never tries to use a computer. Her head could explode.

[arluthier]

Paperworld Comparison

This ruling is akin to saying that everyone at a corporation must file and keep EVERY sticky note they create, if you right a reminder on your hand... you must take a picture and file the picture, every meeting must be transcribed in verbatim, etc...

Simply because it was stored in memory... visual memory, short term memory, long term memory, etc.

Ridiculous. To me "store" means I am keeping it for future use... If I am using it right then and never again, that is "Using" not "Storing".

[erikjohnp]

That is not the import of the ruling...

The import is not that they must file and keep "every sticky note they create" ... but it probably does cover "every sticky note that is directly related to an underlying fact in an ongoing litigation that is created." And your definition of "storing" is not consistent with the obligations of parties in litigation.

[alegr]

Thought crime

No, it's more like "you have to record every thought you have".

[spruceman]

Judges Ruling

Despite the tech proficiency of a judge, it's just another nail in the coffin for privacy--for sure, one can guess at what the intent was despite the wording. The days for privacy and any kind of individual rights in this country, the world, are numbered and going fast, and will make even the former USSR look like a bastion of individual rights in comparison. Be lucky that we've had certain rights thus far---you can tell your children about these good old days before even Orwell's nightmare is exceeded.

[Bertbaby]

Privacy v. Piracy

It is interesting to note how a troglodyte judge considers privacy to of a minor concern as compared to the bigger perceived issue of piracy. I know I spend all sorts of hours up at night worried about how Hollywood and the record industry is going to make enough money to keep making their crappy offerings. And we were worried about the government eroding our rights?

[Dr_Zinj]

Another Incompetent Judge

Dr_Zinj, you are in contempt of court.

Ma'am, you are most certainly right about that.

Your ruling on RAM and the requirement to archive its contents for use in litigation against the very people that are being prosecuted is; one, a violation of their 5th ammendment rights against self incrimination; two, imposes an unacceptable financial burden on the people you impose this on; and three, shows you are not competent to have opinions on legal matters (or any other type for that matter) relating to information technology.

[RJBlackKS]

no doubt

if the MPAA wants that data for their discovery purposes, then I propose that they provide the storage medium for the data, and of course assure that they will be secure until a discovery motion has been filed, also the infrastucture needed to upkeep this storage medium, and also extra equipment to make up for the performance hit taken. I don't see why a company should have to pay beyond their means because another company has a dumb judge in their pocket, and for something thats against the constitution at that! Sounds pretty Stalinist to me.

[LuvThatCO2]

I think the proper headline for this story should be:

"Judges can be retarded, too"

How does one hand over whats in RAM??? Unbelievable.

[J_Satch]

Hardrada hit the nail...

...on the head in the first post!

To quote: "Let me just pop it out of the slot and give it too you."

:)

[JonP07]

quick format

a simple magnetic tape eraser will wipe the ram and drives clean in seconds. The drives will have nothing to retrieve but the drives will be history.

[Phillep_H]

Erase

Dynamic RAM needs voltage to keep the data. That's why it's faster than flash.

[MaqAttaq]

Even better solution for the RAM...

Even better... the power switch will take care of the RAM. Once the power is off, the RAM will erase itself fairly quickly.

Magnets won't work on the RAM, though.

[Highfield]

Want the RAM? No problem.

The judge stating RAM may be evidence, and therefore must be turned over, does not necessarily mean you have to maintain massive stores of historical images of the RAM. Don't do anything. And when the subpoena comes in you take a snapshot of RAM and give it to them. It would be useless as the alleged 'offense' would have happened previously an already been flushed from the RAM. After a few of these wasted efforts, I think they would give up on that idea.

[ethana2]

I like it.

Good thinking. That's the way to do it. Better yet, use Linux, make some kind of ram-encrypting kernel variant, and give them a snapshot of that. Hehee. Seriously-there's no end to the stuff you could pull here. Let them have it. Switch the servers' internal language to klingon.

[inetdog]

The judge's order is limited and practicable, the precedent is overreaching

The judge had a situation where the target (Torrent Spy) was in possession of information (user activity) which could justifiably be considered useful evidence in a lawsuit.
As a result, the court could order the target to turn over any relevant evidence they had, but could not require them to collect information that they did not already store. A very basic principle.

TorrentSpy argued that by turning off the web server's logging functionality, they avoided storing the information and therefore could not be compelled to turn it over.

The judge argued that even though they turned off the LONG TERM storage (the log) the information was still stored SHORT TERM in the RAM. He did not propose that TorrentSpy could be compelled to "turn over the contents of their server RAM", he said that since they were storing the information anyway (for however short a time) they could be compelled to present the same information in a report when ordered to do so. In effect the judge said "Since you are storing the activity information anyway, I can order you to turn the logging back on so that the specific information I am asking for is not destroyed. Then you can send to the court the specific information from the logs which the order covers."

An odd part of the decision is his assertion that some of the information requested "stays in the RAM for up to six hours". Possibly a reference to the fact that the server caches some information in RAM for operational reasons?

[Professor Cornbread]

Submit the logs on paper

Since they would like these bits of memory, akin to Post-it notes and scraps of paper, to be logged, then they should be logged on thousands of reams of paper for the MPAA to examine by hand.

[lakatu32]

Here is a snapshot of my RAM for the judge

http://www.saskschools.ca/curr_content/info10/module1/images/hardware/ram.gif

[ethana2]

Hmm...

That would probably have some kind of residual data images, depending on the technology. So you could just give them a random snapshot when they request it. Here. *deactivates server* *clears IP data* *takes ram snapshot* *reactivates server*

"Well, I don't see any IP logs... here's an openoffice instance... Hey! .odt's can be read in plaintext. Now I know why they like them."
"What's it say?"
"&%*$ you, MaFIAA. Over and over. No IP's here."
"We'll have to get a court order to allow us to install malware on their machines or linetap them or something..."
"Wouldn't that take longer than suing their children out of college funds?"