Know Your Rights: What to do when the RIAA comes calling
By Nilay Patel 
posted August 31st 2007 7:37PM
posted August 31st 2007 7:37PM
Know Your Rights is Engadget's new technology law series, written by our own totally punk copyright attorney Nilay Patel. In it we'll try to answer some fundamental tech-law questions to help you stay out of trouble in this brave new world. Disclaimer: Although this post was written by an attorney, it is not meant as legal advice or analysis and should not be taken as such.
Preface: There's been a lot of discussion about the RIAA's, shall we say "controversial" (and we're being generous here) tactics in suing P2P users who download copyrighted content; especially this week, what with the EFF releasing its "RIAA v. The People: Four Years Later" report. But it's never been easy to find information about the nuts-and-bolts of what happens when you get that first letter from the RIAA. We're not going to get into our feelings about the RIAA and MPAA (you probably already know what we think), but since we've (read: Nilay) been involved in a couple successful defenses -- and a lot of unhappy settlements -- we thought we'd try and break down the process for you. We're not telling you how to avoid or get out of trouble with the RIAA, just how it is that trouble usually operates.
Help! I'm being sued by the RIAA!
Wow, bad luck for you. The RIAA really only sues about 6,000 people a year, mostly those who use FastTrack clients like Kazaa. Users of other networks have been sued, of course, but it's by far Kazaa users who get sued the most often, and generally those who have been unknowingly sharing files. That's a drop in the bucket compared the to estimated nine million people who use P2P software every month.
That doesn't help me at all.
Well, it's important to think about these things in context. Also, it's important that you take a moment to ask yourself a really essential question.
What's that?
Did you do it?
What? No!
Look, if you REALLY didn't share anything, you can skip on a couple paragraphs. But it's really important to be honest with at least one person here, even if that person is just yourself. If you really did share files, you're really not going to gain anything by fighting some noble battle. Especially if money is important to you. Did we mention how much money the RIAA's legal team has? If the RIAA's logs show the IP address associated with your internet connection as having downloaded certain files, chances are you're going to end up paying one way or another.
Whatever, sellout.
Look, at this point it's not really a moral issue, it's a financial one -- if you did what they say you did, you're vastly better off paying the money and moving on. It's not a criminal charge, and the terms of the settlement will be most likely be confidential, so it won't come up again in your life. Paying a lawyer to fight and lose for you will likely just cost you more money, because the RIAA will get at least $750 for each track you've shared, and for the average P2P user that adds up fast.
There have been cases where users with open Wi-Fi networks have had their cases dismissed, but those are fairly rare -- maybe half a dozen of the tens of thousands cases filed. Although it's a sad truth, the reality is that once you get caught -- really caught -- infringing copyrighted materials, very few people have sympathy for you, least of all the courts. So, take a moment, convince yourself that sharing the entire a-ha back catalog was worth it, and call a lawyer who's handled RIAA cases before to take care of your settlement, which is usually somewhere between three and five thousand dollars. It's by far the cheapest option.
Well, that's great, but I didn't do anything wrong.
In that case, the first thing you should do is check and see what kind of letter you've gotten from the RIAA. Who is it from? If you're a college student, there's a good possibility it's from your school, saying you might be sued. In that case you should STAY AWAY FROM THE RIAA. Don't visit the settlement website, don't call the hotline. The RIAA doesn't know exactly who you are yet, so don't up and go telling them.
Of course they know who I am! I got this letter, didn't I?
The only thing the RIAA knows is that your IP address was sharing files -- that letter was from your school. Every school deals with this differently, but you need to be in touch with the legal department at your school in order to begin clearing this up -- not necessarily the RIAA. Again, don't give the RIAA any more than you need to.
Good for the college kids, but I'm sitting here holding a notice of an actual lawsuit, and I didn't share any files either.
In that case, you need to act right away. Make sure you've got documentation showing what kind of internet service you have, how long you've had it, and what kind of computers you have hooked up to your router. It would also be good to catalog all the music on your machines. Generally this information is all you'll need to give a lawyer to get started on your case -- and although the RIAA is stubborn, they will drop cases once it's obvious that they'll lose, because they are terrified of losing in court. Don't wait one extra second to do this, however -- the longer you hold off, the less likely the RIAA is to dismiss your case, and the less likely it is that you'll get your attorney's fees back if you end up going to court.
Man, this is really depressing.
It is, but the more information you have about this, the better. We're not big fans of the RIAA's scare tactics -- and we're pretty certain those tactics aren't having any effect on filesharing -- but we're not trying to sugarcoat reality, either. Stay safe, stay respectful, and most of all -- know your rights.
Nilay would like to thank Len Rubin of Reed Smith for his help with this article.
