Risk
1/23/2012
01:45 PM
50%
50%

Megaupload Takedown Questioned By Users, Lawyers

Scrutiny increases from users and lawyers regarding the DOJ's decision to block legally uploaded content and pursue criminal charges against file-sharing company..

10 Companies Driving Mobile Security
10 Companies Driving Mobile Security
(click image for larger view and for slideshow)
Did U.S. authorities overstep their jurisdiction when they pulled the plug on cyberlocker service Megaupload last week?

To make its case that the file-sharing site needed to be shuttered, the Justice Department Thursday seized Megaupload's servers and released a 72-page indictment accusing seven Megaupload executives of racketeering, money laundering, and copyright violations, which allowed them to amass $175 million in "criminal proceeds" since the company was founded in 2005.

Legally speaking, the feds were able to execute their takedown of Megaupload in part because the company, which is based in Hong Kong, hosted many of its servers in Virginia and Washington, D.C..

But the founder of Megaupload, Kim Dotcom (aka Kim Tim Jim Vestor, aka Kim Schmitz), has denied all of the charges leveled against him. Dotcom appeared Monday in a New Zealand courtroom, together with three other Megaupload executives who'd been apprehended in that country at the request of U.S. authorities. All four men have requested bail, but police have labeled Dotcom a flight risk, saying he might have access to secret bank accounts abroad. Accordingly, the presiding judge said he'll review the matter and issue a ruling by Wednesday, according to media reports, which will likely apply to all four men. Parole questions aside, experts estimate that extradition proceedings, if initiated by the United States, could take up to a year.

[ Read about how hacktivist group Anonymous retaliated for the DOJ's takedown of Megaupload. Anonymous Retaliates For Megaupload Raids: 10 Key Facts. ]

Currently, Megaupload's servers remain offline, and browsing to the site resolves to a graphic announcing that "this domain name associated with the website Megaupload.com has been seized pursuant to an order issued by a U.S. District Court." The statement provides no indication of when any of the data stored by the site might be restored, if ever.

In response to the FBI's crackdown on Megaupload, file-sharing site Filesonic immediately disabled link sharing for uploaded content. According to a notice posted on the site: "All sharing functionality on FileSonic is now disabled. Our service can only be used to upload and retrieve files that you have uploaded personally."

But users' inability to access content that they'd legally stored on Megaupload has been leading to a populist backlash against the takedown. Academic Steve Su, for example, told The Sydney Morning Herald in Australia that the FBI's mass takedown had inappropriately blocked legitimate content that he'd uploaded for sharing with his students.

"It's like confiscating everyone's mobile phone because terrorists used them," he said. "I don't think it's correct to penalize the technology because, based on that logic, shouldn't the Internet be taken down, as this is how people infringe copyright?"

Meanwhile, veteran Spanish privacy attorney Carlos Snchez Almeida, who's based in Barcelona, said the takedown may have violated people's privacy rights under Spanish law. Accordingly, he's threatened to file suit over the Megaupload takedown. On his Jaque Perpetuo blog, Almeida wrote Friday that "Spanish citizens who had accounts in Megaupload should collect as much information about the files that they had hosted, for the purposes of a possible claim" against the U.S. government. In particular, the U.S. government's actions may conflict with Spanish data-access and privacy laws, especially if U.S. authorities begin accessing data that was stored by Megaupload.

Interestingly, the majority of Megaupload's user traffic came from outside the United States, based on statistics from traffic measurement company Alexa. The greatest share of user traffic came from France (10%), followed by Brazil (8.8%), the United States (7.3%), and Spain (7.2%), reported The Daily Caller.

The Justice Department's tactics, including accusing a file-sharing website of racketeering, money laundering, in addition to copyright violations, has some U.S. legal experts asking whether the case would stand up in court. "These actions, more suitable to the type of steps that the government takes against an organized-crime enterprise dedicated to murder, theft, and racketeering, are astonishing," said Jeff Ifrah, an attorney who co-chairs the American Bar Association's criminal justice section and committee on white collar crime, via phone.

