Post-Napster policing reopens ISP wounds

Facing the prospect of a post-Napster world, tension is building between copyright holders and ISPs over who should police file-swapping networks that may step in as replacements.

John Borland Staff Writer, CNET News.com
John Borland
covers the intersection of digital entertainment and broadband.
John Borland
5 min read
Facing the prospect of a post-Napster world, tension is starting to build between copyright holders and Internet service providers over who should police other file-swapping networks that are poised to step in as replacements.

Record industry representatives have contacted ISPs in more than a hundred cases over the last few weeks alone, asking them to shut down or otherwise block access to subscribers' computers that are offering Napster-like file-trading facilities.

This is a common practice when a subscriber is offering copyrighted material on a Web page or FTP site hosted by the ISP, for example. But in a peer-to-peer model, songs and other copyrighted material are located on individual computers, not the host's servers. This has prompted some ISPs to say that the record industry and copyright holders are overstepping their bounds.

"The content community would like ISPs to act as a global police force, and that's not their job," said Dave McClure, chief executive of the United States Internet Industry Association (USIIA), the main ISP trade association. "It seems to me that ISPs don't have the obligation or even the right to monitor the data on their subscribers' hard drives."

Reluctance by ISPs to pursue alleged copyright violators into their homes could make it costly for content owners to bring infringers to heel. But even if ISPs refused to cooperate fully with copyright holders, it's unlikely they would be able to provide consumers with a perfect shield from enforcement actions.

Nevertheless, policies on peer-to-peer file sharing could hold important consequences for consumer privacy.

Today ISPs do not interfere with the content on subscribers' hard drives. If they accept the role of policing peer-to-peer connections, even at the copyright holders' requests, it will significantly expand the ISPs' power over their subscribers' personal equipment and online actions. In some cases, they could pull the plug on subscribers who have shared music or operated Napster-like services, a step ISPs say they are loathe to take against peer-to-peer participants.

A gray area?
The points of contention are a few provisions in the Digital Millennium Copyright Act (
DMCA), a 1998 law that was passed only after lengthy negotiations between copyright companies, telecommunications giants, and ISPs. As a part of that law, the ISPs won so-called safe harbors, which shield them from being liable for copyrighted material posted on their networks as long as they take down material when it is identified by the copyright holders.

The record and software industries have routinely used this law against online music pirates who are offering MP3s on Web pages, for example. ISPs, which do not want to be caught in the type of lawsuit that threatens Napster with damages of millions of dollars, have generally been quick to comply.

But peer-to-peer file swapping has changed the playing field. In that model--used by Napster and alternatives such as OpenNap and Gnutella--all of the content is located on individuals' computers. ISPs only provide a connection to the Internet, and they do not look inside the data flowing through their subscribers' computers to tell what might be copyrighted.

The same software that allows individuals to trade files allows copyright holders to track them down, however. Although swappers are not broadcasting their names to the Net, software programs such as Napster or Gnutella expose numerical network addresses that can be traced back to an ISP.

For several months, groups of copyright holders have been using monitoring software to identify individuals on these networks. The Record Industry Association of America (RIAA) and Copyright.net, which represents music publishers, have used this information to try to persuade ISPs to stop their customers' actions.

Frank Creighton, the RIAA senior vice president in charge of anti-piracy efforts, says that this way is less intrusive--both in a privacy and an administrative sense--than issuing warrants to the ISPs for their subscribers' personal information and tracking down individuals themselves. To date, all of the ISPs contacted in more than 120 cases of people running independent Napster servers on their computers have responded or immediately complied with the RIAA's requests, he says.

Creighton and executives at Copyright.net admit there is some ambiguity about how well the "notification and takedown" provisions of the DMCA fit a situation where content is not on an ISP's servers. But each cites another provision of the copyright law, which requires ISPs to respond if there are multiple complaints from a copyright holder about the actions of one of their subscribers. Those who ignore this provision could lose their protections against lawsuits in other areas, they say.

"This is a threshold for (ISPs) receiving any kind of safe-harbor protections," said Richard Rose, vice president of legal affairs and business development for Copyright.net.

Decisions to make
ISPs are beginning to come to terms with the subtleties of the peer-to-peer situation. Most have complied with traditional takedown notices and are just realizing that the new model takes them away from familiar territory.

An EarthLink representative, while declining comment on specific instances, said the DMCA does not give the company responsibility for acting on complaints about content located on its subscribers' computers.

AOL Time Warner's America Online declined to comment on the issue. Verio, which has taken positions defending its subscribers' free speech in the past, said that it is "still looking into all the issues."

Perhaps the most vocal opponent of the copyright holders' actions has been USIIA's McClure. He says his association has full sympathy for the record industry's motives and does not want to defend people who are violating copyrights. But he can not accept a role for ISPs that requires them to monitor or block content that is not on their own servers, he says.

"This is another effort to force ISPs to carry a mantle of liability that they should not have," McClure said. "If you follow this logic to its extreme, we will have to go after Ford or Chrysler every time there is a bank robbery, just because one of their cars was used for the getaway."

The different interpretations of the law make it likely that the tension will rise as more people move from Napster and into file-swapping networks that are not linked to a single company. This model threatens the delicate balance struck between the two powerful camps during the DMCA negotiations--unless a court steps in to give clear guidance.

"ISPs have to be an integral part of the process," the RIAA's Creighton said.