Risk
1/31/2012
12:18 PM
50%
50%

Megaupload Users Get Reprieve, But Legal Questions Remain

Hosting providers agree to hold data files for two weeks while cyberlocker company's lawyers negotiate with the U.S. government.

Good news for Megaupload users: Your data just got a two-week reprieve from being deleted.

Friday, U.S. district attorney Neil MacBride had written to Megaupload's lawyers, informing them that federal investigators had finished reviewing Megaupload data, and that it could be deleted from servers just one week later. "It is our understanding that the hosting companies may begin deleting the contents of the servers beginning as early as February 2, 2012," wrote MacBride.

In the United States, Megaupload leases servers from two hosting providers: Carpathia Hosting and Cogent Communications. Since the Justice Department froze Megaupload's assets, however, the file-sharing site could no longer pay its leasing bills.

But Ira Rothken, Megaupload's U.S. attorney, said the two hosting providers have since agreed that they won't delete the Megaupload data they're storing, for at least two more weeks. "The hosting companies have been gracious enough to provide additional time so we can work out some kind of arrangement with the government," Rothken said, according to news reports. The negotiations are meant to free up funds to pay the hosting providers to recover some data, which he said may also aid Megaupload's defense.

[ Proposed U.S. anti-piracy legislation has been widely criticized for trampling Internet privacy, but are EU Data Rules Worse Than SOPA? ]

The data reprieve means that Megaupload users who used the cyberlocker service to store files may one day regain access to them. The servers have remained offline since being taken down earlier this month by the FBI, after a Justice Department indictment--unsealed in federal court--accused seven Megaupload executives of racketeering, money laundering, and copyright violations, and of using their file-sharing site to amass $175 million in "criminal proceeds."

That takedown quickly sparked a reaction from some other file-sharing sites. For starters, 4shared, FileJungle, FilePost, Fileserve, UploadStation, VideoBB, and VideoZer began deleting accounts, disabling sharing, or canceling affiliate programs that rewarded people for uploading popular content. Similarly, FileSonic--which has seen a billion page views per month--disabled sharing and canceled its affiliate program. But other file-sharing sites, such as MediaFire and RapidShare, have said they have nothing to fear over their cyberlocker business practices.

Given that variation in reaction, what legal lessons might be drawn from the Megaupload takedown? So far, that's not entirely clear. While the company's founder, Kim Dotcom, remains in prison in New Zealand at the request of the FBI, he's denied all of the charges leveled against Megaupload, and said he plans to mount a vigorous defense.

Furthermore, the Justice Department has faced criticism over the takedown for not distinguishing between material stored on Megaupload's servers that may have infringed U.S. copyright laws, and non-copyrighted material that was legitimately stored there by users, some of whom had purchased a premium subscription from Megaupload. Lawyers in other countries have also accused the Justice Department and FBI of overstepping their authority by taking Megaupload offline not just in the United States, but worldwide.

In addition, the indictment itself has been criticized for being founded on a criminal complaint. Past cases involving alleged copyright infringement--for example, involving YouTube--weren't treated as criminal matters, but rather civil ones, said Jeff Ifrah, an attorney who co-chairs the American Bar Association's criminal justice section and committee on white collar crime, speaking recently by phone.

The bigger lesson, Ifrah said, may be simply that the Obama administration is attempting to satisfy demands from music and movie trade associations that it do something about piracy. "We have an administration that's very captive to that industry," he said. "It wouldn't surprise me if they were the ones propelling the Eastern District action in this case. That's the only reason you get a prosecutor who wants to ignore the fine line between civil and criminal in this case."

IT's spending as much as ever on disaster recovery, despite advances in virtualization and cloud techniques. It's time to break free. Download our Disaster Recovery Disaster supplement now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7421
Published: 2015-03-02
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.

CVE-2014-8160
Published: 2015-03-02
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disall...

CVE-2014-9644
Published: 2015-03-02
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different vulnerability than CVE-201...

CVE-2015-0239
Published: 2015-03-02
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYS...

CVE-2014-8921
Published: 2015-03-01
The IBM Notes Traveler Companion application 1.0 and 1.1 before 201411010515 for Window Phone, as distributed in IBM Notes Traveler 9.0.1, does not properly restrict the number of executions of the automatic configuration option, which makes it easier for remote attackers to capture credentials by c...

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.