Intellect or Insanity, Jonathan Klinger's Blog

Around a month ago I went to court to discuss a case which I counsel with another attorney. The case was quite simple: The plaintiff claimed that the defendant, which we represented, took from its website the technical specifications of a gadget and copied it alongside a phrase describing the gadget. Altogether we represented three defendants which were sought by the same plaintiff (and there was a total of 20 defendants) for 100,000 ILS (~30,000 US$) each.

When arriving to the pre-trail, the plaintiff’s counsel explained to us (and to another counsel sitting on behalf of another defendant) that he is willing to settle, and there is a ongoing rate for settlement. The Judge, which was sympathetic for our interesting legal claims, that copyright could not be asserted on technical specifications, facts or ideas (PCA 8304/09 Bezeq v. Dapei Zahav, C 37759/07 Elisha Shochat v. Maariv), and that the phrase itself was lacking originality and too short to be copyrightable (Hebrew post of copyrighted tweets, CA (TA) 178/79 Hallinger v. Estheron, DR, 1980(2) 45) offered that we settle anyway. She claimed, righteously, that the settlement offer was low enough that it justifies settlement in order to avoid litigation.

And the judge was right: settling the case was lower than the cost of the lawyers in the process and would have been also lower than if it turned out that our clients were right and would have been granted attorney’s fees pursuant to dismissal of the case. Meaning that the copyright bully won: it won a nice sum for something he isn’t entitled to, just because the litigation cost was lower.

But this case is not rare when you look into copyrights: around once a week I’m addressed by persons who received notice due to publication of copyrighted images in their website (usually the same plaintiff by different attorneys), even though some of the cases were fair use, and others lacked any commercial value, the attorneys ask for sums which are a hundred times greater than the sum paid for the image in the free market. For example, Tess Scheflan sought Ynet, Israel’s biggest website (C 58032/07 Tess Scheflan v. Yedioth Internet) for publishing images she published originally on PicShare and was awarded 28,000 ILS, even though the image would have been bought, legally, for no more than a few hundred ILS.

And why was all this required as an introduction? In order to explain why The RIAA offer to Jammie Thomas to diminish their awards granted by half was a strategic move made to hurt users. Thomas is a single mother who was sought by the RIAA for publication of 17 songs through Kaaza. The court first decided that Thomas should pay 9,250$ per song as the jury of her peers found that Thomas made several songs available to the public and infringed the RIAA’s copyrights; but Thomas appealed the ruling.

In the Appeal the District Court ruled that making a work available to the public is not copyright infringement (06-1496 Thomas v. Capitol) and returned the case to the federal court for retrial. In the retrial, the jury ruled that Thomas actually was involved in wilful infringement and awarded the RIAA a sum of 1,920,000$ (04-CV-1497 Capitol v. Thomas).

Thomas appealed this ruling (again) and the district court ruled that the awards granted were unconscionable and exceed any sum a reasonable jury may award (04-cv-1497 Virgin Records of America v. Thomas). The District court conclusion was that the awards should be reduced from 80,000US$ per song to 2,250US$, three times the minimum damages to be awarded by a court; as as the damage was unclear, high awards aren’t adequate.

Even though the court ruled 54,000US$ in damages, the RIAA generously offered Thomas an offer she can’t refuse: remove and revoke the appeal, and we’ll request lower damages, to be donated to a worthy cause.

And why would Thomas decline the offer? she was in a similar situation like the defendants I represented; Her personal interest may rise substantially had she refrain from creating a precedent which will hurt copyright holders (and this isn’t the first time Thomas refused to settle). Thomas knows what we all knew: the RIAA sends threatening letters where they scare innocent file sharers with millions of dollars in damages, as in the case of Joel Tenenbaum who lost a case against the RIAA and as to pay 675,000$.

Now, you must understand that there are law offices which send pre-suit notices and take the same strategy; where claims for fair use, lack of liability, criticism and others arise, they’ll refuse to answer but will leave silently, just in order to avoid a precedent saying they cannot threat others and request outrageous sums for using images in blogs. We need public defendants, people who will go to court just for the sake of not bending when a copyright troll comes in and say the truth: we are facing bullies.