Preface: There's been a lot of discussion about the RIAA's, shall we say "controversial" (and we're being generous here) tactics in suing P2P users who download copyrighted content; especially this week, what with the EFF releasing its "RIAA v. The People: Four Years Later" report. But it's never been easy to find information about the nuts-and-bolts of what happens when you get that first letter from the RIAA. We're not going to get into our feelings about the RIAA and MPAA (you probably already know what we think), but since we've (read: Nilay) been involved in a couple successful defenses -- and a lot of unhappy settlements -- we thought we'd try and break down the process for you. We're not telling you how to avoid or get out of trouble with the RIAA, just how it is that trouble usually operates.Help! I'm being sued by the RIAA!
Wow, bad luck for you. The RIAA really only sues about 6,000 people a year, mostly those who use FastTrack clients like Kazaa. Users of other networks have been sued, of course, but it's by far Kazaa users who get sued the most often, and generally those who have been unknowingly sharing files. That's a drop in the bucket compared the to estimated nine million people who use P2P software every month.
That doesn't help me at all.
Well, it's important to think about these things in context. Also, it's important that you take a moment to ask yourself a really essential question.
What's that?
Did you do it?
What? No!
Look, if you REALLY didn't share anything, you can skip on a couple paragraphs. But it's really important to be honest with at least one person here, even if that person is just yourself. If you really did share files, you're really not going to gain anything by fighting some noble battle. Especially if money is important to you. Did we mention how much money the RIAA's legal team has? If the RIAA's logs show the IP address associated with your internet connection as having downloaded certain files, chances are you're going to end up paying one way or another.
Whatever, sellout.
Look, at this point it's not really a moral issue, it's a financial one -- if you did what they say you did, you're vastly better off paying the money and moving on. It's not a criminal charge, and the terms of the settlement will be most likely be confidential, so it won't come up again in your life. Paying a lawyer to fight and lose for you will likely just cost you more money, because the RIAA will get at least $750 for each track you've shared, and for the average P2P user that adds up fast.
There have been cases where users with open Wi-Fi networks have had their cases dismissed, but those are fairly rare -- maybe half a dozen of the tens of thousands cases filed. Although it's a sad truth, the reality is that once you get caught -- really caught -- infringing copyrighted materials, very few people have sympathy for you, least of all the courts. So, take a moment, convince yourself that sharing the entire a-ha back catalog was worth it, and call a lawyer who's handled RIAA cases before to take care of your settlement, which is usually somewhere between three and five thousand dollars. It's by far the cheapest option.
Well, that's great, but I didn't do anything wrong.
In that case, the first thing you should do is check and see what kind of letter you've gotten from the RIAA. Who is it from? If you're a college student, there's a good possibility it's from your school, saying you might be sued. In that case you should STAY AWAY FROM THE RIAA. Don't visit the settlement website, don't call the hotline. The RIAA doesn't know exactly who you are yet, so don't up and go telling them.
Of course they know who I am! I got this letter, didn't I?
The only thing the RIAA knows is that your IP address was sharing files -- that letter was from your school. Every school deals with this differently, but you need to be in touch with the legal department at your school in order to begin clearing this up -- not necessarily the RIAA. Again, don't give the RIAA any more than you need to.
Good for the college kids, but I'm sitting here holding a notice of an actual lawsuit, and I didn't share any files either.
In that case, you need to act right away. Make sure you've got documentation showing what kind of internet service you have, how long you've had it, and what kind of computers you have hooked up to your router. It would also be good to catalog all the music on your machines. Generally this information is all you'll need to give a lawyer to get started on your case -- and although the RIAA is stubborn, they will drop cases once it's obvious that they'll lose, because they are terrified of losing in court. Don't wait one extra second to do this, however -- the longer you hold off, the less likely the RIAA is to dismiss your case, and the less likely it is that you'll get your attorney's fees back if you end up going to court.
Man, this is really depressing.
It is, but the more information you have about this, the better. We're not big fans of the RIAA's scare tactics -- and we're pretty certain those tactics aren't having any effect on filesharing -- but we're not trying to sugarcoat reality, either. Stay safe, stay respectful, and most of all -- know your rights.
Nilay would like to thank Len Rubin of Reed Smith for his help with this article.
What to do *WHEN* the RIAA comes calling. Edit!
Speaking of WHEN, I think it's a matter of WHO.
The RIAA would have better luck suing Apple for their iPods. Guess how many people have them? Getting one implies that you need to have illegal music.
iPOD + iTUNES = iLLEGAL DOWNLOADING
But waiownsyou, I _totally_ bought a new iPod video this year! My iPod mini was completely full of the songs I bought from iTunes, you know:
4GB= 1,000 songs x $0.99 = $990
Now I always take 2,152 of my fav songs with me, EVERYWHERE. (And movies too!)
