The Beatles, in digital form:

Last June I wrote about the rumors of the Beatles – one of the only major bands to still refuse to release their catalog online – coming into the digital world.

In October I wrote that it was my current neighbors, Cambridge’s own Harmonix, that brought down the beast.

Today, the honorable Mr. Carleton Atwater posted up a trailer for game (scheduled for release 09/09/09):

How weird is it to see a video of the Beatles on YouTube, without fear of seeing the “Video removed due to copyright claim from Capitol Records” screen a few hours later? For more on the details of the game, head on over to Pitchfork.

Sotomayor on Copyright Law

As a followup to Monday’s post, head over to the blog Ex(c)lusive Rights to see an impressive list of all of the copyright/soft-IP decisions Judge Sotomayor did while working the Second Circuit and the S.D.N.Y. As Gizmodo puts it, Sotomayor knows stuff about computers. Many thanks attorney Shourin Sen for putting this list together (and promising to update it as more are found).

This might have been my weekend reading material, if my weekend wasn’t already so busy reuniting with my old production/promotion company to help produce one more festival. See you all when I come back.

Quick update: /. says Last.fm did in fact give up users to the RIAA (but they didn’t want to)

Update 6/3 - As that “grain of salt” warning suggested, Ars Technica posted on Monday 6/1 that that last.fm denies this in the clearest terms possible:

As a result, Last.fm’s Russ Garrett has issued a strongly worded denial on Last.fm’s forums. “That particular data is controlled tightly inside Last.fm and is only stored for a short period of time. Any request for such data would have to be approved by myself first. The suggestion that CBS’s ops team provided this data is just not possible—Last.fm operates as a separate entity and their operations staff do not have access to our system,” Garrett said. “It really seems like someone is trying to slander us here.” In another post, Garrett clarified that Last.fm has never given data linking IPs to scrobbles to any third party or to CBS, for that matter.

This doesn’t really change my analysis below as to whether they could do such things without violating the Privacy Policy for the website, but it certainly should allow last.fm users to breath a sigh of relief.

Original post below…

All of this is done with anonymous sources, so take it with a grain of salt, but /. contributor “suraj.sun” says TechCrunch, the party responsible for breaking the Last.fm-gives-up-users-to-the-RIAA story in February, now has released another story claiming additional sources have confirmed that Last.fm data was leaked to the RIAA, by way of parent company CBS:

Here’s what we believe happened: CBS requested user data from Last.fm, including user name and IP address. CBS wanted the data to comply with a RIAA request but told Last.fm the data was going to be used for “internal use only.” It was only after the data was sent to CBS that Last.fm discovered the real reason for the request. Last.fm staffers were outraged, say our sources, but the data had already been sent to the RIAA.

I documented the initial leak back in February, and I noted how impractical it would be to try and base an infringement claim on Last.fm data. It seems TorrentFreak agrees with that conclusion. I still am very skeptical that this happened, but given what we’ve seen from the RIAA over the past few months I’m more inclined to believe the RIAA would try this, as part of their “kitchen-sink” strategy for litigation.

TechCrunch also argues in the link above that such disclosure would violate Last.fm’s own Privacy Policy. I assume the part they mean is…

Certain third party individuals or organisations may have access to your personal information (excluding your email contact information) via Last.fm’s API and webservices or as a result of agreements between Last.fm and its preferred partners. (However, you should be aware that if you provide your e-mail contact information and/or username directly to any such third parties, they may use your information for their own purposes.) Such partners may use such information for their own purposes, which may be either commercial or non-commercial in nature and which may include targeted advertising or direct marketing. These third parties may be based in the United Kingdom or elsewhere (including outside of the EEA). [Emphasis added; British spellings in original]

…paired with this:

We believe in privacy and therefore will take all reasonable measures to ensure that your personally identifiable information remains private. However, in the event that we are required to disclose personally identifiable information by a court, the police or other law enforcement bodies for their investigations, regulation or other governmental authority we will make such a disclosure without being in violation of this Policy.

Assumedly, TechCrunch is arguing that Last.fm lists mandatory disclosure to “a court, the police, or other law enforcement bodies” at the exclusion of other interested third parties (to wit, the RIAA). As Last.fm promises not to give up your “email contact information,” this would mean a personally identifying disclosure to someone who is not a court or the police would be off limits acording to the Privacy Policy. However, you also see this clause…

We collect data regarding the users of Last.fm, including: (i) The Internet Protocol (IP) address of the user’s computer. This may or may not be associated with a particular Internet Service Provider (ISP); (ii) The referring URL, if any; (iii) The browser software identification (i.e. the brand and version of your browser software).

