EDIT: There have been comments informing me that Dropbox keeps a local copy of files on a users desktop (generally speaking), thus making some of my Dropbox examples less relevant. While true, the purpose of this post is around the legal precedent being set vs. a specific fear for a specific provider. As you read, feel free to think of whichever provider you wish interchangeably with Dropbox.
I’m the first to agree that any website obviously engaged in piracy (vs. having independent users leverage the platform in unintended ways) should be shut down, and if this is the case with Megaupload, it should be shut down. However, the way Megaupload was shut down raises scary implications. With cloud based storage becoming primary for many, it is rather jarring to have people losing legitimate files in the process, with no recourse to immediately find or recover them. I store a lot of personal files in Dropbox, and if they ever got megauploaded (I’m sure there is unintended piracy at Dropbox) I’d likely lose my copies. One has to wonder how many users have less faith as a result.
We also need to consider that the average user is likely unable to determine what a websites primary use is outside of their personal use case (would your Father know MegaUpload was mostly piracy, or would he think it is a site to share and store files?).
The conclusions here alone are scary: – If a website has significant piracy, it will be shut down at the expense of legitimate users; – Legitimate users may be unaware of the piracy while using a legitimate service; – Users have no recourse to immediately recover legitimate files; and – Legitimate users may thus be less likely to use cloud services / cloud storage.
If a site must be shut down we, at the very least need a mechanism for users to immediately recover legitimate files.
Nothing above sounds attractive (at all!) to our industry. I wanted to dig further into the indictment based on the information I could find, and am concerned that a cornerstone of the argument rests on the way infringing files are deleted.
The Digital Millenium Copyright Act provides safe harbor for sites which take down illegal content within a reasonable period of time, of which they had no prior knowledge of. Broadly speaking, it’s a concession whereby a sites users upload illegal content against the sites wishes, and is why companies such as Youtube don’t get shut down.
The Megaupload indictment reads that they removed links to the illegal file, but did not remove the actual file. To those blissfully unaware of how the file systems / internet cloud storage works, this makes sense. But, let’s consider how an average file sharing service works:
User A comes along and uploads a file (say, the film Big Fish.) User B, whom has no relationship to User A, uploads the same file. Instead of store the same file twice, most services will recognize the file is the same and give both users a differing ‘link’ to the same file. If User A deletes the file from their service, they are deleting their ‘link’ to the file, so as not to affect User B. Only when no users have a ‘link’ to the file will it be purged from servers (and in some cases, if a file is routinely popular, it may remained on the servers to account for future uploads).
When receiving complaints, Megaupload removed the ‘link’ to a file, with the assumption that other uploaders’ of the file were legitimate. If you still think that this move is directly supportive of piracy, consider the user who saves backups of digital purchases they have made / old digital content (legal in some jurisdictions). Removing a link, vs. the actual file, is clearly the fairest solution so as to not harm legitimate users.
If the precent is set that the physical file must be deleted where one of many users with ‘links’ engages in illegal activity, things will become very scary. All of a sudden, I can’t trust any file storage, saving or backup mechanism where I don’t hold the physical hard drive. Most less informed users won’t realize this until they get burned.
TODO – migrate rest