01:45 PM

Megaupload Takedown Questioned By Users, Lawyers

Scrutiny increases from users and lawyers regarding the DOJ's decision to block legally uploaded content and pursue criminal charges against file-sharing company..

10 Companies Driving Mobile Security
10 Companies Driving Mobile Security
(click image for larger view and for slideshow)
Did U.S. authorities overstep their jurisdiction when they pulled the plug on cyberlocker service Megaupload last week?

To make its case that the file-sharing site needed to be shuttered, the Justice Department Thursday seized Megaupload's servers and released a 72-page indictment accusing seven Megaupload executives of racketeering, money laundering, and copyright violations, which allowed them to amass $175 million in "criminal proceeds" since the company was founded in 2005.

Legally speaking, the feds were able to execute their takedown of Megaupload in part because the company, which is based in Hong Kong, hosted many of its servers in Virginia and Washington, D.C..

But the founder of Megaupload, Kim Dotcom (aka Kim Tim Jim Vestor, aka Kim Schmitz), has denied all of the charges leveled against him. Dotcom appeared Monday in a New Zealand courtroom, together with three other Megaupload executives who'd been apprehended in that country at the request of U.S. authorities. All four men have requested bail, but police have labeled Dotcom a flight risk, saying he might have access to secret bank accounts abroad. Accordingly, the presiding judge said he'll review the matter and issue a ruling by Wednesday, according to media reports, which will likely apply to all four men. Parole questions aside, experts estimate that extradition proceedings, if initiated by the United States, could take up to a year.

[ Read about how hacktivist group Anonymous retaliated for the DOJ's takedown of Megaupload. Anonymous Retaliates For Megaupload Raids: 10 Key Facts. ]

Currently, Megaupload's servers remain offline, and browsing to the site resolves to a graphic announcing that "this domain name associated with the website Megaupload.com has been seized pursuant to an order issued by a U.S. District Court." The statement provides no indication of when any of the data stored by the site might be restored, if ever.

In response to the FBI's crackdown on Megaupload, file-sharing site Filesonic immediately disabled link sharing for uploaded content. According to a notice posted on the site: "All sharing functionality on FileSonic is now disabled. Our service can only be used to upload and retrieve files that you have uploaded personally."

But users' inability to access content that they'd legally stored on Megaupload has been leading to a populist backlash against the takedown. Academic Steve Su, for example, told The Sydney Morning Herald in Australia that the FBI's mass takedown had inappropriately blocked legitimate content that he'd uploaded for sharing with his students.

"It's like confiscating everyone's mobile phone because terrorists used them," he said. "I don't think it's correct to penalize the technology because, based on that logic, shouldn't the Internet be taken down, as this is how people infringe copyright?"

Meanwhile, veteran Spanish privacy attorney Carlos Snchez Almeida, who's based in Barcelona, said the takedown may have violated people's privacy rights under Spanish law. Accordingly, he's threatened to file suit over the Megaupload takedown. On his Jaque Perpetuo blog, Almeida wrote Friday that "Spanish citizens who had accounts in Megaupload should collect as much information about the files that they had hosted, for the purposes of a possible claim" against the U.S. government. In particular, the U.S. government's actions may conflict with Spanish data-access and privacy laws, especially if U.S. authorities begin accessing data that was stored by Megaupload.

Interestingly, the majority of Megaupload's user traffic came from outside the United States, based on statistics from traffic measurement company Alexa. The greatest share of user traffic came from France (10%), followed by Brazil (8.8%), the United States (7.3%), and Spain (7.2%), reported The Daily Caller.

The Justice Department's tactics, including accusing a file-sharing website of racketeering, money laundering, in addition to copyright violations, has some U.S. legal experts asking whether the case would stand up in court. "These actions, more suitable to the type of steps that the government takes against an organized-crime enterprise dedicated to murder, theft, and racketeering, are astonishing," said Jeff Ifrah, an attorney who co-chairs the American Bar Association's criminal justice section and committee on white collar crime, via phone.

"The government seems to have ignored the fact that other popular content-sharing sites have successfully defended themselves in civil cases by using the safe harbor provisions of the Digital Millennium Copyright Act, which provide immunity to a site that promptly takes down infringing content," he said.

To make the Justice Department's case, prosecutors must prove that safe harbor rules didn't apply to Megaupload. Accordingly, the indictment accused Megaupload executives of failing to remove copyrighted material from their site, even after copyright holders had requested it be removed. But Ifrah said it's not clear whether Megaupload's failure to remove certain pieces of content reached the level of criminal intent. Perhaps, instead, the company didn't receive some takedown notices, or disagreed with certain requests.

Furthermore, the government's racketeering charge--typically only used for mob cases involving drugs or gambling--suggests to Ifrah that prosecutors are overreaching. "The allegations here are very similar to the allegations that were made in the YouTube case," in which Viacom accused the video-sharing site of hosting almost 160,000 unauthorized pieces of content, he said. "Certainly no one accused YouTube of having mob-like activities."

The right forensic tools in the right hands are just a start. The new Digital Detectives issue of Dark Reading shows you how to better apply the lessons they teach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
User Rank: Apprentice
1/23/2012 | 8:57:11 PM
re: Megaupload Takedown Questioned By Users, Lawyers
As usual the US has tried to bully its way around again and as usual has stretched the law to suit itself in the hope it will get at least something out of the action. This time they have gone to far. This time they have tried to bully a person with the money to fight them back and then sue the britches off the US government.
To pursue this action leaves universities, that rely on the net to educate their students in distance education, in line for prosecution as all material in schools are written by someone else. Not only that all students that upload their assessments, and assignments for the teacher to mark will now face legal action for copyright infringement. Yes we know it is their own work but if the US were to succeed in their action this is what WILL happen. The US intends to deploy legal action against all material used and since most research and empirical material comes from the US, uni's world wide are now in a lot of trouble.
Will the US succeed? No. It is not possible and the international legal community is moving to stop the US pulling this off. The world no longer tolerates the US's bullying and reacts quickly to any attempt at control by the US.
It is time now for all students to seek litigation against the US government for illegally stopping them downloading or uploading their own material. This is going to be rather profitable for many people and the bill for the yanks is going to finally make them wake up to the reality they don't control the world anymore nor will they get away with bullying.
John doe
John doe,
User Rank: Apprentice
1/23/2012 | 8:20:25 PM
re: Megaupload Takedown Questioned By Users, Lawyers
All this because the MPAA lobbyists threatened to pull financial support to White house.

Hey White house I need help with my business too, can you close down the restuarant next to mine. They have a customer in there that plays music all day and I think he downloaded it from the internet. So please close down there place and I will contribute to your reelection. Your doing it for the MPAA so its only fair right? Thanks.
<<   <   Page 2 / 2
Register for Dark Reading Newsletters
White Papers
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.