Syzygy noted likely resistance to 'Kazaa offerings that go beyond music, seem complex, require payment, or position the site as a place to linger'.
186 Nobody could read the Syzygy report without realising that, in May 2003, Kazaa was being predominantly used for music file‑sharing. A reader who had even a general understanding of copyright law would also have realised this necessarily involved copyright infringement on a massive scale.
187 Copies of the focus group report went to Ms Hemming, Mr Morle, Mr Bermeister (who actually attended the focus group meetings) and Mr Rose. Mr Morle admitted reading the report. It may be inferred, the more readily because of their failure to give evidence to the contrary, that Ms Hemming, Mr Bermeister and Mr Rose also read the report.
188 There is other evidence as well. Mr Rose's email exchanges with Mr Kasesula proceeded on a common understanding that copyright‑infringement was pervasive. Mr Bermeister's email of 18 May 2003 to Ms Hemming, Mr Morle and Mr Rose (amongst others) discussed ways of getting 'an even more focussed message' to the 'geek' group that they should increase file‑sharing. I doubt that any recipient would have thought Mr Bermeister was referring to Shakespeare or Don Quixote.
189 Mr Morle, the only respondent who gave evidence, readily admitted he knew copyright infringement was rife. That is why, he said, he had 'spent a lot of time thinking about filtering and considering how that would be done'. That is also why, he said, he had discussed filtering with Ms Hemming. I do not accept he did either of these things. However, that he thought it necessary to make the claim is revealing.
190 At paras 78 and 86, I noted Kazaa website exhortations to users to increase their file-sharing. Increase in sharing was a fundamental theme of Kazaa's 'Join the Revolution' campaign (paras 81-84). It was also a major theme of Mr Bermeister's email comments on the focus group sessions (para 155 above).
191 It is understandable that the respondents would wish to increase file-sharing. Kazaa is apparently sustained by advertising revenue. It is a fundamental of advertising marketing that price is sensitive to the exposure likely to be achieved by the advertisement. The more shared files available through Kazaa, the greater the attraction of the Kazaa website. The more visitors to the Kazaa website, the greater its advertising value and the higher the advertising rate able to be demanded by Sharman. And what is more likely to attract large numbers of visitors to the website than music, especially currently popular 'hits'?
192 Theoretically, it would have been possible for Altnet to establish a paid access system that operated independently of unpaid access; gold files without blue files. However, the focus group discussions indicated such a system would have little appeal to Kazaa users. The benefit to Altnet of association with Sharman was twofold. First, Altnet was able to 'feed off' users' searches for blue files. If a user entered the name of a musical item or performer, seeking to obtain free access, he or she could be offered a selection of gold files that might be of interest to the user, having regard to the nature of the search. Any increase in the volume of blue file searches would be likely to increase the number of people who ultimately elected to take, and pay for, a gold file. Secondly, Altnet shared the advertising revenue received by Kazaa, the value of which must have been influenced by the volume of blue file sharing.
193 There is no evidence that any of the individual respondents, Ms Hemming, Mr Morle, Mr Bermeister or Mr Rose, benefited personally from any increase in Kazaa's or Altnet's prosperity. Some may have done so; according to him, not Mr Morle. However, it was presumably in the interests of all these respondents that their employer should remain active and prosperous; certainly, they had no contrary interest.
194 In short, I find that all the respondents knew the predominant use of Kazaa was for the sharing of copyright-infringing material. None of them had an interest to prevent or curtail that predominant use; if anything, the contrary. Each of the respondents was at least acquiescent in the use of Kazaa for copyright-infringing activities.
(ii) Technological controls
(a) Direct control through a central server
195 Sharman's ability to control - or, at least, to influence - the conduct of Kazaa users is the most contentious factual issue in this case. A major element in that issue was whether there is a Kazaa 'central server'.
196 It is desirable to state what the witnesses meant by the term 'central server'. It was common ground that a new user obtains the Kazaa software by logging on to the Kazaa website and pressing various icons. The software is then provided through a server controlled by Sharman. In one sense, that is a 'Kazaa central server'. It is a server maintained on behalf of Sharman and has direct access to the new user's computer. However, that is not what the witnesses meant by 'central server'. They meant a computer software system that enabled the respondents, or one of them, to control the user's subsequent use of the downloaded Kazaa software, especially the user's file-sharing activities. The respondents' technical witnesses, including Mr Morle, asserted that the Kazaa system does not include such an element in relation to blue files. Counsel for the applicants contested this assertion. Although unable to adduce direct evidence of the existence of a central server, they argued there were a number of circumstances pointing to that conclusion. The contest about this matter is what the parties called 'the central server issue'.
197 In support of their position, counsel for the applicants noted the terms of the API document (exhibit H). This document was produced on discovery by the Sharman respondents. It seems to have been designed as an instruction manual. It purports to describe the Kazaa system. It contains, as an annexure, what purports to be the Kazaa programming source code, called 'KazaaLib'. However, no witness gave evidence that this is, indeed, the source code that operates the Kazaa system.
198 On page 6 of the API, a statement is made that usernames are registered within a specific realm. The document goes on:
'There are multiple realms, each running their own central Kazaaserver along with their own user database. Realms do not have separate networks - they all share a single network; realms exist just for user registration and identity purposes. Your KazaaLib will connect to one of the realms; the realm choice is hardwired into compiled code of KazaaLib. In most KazaaLib API data structures, user realm appears as a suffix of the username.'
199 On page 7 of the API, reference is made to the 'arguments' required for connection of a new user, namely an email address and an election by the user as to receipt of a newsletter. The document states:
'Both are passed to Kazaaserver for inclusion into the user database. They are not directly used by KazaaLib, and their validity is not checked.'
200 On page 8 of the API, reference is made to the situation where authorisation cannot be verified because the 'Kazaaserver could not be contacted'.
201 These statements were considered by one of the applicants' expert witnesses, Leon Samuel Sterling. Professor Sterling is Professor and Adacel Chair of Software Innovation and Engineering in the Department of Computer Science and Software Engineering at the University of Melbourne. Since receiving a Doctor of Philosophy degree from Australian National University in 1981, he has been involved in testing and research at many institutions, both in Australia and the United States, and has published widely in the field, amongst others, of software engineering. I thought him to be a fair and careful witness.
202 In a document (exhibit L) containing propositions that were advanced by the applicants' technical experts, including Professor Sterling, but not accepted by the respondents' experts, a reference was made to the existence of Kazaaserver. During the course of cross-examination, Mr M Leeming, junior counsel for the Altnet respondents, asked Professor Sterling about this. Professor Sterling said the sole evidence for Kazaaserver's existence was the API document. The cross-examination went on:
'So is this the chain of reasoning? You say by reference to functionality that you can see in the API document that whoever wrote that certainly thought there was such a thing as [a] Kazaa server? --- I think it's the other way round. I think the system was designed, and again my attempt in design level, so the overall system was designed with the belief that a Kazaa server would be present. The API document was constructed to allow people to refer to a Kazaa server and I don't know what in fact is happening but it was designed in an attempt for there to be a Kazaa server.
…
What I want to put to you is that you know that although the document says that there's a central Kazaa server you know that that hasn't been implemented in any of the versions of the source code that you've seen. That's where I'm heading. Do you understand the proposition I'm going to debate with you? I'm not asking for a response but that's where we're going? --- This is a very complicated system because there's a division of other sets of software. I don't know if the Kazaa server isn't sitting inside the FastTrack network. I don't know a range of things because I haven't been able to look at that and so again I don't know very much about it. I saw evidence referring to a Kazaa server which led me to believe that it was designed with that in mind and I don't know one way or the other how it's actually working and I don't have the resources to be able to - I didn't have the time nor was [I] presented with a document to be able to satisfy myself.
