home

Walking Back Through the MegaUpload Indictment

It seems to me, going through the timeline in the 72 page Megaupload Indictment, there are some events and players the media hasn't bothered to explore yet in any great detail. They are: [More...]

1)The Carpathia Hosting company execs who e-mailed with two of those indicted, who received megabucks, and whose names are given as initials, DS and JK. (Added: My assumption the intials belong to Carpathia execs as opposed to execs of another hosting company may be incorrect, see comments below.)

(2) a few employees who are referred to as "non-indicted co-conspirators", which is a pretty good indicator they assisted the investigation to get out being charged themselves or for lesser charges; and

(3) the criminal search warrant that was issued in June, 2010, in the Eastern District of Virginia, a copy of which was provided to both Carpathia and Megaupload.

While the the Indictment doesn't say what the warrant was for, it's seems to me it was for the Carpathia servers in Virginia that hosted Megaupload.

ttt. On or about June 24, 2010, members of the Mega Conspiracy were informed, pursuant to a criminal search warrant from the U.S. District Court for the Eastern District of Virginia, that thirty-nine infringing copies of copyrighted motion pictures were believed to be present on their leased servers at Carpathia Hosting in Ashburn, Virginia.

On or about June 29, 2010, after receiving a copy of the criminal search warrant, ORTMANN sent an e-mail entitled “Re: Search Warrant – Urgent” to DOTCOM and three representatives of Carpathia Hosting in the Eastern District of Virginia. In the e-mail, ORTMANN stated, “The user/payment credentials supplied in the warrant identify seven Mega user accounts”, and further that “The 39 supplied MD5 hashes identify mostly very popular files that have been uploaded by over 2000 different users so far[.]” The Mega Conspiracy has continued to store copies of at least thirty-six of the thirty-nine motion pictures on its servers after the Mega Conspiracy was informed of the infringing content.

According to the Indictment, the examination of material stored on the servers extended to November, 2011. The Indictment was returned January 5.

... As of November 18, 2011, more than a year later, thirty-six of the thirty-nine infringing motion pictures were still being stored on the servers controlled by the Mega Conspiracy.

This part of the investigation -- on the servers -- was likely complete by November 18 or so. They probably spent the time between November 18 and Jan. 5 doing the paperwork to get approval from the Organized Crime and Racketeering Section to indict on the RICO Counts and taking the case to the grand jury.

During all the months it was examining the servers and e-mails, pursuant to the search warrant(s), it left the servers in care of Carpathia. The indictment says "Carpathia Hosting continues to provide the Mega Conspiracy with leased computers, Internet hosting, and support services as of the date of this Indictment."

I think a fair reading of the e-mails between Kim DotCom and the Carpathian hosting company execs is that they all knew other versions of infringing material remained on the servers after they complied with take-down requests.

aaaa. On or about January 13, 2011, DOTCOM sent a proposed Megaupload.com public statement regarding piracy allegations against the website to hosting company executives DS and JK. On or about January 13, 2011, DS replied to DOTCOM: “It looks accurate to me. good luck.” The same day, JK replied, “Using the words, ‘….vast majority is legitimate.’ Opens you up. It’s an admission that there are ‘bad’ things on your site. I would get rid of that so it simply reads that it is legitimate.

Then there's the money:

The Chief financial officer of Carpathia is referred to as WR. WR also appears to still be the CFO of Carpathia. Yet, while the indictment seeks all criminal proceeds, and lists the payments to Cardathia, and bank accounts have been seized, it's not clear that it's going after Carpathia for the money:

It was further part of the Conspiracy that multiple transfers, which involved proceeds of criminal copyright infringement in the Eastern District of Virginia and elsewhere, from a DBS (Hong Kong) Limited bank account for the Conspiracy were made in and affecting interstate and foreign commerce by a member of the Conspiracy, and the transfers were directed to a PNC Bank NA account for Carpathia Hosting in Richmond, VA, including the following:

a. On or about December 20, 2010, a transfer of approximately $720,000;
b. On or about March 31, 2011, a transfer of approximately $1,060,274;
c. On or about May 5, 2011, a transfer of approximately $950,000;
d. On or about June 2, 2011, a transfer of approximately $950,000; and
e. On or about July 5, 2011, a transfer of approximately $950,000.

