Forgot your password?
typodupeerror
The Internet Government The Courts Education News Your Rights Online

RIAA Wins In Court Against UW Madison 200

Posted by Zonk
from the when-you've-said-wisconsin-you've-said-it-all dept.
Billosaur writes "A judge has ordered the University of Wisconsin-Madison to turn over the names and contact information for the 53 UW-M students accused of file sharing over the university's networks by the RIAA. 'U.S. District Judge John Shabaz signed an order requiring UW-Madison to relinquish the names, addresses, telephone numbers, e-mail addresses and Media Access Control addresses for each of the 53 individuals.' The ruling came as no surprise to the university, which had previously rejected the request of the RIAA to hand out their settlement letters to alleged copyright violators on their campus. The school feels the RIAA will have a hard time tracking down who did the file-sharing anyway, as the IP addresses the RIAA has for the violations may be mapped to computers in common areas, making it difficult to determine just which people may have made the downloads."
This discussion has been archived. No new comments can be posted.

RIAA Wins In Court Against UW Madison

Comments Filter:
  • oh... (Score:5, Funny)

    by cosmocain (1060326) on Thursday April 26, 2007 @03:00PM (#18890103)
    ...how i hope that the ip-adresses can be matched to the biggest computer pools available at UW. and that all the login-data was lost in a miraculous backup-failure.

    did i say anything? why is it ringing at the door at that late time of day? what the f...AAAAAAAARGH...


    connection reset by peer.
    • Re:oh... (Score:5, Funny)

      by djSpinMonkey (816614) on Thursday April 26, 2007 @03:56PM (#18890981) Homepage

      did i say anything? why is it ringing at the door at that late time of day? what the f...AAAAAAAARGH...

      BEDEVERE: What is that?
      MAYNARD: He must have died while typing it.
      LAUNCELOT: Oh, come on!
      MAYNARD: Well, that's what it says.
      ARTHUR: Look, if he was dying, he wouldn't bother to type 'AAAAAAAARGH'. He'd just say it!
      MAYNARD: Well, that's what's typed in the post!
      GALAHAD: Perhaps he was dictating.

      • You forgot to say "obligatory Monty Python reference"

        Just for those people who've never seen Holy Grail.
        • You forgot to say "obligatory Monty Python reference"

          Just for those people who've never seen Holy Grail.
          We don't acknowledge people who have never seen Holy Grail. We waive our private parts at them and tell them to go away before we taunt them a second time.

  • No "win" (Score:5, Informative)

    by Anonymous Coward on Thursday April 26, 2007 @03:00PM (#18890121)
    They didn't "win in court". They filed suit, which UW Madison said they'd have to do before they'd give up the records.
    • Re: (Score:3, Insightful)

      by SeaFox (739806)

      They didn't "win in court". They filed suit, which UW Madison said they'd have to do before they'd give up the records.


      So they won in a way that didn't involve following judicial process and was much cheaper in legal bills.

      Yea.
  • Moral of the story (Score:4, Informative)

    by C_Kode (102755) on Thursday April 26, 2007 @03:03PM (#18890171) Journal
    The school feels the RIAA will have a hard time tracking down who did the file-sharing anyway, as the IP addresses the RIAA has for the violations may be mapped to computers in common areas, making it difficult to determine just which people may have made the downloads."

    The moral of the story is if you download illegal music; do it from a university and with a forged MAC. Of course, who's mac is it anyway? Are they going to get a subpoena for every single person that uses the university's network to supply their network cards so the mac address can be examined? That should be fun...
    • Re: (Score:3, Funny)

      by zappepcs (820751)
      Actually, I'm still waiting for the RIAA to send letters to TMobile asking for user names of those who downloaded files from a Starbucks hotspot.

      This would seem to be the best test of that little IP == user question.
      • Re: (Score:3, Informative)

        by illumin8 (148082)

        Actually, I'm still waiting for the RIAA to send letters to TMobile asking for user names of those who downloaded files from a Starbucks hotspot.

        This would seem to be the best test of that little IP == user question.

