Because: A) The accusation isn't that it was 'uploaded', it's that it was 'made available' - i.e. members of the public were able to snag a copy of the game from your computer. If it was only available to A. N. Scriptkiddie then how would Davenport Lyons have found out about it? B) Davenport Lyons' counter-claim would be that you have a responsibility to look after your computer and internet connection - including ensuring that people are unable to use it without your permission. Ignoring silly comparisons to crime (leaving loaded guns lying around and not locked in a Police-approved cabinet will get you in trouble if someone kills someone with it, and likewise if you leave the handbrake off and your car rolls down a hill and splats a pedestrian because someone bumped it you're in trouble again) there are several civil instances of the doctrine of care: if you leave your front door unlocked or a window open when you leave your house, your insurance company will not compensate for losses caused by theft; if you are careless in your workplace you can be sued, even if something wasn't directly your fault - look at the adverts for various ambulance chasers: one shows someone tripping over plastic wrapping that was carelessly thrown on the floor, and the company is sued for 'personal injury' to the tune of X thousand; another example is that if you write your PIN down and keep it with your credit card, your bank will attempt to hold you responsible for monetary losses if that card is stolen and misused. Basically, you could say that there was a virus on your PC that did all the nasty things, but you'd have to present evidence that there really was a virus - you'd need an expert witness to testify to that fact. People keep saying that it's up to Davenport Lyons to 'prove' that you are 'guilty', but they've got proof in the form of logs that show that the Internet connection in your name made the file available. If you want to counter that proof, you'll need more compelling proof of your own. Simply saying "I didn't do it" will not stand up in court. Likewise, you can't get away with "my flatmate/brother/lover/neighbour did it" unless you're willing to get them sued in your stead.
Correct me if I'm wrong, but I thought even if you did turn around and say "My flatmate / brother / sister / pet ape did it", they would sue yourself (assuming the connection is in your name), for not giving enough attention to the usage. After all, when you sign up to a connection, it is your responsibility.
Indeed, but looking at the quoted text, I didn't think they could also sue the person you blamed it on. Maybe I'm missing something, wouldn't surprise me if I was (very busy day over here)
It's possible they could - again, I'm unfortunately having to compare to an actual crime here - but bear with me. If you get caught by a 'safety camera' for speeding, a letter is generated and sent to the registered keeper of the vehicle (as recorded at the DVLA) asking for a bunch of money and points on the licence in exchange for not taking that person to court. The person who receives the notification is welcome to demonstrate that someone else - a partner, for example - was driving at the time, in which case the responsibility - and fine, and points - passes to that person instead. There will need to be some proof available for this to happen - either the named party will have to confess, or the registered keeper will have to prove that they couldn't have done it (in a meeting all day with witnesses, for example). I was extending this to a civil suit - if you can prove that it was a friend, either by having them admit it or by discounting your own computer in a two-computer household, then Davenport Lyons is likely to proceed against that party rather than yourself even though you are the 'registered keeper' of the Internet connection. Now, whether this would happen or not I'm not entirely certain - I predict, however, that Davenport Lyons will back off at the first sign of defiance, meaning the whole thing is moot anyway.
The fact of the matter, as I see it, is this: - Most people use an internet connection with a dynamic I.P. - Therefore, they would need to prove, BEYOND REASONABLE DOUBT, that it was your computer that was connected using that IP address at that particular time. - I think the accuracy of these 'logs' that they have has been questioned on a few occasions. As I said - the case will most likely get thrown out of court. If it doesn't, and by some fluke they win, if I were you I would simply refuse to pay. Let them spend lots of money on hiring bailiffs to recover the debt. They won't get it. Just be careful who you let in your house. Even if I could afford it, I would refuse to pay, just on principal.
Yes. Yes. Your ISP knows exactly which customer is using which IP at any given time, via logs on the RADIUS server. Otherwise they wouldn't be able to chase up complaints of abuse, spamming, and criminal investigations - nor would they be able to tally up the amount of data you've been transferring if you're on a limited or 'fair-use' account. Currently the logs are usually held for the period of one year, but there was talk of extending this to five years. You think wrong. The logs are unimpeachable - given an accurate timestamp (which is where the questions are raised) an ISP will tell you exactly which customer was using the connection at that time. I doubt it would get that far. Terrible advice. A ruined credit record will be the result of that action, and better yet they can apply for garnishee - which is where they get a court order requiring your employer to deduct the amount from your salary and pay it direct to them. Additionally, refusal to comply with an ruling by a court is a crime.
I Am Not A Lawyer, Nor Do I Play One On TV. However, I do have an interest in law - or, more accurately, an interest in my rights with regard to the law. I am experienced when it comes to the operation of an ISP, however: where my legal advice is nothing more than the outpourings of my uneducated knowledge, my advice as regards ISP logging is fact based.
It may be bad advice, but personally if I don't agree with paying something, I Will Not Pay It. And you say the records cannot be innacurate - says who? The ISP? Just because they say that, I wouldn't nessecarily believe them. The logs are kept by a computer, and we all know how infallible computers are.