So the first thing is you couldn't be definitive in expressing a view about the existence of [a] Kazaa server? --- No.
Because of the reasons you've just enunciated? --- Yes.'
203 Mr Leeming had Professor Sterling agree that, when he logged into Kazaa, he was not asked for a password or an email address. He was asked for a username, but there was no authentication process.
204 Mr Morle said in evidence that, to his knowledge, there was nothing that 'answers the description of a Kazaa server'; the first time he heard this expression was during this proceeding.
205 In Mr Morle's first affidavit, he stated that none of the (then) respondents 'provides any form of customer support for the KMD software'. He said the respondents (that is, the Sharman parties) provide to users only a fixed user guide and 'a set of Frequently Asked Questions, with responses on the Kazaa Website'. Mr Morle conceded, under cross-examination by Mr Bannon, that his affidavit made no reference to assisting users to deal with bugs. However, he maintained the affidavit was essentially correct; although users could send in bug reports they were referred to a website for assistance in solving their problems. As I understood him, Mr Morle was insistent that Sharman itself had no ability to rectify the bug by manipulating the user's software.
206 Mr Morle acknowledged that, at one time, Sharman collected users' email addresses. When asked how the addresses were collected, he said:
'There was formatted to the Kazaa user interface which asks the user if they would like to sign up for a newsletter and asks them for their email address as they did and that was displayed to the user when they first ran Kazaa. If the user did add an e-mail address to that form, that e-mail address was sent to a web server.'
207 Counsel for the applicants contended there was 'no satisfactory explanation … as to why the computers collecting the email addresses did not constitute the Kazaa server'. They added that, if the Danish computers have been decommissioned, 'there is no evidence that they have not been replaced by computers elsewhere'. In any event, counsel said, there are 'Altnet servers which, on any view, are in direct communication with all Kazaa users'.
208 Counsel for the applicants submitted:
'The appropriate conclusion as to the appearance on a Kazaa user's screen of statistics as to the number of users online and the number of files being shared is that there is a central body receiving the individual statistics from individual computers and adding them together. Explanations which do not accept this are unpersuasive.' (footnote omitted)
209 I agree with counsel's observation about the lack of a persuasive explanation as to the collection of statistics. During the course of the trial, several of the respondents' witnesses were asked to explain how it was possible for the Kazaa website to run a dynamic report of the number of persons currently online, if there was no central server counting those people. Mr Morle said the figure was actually of people using FastTrack, not all of whom would be using Kazaa. To the extent that is true, the website statement is false and misleading. However, Mr Morle's response does not solve the mystery; the respondents claim the FastTrack system also does not contain a central server.
210 Perhaps the most plausible suggestion offered by any witness was that the statistics are collected by communication between supernodes. An analogy was postulated of a group of fathers who formed a circle in a park. The first father told the second father he had two children; the second father added his three children and gave the figure 'five' to the third father etc. Once the counting had gone full circle, the last person could announce the total figure to the assembled fathers. However, if the analogy has any bearing on this problem, the result would also have to be communicated by one of the supernodes to Sharman. How?
211 More significantly, the envisaged group of fathers was relatively small and able to be formed into a static circle. That envisaged situation stands in marked contrast to the present question. There is an enormous number of supernodes in the Kazaa system and they are anything but static. Supernodes are constantly being opened up and closed down. No witness was able to explain, and I cannot imagine, how a progressive count between supernodes could be organised. If the claimed online figure has any validity, the most natural explanation seems to be that all the nodes (or at least all the supernodes) are constantly conveying use data to a central server.
212 In their Closing Submissions, counsel for the applicants referred to an email from Mr Rose to Mr Morle dated 4 April 2003. This email responded to a request from Mr Morle to Mr Bermeister to explain the rationale of having Altnet files download to a separate Altnet folder. Mr Rose gave reasons for this decision and explained:
'Based on the above, I engineered a system that met our business decision to keep two separate folders, but allows me to switch to using the Kazaa folder at any time, even post release, in case consumer feedback indicates users are having problems finding their Altnet files.
213 Counsel said this passage shows Mr Rose was able, post-release, to control what occurred on a user's computer. They added:
'Rose's failure to give evidence as to the remote alteration capacity of the Altnet technology (or, indeed, at all) supports the inference in favour of the availability of forced updates.'
214 In this context, by the term 'forced updates', counsel meant updates directly imposed upon users from outside, whether the users liked this or not; as distinct from updates that the users themselves accepted, even if only as a result of pressure. Counsel's point, as I understand it, is that a true forced update is possible only if there is a central server giving Sharman the ability to manipulate the user's computer software.
215 Counsel for the applicants also referred to a passage in the 'Altnet Presents Peercast' document referred to at paras 139-140 above. The passage was as follows:
'Most P2P applications consist of an EXE file architecture that requires the user to manually run the P2P application. The CloudCast system includes the b3d Installer, an ActiveX component that allows an [sic] web site that the user visits to instantly take advantage of the available P2P services. Approx. 40M P2P-connected users (approx. 15% of the active world-wide internet population) have the b3d Installer present on their machines, providing potential customers and partners with a massive group they can immediately reach. The b3d seamless-installation technology allows this user base to be reached even for new and previously unreleased applications, effectively future-proofing the existing KaZaA user base.'
216 Counsel also referred to an Altnet document dated 11 November 2002 called 'Altnet Phase 2: Technical Description' ('the Altnet Phase 2 document') which described 'the software that Altnet intends shipping with Kazaa starting January 2003'. The software included the Altnet Download Manager which was said to have the following features:
'l Download Manager is an ActiveX control that allows web pages to connect to the P2P stack.
· Download Manager is also used by the Dashboard to download its instruction list, download resource-sharing files, etc.
· Download Manager allows Altnet to sell TopSearch content into web sites as well as into Kazaa.'
Counsel argued these two Altnet documents 'indicate a significant remote capacity in the TopSearch functionality which has not been explained away by evidence from any person on behalf of Altnet or BDE.'
217 Counsel for the applicants observed, correctly I think, that 'it is common ground that the Kazaa software supplied to new users contains a hard-wired list of IP addresses'. They said that, 'when a new user downloads the Kazaa program, the software attempts to communicate with at least one of those addresses'. Counsel then argued:
'it is essential for the effective operation of the software that the new user makes contact with a live supernode IP address on installation. The computer at such a live supernode IP address provides the new user with an updated list of supernode addresses and the new user connects with its relevant supernode. There is evidence that on the assumption the system is self-organising, a supernode's existence may be shortlived or not continuous. There is also the earlier evidence that some IP addresses can change … The prospect that a commercial enterprise would leave to chance the possibility of one of those hard-wired IP addresses still being a current supernode in circumstances where a live address was critical to the useability of the software by the new acquirer and having regard to the volatility of an ordinary supernode's life, must be nil.' (footnotes omitted)
218 Counsel argued this conclusion supported an inference of the existence of a central server. They said:
'The API indicates that there is a capacity in the recipient of the API, i.e. Sharman, to force a computer to be and remain a supernode. The clear inference is that someone, the obvious candidate being Sharman, is controlling one or more supernodes to ensure that one of the hardwired IP addresses will permit a new user to connect to the system. … It being concluded that that prospect is not in fact left to chance but is controlled, the ready conclusion is that there is a central server.'