[Published in Hebrew]

Circumventing Amazon‘s Kindle Digital Restriction Management (DRM) earlier this week may be a small revolution and a new path into turning the human knowledge into something collective, distributional and more fair. The electronic readers, such as the Kindle, provide an alternative which is cheaper, efficient and comfortable to read books and convert them into a part of the new found culture. it is not a coincidence that Israeli publishers are trying to create their own electronic reader; they know that they may find themselves out of business if they remain in paper distribution; therefore, and following Amazon’s conduct when wiping books off its clients’ Kindle (and Ironically, it was George Orwell‘s Nineteen Eighty Four), a new need for ownership of technology came to effect.

Circumventing the copy-protection, of course, allows more than ever the sharing of books. If, over a year ago, I offered The Train Arrangement where books from the public domain would be printed and left it trains so that passengers would read them in their spare time; the conversion of books into commodities, even if making the books cheaper in value, allows making the books available to the public. (Thanks, Nati Davidi). In fact, creating a software that could link all these devices and make all the books, knowledge, literature and encyclopedias available and readable, will allow a distribution of knowledge and mobility of ideas.

The only question is whether the book publishers, which were fond of their readers up to now, will be hostile like the movie industry?

The research we conducted with Ynet News in regards to p2p throttling and DPI in Israel, which was (even after reading the criticism) most likely the most comprehensive in Israel, even though it needed more research. One of the results was a Parliamentary hearing by Meir Sheetrit, the chair of the Science & Technology Committee. The real question is what to do with it.

Daniel, one of the commentators in the Hebrew blog, claimed that a class action lawsuit could not be substantiated on contractual grounds. I disagree, but in spite of many calls and mails I received to launch a class-action, I’m not sure it’s the right thing to do. A class action may be filed according to the consumer protection act or based on other obligation. Allegedly, the ISPs obligation to net neutrality in their license (and see clause 5.4.1 to the general ISP license) and their obligations according to clause 29 to the Telecommunication Act are sufficient cause. The problem? The Class Action Act requires monetary damages, and there is more than one problem to prove it.

And what are things all about? If the cause of class action lawsuits is not to enrich the attorneys and plaintiff but to bring restitutional justice, then it will not be made; in the best case, a settlement would be made where the attorneys will receive 500K ILS and the plaintiff 1M ILS, where all the related clients will receive 10% bandwidth upgrades for a few months. Apart from that, even if different damages were made to different potential plaintiffs, there’s still place for class action lawsuits (OCR 31032/06 Shalom & Malka Fabrics v. Tel-Aviv). But what was the damage?

Many comments were written in wrath and required justice and a lawsuit. The problem, none of the commentators had any monetary damage. Is blocking a p2p download cause-worthy? Could those people come to the court in clean hands and explain to the judge what are the files they downloaded? Most likely, some lawyers’ will to be first just went up to their heads.

Of course, one should understand the difference between illegal file sharing and other interference that may occur in prioritizing VOIP traffic or blocking other services.

The people with the most to gain from this research, most likely, may be the Copyright Organizations. If we recap the discussions on the Electronic Commerce Bill around a year and a half ago, where the idea was that An ISP shall not be liable to acts committed by its users if it wasn’t aware of the activity and was not supposed to be aware, we understand the problem (See also Dubitsky v. Shabiro and MGM v. Grokster). Actually, ALIS, the Israeli equivalent of the MPAA could request the ISPs for damages, as they interfered with traffic and blocked. De-facto, this claim would not be far from the required legal conclusion: if the ISPs did not interfere with traffic, they were better of in regards to liability.

Therefore, if someone should sue the ISPs to bring restitutional justice, it should be the Copyright Holders. If they were actually harmed by file sharing (and I doubt they were), let them sue the ISPs and make them pay, understand and acknowledge that by blocking they inflicted liability on themselves. That way, and only that way, they’ll learn.