"The government seems to have ignored the fact that other popular content-sharing sites have successfully defended themselves in civil cases by using the safe harbor provisions of the Digital Millennium Copyright Act, which provide immunity to a site that promptly takes down infringing content," he said.

To make the Justice Department's case, prosecutors must prove that safe harbor rules didn't apply to Megaupload. Accordingly, the indictment accused Megaupload executives of failing to remove copyrighted material from their site, even after copyright holders had requested it be removed. But Ifrah said it's not clear whether Megaupload's failure to remove certain pieces of content reached the level of criminal intent. Perhaps, instead, the company didn't receive some takedown notices, or disagreed with certain requests.

Furthermore, the government's racketeering charge--typically only used for mob cases involving drugs or gambling--suggests to Ifrah that prosecutors are overreaching. "The allegations here are very similar to the allegations that were made in the YouTube case," in which Viacom accused the video-sharing site of hosting almost 160,000 unauthorized pieces of content, he said. "Certainly no one accused YouTube of having mob-like activities."

The right forensic tools in the right hands are just a start. The new Digital Detectives issue of Dark Reading shows you how to better apply the lessons they teach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
Hmmmm
50%
50%
Hmmmm,
User Rank: Apprentice
1/23/2012 | 8:57:11 PM
re: Megaupload Takedown Questioned By Users, Lawyers
As usual the US has tried to bully its way around again and as usual has stretched the law to suit itself in the hope it will get at least something out of the action. This time they have gone to far. This time they have tried to bully a person with the money to fight them back and then sue the britches off the US government.
To pursue this action leaves universities, that rely on the net to educate their students in distance education, in line for prosecution as all material in schools are written by someone else. Not only that all students that upload their assessments, and assignments for the teacher to mark will now face legal action for copyright infringement. Yes we know it is their own work but if the US were to succeed in their action this is what WILL happen. The US intends to deploy legal action against all material used and since most research and empirical material comes from the US, uni's world wide are now in a lot of trouble.
Will the US succeed? No. It is not possible and the international legal community is moving to stop the US pulling this off. The world no longer tolerates the US's bullying and reacts quickly to any attempt at control by the US.
It is time now for all students to seek litigation against the US government for illegally stopping them downloading or uploading their own material. This is going to be rather profitable for many people and the bill for the yanks is going to finally make them wake up to the reality they don't control the world anymore nor will they get away with bullying.
John doe
50%
50%
John doe,
User Rank: Apprentice
1/23/2012 | 8:20:25 PM
re: Megaupload Takedown Questioned By Users, Lawyers
All this because the MPAA lobbyists threatened to pull financial support to White house.

Hey White house I need help with my business too, can you close down the restuarant next to mine. They have a customer in there that plays music all day and I think he downloaded it from the internet. So please close down there place and I will contribute to your reelection. Your doing it for the MPAA so its only fair right? Thanks.
<<   <   Page 2 / 2
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-4807
Published: 2014-11-22
Sterling Order Management in IBM Sterling Selling and Fulfillment Suite 9.3.0 before FP8 allows remote authenticated users to cause a denial of service (CPU consumption) via a '\0' character.

CVE-2014-6183
Published: 2014-11-22
IBM Security Network Protection 5.1 before 5.1.0.0 FP13, 5.1.1 before 5.1.1.0 FP8, 5.1.2 before 5.1.2.0 FP9, 5.1.2.1 before FP5, 5.2 before 5.2.0.0 FP5, and 5.3 before 5.3.0.0 FP1 on XGS devices allows remote authenticated users to execute arbitrary commands via unspecified vectors.

CVE-2014-8626
Published: 2014-11-22
Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before 5.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by including a timezone field in a date, leading to improper XML-RPC encoding...

CVE-2014-8710
Published: 2014-11-22
The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.

CVE-2014-8711
Published: 2014-11-22
Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?