219 Counsel for the Sharman respondents argued there was no evidence of the existence of a central server, in the relevant sense of that term. In their Closing Submissions, they said:
'Once a user installs KMD, Sharman's ongoing interaction with the user is limited to the following:
(a) display of content from the Kazaa website on pages of the GUI;
(b) invitations to the user to upgrade to new versions of KMD; and
(c) receiving "bug" reports from users and referring them to the Kazaa website for assistance.
Other entities have ongoing relationships with users as follows:
(a) Akamai Technologies, which hosts the Kazaa website, has the ability to know the IP address, country and version of KMD pertaining to users;
(b) Altnet receives limited statistics regarding successful TopSearch searches and downloads; and
(c) third-party advertisers send advertisements to appear in the GUI, either as "banner ads" or "pop-up ads".'
220 Counsel also said that, if there were a Kazaa central server, 'it would be one of the largest concentrations of computing power on the planet'. Counsel asserted there would be 'immense problems of scalability and exposure to denial of service attacks'. They cited affidavit evidence in support of those assertions. However, the cited passages do not sustain the assertion. The passages merely make the point that peer-to-peer technology reduces the problems of scalability and service denial. Nobody has argued that a consequence of there being a Kazaa central server would be that all file-sharing traffic would be routed through that server. Altnet is an example of a system that combines a central server (TopSearch) with provision of music files from other sources. No evidence suggests there would be a problem of scalability or service denial if Kazaa was organised in the same way.
221 Counsel for the Altnet respondents submitted there are only 'three points of contact between Sharman and a user'. They were:
'(a) on the initial download and installation of the KMD;
(b) on the execution of the KMD;
(c) upon uninstalling the KMD.'
222 The initial download and installation is effected on Sharman's behalf by Akamai. On execution, the user sees advertising and promotional material sourced from Sharman's website, as well as some advertising material sourced from elsewhere. On uninstalling Kazaa, the user is given the option of providing a comment to Sharman.
223 Professor Sterling said that, other than these three contacts, 'there was no obvious communication to Sharman that he "could see in the code"'. He was assuming that the source code produced for his inspection was the source code currently used in the Kazaa system. This was not proved to be so. However, if Professor Sterling's assumption was correct, his evidence tends to negative the existence of a Kazaa central server.
224 The arguments of the applicants on this issue have force, especially in the absence of evidence confirming that the source code seen by some of the expert witnesses was identical to that actually used by Sharman. Moreover, no evidence was called from anybody who had been involved in the design of the system, such as Mr Kasesula. That would not have been because of the cost of bringing a foreign witness to Australia. Evidence could have been taken by videolink. Anyway, the Sharman respondents were prepared to spare no expense. They brought two experts out from America. Although one of those experts, Professor Tygar, made a commendable effort to understand the system, without being certain that it corresponded with what he understood to be the source code, it would have been preferable to have had an explanation of the system from one of the people who devised it.
225 On the other hand, Mr Morle (who should know) insisted there was no Kazaa central server. In some respects, I was not favourably impressed with Mr Morle. He tended to prevaricate and spar with counsel. He claimed total ignorance about matters of which he must have had some knowledge, such as Sharman's financial and administrative affairs. If he is to be believed, he had an astonishing lack of curiosity about the source and authenticity of the dynamic user figures that continuously appear on the Kazaa website. Yet I hesitate to conclude Mr Morle told a deliberate lie - it would have had to be that - about such a fundamental matter as the non-existence of a central server. This was an important matter directly within his area of responsibility.
226 The two American experts called by counsel for the Sharman respondents were Keith Wimberly Ross and Justin Douglas Tygar.
227 Professor Ross is Professor of Computer Science at the Polytechnic University in Brooklyn, New York. He has taught computer systems engineering at university level since 1985 and has published widely. At the time of giving evidence, he was researching aspects of peer‑to‑peer networking pursuant to three grants provided by the National Science Foundation, a United States government agency. The professor was obviously well qualified to give expert evidence in this case. However, my confidence in him was shaken during the course of his cross‑examination.
228 Mr Bannon showed Professor Ross a draft of his report that contained a passage dealing with the relationship between Joltid's PeerEnabler software (used in FastTrack) and Altnet's TopSearch technology. The draft shows exchanges between Professor Ross and a solicitor at Clayton Utz, acting for the Sharman respondents. Professor Ross initially wrote the words: 'The Altnet TopSearch Index works in conjunction with the Joltid PeerEnabler to search for Gold Files'. The solicitor crossed out this sentence on the draft and suggested a substitute sentence: 'TopSearch searches its own Index file of available Altnet content and PeerEnabler is not needed or used for this, other than to assist in the periodic downloading of these indexes of available content'. Professor Ross replied: 'I was not aware of this, even after our testing. But if you say it is so, then fine by me'. He left the solicitor's words in the draft.
229 When Mr Bannon asked about this, Professor Ross responded:
'Unfortunately, I don't have the report memorised. But it is my recollection that I was not comfortable with this and I took it out in the end. But I would like to see my report to confirm that.'
230 Mr Bannon then showed Professor Ross the email showing the solicitor's response to his 'fine by me' reaction. The solicitor said: 'Keith, we want to try to avoid you being exposed to criticism so how about'. The solicitor then suggested the sentence that appears in Professor Ross' final report. The cross-examination went on:
'You see it wasn't you feeling uncomfortable. Clayton Utz said, well, in effect, Keith we want to try and avoid you being exposed to criticism, so how about something different. And they ruled out what you were otherwise prepared to swear up to based solely on their say so? --- I wouldn't agree with that. I wouldn't have been comfortable putting it into the final report I suppose unless I was given further evidence of this fact.
That is not what you communicated? --- Well you have to read between the
lines. I said that we had phone calls as well and during the phone
conversations often I would indicate that there were some things I was
uncertain with and I would want an additional explanation or justification.
You said: "If you say it is so then fine with me." That is all you said? --- Once again I do not have my final report in front of me so I am not 100 per cent sure what I put there. But again in saying this I just know the way I am personally. What I am saying there: "Fine with me, once you give me additional proof".'
231 I cannot accept that explanation. I am forced to conclude that Professor Ross was prepared seriously to compromise his independence and intellectual integrity. After this evidence, I formed the view it might be unsafe to rely upon Professor Ross in relation to any controversial matter. Of course, that does not mean his evidence should be totally disregarded.
232 Professor Tygar seemed a more reliable witness. He is Professor of Computer Science and Information Management in the Department of Electrical Engineering and Computer Science at the University of California, Berkeley. He obtained a doctorate from Harvard University in 1986 and has taught computer science since that time. Professor Tygar has consulted for both industry and government, been a member of some government committees concerned with computer science and published widely.
233 Both Professor Ross and Professor Tygar asserted there was no Kazaa central server. For the reason I have indicated, I am not prepared to place much weight on this aspect of Professor Ross' evidence. However, I was impressed with Professor Tygar. He not only has excellent credentials; he had done his best to understand the Kazaa system, including studying the relevant part of what he understood to be its source code. Professor Tygar seemed to be attempting to assist the Court. He was aware of the central server issue, and its importance, and expressed a considered opinion about it. It is true, as the applicants emphasised, that it is not clear that Professor Tygar has had access to all relevant portions of the Kazaa source code; or even that what he was given was the source code actually used in the Kazaa system. However, Professor Tygar has spent much time examining the operation of that system. He is familiar with Kazaa's American counterparts. Under those circumstances, and especially as none of the applicants' experts was able conclusively to demonstrate the incorrectness of Professor Tygar's opinion, I am not prepared to find he is wrong in concluding that the Kazaa system has no central server.
