RIAA File-Sharing Crusade Hits Major Stumbling Block

Appeals court says ISPs don't have to identify suspected pirates.

The recording industry's crusade against illegal file-sharing suffered a major setback Friday when a three-judge panel determined the method used to identify online pirates could no longer be used.

The U.S. Court of Appeals for the District of Columbia overturned a previous federal decision that upheld the Recording Industry Association of America's practice of obtaining the identity of suspected illegal file-sharers through their Internet service providers.

Through such subpoenas, the RIAA was able to file more than 340 copyright-infringement lawsuits, totaling hundreds of millions of dollars, since September. Many defendants have settled, fearing costly court proceedings (see "Sixty-Four Alleged File-Sharers Back Down In Face of RIAA Lawsuits").

The ruling doesn't bar the RIAA from ever again suing users of peer-to-peer file-sharing networks who trade copyrighted works, though doing so will be more expensive and time consuming. No longer will ISPs, such as Verizon, AOL and Earthlink, be required to surrender the names and addresses of customers just because the RIAA provides a list of the Internet protocol addresses of suspected pirates. IP addresses are assigned to computers connected to an ISP’s server and, with a corresponding time, can be traced back to a specific subscriber.

"Regardless of this decision, we will continue to defend our rights online on behalf of artists, songwriters and countless others involved in bringing music to the public," RIAA President Cary Sherman said in a statement. "We can and will continue to file copyright-infringement lawsuits against file-sharers who engage in illegal activity."

The appeals court's decision also means the RIAA won't be able to warn file-sharers that a lawsuit is coming. Many of those who were notified that a lawsuit was forthcoming settled before litigation began.

The controversy over the ISP subpoenas stemmed from a clause in the 1998 Digital Millennium Copyright Act (DMCA), which stated that a copyright holder may "request the clerk of any United States district court to issue a subpoena to [an ISP] for identification of an alleged infringer."

The RIAA acted upon that law in July 2002, when it ordered Verizon Internet Services to hand over the names of two suspected file-sharers. Verizon refused on First Amendment grounds, and the RIAA took the issue to court. In April, Verizon surrendered the names but vowed to appeal the court's decision (see "Verizon Surrenders Names of Suspected Song Pirates To The RIAA").

Since the DMCA was written before the popularity of peer-to-peer file-swapping networks, the law was aimed at pirates who upload copyrighted material to Web or FTP sites, and not to those who store it on their personal computers.

"P2P software was not even a glimmer in anyone's eye when the DMCA was enacted," Chief Judge Douglas H. Ginsburg wrote in the decision. "Furthermore, such testimony as was available to the Congress prior to passage of the DMCA concerned 'hackers' who established unauthorized FTP or BBS sites on the servers of ISPs. ... The Congress had no reason to foresee the application of [the DMCA] to P2P file-sharing, nor did they draft the DMCA broadly enough to reach the new technology when it came along."

Down but not entirely out, the RIAA's Sherman took the decision in stride, but his statement exuded an air of "no more Mr. Nice Guy." "Verizon is solely responsible for a legal process that will now be less sensitive to the interests of its subscribers who engage in illegal activity," he said.

For complete digital music coverage, check out the Digital Music Reports.