FC: Transcript of Verizon-RIAA subpoena discussion at Nat'l Press Club

[Declan McCullagh <declan () well com>]

Previous Politech message:
"Verizon tells RIAA to shove it: 'Should be denied!'"
http://www.politechbot.com/p-03943.html

News article on oral arguments today:
http://news.com.com/2100-1023-960838.html

Andrew Schwartzman, the panel's moderator and president of the Media Access 
Project (http://www.mediaaccess.org/about/people/index.html) closed 
Wednesday's event by saying:
> Let me, briefly, give from the perspective of the user.  As journalists, 
> the fair use rights are incredibly important to you as journalists, and 
> you have colleagues, like Declan McCullagh, who post a lot of content, 
> quote letters, quote articles, and speeches.  In this kind of blunderbuss 
> approach, you could well have a site that had your own personal 
> journalism, or excerpts of your own stories, challenged by the copyright 
> owner, and you would have under the, even under the inadequate protection 
> of the Digital Millennium Copyright Act, an opportunity to go back and 
> say, no, don’t shut down my site, I’m a journalist exercising First 
> Amendment rights, and I’m excerpting something that’s of public interest, 
> because I’m writing about it from the standpoint of a journalist 
> exercising my First Amendment rights, I have a fair-use right to do this 
> quote.  That’s the kind of thing that we’re talking about and the kind of 
> problem that happens with this blunderbuss approach.  Now, having said all 
> that, there are moments when I’d like to see Declan’s site taken down, but 
> that’s another discussion. Other Questions?

(Unfortunately I wasn't there to participate -- I'm in California this week.)

-Declan

---

Internet Community Supports Verizon’s User
Privacy Defense
October 2, 2002

Speaker Index



Dave Baker, Earthlink . . . . . . . . . . . . . . . . . . . . . . . . . . . 
. . . . . 1-2, 9, 10
Drew Clark, National Journalist Tech Daily . . . . . . . . . . . . . . . . 8-9
Susan Decker, Bloomberg News . . . . . . . . . . . . . . . . . . . . . . . 
.10, 11
Megan Gray, Council of Record . . . . . . . . . . . . . . . . . . . . . . . 
. .3-5, 10
Jon Larimore, Zzapp! Internet . . . . . . . . . . . . . . . . . . . . . . . 
. . . 6
Dave McClure, U. S. Internet Industry Association . . . . . . . . . . 6-7, 
9-10, 11
Andrew Schwartzman, Moderator . . . . . . . . . . . . . . . . . . . . . . . 
1, 3, 5, 8, 9, 10, 11
Gigi Sohn, Public Knowledge . . . . . . . . . . . . . . . . . . . . . . . . 
. . .7-8, 9

Internet Community Supports Verizon’s User
Privacy Defense
October 2, 2002

ANDREW SCHWARTZMAN:  Good morning everybody.  I’m Andy Schwartzman.  I’m 
president of Media Access Project.

I’m going to try to help moderate this event.  But we have speakers who are 
very knowledgeable on the subject and I’ll leave it to them to discuss 
things in a lot of detail.  The important thing that I would underscore in 
introducing these folks is that you get lots of definitions of what the 
Internet is.  Some people, depending upon their interests and what they do, 
will say it’s a way of buying things.  And some people say it’s a way of 
exchanging information.  And some people say it’s a way of doing 
commerce.  Some people say it’s a way of communicating.  Some say it’s a 
way to engage in speech and chat.  And, of course, we answer that it is all 
these things.

An issue has arisen in which the Recording Industry Association of America 
is trying to subpoena the names of Verizon’s customers.  Verizon 
understands that when you make a telephone call, you expect that you can 
communicate with the person on the other end of the conversation with firm 
knowledge that nobody from Verizon is sitting there listening to it or is 
getting ready to turn the names of all it’s customers to anybody who just 
walks up with a piece of paper.  And they understand that this applies to 
the Internet in the same way and even more.  And has steadfastly stood up 
to this highly inappropriate action.  The people here today want to express 
their support for Verizon’s actions and do so reflecting the different 
perspectives of people who use the Internet in all its different ways and 
from all its different perspectives.

I’m not going to read biographies and materials in the packet for you.  But 
I’m just going to introduce the folks and then we’ll take questions.  First 
up will be Dave Baker, from Earthlink.  Then Megan Gray who is lead counsel 
and whose a newcomer to Washington but is bringing some very important 
experience from being on the front lines on the West Coast over the years 
as the Internet has evolved and developed.  Jon Larimore from Zzapp! 
Internet, Dave McClure from the U.  S.  Internet Industry Association and 
Gigi Sohn my erstwhile colleague for many years at Media Access Project but 
who now runs Public Knowledge.  And I can’t not note with some 
extraordinary pleasure what an amazing job she’s done in setting up an 
organization that is addressing a very important set of needs.  Okay, Dave 
I’m going to turn it over to you and then speakers will come up without 
further interruption from me.

DAVE BAKER: See, I thought I was last on the list this morning.  Andy’s 
just keeping me on my toes.  I’m Dave Baker.  I’m vice president of Law and 
Public Policy at Earthlink, along with Verizon Online, AOL, E-Bay, SPC, 
Worldcom, UUNet.  We are members of the U. S. Internet Service Providers 
Association and I want to speak to a couple of points that were in the 
amicus brief that the RIAA versus Verizon case.