[Posted in Hebrew]

0. Abstract
Do Israeli Internet Service Providers throttle, delay or block peer-to-peer traffic? This question has been spreading in Israeli forums and file-sharing networks, and has introduced theories from attempts to sell enhanced Internet packages to copyright infringement monitoring. This research, which was conducted between April and September 2009, was meant to check whether the claim was true. Using simple free tools we decided to inspect the legality of DPI and traffic shaping in Israel and whether it exists.

Our findings were that there is direct and deliberate interference in P2P traffic by at least 2 out of the 3 major ISPs and that this interference exists by both P2P caching and P2P blocking. The tests, conducted by independent volunteers, were directed by myself and with the assistance of Ynet’s staff, who published a Hebrew summary.
1. Background:
Peer-to-peer (P2P) file transfer protocols have been in common use since the advent of networked computing, but their rising profile (as well as the controversy surrounding them) began with the introduction of P2P sharing of copyrighted materials. Initially used for sharing small music files and applications, P2P today is a legitimate and widely used system for the distribution of any electronic media, and multiple gigabyte files are commonly shared amongst users from around the world. Whilst some researches imply that there is a slight decrease in the growth of P2P (Allot, 2009), P2P is still the Killer Internet Application, responsible for 21% of the Average Mobile Traffic Cell and in charge of an estimate of 70% (ReadWriteWeb, 2006.12.06) of the global Internet traffic during 2006, accounting for around 25% on some networks (PlusNet, 2008.07.17), but according to more detailed reports, accounting for more than 50% of the network’s traffic (ipoQue, 2009, TorrentFreak 2009.02.18).

Peer to Peer traffic consists of illegal downloads of files, voice over IP calls, instant messaging and other decentralized communication. The element common to all P2P services is the lack of economical benefit to the ISP from the client’s use of P2P. According to recent studies, P2P users consume more traffic (Arstechnica, 2008.07.04), and when traffic caps are used Internet Service Providers (ISPs) benefit and earn more from P2P use (Arstechnica, 2008.05.07).
Since 2007, claims that Israeli ISPs are blocking P2P traffic have been spread all over the Israeli Web. More recently, a report by Vuze Inc, a popular service utilizing P2P in order to provide its users with high definition video content over the BitTorrent protocol found that all three major Israeli ISPs block P2P traffic to some degree . (8.13% for Smile012, 18.51%  for Bezeqint and 14.06% for Netvision). During 2009, complaints against the three major Israeli ISPs (inspected in our research) were brought to the media and were dismissed by the ISPs. Bezeq International claimed that it does not interfere with  P2P traffic and called the claims ‘baseless’ (Ynet, 2009.03.29), whereas a year earlier it claimed that it is the only company that does not block P2P (Ynet, 2007.12.05 ). Smile012 dismissed Torrentleech’s claims that it blocks P2P traffic (Ynet, 2008.01.24, Torrentleech FAQ) and Netvision-Barak dismissed the claim that it de-prioritizes P2P traffic, claiming that such activity was impossible, and were it possible, it would block all child-pornography and offensive content (Ynet, 2007.05.27). However, and even though such formal announcements were made, many reports on informal conversations with customer support representatives who have acknowledged the problem. Another recent report was that Bezeq International was actually amending .torrent files in order to add the Bezeq International Tracker and save on outbound bandwidth (Torrentfreak, 2009.04.19 ); However, Bezeq International’s CEO rejected the claim and stated to Amitai Ziv, from TheMarker that “I will not operate an illegal video library on my servers, even if my competitors do that” (TheMarker, 2009.08.05).
For example, a person claiming to be an ex-Netvision customer support representative claims that they block P2P traffic originating outside of Israel (BGU Forum, 2009.03.26 ), an informal and anonymous executive in one of Israel’s ISPs stated that due to excessive outbound traffic costs, ISPs block P2P traffic (Haaretz, 2008.05.06 ); however, until now there was no extensive research to inspect any of these claims.

