I know I have discussed evidence in general in many posts/comments, but I thought it might be good to have a separate article on the topic. So what exactly is Exculpatory and Inculpatory Evidence in relation to Porn Copyright Troll cases?
According to the Legal Information Institute (LII), Exculpatory Evidence (EE) is “Evidence, such as a statement, tending to excuse, justify, or absolve the alleged fault or guilt of a defendant.”
Inculpatory Evidence (IE) – “Inculpatory evidence is evidence that establish the guilt of an accused. It indicates that a defendant committed a crime. Inculpatory evidence shows, or tends to show, a defendant’s involvement in an act.“
Some of you may say that since a vast majority of these cases never make it into the named & served phase (complaint), EE and IE is a moot point. I believe a discussion of this topic is beneficial to the new Doe defendants, as it helps them understand what the Troll is claiming, as well as ways to refute it.
So What Is The Troll Claiming?
The Troll is claiming on a specific date/time, their agents observed the public IP address attributed to your ISP subscriber account taking parting in the illegal downloading/sharing of copyright protected works belonging to Plaintiff.
Possible Scenario – A guest at your residence (large apartment complex) connects to your WiFi Internet connection with his laptop and without your knowledge downloads a copyright protected movie (Big Butt Monkey Love 3) via a BitTorrent client. You may have given him the WEP/WPA/WPA2 password or even just opened up the network for a while. The guest eventually departs and months later you get the ISP notice of a subpoena for your subscriber information due to an alleged copyright infringement. Note: No DMCA take-down notices were issued to the ISP and passed to you. Even if you have logging enable on the WiFi Firewall/Router (WFR), the logs showing what internal IP addressed connected to other P2P peers on an external network are long gone. There will also be NO forensic evidence on your computer, as the offending system is no longer on the network.
So far all the Troll/Plaintiff has is a public IP address for a set time/date of infringement. For all of the federal courts, this will allow the Troll to get early discovery for ISP subscriber information for at least Doe #1 – some courts will allow all the Does in a case). Once they have the subscriber information, they will attempt to make some sort of contact with the ISP subscriber to seek a settlement. You start to get settlement calls from the Troll and give them the Richard Pryor Response (RPR). For this scenario, here is how the evidence looks so far –
- Public IP address associated with your ISP account for a specific date/time of infringement.
- Statement from you that you did not infringe on Plaintiff’s copyright protected work.
- No evidence of BitTorrent software or related .Torrent files on your computer.
- No evidence of Plaintiff’s copyright protected movie on your computer.
- No indications of spoliation of evidence.
- No DMCA take-down notices were issued to the ISP and passed to you.
- You WiFi Internet signal extends to multiple apartments in your complex.
In the above scenario, the Preponderance of Evidence (IE v. EE) is clearly in favor of the defendant. Now be mindful that each courts/jury is different and the evidence can be interpreted differently. For this scenario, unless you come across as a total lying dirtbag to the court/jury, you will prevail. Now the actual evidence may never come out until discovery (if it ever happens), but every Doe should asses “their” situation (just like above) to see where they likely stand. This gives you a great understanding of what the Troll actually has versus what they claim.
What The Troll Wants
The only way the troll can possibly obtain additional IE and tip the scale is by –
- Talking to you or another person with some knowledge. I can guarantee that anything said to the Troll will be used as leverage to get you to pay the settlement. It doesn’t even have to be an admission. Tell the troll that you have caught you 15-year-old son watching online porn and they will try to use it against you. “Mr. Doe, the fact your son watches online porn and we have your IP address does not look good. If a forensic analysis disclose the movie or BT software, your son could be liable for up to $150K. We don’t want to ruin his life over this. My client is willing to settle for $3500.”
- Forensic analysis of the computer systems in your residence shows –
- The copyright protected movie(s) listed in the complaint.
- BitTorrent software installed on the computer.
- Accessing Torrent Web sites (Pirate Bay, etc.).
- .Torrent files showing probable BT activity
- Evidence that shows the above were deleted or erased – destruction of evidence – spoliation.
- Other copyright protected movies that appear to be illegally obtained. The Trolls claim many BitTorrent users will have multiple copyright protected files on their computer.
- Forensic analysis of the WiFi Firewall/Router (WFR). The Troll would love to find out your WFR did not have a default administrative password; you were running it secure (WEP/WPA/WPA2), WiFi Protected Set-up was turned off, and you were only allowing known computers to connect to the WFR via MAC filtering.
- Torrent Web site has email account or other information that can be tied back you. Many Torrent web sites require a user name and password to access the site. These records are very unlikely to be available to Trolls, but it has happened before.
- Location of your residence (address the ISP has on file) in relation to other nearby buildings. The Troll has a general idea on how far a WiFi signal will travel out from your residence. The Troll will use Google Maps/Google Earth to see how many other location may have been able to access you WiFi signal. The more isolated you are the better the Troll feels.
Talking to the Doe is the best option for the Troll, as it is cheap and often effective. That is reason why so much effort is expended in making the letters and telephone calls so scary. It is also the reason I stress the Richard Pryor Response. As far as forensic analysis, I know of no cases where it reached this phase in discovery. It is extremely expensive and if nothing is found, the Troll is almost assured a loss. I know of one Prenda Law case where a roommate provided a computer that once belonged to a Doe to the Troll. Analysis failed to disclose any ‘smoking gun’ evidence, only some software that ‘could’ have been used to copy movies and wipe data.
Possible Exculpatory Evidence?