ISPs have a long history of; at least as long as the DMCA’s been around, we 
have a history of dealing cooperatively with copyright owners and 
protecting that copyright pursuant to section 512C of the DMCA.  And that 
deals with notice and take down professions.  The situation where we get a 
notice that a web site that an ISP hosts has allegedly… has material that 
allegedly infringes a copyright.  And there is a history of cooperation 
there, where a copyright owner uses the provision of section 512C to 
request that that allegedly infringing and offending material be taken 
down. And ISPs cooperate with that.

But we have a different situation here.  Where the RIAA is seeking not just 
to disable a web site that an ISP hosts.  But rather is trying to use the 
subpoena powers under 512H of the DMCA to get at the identity of 
individuals who are alleged to have file share using peer-to-peer 
technology.  And this is not…peer-to-peer is not addressed in the DMCA.  It 
is obviously an item of current pending legislation.  And however one might 
feel about the Burman Bill, I think there is a recognition there that it 
seeks to address peer-to-peer which is not addressed in the DMCA.  And what 
we and ISPs collectively are concerned with is a situation unlike a 512C 
notice and take down provision where specific web sites are identified, 
where specific information has been identified.  Rather, situation Verizon 
where bots will just go out, scour the Internet, flood ISPs with hundreds 
if not thousands of requests not just to disable information the web site 
hosts but to reveal the identity of individuals who allegedly have this 
information not on the ISPs servers but on their own individual hard 
drives.  And that is not something that we could comply with.  And it is 
not something that is provided for in the DMCA.

A couple of examples which the US ISPA sites in their brief.  UUNet 
received from Copyright dot net sent UUNet over a request to turn over the 
identity of almost twenty-seven hundred individual subscribers and page 
after page of alleged infringements that all that start with a C colon 
slash which indicates that they are not on UUNet servers.  Not on their web 
server but rather on individuals’ hard drives and this is not what the DMCA 
was set up to handle.  UUNet says that in 2001, they got about twenty 512C 
notifications a month.  And that number is now coming in at the rate of 
over five hundred a month.  So we’ve seen a dramatic increase in these… in 
all sorts of notices coming from copyright owners.

Another example is…was a request to…for the identity of alleged 
infringement involving George Harrison songs. There was…not only were there 
notices to files that actually contained George Harrison music but a file 
for an interview with George Harrison and then an archain reference to a 
portrait of Mr. Harrison Williams 1943.JPG.  In other words, something that 
had nothing to do with George Harrison or his music.  But, rather, just a 
bot went out there, scoured, found the word Harrison and that got thrown 
into the subpoena.  And similarly, Harry Potter…requests for information 
regarding Harry Potter and allegedly looking for video downloads in order 
to find the identity of users who were peer-to-peer file sharing video 
clips or video downloads of Harry Potter.  There’s a file that shows up 
there that was “Harry Potter Book Report dot RTF.”  It was a one K size 
file.  It was a child’s book report on Harry Potter.  Again, you know, an 
example that just goes to show that these are not as the RIAA contends 
specific targeted requests for information but rather just a shot gun 
approach to try to get ISPs to divulge the identity of individuals who, 
again, are not putting material on websites or on websites that ISPs host 
but rather may be peer-to-peer file sharing and the only connection to the 
ISP is that that information may have transitted the ISPs network.

Now, again, we have been very clear from the start, we agree with the 
rights of the copyright and other intellectual property right owners to 
protect their intellectual property.  But, section 512 of the DMC does not 
address peer-to-peer file sharing.  More specifically, the subpoena powers 
in section 512H specifically refer back to section 512C which again has to 
do with the notice and take down provisions.  Pardon all the “legal-ese” 
but these are important… you know, this is the subject of the hearing on 
this case.  It’s going to be, when, on Thursday...Friday, thank you.  And 
the RIAA is trying to take the DMCA, stretch it to encompass something that 
it does not address.  And it is trying to hold ISPS…impress ISPs into 
service to turn over information that is not properly done under the 
DMCA.  So sorry to bore you with the “legal-ese” there.  I’ll turn it over 
to the other speakers and I think you’ll have questions at the end.

Thank you.
ANDREW SCHWARTZMAN:  I read off the wrong speaker’s list order so apologies 
to you Dave.  Let me try this again.  We are going to go back to the 
original order.  And it is going to be Megan, then Dave McClure, then Jon, 
then Gigi, and Dave’s already done his.  And, I didn’t say this, and it 
went fine judging by knowing whose here and the various beeps and stuff 
that has been going on through the room.  This is a reasonably tech savvy 
group here.  If the acronyms get out of site and somebody doesn’t know what 
an RTF file is or thinks it matters, wave or otherwise demonstrate and 
we’ll elaborate.  We’re not going to explain what the Digital Millennium 
Copyright Act is unless you guys really need to know.

Okay, Megan.