It was further part of the Conspiracy that multiple transfers, which involved proceeds of criminal copyright infringement in the Eastern District of Virginia and elsewhere, from the PayPal account for the Conspiracy in Hong Kong were made in and affecting interstate and foreign commerce by a member of the Conspiracy to the benefit of Carpathia in Ashburn, including the following:

a. On or about October 7, 2008, transfers totaling approximately $90,000 to WR, the Chief Financial Officer of Carpathia Hosting;
b. On or about May 30, 2010, transfers totaling approximately $688,852 to WR, the Chief Financial Officer of Carpathia Hosting; and
c. On or about July 2, 2010, transfers totaling approximately $688,852 to WR, the Chief Financial Officer of Carpathia Hosting.

...From on or about March 1, 2007, through July 3, 2010, payments totaling approximately $13 million were transferred in and affecting interstate and foreign commerce through PayPal by a member of the Mega Conspiracy to WR, the Chief Financial Officer of Carpathia Hosting.

Isn't it a little curious that Carpathia Hosting isn't mentioned as being a co-conspirator? Is it because they have no liability, or because they cooperated?

Carpathia does have clauses in their contracts and terms of use referring to the obligations of their clients not to post infringing content on their servers. Is that enough to shield them?

In 2007, when Megaupload signed with Carpathia, Carpathia issued a press release. They surely knew how huge Megaupload was and how much bandwidth it used:

March 1, 2007 — (WEB HOST INDUSTRY REVIEW) — Web hosting provider Carpathia Hosting (carpathiahost.com) announced on Thursday that it will provide hosting services for online storage and file downloading services provider Megaupload (megaupload.com).

According to Alexa.com, Megaupload is ranked as the 12th most popular site on the Web, attracting over 1,500,000 unique visitors per day. Carpathia will provide the online storage provider with fully managed dedicated servers with redundant 20GB switching and routing infrastructure.

“To win the business, we bench tested every component from the edge routers to the servers to eliminate possible bottlenecks,” says Rick Smith, CEO of Carpathia Hosting. “What we found was that even the most premium of equipment required augmentation to allow the 12TB servers to push the large amounts of bandwidth needed to support Mega.”

Since none of the major execs at Carpathia seem to have left the company recently, I'm guessing they aren't in any trouble. But that still leaves the question, why not?

As to the e-mails in which possible employees are referenced by initials as undindicted coconspirator's, there are these:

qqq. On or about February 1, 2010, BATATO sent an e-mail to an unindicted co-conspirator with the subject “[tradeit] – Campaign stats” stating “We can’t deliver [Hong Kong] traffic because the company is based in [Hong Kong] and we don’t want to experience any trouble with license holders etc. Remember, I told you about that topic ;-)”.

bbbb. On or about January 27, 2011, ECHTERNACH received an e-mail from an unindicted co-conspirator stating that “video resource sites such as youtube which is our source for videos which we upload to megavideo.”

Why aren't they charged? It sounds like these two unindicted co-conspirators are company employees who cooperated in exchange for not being charged or getting reduced charges later.

One last thing, on a semi-related topic. There's an interesting reference in the Indictment to Kim Dot Com being displeased with some competitors. So what does he do? He rats them out to Paypal, trying to get their accounts canceled.

On or about October 14, 2011, DOTCOM sent an e-mail to a PayPal, Inc. representative indicating: Our legal team in the US is currently preparing to sue some of our competitors and expose their criminal activity. We like to give you a heads up and advice you not to work with sites that are known to pay uploaders for pirated content. They are damaging the image and the existence of the file hosting industry (see whats happening with the Protect IP act). Look at Fileserve.com, Videobb.com, Filesonic.com, Wupload.com. Uploadstation.com. These sites pay everyone (no matter if the files are pirated or not) and have NO repeat infringer policy. And they are using PAYPAL to pay infringers.

