MegaUpload arrests in New Zealand
NZ police have arrested four people connected with MegaUpload.com in New Zealand today at the request of the US FBI. They have been charged in the US "with running an international organized criminal enterprise allegedly responsible for massive worldwide online piracy of numerous types of copyrighted works through Megaupload.com and other related sites". (FBI press release.)
Comment
We have little faith in the fairness and appropriateness of the US's laws and processes around copyright and intellectual property. The US government is continually strengthening its copyright laws at the behest of the entertainment industry (see SOPA and PIPA) and is trying to pass laws that we would not like to see copied in NZ.
Will this NZ police cooperation lead to New Zealanders being arrested and handed over to the US for doing things that may not be serious offences in New Zealand? Which other countries' laws do New Zealanders have to obey when using the internet?
Whether this case is an example of good international cooperation or the US demanding other countries help enforce bad law is yet to be determined. We will be monitoring this issue closely and hope to publish more information as it is available.
Media Links
- FBI charges seven with online piracy (Wall Street Journal)
- Megaupload's Kim Schmitz arrested in Auckland, site shut down (3news)
- File-sharing website Megaupload shut down, NZ-based founder arrested (PC World NZ)
- File-sharing kingpin arrested in New Zealand at US officials' request (NBR)
- 'We're not pirates, we're just providing shipping services to pirates' (Wall Street Journal Law Blog).
- Why the feds smashed Megaupload (Ars Technica).
- Megaupload attempting to get back online (Stuff NZ)
Useful Links
- The FBI press release.
- The indictment.
- Statement from the NZ Police.
- The NZ extradition treaty (PDF) with the US.
- Ministry of Foreign Affairs and Trade's information about extradition from New Zealand
- Yes, copyright infringement can be criminal in New Zealand with imprisonment up to five years.
- Damning quotes from the MegaUpload owner's email.
Requirements for valid copyright infringement notices
Recently we examined some of the first copyright infringement notices sent by Orcon and noticed that they did not comply with the regulations.
The omissions are significant and make it harder for the accounts holder to challenge the notice on the facts, but we believe there are excellent grounds for challenging the notice because the notice itself is invalid. The rights holders may or may not accept this but ultimately it will be up to the Copyright Tribunal to make the final decision.
Notice Requirements
So, what are the requirements for a valid infringement notice? They're spelt out in two places - the Copyright Act (mainly section 122) and the associated Copyright (Infringing File Sharing) Regulations. We'll only be looking at the requirements for the notices from the ISP (internet service provider) to the account holder (the person paying for the internet connection).
A detection notice must include:
Are some Copyright Infringement notices invalid?
One of the outstanding issues of the changes to the Copyright Act has been whether rights holders would issue notices that comply with the law. Since our regulations outline a number of detailed requirements for notices, rights holders cannot simply pass on whatever they send in other countries.
The first few issued notices are starting to leak out and it appears that they do not comply.
An Orcon user posted to the 3strikes forum copies of the notices they received. Comparing the information provided on those notices to the law and regulations, we noted the following problems:
- There is no description of the type of work as per 14(1) of the Copyright Act. (Regulations 4(2)c(iii).)
- The nature of the breach (as described by 15(1) of the Copyright Act) is not specified. (Regulations 4(2)c(iv).) The notice only says a breach has taken place, not the nature of it.
- The date and time given on the first notice is not specified to the second. (Regulations, 4(2)c(v).)
- The file sharing application or network is not specified. (Regulations, 4(2)c(vi).)
- The notice number does not include information that identifies the type of notice or the IPAP that sent it. (Regulations 5(2)(b) & (c).)
These details matter because the account holder needs to understand what they are accused of so that they can properly defend themselves.
Account suspension
We are also deeply concerned that the notice makes the claim that your Internet connection can be suspended by the District Court for up to six months. This part of the law has not yet been activated, and it is alarming that notices are already misleading users on possible penalties. Orcon should not be making such claims.
Concluding questions
The notices as posted do not comply with the requirements of the law and regulations.
Does this mean that they are invalid and can be challenged (or ignored) as such?
Will the Copyright Tribunal accept them as valid or not?
Does this mean that all notices sent through Orcon are invalid?
Kiwicon – The government is your friend
The government is your friend and wants you to be happy.
This is the transcript of a speech given by Thomas Beagle at Kiwicon in Wellington on November 6th, 2011.
MED confirms talks about centralised copyright notice system
The Ministry of Economic Development has confirmed that it has been involved in talks about a centralised system for handling copyright infringement notices (see earlier article).