MEGAN GRAY:   All right, I wrote the brief on behalf of the Civil Liberties 
Groups and I am just going to walk through some of those arguments.  This 
has been an interesting case for me personally.  When I was in California, 
I defended probably the most John Doe lawsuits of anybody in the 
country.  And I also have been doing a lot of copyright litigation and 
enforcement throughout my career.  So this has been a nice juncture for me 
to sit here and be able to analyze what the various rights are.  And file a 
Friend of the Court brief, an amicus curiae brief with the court explaining 
those components that often the parties don’t have an opportunity to raise 
themselves because of court imposed page limits.

This is a very important case.  It is a test case.  I don’t think this is 
anything even RIAA disputes.  RIAA is trying to focus the court’s attention 
and presumably your attention as well on the fact that it is going after 
identity information for a single person.  But that’s really beside the 
fact because what this case is going to decide is going to have 
implications for millions of current P2P users.  And that number is just 
growing and extrapolating everyday.  Even more, we are going to see new 
advances in the internet and new software developments that we can’t even 
predict.  And it is those developments that most likely the ISP is going to 
act as a mere conduit.  Just like it does with P2P programs.  So this 
really is going to have huge repercussions now and in ways that we can’t 
even predict.

What the RIAA is seeking is really unprecedented.  They want completely 
unsupervised investigatory power that will jeopardize the rights of 
internet users.  Period.  It…that really is the crux of this case.  And by 
unsupervised, I’ll go into a little more detail about that in a minute, but 
it is entirely unsupervised.  It is granting any and every copyright holder 
the right to send a piece of paper to an ISP demanding identity information 
of an internet user.  And all that piece of paper has to say is that I am a 
copyright owner and I think somebody has wronged me.

Everybody in this room is a copyright holder.  Everybody in this country is 
a copyright holder.  So that’s giving anybody that may have a “beef” the 
right to go and unmask a critic, a target of their affection  whether 
wanted or otherwise.  Unmask a whistle blower.  It really could expand to 
any number of uses.  Yet the copyright industry is claiming that this basic 
connection, that the ISP provides, gives them the right to go to that ISP 
and get the information under the DMCA.  The DMCA, as is mentioned earlier, 
was really not, was not negotiated or enacted into law at any time when P2P 
was in existence.  P2P had not even begun yet.  People had not…could not 
predict that.  And yet what we are seeing is the RIAA trying to expand to 
that.

The interesting aspect of this is as well is that the copyright enforcement 
programs use bots.  They use them extensively.  Too many people are on the 
internet.  Too many are using P2P.  They can’t individualize it so they 
devise the software programs to go out and troll the internet.  And collect 
electronically every mention of Harrison or every mention of Beetles.  And 
then a low level person at that company, not even a lawyer, reviews the 
bot-generated search results and sends out this little notice that says, “ 
I am a copyright owner and I would like…I think someone has done me 
wrong.  See attachment.”  And then attached any number of pages listing 
supposedly infringing files.  That no one has actually looked at.  Nobody 
has analyzed these for fair use.  Nobody has analyzed these to see if it is 
in fact even a basic copyright infringement.  There’s been no analysis 
about whether there is jurisdiction over this individual or if they have 
any other defense to a copyright infringement claim.  Let me get into a 
little bit about why this is such a problem.
I think our gut reaction to it is that it is a problem.  Because we don’t 
like somebody to have that unilateral power to disclose identity.  But it 
is a problem legally as well because in this country we have a 
constitutional right to anonymous speech.  That is a right that the Supreme 
Court has recognized several times.  Even, most recently, this past term in 
the Watch Tower Case.  This right to anonymous speech obviously is rooted 
in free speech as well as privacy concerns.  So you can break it down 
either way, but they really combine here in the right to anonymous 
speech.  The Supreme Court has noted that anonymous speech is an enduring 
heritage.  The American people, from the American Revolution, the anonymous 
pamphleteer was a heroic force during that time.

Anonymous speech fosters robust debate.  It also fosters 
self-discovery.  People can go on line and participate anonymously in forms 
that they wouldn’t participate in if they had to identify themselves 
first.  That can be by downloading text files dealing with sexual disease, 
sexual exploration.  It can be material that is unpopular with the powers 
that be.  It can be something that would be personally embarrassing, 
information on alcoholism.  It can be downloading music that perhaps your 
parents wouldn’t approve of.  And as long as that is not a copyright 
infringement, you have the right to participate in that anonymously.  This 
anonymity right is not absolute and nobody claims that it is.  Nobody wants 
it to be.

It’s just that the right to anonymous speech cannot be violated on a 
whim.  It cannot be violated unilaterally.  There is no right…because there 
is no right to anonymously violate the law.  And because we are not 
advocating that internet anonymity act as a shield against liability.  The 
cases that have developed in this field say just that.  You do not have the 
right to participate anonymously online but…mere allegations are not 
sufficient to toss aside that anonymity right.  In defamation cases, in 
trade secret cases, in trademark infringement cases, in security violations 
cases, the courts have confronted this dilemma of internet anonymity and 
somebody else’s allegations of illegal conduct.  And tests have been put 
into place to make sure that these two concerns are balanced.