234 There may be other explanations of the points raised by the applicants. There is room for doubt as to the true meaning of the API passages relied on by the applicants. Alternatively, as constructed, the Kazaa system may not have been conformed to the structure suggested by that document. Another possibility is that the system was modified after construction to remove the central server. The dynamic screen numbers of online users may be obtained in some unexplained way, but without use of a central server. The numbers may be estimates or simply made up. There may be a limited number of continuously-operating supernodes that supply IP addresses to new users.
235 There is no doubt that TopSearch is capable of monitoring and controlling the conduct of Kazaa users in relation to gold files. TopSearch is a central server, in the relevant sense, but (at the present time) only in respect of gold files. Although there is reason to suspect that there is, indeed, a Kazaa server that is capable of doing the same thing in relation to blue files, I am not prepared to make a finding to that effect.
(b) The range of indirect controls
236 However, counsel for the applicants argue that, even if there is no such central server, other measures were available to the respondents, but not put in place, that would have prevented (or at least limited) infringements of their clients' copyrights by Kazaa users. These were summarised in a document (exhibit L) prepared by the applicants' technical witnesses as follows:
'Filters
1. The system could have been adapted and could be adapted to include non-optional filters which exclude the display in search results of Blue Files (but not Gold Files):
(a) with .mp3 file extensions; or
(b) any metadata of which matches a list of regularly updated keywords associated with artists and song titles in the Applicants' catalogues of sound recordings; or
(c) any metadata of which matches a list of regularly updated file hashes of versions of sound recordings in the Applicants' catalogues of sound recordings; or
(d) Boolean combinations of the above.
2. If there existed any authorized or public domain material the distribution of which would be prevented by any such filters of the type referred to in the preceding paragraph, such material could be distributed as Gold Files.
"Don't Share" Flag
3. The Respondents could have caused and could cause the setting of "don't share" flags to Blue Files identified as mp3 copies of sound recordings in the Applicants' catalogues which would have the effect of preventing the sharing of those files.
Monitoring
4. The system has a present capability of collecting and causing to be forwarded statistics and information in respect of individual users, including:
(a) username, user password and realms;
(b) IP addresses and country codes;
(c) file names;
(d) file hash values;
(e) metadata about files including title, author and keywords;
(f) content stored in individual files in "My Shared Folders";
(g) search results.
5. The Respondents could have regularly monitored and could regularly monitor individual Kazaa users' My Shared Folders to identify mp3 copies of sound recordings in the Applicants' catalogues.' (footnotes omitted)
I will discuss these possibilities, although not in that order.
(c) Monitoring of Kazaa users' files
237 Tom Mizzone is Vice President, Data Services, of MediaSentry Inc ('MediaSentry'), a company based in New York that provides online anti-piracy services. He heads a department that uses a platform known as 'MediaTarget' to collect information from computers. He has worked with colleagues to develop 'techniques to scan for, detect, and download copies of copyrighted material on multiple network protocols for use by copyright owners'. He said MediaSentry's technology 'tracks many popular distribution mediums including P2P networks … using sophisticated scanning and detection software, to locate files that are suspected of infringing the rights of copyright owners'.
238 Mr Mizzone came from America to give evidence in this case on behalf of the applicants. In doing so, he was concerned to maintain the confidentiality of many of his employer's documents. He produced some manuals as confidential exhibits. However, in open affidavit evidence, he said:
'MediaSentry searches peer-to-peer networks for individuals whose computers are sharing type[s] of files with other users, such as music files and movie files. In the case of users of the Kazaa Media Desktop program, these are users who are sharing files from their computer, usually from a designated shared folder. These searches are undertaken for only publicly available files, being files that can be accessed and downloaded by any other user of the relevant system.
MediaSentry uses the same core technical processes that are used by peer-to-peer users to identify users. MediaSentry does not do anything that any user of a peer-to-peer network cannot do and does not obtain any information that is not available to anyone who logs onto a peer-to-peer network as a user.
When MediaSentry searches for music files on the peer-to-peer network, it views the files that each P2P user is disseminating to others, it obtains the IP address and screen name of each user, and downloads a selection of files offered by each user. These are all functionalities that are built into the peer-to-peer protocols for the relevant peer-to-peer service, including the Kazaa Media Desktop, whether or not this information is always visible to a user in their specific peer-to-peer program.
In view of the potentially vast numbers of users of peer-to-peer networks, MediaSentry uses additional criteria to identify users with music files. It does this by using software that lexically compares the titles of the music files being shared on other users' computers with lists of music titles provided to MediaSentry by copyright owners.
When files are being downloaded, MediaSentry makes a record of the IP address used by the source computer. The process of downloading files from another computer involves the transmission to the receiving computer of information from the source computer such as the user's screen name (an alias chosen by the user, such as "Name@KaZaA") and the IP (Internet Protocol) address of the user. An IP address is a number that, along with the date and time, can be used to identify a computer using the Internet at the time.
Once connected to the user's computer, MediaSentry seeks to determine what other files the individual is offering to others for download. Kazaa and other file-copying programs permit users to share all of the files in their "share" folders, and they contain a feature that permits users to browse the entire share folder of another user. MediaSentry invokes this feature of the P2P program and is able to determine whether the individual user is offering for download one or more files and information about them.
Using a feature of the peer-to-peer software, MediaSentry captures a list of all of the files that the user is offering to share. MediaSentry collects this information in two forms. First, MediaSentry takes screen shots, which are actual pictures of the screens that MediaSentry or any other user of the peer-to-peer network can see when reviewing the files being offered. Second, MediaSentry creates a text file that includes all of the information on the screen shots, such as the names of each file and the size of each file, as well as additional information (called "metadata") about each file. Metadata may include a wide range of information about a file. Metadata, for example, can include information that identifies a person who originally copied the file or was the source of a file.
Once MediaSentry has the list of files being offered, it searches the list of files for copyrighted works owned by the record companies. Files offered by peer-to-peer users generally specify the name and artist of the song being disseminated, as well as the file type ("audio" for most music files) so it is relatively simple to identify files that are likely to be copyrighted sound recordings. In most cases involving peer-to-peer users offering hundreds or thousands of files for download, this search process uncovers substantial numbers of files that appear to be sound recordings whose copyrights are owned by the applicants.
Once MediaSentry has found a user offering files that appear to be music files owned by recordings companies, or that can be matched with a list of music files, MediaSentry downloads (as any other peer-to-peer user could) examples of them as complete files. They are then stored on MediaSentry's computer equipment.
At the end of its evidence gathering with respect to any individual user, MediaSentry has usually gathered the following:
(a) individual audio files that appear to be copyrighted sound recordings that the individual is disseminating unlawfully;
(b) a user log identifying all of the files that the individual was offering for download, as well as metadata about each of the files being offered;
(c) screen shots of the user's share directory that show the files the individual was offering for download; and
(d) the IP address, date, and time of the infringement, as well as the alias chosen by the individual (the user name) when participating in the peer-to-peer network.
…
The gathered information can then be reported to copyright owners.
