April 19, 2014

avatar

Targeted Copyright Enforcement: Deterring Many Users with a Few Lawsuits

One reason the record industry’s strategy of suing online infringers ran into trouble is that there are too many infringers to sue. If the industry can only sue a tiny fraction of infringers, then any individual infringer will know that he is very unlikely to be sued, and deterrence will fail.

Or so it might seem — until you read The Dynamics of Deterrence, a recent paper by Mark Kleiman and Beau Kilmer that explains how to deter a great many violators despite limited enforcement capacity.

Consider the following hypothetical. There are 26 players, whom we’ll name A through Z. Each player can choose whether or not to “cheat”. Every player who cheats gets a dollar. There’s also an enforcer. The enforcer knows exactly who cheated, and can punish one (and only one) cheater by taking $10 from him. We’ll assume that players have no moral qualms about cheating — they’ll do whatever maximizes their expected profit.

This situation has two stable outcomes, one in which nobody cheats, and the other in which everybody cheats. The everybody-cheats outcome is stable because each player figures that he has only a 1/26 chance of facing enforcement, and a 1/26 chance of losing $10 is not enough to scare him away from the $1 he can get by cheating.

It might seem that deterrence doesn’t work because the cheaters have safety in numbers. It might seem that deterrence can only succeed by raising the penalty to more than $26. But here comes Kleiman and Kilmer’s clever trick.

The enforcer gets everyone together and says, “Listen up, A through Z. From now on, I’m going to punish the cheater who comes first in the alphabet.” Now A will stop cheating, because he knows he’ll face certain punishment if he cheats. B, knowing that A won’t cheat, will then realize that if he cheats, he’ll face certain punishment, so B will stop cheating. Now C, knowing that A and B won’t cheat, will reason that he had better stop cheating too. And so on … with the result that nobody will cheat.

Notice that the trick still works even if punishment is not certain. Suppose each cheater has an 80% chance of avoiding detection. Now A is still deterred, because even a 20% chance of being fined $10 outweighs the $1 benefit of cheating. And if A is deterred, then B is deterred for the same reason, and so on.

Notice also that this trick might work even if some of the players don’t think things through. Suppose A through J are all smart enough not to cheat, but K is clueless and cheats anyway. K will get punished. If he cheats again, he’ll get punished again. K will learn quickly, by experience, that cheating doesn’t pay. And once K learns not to cheat, the next clueless player will be exposed and will start learning not to cheat. Eventually, all of the clueless players will learn not to cheat.

Finally, notice that there’s nothing special about using alphabetical order. The enforcer could use reverse alphabetical or any other order, and the same logic would apply. Any ordering will do, as long as each player knows where he is in the order.

Now let’s apply this trick to copyright deterrence. Suppose the RIAA announces that from now on they’re going to sue the violators who have the lowest U.S. IP addresses. Now users with low IP addresses will have a strong incentive to avoid infringing, which will give users with slightly higher IP addresses a stronger incentive to avoid infringing, and so on.

You might object that infringers aren’t certain to get caught, or that infringers might be clueless or irrational, or that IP address order is arbitrary. But I explained above why these objections aren’t necessarily showstoppers. Players might still be deterred even if detection is a probability rather than a certainty; clueless players might still learn by experience; and an arbitrary ordering can work perfectly well.

Alternatively, the industry could use time as an ordering, by announcing, for example, that starting at 8:00 PM Eastern time tomorrow evening, they will sue the first 1000 U.S. users they see infringing. This would make infringing at 8:00 PM much riskier than normal, which might keep some would-be infringers offline at that hour, which in turn would make infringing at 8:00 PM even riskier, and so on. The resulting media coverage (“I infringed at 8:02 and now I’m facing a lawsuit”) could make the tactic even more effective next time.

(While IP address or time ordering might work, many other orderings are infeasible. For example, they can’t use alphabetical ordering on the infringers’ names, because they don’t learn names until later in the process. The ideal ordering is one that can be applied very early in the investigative process, so that only cases at the beginning of the ordering need to be investigated. IP address and time ordering work well in this respect, as they are evident right away and are evident to would-be infringers.)

I’m not claiming that this trick will definitely work. Indeed, it would be silly to claim that it could drive online infringement to zero. But there’s a chance that it would deter more infringers, for longer, than the usual approach of seemingly random lawsuits has managed to do.

This approach has some interesting implications for copyright policy, as well. I’ll discuss those next time.

Comments

  1. Greg says:

    Don’t think this deterrent can be scaled to realistic populations sizes.

    Does crime in a neighbourhood disappear when a new police station is opened? The criminals should reason that since the new station has no case-load, they will be devoting their full attention to the first crime to be committed and are therefore bound to be caught… at the very least there ought to be a measurable effect. Does this happen in practice I wonder? I speculate not.

    • felten says:

      The method doesn’t have to deter everybody — it just has to deter significantly more people than current methods do.

      As I understand it, when the police announce (credibly) that they will put heavy enforcement resources into a place, crime there tends to decline.

      • Sean B says:

        I don’t think “deter significantly more people than current methods do” is a reasonable metric; “deter a significant percentage of people currently engaged in the activity” seems more plausible to me. (E.g. going from deterring 1% to 2% seems pretty insignificant except under some improbable situations regarding “pirates” converting to “paying users”.)

        And by that metric, It seems like the proposed method would be unlikely to achieve any significant deterrence because most potentially-deterred users can easily reason that there are many people with lower IP addresses than themselves who won’t be aware of the threat, and thus they can count on those lower people to be caught first.

        In other words, being deterred doesn’t rely merely on expecting everyone else being rational and working the logic through, it relies on everyone else even being aware of the threat. If only half the people are aware of the threat, the vast majority of those can feel safe engaging in the activity anyway knowing that there are plenty of people in the other half that will take the fall. In a large population, even if 90% of people are aware of the threat, you’d have to threaten enforcement actions on, I dunno, ~3-5% of the population to have a significant deterrent effect; enforcement actions against 1% of the population will only get 1/10th of the way through the total ordering just hitting people who aren’t aware of the threat. So people, say, 2/10ths of the way through or later could feel safe. (Of course, they’d need an estimate of how widespread knowledge of the threat is to judge this, and they’d presumably use a conservative estimate.)

        There may be some version of this scenario where you can plausibly believe that a sufficiently large percentage of the population would be aware of it and rationalize it, but it would take a lot of time and a lot of publicity and possibly multiple attempts.

  2. Wallo says:

    The effectiveness of this scheme will probably suffer from a version of the unexpected hanging paradox.
    (Paper is behind a paywall, so I couldn’t check if the authors addressed this.)

    • felten says:

      There’s no paradox here. Unlike in the unexpected hanging paradox, where the prediction is self-referential in a way that makes it difficult to fulfill, here the prediction (we’ll enforce against the people with lowest IP addresses, say) is easy to fulfill.

      • rp says:

        It’s easy to fulfill the threat, but is it easy to be seen fulfilling the threat? Not everyone even knows what their IP block is (and it changes more or less at the vagaries of their ISP). And even wit that information, relatively few people have an understanding of how many IP numbers might be between them and the danger zone. Oh, and the RIAA has essentially zero credibility in stating what its policies will be.

        If something like this were to come to pass, I think the only result would be a brief flowering of proxies locating in 25X.XXX…

        It’s important to note that the successful interventions Kleiman describes are of such such a scale that the first bunch of malefactors hauled in for exemplary punishment is small enough that authorities know them all by name and can bring them in for threatening simultaneously (or essentially so). And that the initial threat is just that: stop now, or we’ll throw the book at you, as opposed to the RIAA’s “give us an unreasonable-sounding sum now, or we’ll make you pay more later.”

        If a copyright enforcement agent could engage in similarly-targeted enforcement (perhaps by favorite artist and locality), they could take advantage of the prisoner’s-dilemma effects that work for law enforcement (by getting everyone off the street at once, they don’t just enlarge the territories of the miscreants who aren’t arrested). But that would require a change of attitude and behavior on the part of the RIAA. (It’s also important to note that at least some of the examples Kleiman cites are about stopping violence rather than stopping all the crimes the malefactors are associated with. I’m not sure what the analogy would be here, since the RIAA ostensibly wants to stop all sharing of copyrghted material.)

      • Seth Finkelstein says:

        It’s a classic logic fallacy – it doesn’t require self-reference exactly like the unexpected hanging, just more generally an if-then chain which isn’t true along the links due to dependencies within the chain.

