> I mention this context because it's unlikely you would be able to get out of being sued by saying "Well maybe it was my roommate LOL"
Well, the question is whether I'm responsible for the use of my computer network. If someone hacks into it and starts using it without me noticing, am I responsible?
Suppose you lived alone, and this scenario unfolded. The plaintiff would reasonably argue that because you lived alone, you were the infringer. Would a court believe this to be reasonable? The ruling doesn't say. Now, if you then, using your own money, hired a computer forensics tech who discovered evidence you had been hacked, and also surrendered your computer and router in discovery and it was confirmed the router showed signs of unauthorized access and the computer didn't have file sharing programs or the file in question, I think it's fairly clear this court would let you off the hook. On the other hand, if your forensics tech found no evidence of tampering and did find filesharing software on your computer, I think you'd have a much harder time asserting that your alibi causes their allegation to fall apart.
The court is saying "Look, you can't just saying the IP address is the person, you need to offer a reasonable claim that it is". It is not saying IP addresses are useless or that your identity must be proven beyond a reasonable doubt.
Neither my first post nor this post were meant to be normative -- I'm not from the US, the country I am from makes passive filesharing (i.e. uploading while torrenting) more or less legal, and I would be very happy if legal rulings stopped piracy fishing expeditions. I just wanted to describe the substance of the ruling in a more substantial way than the headline did.
The best way I can interpret this is that your post was being deliberately misleading, because you implied that roommates won't invalidate IP authentication, but you actually meant that lying about having roommates won't invalidate IP identification.
GP, if I read correctly, tries to limit the expectations we can have based on this ruling since the circumstances where unusual. (Read GPs post again for more details.)
English is not my first language but GP seemed very clear and easy to read.
Assuming you live/operate the network in the US, it is grey, but your future operation of the open-wifi might be made more difficult.
Have a look here[1] of the potential actions that can be taken against you and your potential response to those.
In the end it will be a matter of how far you and the other party are willing to push this.
This will be different of course if it can be demonstrated that you intentionally ran the open-wifi to bamboozle or encourage illegal use. (because you advertized for or boasted about it in an online forum for instance).
France managed to create a law for that specific reason. France decided that any owner of a connection is responsible for it. So if you invite friends over and they start to torrent movies or else, you will be responsible.
This seems strange. If someone uses my car for a malicious act, or uses my house's electrical connection to damage the grid, or something like that, I'm clearly not liable.
If you put a law like this, why even have a justice system? Either you are guilty of piracy or you are guilty of not securing enough your computer.
Having a case where you are guilty whatever you say makes no sense, especially for something where the damages to society are very abstract and not proven, like piracy.
It's possible to actually nor have your computer used in piracy, and the justice system would still be about proving whether it was. Also, even if there was liability for negligence in security contributing to piracy, it might be lesser than for willful piracy itself.
The law suggested may be bad, but it doesn't remove the role of the justice system in determine the existence and degree of liability.
Interesting. I've never heard this before. Id love to see some statutes or cases here, because it's not clear to me. This behavior isn't unheard of in my neck of the woods
I can't help you regarding the US. I live in Germany and there's a law (§15 StVO) that says "The driver of a vehicle must take the necessary precautions to prevent accidents and disturbances to traffic when they exit the vehicle. Vehicles also have to be secured against unauthorized use."
I had a quick google and I found mentions that you will get fines for this. I did not find an example of something bad happening with an unlocked car.
Depends on the act. In the state of Georgia, at least, if a passenger in the car you're driving throws litter out the window, you're responsible (not that this particular law is ever enforced).
Germany has recently reverted a law like this for Wifi. If you have an open wifi and someone torrents over it, then you're not liable for the illegal activity itself (though a court can force you to install filters and fine you if you didn't and it happens again).
France managed to create a law for that case too. It can be refered as "lack of security". You are also responsible for having a connection that is supposedly secure. If that's not the case ("oh, I have no technical knowledge on how to enable password protection for my network"), you are responsible as well. There are exemples of companies that were fined because of this law.
How does this work for public locations like libraries or Starbucks? I remember when I went to France many places had free wifi (sometimes with password but it's not like it's hard to ask for it).
It is up to the company to "secure" their connection to prevent this type of thing (block some ports that are used to torrent, block websites, ...). We, technical people, know that is such an imperfect law that can be circumvented in so many ways and yet it exists today.
No, unlike something like a firearm which you are legally required to secure and can suffer potentially criminal and/or civil liability if someone steals it and uses it to commit a crime, there is no such legal requirement to secure your network against outsider misuse.
IANAL that’s just my personal understanding / belief.
The key point would be the use would have to be unsanctioned and you were totally unaware. Once you give someone your WiFi password, it’s less clear if you have any liability. I’m not sure of any case where the actual user was known but the person who provided the network connection was blamed.
Network access is fairly universal. The particular method used to access the Internet is practically irrelevant. The actor and the act are what is important, not how the packets are routed.
I believe the legal term you’re looking for is “strict liability”.
Many states don’t actually have laws about securing firearms directly but have a concept of strict liability about what happens if they are stolen, or stolen and not reported.
Have a look through your ISP's terms of use and you might find specific relevant statements there. Operating an open-wifi Internet access setup might be difficult if your ISP terminates your contract.
An example, this is from Verizon[1]
2. Use of your Service and Account and Compliance with Applicable Authority. You are responsible for all use of your Service and account, whether by you or someone using your account with or without your permission, including all secondary or sub-accounts associated with your primary account, and to pay for all activity associated with your account. You agree to comply with all applicable laws, regulations and rules regarding your use of the Service and to only use the Service within the United States (unless otherwise permitted by this Agreement).
3. Restrictions on Use. The Service is a consumer grade service and is not designed for or intended to be used for any commercial purpose. Except as otherwise set forth in this Agreement, you may not resell, re-provision or rent the Service, (either for a fee or without charge) or allow third parties to use the Service via wired, wireless or other means. For example, you may not provide Internet access to third parties through a wired or wireless connection or use the Service to facilitate public Internet access (such as through a Wi-Fi hotspot), use it for high volume purposes, or engage in similar activities that constitute such use (commercial or non-commercial). If you subscribe to a Broadband Service, you may connect multiple computers/devices within a single home to your modem and/or router to access the Service through a single Verizon-issued IP address, and if available through the Service, you may permit guests to access the Internet through your Service’s Wi-Fi capabilities. You also may not exceed the bandwidth usage limitations that Verizon may establish from time to time for the Service, or use the Service to host any type of server. Violation of this Section may result in bandwidth restrictions on your Service or suspension or termination of your Service.
Well, the question is whether I'm responsible for the use of my computer network. If someone hacks into it and starts using it without me noticing, am I responsible?