The court reviews the evidence, decides if it has merit, allows the 
anonymous person the opportunity to present competing evidence, and then 
makes a decision.  That’s the hallmark of American jurisprudence.  You have 
a neutral arbiter that weighs competing concerns, that has been how it has 
always been before the internet.  And that’s how it should be now, with the 
internet.  What the RIAA wants to do however is put the cart before the 
horse and say, “If we…if we say that there is copyright infringement that 
should be the end of the matter.  We shouldn’t have to have a judge review 
this.  We don’t need a neutral arbiter to evaluate our claims.  You can 
trust us.”  And I’m not trying to say that the RIAA is every time lying, or 
presenting a frivolous claim of copyright infringement.  But accidents 
happen.  Mistakes happen.  And, more importantly, this court decision is 
not going to apply, at least persuasively, to all the other copyright 
holders in the United States, including the Church of Scientology, your 
neighbor next door, and myself.  And you can’t trust everybody that’s why 
we have a government of laws here.  And it’s why we need to have a judge 
review these types of requests for identity disclosure before they are made.

The DMCA, according to the RIAA, gives them broad, unchecked, 
quasi-judicial authority to any private entity that has a copyright.  RIAA 
wants to use a judicial tool, a subpoena, without judicial 
oversight.  Completely divorced from any judicial oversight.  Not only 
divorced, but in an expedited proceeding so that everybody involved here 
must act very quickly.  There’s no time to give the purported copyright 
infringer notice of the subpoena and an opportunity to object to it.  It 
must happen instantaneously and that is not appropriate.  With this tool, 
any copyright holder, any purported copyright holder can silence critics, 
retaliate against whistle-blowers, harass individuals that they consider 
their enemies, stop people from distributing politically damaging memos.

When I first got this case, one of the first examples that occurred to me 
was Deep Throat.  If you had a really important document that you wanted to 
get wide spread dissemination, you might use a P2P system.  I think that if 
we had Watergate now, that might be a very useful tool.  But it wouldn’t be 
a tool that could be used if any individual purporting to be a copyright 
holder could then send a letter…notice requiring the ISP to identify the 
individual.  The basic point of our amicus brief is that mere allegations 
are insufficient to irreversibly extinguish a constitutional right.  And 
that’s an aspect to the right to anonymous speech that’s important 
here.  Once that right is violated, that’s the end of the story.  There is 
no remedy that can be devised.  The cat is out of the bag and it cannot be 
put back in.  So we want a court to be sure that any of these claims of 
copyright infringement actually hold some water before an individual is 
identified.

The RIAA needs to have checks and balances.  This country is built on 
checks and balances.  And that is all we are requesting here.  It is not 
that the RIAA or any other purported copyright holder would be without a 
remedy.  There really is very easy and it’s a…it’s a remedy…it’s a recourse 
that we’ve always had in this country. File a lawsuit.  It costs very 
little to file a lawsuit.  There is nobody standing at the courthouse steps 
demanding a huge amount of money to file a copyright infringement suit.  It 
can be a single piece of paper that is simply filed with the court.  You 
pay a minimum filing fee.  In California, I think it was twenty 
dollars.  And once it is in that court system, you have judicial 
oversight.  And then, the RIAA or the copyright holder then goes into the 
court and says, “Your Honor, I need to…in order to prosecute this law suit, 
I need to identify the defendant.  Is that okay with you?”  And then the 
court reviews the merits and says “Okay.  It looks to me like you have a 
(?) prima faca case of copyright infringement that outweighs this 
individual’s constitutional rights to anonymity.”  And that is all that we 
are asking the RIAA to do.  And this procedure, not only having been the 
traditional and constant way to deal with illegal activity in this country, 
also provides a lot protections.  That is why we have a court system.

An individual that is often targeted in a lawsuit has a potential malicious 
prosecution claim.  The evidence that is gathered through an improper 
subpoena can be subject to evidentiary exclusions.  The lawyers who are 
prosecuting that lawsuit are subject to ethics complaints before their 
state bar.  There are specific Rule Eleven sanctions that the court can 
award.  And in a copyright infringement case, our government and our courts 
have deemed the free expression and the free exchange of materials to be so 
important, that if a copyright infringement lawsuit is filed and the 
plaintiff is wrong and the defendant has the right to do what he is doing, 
he can recover his attorney’s fees in defending against that law suit.  It 
is these protections that the RIAA would rather not be bothered with.  I 
understand what they want and why they want it.  I think anybody in their 
position is going to want to have free reign without any judicial 
oversight.  To unmask their perceived foes, or to go after somebody that 
they think has violated their rights.  But this country does not permit 
that sort of unhindered and unsupervised use of judicial tools.  This is 
not a Big Brother state where the ISPs function as the agent of the 
copyright industry to identify anybody that supposedly has violated their 
rights.  What we don’t want to have on the internet is this chilling 
effect.  Where you can be identified at whim.  And that is the crux of our 
amicus brief.

Thanks.

ANDREW SCHWARTZMAN:   Jon.

JON LARIMORE:  I am Jon Larimore. Thank you for this opportunity to present 
our side of this issue.  I am president of a very small, non-profit, 
community supported organization which provides communications resources in 
ways not offered by others.  One of the ways we currently do that is by 
awarding one year internet access grants to selected qualifying individuals 
who suffer terminal or long term illnesses or extended periods of 
unemployment.  People who could improve their lives through access to the 
internet.  Some of these folks are living with HIV/Aids or terminal cancer 
or they’ve been unemployed for several years.  The internet access we 
provide allows these grant recipients, some of whom are severely physically 
challenged, to get outside of themselves and interact with the world which 
would otherwise be totally unreachable.  To chat with other folks dealing 
with similar issues, to obtain crucial health or employment information, 
but mostly just to try to live as normally as possible in whatever time 
they might have left.