I'm out of time, but I intend to come back to these topics and bring in the other mega-company involved with MegaUpload to see where it fits in: Cogent Communicaitons, which according to the Indictment, owns and operates 43 data centers around the world:

Megaupload leases approximately thirty-six computer servers in Washington, D.C. and France from Cogent Communications that are used for the Mega Sites.

The Government didn't sever that relationship either:

Cogent Communications continues to provide the Mega Conspiracy with leased computers, Internet bandwidth, hosting, and support services as of the date of this Indictment

There's also Adbrite, the ad agency in SF that according to the Indictment, paid Megaupload $840,000 in ad money. And one more loose end: whoever Megaupload paid $185,000 to for this:

87. It was further part of the Conspiracy that on or about November 10, 2011, a member of the Conspiracy made transfers of $185,000, for the purpose of promoting criminal copyright infringement, associated with an advertising campaign for Megaupload.com.

It sounds like that money went to produce the MegaUpload song that all the music stars appeared in. There's no mention in the Indictment of who actually received that money: The music stars, or someone else, or whether the recipient of the funds is facing criminal or civil forfeiture exposure for accepting tainted funds.

The Government has a master plan here, from the use of RICO (rare in a criminal copyright infringement case), to the carefully made plans to coordinate with New Zealand to do the takedown, and with Hong Kong to do bank seizures. The feds were out to make this the biggest test case ever. And yet, it's primarily built on servers, emails and dollars. Megaupload may have done all that's required in responding to the violation notices. That's one area that does need litigation and a decision.

And given that the investigation began around March, 2010, and continued to November, 2011, it's unlikely the charges or arrests had anything to do with SOPA or the protests. The arrest date was clearly picked because the others were flying in for Kim Dot Com's birthday party and they had the opportunity to arrest them all at one place.

Most of the case is pretty straight forward: they sent subpoenas to Paypal; they got search warrants for the servers with the e-mails, possibly hosted at Carpathia; search warrants for the other servers at Carpathia (and maybe at Cogent); and seizure warrants for the funds in the banks. Using RICO, they likely also got restraining orders. They have a lot of documentation. What they need now is for the law to be on their side. That seems to still be up in the air.

I hope DotCom and the other 3 get bail. They seem to be inclined at this juncture to fight, and this is a battle that could take years. Defending a lawsuit while incarcerated is always tougher and wears clients down. It restricts preparation and time with counsel. It's like fighting with one hand behind your back. At least on bond, they can help their attorneys prepare the case. To be continued.

< Bail Decision Postponed for Kim DotCom of MegaUpload | Supreme Court Rules GPS Monitoring Requires Warrant >
  • The Online Magazine with Liberal coverage of crime-related political and injustice news

  • Contribute To TalkLeft


  • Display: Sort:
    As a layman, (5.00 / 1) (#2)
    by Makarov on Mon Jan 23, 2012 at 10:43:56 AM EST
    my basic question about the case is:

    If Mega did everything required under the Digital Millenium Copyright Act (e.g. always removed files/links to infringing content), then what exactly did they do that constitutes a crime?

    Assume the government can prove Mega officials knew that some of the content on their service was unauthorized copies, but not necessarily which specific files. Suppose they can also prove that certain users were "habitual offenders" who continually uploaded unauthorized copies.

    The DMCA specifically gives internet service providers, including file hosting services, safe harbor for unauthorized copies/pirated material IF they remove offending files on notice. The entertainment industry has been successful in some countries getting laws written to address users who are "repeat offenders", but I don't believe any such law exists in the US.

    The government can argue Mega knew there was unauthorized copies in addition to the ones they removed, and they could have done more to protect the IP rights of various parties. However, if they did what was required under US law, I don't see how their service was a criminal conspiracy even if they were paying 3rd parties based on links or numbers of downloads.