1.1 Legal framework
Israeli ISPs operate under a specific license which requires them (Israel has 39 licensees, 2009 numbers, general license example) Clause 5.4.1 to the general license states that the License Holder’s activity shall not interfere with the free competition in the telecom market or harm the public interest. Moreover, clause 29 to the Israeli Telecommunication Act (1982) specifies that interfering or blocking of electronic communication over a public network is a criminal ofence. Therefore, even without any net-neutrality regulation (see, for example, Tal Zarsky’s 2009 lecture during the ISOC conference ), Israel has the appropriate regulation to interfere with attempts to prioritize network packets and to withhold other packets.

Recent letters from the Telecommunication Ministry’s CEO (CEO Letter, 2009.07.15) explicitly stated to all telecom providers to avoid interfering with all traffic and especially Skype (TheMarker 2009.07.15); whilst some ISPs claim otherwise and state that there is no legal obligation for network neutrality (Themarker 2009.07.27), Our belief is that under the current legal status, without prior explicit consent by the End-User, network neutrality must be imposed at the strictest form in order to ensure impunity from liability for End-Users’ file sharing (MGM v. Grokster). The Israeli draft for the Electronic Commerce Act (Government Bills, 2008.01.14) exempts ISPs from Caching if they had not modified the packets (Clause 9). Moreover, Clauses 7-10 exempt liability if, and only if, the ISP had not manipulated any packet.

Moreover, Deep Packet Inspection (DPI) as executed by several of the Israeli ISPs, may be considered illegal wiretapping, as it is defined in the Israeli Wiretapping Act, as “Listening to another person’s conversation, interception or copying of another person’s conversation, and all with an apparatus”; DPI may also be considered Interfering with Computer Data under the Computer Act or illegal entry to computer information. DPI occurs when an apparatus listens to the End-Users’ packets, inspects their content and according to their content manipulates them or passes them to their destination. Unlike regular routing, that only “reads” the target address and sends the packet to its destination, DPI manipulates the packet, without the End-Users’ explicit consent and may be considered illegal. The Israeli Courts continuously ruled that inspecting one’s traffic and personal files consists as a crime under the Computer Act (CA 1126/06 Lerman v. State, where Lerman installed a Trojan horse; C 40206/06 State v. Pilosof). In Pilosof, the District Court of Tel-Aviv ruled that “Inspecting the Email message in the electronic range should be made with a broad perspective on the email’s traffic from its dispatch until its arrival to its destination, therefore, intercepting a message on the ISP’s computer is “real time” interception whilst the data is transferred and prior to the termination of computer communication (…) Accepting the state’s view might lead to an unwanted result where the ISP may not be prohibited from copying and reading the messages intended for his clients, as the intrusion occurs on his computers”.

Therefore, while traffic manipulation may inflict liability on ISPs when they manipulate traffic knowingly that such traffic is copyright infringing (even if manipulation means slowing down), we believe that it is illegal for Israeli ISPs to manipulate traffic.

1.2 Comcast’s FCC ruling.
Unlike Israel, the US struggle for network neutrality and against file sharing throttling began in the early 2000s (Tim Wu: Network Neutrality, Broadband Discrimination ) and has been brought to the attention of the FCC, which ruled that its role is to preserve the open nature of the Internet (FCC 2005 ). However, only in 2008, after Comcast, the 2nd largest ISP in the US was caught throttling P2P traffic (Gigaom 2008.07.11 ), the FCC had to examine whether blocking (or delaying) P2P traffic was in accordance with US regulation.