Our sole source of income is derived from offering low priced dial up 
internet access to the general public through our internet service called 
Zzapp! For every ten new subscribers who join us we make one free account 
grant available.  We call this our One For Ten program. Obviously, we 
receive far more applications for free accounts then are ever 
available.  So this process of awarding them is a compassionately selective 
procedure.  The way we are able to make these compassionate selections is 
by asking our grant applicants to share their most private health and 
employment information with us, extremely personal information which public 
knowledge could prove devastating.  They do that because we strongly assure 
them that short of us being presented with a subpoena in each specific 
case, we pledge to never divulge anything about them to anyone, ever.  That 
is why our legal system requires and our organization is protected by the 
existing subpoena process.  Bypassing it could not only prove disastrous 
for the individual involved.  It could expose our organization and in fact 
any small ISP like us to litigation far beyond our ability to handle.  Like 
hundreds of other ISPs across the country, Zzapp! operates on a very small 
margin.  In fact, in our case, at the end of the year, no profit at all.

Zzapp! Internet Services is literally a one-man band.  While our Board of 
Directors provides very necessary guidance, day-to-day operations are 
entirely run by one unpaid volunteer, me.  I’m assisted by a roomful of 
automated computers.  One of which is, literally, designed to supervise all 
the others.   The [inaudible] reason we can do that, and the reason I can 
be here with you right now, is that we’ve been able to design our system in 
such a way as to require an absolute minimum of human intervention.

This then leads us to the second major issue this RIAA suit presents:  the 
likely possibility that, were this sort of thing to become legally 
permissible, ISPs everywhere could be inundated with such requests.  Where 
I, as the one man who runs our entire operation, were to receive one such 
order, the research and log analysis necessary to comply would literally 
shut us down.  We have nobody available to fulfill any volume of such 
requests and no money to pay anyone else to do it.  It would be easy to 
view this as a battle between goliaths, but in this particular case, little 
David most definitely weighs in.  If you’re an internet user, this issue 
has the potential to positively or negatively affect your personal privacy 
and either help or hinder the efforts of several thousand small ISPs, who 
try to protect your privacy every day.

Thank you.

DAVE MCCLURE:  Well, good morning.  I’m Dave McClure and I’m President of 
the U.S. Internet Industry Association.  The USIIA is the oldest and 
largest trade association for companies engaged in Internet commerce, 
content, and connectivity.  We were founded in 1994 to advocate for 
effective public policy for the Internet and we have members virtually 
every size and every facet of the Internet working to craft a business 
environment in which Internet companies can thrive.  We are here today to 
voice our opposition to the lawsuit filed by RIAA.  We filed an amicus 
brief also in this matter, which I believe is in your packet, and I’d ask 
you to take a look at it very carefully.  But I wanted to make just a 
couple of brief comments about our opposition and also about the amicus 
brief.

This case is not about right or wrong.  It’s not about whether peer-to-peer 
file sharing, which incidentally has a number of applications from the SETI 
Search for Extraterrestrial Intelligence to a massive effort in the battle 
against cancer.  This is not about whether that technology should be 
allowed to exist or not.  Rather, it’s whether or not the RIAA should be 
allowed to expand its powers beyond the scope of anything ever intended by 
the Congress, and gain power so broad and so chilling that they threaten 
the integrity of Internet and Internet Service Providers.  We examine, 
specifically, three points that we oppose.

First, the subpoena served by the RIAA against Verizon, originally, is an 
invalid subpoena.  The long-standing traditions of American justice, 
reaching all the way back to the U.S. Constitution, hold that such a 
subpoena may only be served if there is pending or imminently pending 
litigation.  In this case, there is no evidence of such litigation and, 
therefore, it fails to meet even this most basic test.

Second, the subpoena represents a violation of due process.  The RIAA is 
looking to gain the right to pry into the private information of Internet 
subscribers and even demand the termination of that subscribers account 
with no opportunity for recourse.  There’s not even someone you can 
call.  In fact, you may not even be able to determine easily from the ISP 
why your account was terminated.  It would be done automatically, blindly, 
with no knowledge; no chance to respond.  This is a gross violation of due 
process, but it’s also a violation of the contractual relationship that 
exists between ISPs and their subscribers, and it places the ISPs 
potentially in the position of having to violate privacy laws, including 
those enacted this year by the state of Minnesota.

Finally, it places a substantial and unfair burden on ISPs.  You’ve heard 
John Larimore describe, just a moment ago, that even one such subpoena 
served on his service, a very valuable community service, would literally 
shut them down from the manpower requirements.  The Digital Millennium 
Copyright Act balanced the need of copyright holders against those of ISPs 
in insuring that ISPs who merely act as conduits are not tasked with the 
burden of investigation for potential acts of copyright infringement.  This 
is very important because, while the Copyright Act did not specifically 
address a technology that had not, at that point, come into widespread use, 
it had, by the way, been invented.  Peer-to-peer file sharing’s been around 
since the seventies.  It’s just in a slightly different form now.  But the 
point is that the Copyright Act did make provisions for such technologies 
and what it clearly states is that in those cases where the ISP merely acts 
as a conduit, certain procedures must be followed.  They have not been 
followed in this case.  The action by the RIAA is an effort to impose new 
and substantial burdens requiring that the ISP devote an almost unlimited 
amount of resources to comply with vague and invalid demands that meet any 
of the requirements of the Copyright Act.

