# Judge: IP-Address Doesn’t Identify a Movie Pirate



## qubit (Apr 11, 2015)

Nice to see when a judge understands the obvious, isn't it? I do wonder how many of those others who "don't get it" have actually been bought and paid for? They might just be clueless, but we can't discount corruption, especially with the links that some of them have with the content industry.

Thankfully, it's not the first time that such a subpoena has been denied, which should actually happen every single time, given that the evidence is faulty. We need more people like Judge Ungaro standing up to Big Content.



> Due to the risk of 'false positives', an allegation that an IP address is registered to an individual is not sufficient in and of itself to support a claim that the individual is guilty of infringement,” wrote the Judge citing a 2012 case, one of many examples.
> 
> As in those cases, Plaintiff here fails to show how geolocation software can establish the identity of the Defendant. Specifically, there is nothing linking the IP address location to the identity of the person actually downloading and viewing the copy righted material and nothing establishing that the person actually lives in this district. Even if this IP address is located within a residence, geolocation software cannot identify who have access to that residence’s computer and who would actually be using it to infringe Plaintiff’s copyright








The link shows the full judgement.

https://torrentfreak.com/judge-ip-address-doesnt-identify-a-movie-pirate-150410


----------



## 64K (Apr 11, 2015)

IP address alone isn't enough. Some people have an unsecured wireless network and neighbors can access the net through it. Not many do, granted, but it can still be used as a defense.


----------



## Mussels (Apr 11, 2015)

not to mention anyone with time and patience can hack wifi of most commercial routers, i did it for a while on a bunch of my spares - around here the older, common wifi G routers from the most common ISP could be hacked anywhere from 15 minutes to 4 days.

Someone planning criminal activities could easily take their time and grab a few neighbours wifi credentials and do the deed, let alone the obvious of letting a friend/family member connect a phone/tablet/pc up and a torrent auto starts...


----------



## Easo (Apr 11, 2015)

When there is one IP for the whole buiding block, then yes, I agree. Harder to argue when client has unique static adress...
Anyway, ISP have (at least should have) logs, so it should be possible to find out who did what.


----------



## qubit (Apr 11, 2015)

Easo said:


> When there is one IP for the whole buiding block, then yes, I agree. Harder to argue when client has unique static adress...
> *Anyway, ISP have (at least should have) logs, so it should be possible to find out who did what.*


Well no, they can't tell, that's the whole point. It doesn't show the actual person doing the file sharing and that has to be proved if a conviction is gonna stick.

This also applies when it's one person living alone.


----------



## FordGT90Concept (Apr 11, 2015)

IP address only identifies a network interchange.  In the case of a WAN IP, it can only get to the correct address or apartment number.  The culprit can be anyone or anything (a computer infected with malware, for example) connected to that IP address.  An IP address may be sufficient for a search warrant but no more.  At the same time, I'd argue copying data, copyrighted or not, does not constitute a crime because there was no theft--both parties in the transaction are not losing anything.  I'd argue the intellectual property owner doesn't even have standing in these cases because they can't prove they were damaged by the exchange.  That is to say, they can't prove they lost money because they can't prove that exchange would have otherwise translated into a sell (revenue).

Now, if that exchange was content that is highly illegal (e.g. child pornography), then that search warrant should be served and they should attempt to find the computer that did it.  Once they find it (if they could) a normal investigation must follow to figure out who used that computer, when.  If they're certain they got the right individual, then they can go to a judge and press charges.


----------



## Easo (Apr 11, 2015)

qubit said:


> Well no, they can't tell, that's the whole point. It doesn't show the actual person doing the file sharing and that has to be proved if a conviction is gonna stick.
> 
> This also applies when it's one person living alone.


What if I told you police can ask ISP for logs if they believe they have found someone guilty?


----------



## blobster21 (Apr 11, 2015)

Not only ISPs, schools have to provide connection logs to the cops if prompted to do so by a court injunction.


----------



## ChristTheGreat (Apr 11, 2015)

blobster21 said:


> Not only ISPs, schools have to provide connection logs to the cops if prompted to do so by a court injunction.



