Time To Name Names.The author of the Lovesan B Blaster variant has been caught! The pirate's name is Jeffrey Lee Parson, an 18 year-old suburbanite from St. Paul, Minnesota. His alleged criminal act caused millions of dollars in damages to businesses and untold suffering to computer users. No deaths have been reported from computer failures as a result of Parson's attack. The hero of the story is the U.S. Attorney in Seattle, whose office will be handling the Parson case. His name is John McKay, and he issued a strongly worded statement in the matter:

"Let there be no mistake about it. Cyberhacking is a crime," said McKay "...We will investigate, arrest and prosecute cyberhackers." (Goldstein, Alan. "Teen charged in Internet attacks." South Florida Sun-Sentinel (30 Aug. 2003) p. 3A.)

SPN believes that McKay should pursue, and Parson should receive, the maximum penalty of 10 years in prison and a $250,000 fine. We also call upon the U.S. Attorney in our district, Marcos Jimenez, to get off the sidelines and start taking cybercrime cases in South Florida as the serious matters that they are.

Good news today for consumer privacy but mixed news for copyright holders. The Wall Street Journal today had a page one story on Gator, the putative spyware leader. The article focused on Gator's potentially spying on your every click online, but it gave short shrift to the issue where many believe that Gator is pirating publisher's content, and copyrights, by popping ads up over publisher's sites without compensating them. Although it was a great article overall, one statement in particular upset our editorial board:

...controversy has been stoked by owners of Web sites who claim that spyware threatens the whole multibillion-dollar ... online advertising [industry] by diverting their customers' eyeballs ... much like a rival TV news channel suddenly scrawling its own message across the bottom of CNN. (Hagerty, James R. and Berman, Dennis K. "Stalk Market; New Battleground In Web Privacy War: Ads That Snoop." The Wall Street Journal (27 Aug. 2003). p. A1)

SPN objects to the qualified "much like." What Gator is doing is exactly like placing one block of text over another block of text. Our CEO sent the following letter to the Wall Street Journal's editorial board:

To the Editor:

As a small business website operator besieged by Gator ads, I was pleased to see that Gator has finally received the front-page attention it deserves. Your article, however, does a poor job of debunking Gator's shameless attempts to wrap itself in a cloak of legitimacy and of addressing the devastation to online publishers being caused by spyware in general.

What spyware systems do is not, in your words, "much like" a rival scrawling unauthorized text over the CNN news ticker; it is exactly like engaging in that activity. I am perpetually amazed at how people and companies engage with impunity in activities online that would instantly be recognized as actionable if not criminal in the offline world. Your analogy of competing messages placed across the bottom of CNN is correct, yet somehow because what Gator does is online, you fail to forcefully assert it.

Strangely, you also fail to adequately recognize that the most hurtful effects of spyware arise because the primary mechanism used is a pop over, meaning that it obscures the publisher's content underneath, rendering a portion or all of the site unreadable until the pop over is dismissed. It's because the ads are perched precisely over a site's content that makes so many publishers despise spyware. Gator tries to legitimize its scheme by painting itself as a consumer-friendly comparison shopping assistant, but many services provide the ability to quickly compare prices or competing sites without popping directly over someone else's hard work. Alexa, for example, puts links to my competitors' sites in its toolbar right above my site's content, but those links do not appear over my copyrighted work as does a pop up. Although it's never fun to see ones' competitors made that accessible, I have no problems with what Alexa is doing in that context and would defend Alexa's right to do it.

Gator, on the other hand, deserves to be fully exposed not just for what it is doing to online privacy, but to legitimate publishers. Perhaps influenced by your secret settlement with Gator, you did a disservice to your readers by not telling the whole story.

Respectfully,

/S/

Mark N. Metz
CEO
StopPiracyNow.org

SPN thanks the Wall Street Journal for highlighting the potential privacy issues and hopes they will continue to pursue the spyware topic and adequately explain the impact on publishers when spyware pirates their content.

A roundup on legitimate music download sites currently out there: Too little to late? Several legitimate players have cropped up to start to offer legitimate music downloads. Things will no doubt change over time, but the current roster includes iTunes (for the Macintosh only), listen.com, pressplay.com, real one and MusicNet. After shutting down Napster, the RIAA has been struggling to find a legitimate business model online in the face of rampant piracy and plummeting compact disc sales. Let's hope these are a first step.

Chalk one up for the pirates? For now, perhaps. According to today's Wall Street Journal, U.S. District Judge Joseph Tauro ruled last Friday that MIT and Boston College may rebuff RIAA subpoenas for student contact information. The RIAA has been gearing up to file, as asserted by them, hundreds of lawsuits against individuals engaged in P2P song swapping. Their defeat here appears to be more a jurisdictional matter than a substantive rejection of the RIAA's claims under the DMCA, and we don't think the RIAA will be deterred for long.

Perhaps some good news today in the Piracy Wars. There's an interesting conference coming up in October called "Creating New Markets for Entertainment Copyrights; Generating Revenue With New Forms of Digital Distribution in the Face of Piracy." This has our attention. It's a shame that the RIAA has felt compelled to sue its customers to defend against piracy; that seems like a sure sign of an industry in decline. It's good to see, therefore, industry leaders getting together to try to alter their business models to start to take advantage of digital technology, instead of trying to fight it. The conference is presented by World Research Group on October 29-30 at the Flatotal in New York City.

A passing thought on the recent worm outbreak -- it's no different than arson. Even though spreading worms, viruses and vandalism is not strictly a piracy issue, we see the similarities to our own anti-piracy battles. In the piracy wars, we contend that the things that people do without a second thought online would be treated as felonies if they were done in the bricks-and-mortar world; try stealing a hundred thousand dollars of CD's from a warehouse and watch what happens, but stealing a hundred thousand dollars of songs using P2P just isn't taken as seriously. Similarly, if you destroy someone's warehouse with fire, you are an arsonist to be relentlessy pursued; but, destroy someone's virtual warehouse by taking their servers offline with a virus or worm, and law enforcement just can't seem to catch up. Yet, worms and viruses are just as, if not more, dangerous than arson. Hospitals, police, fire rescue, public safety and more are all linked in by computer. If a death hasn't happened already, these acts of digital arson put people's lives at risk, no differently than putting a match to a building.

Law enforcement agencies, internationally, need to relentlessly pursue the authors of malicious code and punish them no differently than arsonists. And in the copyright wars, content theives should be punished no differently than those engaged in grand larceny.

SPN's contention is that UCE ("Spam") is a form of digital piracy because it extracts value from someone else's resources (system admin time, end-user time, hard drive space, bandwidth, etc.) without their permission. We note an article online today estimating the carnage in a dollar amount for "false positives:"

Blocked legitimate email, or false positives, is costing U.S. businesses roughly $3.5 billion this year alone, according to a new study from San Francisco-based Ferris Research Inc. (Gaudin, Sharon. "False Positives: Spam's Casualty of War Costing Billions." http://itmanagement.earthweb.com/secu/article.php/2245991 (11 Aug. 2003).)

It's getting tougher and tougher to keep subscribership numbers up for newsletters, and SPN fears that the days of the e-mail newsletter as a business tool are rapidly coming to a close.