Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

-- more on -- Court docs reveal some RIAA "tracking" methods

From: Dave Farber <dave () farber net>
Date: Thu, 28 Aug 2003 02:43:42 -0400


Date: Wed, 27 Aug 2003 21:23:13 -0500
From: Rick Bradley <rick () rickbradley com>
Subject: Re: [IP] Court docs reveal some RIAA "tracking" methods
To: Dave Farber <dave () farber net>

Just a quick comment on a logical fallacy in the reasoning the RIAA
is using here:

> For example, the industry disclosed its use of a library of digital
> fingerprints, called "hashes," that it said can uniquely identify MP3 music 
> files that had been traded on the Napster service as far back as May 2000.
> Examining hashes is commonly used by the FBI and other computer
> investigators in hacker cases.
>
> By comparing the fingerprints of music files on a person's computer against 
> its library, the RIAA believes it can determine in some cases whether
> someone recorded a song from a legally purchased CD or downloaded it from
> someone else over the Internet.
>
> Copyright lawyers said it remains unresolved whether consumers can legally
> download copies of songs on a CD they purchased rather than making digital
> copies themselves. But finding MP3 music files that precisely match copies
> that have been traded online could be evidence a person participated in
> file-sharing services.
>
> "The source for nycfashiongirl's sound recordings was not her own personal
> CDs," the RIAA's lawyers wrote.

All that a hash (such as an MD5 hash or an SHA hash) can tell you is
that such files are identical.  The RIAA appears to have vacuumed up a
lot of files from Napster and computed hashes for them.  They then take
the files they downloaded from the defendant and hash them.  When they
find matches they know that the files downloaded from the defendant are
identical to some that were earlier traded from Napster.

The inference that the RIAA is trying to sell is that this means the
defendant downloaded those files from a filesharing network in the past.
This does not follow -- it is merely *likely* that the defendant
downloaded these files.  Some other possible explanations:

 - the defendant created the files from her own CDs and made these files
   available on Napster (rather than downloading them)

 - the defendant created the files from her own CDs, and the files were
   taken from the defendant's system and distributed by someone else

 - the process the defendant used to create the files from her own CDs
   produces identical files to those created by another user from
   her own CDs

 - the RIAA is lying  ;-)

Rick
--
 http://www.rickbradley.com    MUPRN: 864
                       |  got his friends staff (with
   random email haiku  |  my assumption that Qzar was
                       |  Mav's roommate. My bad.


-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: