January 21, 2012

The Megaupload Mega-Mess: When Innocents Are Crushed

By now you no doubt are aware of the massive (and probably unprecedented in terms of Internet scope) international seizure by the U.S. of the Megaupload file sharing service and many of its principal characters. Word is that famed attorney Robert Bennett will be representing the Megaupload defendants.

The scale of the operation -- with agents swooping in like ninjas -- and the way the various governments involved are touting the results, seem more in line with the plot for the James Bond film Goldfinger than a copyright enforcement action. But as far as I know, there weren't nuclear bombs ticking away in the Megaupload data centers, set to explode and make everyone's data radioactive.

But for innocent users of Megaupload, including vast numbers of paying users who have been using the site for completely legitimate file transfer purposes, their data might as well be radioactive now, or simply "blown to bits" in a mushroom cloud.

Because despite the fact that Megaupload seems to now be in "Whac-A-Mole" mode, popping up and vanishing under various IP addresses, for most users their data has effectively been sucked into the Roach Motel, past the event horizon into a black hole of government evidence and assets forfeitures.

Let's be clear -- there does appear to be plenty of evidence that the operators of Megaupload were indeed engaged in a criminal enterprise at some level, that made a lot of money based on copyright infringements.

To the extent that this is true, they and any users who knowingly participated in their scheme deserve to be punished, but with all due process rigorously observed.

But what of the innocent users of Megaupload? Where is their due process in this game of international data seizures?

There is something extremely disquieting in this picture of governments (especially when reaching into other countries) preemptively shutting down Internet services on which law-abiding persons depend.

The U.S. government in particular has become extremely enamored of seizing assets prior to trial, and in some cases not returning them intact to users in the case of their being found innocent. Auctioning off such seizures has become a tidy little profit center.

This behavior can be viewed as problematic on its face when innocents are involved, but the extension of this sort of logic to the Internet world and cloud-based data storage services could be catastrophic.

One analogy is the safe deposit boxes in a bank. There are certainly cases where the government seizes specific boxes, or states sell off the content of "abandoned" boxes (both controversial issues, I should add).

But the Megaupload case is more akin to the government seizing every safe deposit box in a bank because the bank owners (and possibly some percentage of the safe deposit box users) were simply accused -- not yet convicted -- of engaging in a crime.

What of the little old lady with her life savings in her box, or the person who needs to access important documents, all legitimate, all honest, no crimes of any sort involved.

They are -- to use the vernacular -- screwed.

Whether or not the legitimate users of Megaupload ever get their data back (possibly after it has all been rifled for goodies by various governments), it's clear that honest users who have depended on Megaupload are being seriously injured right now by this sort of government action, which seemingly equates impounding a stolen car with shutting off access to vast quantities of non-infringing users' data, without obvious recourse for those users.

While acknowledging the government's legitimate interest in taking action against specific large-scale copyright violations, the requirements of due process and in particular the protection of innocent parties must have priority.

You don't arrest everyone at a football game because a wanted criminal may be among the crowd. At least, not unless you're attempting to channel the old East German "Stasi" secret police sensibilities.

Our ability to confidently use the ever expanding array of important and useful cloud-based data services of all kinds rests on the assumption that our data will be safe from government overreaching and intrusions into the affairs of law-abiding citizens and their property -- including their data stored on remote Internet servers.

Otherwise, we may find ourselves figuratively in much the same position as 007, strapped to a table with a laser beam moving inexorably up between our legs, wondering if our next data transfer may be our last.

"Do you expect me to talk?"

"No, Mr. Bond. I expect your data to DIE!"

As Shakespeare wrote, "the most unkindest cut of all."

We must do better than that.


Posted by Lauren at January 21, 2012 11:04 AM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein