December 2003

"No one is safe," Mark Ishikawa told me recently from his office in Silicon Valley. "There is no lock that can't be picked and our technology ensures that there is not a rock in the world you can hide under."

Ishikawa, a former hacker, was referring to the millions of people who download music illegally in the United States. According to the Recording Industry Association of America (RIAA), the music business' watchdog and legal arm, more than 57 million Americans have downloaded music illicitly. Alleging a rampant piracy epidemic, the RIAA attributes the nearly 14 percent decline in music profits to those millions of Americans who access file-sharing networks every day.

Ishikawa, who is CEO of BayTSP, a company specializing in the business of patrolling the Internet for copyright infringement, speaks confidently about his web-based sleuth agency. "We find 1.5 million to 2 million copyright infringements a day, and we're very efficient," he intones. "Eighty-five percent of the people we send notices to go away and we never see them again."

BayTSP's virtual detectives are part of the record industry's latest anti-piracy initiative. After failing to persuade music-sharers to cease their activities with a massive advertising and education campaign, the RIAA is taking its anti-piracy crusade directly to the source-the people who upload and download music files on a daily basis.

"There's really no way out," concludes Ishikawa. "Using our matching technology, we identify the user, their protocol, and the most important piece of information-their IP address."

In July, following the RIAA's pledge to sue file-sharers as a means of deterrence, music industry lawyers began amassing dossiers on thousands of music-swappers in preparation for court cases in the Fall, utilizing the detective work of such people as Ishikawa. Armed with the IP addresses of file-sharers big and small, the RIAA sent out subpoenas inviting Internet Service Providers (ISPs) to either deliver the names of copyright violators or prepare to defend themselves in court.

In order to connect the dots from IP address to file-sharer, industry lawyers invoked the 1998 Digital Millennium Copyright Act, a statute Congress passed that year permitting copyright holders to force ISPs to disclose the identity of a putative copyright infringer. Under current United States copyright law, ISPs refusing to cooperate with the RIAA and file-sharers, themselves, are liable for damages ranging from $750 to $150,000 per song illegally downloaded.

Large corporations can afford the cost of litigation and eventual settlements, but the hundreds of individuals who will find themselves in court come autumn are bristling with fear and apprehension. While the average CD retails at $16.99, copyright laws uniformly geared towards corporations allow the record labels to recoup massive sums from even one pirated song. The sheer size of the potential lawsuits facing the few music-swappers unlucky enough to be targeted by the RIAA has elicited disgust even in Washington.

During a recent Congressional session regarding whether the RIAA piracy campaign violates privacy rights, Senator Norm Coleman, a Republican from Minnesota, remarked, to his colleagues, "In this country we don't cut off people's hands when they steal. One question I have is whether the penalty here fits the crime."

The piracy issue has drawn interest on both sides of the political divide. In July, countering Senator Coleman, two Democrats, Representatives John Conyers, Jr., of Michigan and Howard Berman of California, introduced a bill that would make file-sharing punishable by 5 years imprisonment and a fine of $250,000 for each song uploaded.

While the bill is beyond draconian, the RIAA and its Congressional allies believe that direct confrontation with copyright infringers is the only way to stem the tide of piracy. After all, music is a form of property; and individuals peddling music through peer-to-peer networks (P2Ps) are breaking the law-contravening the most inalienable of rights that America's founding fathers fought so diligently to secure.

Despite the law being on the recording industry's side, the climate surrounding the RIAA's anti-piracy efforts has grown more tempestuous following each round of escalation by the RIAA. After securing the shutdown of Napster in 2001, thousands of high school and college students-the bread and butter of the music industry-did their best Timothy Leary impression and tuned out, electing to continue their file-sharing activities on new services rather than capitulate and buy what they deemed as exploitatively overpriced CDs. The record industry responded with a massive advertising campaign, utilizing the sanctimonious pleas of such industry heavyweights as Madonna and Brittany Spears. While the campaign seemed like a logical step to industry watchdogs, the use of wealthy industry insiders whose musical integrity was already suspect to defend the property rights of corporations served only to further enrage thousands of cynical consumers.

Music fans turned to new file-sharing services in increasingly exponential numbers. Napster's demise opened the door for more insidious P2P networks that were largely decentralized, differentiating them from Napster. Kazaa, Morpheus, and Grokster became both useful file-sharing programs and convenient outlets for expressing frustration towards corporate conglomerates.

Learning from the Napster debacle, Kazaa, the most popular of the P2Ps, incorporated in Vanuatu, a tiny island nation in the Pacific. Setting up its servers in Denmark and registering its domain in Australia, Kazaa created a paper trail long enough to thwart legal attempts at shuttering the service.

Instead of destroying the file-sharing culture created by Napster, the RIAA unleashed a new P2P hydra, enormous in scope and amorphous in form. To date, over 280 million copies of Kazaa have been downloaded; and the RIAA claims over 2.6 billion files are swapped on the network every month.