Friday, August 20, 2010

How Anti-P2P lawsuit evidence is collected.

There are many people around the world that have received a letter, demanding money because of a bittorrent download. The question that is going through their heads is 'how did they track me', with perhaps "how can I prevent them?" To address this, I made a video that should explain these things.

If you've been following P2P news in the last few years, you'll have heard of the UK cases, where people are getting letters from lawyers (First Davenport Lyons, then ACS:law) accusing them of downloading games, music or hardcore pornography. More recently, this has spread to the US, with the US Copyright Group (USCG) targeting thousands.

People who get these letters (whether they did what they are accused of or not) are often left wondering 'how could they tell it was me?" The short answer is there are many ways to tell, but the simplest one is 'swarm participation.

As this video shows, it's very easy to detect people using this method, and to save the data for later use.

This method does have some advantages over other methods.
  • It tends not to fall for tracker-added spoofs
  • it can handle multiple torrents at once
  • It is undetectable in use
  • It's extremely cheap to set up and run.
  • It can be used on any kind of connection, from a low-end home DSL connection, through a commercial leased line, to a colocated box (such as a seed box)
There are some downsides though:
  • The system clock must be accurate, as must the clock on the ISP's IP address assigner/logger.
  • It can still generate the odd false positive
  • It requires torrents to be added, either manually, or via RSS feeds set up for the job. It's not fully automated.

Never the less, the fact that it is undetectable in use means that the first time people are aware that the torrents have been monitored, are when the letters drop through the door, or their ISP forwards on an email. It's undetectable because it's acting just like a regular client. It behaves no differently than any other peer in the swarm, except it is logging all it's activities instead of forgetting them.

Those who have been targetted by an allegation (accurately) may also ask the question "How do I stop them from doing it?". Unfortunately for those people, there is no easy way. Since the IP addresses are not readily identifiable, they won't be on blocklists (despite the claims of the scam-artists that run them), so there's no point in bothering with them. Likewise, this method works just as well on private trackers, as public ones, if not better, because of the smaller pool of peers (plus the extra evidence of a registration-required tracker make it a more tempting target). That only really leaves seedboxes, and VPNs. That will protect you at first, but as most require a form of payment, that can be additional evidence (as well as proving intent, and negating the wifi defence, amongst others)

If you're really paranoid, just don't torrent at all, as that's the best way to be sure, although that doesn't mean you won't get a letter, as studies have shown. The best advice is probably just to be smart, and to think before you act.

And remember, under '3-strikes', this is all the evidence needed for a strike.

If the video doesn't work for you, or you'd like to watch the full resolution (1200x640) version (135 MB), you can download it via bitorrent with this torrent file, or this (mainline) magnet link (curious about magnet links? click here)


  1. Most clients can be set up (usually no more than one click) to report a false IP. As long as the plaintiff can't prove than the IPs in his file are genuine (which he can't), the judge will most likely dismiss this evidence upon request.

  2. The litigative history says otherwise, Frank.

    A DMCA notice doesn't require a judge. Also, by the time you get to a judge, in a civil case, you've had to spend as much on a lawyer, and on filing procedures, as the settlement would cost. Finally, many places are moving to a 3-strikes system, where this is evidence, and it's up to you to prove your innocence at appeal. Oh, and there's no judge there either.

  3. Oh, and in a civil case, it's based on a preponderance of the evidence. ie, if he's got evidence to say you did it, and you have none proving you didn't, you lose.
    He can prove it's genuine enough, you then have to prove it's not. Welcome to the wonderful world of copyright litigation.