| Status |
OPEN |
| Opened On |
2010-01-31 10:06:05 AM by Linode |
| Last Updated On |
2010-02-03 09:40:58 AM by nock |
| Closed On |
|
| Regarding |
nocko_net
|
| Description |
|
Update by tasaro
2010-01-31 10:06:46 AM
|
Please investigate and update this ticket within 24 hours to avoid a disruption in service.
We have received a complaint in connection with the below-pasted details from Columbia Pictures Industries Inc. regarding materials contained in the specified web site that are infringing upon the claimant's intellectual property rights.
We are required by federal law to act expeditiously in removing or disabling access to the infringing materials. We therefore strongly recommend that you immediately remove the infringing materials.
Please note that under the Digital Millennium Copyright Act, you have the right to file a counter-notice claiming that either (a) the Claimant is wrong and that the Infringing Material is lawfully posted on the Web Site or (b) that the Infringing Material has been misidentified. We encourage you to review the procedures for filing a counter-notice which you can send back to us.
Please note that Linode has only passed on the the Claimant's notice and has not sought to determine whether the Infringing Materials on the Web Site do indeed infringe upon the Claimant's intellectual property rights.
-----------------------------------
Infringing Work: Michael Jackson's This Is It
First Found: 27 Jan 2010 18:43:15 EST (GMT -0500)
Last Found: 27 Jan 2010 18:43:15 EST (GMT -0500)
IP Address: 69.164.196.245
IP Port: 23320
Protocol: BitTorrent
Torrent InfoHash: 23D47A6285D183F1A793ADD62769440A6F8D0309
Containing file(s):
This.Is.It.2009.CUSTOM.SWESUB.DVDR-iNjECT.torrent (3,905,609,036 bytes)
|
Update by nock
2010-01-31 11:06:47 AM
|
Dear Tasaro [Linode]:
Thank you for forwarding me the notice you received from Columbia Pictures Industries regarding Michael Jackson's This is it. I would like to assure you that, contrary to the assertions in the notice, 1) I am not hosting or making available the claimed infringing materials, and 2) you are already protected by the Digital Millennium Copyright Act's ("DMCA") safe harbor from any liability arising from this complaint. The notice is incorrect, probably based upon misunderstandings about law and about some of the software I run.
First, in terms of legal liability, this notice does not create any risk for you as a service provider. As you know, the DMCA creates four "safe harbors" for service providers to protect them from copyright liability for the acts of their users, when the ISPs fulfill certain requirements. (17 U.S.C. § 512) The DMCA's requirements vary depending on the ISP's role. You may be most familiar with the "notice and takedown" provisions of DMCA 512(c), but those apply only to content hosted on your servers, or to linking and caching activity. The "takedown notice" provisions do not apply when an ISP merely acts as a conduit. Instead, the "conduit" safe harbor of DMCA 512(a) has different and less burdensome requirements, as the D.C. Circuit Court of Appeals held in RIAA v. Verizon (see http://www.eff.org/legal/cases/RIAA_v_Verizon/opinion-20031219.pdf) and the Eighth Circuit Court of Appeals confirmed in RIAA v. Charter (see http://www.eff.org/IP/P2P/Charter/033802P.pdf).
Here, any content that came from or through my computers merely passed through your network, so DMCA 512(a) applies. Under DMCA 512(a), you are immune from money damages for copyright infringement claims if you maintain "a policy that provides for termination in appropriate circumstances of subscribers and account holders of the service provider's system or network who are repeat infringers." Since you have implemented such a policy, you are free from fear of copyright damages, period.
As for what makes a reasonable policy, as the law says, it's one that only terminates subscribers who are repeat infringers. A notice claiming infringement is not the same as a determination of infringement. The notification you received is not proof of any copyright infringement, and it certainly is not proof of the "repeat infringement" that is required under the law before you need to terminate my account. I have not infringed any copyrights and do not intend to do so. Therefore, you continue to be protected under the DMCA 512(a) safe harbor, without taking any further action.