… and it makes no mention as to whether or not the IP address is part of the “personal information” which Last.fm makes available to third parties. So, by disclosing the IP address and not the email, CBS/Last.fm could still give up info to the RIAA and not violate the Policy.

(When I posted about this a couple months ago I also got into a quasi-fight with one Jonty Wareing of Last.fm, who thought I was doubting his existence. Jonty? You still read this? Want to comment on this story?)

DC’s fog advice: “add_protective_actions_here.”

On Monday I poked a little fun at a direct message I received from Boston Police via Twitter. Not to be outdone, DC’s emergency information network AlertDC sent the following warning via email today:

I’m not sure how bad the fog is in DC (apparently it merits a “WARNING”), but I’ll be sure to take_appropriate_actions_vis_à_vis_this_fog_situation when I head out today.

RIAA Update: the lawsuits haven’t stopped

Late last December I wrote about the supposed suspension of the RIAA’s mass-lawsuit campaign against filesharers, as reported by the Wall Street Journal. There I noted (care of Recording Industry vs. The People) that several new lawsuits were filed immediately after the announcement. At the time this fact was dismissed by the Association, claiming these complaints were already headed down the pipeline, and therefore not new in the way they meant when speaking with the WSJ. I met that argument with a healthy dose of skepticism, and today it seems my doubts were validated.

It is two and a half months later, and RIAAv.TP reports that at least one new case has appeared in courts as recently as two days ago. Techdirt is jumping on this claiming the WSJ announcement was nothing but a “huge PR campaign.” Could it be that the ISP-filtering tactic proposed by the RIAA was so soundly rejected by the tel-coms that they decided to revert back? Was this all PR? Didn’t we already establish the lawsuits were a gigantic waste of money?

I’m trying very hard to give the RIAA the benefit of my (substantial) doubts, but it’s getting increasingly harder to do so.

NYPD Officer involved in the Critical Mass YouTube incident dismissed

Last summer I wrote a piece about this video (after Jared got things started), depicting a NYPD officer checking a rider during a Critical Mass ride:

TheWashCycle reports today that the officer in this incident has been dismissed from the NYPD, after being suspended while facing charges of making false statements.

One naturally wonders how the outcome would differ if this video didn’t exist. One also wonders how many stories like these will come out of the RNC protests.

Last.fm denies giving up users to the RIAA

This has been quite the week for the web. First we had the whole Facebook fiasco (which seems to have motivated Facebook to do the right thing and revert back the terms of service, leaving unanswered questions about how binding terms of service are in these sorts of circumstances), then our attentions turned to the Pirate Bay trial – where the old “making available” issue has come up again, this time in an international law context – and yesterday TechCrunch dropped this bombshell:

That leaked U2 album is causing all sorts of trouble. The unreleased album, which is due out on March 3, found its way onto BitTorrent and was downloaded hundreds of thousands of times. That, apparently, sent music industry lawyers over at the Recording Industry Association of America into a fit. As a result, word is going around that the RIAA asked social music service Last.fm for data about its user’s listening habits to find people with unreleased tracks on their computers. And Last.fm, which is owned by CBS, actually handed the data over to the RIAA. According to a tip we received:

I heard from an irate friend who works at CBS that last.fm recently provided the RIAA with a giant dump of user data to track down people who are scrobbling unreleased tracks. As word spread numerous employees at last.fm were up in arms because the data collected (a) can be used to identify individuals and (b) will likely be shared with 3rd parties that have relationships with the RIAA.

(The U2 leak they’re referring to, we know now, stems from an accidental posting of the album on Universal Music Group’s Australian website.)

Last.fm, for those unfamiliar, is a service whereby users download a program which synchronizes with your iTunes or other MP3 player on your computer and posts on the website what you’ve been listening to recently. Users visiting my profile, for example, will see that I’ve been listening to the Mountain Goats’ All Hail West Texas for about an hour or so. Here, like Facebook, you can friend users, join groups, and write to each other, building little networks and communities around the music. Last.fm adds the perk (which cost them a fortune in negotiation and legal fees) to stream songs either in full or in brief snippets. So if I see a song on someone’s playlist that I don’t know I can click on it and hear what the song sounds like. This leads to endless music discovery, which Last.fm buttresses by applying its own algorithms to recommend music. It’s also a handy tool to look through my own past and track my own changes in listening habits. I find this especially fascinating, for a variety of reasons.