We believe that on the strength of these three points alone, this lawsuit 
needs to be opposed, and it need to be overcome.  For all of the other 
issues at hand, and you’ll hear many from all of the other speakers 
here.  The first and foremost issue in our minds is that this does not meet 
the test of law.

Thank you.

GIGI SOHN:  These podiums are not made for people who are five feet tall. 
[laughter].  Well, good morning.  My name is Gigi Sohn.  I’m the President 
and Co-Founder of Public Knowledge, which I think most of you know who we 
are.  We’re now just a little bit over a year old and we’re a public 
interest organization that seeks to represent citizens’ rights in the 
battles over copyright policy and technology policy.  So, I’m very pleased 
to be here, and Public Knowledge is proud to be a signatory to the amicus 
curia brief that Megan has so wonderfully drafted and we are really proud 
to support Verizon in this case.

This case clearly demonstrates that, in the content industries war on 
piracy, and I put that in quotes: “War on Piracy,” citizens’ right and 
expectations will be the first casualty.  Since the early days of Ma Bell, 
citizens have freely given their personal info to telephone companies and 
their successors with the expectation that their right to privacy will be 
secure.  But now comes the recording industry, which is seeking to force 
the telephone companies and their successors to break that sacred pact, 
based only on the mere allegation that the individuals, whose names they 
are requesting, are engaging in illegal conduct.  So the first, but 
certainly not the last, casualty in the “War on Piracy” is the right to 
privacy.  Now the recording industry could use their sophisticated robot 
technology to find massive illegal file traders, and it could file a John 
Doe lawsuit and get the names of those traders, if it satisfied a judge 
that its allegations had evidentiary support.  I think you’ve heard that 
many times today.  So why isn’t it doing so?  Well, let me posit a 
guess.  What if they sue one these massive illegal file traders under a 
John Doe lawsuit, and she is the daughter of a Senator, or a 12-year-old 
honor student, or one of its own recording artists, that would be really 
bad.  But what if they could just get a whole lot of names and addresses 
and other information about a whole lot of people that they think are 
engaging in illegal conduct?  That would be better, right?  They could 
conduct investigations of potential defendants and engage in surveillance 
over a period of days, weeks, months, maybe even years, hoping to find the 
least attractive defendants; perhaps a former convict, a Hell’s Angels, and 
maybe an Enron executive.  So, even if the recording industry loses this 
suit, again I think they will, to me, there’s no dispute that Verizon 
clearly has the winning case here, and I think it’s kind of curious that 
it’s so clear.  So, I don’t think this suit was brought necessarily to win 
it.  OK.  I do believe they’ll win this suit.  But even if the recording 
industry loses this suit, they can complain to Congress that they have no 
remedies, and they can seek even more remedies than they’re already 
seeking.  And, I don’t know if you got my press release  it’s in the back, 
I detail how this lawsuit is just one of a piece.  You know, I feel like I 
have to have seventeen arms to try to combat all the initiatives that the 
content industry, and it’s not just the recording industry, it’s obviously 
their pals in the motion picture industry and in the publishing industries; 
all the initiatives in Congress, and the FCC, and in the courts, that 
they’re using really to try to maintain control over their intellectual 
property.

So, just in closing, I just want to say that my organization actually 
supports enforcement of existing laws to curb illegal file trading on 
peer-to-peer networks.  Again, the emphasis is on enforcing existing 
laws.  The problem is, that’s not what the recording industry wants to 
do.  What they want to do is shift the burden of enforcing those laws on to 
ISPs, like Verizon, at the cost of citizens’ rights to privacy and 
anonymity.  Thank you.

ANDREW SCHWARTZMAN: Hands are already up.  Knowing you people, this is an 
amazing time for reporters to remain quiet, and I’m sure there will be 
questions.  You can start.  Please identify yourself and your publication, 
use the microphone, and, if you’ve got a specific person you’re addressing, 
please so state.

DREW CLARK:  Ok, Drew Clark, National Journalist Tech Daily.  I guess I 
have a two-part question.  You identified some of the reasons why they’d 
prefer this approach than the John Doe suits, and you kind of put it in the 
most cynical light, but couldn’t the argument just as equally be that there 
would be less a burden on individuals if the RIAA could simply send 
peer-to-peer users warning letters instead of suing them?  They don’t 
necessarily want to sue them -- haul them into court.  They just want to 
stop their problem of piracy, and, if they could find out who’s engaging in 
peer-to-peer file trading, they could let them know this is illegal and, 
basically, encourage them to stop.  So, I guess, Gigi, if you could respond 
to that, and anyone else.

The second part of the question is, you know, I mean, you’ve all presented 
the parade of horribles for this suit, but really, aren’t all of these same 
things applicable to the DMCA notice and take-down provisions as-is.  I 
mean, isn’t that really what you’re objecting to?  I mean what is all of 
the due process concerns that you have about this could just as easily 
apply to DMCA general notice and take-down provisions.