MediaSentry's process has multiple fail safes to ensure that the information gathered is accurate, including numerous steps to check and double-check the IP address of the potential infringer to prevent misidentification. MediaSentry also undertakes substantial and frequent audits to make certain that all of its systems are functioning correctly.
MediaSentry is not a subject matter expert on any music files identified with a peer-to-peer user and downloaded and therefore does not evaluate whether the files that it downloads are sound recordings whose copyrights are owned by record companies.'
On two occasions, in 2003 and 2004, MediaSentry carried out an investigation of this nature in relation to Australian KMD users.
239 In oral evidence, Mr Mizzone said MediaSentry had 500-600 scanners deployed. The scanners can search the FastTrack network to find those that have Kazaa loading. He said: 'We use a technique called subclassing to control the Kazaa application without a human needing to be in front of the computer'. His evidence went on:
'How do you know you're dealing with for example an Australian user? --- The results that we get back from the Kazaa application when we do search, the application itself provides us with an IP address of the end-user that had what appears to be the infringing material. We then do a "look up" of that IP address against a data base, in this case would be apnet.org which is the Asia Pacific network information centre. There would be authoritative body of IP address allocation in this area and to the extent that it is an IP address that has been assigned to a service provider in Australia we consider that user to be located in Australia.
What's the mechanism by which you can identify the IP address of the user's file you're looking at? Is it some sort of signal which goes down the line and bounces back or what is it? --- Sure. We have a few steps and a couple of double-checks in which we do. At this level though the initial search we get that IP address from a file that Kazaa deposits on our scanners' hard drive. It's called a DAT file. That DAT file contains specific information about the user that responded to the search. Information such as IP address of the user core in which we're communicating with that user on file checks on metadata related to the file. All that gets stored in the data base. At that point we run the "look up" on that IP.'
240 Before commencement of cross‑examination, I asked Mr Mizzone to confirm my understanding of his evidence in chief.
'Mr Mizzone, I want to take you back to what Mr Bannon asked you, … just to make sure I am understanding what you say. I understand that you have got a big operation. But am I right in thinking that effectively what you do, although in an automated multi-machine environment, is to do what a person can do on a single computer; is that what you claim? --- That is correct.
And that involves, you go into the Kazaa system and you can identify a person who is using their computer, having logged into the Kazaa system, in connection with a particular file which is on a list you have been supplied by a client? --- That's correct.
I gather you can only pick them up if they are actually using it at that moment? --- That's right.
If they used it ten minutes ago and closed down the computer you wouldn't be able to find that out, you wouldn't be able to ascertain that they had swapped that file ten minutes earlier or played the file? --- That's correct.
So what you are doing is, you are in effect spying on a person who is in the act of downloading, is that what enables you to pick it up? --- We look for people that are sharing or distributing, we do a search for a file, the results that come back to us are individuals that have that file and a share directory, making it available for downloads.
Well, I gather if they have it in their My Shared File, you could get access to it in the same way as any other Kazaa user could get access to it? --- That's correct.
But your ordinary Kazaa user wouldn't know which node they were accessing at that time? --- That's correct, although there are ways in which you can see which IP addresses are connected to your computer.
Yes, explain that? --- Most operating systems allow you to run a command and NetStat is one of them, where you could at any time see the IP addresses which are connected to your system.
Are you saying an ordinary user could do that? --- Sure.
Well, perhaps not an ordinary user, because no doubt there are vast levels, different levels of sophistication, but ordinary equipment would allow you to identify the IP user address, is that what you are saying? --- That's correct, and the Kazaa application as you start a download puts a file in your share directory, the downloader share directory which contains the remote user's IP as well.'
241 Mr Mizzone claimed his company had technology to avoid decoys (false leads) and spoofs (icons that never begin to download or transmit).
242 Cross-examining counsel did not challenge Mr Mizzone's account of his company's activities, although they did obtain concessions of the importance of the company's technology in being able to operate on this scale. Mr Mizzone agreed his computers would only pick up a shared file that used the name given to him by his client record company. He also agreed it would not be possible to connect to a user who had a firewall in place. There were also other steps a user might take that would impede the gathering of information.
243 Mr S G Finch SC, senior counsel for the Altnet respondents, led Mr Mizzone to speak of the specialised nature of his software and asked: 'You wouldn't be happy just to give it to us, would you?' Mr Mizzone replied: 'I would prefer not to'. Mr Finch responded: 'All right. We won't negotiate a fee in open court'. He then went to another subject, leaving unresolved the question whether MediaSentry might, for a fee, license the use of its software by others.
244 From a comment made by Professor Ross in an email to Clayton Utz, it seems he is engaged in research similar to the work done by MediaSentry. Professor Ross did not dispute Mr Mizzone's evidence. Particularly in that situation, I see no reason not to accept the evidence. However, it is necessary to remember that the information his company was able to gather was the result of an intensive (and no doubt costly) operation using highly sophisticated equipment.
(d) User identification system
245 Counsel for the applicants also argued the respondents could have taken steps to ensure they would be able to enforce the licence conditions in relation to copyright infringement. Counsel submitted:
'For example, new users could have been obliged to provide details such as name, residential address, email address and home and work telephone numbers. In addition, details such as the location of the computer on which the software was being installed including the owner of the computer and whether it was used as part of a business and if so the name of the business. … there is no reasonable basis for assuming that a majority or even a substantial number of Kazaa users would provide false information on registration.
Another aspect of this is that by default "all incoming instant messages" are blocked.
The evidence suggests that Altnet has installed unique machine IDs in each Kazaa user's computer ... To the extent that that is not so, a machine ID could have been installed by the Respondents in each user's computer. In that way, personal details could be associated with identified activity in relation to that machine.
Further, rather than give users the option of preventing searches of other files in their My Shared Folder, users could have been informed that monitoring of My Shared Folders for the purposes of ensuring compliance with the licence conditions was a right which Sharman reserved and would exercise. Ensuring that the instant messaging facility could not be blocked by users could also have been an aspect of the system provided by the Respondents.
The removal of the veil of anonymity is likely to have a dramatic impact on unauthorised music file creation and exchange.' (footnotes omitted)
246 As counsel explained, instant messaging is a facility that enables contact with a Kazaa user; making the facility optional allows the user to prevent that contact and so reduces Kazaa's control.
247 In their joint response to the applicants' technical experts (exhibit S3), Professor Tygar and Professor Ross said:
'The Kazaa UI has no capability of collecting and causing to be forwarded to Respondents statistics and information about individual KMD users. Although the KazaaLib API document contains information suggesting that user information could be provided to a central server, no evidence exists that such function or necessary hardware exists. To the contrary, evidence shows that no central server for collecting user information exists. Furthermore, there is no evidence that, even if a server for collecting user information existed, that information contained in subparagraphs (c) through (g) would be passed to a central server.'
248 Professor Sterling was asked about a requirement for user identification. He thought it to be a possibility but he said he had not done the research about technical issues necessary to determine whether it was truly practicable. He said it would involve some redesign of the software.
249 Having regard to the technical evidence, I am not able to conclude it would be practicable for Sharman, in the absence of a central server, to implement a satisfactory system of obtaining particulars of users' identities.
(e) Termination
250 The Kazaa's website states:
'All users should understand that KaZaA has a no-tolerance policy with respect to child pornography and other obscene material. If at any time, KaZaA finds that you are using KaZaA to collect or distribute child pornography or other obscene material, [KaZaA] reserves the right to permanently bar you and your computers from accessing KaZaA and other KaZaA services. You agree that any termination may be without prior notice, and acknowledge and agree that we may immediately deactivate or delete your KaZaA account and all related information and files, and/or bar any further access to such files.'