In Canada there is a Law: Any juvenile porno suspected, ISP must give the information to the police, cause they can be fined. For a enterprises, this could go up to 100 000$



FordGT90Concept said:


> IP address only identifies a network interchange.  In the case of a WAN IP, it can only get to the correct address or apartment number.  The culprit can be anyone or anything (a computer infected with malware, for example) connected to that IP address.  An IP address may be sufficient for a search warrant but no more.  At the same time, I'd argue copying data, copyrighted or not, does not constitute a crime because there was no theft--both parties in the transaction are not losing anything.  I'd argue the intellectual property owner doesn't even have standing in these cases because they can't prove they were damaged by the exchange.  That is to say, they can't prove they lost money because they can't prove that exchange would have otherwise translated into a sell (revenue).
> 
> Now, if that exchange was content that is highly illegal (e.g. child pornography), then that search warrant should be served and they should attempt to find the computer that did it.  Once they find it (if they could) a normal investigation must follow to figure out who used that computer, when.  If they're certain they got the right individual, then they can go to a judge and press charges.



I guess that having the IP, address, they can get a Mandate, if the thing is illegal, then after, if there is more than 1 person, they could do something like, if no body tell us, they could tell you you are partner in crime, or
obstruction of justice, this is also bad.

As for the WAN IP, it depends of the encryption I guess. I remember talking with an ISP, the guy has been able to tell us that the packet received on the SMTP port, the local IP that send it ( as there is no encryption), but I could be wrong (I am sure the guy told me and it was the right one)


----------



## FordGT90Concept (Apr 11, 2015)

Every packet has the source (ip:port), destination (ip:port) and some payload.  Just because a port points to a common use port doesn't mean the payload is of that common use port type.  Port numbers don't dictate their use.  For example, if a server and client was set up to use SMTP (25) for HTTP (normally 80), there's nothing stopping it from happening.


----------



## Steevo (Apr 11, 2015)

The IP means nothing about any person, and until they start forcing ISP's to provide per device connections with unbreakable security its a worthless idea, and worse if they tried it. 

As mentioned a WAN IP belongs to the modem, once it transverses to the other side there is no way you can prove who did what, if its unencrypted you could logon and download whatever, or if its been hacked you could get your neighbors in trouble, or if an ISP were to share the connection with other devices http://wifi.comcast.com/faqs.html or users that then could make you ultimately responsible for what an ISP and a unethical user has done. 

So yeah, fuck them for trying this crap, having their cake and eating it too, then wanting yours too.


----------



## blobster21 (Apr 11, 2015)

what about ipv6 in the future ? each and every individual devices will have a unique IP, would it be enough "to support a claim that the individual is guilty of infringement" ?


----------



## Steevo (Apr 11, 2015)

blobster21 said:


> what about ipv6 in the future ? each and every individual devices will have a unique IP, would it be enough "to support a claim that the individual is guilty of infringement" ?




They will still be behind a router, which means it still doesn't work like that.


----------



## blobster21 (Apr 11, 2015)

To my understanding, router would no longer assume the role of DHCP, we'd get our IPV6 adress directly from the ISP, thus making it possible to identify everything / everyone individually. it's just an assumption !


----------



## FordGT90Concept (Apr 11, 2015)

blobster21 said:


> what about ipv6 in the future ? each and every individual devices will have a unique IP, would it be enough "to support a claim that the individual is guilty of infringement" ?


Even then, there's little stopping someone else from picking up someone else's device and using it before they return.  Long story short, it is very difficult to prove a specific person is using a specific IP address.  That's why only a few copyright cases are won by IP owners (and usually in cases where the individual confessed).




blobster21 said:


> To my understanding, router would no longer assume the role of DHCP, we'd get our IPV6 adress directly from the ISP, thus making it possible to identify everything / everyone individually.


No, IPv6 allows more devices to connect directly to the internet (read: tablets and smartphones).  If you have multiple devices connecting to the same WAN address, it will still utilize Network Address Translation (NAT).  IPv6 changes nothing in regards to multiple devices hiding behind NATs.


----------



## Kursah (Apr 11, 2015)

blobster21 said:


> what about ipv6 in the future ? each and every individual devices will have a unique IP, would it be enough "to support a claim that the individual is guilty of infringement" ?



NAT and PAT play a factor here, along with many ISPs providing dynamic WAN IP addresses, meaning sometimes all you gotta do is unplug your router for a bit, plug it back in and now you have a new WAN IP.

IPv6 can do what you're asking, because of the 128-bit range it has, but it will be some time before IPv6 is implemented, let alone where each device has its own address, even then, the standards so that every device has a public IP address still have some hurdles to cross last I checked.

Also, nobody has mentioned if a user is utilizing a secure VPN tunnel, this adds an extra layer of trying to prove anything on that IP address, and would require more resources. They'd want to make damn sure they weren't busting someone that was working from home instead of the dude down the block that is in-fact downloading the illegal files in question.

+1 to what Ford and Steevo are saying.


----------



## qubit (Apr 11, 2015)

Easo said:


> What if I told you police can ask ISP for logs if they believe they have found someone guilty?


What about it?