GIGI SOHN:  I’ll take this on. I’ll take the first part of that 
question.  For some odd reason, everybody has sort of lost sight of what 
the content industries do in the real world, and I think this digital world 
is such a different thing, and it really isn’t.  OK.  So, just as the 
recording industry is not going to go to the guy in Metro Center who’s 
selling, you know, phony CDs and, you know, give them a cease and desist 
letter.  They’re not going to go after, you know, every single person with 
six illegal, you know, files on their hard drive and give them a cease and 
desist letter.  They know.  They have a good sense.  I mean, robot 
technologies are not perfect and Dave gave those examples, some of which 
were also mentioned in the peer-to-peer hearing that I testified in last 
week.  They have a pretty good sense of who their massive file traders are, 
and Kerry Sherman told me that, basically, every single day they get a list 
of people. You know, who’s got two thousand, you know, copyrighted 
files.  Who’s got one thousand?  They know.  OK.  So, why, they don’t need 
to waste their time sending them cease and desist letters.  These are the 
type of people who are akin to the folks on Taiwan who are pirating 
thousands of CDs.  They know who the bad people are, they just have to go 
after them.  It’s more cost effective for them to send cease and desist 
letters to thousands of people, some of whom may have, you know, a small 
number of files, illegal files, on their hard drives.

ANDREW SCHWARTZMAN:  There’s another part.  Dave, you want to take the 
legal question?

DAVE BAKER:  Yeah.  Let me sort of follow up on Gigi’s comments.  You know, 
I mean, an example of RIAA going after the folks who are really causing the 
trouble, was when they went after, last month, went after 
listenforever.com.  If you saw the site before it went down, I mean, this 
thing was slick.  It was very professionally done.  This was not some…this 
was not a couple of college students just sharing a few files here.  But 
the point is, they went after the cause.  They went after the real 
problem.  And that site is now gone.  That’s a more proper way to do it 
than to try to sort of impress ISPs into service, saying, “We don’t know 
who these folks are, but we want you to divulge all their 
identity.”  Again, if it were a question of…  I mean, we have to draw the 
line at the first instance, because we’ve already seen examples of where 
ISPs will be served with hundreds and thousands of these requests.  And the 
difference, there’s a very real distinction here between the personal 
identity of peer-to-peer file sharers and the notice and take-down 
provisions under 512C.  The whole point of notice and take-down is the 
copyright owner saying to the ISP, “Hey ISP, this is a website you 
host.  Here is clearly identifiable information on that website that 
infringes our copyright.”  Whether it’s a song, a movie, a book, 
whatever.  And, there’s a provision there for notification, taking down the 
website, a counter-notification, all done in good-faith showings.  Again, 
we’ve got we and Verizon, and all other ISPs cooperating, just about.  ISPs 
cooperate with the copyright owners in, and other intellectual property 
owners, cooperate with the copyright owners in protecting them.  So, 
there’s no dispute under the 512C provision.  Here, you have a situation 
again where the RIAA taken the subpoena provisions under section H, which 
specifically refer to 512C.  The subpoenas talk about a notice and takedown 
provision, and instead they’re trying to apply that in a situation where it 
does not apply.  The DMCA is silent as to peer-to-peer file 
sharing.  That’s something that may need to be addressed, but it cannot be 
done in this context.

ANDREW SCHWARTZMAN:  The other David has something to say.

DAVE MCCLURE:  Let me address, specifically, your question about 
notification and takedown.  Emphatically, no!  This is not the same as the 
procedures that were set forth.  We probably have been engaged in 
notification and takedown procedures as long as anyone.  We negotiated the 
first set of notification and takedown procedures with the Software 
Publishers Association back in the spring of ’97.  And I can tell you that 
all of those procedures have been based on the intervention of some form of 
judicial review.  In a previous life, I also worked tracking down software 
pirates online on behalf of copyright holders, so I’m very familiar with 
the fact we’ve always had to verify the contents of those files.  We had to 
verify that a copyright violation had taken place.  That’s the heart and 
sole of the notification and takedown procedures.  If you circumvent all of 
those safeguards, then what you have is not the procedures set forth in the 
Copyright Act.  What you have then is a wholesale effort to place at risk 
the entire population of the Internet.  We’re talking about an estimated 40 
million American subscriber accounts that can be summarily terminated with 
no recourse whatsoever.  That’s not what the copyright law provides 
for.  That’s not the notification and takedown procedure.  This is a far 
different animal.  By the way, we strongly support the notification and 
takedown procedures.

MEGAN GRAY:  I was, just a couple points on this claim from the copyright 
holders, like RIAA, that “oh, we just want to send a letter.”  Well, if 
that’s all they want to do, they can still do that after filing the John 
Doe lawsuit.  It is again, very easy to dismiss the lawsuit.  It is a form 
that the lawyer signs.  There’s no complicated procedure here.  So, if 
that’s all they want to do, after they’ve learned the identity through the 
court supervised John Doe lawsuit, they can still do that.  And then, as to 
your question about whether our opposition to RIAA’s move here is in fact 
opposition to the DMCA in its totality.  We’re not raising that argument, 
that’s separate.  Our problem, in this case, is that the copyright holders 
are trying to expand the DMCA.  Whatever problems we may have with the 
DMCA, is separate and apart from this case.  We just want t make sure that 
it’s not expanded impermissibly like RIAA is seeking here.