        • Richard says:

          Actually it reminds me of the “All horses are the same colour” induction fallacy. The first step in that chain doesn’t work but all the others do.

          Here I think the problem is that these steps are probabilistic rather than absolutely certain Even if each step is 99.9% certain the overall process will fail on a population of a few thousand.

  3. Konstantin says:

    I think that the ordering based on the IP address may fail, because many people do not know what their IP addresses are and how their addresses are ranked among all addresses. For them the IP address is just a random number (by the way, assigned dynamically in most cases). In other words, I do not think that “… each player knows where he is in the order.”

    Ordering violators by time will probably work much better assuming that everybody knows the policy. The last assumption is crucial. Otherwise, if say 1% of violators illegally download music between 8pm and 10pm, just because they are not aware of the new policy, the rest 99% of violators can freely download music after 10pm without any risk of being caught. Thus, this policy may even increase the number of violators by essentially providing a safe time for this illegal activity.

    • felten says:

      If people really wanted to learn their IP address, they can just visit whatismyip.com or a similar site. The industry’s announcement of IP address ordering could include instructions for learning your IP address.

      • rp says:

        The mere existence of tools misses the point.

        Someone who needs instructions on finding their IP address is unlikely to be in a position to make a “sensible” decision about their risk and appropriate behavior. Sure, some will overestimate the risk and stop sharing files, but others will underestimate the risk (and might even start sharing because they figure they’re not in as much danger as under a random regime). Others yet — especially the ones who notice that their IP address changes from day to day or week to week — might go for learned helplessness and figure that they might as well get all they can now, because the RIAA is going to hang someone else’s sins on their head someday regardless.

        But all of this is really premature optimization.There are any number of methods you can use to pick an exemplary subgroup for enhanced enforcement, and arguments for and against any of them. But to do selective ienforcement you need a bunch of other precondtions, including community agreement that what your transgressors are doing is wrong, fairly good knowledge of the transgressors as individuals, and a willingness to treat the transgressors as people. You also need a community small enough (or with low enough percolation) that stopping transgressions among your initial group leads to a visible decrase in the total transgression rate, at least within some kind of neighborhood boundary. (That’s another reason I think IP’s wouldn’t work — only sometimes do nearby IP blocks form a neighborhood whose members are aware of one another as neighbors.)

        • Anonymous says:

          Thus you will have a system designed to catch stupid people.

          Like every other aspect of the legal system.

  4. Anonymous says:

    Actually, if I were Mr. A, I’d get together with my alphabet friends and propose that we all cheat and we pay the fines together. In that way, we split 26-10=16 dollars between the 26 of us!

    • dmc says:

      Yes, but that introduces additional risks to Mr. A…what if his best friends cheat against him, and decide not to help him out with the fines?

      Prisoner’s dilemma, and all that.

  5. brianary says:

    Not only would this require a greater accuracy of detection than will ever be possible, it assumes all parties are logical and dispassionate.

    There are just too many zealots on both sides to expect this. The copyright supporters seem to have no problem with the occasional false positive, and the reformers are pretty angry about things like the secret ACTA treaty’s puzzling three-strikes-and-you’re-offline (which for some reason doesn’t similarly apply to print or audio media) and DMCA-style anti-circumvention provisions.

    Any solution that does not take emotional decisions into account is unlikely to succeed.

    • felten says:

      I’m certainly not claiming that this will solve the online copyright debate. I’m really saying two things: (1) here is a strategy the big copyright holders could try, which might give them more of what they want, and (2) the assumption that you cannot deter a lots of people unless you have the capacity to enforce against most of them, is not necessarily true.

      • brianary says:

        I’d be very interested in preliminary tests to see if, at very large scales, whether it seems to the participants (who are unlikely to know what an IP address is) just as random as current efforts.

        Also interesting would be legal interpretations of whether selective enforcement would be a problem.

      • Seth Finkelstein says:

        “(2) the assumption that you cannot deter a lots of people unless you have the capacity to enforce against most of them, is not necessarily true.”

        Why do we need an induction paradox to admit this? In the real world, putting a few heads on pikes outside the city walls is often a very effective strategy of ruling a large population. However, in net.politics, it’s often not acceptable to say that – the foot-stampers proclaim it can’t work, because there’s too many people in the population. But come up with a hoary logic fallacy – and suddenly it’s possible???

