How much knowledge does a platform provider need to have of the files being traded on their system before they can be considered culpable?
Intellectual property and ICT lawyer Rick Shera declines to discuss the Megaupload case specifically, as it is before the courts; but he says the existence of any number of similar "file-locker" sites, to which customers upload and from which others download files, raises an important general question about provider knowledge.
Sites such as Newzbin have been held culpable for merely providing links to material traded, in its case, via Usenet newsgroups. A British High Court judge last year ordered British Telecom to block access to the Newzbin site. This broad application of the law is cause for concern, says Shera; "I'm sure Facebook pages have plenty of links to infringing content."
In cases brought in the US against allegedly copyright-infringing sites, the "docket" giving details of the case has typically been sealed, meaning not even the defendant organisation can get access to it. Hence such cases have not hitherto been challenged in court to Shera's knowledge, he says, and the Megaupload case may be the first.
"To my mind, the most interesting and concerning aspect of such cases is the fact that a website can be taken down based solely on one side's evidence," he says. New Zealand legislation would require that the rights and interests of third-parties such as non-infringing users of the service be taken into account before any takedown is authorised. "I'm not sure that's the case under US law," he says.
US law works, no need for SOPA or PIPA
The increasing possibility of any remote site being unexpectedly brought down by a copyright challenge is a factor to be taken into account when weighing up the viability of cloud-computing solutions, Shera agrees. "I wouldn't say it's a new factor; if you've got data in the cloud, you'd be pretty silly not to have some kind of independent backup."
The kind of "locker" storage of complete files Megaupload has been doing is not "file-sharing" within the definition of New Zealand's Copyright (Infringing File-Sharing) Act, Shera agrees; that act is directed at peer-to-peer services, where a file is typically assembled from pieces held by many users on the network. However, that is a point of technical interest only, since the action against Megaupload is under US law.
Some commentators have cited the Megaupload action as a demonstration that the present US law is working, so the Stop Online Piracy Act (SOPA) and Protect IP Act (PIPA) being contemplated by the US legislature are unnecessary. These acts were withdrawn for some redrafting last week in the face of international protest.
However, it is difficult to take such a position in view of the fact that such cases have not yet been tested in court, Shera says. It is possible that skilled lawyers could yet knock holes in the current law. The objectors to such laws may have prevailed in some battles but the war has not yet been won, he says.
InternetNZ CEO Vikram Kumar says the Megaupload case shows that "Hollywood and the music industry are now sending signals that wherever you are around the world 'we're going to after you'".
The security of off-shoring data
He says it will be up to the courts to decide if the New Zealand police followed due process in arresting Kim Dotcom and his colleagues on Friday. "It seems from reading the indictment that the US court handed down that the financial charges that have been put on alleging money laundering and racketeering are secondary to copyright violations. And it's quite possible that the New Zealand authorities reacted much more to the financial charges." he says.
"The question becomes if Hollywood and the music industry are going after him for copyright violation, is it right to put on additional financial charges just to make it appear more serious and to get other governments to take it more seriously?"
He questions what would happen if a similar case occurs in New Zealand involving a teenager who is alleged to have downloaded illegal files, but made no profit from it. "Would we be happy to have him extradited and stand charge under those laws? I believe there is a larger issue that we have to start tackling at some point."
The Megaupload case is likely to bring the issue around the security of offshoring data under renewed scrutiny. "There is a larger issue when you have things like cloud computing - then jurisdiction and where your files are located becomes really important. I guess our persistent recommendation when using online services and cloud computing, is you have to do a bit of risk assessment," Kumar says.
"If you want to put stuff in the cloud which is highly sensitive, highly commercially valuable or you lose a single copy and you have no backups then you're heading for trouble."
Kumar says those with legitimate files stored on the Megaupload site may lose their data. "Until it goes through the judicial process in the US it has all been seized by their own servers in the US, there is potentially material outside US jurisdiction, but whether Megaupload gets around to untangling that soon is doubtful."