ANDREW SCHWARTZMAN:  I think that you’ve got to go.

DAVE BAKER:  Yeah, I’ve got to…

ANDREW SCHWARTZMAN:  Any last questions for Dave Baker?

SUSAN DECKER:  Susan Decker, Bloomberg News.  Could either of the Dave’s 
kind of walk through the procedure for a takedown procedure compared to how 
it would work per user?

DAVE BAKER:  I don’t have the statute in front of me, so I’m going to be a 
bit vague.  But, basically, what we do is, the ISP receives a notice and 
takedown procedure in the process, and the ISP receives a letter that, you 
know, says all the magic words.  There are specific things we need to be 
laid out.  Maybe I ought to let Dave handle it, but just very quick 
overview.  Says. “ISP, you host a website that we claim had material that 
infringes our copyright,” and there is a provision whereby the ISP then has 
to disable that site for ten business days.  At the same time, give a 
notification to their subscriber, the website owner.  The website owner 
can, if they want, using the proper incantations, file a 
counter-notification, stating that no, it does not, and gets it back 
up.  One element that comes into play is that in all of this, the ISP is, 
and this goes back Section 2, the ISP is not, and could not, be liable for 
the billions of bits of information that transit its network everyday.  The 
only exception to that is if an ISP just sort of says, you know, shrugs it 
off, doesn’t do what their supposed to under it; doesn’t take down sites, 
then the ISP could be liable under the repeat infringer policy.  So, it’s 
not a situation that ISPs, you know, don’t have a stake in this; don’t have 
to abide by it.  We very much do, and we do.  Again, at the risk of 
repeating myself, we’ve got a long history of cooperating with the 
copyright owners to protect copyrights, and that’s something that ISPs take 
seriously.  But here we have a situation where the RIAA is just trying to 
stretch the DMCA to do something that it was not designed to do.

SUSAN DECKER:  Could you use that same procedure for the user?

DAVE MCCLURE:  Not really, and, thanks Dave, that was a very good 
explanation.  The notification and takedown procedures were a tool designed 
for an environment in which you have a static place to go and 
download.  Something akin to Napster, for example, or a website, for 
example, that features music.  It was not intended to address what happens 
when users share networks with one another, with no intervention whatsoever 
by the ISP.  No intervention, actually, with the companies that make 
peer-to-peer software.  They have no control over what you do, or how you 
share information.  They have no way to stop you.  So’ it’s not really 
a….  The discussion of notification and takedown, I think, is probably 
inappropriate, but I’ll repeat again, that the Copyright Act did address 
this issue when it clearly stated that in those situations where the ISP 
acts as a conduit, then there is no responsibility to take these actions, 
except in the face of a legally obtained subpoena, John Doe subpoena, which 
is one of the avenues open to them.  And I’ll go back again.  What they’re 
asking for is not simply the right to say, “Gee, tell us who this person 
is, so we can send them a letter.”  That’s not what this is about at 
all.  This is about scooping up a million IP addresses, sending them to the 
ISPs that are associated with those IP addresses, and demanding that those 
users have their accounts permanently terminated.  Now, I don’t know about 
your house, but my house, about eight people use my computer.  That means, 
all eight people, seven of whom may be completely innocent, in fact, all 
eight of whom may be completely innocent.  My kid sends a book report that 
has Harry Potter’s name in it and we permanently lose our Internet 
account.  No recourse, no way to call them back.  How does that 
happen?  How does that happen under the law?  We say, well, It doesn’t, it 
shouldn’t, not in this country.

ANDREW SCHWARTZMAN:  Let me, briefly, give from the perspective of the 
user.  As journalists, the fair use rights are incredibly important to you 
as journalists, and you have colleagues, like Declan McCullagh, who post a 
lot of content, quote letters, quote articles, and speeches.  In this kind 
of blunderbuss approach, you could well have a site that had your own 
personal journalism, or excerpts of your own stories, challenged by the 
copyright owner, and you would have under the, even under the inadequate 
protection of the Digital Millennium Copyright Act, an opportunity to go 
back and say, no, don’t shut down my site, I’m a journalist exercising 
First Amendment rights, and I’m excerpting something that’s of public 
interest, because I’m writing about it from the standpoint of a journalist 
exercising my First Amendment rights, I have a fair-use right to do this 
quote.  That’s the kind of thing that we’re talking about and the kind of 
problem that happens with this blunderbuss approach.  Now, having said all 
that, there are moments when I’d like to see Declan’s site taken down, but 
that’s another discussion.  Other Questions?

Seeing no other questions, I’ll count to three and consider this exercise 
terminated.  One, two, three.  Thank you very much.




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Declan McCullagh's photographs are at http://www.mccullagh.org/
-------------------------------------------------------------------------
Like Politech? Make a donation here: http://www.politechbot.com/donate/
Recent CNET News.com articles: http://news.search.com/search?qÞclan
-------------------------------------------------------------------------