By Richard Menta 10/5/07
The jury came to a verdict and the RIAA won the first file sharing case to go to trial. Jammie Thomas, a woman who claims she has never downloaded music, was found to have violated copyright and the court ordered her to pay the RIAA 220,000 or $9,250 for each of the 24 songs the RIAA claims she pirated.
But the RIAA did not have to convince the jury that Thomas actually downloaded the files in question herself. They just convinced the jury somebody did and the RIAA also convinced them that Thomas is responsible for those actions. As copyright attorney Chris Castle told CNET "What is precedent-setting about this case is that the jury decided it doesn't matter who was sharing music on Thomas' computer. The answer that the court gave was 'It's your account, you're responsible."'It's your screen name. You pay the bills. It's in your house. You are on the hook for it."
According to this logic if someone steals my identity I am on the hook for all actions taken in my name. If they steal my credit card number I am responsible for all charges. If a terrorist steals my social security number online and uses it, do I go to Guantanamo Bay? It's a bit disconcerting.
The other week when I was testing the Wi-Fi feature on the iPod touch in Highland Park, NJ I found that I could tap into dozens of business and household wireless connections. Many of these connections were unencrypted and thus had no protection against unauthorized access. For these connections anyone could pull up with a laptop and launch a P2P application. Roughly half of the Wi-Fi nodes the iPod touch detected were encrypted, but unfortunately the standard to encrypt wireless access points, WEP, is considered a poor encryption scheme. WEP has long been defeated and there are a myriad of tools to simplify the task of bypassing it. A new standard is yet to be approved to replace it. If a savvy intruder finds unencrypted access points inconvenient they can go after - and easily defeat - encrypted ones.
I wonder if the court house has a rogue unencrypted Wi-Fi access point? You would be surprised how many workers pick up a wireless hub for the office at their own expense, especially since most laptops have Wi-Fi built-in and the hubs are cheap. This is one of the many issues information security professionals deal with every day. Wi-Fi is very convenient and thus very compelling, but many people fail to secure them properly.
No doubt Thomas will appeal this decision, but that will cost money and the RIAA will do everything it can to preserve this precedent. Most likely the RIAA will cut a deal with Thomas for a fraction of the settlement and take away the real prize. But what will that achieve?
The strategy the RIAA has taken to sue alleged file traders has not stemmed file sharing. In fact, it has continued to grow during this period. Also, these suits have not exactly been good for record industry PR, something that I argue is a major contributor to the plummeting CD sales.
Whether Thomas really is guilty or not is less the issue here. I think the greater issue this precedent sets is that if a household is the victim of an outside intruder, they can be held accountable for the damage that same intrude may inflict online to others. This doesn't help the RIAA in any measure, it is just a horrible side effect of a decision that in the end may have no bearing on the change that is affecting the record industry today.
Other MP3 stories:
iPod Touch Would Make Great Wi-Fi Sniffer
Record Industry Woes Aggravated by Years of Bad PR
The Archos 405 Wi-Fi portable DVR is available on Amazon