Risk
1/31/2012
12:18 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Megaupload Users Get Reprieve, But Legal Questions Remain

Hosting providers agree to hold data files for two weeks while cyberlocker company's lawyers negotiate with the U.S. government.

Good news for Megaupload users: Your data just got a two-week reprieve from being deleted.

Friday, U.S. district attorney Neil MacBride had written to Megaupload's lawyers, informing them that federal investigators had finished reviewing Megaupload data, and that it could be deleted from servers just one week later. "It is our understanding that the hosting companies may begin deleting the contents of the servers beginning as early as February 2, 2012," wrote MacBride.

In the United States, Megaupload leases servers from two hosting providers: Carpathia Hosting and Cogent Communications. Since the Justice Department froze Megaupload's assets, however, the file-sharing site could no longer pay its leasing bills.

But Ira Rothken, Megaupload's U.S. attorney, said the two hosting providers have since agreed that they won't delete the Megaupload data they're storing, for at least two more weeks. "The hosting companies have been gracious enough to provide additional time so we can work out some kind of arrangement with the government," Rothken said, according to news reports. The negotiations are meant to free up funds to pay the hosting providers to recover some data, which he said may also aid Megaupload's defense.

[ Proposed U.S. anti-piracy legislation has been widely criticized for trampling Internet privacy, but are EU Data Rules Worse Than SOPA? ]

The data reprieve means that Megaupload users who used the cyberlocker service to store files may one day regain access to them. The servers have remained offline since being taken down earlier this month by the FBI, after a Justice Department indictment--unsealed in federal court--accused seven Megaupload executives of racketeering, money laundering, and copyright violations, and of using their file-sharing site to amass $175 million in "criminal proceeds."

That takedown quickly sparked a reaction from some other file-sharing sites. For starters, 4shared, FileJungle, FilePost, Fileserve, UploadStation, VideoBB, and VideoZer began deleting accounts, disabling sharing, or canceling affiliate programs that rewarded people for uploading popular content. Similarly, FileSonic--which has seen a billion page views per month--disabled sharing and canceled its affiliate program. But other file-sharing sites, such as MediaFire and RapidShare, have said they have nothing to fear over their cyberlocker business practices.

Given that variation in reaction, what legal lessons might be drawn from the Megaupload takedown? So far, that's not entirely clear. While the company's founder, Kim Dotcom, remains in prison in New Zealand at the request of the FBI, he's denied all of the charges leveled against Megaupload, and said he plans to mount a vigorous defense.

Furthermore, the Justice Department has faced criticism over the takedown for not distinguishing between material stored on Megaupload's servers that may have infringed U.S. copyright laws, and non-copyrighted material that was legitimately stored there by users, some of whom had purchased a premium subscription from Megaupload. Lawyers in other countries have also accused the Justice Department and FBI of overstepping their authority by taking Megaupload offline not just in the United States, but worldwide.

In addition, the indictment itself has been criticized for being founded on a criminal complaint. Past cases involving alleged copyright infringement--for example, involving YouTube--weren't treated as criminal matters, but rather civil ones, said Jeff Ifrah, an attorney who co-chairs the American Bar Association's criminal justice section and committee on white collar crime, speaking recently by phone.

The bigger lesson, Ifrah said, may be simply that the Obama administration is attempting to satisfy demands from music and movie trade associations that it do something about piracy. "We have an administration that's very captive to that industry," he said. "It wouldn't surprise me if they were the ones propelling the Eastern District action in this case. That's the only reason you get a prosecutor who wants to ignore the fine line between civil and criminal in this case."

IT's spending as much as ever on disaster recovery, despite advances in virtualization and cloud techniques. It's time to break free. Download our Disaster Recovery Disaster supplement now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: LOL.
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6212
Published: 2014-04-19
Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors.

CVE-2013-6213
Published: 2014-04-19
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833.

CVE-2013-6214
Published: 2014-04-19
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via unknown vectors, aka ZDI-CAN-2042.

CVE-2013-6215
Published: 2014-04-19
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1977.

CVE-2013-6218
Published: 2014-04-19
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

Best of the Web