Literally illegal. Discussing crimes doesn’t equal crime, so there’s no reason for them to requeust IPs. And at least in the EU you aren’t even allowed to disclose information related to your person.
Well in theory you are right. And if you have evidence like in the case of the 2pac murder (he literally wrote about handing the gun over so they could kill him with it), then sure. But to get a subpoena, and let’s use me as an example, you would need to prove that I talked about specifics on how I would or will pirate a stream, and then you would need to find writing of me saying something to the effect of “I did this yesterday” or “I will do this next week” or something very specific like that.
And this is only to get the information. Then they still need to tie you to it and get enough evidence to start suing, otherwise they might not be able to prove their prima facia case.
I know it’s scary, but the truth is we have laws to protect us from government overreach and at the same time those keep companies in check as well. Let’s not make it more dramatic than it is.
Let’s also acknowledge that conspiracy is easy to say in theory and hard to prove in practice, specifically because you need to make sure you can inextricably link 2 defendant together and they are linked in the context of the same instance of a crime. And at that point no one would waste the resources for such a charge. They would rather chase the piracy websites to shut down a whole network for a bit, that’s more efficient. It’s easier to just serve the server providers a cease and desist and have be over with.
Not unless you talk about how you will commit or have committed a specific instance of piracy. E.g. “I downloaded back to the future last night from (insert website)”. Then they have reasonable suspicion and can start to subpoena.
Obligatory IANAL. Always do research and ask in lawyer if you wanna talk specifics.
“Man, you know how easy it would be to get away with insider trading/misreporting earnings/reselling seized fentanyl/asking for a key piece of evidence to go missing? I have a friend/family member/employee/business contact/perp I let go that owes me a favor.”
They don’t care. It’s the film industry equivalent to the Microsoft support scammers. Get a bunch of targets, spam out hundreds of thousands of threatening emails, profit off the small percent of people who fall for it.
Yes they do. They are boxed in neatly in the current laws and unless you are discussing specifics about doing a crime in the past or future, they will not get that subpoena and thus they are in a catch 22.
Now if you are actively torrenting, chances are you could run into one of those fake peers that will grab your IP and they can start suing you. But other than that they would need real good evidence to subpoena.
Subpoenas are tools the government uses to compel a private entity to provide information. This isn’t that though, this is one private entity asking another private entity to just give them data. It’s not a legal case, and because of our non-existant privacy regulations in the US, Reddit is free to just hand over this information, or not if they want. No crime has to even be alleged, Reddit can just hand that information out.
Ok yes sorry I should have specified, what you’re saying might apply to the US.
What I said applies to the EU.
Thing is, companies need to know beforehand if they are dealing with a user from US or EU because they don’t wanna break laws when they have to deal with the court system anyway on stuff like this. So technically they could transmit information about US citizens, but in practice this is super tricky and risky.
Let’s say you got an IP. Alright you can pinpoint The location. Problem: you don’t know whether you just grabbed the target IP or an IP from a VPN or a proxy. There’s ways to obscure this so you might not even be able to find out. Now if you turn this over, there’s a small risk you just did a crime because they are spoofing their location. And if you just captured a VPN or proxy, you are now pursuing the wrong person and in EU law this won’t go over well.
So in practice there’s basically no way to do this and be sure you didn’t make a mistake, and mistakes in law are risky and costly. No company would ever take such a risk.
Now I could go into detail about all the technical details on why things work like that but it would make this twice as long.
TL;DR in theory you are right for US users, in practice there’s no way to tell and it gets risky pretty fast.
Also obligatory IANAL and always check in with a lawyer if you need specific legal advice.
That’s a really interesting point, has it been tested in court? The article is about US companies and US websites so I figured EU law was irrelevant, but I am curious to see if the EU can claim jurisdiction for actions foreign companies take outside the EU, regardless of if they have any official EU presence.
Well I can not give you a specific case for that, but it widely accepted that online actions against users from the EU that violate laws in the EU can get persued.
Do you remember seeing some US websites saying “we don’t service EU users at the moment”? That’s because they didn’t want to get a lawyer so they can comply with the EU GDPR back then. I assume this is because they knew there was some precedent.
If you are keen on it I can go digging for case law though.
Note that one of the headings literally says “Why US companies must comply with the GDPR” and the answer is “because it is extra-territorial in scope”.
On that page you linked, they say “So far, the EU’s reach has not been tested, but no doubt data protection authorities are exploring their options on a case-by-case basis.” So it hasn’t really been tested yet it seems. It’s true that there are extradition treaties and interpol that aid in cross-border prosecution, but that tends to be used primarily when the alleged crime happened in the prosecuting country’s jurisdiction, or the alleged crime is handled similarly in both countries. A GDPR violation by a US company wouldn’t be considered a crime at all in the US, so it’s entirely possible that they might decline to assist in prosecution.
