Just 12 months after being arrested for copyright infringement, racketeering and money laundering for his involvement with now-defunct cyberlocker Megaupload, and despite facing extradition from New Zealand to the US to face such charges, Kim Dotcom has launched Megaupload’s successor: Mega.
The site went live on January 19 with more than 100,000 users signing up in the first hour and more than 1 million registrations in the first 24 hours.
While there are obvious similarities between Mega and Megaupload, a key point of difference, according to Dotcom, is the fact Mega and its users are protected by a solid legal framework.
So is Dotcom right? Will Mega be able to avoid the legal issues that led to Megaupload’s demise?
Wait, what is Mega even for?
Mega is a file storage service similar to Dropbox, Google Drive, and Apple’s iCloud.
The idea behind such cloud services is simple: users may upload data and then access that data from elsewhere. Most services (including Mega) permit sharing of the uploaded files with others.
It is through this sharing mechanism that users can commit acts of piracy by sharing copyrighted material such as music, movies, books and so on.
Engaging in or facilitating copyright piracy is outlawed in many countries, and offenders face sanctions including liability to pay damages or disgorge profits to rights holders.
Safe harbour
Content hosts and internet providers usually have access to “safe harbour” provisions limiting their liability when user behaviour infringes copyright. These provisions are generally conditional on the content host removing the infringing material as soon as they are aware of it, and having a policy of disciplining users who repeatedly break the rules.
The indictment of Kim Dotcom and others in the “Mega Conspiracy” claims instead that Megaupload actively supported users who used the service to share infringing material.
According to the indictment, Megaupload was the single largest piracy repository on the internet. And by facilitating piracy the service apparently cost copyright owners US$500 million in lost revenue while making US$175 million in profits.
Same, but different
One of the the features that sets Mega apart from its predecessor is the encryption of files during the upload process.
Encrypting files in this way means all files stored on Mega are useless to anyone who doesn’t have the decryption key. This means the administrators of Mega cannot view the contents of a file, and so they cannot determine whether a file contains business material or the latest Hollywood blockbuster.
A simple legal argument can then be made: if Mega doesn’t know what it’s hosting, then it cannot be held responsible if that content is infringing, or otherwise illegal.
But like most simple arguments, this one is wrong.
Infringement notices
Most content hosts have no idea what content they are hosting, but instead rely on notices from copyright owners to identify content which may be infringing. In the case of Mega, any links that are distributed for the purpose of sharing copyright material will still result in infringement notices being sent.
YouTube is an example of a site on which all uploaded content is checked via an automated content-matching process. This process is in place to detect unauthorised copies of video material or soundtracks. By providing this tool to copyright owners, YouTube avoids most claims of piracy.
Mega, on the other hand, uses across-the-board encryption, and because of this it is technically impossible to proactively filter or check content.
Without these automated tools, content owners are left with the Sisyphean task of locating and reporting infringing content to Mega.
Nothing has changed in the legal landscape with respect to liability of content hosts. In order to use the “safe harbour” provisions, Mega must remove infringing content as soon as it becomes aware of it, and must also discipline the person responsible. Without the “safe harbour” provisions Dotcom can expect another raid in the near future.
Legally watertight?
The Mega site help files and terms of service are very copyright focused. They require users to not infringe on anybody else’s intellectual property, nor do anything illegal.
All responsibility for content is with the user. The help files and terms of service also set out processes for the handling of copyright notices, and how to make counterclaims.
In all, it’s fairly standard legal boilerplate comparable to most other content services – with the bonus that it invokes Article 12 of the Universal Declaration of Human Rights. That is:
No-one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.
In theory, Mega is a model content host which appears to comply with best practice. User content is kept private through encryption, procedures are in place to take down infringing content upon notices being filed, and Mega promises to terminate the accounts of repeat infringers.
What now?
Those with a stake in Hollywood and the music industry are furious with Mega’s launch. Anti-piracy lobby group StopFileLockers has already commenced a successful campaign to cut off funding to Mega. They claim that the new Mega is simply a re-launch of Megaupload.