2152 x $0.99 = $2,130.48
*note sarcasm*
Incorporate a shell business, put your broadband under that business DBA. Let them sue (and win by default) your corporate front that has no income or assets.
My best advice is to live in Russia. LOL
Nice legal information that MIGHT help, although the entire thing basically yells, "don't tell the RIAA n00bs anything."
And it seems to imply that only people who share are sued. I don't share, but I download a boat load of MP3s weekly. Do you think I would get pwnt by the RIAA?
Leecher.
If you don't share, the you're a leech. We don't like leeches. I think I speak for the vast majority of file sharers when I tell you to get the fuck out. So here I go:
Get the fuck out.
You guys are idiots, he could be using usenet or rapidshare
Leech = someone who takes but does not give.
He is not giving, only taking. Doesn't matter how.
In terms of logistics, it's much better for the RIAA to go after heavy seeders (which they tend to do), because A) the people who are spreading the files around are - as a rule - vastly outnumbered by the people downloading their music, and so it's far more effective to get rid of a seeder than a leecher. It's also very difficult to track downloads compared to uploads - incoming data can be spread over a variety of ports, but outgoing tends to stick in one piece, so it's easier to figure out what people are putting out there as opposed to taking. Finally, someone using plenty of upstream bandwidth is much more suspicious than a heavy downloader; while a youtube user could pull a gig or more of data in a day with a little bit of determination, you'd be hard pressed to think of why someone would be uploading that much.
I would also guess that suing someone who just downloaded music would earn them penalties that aren't so stiff as for someone who was uploading, but that I'm not sure of.
So, can they sue you for downloading? Absolutely. Will they? The odds are against ANYONE getting sued (as the article says, 6000/9000000 or 1 out of every 1500), but given the extra difficulties, it's a good bit less likely for a downloader to get hit than a seeder.
Keep in mind this mainly applies to music; movies are rather different due to their size and the fact that the MPAA and not the RIAA is after you.
I wrote a very long and detailed comment about why seeders are less likely to get hit than leechers, which I guess was too long for engadget's taste, but basically it boils down to that it's harder to track what files you are downloading as opposed to uploading, and the seeders are almost always outnumbered by the leechers (sorry, it's true) and so it's more effective to go after the seeders.
I believe there was a previous court battle which effectively said that downloading for whatever reason wasn't against the copy-right or it was not very significant (perhaps limiting their payout).
As such they go mostly after people who share, I assume they might be able to collect their $750 per song per downloader which means that someone sharing just a few songs might have downloads might have thousands of downloader’s a song, thus letting the RIAA claim 'millions'.
(I'm not totally sure on the first part, but it think that’s the jest; the second is just a guess.)
Fishju,
Get out, we know you've been sued. =)
The General:
"Leech = someone who takes but does not give.
He is not giving, only taking. Doesn't matter how."
..
Well, go on and seed then, big man!
I hope you get caught by the RIAA now. *teases*
Seriously. I will download and then do my part by seeding too. But, I'm not gonna seed a file 24/7 or anything like that. That's the job of the person in charge of the original download.
I'll seed on private networks, but helping seed a popular video or album? Not likely. As I've said, I'll do my part and move on.
There's no way I'm getting in trouble all because of some unwritten "downloading" rule. Come on, FFS!
How likely is it that the RIAA could win a case against somebody with open wifi, running a tor node and peacefire proxy, that has a lot of friends over very often? It's just a question :P
Well my dear fishjew,
Open wifi is no defense. Just like ignorance is not.
In other words, you are responsible.
Signed,
Your Accomplice :P
The funny part is he says he has friends.
I LOL'ed.
If I leave my car unlocked and the keys in the ignition, some guy comes along and steals my car, crashes it, and kills three people - should I be responsible?
If I leave the door open to my house and someone comes in at night and steals my stuff, is it my fault?
No, I should have closed the door or locked my car, however, that gives no right or defense to the other person using my internet connection
"The funny part is he says he has friends."
Projecting again, are we? ;)
@Zach: "And as soon as my name is cleared, I vow to search for the real uploader"
Heh, why are OJ references still so damn funny?
Can the RIAA sue you if you're under 18?
http://www.cnn.com/2003/TECH/internet/09/09/music.swap.settlement/
Nobody is exempt from the wrath of the RIAA.
No, they sue your legal guardian, which in most cases, is your parent(s).
and now you owe the people you live with 400k USD$.
A significant debate is underway in the courts, the Congress and federal regulatory agencies regarding decisions that are being made within the electronics, content and computer industries - about how to best protect copyrighted material in a digital world. Right now the internet is not safe for users to view or download files without potentially infringing on copyrights and suffering large fines, penalties or even worse.