        And we’re going to play in real politics?!

        P.S. – Do you really think the RIAA would be more effective if they announced they were going to start suing people in alphabetical order??

      • Richard says:

        But Ed – as you yourself noted here a while back – infinite music storage will be here soon – and so file sharing on the internet is becoming irrelevant anyway.

  6. Anonymous1 says:

    It strikes me that once the target selection process is known there will be multiple attempts to create false positives by the anti-copyright forces. The true targets will migrate to the low risk end and the anti-copyright forces will array themselves in the high risk area attempting to set up the most favorable factual scenario they can devise. I’d expect fair use sound snippets, parody, etc

    Instead of being a self-funding strategy, where most targets settle for far more $$ than it costs to handle them, while only a minority fight (and the fight is on facts that are favorable to the copyright forces), the situation may reverse. A higher percentage will fight, some fights will have facts that are unfavorable to the pro-copyright forces, and the effort required to separate the false positives from the clueless infringer will increase.

    I’m not saying the industry couldn’t separate legitimate targets, but it won’t be as easy. I don’t think the industry stopped suing their customers because it was too expensive to sue all infringers. I think they stopped because they realized most of their customers are also at least occasional infringers, and suing your customers isn’t a viable long-term strategy.

  7. Flamsmark says:

    This particular argument is very persuasive in the described game-theoretical scenario constructed. However, it’s plausible to suggest that the real-world situation doesn’t match up with this game.

    Firstly, not only do real-world `enforcers’ not have complete information about `cheaters’, but `cheaters’ can take pro-active steps to conceal their identities. Especially where the cost of such steps is low, they make for a very attractive option. And – indeed – this does seem to be the case. The use of IP-address block-lists, proxies, and even commercial VPNs like the Pirate Bay’s IPREDATOR service certainly seems to be popular, and to be getting more popular as `enforcement’ efforts increase. Indeed, in the UK, MI6 has advised against the implementation of `graduated response’ or `three-strikes’ type legislation, because they believe that such efforts will increase the volume of encrypted traffic, making their jobs harder. A different model (and one taking into account realistic cost/benefits) would be needed to assess the impact of such options.

    Secondly, the scenario in the paper implies a game whose constraints are well-known: both to the players and enforcers. The real-world situation may well not parallel this. Even if the real `enforcers’ announce a like approach, it may not appear credible until several lawsuits have been pursued. Moreover, real `players’ cannot assume that their peers perceive the same-form that they do, or even that their peers will act rationally for the game form that they do perceive. When there’s so much uncertainty, the inductive logic of this argument breaks down. In all real likelihood, those with high IP addresses can be quite confident that there will be plenty of `cheaters’ with lower IPs.

    Thirdly, the motivation assumed in the paper may not accurately parallel that of real individuals. Certainly, judging from many of the websites, statements, and even political parties that have grown up around this issue, for many, their motivation seems to be more than just whether or not `cheating’ is the most `financially’ beneficial strategy. For some, the issue is clearly a matter of conscience. As such, the utilities modeled in this game could well be inconsistent with those of the real players.

    There are other similar arguments that could be made about the relationship between this game, and the real situation being modeled. I’m not saying that the paper is out-and-out wrong, nor that the tactics it describes would not be useful in any real-world situation. I do wish to suggest that the paper’s treatment of the problem is probably insufficient to conclude that this approach would surely be effective. Nonetheless it posits an interesting strategy. However, perhaps more sociology is needed to tie the game theory to the real situation.

  8. Shane says:

    I agree with other commenters that the IP-based scheme wouldn’t necessarily work because the average file-sharer doesn’t have much knowledge of their own IPs, and the people with mid-level IPs know this, defeating the deterrence mechanism on most of the pool. But this objection isn’t actually that relevant to the discussion. Instead, the RIAA could map the IPs onto approximate geographical areas and say “We’re going East to West.”

    The real concern would probably be whether imperfect enforcement (much less than 80% detectability) and active countermeasures would defeat this scheme and push the environment to an “everybody cheats” equilibrium. This, I think, is the most likely outcome. All it takes is a small, dedicated group updating a central repository of anti-detection software, or an IP block list, or maintain whitelists, or something else, or a combination of some or all of the above. The enforcers can adopt their strategy, but they’re fundamentally running against their limitation of only being able to enforce against a small percentage of infringers.