You might be curious, though, about what did trigger the notice. The software that likely triggered the faulty notice is a program I run called Tor. Tor is network software that helps users to enhance their privacy, security, and safety online. It does not host or make available any content. Rather, it is part of a network of nodes on the Internet that simply pass packets among themselves before sending them to their destinations, just as any Internet host does. The difference is that Tor tunnels the connections such that no hop can learn both the source and destination of the packets, giving users protection from nefarious snooping on network traffic. Tor protects users against hazards such as harassment, spam, and identity theft. In fact, initial development of Tor, including deployment of a public-use Tor network, was a project of the U.S. Naval Research Laboratory, with funding from ONR and DARPA. (For more on Tor, see https://www.torproject.org/.) As an organization committed to protecting the privacy of its customers, I hope you'll agree that this is a valuable technology.
Thank you for working with me on this matter. I feel that I have taken appropriate measures to insulate you and inform would be complaintants of my intentions to function within the limits of established law. If you have any requests that would ease your statutory notification burden, I would be eager to work with you. As a loyal subscriber, I appreciate your notifying me of this issue and hope that the complete protections of DMCA 512 put any concerns you may have at rest. If not, please contact me with any further questions.
Yours sincerely,
Shawn Nock
|
Update by tasaro
2010-01-31 11:14:03 AM
|
Hi Shawn -
Thank you for the prompt response. We will set this ticket to auto-close and will notify you of any future complaints.
-Tom
|
Update by sschwertly
2010-02-01 09:37:20 AM
|
Hello,
We have received an additional DMCA complaint. Please see the attached cut below:
--
Infringing Work: Harry Potter and the Deathly Hallows (Audio)
First Found: 31 Jan 2010 20:59:52 EST (GMT -0500)
Last Found: 31 Jan 2010 20:59:52 EST (GMT -0500)
IP Address: 69.164.196.245
IP Port: 26098
Protocol: BitTorrent
Torrent InfoHash: 32F4DC7054BB9AB943EC1E3DBC86E34DFF73A821
Containing file(s):
Book 7. Harry Potter & the Deathly Hallows.torrent (1,335,520,618 bytes)
--
Please review the following section of our Terms of Service regarding Tor:
"Linode does not prohibit the use of distributed, peer to peer network services such as Tor, nor does Linode routinely monitor the network communications of customer Linodes as a normal business practice. However, customers are responsible for the contents of network traffic exiting their Linode. Any usage that prompts the receipt of abuse complaints pertaining to violation of United States and/or international copyright law must be promptly discontinued to avoid service cancellation for violation of these terms."
Please investigate this issue and update us with your outcome in this ticket.
Regards,
Stan
|
Update by nock
2010-02-01 10:08:31 AM
|
[Official DMCA response, personal reponse to linode to follow]
Dear Stan:
Thank you for forwarding me the notice you received regarding Harry Potter and the Deathly Hallows audiobook. I would like to assure you that, contrary to the assertions in the notice, 1) I am not hosting or making available the claimed infringing materials, and 2) you are already protected by the Digital Millennium Copyright Act's ("DMCA") safe harbor from any liability arising from this complaint. The notice is incorrect, probably based upon misunderstandings about law and about some of the software I run.
First, in terms of legal liability, this notice does not create any risk for you as a service provider. As you know, the DMCA creates four "safe harbors" for service providers to protect them from copyright liability for the acts of their users, when the ISPs fulfill certain requirements. (17 U.S.C. § 512) The DMCA's requirements vary depending on the ISP's role. You may be most familiar with the "notice and takedown" provisions of DMCA 512(c), but those apply only to content hosted on your servers, or to linking and caching activity. The "takedown notice" provisions do not apply when an ISP merely acts as a conduit. Instead, the "conduit" safe harbor of DMCA 512(a) has different and less burdensome requirements, as the D.C. Circuit Court of Appeals held in RIAA v. Verizon (see http://www.eff.org/legal/cases/RIAA_v_Verizon/opinion-20031219.pdf) and the Eighth Circuit Court of Appeals confirmed in RIAA v. Charter (see http://www.eff.org/IP/P2P/Charter/033802P.pdf).
Here, any content that came from or through my computers merely passed through your network, so DMCA 512(a) applies. Under DMCA 512(a), you are immune from money damages for copyright infringement claims if you maintain "a policy that provides for termination in appropriate circumstances of subscribers and account holders of the service provider's system or network who are repeat infringers." Since you have implemented such a policy, you are free from fear of copyright damages, period.
As for what makes a reasonable policy, as the law says, it's one that only terminates subscribers who are repeat infringers. A notice claiming infringement is not the same as a determination of infringement. The notification you received is not proof of any copyright infringement, and it certainly is not proof of the "repeat infringement" that is required under the law before you need to terminate my account. I have not infringed any copyrights and do not intend to do so. Therefore, you continue to be protected under the DMCA 512(a) safe harbor, without taking any further action.