----------



## Potatoking (Apr 11, 2015)

There is no NAT equvalent for ipv6, since it is longer needed, there is just dhcp with pool of adresses


----------



## FordGT90Concept (Apr 11, 2015)

That would mean the entire internet infrastructure is only composed of switches and no routers.  That is not the case and will never be the case.  NAT is here to stay because it is impractical to connect a thousand devices to thousand discreet internet connections.  Addtionaly, it makes more sense to have one great corporate firewall than a lousy firewall on a thousand devices.  The structure of the internet today is the way it would have naturally evolved even if IPv6 existed before IPv4.

IPv6 is being pushed out to ISPs so there's more room for wireless devices.  It will eventually proliferate through consumers but that won't eliminate NATs.  Even then, it's irrelevant because even if every device had a globally static IP, it is still difficult to prove who was using the device at the time the alleged crime was committed.


----------



## twilyth (Apr 11, 2015)

I think having the IP address is technically enough to get a subpoena.  After all, they're just looking to investigate whomever is at that IP address.  The problem is that practically speaking, once they have the user information what happens is that the user gets threatened with a law suit if they don't pay up.

Since most such suits could probably be won with a sufficiently vigorous defense, it doesn't really make sense to grant the subpoena in the first place.  

Let's say you have the simplest case of a person living by themselves with no wireless capabilities in the router.  The defendant can still argue that his signal was intercepted illegally or someone with access to the premises did the deed.  So there's really no situation where you could conclusively prove that the person associated with the IP address was responsible.

But since the standard of proof in civil cases is 'preponderance of the evidence' rather than 'beyond a reasonable doubt' there are probably some situations like the example above where the plaintiff could conceivably get a favorable verdict.

So you're really back to the issue of how many people are really going to have the will and the resources to even mount a defense.  Since it's a very small minority, I don't think they should be allowed to have the subpoena.  But this is based on purely pragmatic rather legal grounds.


----------



## Steevo (Apr 11, 2015)

twilyth said:


> I think having the IP address is technically enough to get a subpoena.  After all, they're just looking to investigate whomever is at that IP address.  The problem is that practically speaking, once they have the user information what happens is that the user gets threatened with a law suit if they don't pay up.
> 
> Since most such suits could probably be won with a sufficiently vigorous defense, it doesn't really make sense to grant the subpoena in the first place.
> 
> ...





Well said, but then it causes the question of David VS Goliath "how many people are really going to have the will and the resources to even mount a defense" and how the legal system is supposed to be fair, and unless something is in plain site http://en.wikipedia.org/wiki/Plain_view_doctrine so any data on a computer, phone, or other device that may be password protected shouldn't be searchable? And the attempt to force someone to give up a password is illegal, much like if someone has a pound of crack, but its under lock and key....... 
when the police were there for a noise complaint. 

So we have to define again what an object is, if they start issuing warrants or subpoenas for "any electronic device connected to" that may mean, by default you become responsible for your friends, neighbors, passerby, and any other objects that may connect to or through your WAN IP address, even though your ISP allows other customers to use your IP for their data needs.


----------



## 64K (Apr 12, 2015)

It's not possible to enforce. Most gamers like Good Old Games and CD Project RED but they went after pirates and failed and it changed their PR strategy entirely.

http://www.forbes.com/sites/erikkai...favor-another-lesson-in-building-brand-trust/

The last I read was The Witcher was the most pirated game.


----------



## FordGT90Concept (Apr 12, 2015)

When you do absolutely nothing to prevent piracy, that makes the game easy to pirate and also easy to track because no one is actively trying to cover the trail.  I'm sure GTA5 will shatter records for piracy (if it hasn't already) but stats likely won't show it because it's mostly pirated through private means (private trackers, multiple users on one account, bootleg copies, and so on).


----------



## Steevo (Apr 12, 2015)

I have no doubt with packet capture tools they will find a way to make it look and act like its live on Social Club on the local LAN with a few firewall rules to redirect and a web service running that takes up a few MB and reads and responds from a packet replay.


----------



## 64K (Apr 12, 2015)

FordGT90Concept said:


> When you do absolutely nothing to prevent piracy, that makes the game easy to pirate and also easy to track because no one is actively trying to cover the trail.  I'm sure GTA5 will shatter records for piracy (if it hasn't already) but stats likely won't show it because it's mostly pirated through private means (private trackers, multiple users on one account, bootleg copies, and so on).



GTA V will probably be pirated more than any game in history simply because of it's popularity. I pirated videogames when I had my Commodore 64 back in the mid 80s but we didn't call it that then and all a BBS had to do was hide the cracked games section until a member was recognized. There wasn't any internet to go on to buy games that couldn't be found at any store then so that's what we did.