Ok you wound me up now so I had a little scouring of the internet.
Yes, I can not find case law of extradition of US based companies through US entities.
What I can find is a couple of cases against bigger companies that also act in the realm of the EU. Google has been fined in the Netherlands for global violations if I understand correctly. Meta has been fined even a few times for global violations, enforced in Ireland.
So yes, technically enforcement in the US is not guaranteed, but they basically can’t build up their company in the EU anymore unless they deal with it. It’s not perfect, but violations can still suck for business expansion, and that is good. and then I do have to look into the new EU data privacy laws if they changed enforcement or anything else important.
That makes sense. Companies with no presence in the EU can likely skirt the rules, but any large company with an EU presence will be compelled to follow them.
I had a Microsoft support scammer once… I let him in to my system too…well not really.
I quickly spin up a quick fresh install of slack ware Linux in a virtual machine that didn’t even have x11 never mind wine installed. When it was up I told him a friend uses something called tellynet (aka telnet but I was playing dumb) to help me on the computer.
He telnetted in and could not understand why any of his malware wasn’t working…
I could give you a full breakdown of how it works in EU, but basically there needs to be indisputable evidence that a crime occured for any party to subpoena any ISP or service provider company. Otherwise those companies will be in huge trouble. The one doing the subpoena because they wouldn’t have an order for that and if they fuck around right before suing, courts will not take kindly to that. And the other receiving the subpoena for disclosing personal information (although they’d maybe win a defense to that, because if they did their due diligence they are not supposed to tank the damages).
What I’m saying is, considering currently laws in the EU, I think we’re good. Of course IANAL so ask one if you need specific advice.
That’s a good question that I don’t have an answer to as I have no legal training. I’m assuming if you can sign a contract online where the legal text is behind a link and the main offer is what you see… maybe? Technically, it wouldn’t be too difficult to simply erase any mention of a license in a pre-cleaning phase of the data, but I don’t know if the act itself would be an even bigger indication of guilt. There would be no excuse like “oops, I just copied this data into my training set, teehee”. But as I said, not a legal expert.
If there are copyright experts that want to weigh in, I’d be interested to hear their opinion. Given that there are running, unanswered cases (most notably again Microsoft’s Copilot), and Japan on the verge of drafting into law that AI training data can ignore copyright, it’s possible even legal experts would have a hard time answer the question.
I’m putting them here just in case. Only costs me a line carriage and a Ctrl+V.
If there are copyright experts that want to weigh in, I’d be interested to hear their opinion.
Myself as well. It’s a new frontier, legally.
I’m putting them here just in case. Only costs me a line carriage and a Ctrl+V.
Seeing that you have done that made me start to think about doing it myself, as I definitely feel there are days when I’m being shadowed by AI training mechanisms.
But if it doesn’t make any difference legally as a deterrent, then I wouldn’t bother.
Even if it’s ruled illegal in the US, there’s nothing stopping AI companies from moving their operations to Japan where copyright doesn’t apply to training data.
What the person using those links does not realize is that a Creative Commons license relaxes restrictions rather than imposing additional ones.
Everything you create is already protected by copyright by default. If you publish an essay and don’t append any license to it, nobody may republish or remix that essay without your permission, unless an exception like fair use applies. The exact restrictions will depend on local laws.
By using a Creative Commons license, you choose to forgo some of those copyright protections. Thus the comments of the person you replied to are actually less protected than yours or mine.
To expand on this. If you are talking about anything online it is not private. That doesn’t matter if it’s in a WhatsApp chat, a telegram chat, a Lemmy post, a Facebook feed, etc. as soon as it hits a computer if someone wants to see it they will. There’s just hurdles to get it.
Depends what and how you do it. VPN gives some level of anonymity. TOR even more so. These give you probably greater anonymity than anything else you have in offline live.
Few things more fun than telling people who harp about vaccines being tracking chips that if they’re worried about tracking they should ditch their smartphone, and watching them rage.
You mean the always-on GPS-enabled internet-connected microphone and camera which is also likely Bluetooth and NFC beaconing and contains all of my most personal data including my name, contacts, unencrypted chats facilitated by major cell phone carriers, photos, emails, and other personal files which are also likely synced with a cloud service operated by major multi-national corporations, and also stores biometric data such as facial recognition, fingerprints, time spent sleeping, and even heart rate and number of steps taken assuming you have “fitness” features enabled?
With those last couple items, these massive companies that regularly share data with law enforcement are literally tracking your every step and nearly every beat of your heart.
Well don’t worry about that, I’ve got Express VPN.
Detectives were able to run relatively simple tests to determine that the file had last been saved by a user named “Dennis,” and it had been printed using one of the printers at the nearby Christ Lutheran Church.
Maybe the article is badly worded, but it seems like they got metadata from the file, not the floppy disk itself.
I’m not sure that this is how it works in practice, but ideally: Unless you are registered in their stance / are browsing directly in their website, your client shouldn’t be making any direct requisitions to their instance, so there is nothing they can infer your IP from. (Everything you interact with is comes directly your instance - the only thing that interacts with other instances is the server) That said, it’s possible for some links to direct to the original stance, in which case your client will have to make requests directly to the original instance hosting the content… looking around in this page a bit, it looks like the Community images (banner, icon etc.) are linking directly to the original instance, so I guess that’s a little bit of a problem - but just that shouldn’t be enough information for them to connect the dots between the IP address fetching the image and the account you’re using to browse
Yup. About 7 years ago I used to darkweb pretty hard in the drug scene (I haven’t in years so have at it, Mr. FBI).
Anyway I used Reddit subs a lot for info on new markets and onions, reliable sellers, and news on exit scams etc, but I only lurked - never commented. Anyone with a brain in their head knew they were honeypots.
If you were playing Choplifter in elementary school, you’re really not THAT old. Or you are and that makes me old too, but I’m -hypothetically- completely capable of figuring out piracy. Don’t short yourself, there’s always room on the high seas.
If you were playing Choplifter in elementary school, you’re really not THAT old.
If you had to load Choplifter into your Apple II to play it with a cassette tape recorder, then yes, you are old, you are a first gen computer game player.
Oh you overestimate the government. Many systems still running on XP. Our government contracts for our company software are still on versions from 13 years ago.
Then provide better streaming options including price and service. Piracy will always win whether they like it or not.
I’m surprised Netflix is still around at their price rate and the way they keep canceling shows. I jumped on the BF deal for Peacock, because I wasn’t gonna pay the full price.
I only have Peacock for WWE, so everything is a bonus. But not everybody is gonna pay for 7 services monthly or yearly. Either put it all under one service or understand some of us are gonna pirate.
Amazon prime is gonna start having ads this month, so people are gonna have to pay more for ad free on top of prime membership or pirate to avoid ads. Before we know, they’ll start putting ads in games while they load.
I’ve noticed reddit has recently started shadowbanning my posts when I have a vpn active so I’d say at this point it’s probably completely unsafe to discuss anything on.
A lot of people still don’t and they use public wifi too. And some people with VPNs are using shitty ones like nord, express or Private internet access or surfshark
Surfshark and nord are owned by the same company and express and PIA are owned by the same company. So PIA isn’t trustworthy anymore, their court proven no-logs policy isn’t valid anymore because they got bought out since then.
when you use port forwarding, you’re opening yourself up to a lot of malicious activity. Someone could maliciously plant some CP on your hard drive if you have port forwarding enabled.
As far as I understand it, the studios are trying a different angle: They are not suing Reddit this time, but an ISP and want Reddit to provide the data of costumers of that ISP.
Stupid question: What’s the point behind this? Is this actually financially viable for a company in the long run? Was this an attempt to get Reddit to crack down on those subs?
Isn’t this always a fight against windmills? i.e., you can’t fight a symptom without addressing the market as a whole?
I think this was related to their plan before, in the case that got decided (specifically that Reddit didn’t have to reveal the IP addies of its clients), but that’s always been a problem especially if an ip address leads to a router or is dynamic at the ISP, then there’s no certainty it can be identified with a single person.
This is how the whole twelve-strikes program was formed where big name ISPs would (hypothetically) give demerits and eventually throttle or disconnect ISP addies that were identified as engaging in infringing activity. The problem is, clients stopped wanting to pay their bills when quality deteriorated, so it’s not consistently enforced. In fact, companies that are not Comcast or Xfinity are motivated not to do anything beyond threats.
ETA: Similarly, it’s actually to the benefit of social media websites to preserve the privacy of their clients, since incidents in which they cooperate with law enforcement reduces engagement. Google used to have a robust legal resistance to giving away personal data. It was deteriorated through enshittification, but now Google has lost enough reputation that it’s looking for ways to preserve privacy, like the new effort to constrain personal map data to devices, so Google is unable to respond to location dragnet warrants. They’re still in trouble for search-term warrants.
(Note the map thing is not yet rolled out, so don’t use Google maps when burying your bodies.)
More corporations with zero responsibility and way too much fucking power. We need regulators with teeth and we need to remove the legal hand of business from the pockets of our legislatures. I can’t believe someone actually burned down Studio Ghibli HQ before Citizen’s United was. Wtf.
It was Kyoto Animation that was attacked. They have quite a few similarities in artstyle and themes to Ghibli, and you could maybe call them a spiritual successor. But neither is owned by, or a part of, the other.
Ghibli recently released How Do You Live, probably their last film. With the last surviving founders retiring, Nippon TV will manage the studio and the museum.
Add comment