251 This policy assumes that Sharman is able to monitor a user's use of Kazaa and disconnect a user who offends the policy. Counsel for the applicants ask, if this is possible, why is it not possible to take the same action in relation to users who contravene copyright? They also point to cl 6.4 of the Joltid Licence agreement (see paras 102-106 above) concerning the effect of termination of the licence granted by Joltid to Sharman. That clause provided:
'Following termination of Licensee's rights to the Licensed Software, if ever, Licensee shall promptly discontinue the use of the Licensed Software and, at Joltid's instruction, given in the exercise of Joltid's sole discretion, shall, or shall permit Joltid to, deactivate, return, overwrite, and/or delete the Licensed Software and Joltid Confidential Information then in its possession and eliminate the ability of End Users to download additional Content using the Licensed Software. In addition, Licensee agrees that following termination of Licensee's rights to the Licensed Software, if ever, Joltid may through means available to Joltid, including by accessing the Licensed Software remotely or otherwise. (1) disable in whole or in part the Licensed Software and/or (2) prevent Licensee from using the Licensed Software to communicate with any or all End Users, and/or (3) prevent End Users from downloading additional Content via the Licensed Software, and/or disseminate any Update, or otherwise supplement, modify, render inoperable, or alter in any way the Licensed Software.'
252 As counsel observed, this clause is 'consistent with the view that the Kazaa software has a remote termination capability'. The clause suggests means of forcing an update on a user. It provides support for the suspicion that there is a central Kazaa server. However, having regard to other evidence relevant to that issue, I remain unprepared to find that such a server exists; in which case the threat of termination of pornography sharers' access is an empty threat incapable of fulfilment. Moreover, to the extent that it is impossible to monitor users' use and to force user identification, Sharman would lack the information necessary to implement a policy of termination for infringement of copyright.
253 Nobody has offered an explanation of the apparent inconsistency between the non-existence of a central server and the terms of cl 6.4 of the Joltid Licence Agreement. Once again, I mention the possibility that, at one time, there was a central server, or at least a proposal for a central server, but the situation later changed.
(f) Keyword filtering
254 Counsel for the applicants suggested that the respondents could have designed non-optional filters which would prevent the display of search results of blue files whose particulars (title, artist etc) matched particulars of the sound recordings listed in the applicants' catalogues. Counsel said such a filter could have been designed to be independent of any filter associated with gold files and to be capable of remote activation by the respondents.
255 Mr Morle discussed the possible use of filters in his main affidavit. He said:
'I am aware that KMD can identify Altnet files as gold icons because it obtains the Altnet results independently from the FastTrack results. This is not a filtering process. The KMD cannot filter unauthorised copyrighted files while allowing the searching and downloading of non-copyrighted or licensed files. I am not aware of any technology that could perform this function.
The KMD contains two simple filters - namely:
22.1 One filter allows a user to block any executable file (i.e., a file with a ".exe" file extension.
This can be set by a user concerned about possible viruses in executable files; and
22.2 a second filter, called the adult filter, blocks the display of files that contain in their metadata certain words that are sexually-oriented or offensive.
This filter can be set in the "No Filter", "Offensive Content", "Adult Content" (Default) or "Images and Videos" position, and can be password-protected by parents.
To my knowledge the Respondents do not have, nor are they aware of, technology that would filter content owned by persons such as the Applicants, while allowing the search and download of other content.'
Mr Morle said he understood some discussion about this matter had occurred in America. There is no evidence, either way, about that.
256 In cross‑examination, Mr Morle agreed with Mr Bannon that measures to control the distribution of blue files would not affect the distribution of gold files. Mr Morle told Mr Bannon he had discussed filters with Ms Hemming. However, no steps in that direction ever were taken. Mr Morle gave this evidence:
'You see, what I want to suggest to you is that you have never participated in any executive decision by Sharman, to take any step to admonish or criticise any individual user or group of Kazaa users for infringing the applicant's sound recording copyright using the Kazaa system, have you? --- I don't think I have personally. I am not aware of anything else that has occurred.
And you can't point to a single piece of paper which describes any campaign or communication to the public or to users, leaving aside the initial documents under the initial agreement which constitutes any campaign to persuade users who you believe are infringing copyright using the Kazaa system to stop doing it. That's right, isn't it? --- I can't think of anything beyond the warnings that are around the website.
…
You have never taken a single, solitary step to attempt to introduce filters which would inhibit infringement in the applicant's sound recordings, have you? --- I've spent a lot of time thinking about filtering and considering how that would be done and I haven't got to a position where what I've reported can and can't be done has caused my superiors to want to try anything.'
Mr Morle said his reports on filters had been given 'verbally'. He was unable to point to any written report.
257 Mr Morle agreed the Kazaa system incorporated 'advanced searches' limiting search results to particular categories of files: audio, video, software, archives and play lists. He did not agree those searches were filters but he accepted their effect was to limit the material a user could download. Mr Morle said there was an 'adult' filter and a 'custom' (common word) filter.
258 Mr Morle also agreed that Mr Morris had told a United States Senate committee that Sharman had 'the most comprehensive' adult filter and monitored for child pornography. However, Mr Morle said he did not know how Sharman could prevent the Kazaa system being used for this purpose.
259 I do not accept Mr Morle's evidence about discussing filters with Ms Hemming, at least in any serious way. Mr Morle's evidence was not, of course, confirmed by Ms Hemming. Although she attended much of the trial, she preferred the well of the court to the witness box.
260 The documents tendered in evidence demonstrate that Mr Morle extensively used email to communicate with his colleagues, including Ms Hemming, even on subjects of minor importance. I find it difficult to believe he would not have used email to communicate any significant views on a matter as important as the introduction of blue file filters. Moreover, although Mr Morle posed as financially unaware, he is neither stupid nor commercially inexperienced. It would have been obvious to him that it was not in Sharman's interest to impede sharing of blue files. The focus groups showed the primary purpose of most Kazaa users was to obtain free access to music files. Free access was available only from the blue files. A filter that impeded, or significantly curtailed, blue file sharing of popular music would have seriously diminished Kazaa's appeal to users and, therefore, the number of people using it at any particular time. That would have adversely affected Kazaa's appeal to advertisers.
261 The fact that I reject Mr Morle's evidence on this point, and that no other Sharman or Altnet employee gave evidence about it, does not mean blue file filtering was a realistic proposition. There was expert evidence about this topic.
262 In an affidavit read at the trial, Professor Sterling said 'there are a number of measures that could have been taken by the developers of the software in order to filter or attempt to exclude unauthorised material from the system and from KMD users'. He explained:
'The Guide describes the existing ability of KMD to filter in at least two circumstances. One circumstance is for protection against viruses by removing files with suspicious extensions such as .scr or .bat. From the perspective of the design of the system, it would be no harder to screen files which have a .mp3 extension, even if the existing filter technology is deployed.
The second circumstance is the existing KMD filter for adult content, that looks through metadata such as the file title. The Guide refers to this filter being used to block material that is offensive and inappropriate for children is blocked.
In my view, it would be equally possible to filter out files because of copyright content. Consider the band Powderfinger … In my view it would be straight forward not to allow any files with "Powderfinger" in the title metadata. While filtering in this manner may not always be accurate, such that the file that is filtered may not actually be by Powderfinger, or alternatively all Powderfinger files may not be removed, the filtering by metadata is likely to restrict the availability of files that are correctly labelled as being Powderfinger files.