There has always been a way to play and not pay for people due to digital-deniability.


----------



## R-T-B (Apr 12, 2015)

FordGT90Concept said:


> That would mean the entire internet infrastructure is only composed of switches and no routers.



No, that just means you don't hide behind one IPv6 IP.  You get a network of your own to play with, usually a /64 type.

He's actually right.  I tried to explain this earlier, NAT is deprecated in IPv6.  There is no concept in 90% of router firmwares out there for NAT, and those that have it are likely CISCO grade crap which no one in their right mind would buy for a home setup.

They did set up a range for NAT in the development phase which is considered "private addresses," but it's largely unused and it's use is actually discouraged.


----------



## twilyth (Apr 12, 2015)

64K said:


> There has always been a way to play and not pay for people due to digital-deniability.


True, it just gets more expensive in many cases.  For example these days in the US if you're not using a VPN while doing certain things, you're just begging to get DMCA notices - which is fine until someone decides to send you more than just a notice.


----------



## Steevo (Apr 13, 2015)

R-T-B said:


> No, that just means you don't hide behind one IPv6 IP.  You get a network of your own to play with, usually a /64 type.
> 
> He's actually right.  I tried to explain this earlier, NAT is deprecated in IPv6.  There is no concept in 90% of router firmwares out there for NAT, and those that have it are likely CISCO grade crap which no one in their right mind would buy for a home setup.
> 
> They did set up a range for NAT in the development phase which is considered "private addresses," but it's largely unused and it's use is actually discouraged.




At the current rate of IPv6 adoption we will have to worry about it in 5-10 years, too much legacy hardware exists and is in use to make a full implementation, plus NAT offers some security to consumers.


----------



## R-T-B (Apr 13, 2015)

Steevo said:


> At the current rate of IPv6 adoption we will have to worry about it in 5-10 years, too much legacy hardware exists and is in use to make a full implementation, plus NAT offers some security to consumers.



Comcast has pushed out IPv6 all over the west coast.  It's coming very quickly.  And the actual published standards deprecate and discourage NAT use, not just firmware implementations.  It's being said that the solution would be some kind of software firewall deployment or maybe a network bridge of sorts with a firewall built in.

It's already an issue for a large number of americans on the west coast thinking they don't need a software firewall because they are behind NAT.  If they are a comcast user, their IPv6 IP is likely completely open and public.

Still, I agree that IPv4 will be with us for a VERY long time yet...


----------



## Easo (Apr 13, 2015)

qubit said:


> What about it?


The fact they will find "you" and prove that "you" did download that movie.
Hard to play fool when they show logs to judge.
Of course, there are various legal aspects, but...


----------



## qubit (Apr 13, 2015)

Easo said:


> The fact they will find "you" and prove that "you" did download that movie.
> Hard to play fool when they show logs to judge.
> Of course, there are various legal aspects, but...


As has been explained several times on this thread now by various people, no IP address can show the _actual person_ who did the infringing download, no matter how accurate the logs are. Therefore they can't prove squat.


----------



## twilyth (Apr 13, 2015)

Another thing to consider is how much proof does a plaintiff have to produce in a civil case before the burden shifts to the defendant.  For example, it's possible that logs associating a particular individual with a particular illegal download is enough to make a prima facie case against that person.  If so, then the burden can shift to the defendant to show why the plaintiff's evidence is incorrect or to put forward an affirmative defense.

http://courts.uslegal.com/burden-of-proof/shifting-burden-of-proof/



> Another example of a shifting burden is that in employment discrimination cases. Once the plaintiff has met his or her burden of proof by establishing a prima facie case, the burden of proof shifts to the defendant to show some non-discriminatory reason for its action. If the defendant essentially meets that burden of proof by presenting legitimate reasons for the alleged action, the burden again shifts back to the plaintiff to show that the proffered “legitimate” reasons were *pretextual.*


----------



## qubit (Apr 13, 2015)

twilyth said:


> Another example of a shifting burden is that in employment discrimination cases. Once the plaintiff has met his or her burden of proof by establishing a prima facie case, the burden of proof shifts to the defendant to show some non-discriminatory reason for its action. If the defendant essentially meets that burden of proof by presenting legitimate reasons for the alleged action, the burden again shifts back to the plaintiff to show that the proffered “legitimate” reasons were *presexual.*


Sorry, I'd seen some hot babe on the internet and my mind was somewhere else.


----------



## dorsetknob (Apr 13, 2015)

twilyth said:


> For example, it's possible that logs associating a particular individual with a particular illegal download



Logs do not associate a particular individual with a particular illegal download.