  9. bowerbird says:

    still trying to use the stick? still gonna lose.

    try using the carrot instead, and you’ll win…

    -bowerbird

  10. Crosbie Fitch says:

    1) You’re assuming the litigators don’t care who they litigate
    2) You’re assuming the litigators are trying to deter infringement

    I suggest that the objective is not to deter infringement, but to take control/possession/ownership of the new communication/broadcast channel that is The Internet.

    How else can those who covet such control do this except to duplicate the privilege that the Stationers’ guild obtained in 1710 to have their de facto monopolies over distribution and production of publications recognised by the crown?

    How would you demonstrate the need to be granted a privilege that enabled you to exclude anyone from the Internet?

    First you demonstrate that copyright prosecution is ineffective, impractical, uneconomic and cruel. By selecting the most innocent victims and publicising the means of infringement you demonstrate cruelty and encourage greater infringement. By ensuring that prosecutions drag on, and the difficulty of obtaining evidence, you further demonstrate that court is unsuitable.

    QED. You need to exclude anyone by your own order.

    1) You don’t need any evidence
    2) Your order is moderated by the insignificant requirement that it be issued three times.
    3) Exclusion (disconnection) removes the victim from effective means at challenge (no others will come to their aid for fear of similar peremptory exclusion)
    4) A tribunal must be satisfied by evidence of innocence before permitting an appeal
    5) The victim must collect evidence of innocence (which is far more difficult than evidence of guilt)

    After intense negotiations you win a concession. The ‘graduated response’ will only be directed at commercial infringers/counterfeiters (along with insurgents/seditionists/domestic extremists, terrorists, and distributors of filth). Non-commercial file-sharers will be ignored.

    You’re forgetting something: No evidence is required.

    ACTA represents the culmination of a strategy that has worked perfectly, and like mugs everyone thinks the corporations have failed, and must make do with the compromise of ’3 strikes’. Au contraire. This is what they were after all along. They’re not stupid. They knew it was impossible to prevent copying years ago. They’re just taking possession of The Internet.

    NB For GPL fans. Once this privilege is properly in place MS can then claim Linux is infringing and anyone caught using it rapidly notches up 3 strikes. Remember, they don’t need evidence of infringement.

    Another concession? ’3 strikes’ exempt connections will be made available, but with extortionately high fees to cover the costs of ‘all you can eat’ licenses.

  11. golden says:

    Here is the issue with this in the real world. In the example as stated, there are 26 people in the room and they all know for sure that the others have heard and understand what the algorithm is. However, in the case of file sharing, there are millions of traders and there’s no way to be sure that they’ve all understood the RIAA’s strategy.

    Suppose each file sharer can assume that the chances that any other one has a 99.9% chance of understanding the game – a very high fraction. If I am sitting 5000th in line out of 10 million file sharers, my chance of being the one the RIAA goes after is only 0.7% – probably not high enough for me to worry about it. At 5000th, I am very close to the “front” of the line, but even I am unaffected by the RIAA’s announcement.

    Someone sitting in the middle of the pack will be quite happy to hear about the strategy, since it virtually guarantees that he will *not* be prosecuted. He might even increase his file sharing knowing that he’s not going to be bothered!

  12. felten says:

    0.7% doesn’t sound like much, but it’s a higher risk than you would face now — and maybe enough to deter you. At present, the expected cost of a suit is not enough to deter most would-be infringers. (Which is not to say that everybody infringes, or should.)

    • golden says:

      But the point I was making is that the guy at position 5000 is practically at the front of the line. For most people, this announcement tells them that they have a lower chance of being sued than they did before.

      For example, let’s assume there are 10 million sharers and that 99.9% of them understood the RIAA’s announcement. Let’s assume that there is one lawsuit, which they’re trying to avoid. In the old way of doing things, they all had a chance of 1 in 10 million of being sued. Now, the chance of someone in position n being sued is (.999)^n. So at what n is the new probability lower than it was before? The two probabilities are equal when

      (.999)^n = 1.E-7

      so

      n = log(1.E-7)/log(.999) = 16110

      The vast majority of users now are even surer than they were before that they won’t be sued. If the users are able to determine where they are in the list (and this is critical to the whole strategy) the 999 out of 1000 of them who were in the front of the list will simply find a way to move to the back, leaving some poor soul (someone’s grandmother?), who doesn’t understand IP addresses or whatever it is, to get sued.