These talks have included meetings with representatives from IPSafe (www.ipsafe.co.nz) and Datacom (www.datacom.co.nz). IP Safe's website is rather minimal and they have not responded to our queries. Their record at the Companies Office lists three directors, Chris Riddell, Wared Seger and Adel Shahin.
They also note that the Telecommunications Carriers Forum (TCF) submission about the law suggested that a centralised system run by the government would be the best approach, but this was not picked up by the Select Committee.
The MED goes on to say that they are not in the process of considering such a system and "that specific arrangements for the implementation of the Act are a matter for Internet Service Providers to agree on between themselves."
The questions have to be: why is Datacom involved and who are they working on behalf of? Who are IP Safe and what is their involvement?
Interview – Cyberdodge VPN service
An interview with Ross from Cyberdodge, a supplier of VPN services that enables internet users to hide what they do on the internet.
What inspired you to offer the service?
People will always choose the easiest way to get the latest movies and TV shows and downloading off the internet is it. Unfortunately options are now limited to VPN tunnels not only for p2p but also for using an American IP address to get access to TV sites like www.hulu.com.
Are you getting many customers and what do they want it for?
Yes I am. VPN tunnels have a number of uses that include getting an American IP address to watch tv sites such as hulu.com, encrypt internet traffic when they are using a public WiFi point and of course hiding their real IP address.
How do you feel about the fact that some of your customers will probably be using your service to break NZ law?
No Comment.
What sort of information do you keep about your customers?
We only keep the email address.
What sort of information do you keep about your customers connections? (Such as when they connect, how long they connect for, anything they do through the service.)
We do not log what the user does or transfers over our network but we do log the time of connection and disconnection. We use this data to strategically deploy network resources. We also log the country the user is logging in from, this helps us to detect hijacked accounts and abuse. We do not log IP addresses.
Do you think your business has an obligation under the Telecommunications (Interception Capability) Act to allow the NZ police or other enforcement agencies to monitor traffic?
No, I am not a network operator. A network operator means a person who owns, controls, or operates a public telecommunications network or a person who supplies (whether by wholesale or retail) another person with the capability to provide a telecommunications service. CyberDodge does not provide anyone else with the capability to provide a service and CyberDodge is not a public telecommunications network. Public telecommunications network means a public switched telephone network and a public data network. CyberDodge is not a public switched telephone network nor a public data network. A public data network means a data network used, or intended for use, in whole or in part, by the public and includes, without limitation, the following facilities: Internet access and email access. CyberDodge requires that you have internet and email access already. This law applies to ISPs, which CyberDodge is not.
Do you think your business has an obligation under the Copyright (Infringing File Sharing) Act to store customer IP addresses so that you can pass on notices?
No, I am not a IPAP. IPAP, or Internet protocol address provider, means a person that operates a business that, other than as an incidental feature of its main business activities, offers the transmission, routing, and providing of connections for digital online communications, between or among points specified by a user, of material of the user's choosing and allocates IP addresses to its account holders and charges its account holders for its services and is not primarily operated to cater for transient users. CyberDodge does not offer the transmission nor providing of connections for digital online communications. CyberDodge only routes digital online communications. This law applies to ISPs and CyberDodge is not a ISP.
Ministry of Economic Development says “ISPs” not liable for copyright infringement
[This article has been corrected. Please see explanatory note at the end.]
Liability under the new copyright law
One of the issues that we and many others have with the new copyright law is that it unfairly penalises people for the actions of others. You're either an IPAP (a very tight definition of ISP) or an account holder, and if you're an account holder you're liable for the actions of anyone using that internet account.
This means that hotels will be liable for the actions of their guests, universities for the actions of students, the person paying the bill will be liable for their flatmates, and you'd be better be careful about which of your guests you let use your internet while they visit your house.
Ministry of Economic Development advises differently
However, it seems that the Ministry of Economic Development has a different interpretation of the law. The owner of a homestay, concerned that as the account holder he would be liable for his guests, recently contacted the Ministry of Development.
The advice he received from the Ministry was that if he is providing internet services but does not meet the requirements to be an IPAP under section 122, then he must be an ISP and would be safe from liability according to section 92B.
Furthermore, if he received an infringement notice he just had to respond and say that he ran a homestay and that would be the end of it. As he observed, "What's to stop anyone claiming that their house is a homestay?"
Our interpretation
We don't find this interpretation particularly convincing (nor did we find it convincing when the NZCS made a very similar argument in their submission (PDF) to the MED).