An ever-increasing number of unlicensed downloads are taking place in private homes all over the world. According to recent data, over twelve million people are simultaneously sharing 1.08 billion music, movie, and software files on the Internet at any given moment.
Imagine a person or child sitting down in front of a Television with a remote and selecting a few dozen channels or video on demand selections and finding out later that they have committed copyright infringement and are being asked to pay several hundred thousand dollars in fines. What makes this even worse is there is really no way to determine if a certain piece of content is appropriate for use, copyrighted or not, until the damage is already done.
A typical internet user does not build the internet applications, program the search engines, or manage the internet networks that they use. More could be done with these key elements of the internet to insure that standards are set that provide a higher degree of safety from copyright infringement or exposure to inappropriate content. We live in a society that requires people to wear seat belts; Why?, because they provide an additional layer of protection from unnecessary injury.
A national copyright and rating database could serve as a seat belt for the internet to protect users from injury as well. Copyrighted materiel could be registered along with an associated audience rating of the content allowing internet applications, search engines and network operators to establish national standards for digital rights management.
Now is the time for us all to work together to provide a level of protection from unnecessary injury and make the internet safe again for average citizens in their homes.
Thank you for your leadership in this important social and technological issue.
Don't they have to prove that you actually have the said copyrighted material? Couldn't you just delete it or move it off site?
This is primarily concerned with people who were *sharing* the files... whether you were legally in possession or not isn't the question, it's whether you were sharing them. And the primary tool they use is logs, so no, deleting the files won't save you.
People still use Kazaa? I thought the program died after they started packing spyware in it and when Kazaa Lite sold out and started scamming people... which was like years ago.
oh hey, it just took a long time!
cable in anonymous name
cell phone in anonymous name
anonymous gets sued & tracked
case closed
but for real if you do the crime pay the fine
What about in Canada
We canadians don't have this issue, there is a tax on blank CD-R's that in a roundabout way prevent us from being sued. That and the RIAA is based in the US of A and can't actually sue persons in a foreign country.
if you get sued in canada, you get sued in real life!
http://xkcd.com/180/
yeah what about Canada!?
I believe you mean, what *aboot* Canada.
LMAO John
"It's aboot diplomacy! It's aboot respect! It's aboot... Hey, fuck you, buddy!"
/South Park
//off topic
I dint find this any useful at all,
i mean half the information is about people
saying they dint download anything.
Come on if he is getting sued he is no momma's boy.
It did say that if you knowingly have shared music, pay the settlement! You're not gonna get out of it. And it might cost more to get a lawyer etc...
So wait...you have to pay for music now?
Can't be true. You misread.
I thought I might add my bit of knowledge about how they deal with RIAA notices at U of Michigan. Basically they get a notice that some IP has been sharing and pass that notice on to the student. If they deny it, they have to pass on the student's info to the RIAA. So bad news for the student! If the student doesn't deny the infringement, they go into a process that involves a short copyright quiz the first time, and more serious stuff as he/she gets more notices. You dont want 3 or more, I'll tell you that much. The good news is that you've got at least some protection from the University. I suspect other schools are similar and some are completely leaving the students out of it, but we'll see how long that lasts.
In Canada, "The Personal Information Protection and Electronic Documents Act" prohibits companies from disclosing your identity/personal information to third parties (which would include entities like RIAA or marketing companies) without your explicit consent. Which explain why there is no, or very little telemarketing activity... However, some ISPs, having caved to the pressure from RIAA and alike, have added an article to their ToS, specifying that your information may be released for legal reasons if you "agree". So you may want to watch what you sign/agree to and go back and read your ToS agreement.
Personally I now listen to the radio and indy music - since I learned about the RIAA racketeer tactics, I ceased buying any media, merchandise or information that would put money in their greedy pockets. I would much rather support independent artists than record companies that hog all the profits, giving performers single-digit percentage for their art. Consumers should fight back and stop buying the music for a little while to remind RIAA who the customer is.
Does anyone else here use PeerGuardian? I downloaded it a couple months back and leave it on, and every time I see the icon, I wonder if it actually works.
peer guardian does work but it is just an ip blocker with a self updating list of known ips from those bad organizations. it cant completely protect you from the unknown ips so yaa....
nine million?! I can bet there are plenty more
hmmmmmm......this article is my penance for going on Engadget at 10:00pm on a friday night and not the bar....One day, ooonnneee day I'll learn!
The RIAA should be incapable of winning any cases after computer security expert Jayson Street made his declaration in an RIAA case.
http://www.ilrweb.com/viewILRPDF.asp?filename=arista_does1-11_070806DeclarationJaysonStreet
His argument is downright factual, disproving completely what the RIAA's so called "experts" say.
Sweet. I'm going to bookmark that link in case the RIAA knocks on my door and asks me for a condom