Given that such files would ordinarily be searched for by name or metadata that referred to Powderfinger (or some other known data) and KMD users appear to be rewarded for correctly labelling files (in the Glossary to the Guide) I would expect that even this simple key word filter would be likely to restrict unauthorised Powderfinger files.
An analogy can be drawn with Spam filters for e‑mail. While it is impossible to block all spam it is a standard industry practice and one that is useful to provide partial solutions by keyword‑based filters. Many email filter products … are nothing more than that.
Another means by which unauthorised files could be filtered for KMD users is by use of file hashing identification processes. I am aware from Mr Thompson's report that KMD uses file hashing technology.'
David Erskine Thompson is an expert in computer forensic technology who gave evidence on behalf of the applicants.
263 Before Professor Sterling was cross-examined at the trial, I directed his attention to the technical experts' agreed propositions (exhibit G), to which he was a party: see para 129 above. I asked him about para 10 of the document, dealing with non-optional keyword filters. He said the reason for the qualification in subpara (e) was that it was not possible to guarantee that people would not try to find ways of overriding the filter; for example, by giving a particular singer a nickname. In relation to subpara (f), Professor Sterling said that, if he wanted to distribute his own work under the name 'Leon Sterling', and there happened to be a popular artist of that name, he might be blocked regardless of his wishes. I asked Professor Sterling whether there was an answer to that problem. He replied:
'To solve it in generality, no. I think this was a kind of agreement, the level of effectiveness of such filters is certainly something which I think is perhaps to some degree in dispute'.
264 Under cross-examination by Mr Leeming, Professor Sterling agreed there was no 'answer in the sense of a 100 per cent effective filter that has no false negatives and no false positives'. Professor Sterling said 'some people might be able to get around' a filter, but he thought 'it actually would be effective for a large percentage of people'.
265 Mr Leeming drew Professor Sterling's attention to an earlier report he had prepared about Kazaa. In that report, Professor Sterling said that reading the Kazaa user guide had reinforced his previous perception that Kazaa 'was designed to have music files'. Under the heading 'Copyright protection', Professor Sterling had said:
'Users are encouraged to share files. There is some kind of rewards mentioned for people to share files. In the case of music files, there is nothing in the interface that suggests that users need to be careful of copyright violations. There are disclaimers at the bottom of the Web page with the user's guide, but not in a way that will make users take notice, or think about the copyright issue. In general, I had the impression that the warnings about being careful to observe copyright were buried in the guide. Given the publicity surrounding the Napster case, no developer should be unaware that copyright for a file-sharing application that facilitates sharing of music files is a key requirement to be handled properly.
It is understandable that the developers of KaZaa would encourage users to share files. Certain applications, and KaZaa is one, are only useful if there is a sufficiently large amount of content available through it. People will use Kazaa rather than another program only if it is easier to use and give better results.'
266 Mr Leeming referred Professor Sterling to what he had written in this report about filters:
'The authors state that it is impossible for them to filter unauthorised files. This claim is inaccurate and misleading. While deciding whether a file is authorised or not is probably technically impossible, there are certainly measures which could easily be taken.'
267 Professor Sterling had referred to the fact that the Kazaa system provided for filtering against viruses and commented: 'It would be no harder to screen files which have a .mp3 extension'. He also referred to filtering for adult content by looking through 'metadata such as the file title'. He said: 'It is hard to envisage that it is not equally possible to filter out files because of copyright content'. Professor Sterling told the hearing he continued to hold the opinions he had expressed in this earlier report.
268 Professor Sterling said there would be a number of design issues in establishing a filter system. He had not thought it his role to do the design work. Professor Sterling agreed there would need to be 'communication with the music industry' and 'a means of comparing the files that users have with the applicants' catalogue files'. As a general principle, he thought, it would be better to do that at supernodes rather than at users' nodes. The evidence went on:
'Do you agree with me, as presently implemented this filtering that you propose does not appear? --- Currently they are not filtering on these mechanisms.
You would have to turn the present optional filters into non-option filters; so you would have to re-write? --- There would be some changes to the code necessary and I am not going to speculate on the degree of difficulty.
And you would need to update those filters from time to time as well? --- Yes.
…
Dealing with existing users an initial question is whether or not there is an ability to force an update upon the user; a termination question as you have labelled it? --- I have commented on that previously. I don't have more to comment.
I am not asking for your comments, Professor, I just want to know whether you agree that that is a threshold question that has to be addressed before we get to filtering in the case of existing users? --- Something needs to change in the existing user's program in order to apply these filters more effectively, absolutely.
Thank you. The second thing about filtering, do you agree, is that whatever you do it is not going to be 100 per cent effective; is it? --- Yes, agreed. That is one of the overall requirements that needs to be taken into consideration.'
269 Professor Sterling said he was not able to tell the Court, in any detail, what he meant in saying the Kazaa system could have been adapted, and could now be adapted, to include filters based on metadata matching a line of regularly updated file hashes.
270 Professor Sterling conceded to Mr Meagher that he had not undertaken any research 'to see whether or how filtering might operate in relation to a peer to peer application'.
271 In para 92 of his affidavit, Professor Tygar offered some comments about Professor Sterling's affidavit. At subpara (j) Professor Tygar said:
'[Professor Sterling] suggests that KMD could be modified to ban files having an MP3 extension. While this is certainly technically possible, it would ban all files marked with the MP3 extension, regardless of whether they were authorized for exchange or not. Such a ban would deny the many artists without record label contracts an important, alternative, distribution mechanism. … Furthermore, it would not prevent users from exchanging files of the form musicfile.txt which were later manually converted to musicfile.mp3. Of course it would also not prevent users from exchanging audio files in any other format, some of which I have discussed above. … Prof. Sterling further suggests filtering on band names such as "Powderfinger", although he readily concedes that those filters would yield both false positives and false negatives: "all Powderfinger files may not be removed" and that some removed files "may not actually be Powderfinger." Prof. Sterling fails to address the complexity in coming up with a list of all keywords relevant to copyrighted works (imagine the difficulty in deciding which recordings of Beethoven's Fifth Symphony are authorized for distribution) let alone distributing and keeping the list up to date. Finally Prof. Sterling makes an analogy with spam filters … but he fails to address what most e-mail users know: that those filters are increasingly ineffective at stopping spam as clever spammers find new ways to avoid detection by the filters. Finally Prof. Sterling addresses the use of hash values as a way to filter files; but as I discuss above, these methods can only filter a specific representation of a specific music file, not all representations of all unauthorized music files.'
272 During his cross-examination of Professor Tygar, Mr Bannon did not challenge the professor's view about false positives and false negatives. However, he did ask Professor Tygar whether he was arguing that, if a filter 'can't be 100 percent, it shouldn't be implemented at all'. Professor Tygar responded:
'Well, I do think that some threshold of effectiveness ought to be met and that we should consider the question of filters in regard to how users would actually use them and deal with them in practice'
273 Mr Bannon put to Professor Tygar that 'a selection of hash value versions of a particular sound recording would have the potential to severely limit the extent of distribution of that sound recording'. Professor Tygar replied: 'For a while, yes, but not indefinitely'. He later explained: 'I could imagine such a system might be effective for a week or two'. The evidence went on:
'And the system could be adapted to change hash values? --- When you say the system, are you referring to KMD?