StopFileLockers has highlighted that as Mega only holds encrypted files, automated processes cannot be used to locate infringing material, and so will be a haven for copyright pirates.
The behaviour of Mega over the coming months will send a clear signal to copyright holders and those who file-share. The question remains: can Dotcom’s latest venture stick to the rules, or will the entrepreneur again find himself in hot water?
Dotcom is using privacy as the reason to offer a service which automatically encrypts all content. While privacy is important, it appears that the purpose of the automatic encryption is primarily to provide Mega with excuses to not proactively co-operate with rights holders.
By structuring their service to technically preclude co-operating with rights holders, Mega is a distinctly copyright unfriendly service.
Con Zymaris
Untethered Polymath
Karl,
assuming the crypto which underpins the Mega secure-locker platform is (or will, with time become) robust, how do you propose that copyright owners (or indeed Mega themselves) will be able to identify any infringed content? Without this, then nothing can be done against anyone infringing copyright.
Mega is an example of what happens (not the first, and wont be the last) when some laws which may work in meat-space are attempted in the virtual world. There is almost always a technological mechanism to bypass them.
This is merely a generalisation of Gilmore's Law:
"The Net treats censorship as a defect and routes around it."
Source: http://en.wikiquote.org/wiki/John_Gilmore
-- Con
Con Zymaris
Untethered Polymath
Oh, and I forgot to add - if there isn't a technological mechanism to bypass 'roadblocks', there's sometimes a geopolitical one:
Antigua gets OK to become copyright haven
"The islands of Antigua and Barbuda are threatening to strip intellectual property protections from American goods as part of a long-running trade dispute over the U.S. embargo on the tiny Caribbean nation's online gambling industry."
Source: http://www.sfgate.com/business/technology/article/Antigua-gets-OK-to-become-copyright-haven-4228808.php
Santiago Gutierrez Alzate
logged in via Facebook
Actually, copyright owners can identify infringed content when they get access to the publicly distributed links of those files (since the links MUST have the encrypted file key to make other users able to download them). Yes, they have to do it manually, but the same is true for google links (except youtube), for example. Copyright owners have the same tools as users to get access to the links (and the files).
Thaiis Thei
logged in via Twitter
This article tells one side of the story and is thus massively uninteresting. How about a bit of analysis of the issues around copyright rather than just parroting the party line?
Kelly Schofield
Intern
The article is great for people like me who haven't kept up day to day.
It's interesting for the same reason watching motorsports is interesting, you are following events because there might be a great big smash!
Rex Chan
logged in via email @gmail.com
Interesting - I don't know the details of how safe harbour works exactly, found another article from an obvious pro torrent source - http://torrentfreak.com/anti-piracy-company-tests-megas-copyright-takedown-skills-130126/ that suggests that Mega may in face be complying fine.
Paul Hatch
logged in via Twitter
I hate to point out the obvious, but Megaupload was not bought down by the law and has yet to be proven to have acted illegally. Infact, it is a matter of record that the only illegal activity that has been proven in the case has been perpetrated by the FBI and the DOJ.
Gavin Putland
logged in via Facebook
"By structuring their service to technically preclude co-operating with rights holders, Mega is a distinctly copyright unfriendly service," writes Karl Schaffarczyk.
Yes, and by designing Windows 98 to technically preclude complying with a court order to unbundle Internet Explorer, Microsoft produced a distinctly Sherman-Act-unfriendly operating system, and got away with it.
And by using so-called anti-circumvention devices to technically preclude "fair use" which is LEGAL under U.S. copyright…
Read moreSean Manning
Physicist
@Gavin Putland
It also goes against 'the vibe' of the constitution. ;)
Karl Schaffarczyk
Law Student at University of Canberra
A 2002 precedent ruling that a file sharing system couldn't use encryption to "design out" inspection of the content.
http://news.cnet.com/Court-Anonymous-P2P-no-defense/2100-1025_3-1022462.html?tag=mncol;txt
Gavin Putland
logged in via Facebook
Karl Schaffarczyk wrote: 'A 2002 precedent ruling that a file sharing system couldn't use encryption to "design out" inspection of the content.'