The FCC’s ruling (FCC, 2008 ) stated that Comcast may not limit or delay any peer to peer traffic, claiming that it was unlawful intervention in competition and against the public interest: “This practice is not “minimally intrusive” but invasive and outright discriminatory. Comcast admits that it interferes with about ten percent of uploading peer-to-peer TCP connections, and independent evidence shows that Comcast’s interference may be even more prevalent. In a test of over a thousand networks over the course of more than a million machine-hours, Vuze found that the peer-to-peer TCP connections of Comcast customers were interrupted more consistently and more persistently than those of any other provider’s customers. Similarly, independent evidence suggests that Comcast may have interfered with forty if not seventy-five percent of all such connections in certain communities” (…) “On its face, Comcast’s interference with peer-to-peer protocols appears to contravene the federal policy of “[promoting] the continued development of the Internet” because that interference impedes consumers from “[running] applications . . . of their choice,” rather than those favored by Comcast, and that interference limits consumers’ ability “to access the lawful Internet content of their choice,” including the video programming made available by vendors like Vuze. Comcast’s selective interference also appears to discourage the “development of technologies” — such as peer-to-peer technologies — that “maximize user control over what information is received by individuals . .. who use the Internet” because that interference (again) impedes consumers from “run[ning] applications . . . of their choice,” rather than those favoured by Comcast”.

The question now is whether Israeli ISPs do limit or even block traffic (where the delaying of packets equals blocking, see Comcast Ruling, pp. 26-27) and whether the Israeli regulator interferes with such activity. Moreover, as Israel has an oligopoly of three ISPs with no actual competition (further aggravated by a duopoly of Network Service Providers in Bezeq and Hot), there may be a case for antitrust inquries and not only inquries by the Telecommunication ministry.

2. The Test

In order to examine whether P2P traffic was blocked, we began the experiment with two tools developed by other parties. The first is the open-source Switzerland tool, developed by the EFF. “Switzerland is an open source, command-line software tool designed to detect the modification or injection of packets of data by ISPs. Switzerland detects changes made by software tools believed to be in use by ISPs such as Sandvine and AudibleMagic, advertising systems like FairEagle, and various censorship systems. Although currently intended for use by technically sophisticated Internet users, development plans aim to make the tool increasingly easy to use” (EFF, 2008). Switzerland was released following the FCC ruling and was the tool that the EFF used in order to prove the claim that Comcast was indeed throttling P2P traffic (TorrentFreak, 2008 ).

We also used Glasnost, which is partially supported by Google and the Max Planck Institute. Glastnost is a part of Measurement Labs and  is an independent java client, running within a browser. Prior to our inspection, Glasnost found that Israeli ISPs are not throttling traffic. In its report, only 3 out of 971 tests were blocked, and out of 17 different ISPs measured in Israel, only 3 blocked P2P. However, these results do not include throttling or shaping. Therefore, we began our experiment without any additional Information.
2.1 EFF’s Switzerland
While we were unable to review the Switzerland logs, mostly due to our failure to coordinate between volunteers’ time to run the scripts, Switzerland assisted us in finding some interesting conclusions. We left a server to seed a .torrent file of a public domain video; our volunteers downloaded and uploaded the file again and again, looking for potential interference by the ISP or RST packets. We were unable to produce any substantial results or conclusions regarding traffic, mostly due to Switzerland’s interface.

However, after a massive number of attempts, we found out that another user is seeding our torrent, from the IP address 212.235.15.36 and not from the libTorrent Client we used (screenshot, screenshot ). We found a mention of such IP address in an Israeli Hardware forum describing it as one of Netvision’s caching servers  (HWZone, 2009). While the IP address is associated with Netvision, we were able to authenticate that a similar IP address is being used in eMule caching (img src) and that 212.235.x.x, which was used in other conversations, are owned by Netvision (whois data). While this is not throttling with user packets, it is considered a severe interference with communication privacy and may be considered intercepting private conversations.

We believe that additional research is required to authenticate whether such activity is taking place in additional ISPs and whether this ISP is caching additional files. Moreover, such caching has severely tampered with our ability to inspect bandwidth throttling, as our inspection of speed was irrelevant once the .torrent and the file were cached on the ISP level.

We also encountered a strange download from a cTorrent download from 213.174.157.6 (screenshot), where we could find slight affiliation with IP addresses that are affiliated with CheckTOR, a company that’s meant to assist copyright holders (Checktor).