I’ve been using the service for almost four years (technically, I started on Audioscrobbler, which merged with Last.fm shortly after I joined). I’ve recorded over 40,000 plays. When CBS bought Last.fm in 2007 I worried as to what would happen to the service, but nothing to date shook my loyalty to the service like the announcement yesterday. Naturally, I was relieved when my friend Brian posted this link to a Last.Fm user forum, where website developer Russ Garrett categorically denied the TechCrunch story:

I’d like to issue a full and categorical denial of this. We’ve never had any request for such data by anyone, and if we did we wouldn’t consent to it.

Of course we work with the major labels and provide them with broad statistics, as we would with any other label, but we’d never personally identify our users to a third party – that goes against everything we stand for.

As far as I’m concerned Techcrunch have made this whole story up.

I am inclined to believe this denial over the friend-of-a-tipster story. There’s no feasible way for the RIAA to base a claim on this sort of data alone. The best it provides is some intelligence as to how the leak spread across the world. For one, you simply cannot base a claim against a user for playing an unpublished song in the privacy of his or her own home. This is not a cognizable right under copyright. Last.fm does not stream a song unless the record company uploads it directly to Last.fm, so there’s no way by which the user’s playing it will somehow create a “public performance” of the work. Nor has a claim of “distribution” garnered much success when all the rightsholder is alleging is that the Last.fm user downloaded the song; generally, the holder has to allege that the user distributed the song to others. (This does become a bit easier, in theory, when you can show that the song was downloaded through BitTorrent, which by nature uploads at the same time as it downloads. However, this is much harder, in practice, as the way BitTorrent shares files makes tracking any given user nearly impossible.)

Even if we assumed that Last.fm was going to release IP addresses and names (which they may or may not have), this would require the RIAA to get a search warrant and bring a criminal claim against the user, which would require a showing of probable cause of distribution, which I don’t believe a judge could give in this context. In the alternative, the RIAA can do what they’ve done with the other P2P filesharing lawsuits and sue the user in civil court, and later over the course of discovery try and “discover” that they distributed the song. This seems unlikely for a few reasons. The RIAA has declared that they no longer plan to use lawsuits as an anti-filesharing tactic. Given the nature of BitTorrent, it is almost impossible to track users, much less prove under any burden that the user distributed the U2 album. Nor would this fare any better than the traditional P2P lawsuits to dissuade users. If anything, it will cause users to leave Last.fm – which directly hurts CBS, whose CBS Records is member to the RIAA. This would be directly detrimental to a RIAA member.

I do think this is valuable, and I do think it was smart for the RIAA to look here, if they did, but all they will find or could hope to find is aggregate estimate of the size and the scope of the leak. I’d suspect a breach of contract claim or a firing of an employee at the website that accidentally posted the album long before I expect to see a Last.fm-based lawsuit coming out of this incident.

Update (22 Feb): Paid Content has a few more denials from Last.fm, including comments from Last.fm co-founder Richard Jones, and Jonty Wareing (a developer, though the name is suspect) adding, “you could also expect most of the Last.fm staff to walk out of the office door and never return,” were they to give out the data as alleged.

Update 2 (23 Feb): The Last.fm blog does a thorough, thorough denial. This is all over Digg today, too. Thanks to Ryan for pointing this out.

Update 3 (6 April): To be clear, I don’t doubt the existence or programming skills of one Jonty Wareing. I just think having a programmer named “Ware-ing” is like having a pastry chef named “Johnny Baker” or having a farmer name “Sue Growscropswell.” Sorry if I offended the delicate sensibilities of UK programmers.

Speaking of birthdays…

My friend Aaron reminded me yesterday of an article by GWU Law Professior Brauneis about the debated copyright status of “Happy Birthday To You.” I wrote about it last May. Long story short: there are at least three good reasons why that song is technically in the public domain – and still, millions of dollars are made annually on the licensing of the song.

Stephen Colbert sang it on the air for Lincoln’s birthday last week. The host at the restaurant I went to last night for my birthday sang it. I wonder if either of them opted to get the license.

If you have time, be sure to read Prof. Brauneis’ article (you can find it here). Hope you enjoy.

Fast update on Live Nation / Ticketmaster

Wired reports what my friends in Justice were saying last week – the Justice Department will formally be investigating the proposed Live Nation / Ticketmaster merger.

FMC Policy Day: watch the whole event.

Thanks to the magic of the Internets and the FMC Blog, you can now watch all of the Future of Music Coalition conference I wrote about yesterday.