        Except for the fact that the case you mention might just be the *only* case where they could actually tie your credit card information to the IP address issued to that card-holder thereby proving it was either you, or somebody with access to your credit card that did the downloading... Not the

        • Funny last I checked people clone users mac addresses as they leave to surf for free and anonymously. Since open wifi is a shared medium it's easy to do.
    • by faloi (738831) on Thursday April 26, 2007 @03:24PM (#18890505)
      New anti-RIAA bumper sticker:
      "When MAC address spoofing is outlawed, only outlaws will spoof MAC addresses"
      • spoof? (Score:3, Funny)

        so when are we going to start seeing spoofs; maybe something like:

        hi, I'm a MAC address.
        and I'm the RIAA.


        just got to get hodgeman to do the voice-over and we're all set.
    • by Fozzyuw (950608)

      The moral of the story is if you download illegal music; do it from a university and with a forged MAC.

      Take my advice as a consumer: Sell CD's for $5 without DRM and I'd buy a lot more music. Otherwise, I'll wait for the next AllOfMp3.com to purchase music from. I'm sick enough of the P2P stuff. The radio and my current album collection works just fine for me.

      Cheers,
      Fozzy

    • by microbee (682094)
      Unfortunately, you need to provide your MAC to the university to register for the network connection in the first place. So they already have it.
      • by WiSparky (1093913) on Thursday April 26, 2007 @07:28PM (#18893793)

        Unfortunately, you need to provide your MAC to the university to register for the network connection in the first place. So they already have it.

        Actually, that's only partly true. UW networks that the average Badger (i.e. likely not to know how or why to spoof their MAC) would plug into are in one of three flavors.

        ResNet (wired in rooms in older dorms and wireless in common dining areas and new residence halls). ResNet requires every computer connected to it be registered with a campus NetId (http://www.housing.wisc.edu/resnet/netreg.php [wisc.edu]). Those registrations are attached to MAC addresses so that a device may move around ResNet without having to register to every new jack it encounters. Also, so that a quarantined machine stays in the quarantine subnet until it's cleaned. These registrations expire every 120 days, and IP leases roll faster than that, but the address doesn't change very often as you tend to get the same IP on a renew.

        DoIT (Division of Information Technology) Wireless, called UWNet, http://www.doit.wisc.edu/network/wireless/ [wisc.edu] is the main campus wireless and is in classroom buildings, the unions and libraries. A NetId is also required to authenticate each time one connects. These IP addresses probably move around faster. I'm sure DoIT complies with whatever policy is in place for keeping these records, but who knows how long that is.

        Wired library computers. These are the working girls of the campus network. One needs a student ID number to access them, but finding a lost card or snooping for a number is not hard. Nor is guessing the 1 digit activation code that needs to be added on the end to authenticate. Again, who knows how long these records are kept.

        Also, students in the res halls tend to use a certain jukebox program (comes with a popular music player) that advertises its shared library only within that hall's subnet - so no one external to that subnet is able to see that traffic.

        Long way around to saying these John and Jane Does are going to be a bit hard to pin down. Should be fun to watch.
  • by iamacat (583406) on Thursday April 26, 2007 @03:04PM (#18890187)
    For years, we have been struggling with performance of SSL, difficulty of choosing good passwords, vulnerabilities in encryption algorithms. No more! As evidenced by RIAA lawsuits, a new 100% reliable way to identify yourself online has been discovered - an IP address! After all, it's found to be a proof of identity in legal proceedings! Starting immediately, banking websites no longer have to ask for those pesky usernames and password. They can just use an IP address provided by ISP to give you an unrestricted access to your bank account. After all, US courts did much the same thing for RIAA.
    • Re: (Score:3, Insightful)

      by Kjella (173770)
      As evidenced by RIAA lawsuits, a new 100% reliable way to identify yourself online has been discovered - an IP address!

      Even if it came to a civil trial, the standard would be preponderance of evidence. What this is about is making a case before a judge that their opponents should be named, which would be considerably lower than what's required for a conviction. This is just the standard to have your day in court, since you obviously can't even hold the trial without an opposing party. Reasonable suspicion?
      • by nietsch (112711)
        And why would they have the right to that day in court when it is certain they will drop this suit once they have their coveted names to extort?
        This is a clear sign of corporatism, now where is that well regulated militia you were so proud of?