  13. Arvind Narayanan says:

    I find the technical result fascinating, but like other commenters, I don’t see this working in the real world, because of the population size and because some fraction of the players won’t even be aware of the enforcer’s strategy.

    I also think the random enforcement strategy is vastly more effective in the real world than it is with ideal players, because people greatly overestimate their chance of being picked at random. The response to the Beltway sniper attacks is a good example — the whole area around Washington D.C. was paralyzed, even though an individual’s chance of accidental death was only increased by a few percent as a result of the sniper.

  14. Valera says:

    1) There is no way no notify all the players (of which there are maaaaany millions) of the rules
    2) If we’re going by IP, keep in mind that some players are in other countries and this game doesn’t apply to them.
    3) If I was going to download something illegally tonight, I wouldn’t even go to check what my IP is. I know RIAA won’t sue 1000 people a day (I don’t know what the real numbers are, but I’m sure it’s muuuch less). So I’m more than sure that it’ll catch it’s quota for the day way before my turn comes. So even if I’m in US and I know the rules of the game, I won’t care one bit. Oh, and I would be sure to use a block list too.

  15. Shane says:

    Here’s another variation. The RIAA chooses to focus its efforts entirely only one artist per label. So they announce that they will sue anyone they catch downloading Jay Z or Lady Gaga. All their efforts are devoted to enforcing copyright (very publicly) on only a handful of artists, and if it works, they can slowly increase the pool of protected artists, and using the concepts discussed above, can eventually cover their entire labels’ catalogs.

  16. eee_eff says:

    I find the technical result fascinating, but like other commenters, I don’t see this working in the real world, because of the population size and because some fraction of the players won’t even be aware of the enforcer’s strategy.

    The unexpected hanging paradox immediately came to mind, and due to imperfect information, I find it believable that this strategy would fail for that reason alone.

    But there is a more basic failure of this strategy. First there is the possibility of collusion among the game described–if as a group, it makes more sense for all 26 to cheat and pool the risk (through some kind of insurance like scheme) that becomes an ess (evolutionary stable strategy)

    But what other ess’s are there? I suspect there are others, simply because the moral connectivity of the group, as it increases, improves the well being of each individual. Other strategies, such as random anonymous violence becomes rational at that point. (not modeled in the game)

    The essential truth of Col Boyd’s analysis: that moral connectivity is key in conflict, highlights the limitations of this line of game theory, which sets artificial limits on behavior.

    Bottom line: the RIAA loses again.

  17. dmc says:

    I think people here have gotten overly hung up with the IP strategy. For the approach suggested, it doesn’t matter whether the RIAA chose to go in IP order or username order or filesize order or any other order — pick anything where each cheater knows pretty well where they stand in the order.

    Regardless of which sort order you use, I agree with folks above who have argued it won’t work, because too many people will be clueless. If I know I’m pretty far down the list, in a population the size of the internet, I can absolutely count on a fair number of clueless people who will get hit with a lawsuit long before me.

    In addition, this approach doesn’t adequately take into account the time to pursue a lawsuit. Suppose that the company is busy suing the 500th infringer. Now all the people earlier in the ordering who didn’t infringe before know that it is safe to start infringing, because they’ve already been passed over, and the company won’t be getting to them any time soon. OK, so maybe the company will go back to the beginning of the list and sue the 25th person, as well, while the case of the 500th person is in progress. However, at some point they’ll be saturated with the maximum number of lawsuits they want to pursue concurrently (drawn from the sorted large pool of clueless people), and then everyone else will know they are safe to start infringing again, for as long as it takes to clear the pipeline.

  18. Barry says:

    A necessary condition for this strategy to work in substantially reducing cheating is to publicize who gets sued and where in the order they are.

    To use the IP example, if my IP address is 6.2.121.34, then I might be a bit more afraid of getting sued than if my IP were 188.63.1.41. People toward the end of the list will figure that somebody – at least one person – ahead of them will decide to try to cheat by following this same logic.

    In order to eliminate this possibility in the long term, the RIAA would have to publicize who gets sued and by what criterion they were selected. So, if I’m 188.63.1.41, and 187.9.14.149 gets sued, then I might be a bit more worried, because that would indicate that all those people actually decided not to cheat.