You might be curious, though, about what did trigger the notice. The software that likely triggered the faulty notice is a program I run called Tor. Tor is network software that helps users to enhance their privacy, security, and safety online. It does not host or make available any content. Rather, it is part of a network of nodes on the Internet that simply pass packets among themselves before sending them to their destinations, just as any Internet host does. The difference is that Tor tunnels the connections such that no hop can learn both the source and destination of the packets, giving users protection from nefarious snooping on network traffic. Tor protects users against hazards such as harassment, spam, and identity theft. In fact, initial development of Tor, including deployment of a public-use Tor network, was a project of the U.S. Naval Research Laboratory, with funding from ONR and DARPA. (For more on Tor, see https://www.torproject.org/.) As an organization committed to protecting the privacy of its customers, I hope you'll agree that this is a valuable technology.
Thank you for working with me on this matter. I feel that I have taken appropriate measures to insulate you and inform would be complaintants of my intentions to function within the limits of established law. If you have any requests that would ease your statutory notification burden, I would be eager to work with you. As a loyal subscriber, I appreciate your notifying me of this issue and hope that the complete protections of DMCA 512 put any concerns you may have at rest. If not, please contact me with any further questions.
Yours sincerely,
Shawn Nock
|
Update by pparadis
2010-02-01 10:14:16 AM
|
Hello,
We are familiar with the boilerplate DCMA response proffered by the EFF. This is not an acceptable response; please take a moment to review our terms of service, with special attention to section 3 (prohibited usage): <http://www.linode.com/tos.cfm>. While we do not specifically prohibit the use of Tor, we do prohibit actions that contribute to copyright infringement, and you are responsible for the traffic exiting your network interface. You will need to take measures to ensure that we do not continue to receive these notifications. Please update this ticket with measures taken to mitigate these issues.
Thanks,
Phil
|
Update by nock
2010-02-01 10:29:29 AM
|
In my previous two responses I indicated that I solicited "any requests that would ease your statutory notification burden" and that "I would be eager to work with you". Do you have requests for additional exit port limitations for the tor service? I am willing to explore the ARIN's SWIP procedure to funnel this sort of complaint directly to me or listen to any ideas that you may have to limit your reporting burden. Perhaps an addition to your API?
I already have the reverse DNS setup to a clear name that states the intent of the service (tor-proxy.nocko.net). http://tor-proxy.nocko.net/ give an informative page about the relevant legal status of such a service. If Columbia Pictures Industries Inc. had bother to employ any due diligence in the investigation of their claim this would not be an issue. The main site http://nocko.net clearly has Human Right Content.
As a company whose business model is built on technology pioneered through the free exchange of information, I admit I expected you to be less... arbitrary in your ToS and its enforcement. The law is clear that there is no way for you to be liable for any of this activity. In light of this, why back corporations over your own customers?
I know that you are busy and that short clips of the ToS usually "gets the job done", but you need to let me know what I can do to make our continued business relationship possible. If you aren't interested, I'll take my business elsewhere. Having just reviewed Slicehost's Terms of Service, I can say that it corresponds more closely with US law than arbitrary ban on services that generate spam from litigious corporations.
I would like to remain your customer, a urge you to help build a solution with which we may both live.
Yours sincerely,
Shawn Nock
|
Update by nock
2010-02-01 10:31:33 AM
|
I also block the following exit ports that include the most common ports used for bit-torrent traffic:
reject 0.0.0.0/8:*
reject 169.254.0.0/16:*
reject 127.0.0.0/8:*
reject 192.168.0.0/16:*
reject 10.0.0.0/8:*
reject 172.16.0.0/12:*
reject 69.164.196.245:*
reject *:25
reject *:119
reject *:135-139
reject *:445
reject *:563
reject *:1214
reject *:4661-4666
reject *:6346-6429
reject *:6699
reject *:6881-6999
accept *:*
|
Update by pparadis
2010-02-01 11:58:31 AM
|
Hello,
We certainly understand your position. As noted in the copy you submitted in your responses, while the DCMA provides safe harbor provisions, we have a responsibility to enforce a policy of terminating repeat offenders. We certainly don't want to have to pursue this course of action with any customer, so we try our best to recommend means of avoiding these kinds of issues.