The filter? --- The filter. Indeed, you could receive updates but the phenomena that I was expecting was that users would download programmes which simply introduce random changes into a file, for example, random changes into what's called an ID3 Version 2 Header by adding some field to the comment, adding an additional set of random letter[s] to the comment, thus generating a nearly unbounded number of variants of an identical music recording that would yield different hash values.'
274 I asked Professor Tygar some general questions about methods of achieving a balance between copyright protection and freedom of information. The professor said he had given thought to this issue. His evidence proceeded:
'my own belief is that the best way to address these issues is through technology that keeps users from infringing copyright in that way and there's extremely rapid progress being made in this area. For example, Windows now offers WMA format files that have something called Digital Rights Management. The digital rights management system makes it very difficult for users to exchange those files infringing copyright. Broadcast material in the United States, [in] particular digital broadcast material, now has flags associated with it that restrict the ability of the receiver to do certain things with that information. Watermarking technology that's been developed can help assist in catching cases where infringement happens. I believe that the problem is so pervasive of copyright infringement in our society that legal mechanisms alone can never address this.
…
But you can go to different technologies I suppose, totally different technologies, but I guess you can't force people to use them and if, in a particular case, it suits a commercial establishment to offer the MP3 technology then why would they abandon that in favour of different technology, whatever problems that might force upon them for the sake of cutting down on infringement? --- Of course it's the decision of the information owner and distributors how to present that information to society.
Yes? --- So ultimately the decision rests in their hands but regrettably the pattern that we see with the rapidly evolving technology is that even when sources of copyright infringement are shut down other sources are emerging very rapidly and the problem is an adaptive one, your Honour, as individuals face additional restrictions they change their behaviours. I worry that legislative or judicial decisions alone would not be sufficient to address the problem.'
275 Professor Ross also replied to the affidavit of Professor Sterling. He made the point that, by filtering on .mp3, all .mp3 would be blocked, including non-copyright files. He thought this 'clearly unacceptable for new artists who are looking to use P2P file sharing as a marketing tool'.
276 Professor Ross rejected Professor Sterling's comparison with filtering spam in email. He said:
'Blocking spam is more straightforward as a relatively small number of words will catch most of standard spam (solicitations for money, pornography, medical drugs, etc.). The list of words necessary to provide any kind of effective filter by reference to the metadata of shared files would be enormous and constantly changing. Someone would need to compile the list and keep it current. Given the vast quantity of material in which copyright might subsist (whether audio, text, image or movie files), it would be a mammoth ongoing undertaking to create a list that could filter unlicensed versions of such material that users choose to share. Further, users can control the metadata attaching to files and can easily change descriptions to avoid the filter.'
277 Professor Ross also disagreed with the possibility of using the file hash to filter unauthorised files. He said:
'… content can have tens of thousand[s] of versions, each will give a different hash function. Filtering with the content hash will not work well because there are many different versions (with different hashes), and different versions are being introduced every day.'
278 During the course of his cross-examination, Mr Bannon put to Professor Ross the possibility of using the gold file system to 'provide page after page of gold file responses, each of which said something like "don't infringe copyright" and actually didn't provide any content'. Professor Ross responded:
'Obviously you can write software so that if you type in some key words and what pops up is, "Do not infringe copyright law", yes, that can be designed'
279 Professor Ross rejected the idea of filtering particular hash versions. He said:
'I don't believe it would work at all, quite honestly. Take an example: suppose you have a file that has 10,000 versions. Suppose somehow you decide to have a filter that blocks out the first 5000 most popular versions. When the user goes ahead and does a search, there is still going to be - those other versions are still going to appear in the user interface. So the user can still go ahead and download the copyright and many many users, millions of users will be doing that and they will all be downloading it and then before you know it the version that had popularity 1000 is now popularity one.
Well, in other words you are saying yes, it will work for a while but you may have to change the system? --- I think it would work in the order of a half an hour or an hour.'
280 I think it is apparent that a hash filter system would be ineffective. It is also apparent - indeed common ground between the experts - that a keyword filter system that was tied to the title of the sound recording or the name of the artist would not be 100% effective. However, counsel for the applicants argued this was no reason to reject the view that the respondents could have used this technique substantially to inhibit copyright infringement. In their Closing Submissions, counsel said:
'The Kazaa system depends on file sharing. That in turn depends on millions of users communicating in the same language. The heart of the system is the search request and search results system. That system is word-based by reference to the metadata of the Blue Files. … Sharman encourages users to be as accurate as possible in describing files and to correct file names when downloaded into My Shared Folders. That is an admission that the system requires accurate descriptions to be useful. There would be no point in a user deliberately misdescribing a file unless other users understood the "code". There is no evidence that a new code could be sensibly developed among users. Further, any such code could only work if it was universally known, in which case in [sic] would necessarily become known to Sharman so that the new code word could be added to the filter.
As previously indicated, the success of the system depends on maximising the number and location of users. If, as the evidence indicates, and as the Applicants contend, the success of the system depends on the sharing of unauthorised music files, making the system difficult or cumbersome in relation to such files would quickly lead to its demise. If the system was not so dependent, it would have no impact.
In any event, a concern that a filter may not be 100% effective is not a valid reason for not implementing it. The adult filter is thought worthwhile although it is not 100% effective. The same may be said about virus filters.'
281 Counsel also dealt with the false positives concern. They said:
'The other "concern" expressed in relation to such a filter is the prospect that it might exclude some authorised content. That concern appears to be speculative. For example, Professor Tygar could not proffer any specific example of any authorised content which would be excluded by such a filter. To similar effect was the evidence of Professor Sterling. Despite the efforts of the Respondents to produce evidence of actual use of KMD to distribute copyright-free content, analysis of the raft of affidavits they filed and read seeking to support that proposition shows that beyond the most generalised statements there was only one example of any person or organisation actually using KMD as a distribution channel, and that example was supported by no examples of any person taking advantage of that availability.
In any event, the Gold File system is available to ensure that any content which might conceivably be excluded by the Blue File word filter could be and could have been made available as a Gold File and hence not excluded by the Blue File filter. The evidence indicates that Altnet has offered exactly that service to the Creative Commons content providers. Moreover, the Respondents were eager to urge on the Court that all the material described in the affidavits of Prelinger, Kahle, O'Reilly, Newby and Fitzgerald was free of copyright claims. If they have satisfied themselves of that sufficiently to say it to this Court, then they must have satisfied themselves of it sufficiently to be confident in making the content available as Gold Files without fear of liability.
Finally, the mere risk that there may be some files excluded from the search results is not a reason why the filter should not have been implemented. The Respondents include a virus filter which excludes all .dll and .exe files. That would exclude many files which are not viruses. As the Court room demonstration showed, the adult filter excluded files which consisted of sound recordings by the Sex Pistols which would not be regarded as the type of adult content that is the object of the filter. Furthermore, the stated vision of the Respondents is that software be used by users to acquire Gold Files. Mr Morle himself said that limiting the sharing of Blue Files was not a matter which concerned the Respondents.' (Footnotes omitted)
282 In their Closing Submissions, counsel for the Sharman respondents argued there were four difficulties about filtering:
(i) making filters non-optional;
(ii) identifying what is licensed;
(iii) getting a list of metadata for licensed works to the user's computer:
'such a list would be long, it would take up a user's download bandwidth memory, and performance; very plausibly, the sites from which the list came would be the subject of hacker attacks and there would be other means of circumvention;'