Use the following list as a starting point in your EE collection efforts. Please note that even if you cannot obtain some really nice EE, that does not mean you should give up. As I said above, stating you didn’t do this is still EE. The Troll only has the Public IP address collected by a questionable technical monitoring firm with obvious financial ties to the troll (i.e. conflict of interest). Just because the public IP address is associated to you doesn’t mean you or the members of your family were the infringers. The goal of EE collection should be to make it clear to the Troll (if ever needed) that the “preponderance of evidence” is clearly in your favor. Take good notes – record the date/time and the names of people who observed or have knowledge of the EE.
The EE List
- You ran your WiFi Internet connection “Open” and didn’t know of any infringing activity. Have since closed the connection or MAC filtered systems allowed on the network.
- You didn’t know your Internet connection was “Open” or of the infringing activity. Have since closed the connection or MAC filtered the systems allowed on the network.
- Never received any DMCA take-down notices from Plaintiff for the alleged period of infringing activity. Didn’t know it was happening and when I found out I checked my WFR for logs. No logs were available because of the late notice from Plaintiff.
- Checked the logs on the WFR and identified unknown systems were using my Internet connection. I have screenshots of the unknown systems as well as notes detailing what I found.
- Check all the system in my residence and no BitTorrent software was installed on them.
- Check all the system in my residence and none of Plaintiff’s movies were found on them.
- Checked my systems in my residence and no torrent files (i.e. “Big Butt Monkey Love 3.torrent”) were found on them.
- During the alleged date of the infringement, my systems was infected by malware and had to be rebuilt by “Geek Squad.” Have notes and receipt for payment for any such work. Note: COMCAST and other ISPs often send out emails detailing when they detect possible malware infection from your IP address. This is great EE!
- You had a lengthy power outage or something else that reset your WFR to its default configuration and default administrative password prior to the infringement date.
Unknown who may have used your Internet connection.
- As you had WiFi Protected Set-Up (WPS) enabled, your WFR may have been exploited and Internet access abused by unknown personnel. WPS Vulnerability List of Vulnerable WFR modles
- Hard drive crashed (or WFR) during the period of alleged infringement. As it happened months before you were notified by Plaintiff, it was disposed of. If you still have the old HD or WFR, do not throw it away.
So many possible exculpatory reasons out there.
I will leave you with quote from a 23 Jul 12, Omnibus Order in which a Florida Court severed Does 2-120. 1:12-cv-20920, Sunlust pictures, LLC, v. John Does 1-120 (page 9). Omnibus_Order_Quash_Sever_20920(FL)
While the Court recognizes that the Doe Defendants have not yet asserted different defenses, the possibility of this occurring rises above the level of mere speculation. For example, due to the imprecise manner in which the Plaintiff identifies alleged infringers, namely by IP addresses, Defendants can assert an unquantifiable number of different factual scenarios to establish that they did not download the copyrighted work (the “it wasn’t me defense”). See In re Bittorrent Adult Film Copyright Infringement Cases, 2012 W L 1570765 at *5. Because it is common today for people to use routers to share one internet connection between multiple computers, the subscriber associated with the IP address may not necessarily be the alleged infringer and instead “could be the subscriber, a member of his or her family, an employee, invitee, neighbor or interloper” Id. Therefore, “the assumption that the person who pays for lnternet access at a given location is the same individual who allegedly downloaded a single sexually explicit film is tenuous, and one that has grown more so over time.” Id at *3. Further, in the Complaint, Plaintiff concedes that IP addresses can change frequently due to their dynamic nature. (DE-1 at P11). As a result, the risk of “false positives” is high and can result in defendants maintaining a variety of “it wasn’t me defenses.” See ln re Bittorrent Adult Film Copyright infringement Cases, 2012 WL 1570765 at *4…
*** 12 Sep 12 *** Here is another Court order (6 Aug 12) from the SDFL, severing Does 2-31 (1:12-cv-20922, AF Holdings, LLC, v. John Does 1-31). Order_SeverDoes2-31_20922(FL) In the order, the court is obviously frustrated with Troll/Plaintiff for not answering repeated questions on the specific details of how it uses IP address geolocation.
But there was no explanation as to how this was accomplished despite this Court’s order specifically requiring a “showing of the precise methodology and technique employed by the Plaintiff in its use of geolocation to establish—to a reasonable degree of certainty—that the Defendant may be found within this district” and “that due diligence, as well as due care, [has] been employed in ascertaining that the IP addresses associated with the alleged tortfeasors are or were assigned to a system or node that can be used to reasonably calculate the identity of the alleged infringing party.” [D.E. 28 at 6].
Now if we can only get the courts to start questioning the software and personnel conducting the technical monitoring (6881 Forensics – Peter Hansmeier), we can start to have an effect on the subpoenas for ISP subscriber information.
Also in this order, the court stated there is likely to be various defenses -
Some might claim to be victim to unapproved use of their home unsecured wireless internet network, and that an unknown (and likely unidentifiable) party engaged in the alleged activity. 11 Others may claim that their computer was infected with some variety of malware, and that if their computer engaged in the alleged infringing activity, it was not under their control. Others may simply invoke the “it wasn’t me” defense. Lastly, it may be claimed that their computer contained only unusable bits of data, not viewable or usable in any way unless they obtained more data allowing the file to be assembled into Plaintiff’s video. Procedurally, some Defendants may move for summary judgment. Others may move to dismiss. A few may wish to proceed to trial. 12
11 - This argument has already been raised by one defendant in her “Motion To Squash/Vacate” [sic] [D.E. 12].
12 – Despite Plaintiff’s demand for a jury trial, it appears that the majority of BitTorrent cases are filed without the intent to actually proceed to a jury trial.
Make sure you read all the footnotes – this judge likes to use them there are some good points – such as #12 above.