@Ben Norris
>>"
a) They don't prove that anything was uploaded when they log IPs
b) they can't prove that the logged IP was genuinely from the right ISP or spoofed
c) the ISPs records are not reliable enough to tie it to a certain household
d) when you get to the household there is no record to tie it to a specific PC
e) there is no way to prove it wasn't a trojan or somebody accessing a wireless AP
f) and finally there is no way to prove who was using the PC at the time."
I thought that at least some of the tracking *was* waiting for people to be sourcing copyright content before logging their IP address? That way, they can get people for making content available, not merely downloading it.
If that was the case, that deals with a)
As for b), if I actually connect to a machine via an IP address to download content from them, how can I keep a connection running in both directions if they have a fake address? Unlessthere's something between my machine and the internet which is doing some redirection, packets I send presumably must end up at the actual IP address.
Surely it's only if the packets I send disappear *and* someone can generate packets with a fake 'from' address' *and* they can anticipate all the packets I'd expect to get back that they could really spoof the address?
c) Are you sure that no ISP has reliable records of who had what IP address at a certain time?
Even for people with dynamic adresses, they don't change that often, and there are all kinds of reasons (including legal ones) for keeping the relatively tiny amount of data needed for a year or two of connection records.
Also, a lot of people have static IP addresses anyway.
d)+e) you might not be able to tie traffic to a specific PC from outside, but you *could* certainly do that if you had access to the machines, whether enforced, or with the co-operation of a responsible householder.
as for f), if you knew the filesharing was happening on a machine authorised to be on the network, that'd be a good justification for suspending network access if the customer had already had clear prior warnings that something was going on which they had done nothing about.
Even though civil damages don't look like the best way of dealing with everyday filesharing, if someone is unable/unwilling to control people they give network access to, then the buck does eventually stop with them, whether it's a loss of connection or even civil damages.
If someone is actually being *consistently* reckless as to what they allow to happen on the network they control, then they do have some liability.
Also, even though I'd say again that civil damages don't look like the best way of dealing with filesharing, *especially* if there haven't been any kind of initial warnings to deter the casual filesharer, for all the talk of the need for perfect evidence, Magna Carta, longstanding freedoms, hard-fought-for human rights, etc, people should remember that the burden of proof in civil cases *is* lower than in criminal cases - 'balance of probabilities' vs. 'beyond reasonable doubt'.
If there *had* been warnings and someone didn't take any action, they might find it quite hard to defend themselves in a subsequent civil action.
I think that's one of the major problems with letters out of the blue - they seem much more designed to make money than to stop people doing something, which is seriously unfair when there's a chance that the first thing a target ISP customer knows about someone abusing the network connection is a letter arriving.
In practice, in the first instance, there's a whole range of responsibility, from people not knowing that their network was insecure or that someone they allowed to use their network was doing something wrong through people who suspected or knew what was happening through to people doing it themselves.
Giving people warnings does give them the chance to sort things out, and also makes 'We honestly didn't know it was happening' much less of a usable response to future letters or actions.
Still needs some kinds of safeguards, though, so someone who really isn't capable of securing their network can get some cheap/free assistance if they need it. Which also obviously then makes "I didn't know how to/couldn't afford to fix it" less useful a s response to later letters.
I guess that's the thing about a more reasonable approach - the more reasonable and helpful it is, the better it is for the innocent customer, the easier it makes it for the casual offender to stop gracefully, and also the harder it makes it for the persistent offender to claim ignorance of what was happening, or a technical inability to prevent it happening again.
Which is ultimately what I guess many of the music industry people want - to stop people taking the piss, while not getting bad PR in the process.