    Without the safe harbor provisions of the DMCA, Youtube aka Google is a part of a criminal conspiracy, as is Comcast, Verizon and every other internet service provider. The government should have to show why safe harbor applies to these companies, but not Mega.

    If I Understand This Correctly... (5.00 / 0) (#3)
    by ScottW714 on Mon Jan 23, 2012 at 11:19:10 AM EST
    ...they want anyone who stores files for others to make sure the content isn't copyrighted ?

    What's really odd to me is they aren't going after the people who actually put the copyrighted materials on the servers.  To me it's like going after UPS for delivering illegal prescriptions instead of going after the people who are actually sending them.  The difference of course is the people sharing these files are individuals, not companies.  Which is why they aren't going after them, too much work and little reward, so they go after the delivers.

    This has basically shut down the internet for people like myself that like downloading loads of legitimate files from individuals.  MegaUpload might be the only company to be indicted, but the other similar companies have shut down their sites.  I assume to get in compliance and ensure they aren't storing copyrighted data.  Which isn't actually illegal unless it's being shared.

    What seems to be forgotten is nearly everything they stored was legal; ditto for their competitors.

    My theory is the arrests were planned with the assumption that Congress would pass PIPA/SOPA, which clearly made these deeds illegal.  Now instead of using legislatures to get their non-sense passed, they are going to try the judicial branch.  Too bad they can't lobby them legally...

    With everything headed towards the cloud, which is essentially what MegaUpload does, is ever file on these servers the responsibility of the company to ensure it's not copyrighted.  I have nearly all my data on an online server and there is plenty of at the very least questionable material.  Nothing flagrant, but are for example, are Apple iPhone graphics copyrighted, probably.  And I have tons of graphics that I openly share.  This is true of anyone that saves a picture with watermark and emailed to others.

    Part of the problem, at least with me, is the huge difference between what is legal and what the industry thinks is illegal.  I don't think we need data storage companies determining what is legal, because they will always error on the side of caution out of self-interest.  

    It's also unfair to put this burden on them because it's simply easier then going after the individuals who actually are committing the crimes.  It's not like these files are clearly marked, no one is storing Office2010 as Office2010.zip, ditto for music, and movies.  Is the server to unzip each file to ensure it's legal ?  The host provides the description which in many cases in on a different server, with a link to a file name like DFGJ91FJELFU43.rar that is stored at a file server site.

    But I think more importantly this is a huge display of where our government has been headed for years.  When the people are ripped off by corporations, not much is done.  But when the corporations are ripped of by the people, it's go time.  If the government would have gone after WS like MegaUpload...

    Some of your questions regarding (none / 0) (#4)
    by BTAL on Mon Jan 23, 2012 at 12:05:53 PM EST
    Safe Haven (and Jerilyn's question on Carpthia) may revolve around the difference between pure data storage/bandwidth infrastructure (Carpathia) and the application layer code (Megaupload).  Unless Carpathia was providing application development/maintenance/operation services they would then clearly be in the Safe Haven - bytes being bytes being bytes.  Whereas, Megaupload owned and controlled the code and business logic controlling and managing the data/content.  A close comparison for Megaupload would be their managing and filtering for malicious virus code as part of their application logic - being actively involved with the content of the data.

    Parent
    Correction (none / 0) (#5)
    by MikeRobinson on Tue Jan 24, 2012 at 12:38:32 PM EST
    Just wanted you to know that you reference DS and JK as Carpathia Hosting employees, but I don't believe DS and JK are the initials of any Carpathia executives.  These initials are probably related to Dave Schaeffer, CEO at Cogent and Jeff Karnes, VP of Sales at Cogent. Regardless, I don't think DS and JK are executives at Carpathia

    thanks, I'll revise (none / 0) (#6)
    by Jeralyn on Tue Jan 24, 2012 at 01:17:27 PM EST
    the post to reflect that the intials may not be of Carpathia execs. Much appreciated.

    Parent