      • by iamacat (583406)
        Perhaps even lower, since more evidence can appear in discovery.

        What would that evidence be if I drop my FileVault image into trash and do a secure erase? It seems that one should show a probability of producing compelling evidence before dragging someone to court. If you have never identified yourself except by IP address and there is no immutable trail of your actions, this seems like a stretch.
      • by zCyl (14362) on Thursday April 26, 2007 @06:22PM (#18892993)

        This is just the standard to have your day in court

        Tip: Do not show up for court wearing your iPod.
  • The lawsuit path *has to be* a short-lived strategy while the RIAA attempts to get some othe revenue generating system in place.

    With DRM implementation plans facing so many hurdles has there been any talk of other avenues this organization might go down.

    I refuse to believe that the RIAA believes their current strategy of making examples of isolated individuals will work in the long-term.

    Are they fresh out of ideas or have I just missed some news on this front?

    Regards.
    • by jfengel (409917)
      EMI's experiment in non-protected sales of music may be the news you missed. That's a genuinely new model for them: put it out there at $1.29 and hope that people would rather buy it reliably from a store than depend on unreliable P2P networks, getting it from friends, etc.

      This model probably does still depend on considerable numbers of lawsuits. If P2P is unreliable it's only because they keep suing people, driving them out of business, and making people scared to keep their shares open lest the lawyers
  • Change title (Score:5, Insightful)

    by boobavon (857902) on Thursday April 26, 2007 @03:08PM (#18890241)
    Can we please for all future articles involving the **AA, instead of saying "**AA does something stupid again," we say "Sony and friend do stupid things again?" Slashdot can do its part in ruining the big labels/studios by revealing the true culprits.
    • by xtracto (837672)
      Or better yet, user your tags and put
      "SonyEvil" or "UniversalEvil", etc..
    • The acronym is SUE-W (Sony universal, [emi?], w???) for sue the world.
      dang- I've already forgotten the evil "W" company.
  • It's a misleading headline.

    It was an ex parte proceeding. It was not a "win". There was no one else in court. No one to oppose it.

    It was not against University of Wisconsin. It's against the "John Does".

    • by defile (1059)

      It's a misleading headline. It was an ex parte proceeding. It was not a "win". There was no one else in court. No one to oppose it.

      Did the university have any way to oppose this? Could they have, say, filed some kind of restraining order to force the RIAA to bring a proceeding against the university on the matter of uncovering John Doe identities?

  • by Critical Facilities (850111) on Thursday April 26, 2007 @03:12PM (#18890309) Homepage
    From TFA

    Generally, RIAA investigators monitor peer-to-peer file-sharing networks - in the UW-Madison case those were the Gnutella and AresWarez networks - and take down the IP addresses of those who are sharing files. The 53 UW-Madison IP addresses accounted for 24,977 shared audio files, according to court documents.

    How does monitoring which IP addresses were on these networks necessarily imply that they were trading copyrighted material? The same goes for the 24,977 shared audio files, who can say that those weren't audio recordings of lectures given by professors, or poetry, or local bands trying to get promotion, etc? Hell, for that matter, who's to say they were music/movies at all? Couldn't they have been ISO's of Linux Distro's, JPG's of the topless drunk prom queen, PowerPoint presentations that study groups were collaborating on via the internet?

    I realize that probably not everyone is innocent here, but in terms of PROOF, I just don't know about "facts" like these.
    • There's this nasty little concept where, when attempting to prove that you're right in a civil suit, you need to do so by a "preponderance of the evidence," as opposed to the more rigorous "beyond a reasonable doubt" standard used in criminal trials. It's a bit ironic really, since you can lose nearly everything in a civil suit, usually far and above what you lose in a monetary sense in a criminal suit. Ignoring that pesky "federal prison" thing, of course.

      But back to "preponderance of the evidence." Bas
  • "The school feels the RIAA will have a hard time tracking down who did the file-sharing anyway, as the IP addresses the RIAA has for the violations may be mapped to computers in common areas, making it difficult to determine just which people may have made the downloads."

    Oh, that won't stop them. I'm sure they'll be happy to offer an enterprise licensing settlement for every student at UW-Madison with auto-renewal on a yearly basis.

