Yesterday, convicted identity thief Gregory Kopiloff was reportedly sentenced to 51-months in prison for using LimeWire to download inadvertently shared tax returns, credit reports, bank statements and student financial aid applications that he then used to commit credit-card fraud.

Some sources report Kopiloff as the first case involving inadvertent sharing and identity theft. Actually, it is the first federal prosecution of an ID thief who exploited inadvertent sharing. Back in 2006, Denver District Attorney Mitchell Morrissey indicted an 8-person ring that used LimeWire to download inadvertently shared files, commit identity theft and fraud, and then use its proceeds to buy and sell crystal meth.

For prosecutors, this means that nine identity thieves exploiting inadvertent sharing have gone down and "tens of thousands" remain. This latter point was reinforced in two recent Information Week stories (here and here) that focused on inadvertent sharing of corporate data:

Are peer-to-peer networks really filled with sensitive corporate data just waiting to be plucked and abused? It seems unlikely--surely people wouldn't be that sloppy....

The results were shocking and scary--loads of confidential business documents and enough personal information to ruin any number of lives and create PR nightmares for quite a few companies. Among the business documents were spreadsheets, billing data, health records, RFPs, internal audits, product specs, and meeting notes, all found in a quick expedition....

The Info Week researcher looking for such documents also reportedly found an "information concentrator," someone who appeared to be deliberately collecting other people's inadvertently shared data--bank passwords, credit card numbers, credit reports and tax returns. The researcher realized the irony of what he had discovered: Persons trolling for inadvertently shared documents have the strongest legal and practical reasons not to "share" the data they download. Consequently, Info Week's potential identity thief was almost certainly "sharing" his data stash inadvertently.

If the professional thieves who exploit inadvertent sharing cannot consistently manage to avoid doing it themselves, one can well imagine what happens to the 26% of the 9-to-14-year-olds who reportedly use LimeWire. Indeed, those who would assume that such kids understand even the best-known of the risks that they are incurring should review Torrentfreak's interview with "Hannah," the reported pseudonym of a nine-year-old LimeWire user. Here is a sample:

TF. …"You mentioned you like Sean Kingstone - what if I told you that Sean Kingstone’s boss might send you a letter asking for money because you shared his album on LimeWire? What would you say to him?...."

[Hannah]: "I’d say “tooooo strict!” and anyway he can’t make me do anything. He’s not the boss of me, he’s the boss of Sean Kingstone."

TF. "What do you think might happen if you didn’t pay him?"

[Hannah]: Nothing. I’m too young to be charged by the government so he can’t charge me.

This interview illustrates yet another reason why inadvertent sharing must end. It also illuminates three other important points about Internet copyright enforcement:

First, if Hannah's family has to drain her college fund to settle a potentially ruinous infringement lawsuit, that will happen because distributors of programs like LimeWire chose to ignore the 512(d) safe harbor and to lack any means of disconnecting infringing users and responding to takedown notices. They chose, in other words, to create a conflict between users of their programs and copyright owners that the latter could not resolve through means less punitive than infringement lawsuits. As a result, suing infringing LimeWire users (like "Hannah") was the copyright-enforcement solution proposed by LimeWire LLC in Grokster.

Second, in Grokster, over 8 public-interest organizations, 79 professors of intellectual-property law and a vast array of technology companies and Internet savants argued that that distributors of file-sharing programs should not be liable even if they did intentionally "induce," (i.e., encourage or dupe), 9-year-old-girls into violating federal law. Why not? Well, these amici argued, inter alia, that the adult inducers should go free because copyright owners could just sue the many thousands of children and college students that they induced. Such sue-the-children arguments were made by entities including the distributors of LimeWire, Morpheus and Grokster, CNET, university librarians, some Internet-service providers, and Project Gutenberg, the Internet Archive and four professors from Harvard Law School's Berkman Center for the Study of the Internet and Society. In Grokster, such arguments were also rejected, unanimously, by all nine Justices of the United States Supreme Court.

Third, today, many countries are re-assessing whether and how we can significantly reduce the deliberately-crafted problem of file-sharing piracy without asking copyright holders (or prosecutors) to sue tens of thousands of children, students, and single mothers. For the sake of all concerned, I hope that this debate will feature Internet-community thinking more creative than the sue-the-children/my-customers mantra that animated the defense of the Grokster respondents. Indeed, even LimeWire LLC now argues that there are now better, alternative solutions to the mess that it made--albeit legislated solutions that impose significant costs upon all concerned, except LimeWire LLC.

posted by Thomas Sydnor @ 9:45 AM | Academia, DMCA, Enforcement & Remedies, Free Culture Movement, Internet: P2P, Search Engines..., Privacy and Security, Supreme Court

Link to this Entry | Printer-Friendly | Email a Comment | Post a Comment(3)