Logs  associate to a IP address



qubit said:


> Sorry, I'd seen some hot babe on the internet and my mind was somewhere else.



link please or we don't believe you   no pic tho don't want to be too distracted


----------



## twilyth (Apr 13, 2015)

dorsetknob said:


> Logs do not associate a particular individual with a particular illegal download.
> 
> Logs  associate to a IP address


True, but that doesn't prevent the presumption from being made.  For example, if your car is caught on camera going through a red light, you're presumed to be the driver and get the ticket.  The burden then shifts to you to prove that you were not in fact the driver.



> Among the points made by Eros were a) the denial of the right to confront and cross-examine adversarial witnesses, b) t*he presumption that the registered owner of the vehicle is guilty, regardless of who was actually driving, thereby destroying the presumption of innocence,* c) an unverified chain of control of the alleged (photographic) evidence, and d) the lack of scientific reliability of the cameras to warrant unquestioned acceptance into evidence.


http://blog.motorists.org/four-winning-defenses/


----------



## dorsetknob (Apr 13, 2015)

twilyth said:


> True, but that doesn't prevent the presumption from being made. For example, if your car is caught on camera going through a red light, you're presumed to be the driver and get the ticket. The burden then shifts to you to prove that you were not in fact the driver.



presumption from being made. is not the same as proof
is heresy classed as Proof

As one Ex UK Minister did in a similer case until he F**ked himself by shagging outside his marriage

He got away with it till the pissed off wife grassed him up during the divorce


----------



## R-T-B (Apr 13, 2015)

qubit said:


> As has been explained several times on this thread now by various people, no IP address can show the _actual person_ who did the infringing download, no matter how accurate the logs are. Therefore they can't prove squat.



In America...

The posted is in Latvia.  I betcha judges there disagree.


----------



## twilyth (Apr 13, 2015)

dorsetknob said:


> presumption from being made. is not the same as proof
> is heresy classed as Proof
> 
> As one Ex UK Minister did in a similer case until he F**ked himself by shagging outside his marriage
> ...


You may not like how some presumptions work, but they're legally binding nonetheless.  In the red light example, your initial intuition might be that they can never prove who was actually driving the car.  Courts realize that so they created the presumption.  You could have a similar situation here.


----------



## qubit (Apr 13, 2015)

R-T-B said:


> In America...
> 
> The posted is in Latvia.  I betcha judges there disagree.


Yeah, they might in a place like that - unless they can be bought off that is.


----------



## xvi (Apr 14, 2015)

Steevo said:


> They will still be behind a router, which means it still doesn't work like that.


Possibly not. If I recall, IPv6 was designed to eliminate the need for NAT-type routers. Doesn't mean it can't be done, but I suspect it will stop becoming the norm.


FordGT90Concept said:


> That would mean the entire internet infrastructure is only composed of switches and no routers.  That is not the case and will never be the case.  NAT is here to stay because it is impractical to connect a thousand devices to thousand discreet internet connections.  Addtionaly, it makes more sense to have one great corporate firewall than a lousy firewall on a thousand devices.  The structure of the internet today is the way it would have naturally evolved even if IPv6 existed before IPv4.
> 
> IPv6 is being pushed out to ISPs so there's more room for wireless devices.  It will eventually proliferate through consumers but that won't eliminate NATs.  Even then, it's irrelevant because even if every device had a globally static IP, it is still difficult to prove who was using the device at the time the alleged crime was committed.


In the case that a non-NAT firewall/switch is being used, the ISP's router would know the MAC associated with the IP. That MAC could be used to immediately identify the manufacturer of the device and, if physically searched, the exact device used.

In any case, I'm surprised the account holder isn't simply responsible for anything across the connection. I'm not suggesting that's how it should work (since I think that's completely ridiculous), but it's how I'd expect it to work.


----------



## Easo (Apr 14, 2015)

qubit said:


> Yeah, they might in a place like that - unless they can be bought off that is.


Oh... I guess there is no point in discussion with you. After all, i am from "place like that".


----------



## qubit (Apr 14, 2015)

Easo said:


> Oh... I guess there is no point in discussion with you. After all, i am from "place like that".


I'm not criticising you, but it is a reflection of the corruption in a country. Sure, every country has corruption, but it's a lot worse in some others. Hence, if they're going to nail people on non-evidence, then that's pretty corrupt.


----------



## R-T-B (Apr 14, 2015)

I too meant no offense by calling your country out.  I just meant that the justice department there could use some work.  I am by no means trying to call Latvia a bad country.


----------