    Remember, if one infringes, they're ALL liable. ;-)
  • by dpbsmith (263124) on Thursday April 26, 2007 @03:12PM (#18890323) Homepage
    "The school feels the RIAA will have a hard time tracking down who did the file-sharing anyway."

    I didn't think they needed to? I thought that when the RIAA comes calling, what happens is that you get a notice saying you've already lost a court case some out-of-state court, because the judge rubberstamped their claim that this IP address is you, and now it's up to you to either a) pay a lawyer, go to court, and try to prove your innocence, or b) pay the nice RIAA their reasonable thirty-five-hundred dollars and get on with your life.

    • by StikyPad (445176)
      Or c) admit mea culpa. I know it's a stretch, but some of these people may have actually downloaded some craptastic RIAA-protected music on Kazaa.
  • Lucky for the RIAA that you can't change a MAC address. Oh, wait...
  • MAC addresses? (Score:3, Informative)

    by Weaselmancer (533834) on Thursday April 26, 2007 @03:30PM (#18890583)

    How is that going to help them find anyone?

    Hey RIAA - read this first. [irongeek.com]

    And everyone else too. Never hurts to know stuff like this, y'know. Just in case. Yeah. That's it.

    • Hey RIAA - read this first.

      For Windows and other OS'es on a laptop, a PCMCIA card is a simple solution. Most of the time you use the built in NIC. For other activities, use a slide in card. I use that for road warrier stuff. The built in connection is for my home LAN (Static IP & Gateway) and the slide in is for on the road (DHCP Lease). Having an extra slide in card is trivial. Making it vanish is trivial. Explaining it away is simple. My old one broke/lost and it has been replaced. Using it wi
  • by zappepcs (820751) on Thursday April 26, 2007 @03:44PM (#18890789) Journal
    Dear Mr and Mrs Joe Average

    We, the RIAA, represent copyright holders of digital content, and as such, it has come to our attention that you own a computer which is also connected to the Internet via Globalcom ISP.

    We have acquired web surfing logs from Globalcom, and have determined that several people in the Northern Hemisphere have been downloading music files illegally. Since you connect to the Internet via Globalcom we are prepared to offer you a discounted amnesty program. You may choose this option, sending us the requisite $5,000 payment via check or major credit card, or you may choose to wait till we take you to court, confiscate your computers, all the computers you have had access to, and the computing and entertainment devices of yourselves, all your family members, and anyone who has been within 50 feet of your wireless router.

    We cheerfully await your reply and are certain you will do the right thing.

    Sincerely,

    The RIAA
    • by HikingStick (878216) <z01riemer.hotmail@com> on Thursday April 26, 2007 @04:31PM (#18891597)
      Perhaps the legal community should spend some time with IT auditors. The real question that gets to the problem with the RIAAs tactics is "How do you know that...".

      When you keep asking that question, it opens up opportunities to ask about the processes used to derive the answer. You keep drilling down bit by bit until you know (to a reasonable certainty) whether or not they really know what happened or whether you are being snowed. It all breaks down once you get to the ISP-assigned IP address. Unless the ISP can attest to a certainty that a customer had the IP address, they can't get anywhere. Once the IP is known, present facts (and even demonstrations!) on IP spoofing. Ask if they (the RIAA) can attest to a certainty that the traffic they monitored came, in fact, from the legitimate IP address and not from a spoofed one. They often jump that hurdle, but I don't understand why the courts keep allowing the RIAA to insist that person A was on the other side of an IP or MAC address. They are allowed to present as fact that which has no proof whatsoever. Are our judges so tech illiterate that they cannot understand such simple concepts? Would they be confused if a letter was presented into evidence with a return address of 1313 Mockingbird Lane? Could they not comprehend that anyone can print ANY reuturn address on any envelope, and they can mail it from any city (not necessarily the writer's city of origin)?