Additionally, I'd like to note that we strongly value open communications and open standards. Along with that, we believe in respecting everyone's rights, and thus we take a firm stance on issues like copyright and trademark abuse, spam, and other forms of network abuse.
To address your specific case with regard to Tor use, we recommend disabling exit node functionality if your node becomes the target of repeated abuse. While we do not monitor customer network communications as a routine business practice, we must act appropriately in cases where our network is being used for unlawful or abusive purposes. I'm certain you understand this, and hope that you're willing to work with us in bringing any such issues to an appropriate resolution that is in line with our terms of service.
Please let us know if you have any questions regarding this matter, and let us know when you believe you have taken appropriate measures to prevent recurrence of the issues that prompted the opening of this ticket.
Thanks,
Phil
|
Update by nock
2010-02-01 01:20:49 PM
|
Phil, thank you for your continued dialogue in this matter.
You are correct that you must terminate repeat offenders to qualify for "safe harbour" under DMCA 512, but as the EFF's boilerplate points out, I am not a repeat offender as there is no offence being committed. Being an offender refers to US Copyright law, not your terms of service. Therefore, being the recipient of multiple unfounded allegations does not disqualify your company from safe harbour provision under DMCA 512 nor do these allegations make me an offender.
I don't think that disabling exit-node functionality is a solution that is equitable or fair, under the circumstances. As a law-abiding customer, I think that crippling the functionality of a service that I pay for to redress the unsubstantiated, automated claims of a third-party is unwise as a matter of course. I liken that choice to voluntarily giving up the right to perform services similar to those that your company and your ISPs perform each day (simply routing packets to their destination). The EFF (and) believe that acting as a tor router gives my node "safe harbour" as well, so long as it adheres to the DMCA 512 provisions.
Relay nodes are important to the Tor network, but the limiting resource in the current router composition is exit nodes. Media companies who spread FUD are making it difficult to support the freedom needed for regular people to communicate free from censorship and the control of authoritarian regimes. To my mind the operation of an exit node most directly accomplishes my goal of increasing open communication where it is most needed.
I am attempting to explain how I operate within the law, how you are protected by that same law and also trying to persuade you about the importance of acting on your strong values about open communication, but I do realise that I may be in violation of your ToS. If we can not come to some kind of mutually agreeable compromise, I will cease and desist (immediately) and take my business elsewhere.
I will not take my business elsewhere to punish your company, or because I was forced to by media companies, or forced by repressive US law. I will take my business elsewhere because remaining your customer would subject me to censorship of protected speech by your company through its terms of service. It is your company that has decided, without evidence, that my communications are unsavoury. If it is possible to look past your immediate business interests for a moment, I ask you to reflect on the power you organization has to censor the communications of its customers and ask you to exercise that power wisely and justly.
Solutions that I am interested in discussing:
1. Moving the node to London [outside the jurisdiction of DMCA?]. If this would subject you to less DMCA spam, I am not opposed.
2. Adopting a default deny policy with many open ports to support common usage models [http, ftp, e-mail, chat, etc]. Of course, some tor users could abuse those open ports for other uses...
3. I can assure you that my node operates within the bounds of US law, and am willing to negotiate verification of this.
4. I will give due consideration to other suggestions offered by Linode.
I appreciate your prompt responses and have always thought highly of your support and infrastructure teams.
Yours sincerely,
Shawn Nock
|
Update by pparadis
2010-02-01 05:27:24 PM
|
Hello,
We'd be happy to schedule a migration to London. With this in mind, please note that if we receive frequent complaints of this nature, this issue will have to be revisited. If you would like to migrate, your disk images and configuration profiles would move with your Linode, although your IP addresses would have to change (you'd be notified in advance of the new IPs). You would be able to perform the migration at your leisure, although we would ask that it be completed within three days of initial scheduling.
Please let us know how you would like to proceed. In the meantime, we'll set this ticket to auto-close as we monitor for any additional complaints.
Thanks,
Phil
|
Update by dariti
2010-02-02 11:06:38 PM
|
Hi,
While I certainly understand that you are running TOR on your Linode and have taken measures to reduce BitTorent traffic, it appears that your exit node is being severely abused. We have now received an additional two DMCA complaints.