    On a side note, Ed, why all the blog spam? It really trashes the place up. :(

  19. Michael Tung says:

    It seems like there’s something wrong with this “clever trick”. What about the people that come last in the publicized ordering? Someone whose last name begins with Z’s best strategy would be to cheat like crazy until everyone else has been caught. Any doubt that from the random policy that would have hindered him from cheating before would be completely removed in the new model.

    Applied to the situation of copyright infringement, currently, some percentage of people abstain from piracy due to the possibility of enforcement. If I had a static IP that was at the end of the ordering, I would in effect have full immunity. Perhaps this would cause people with IPs at the end of the range to begin rampant downloading, even creating new ways of piracy (renting out IPs, IP squatting, etc). It seems possible that the net effect of the policy could be even more infringement.

  20. Anonymous says:

    1. Go after the 100 worst offenders

    2. Post the list of what they were doing

    3. Work your way down, printing money from settlements
    (You’d damn well better be able to prove each case)

  21. Ben10 says:

    The authors downplay the importance of risk. In their game, if you assume that the first person has a 5% chance of getting caught, then they will each cheat because 1*.95 > 10*.05.

    Now if the second person has a 100% chance of getting caught, what are the chances that the enforcer will prosecute him if he cheats? If you said 100%, you are wrong! The answer is 95%, because 5% of the time the first person will get prosecuted.

    If the first 25 people have a 5% chance of getting caught, the 26th person would cheat even if he had a 25% chance of getting caught! Do the math, which is a simple permutation: (.95^25)(.25) is less than 10%, which makes it worthwhile.

    In effect, probabilities greatly distorts how this game is played at a large scale. This would not be effective legislation.

    It’s a very interesting concept, though.

  22. Xianhang Zhang says:

    I think a more effective “alphabet” would be amount downloaded by that IP. Start with the people who download the most first and then publicly announce what the limit was each week. The people who download the most are the most likely to be aware of this scheme so you mitigate against the problem of ignorant users.

    Also, in this scheme, the inability to track every download is a virtue, not a vice. Say they announced that the limit last week was 600Gb and you downloaded 500Gb last month. you decide to download 250Gb this month just to be safe but of the 500Gb you downloaded, they only tracked 300Gb so you’re bringing the limit lower for next month even though you’re nowhere near the boundary case.

  23. hxa7241 says:

    The general counter-strategy is straightforward.

    The ‘resistance’ place a dummy wherever the ‘police-state’ target next — to deceive or take the hit harmlessly. This simply turns the attack against itself: The police-state’s strategy relies on: 1. announcing their next target; and 2. keeping that promise. The resistance exploits and completely negates that. To defeat that counter, the attack must disable itself.

    The critical assumption behind the police-state’s strategy is that the resistance is powerless, that they have no ability to respond. But there is enough evidence this would be foolish in the internet world.

  24. Anonymous says:

    It seems to me that the real issue here is not whether the maths work but that the RIAA et al need to find a real solution to the problem, ie a way of getting the copyright infringers to pay them instead of stealing.
    At the moment they are playing whack-a-mole using law suits as their hammer. They cannot carry on doing that forever.

    • Anonymous says:

      You are right that they need to find a real solution to the problem, but it will not involve magically bringing back the old inefficiencies of pre-Internet distribution that gave them such fat margins in the past.

      It will have to involve coming up with new and innovative business models that don’t rely on everyone who gets a copy paying them for the privilege. Of course, once they find ways to make money more indirectly by selling something else (concert tickets, signed editions, etc.) then the ordinary copies become advertising, and file sharing of those copies becomes FREE advertising, since someone else is doing the heavy lifting of distribution and promotion of the content.

  25. Arauz says:

    The RIAA can keep filing lawsuits until the turn blue, they are never going ebb the flow copyright infringement until they get the cooperation of ISP. Copyright material will always be available as it was earlier in Russia with the famous AllofMP3 website and the current lawless favorite of the Pirate Bay of Sweden…if the ISP do not get involved the next hotbed for copyrighted material will jump to from Sweden to Panama, Costa Rica or a million other locales.

    • Anonymous says:

      Actually, the RIAA can keep filing lawsuits until the turn blue, they are never going ebb the flow copyright infringement, full stop.