      I'm just amazed by people who are so dense as to believe the entire snake-oil pitch thrown by the RIAA. Do they have a right to go after copyright violators? Absolutely? Should they be allowed to gill-net entire lakes just to prove the presence of an invasive species? No, no, a thousand times NO!
  • FYI (Score:2, Informative)

    by Khammurabi (962376)
    For reference:

    "UW-M" = University of Wisconsin - Milwaukee
    "UW" = University of Wisconsin - Madison

    Whoever submitted the article mistakenly used the wrong abbreviation.
  • UW vs. UW-M (Score:3, Informative)

    by proxima (165692) on Thursday April 26, 2007 @03:54PM (#18890959)
    This often comes up in stories about UW-Madison. The University of Wisconsin is a big system with many campuses. UW-M refers to the University of Wisconsin-Milwaukee. UW alone (pronounced "u double-u") refers to UW-Madison. By contrast, UW (pronounced "u dub", as I understand it) refers to the University of Washington.
  • oh, please. for decades now, you can soft-set mac addrs.

    worst case, kids, is you have to ditch your $5 ethernet card and buy another one ;)

    (that doesn't help with onboard ethernets though. for that, you'd have to ditch the whole mobo.)

    if I was a student and someone was going to finger me on my MAC addr, dumping my ethernet card would be one of the first defensive things I'd do.

    "hey, it just broke. not my fault. but I bought a new one just yesterday..."
  • Ok, so let's say that I loan my car to my friend on Saturday, who then runs a red light. Using the intersection photo, the police mail me a ticket. But of course, I wasn't the one driving.

    The **AA claim that they IP address 1) points to such-and-such computer, and 2) the owner of that computer must pay.

    Except in my analogy, the license plate doesn't change each time I turn on the car.

    Is that the same type of logic going on here? Can it be that simple to explain to someone like, say, a judge?
    • Here in Minnesota, such red-light cameras were deemed unconstitutional on a technicality (that the law enforcement officer did not directly witness the offense), but the issue was raised that some of the violations that were documented (before the cameras were ordered off) were of stolen vehicles or vehicles under the control of another. The question then comes down to how the laws are written--is the driver responsible for the illegal action, or the owner of the car? The biggest obstacle the RIAA is facin
    • by jotok (728554)
      Not so easy. They're going to go after the DHCP logs.

      When I went to school in the late 90s (I remember so well--a 10m ethernet cards strained my budget but it was worth it to play Quake) everyone had to register their MAC address. So if the school is doing this then they at least have a name to point a finger at.

      But, DHCP logs fill up pretty fast. Have they been retained all this time? I'm guessing the answer is no.
    • photo tickets take photos of the drivers face
  • by Kozar_The_Malignant (738483) on Thursday April 26, 2007 @06:07PM (#18892817)
    UW Madison should reply using the immortal words of our esteemed Attorney General, "'I have no recollection' of the passphrase to that encrypted file."
  • this RIAA shit.

    This has gone WAY too far. This is PLAIN OUT INTIMIDATION AND HARASSMENT. There is nothing legal to this.

    These bastards are doing a witch hunt, not unlike in Spanish Inquisition style, defining "names" from COMMONLY USED computer ips. (how does that happen, beats the hell out of me despite having been working in I.T. since 6 years).

    Just tell me if is there ANYthing about this different from what Spanish Inquisition did in 15th century ; compile a list of names from your so-called sus
  • Any organization that doesn't want to play this game should use NAT to map their public addresses to their internal network no matter how big their address range.

    Think about it. If you have a class C address range, and you psudo-dynamically (e.g. randomly) map each private (internal) address to a public address then there is no possibility of correlation.

    So the fixed servers are given fixed addresses, and the client machines get issued a public address when they go public. Do it in a first requested, next
  • by Robber Baron (112304) on Thursday April 26, 2007 @07:57PM (#18894079) Homepage
    So maybe the thing to do, if you're potentially in the **AA's sights is to set your P2P app to save all your swag to a USB HD and stash it in an undisclosed location if you think they're going to come calling. They could look for it, but I'm pretty sure they couldn't force you to reveal its actual whereabouts.
  • by Legion303 (97901) on Friday April 27, 2007 @03:10AM (#18897405) Homepage
    "Hey, why are there 1,700 different IPs all registered to 00-DE-AD-BE-EF-00?"

Algol-60 surely must be regarded as the most important programming language yet developed. -- T. Cheatham

Working...