Very good. So where does that leave software vendors who mix OS and browser functions in the same binary file to "design out" compliance with competition law, or copyright holders who use anti-copying technology to "design out" fair use?
John Zigar
Researcher
Hi Karl, interesting article. However, I am more concerned about companies, through governments, infringing on my right(s) to store and share my data. I don’t want unauthorised strangers examining my personal files. I have used such upload sites to send personal home videos to friends and family overseas. What right does anyone have to inspect and view my personal files? Can a company open my mail or parcels to see whether I have a copy of a CD in there? No! The focus is un-proportionally geared towards protecting the rights of companies and not of peoples’ personal files.
Karl Schaffarczyk
Law Student at University of Canberra
John,
fair points, but consider these:
Parcels are routinely x-rayed where they travel by air, and both Australia Post and Customs have legislated authority to open, inspect, and dispose of mail and parcels. This includes goods or materials which infringe copyrights and intellectual property - the current list of IP related materials is here: http://www.customs.gov.au/site/page4414.asp
So, yes: a company (or government agency) can open your mail and parcels if they hold a reasonable suspicion that you have a copy of a CD in there.
You are always entitled to encrypt your files yourself and then upload them to another cyberlocker service. Google Drive is but one of many which come to mind as suitable for this purpose, and Google Drive is a service which is several orders of magnitude less likely to be raided by a US-led international task force.
Con Zymaris
Untethered Polymath
John,
we are certainly entitled (nowadays) to use strong encryption, but that wasn't always the case:
http://en.wikipedia.org/wiki/International_Traffic_in_Arms_Regulations
http://encryption_policies.tripod.com/us/rubinstein_1200_software.htm
http://en.wikipedia.org/wiki/Phil_Zimmerman
The problem that Mega solves, for most non-technical people, is that of reducing the complexity of and thus the barrier-to-entry to encryption.
I don't see any valid reasons as to why only technically-competent individuals should have access to privacy.
-- Con
Con Zymaris
Untethered Polymath
Sorry, that comment was in response to Karl, not John.
Santiago Gutierrez Alzate
logged in via Facebook
"Dotcom is using privacy as the reason to offer a service which automatically encrypts all content. While privacy is important, it appears that the purpose of the automatic encryption is primarily to provide Mega with excuses to not proactively co-operate with rights holders."
This is as true as saying that the main purpose of a door making company to make doors is to prevent the police from inspecting illegal activities that might take place in the homes where those doors are installed.
Karl Schaffarczyk
Law Student at University of Canberra
Santiago,
Your analogy is wide of the mark.
Encryption (locks and doors) is not the problem, homes (privately held materials) are not a problem.
Dotcom is renting out large self-storage lockers to people who he doesn't know, doesn't want to know, and he's not even keeping a master key.
American, but relevant: http://www.crime-expert.com/storage.htm
The problems transfer to the online world very neatly.
Yoron Hamber
Thinking
What gives you the right to assume a master key for my material? Internet was made to be a open forum, but nowadays we see it get more and more restricted. Although the idea of copy right and patents are a good thing in itself, as it gives a sort of protection for original works, it has become a travesty of that those day, where American companies patent you genome.
It's gone to far.
Robert Tony Brklje
Robert Tony Brklje is a Friend of The Conversation.
retired
Let's not forget Megaupload was destroyed upon accusation not after being pronounced guilty in a court of law.
All indications are that Vice President Biden politically pushed through the prosecution in order to garner fiscal support for the upcoming election.
In turn the New Zealand government was forced to drop it's pants in turn for a seat in the TPP http://en.wikipedia.org/wiki/Trans-Pacific_Strategic_Economic_Partnership free trade zone, which as it turns out pretty much sucks as far as the general population is concerned.