Best Regards,
Danny Ariti
--------------------
INFRINGEMENT DETAIL
--------------------
Infringing Work: The Book of Eli
First Found: 28 Jan 2010 10:23:08 EST (GMT -0500)
Last Found: 28 Jan 2010 10:23:08 EST (GMT -0500)
IP Address: 69.164.196.245
IP Port: 19516
Protocol: BitTorrent
Torrent InfoHash: C3F81F89ECCAE03537A3D4D4AD6058BE8F86DFE1
Containing file(s):
The.Book.of.Eli.TS.XVID-IMAGiNE.[www.torrentfive.com].torrent (761,571,364 bytes)
Infringing Work: Sherlock Holmes
First Found: 28 Jan 2010 15:27:24 EST (GMT -0500)
Last Found: 28 Jan 2010 15:27:24 EST (GMT -0500)
IP Address: 69.164.196.245
IP Port: 62002
Protocol: BitTorrent
Torrent InfoHash: 70F809661A64A245A26B1687BD8F794E539CF28C
Containing file(s):
Sherlock.Holmes.2009.DVDSCR.XviD.AC3-ViSiON.torrent (1,574,598,749 bytes)
|
Update by nock
2010-02-03 09:40:58 AM
|
Dear Mr. Ariti:
I appreciate your analysis that my relay had been abused. It has been my point that my router is as susceptible to abuse as any other router on the Internet and that I am protected from liability by DMCA 512(a). I also would like to remind you that the notices that you receive that I am infringing copyrighted material are provably inaccurate. I think a more diligent analysis of the situation would conclude that the abuse of your DMCA takedown notice management procedure is the continuing source of our shared problem.
Responding directly to the two newest claims, they are both dated 28 January 2010. This is before your team and I started taking measures to limit the number of annoying tickets you must create regarding my legal activity. I would contend that since we have already taken measures to limit the number of complaints that these two "most recent" notices are simply an effect of latency in the generation of their form-letters.
Yesterday (against my better judgement) I further restricted the exit ports available for use from my router such that neither of the ports mentioned in the complaints is available any longer. The full ACL is listed at the end of this message.
Regardless of our differing opinions on freedom, I hope that you will concede that I am making every effort possible to work within your system. It is my hope that at some point you will stop threatening censure against your customer and investigate how your system is being abused.
Your escalation of third-party takedown notices (which are merely notices) to threats has been especially troubling in recent days. While I concede that a business case can usually be made for eschewing customer needs, I hope that you will not continue to pursue this path.
Yours Sincerely,
Shawn Nock
ExitPolicy reject 0.0.0.0/8:*
ExitPolicy reject 169.254.0.0/16:*
ExitPolicy reject 127.0.0.0/8:*
ExitPolicy reject 192.168.0.0/16:*
ExitPolicy reject 10.0.0.0/8:*
ExitPolicy reject 172.16.0.0/12:*
ExitPolicy reject 69.164.196.245:*
ExitPolicy accept *:22
ExitPolicy accept *:80
ExitPolicy accept *:443
ExitPolicy accept *:993
ExitPolicy accept *:143
ExitPolicy accept *:110
ExitPolicy accept *:995
ExitPolicy accept *:5222
ExitPolicy accept *:5269
ExitPolicy accept *:6660-6669
ExitPolicy accept *:20
ExitPolicy accept *:21
ExitPolicy accept *:465
ExitPolicy accept *:531
ExitPolicy accept *:548
ExitPolicy accept *:554
ExitPolicy accept *:706
ExitPolicy accept *:860
ExitPolicy accept *:873
ExitPolicy accept *:989
ExitPolicy accept *:990
ExitPolicy accept *:992
ExitPolicy accept *:1234
ExitPolicy accept *:1503
ExitPolicy accept *:1550
ExitPolicy accept *:1755
ExitPolicy accept *:3260
ExitPolicy accept *:3283
ExitPolicy accept *:3784
ExitPolicy accept *:5004
ExitPolicy accept *:5005
ExitPolicy accept *:5060
ExitPolicy accept *:50ExitPolicy accept *:5223
ExitPolicy accept *:5298
ExitPolicy accept *:6679
ExitPolicy accept *:6697
ExitPolicy accept *:8080
ExitPolicy accept *:8008
ExitPolicy accept *:8010
ExitPolicy accept *:8074
ExitPolicy accept *:8090
ExitPolicy accept *:8200
ExitPolicy accept *:9000
ExitPolicy accept *:9009
ExitPolicy accept *:9418
ExitPolicy accept *:11371
ExitPolicy reject *:*
|