SEPTEMBER 19, 2002
We Can Run, but We Can't Hide
How BayTSP is Enforcing the Digital Millennium

By Robert X. Cringely

If you look at Mark Ishikawa's business card, you'll notice that it lists no street address for his company, BayTSP, just a post office box. This is for good reason, since Ishikawa is one of the few Silicon Valley CEOs who regularly receives death threats. Uninvited visitors are not welcome at BayTSP, which has a post office box in Los Gatos, CA, but could really be anywhere in the Bay Area.

I certainly have no idea where the company lives, but I know why Ishikawa has so many enemies. It is because BayTSP acts as the primary enforcer for the Digital Millennium Copyright Act (DMCA), a law that is widely reviled in the technical community.

The DMCA, which was put in effect in 2000, was an attempt by the U.S. Government to bring copyright law into the cyber age. But many people -- including, oddly, Mark Ishikawa -- think the DMCA goes too far by making it illegal for me to even tell you how to circumvent encryption or copy protection technologies. It makes the very passing of knowledge against the law whether or not that knowledge is ever used.

"It's a very flawed piece of legislation," says Ishikawa, who predicts that the government will rewrite the copyright law again "in eight or nine years" to correct the mistakes in the DMCA. But until then, the DMCA is the law of the land, and Mark Ishikawa is the Internet's top cop.

BayTSP is paid anywhere from $200 to $50,000 per month by owners of intellectual property -- primarily software companies, movie studios, and record companies -- to find who is illegally copying, distributing, or helping to distribute without permission their intellectual property. For example: Adobe Systems arranged to have Russian programmer Dmitry Sklyarov arrested at the 2001 DefCon security conference in Las Vegas for violating the DMCA by showing how to circumvent copy protection in Adobe's eBook software. The arrest was made on information supplied by BayTSP.

Now I am not in any way a fan of the DMCA. The purpose of this column this week is not to examine the DMCA, but rather, to gain some understanding of how it is enforced. BayTSP is an interesting company, and coming to understand how it does what it does can be very useful as you will shortly see. So please don't write to me complaining about the DMCA. Write to your Congressional representatives.

Mark Ishikawa came to the data security business from the Dark Side, having been busted years ago for breaking into the network at the Lawrence Livermore National Laboratory. Preferring employment to jail time, he became a security consultant for the Lab and a lot of other places. Eventually, Ishikawa started a large ISP and web hosting company that he sold at a profit. Now he runs BayTSP.

BayTSP's business falls into two areas -- law enforcement and anti-piracy -- and it uses the same tools for both businesses. These tools are spider programs that scour the most traveled parts of the Internet looking for users who are offering to others files that are either illegal to even own or at least illegal to share. An example of the former is child pornography. BayTSP tracks for the FBI the global carriage of kiddy porn. When a big child pornography bust takes place, it is generally on the basis of evidence gathered by BayTSP.

"There seems to be an increase in child abductions and murders in the U.S.," says Ishikawa, "and when the abductors are caught and you look on their home computers, you inevitably find kiddy porn. So it is a precursor to this bad behavior, and just as the Internet makes it easy to distribute child pornography, it effectively encourages these criminals. We are working to end that."

BayTSP's spider programs use patented algorithms to scour public web sites looking for pictures, video, and music files. "Our algorithms are adaptive," claims Ishikawa. "You can cut a picture in half and we'll still find it, matching the cut-down version against a database of originals, effectively matching the electronic DNA of the target."

One thing BayTSP's spider programs don't do is sit at the Internet peering points sniffing all packets as they go by. "That would be wiretapping, which is illegal," he says. "All we do is go to the same places any user could go, look at the same files anyone else could look at, and we only probe the ports on your computer that you have made public."

Now we get to the part I find especially interesting, and where I think there is a lot of confusion among users. This has to do with how BayTSP finds out who is distributing kiddy porn or pirated music files. If you think your activities on the Internet are anonymous, you are wrong. When BayTSP finds an IP address that appears to be the source of child pornography or pirated music or video files, under the DMCA, it can subpoena ISP logs. These logs can directly connect even dynamic IP addresses to user accounts, making it clear very quickly who owns the offending account. Every ISP keeps these http logs, and even products for so-called anonymous surfing aren't effective in circumventing the technique.

"We have 100 percent coverage of peer-to-peer file sharing," Ishikawa claims. "If you are illegally sharing copyrighted materials, we know who you are."

Then why aren't there more arrests? In part, this is because the intellectual property holder who is paying BayTSP gets to set its own comfort threshold for exactly how much file sharing is too much, and how BayTSP should deal with offenders. "Adobe only wants to send out cease and desist orders, while some movie studios want to put people in jail," Ishikawa says. "There are people on the Net offering 50,000 to 60,000 files at a time for sharing. These people will get busted for sure."

For lesser offenders, under the DMCA an intellectual property holder can make your ISP remove the offending content from its servers. So while you may not go to jail, you might find that your Gnutella songs are no longer available. Repeat offenders lose their accounts completely. One issue is how quickly ISPs remove the offending material. "Sony wants it gone in an hour, but Uunet takes two weeks," says Ishikawa.

According to Ishikawa, we'll see major arrests in October of people who have been illegally (and flagrantly) sharing movies. With the evidence already gathered, the game is afoot, meaning this week is too late to stop sharing those movies and expect to get away with it. This might be a good time to get a lawyer.

Not even Osama bin Laden can escape the gaze of BayTSP. According to Ishikawa, the FBI thinks terrorists are sharing information by hiding it in images posted on eBay using a process called steganography. Doesn't that sound a little too sophisticated for al-Qaida? Can that picture of a dented Ford F-150 pickup with a For Sale sign really be saying, "Bomb the infidel Cringely's house?" Maybe, maybe not.

"The FBI has us looking for certain specific things," says Ishikawa, "but we haven't found anything yet."

Home | The Pulpit | I Like It | Baloney | Old Hat | Tell Me When | Pass It On | Bob's World