The intent of the Copyright (Infringing File Sharing) Act seems to be to catch everyone. If we accept the MED interpretation, the definition of ISP in the Copyright Act is so wide that anyone who shared their internet connection with another would thereby be able to claim immunity under it. The law would be fatally undermined.
While we think that this wouldn't be a bad thing, as it would remove liability from account holders who shared their internet and thus avoid the problem of punishing people for the actions of others, it seems clear that this is not the intention of the law makers.
Ultimately this argument will be tested at the Copyright Tribunal and possibly in court, but for now we caution against relying on this advice from the Ministry of Economic Dvelopment. This means that you should assume that the account holder will be liable for any infringing file sharing performed over their internet connection.
[Correction: The article as originally posted said that the advice was from the Ministry of Justice. The MoJ contacted us to deny giving advice to anyone. We followed up with our original source and managed to establish that the advice was actually from the Ministry of Economic Development. We apologise for the error.]
Rights holders to develop centralised infringement notice system?
An update on the enforcement provisions of the Copyright (Infringing File Sharing) Act.
Where are the notices?
We've not received one notice in response to our request for copies of copyright infringement notices sent under the new law. From speaking to ISPs, it seems that very, very few notices have been received at all.
What are the rights holders doing?
Secondly, we heard some very interesting rumours about what the major rights holders organisations are doing. (Please note that this is rumour - but from a source that we trust.)
No one will be surprised to hear that the rights holders were very unhappy about the $25 per notice fee set in the regulations. NZFACT (NZ branch of the US MPAA) believes that they should be "just a matter of cents".
Indeed, we've been told that they're not going to be sending out any notices even though they heralded the law as a vital protection for their NZ$2.5 billion industry.
Instead they are talking to ISPs and offering to fund a centralised system for the management of the infringement notice process. This is obviously with the aim of making it much cheaper for the ISPs, so that they can go back to the Ministry of Economic Development to get the per notice fee reduced at the six-monthly review.
Some questions
This raises a number of questions:
- How will the centralised notice system work?
- Who will have access to the system and under what terms? Is it just for the major rights holders or will it be open to everyone?
- It will be necessary for any system to have some account holder details included (for matching purposes) - who will have access to this information? Won't this circumvent the law's careful approach to maintaining account holder privacy?
- And finally, what's in it for the ISPs?
Contact us
If you know anything about this proposal we'd love to hear more.
Send us your copyright infringement notices!
September 1st is the start of the new copyright regime, where rights-holders can send infringment notices to people they accuse of infringing their copyright.
We would like copies of those notices. This will allow us to help monitor how the law is being used, including:
- assessing the quality of the notices
- finding out who is sending them and for what sort of works
- help us detect anyone abusing the system
Please email your notices to notices@techliberty.org.nz. Feel free to include other information including whether you deny the allegation or not. We promise to keep your name and other identifying details private.
The Infringing File Sharing Act starts today
Welcome to the new world of the Copyright (Infringing File Sharing) Act.
This is the law that:
- Makes internet account holders liable for the actions of others, even when there is no reasonable expectation that they could control their behaviour.
- Will make it very hard for anyone, including universities, libraries, motels and cafes, to offer internet access to their patrons as they can't risk penalties of up to $15,000.
- Can fine people for downloading material that isn't even available for purchase in New Zealand.
- Takes away the right to be assumed innocent until proven guilty, by assuming that complainants are telling the truth, leaving people having to prove that they didn't do something.
While the law comes into effect on September 1st, notices can be sent for activity up to 21 days earlier. This means that you could get a notice for any activity from August 11th onwards - today.
What's covered?
The law is meant to be aimed at people infringing copyright by downloading material without permission over peer to peer (P2P) file sharing - BitTorrent, eDonkey, etc. However it is written in such a way that it might be possible to use it for other forms of online infringement such as downloading from websites or watching streaming video. We'll be testing that further from September 1st.
Who is at risk?
The person whose name is on the internet account. They're liable for the actions of all people who use that internet account.
What can I do to protect myself?
If you're the account holder, make sure you know what everyone who uses your internet is doing. Don't let people use your account if you don't trust them not to download infringing material via file-sharing.
More information
- Our article, What you need to know about the new copyright law.
- Flowcharts showing the processes included in the law (thanks to the TCF).
- Think you can become an ISP/IPAP and thereby pass your liability on to your users? Our article explains why you probably can't.
- 13 reasons why the Infringing File Sharing Act is bad for you by Christopher Wood.
- 3 Strikes NZ website about the new law.
- Information from the Ministry of Economic Development.
- The text of the law.