I'm guessing you've never had a speeding fine, then - fail to pay that and it's off to jail with you, whether you agree with it or not. You can't just not pay something a court has ordered you to because you "don't agree with it" - if you don't agree, you appeal. Says me. Try RFC 2865 for an explanation. Is it worth mentioning at this point that I do this stuff for a living? Yes - a lot more infallible than a human. When you connect to the ISP, you use a username and password which is unique to you and tied to your account. Additionally, the telephone number to which your ADSL line is tied is used as a further verification system. The RADIUS server validates your user information and grants access to the 'net, recording: timestamp,accountid,assignedip The timestamp is synched via NTP, so it's accurate down to the millisecond mark, and in no way relies on time information from your computer or your router. Now, tell me how that is fallible? Even if someone has your username and password, they'll still register under their account ID unless they're actually in your house.
I can't remember what my point was with the spoofed IP thing. First off, I'm not sure if its TCP or UDP these networks use. Assuming someone wanted to download something without uploading, and the system was UDP, could they not send malformed packets to achieve this? ie, when downloading the file, they need to give their correct IP otherwise they recieve nothing. When uploading however, could they not just give the IP of another user in the swarm and have all upload traffic directed to them? I assume maybe not as I'd guess the network would tie the two together to prevent this. Anyway, how much data do DL have? have they monitored your account/IP over x hours to confirm its not just an erroneous packet that they had with your IP on?
No. That's not possible. Whether it's UDP, TCP, or IPX - you cannot spoof an IP and engage in two-way communication (i.e. P2P, whether you're downloading or uploading) unless you either have control over the computer assigned to the spoofed address or you perform ARP poisoning or similar - which isn't possible on the scale we're talking about. As yet, we don't know - that's what the DPA SAR is going to tell us. The chances are they - or, more accurately, one of the 'investigative' agencies has, on their behalf - requested data from a torrent and received a not-inconsiderable chunk of it from the IP address assigned to the persons connection. Before any of you say "but that means that they were pirating!", no it doesn't: they were doing so on behalf of the copyright holders and with full permission. They can upload and download to their hearts content.
So what happens if someone d/l off of you 2mb out of a 700mb file, surely you cannot get done for sharing a full copy. What is that? Partial sharing or something?
No, 'making available'. You can 'make available' a file without someone having to download it at all - simply the fact that they could have downloaded it is enough. If Davenport Lyons can show that they were able to download any part of the game in question, it proves that you made said game available for download.
I very much doubt you'll find any file sharing service that uses UDP because it's so completely unreliable. UDP is fine for peer-to-peer video/voice stuff, but for actual files that need to be uncorrupt and complete, it has to be a no-no. See above, it just ain't gonna be UDP. TCP packets, by nature, don't get erroneous (you don't "accidentally" find the wrong IP in a packet).... They do however, like any packet regardless of the protocol being used, get corrupted or go missing, but TCP was designed to get around those issues and ensure that you do get everything and in the right order in the end. Assuming we're talking about bittorrent here (which btw, is completely TCP based) then DL won't have any "packets" (impossible without them performing a man-in-the-middle attack - which they won't be), they'll just be connecting to trackers and asking the tracker for all of the peer_ids it knows about for a given info_hash, and will then look up the IPs associated to those peer_ids. bittorrent protocol
Like who? Last time I checked, in order to participate in a BitTorrent swarm you needed: 1) To find a BitTorrent tracker 2) To find a torrent containing the file you're after 2.5) To install BitTorrent software (may not apply to some OS - Ubuntu, for example, comes with one by default) 3) Download the .torrent file 3.5) Open torrent file with BitTorrent software (required if the file associations aren't properly set up) That's three separate steps - five if you count the half-steps, and six if you need to forward ports in your router to get it to work properly. Even if you claim you 'didn't know' that you were making the file available to others, you must have known you were downloading it without permission. Again, I'm comparing to a crime here: if you buy a widescreen TV off a bloke in the pub for a tenner, the defence of "I didn't know it was stolen" will not hold water - you will be charged with handling stolen goods regardless, because it's obvious it's stolen.
Well I have personally known freinds and family that didn't know downloading music for free off of the internet was illegal until I told them. The only reason we are on these forums is because we like computers, right? so we have way over average PC skills and knowledge, that's what we have to understand here. And because of the above statement, you can't compare it to stolen goods outside etc. And with making a file available, I mean someone downloads a file, and without knowing, is making that file available to others, and then they pick up a fine and think "How the hell?"
Let's put it this way. If I got a speeding ticket, and if I was driving the car in question, over the speed limit, at that time, then I would pay the fine. However, if I knew for sure that I was NOT guilty of the offence, I would, quite rightly, not pay. And if I appealed and I was still found guilty, I still wouldn't pay. Anyway. The ISP's logs may be correct, but they only store information about IP addresses, not about what you have downloaded or uploaded. That information comes from the prosecuting company, who I assume run a filesharing client in order to get the IP address of uploaders. Where is the definite proof that THIS information is correct? In other words, how can they prove beyond all doubt that your IP address actually did upload that file at that time? Outgoing packets can be spoofed, surely?
