MegaUpload case proves we don’t need SOPA or PIPA

It’s ironic that only a day after a massive, coordinated protest against the SOPA and PIPA anti-piracy bills that have been making their way through both houses of Congress, one of the best arguments against these laws was provided by the federal government itself, in a raid on the file-sharing service known as MegaUpload. Not only did the authorities manage to shut down the site and arrest its founders without the need for either SOPA or PIPA, but the facts of the case raise even more red flags about what the government — and private companies — would be able to do to similar services under the proposed legislation.

As GigaOM’s Janko Roettgers reported on Thursday, the founder and six members of the executive team behind MegaUpload were arrested by the Federal Bureau of Investigation, working with police forces and crime-busting units in New Zealand (where founder Kim Schmitz lived in a $30-million mansion) as well as the United States, Hong Kong, Canada and the Netherlands. The indictment says Schmitz was the architect of a global conspiracy that involved money laundering, criminal racketeering and widespread copyright infringement — a conspiracy the FBI says generated$175 million in criminal proceeds and caused “more than half a billion dollars of harm” to copyright owners.

The authorities didn’t need SOPA or PIPA to shut down MegaUpload

This is exactly the kind of foreign-owned and operated “rogue” website SOPA and PIPA’s defenders — including the Motion Picture Association of America and the rest of the media and entertainment establishment — say the legislation is required for, as Mike Masnick has noted in a post at Techdirt. And yet, the FBI was able to not only shut down the MegaUpload site and seize its domain names, but were also able to arrest the entire management team and commandeer all of their assets, such as the servers the company maintained in several different countries and the entire fleet of luxury vehicles Schmitz kept at his New Zealand estate.

The FBI was able to do this because existing laws — including the DMCA, the Pro IP Act of 2008 (which was sponsored in the House by Rep. Lamar Smith, who also sponsored SOPA) and other international statutes such as the Berne Convention and WIPO rules — give U.S. authorities the ability to arrest foreign nationals such as Schmitz, as well as seizing material such as computers and domain names, if the criminal behavior being investigated involves U.S. property. Among MegaUpload’s $50 million in assets were some computer servers located in Virginia, where the indictment was handed down by a grand jury. And while SOPA and PIPA supporters might argue that the bills are necessary to make cases like the MegaUpload takedown easier to launch and prosecute, it’s not clear that making that kind of case even easier is something worth supporting. It may have taken two years, but the FBI and the Department of Justice were still able to shut down a website, seize all its assets and arrest its entire staff without ever having to prove (except to a grand jury in Virginia) that the company is actually involved in wilful and deliberate copyright infringement — and the case against MegaUpload is far from a slam-dunk. The indictment and the Justice Department’s news release certainly tries hard to make it sound as though the case against MegaUpload is open-and-shut, with plenty of salacious details about Schmitz’s New Zealand mansion, his stable of luxury automobiles — with licence plates that read “Hacker” and “Mafia” and “Guilty” — and the millions the company spent on yachts and other toys. And there’s no question that Schmitz (who liked to be known as Kim Dotcom, among other things) has a colorful history as a computer hacker in his native Germany, along with some previous court proceedings involving insider trading. How is MegaUpload different from something like Dropbox? But leaving aside the$500 million in harm referred to by the indictment (since most of that figure represents potential sales of copyrighted material that never occurred, a sum virtually impossible to quantify), the actual facts of the case make it less than obvious that MegaUpload was a massive criminal conspiracy. Yes, emails and text messages show the team referring to themselves as “modern-day pirates” — but even the indictment admits the company routinely removed links to infringing content when it was notified by rights-holders, as required under the DMCA.

In other words, MegaUpload acted a lot like any other file-hosting service such as Rapidshare, or even a file-synchronizing service like Dropbox. While Dropbox offers software that allows users to mirror their files across different devices, in order to do this, it also has to host those files — and users can share folders and links to (potentially illegal) files just as they can with MegaUpload or Rapidshare. The indictment says MegaUpload removed some links to infringing files, but not all of them — but if Dropbox were notified of an infringing file, would it have to remove that file from the folders of every user? And what if some of those users had the right to use that file?

This is just one of the many reasons why the MegaUpload case is troubling: The line between what it’s accused of doing and what other apparently legal services are doing is unclear. Perhaps a court case against the company will make those divisions more obvious, but until they are, having laws like SOPA and PIPA that make it even easier to shut down or financially cripple file-sharing services seems like a bad idea.