Caution: You’ve been hacked — and sued
The newest legal challenge on the horizon for businesses may be the rise of what is known as “The Copyright Troll.” Copyright Trolls are generally companies formed by attorneys whose sole purpose is to secure the enforcement rights from content providers (usually movies) and then find infringers (using a special software) — wherein those same attorneys sue the infringers in federal district court.
Simply put, these lawyers build a list of people who illegally download things like movies or photographs and when they’ve built a list, they sue them all on behalf of the movie maker.
A few years back, the movies were pretty high brow, usually independent films that were nominated for Academy Awards. The Hurt Locker is an example. The Trolls filed suit naming several hundred John Does, subpoenaed the infringers’ ISP for the account information corresponding to the IP address that downloaded the movie, and sent out a demand letter.
In truth, a lot of the alleged infringers probably downloaded the movie, which is illegal. The amounts to settle were relatively low — $1,500 -$2,500. The infringers sheepishly paid the money and learned a bit of a lesson to share with their kids: Don’t steal other people’s copyrighted creative work. It’s a bit of a slick business model: Everything is geared for economies of scale and the demand was priced low enough that it didn’t make economic sense to fight it.
However, the current iteration of The Troll takes the business model to another level. The movies are not as high-brow and generally involve pornography. This change has introduced a shift in the demographics of people coming into our offices with demand letters.
Gone were the thirty-somethings that were good with technology and downloaded pirated movies using bit torrent software even though they knew it was wrong. They were replaced with retirees – grandmothers and great-grandmothers who are not so computer savvy. By and large, these older folks also have unsecured wireless networks, so neighbors or other third parties download the content using their network.
An additional twist: Most consumer wireless routers do not extend back far enough to provide the alleged infringer with the exonerating evidence of who actually downloaded the content. Additionally, the demands are still relatively low when compared to the cost to legally fight the allegations, but also high enough to cause pain to those on a fixed income.
Here’s the ugly, new situation nearly anyone with a computer can face: A client of ours was out of the country with no one home when a download supposedly took place —some allegedly downloaded pornography on their computer. They received a demand letter from a Troll for $8,000.
Does the elderly couple fight the allegation or pay the eight grand? To prevail, the Troll/plaintiff must prove that the defendant (our client) actually infringed the copyrights, so the accuser must work to win. But once named in a federal lawsuit a defendant is going to be spending money regardless – either they settle the case or they have to defend it. Getting you out of the case will costs thousands at a minimum and more realistically will be in the tens of thousands of dollars.
These instances are concerning because they are also beginning to show a sophistication in those committing the infringement – the ability to utilize viruses or hack passwords. Additionally, the demands from the Trolls seem to be going up as well. We expect to see demands go even higher than $8,000.00.
While most WIFI routers have the ability to have pretty good encryption that would withstand a brute force attack, must businesses do not use strong enough passwords. A thirteen character password that is made up of random numbers and letters is generally recognized as being sufficient. Anything short of that and you are most likely at risk. Readily available programs can break weak passwords in under an hour.
Moreover, business owners need to make sure their work computers and any machine that connects to its network are free of bit torrent software, as they could be liable for the infringing acts of their employees.
Finally, businesses should always have up-to-date virus software on all of their computers and perform routine scans to minimize the chance that a third party is entering the network through an infected machine. Not only do these precautions prevent the potential theft of your business data, they can help prevent you and your business from landing in the middle of a German pornography copyright infringement lawsuit. And that ain’t pretty — or cheap.