2.2 Glasnost Results
We ran Glasnost from different computers and different ISPs, on different occasions and even through random WiFi hotspots, in order to inspect interference with BitTorrent traffic. Glasnost operates in the following manner: it inspects the connection in four different transfers: BitTorrent upload and download over a standard BitTorrent port and over a non-standard port, and TCP upload and download over a standard BitTorrent port and non-standard port. By comparing the TCP and BitTorrent results, information as to whether deep packet inspection occurs, as it prioritizes traffic according to protocol, and by comparing standard to non-standard port information whether port preference occurs.

We conducted at least 8 inspections per ISP and logged them. We compared the results and analyzed them, and our findings were as follows:

2.2.1 Netvision:
Netvision probably operates both deep packet inspection, which we already mentioned when we found that it may cache popular torrents. Our findings where that in standard port uploads, the average ratio of BitTorrent to TCP was 70%, and on non-standard ports it was 81%; however, aggregated ratios (the aggregate of all the upload speeds and download speeds) were 52% on standard ports and 59% on non-standard ports.  In downloads, we encountered similar results, providing an average BT/TCP ratio of 58% on standard ports and 50% on non-standard ports and an aggregate value of 50% on standard ports and 27% non-standard ports.

2.2.2 Bezeq International:
Bezeq International’s results were inconclusive, and because of one inspection, where BitTorrent traffic was 12 times faster than TCP on an upload, the results were inexplicable. Therefore, we omitted this inspection as it was off the standard deviation. Moreover, Bezeqint’s results were inconclusive and could be due to standard deviation in the statistical margin of error, in general, Bezeqint’s BitTorrent traffic was faster than TCP traffic. Our findings where that in standard port uploads, the average ratio of BitTorrent to TCP was 105%, and on non-standard ports it was 69%; aggregated ratios were 104% on standard ports and 52% on non-standard ports.  In downloads, however, the average BT/TCP ratio was 147% on standard ports and 130% on non-standard ports. However, the aggregate download ratio had a value of 137% on standard ports and 36% on non-standard ports. This was caused due to several tests where the ratio on non-standard download ports was below 10%. In these cases, we believe that it may be due to momentary errors and not due to intentional interference.

We can only conclude that uploads on non-standard ports had any discrepancies, and therefore believe that no actual throttling was made.

2.2.3 Internet Zahav / Smile012
Internet Zahav’s results were the hardest to obtain. Nevertheless, we found strong indication of traffic shaping. The amount of results omitted due to blocking of BitTorrent ports was material, and was sufficient to show that some P2P traffic throttling occurs. Moreover, the number of results show zero kilobytes as download speed indicate that some shaping or throttling may be practised during certain hours.

Our findings were that in standard port uploads, the average ratio of BitTorrent to TCP was 81%, and on non-standard ports it was 107%; aggregated ratios were 77% on standard ports and 103% on non-standard ports.  In downloads, we encountered similar results, providing an average BT/TCP ratio of 74% on standard ports and 118% on non-standard ports and an aggregate value of 90% on standard ports and 80% on non-standard ports.

These results indicate that throttling occurs only on standard ports, and on non-standard ports no throttling is inflicted on traffic. This may be due to either DPI or non-DPI interference.

2.2.4 Table:

Indication of low BT/TCP ratio shows DPI or throttling of TCP, differences between standard and non-standard ports show potential throttling based on ports.

3. Conclusions
Our findings are that at least 2 of the 3 major ISPs perform manipulation on traffic, and especially peer-to-peer traffic. We were able to show that deep packet inspection and P2P-caching is performed by at least one ISP and that another one probably operates some kind of preference on specific ports.

We believe that P2P-caching is the most troublesome of all activities and that it should be inspected by the regulatory authorities. Moreover, we believe that further research is required to show actual use of restricting technologies and the use of RST packets or other mechanisms. While we could not determine which technologies are being used, we believe that the use of such technologies could be used to block competition, free-speech and allow wiretapping of voice over ip conversations. The use of preferring technologies should be regarded as restriction of access and be stopped.