SOCA: Police can monitor file download histories

Police officers have been tracking when downloaders of copyright-infringing files have deleted their download histories, according to the Serious Organised Crime Agency.

On Wednesday evening, SOCA hailed the success of an operation against music blog RnBXclusive, which provided links to illegal music downloads. The agency took down the site on Tuesday, posting in its place a warning to people using the site for downloads that they could face up to 10 years in jail.

The Serious Organised Crime Agency put this notice on the RnBXclusive website for around 32 hours after the website was taken down.

One of the measures of the campaign's success, SOCA said in its statement on Wednesday, is that "a number of site users have deleted their download histories".

RnBXclusive did not host the music files itself, instead directing people to cyberlocker services similar to Megaupload, going by captures of the blog on the Way Back Machine archive. Asked for an explanation of how SOCA could monitor downloads, given these are not available via the blog's site, the agency confirmed it is tracking individual people's actions.

SOCA's investigative team "has been monitoring activities [of] users of the site", a spokesman for the agency told ZDNet UK.

He declined to comment further, saying that to go into SOCA's "techniques and methodology" could hinder the investigation.

Legality questioned

Cybersecurity expert Peter Sommer said the legality of SOCA's monitoring depends on the methods it is using. The UK police have regional units that use hacking as one way of surveilling suspects.

"One can only speculate, but there are only two ways one can think of in which they would know that download histories had been deleted," Sommer told ZDNet UK. "The first would involve them having seized the suspect's computer and carried out a forensic inspection, which would be legal."

"The second would be by remotely hacking into a suspect's computer," Sommer continued. "If they do that, there is a considerable likelihood that it would be illegal because the law enforcement exemption in the Computer Misuse Act does not apply to the use of a Trojan for remote hacking."

In the UK, copyright enforcement laws allow rights holders to get a court order forcing ISPs to block access to copyright-infringing sites hosted overseas, as was the case with RnBXclusive. However, the RnBXclusive takedown was carried out under conspiracy-to-defraud laws, rather than copyright enforcement laws.

"All action taken in this case was done after due and careful consideration with respect to the legal position of [SOCA's] actions," the police agency's spokesman said, when asked whether Tuesday's takedown had followed due process.

All action taken in this case was done after due and careful consideration with respect to the legal position of [SOCA's] actions.

– SOCA

He added that RnBXclusive "enabled access to music obtained by hacking, including some which had not yet been released". The site had 70,000 visitors daily, mainly men between 18 and 25 years old, in the week before the arrest, according to SOCA.

The spokesman declined to comment on whether users of other download-related sites were also being monitored.

Three more music sites have shut up shop or gone legal since the RnBXclusive takedown and arrest of its proprietor, according to SOCA, which said it had "monitored responses" to its action. The agency's spokesman declined to name the three sites.

"One has taken itself offline voluntarily, one claims to be considering taking itself offline, and another has posted a claim on its home page to now only be dealing in legal music files following the activity," SOCA said in its statement.

Industry warning

The message posted by SOCA on RnBXclusive's site said that "as a result of illegal downloads young, emerging artists may have had their careers damaged", and that "if you have illegally downloaded music you will have damaged the future of the music industry". The content of this warning was influenced by representatives of rights holders, according to the police agency's spokesman.

"It was written by SOCA, but we did have input from industry," he said.

That message has now been taken down, having been up for around 32 hours as part of what SOCA described as "the first phase of the operation". This operation is entirely connected to RnBXclusive, rather than referring to future, similar campaigns, the agency's spokesman explained. He also clarified that the 10-year-sentence threat in the message was made under the Criminal Justice Act 1987.

"[Rights-holder group] IFPI estimates losses to legitimate businesses and artists caused by the site to be £15m a year," SOCA said in its statement.

In response, digital rights campaigner Peter Bradwell said collaboration between UK law enforcement agencies and rights holders needs to be more transparent.

This is at best a distraction for an organisation who should be dealing with serious, material threats.

– Peter Bradwell, Open Rights Group

"This whole episode seems to be a kind of scarecrow operation. SOCA should not be using threats simply to scare users, almost all of whom have no reason to fear jail. This is at best a distraction for an organisation who should be dealing with serious, material threats," said Open Rights Group member Bradwell.

David Allen Green, head of the media practice at law firm Preiskel & Co, also questioned why the agency is taking part in what is effectively a copyright enforcement case.

"It is not clear why SOCA are involved, and it seems odd that they are using a Heath Robinson combination of contract and conspiracy law," Green said. "The alarmist web page they have used to replace the site taken down is preposterous and makes SOCA look frankly ridiculous."