Kim Dotcom and Mega: Legal FAQs

You’re probably familiar with Kim Dotcom, the German-Finnish internet entrepreneur who currently resides in New Zealand, and is being pursued by the US Department of Justice regarding accusations of a “Megaupload” business empire built on rampant infringement of US copyright laws and the Digital Millennium Copyright Act. 

Much of what is currently being written about Mr Dotcom simply churns trite facts without actually offering much in the way of explanation.  I thought a blog which answered some of the main questions would be helpful.

How does the US have jurisdiction over Megaupload?
Why would Megaupload Limited, with its registered office in Hong Kong, be subject to US copyright laws and to the Digital Millennium Copyright Act?  The answer is that Megaupload deliberately carried out business in the US and with US residents.  The site leased more than 1,000 servers in North America (525 were at Carpathia Hosting, which received $13 million from Megaupload).   

Wired provides great analysis here, but the general principal is that individuals and companies can’t gain the benefits of doing business in a jurisdiction without complying with its laws and being subject to its enforcement efforts – assuming that the jurisdiction can gets its hands on you in “terrifying real life”. Which brings us to extradition!

Will Dotcom be extradited?
Under New Zealand’s Extradition Act, any request for extradition from New Zealand must relate to an “extraditable offence” which is defined as an offence that:

  • Carries a maximum penalty of not less than one year’s imprisonment in the requesting country; and
  • Involves conduct that would be regarded as criminal had it occurred in New Zealand, and would have carried a similar penalty

Unfortunately for Kim Dotcom, breach of copyright is just as illegal in New Zealand as it is in the US. 

Part 3 of the Extradition Act also provides a mechanism by which the requirements to provide evidence establishing a prima facie case in support of the extradition request can be replaced by the simpler “record of the case” procedure. This mechanism is available to select countries, including the US.  (A guide to New Zealand extradition prepared by the New Zealand Ministry of Foreign Affairs and Trade can be read here.)

Nevertheless the US is struggling to extradite Dotcom and is also struggling to make its case against Megaupload and the “conspirators” (Dotcom and various associates).  Dotcom actually received an apology from the Prime Minister of New Zealand for illegal surveillance.  A helpful timeline of the various legal twists and turns can be read here.

What’s the new service that he’s offering?
Kim Dotcom has launched a new service, Mega, which he says is distinct from Megaupload, and which he also insists is legal.

Mega is offering all users 50GB of free cloud storage, making it a potentially compelling competitor to the likes of Dropbox (2GB free) and SkyDrive (7GB free) — if you’re not worried about the service getting shut down like its predecessor.

Mega offers client-side encryption, meaning that (arguably) even Mega doesn’t know what is on the files that clients upload.  The only way a client file can be decrypted is if the client makes both the encrypted file and also the private encryption key publicly available.  This would presumably breach acceptable use of Mega, and Mega also has in place a take down process similar to what other content sharing websites (such as YouTube) offer, and which is required under US law in order for the website operator to qualify for “safe harbor” protection from copyright infringement claims.

Of course, the predecessor site Megaupload had a take down process as well, so this leads us to the next obvious question.

Is Mega legal?
Dotcom still insists that Megaupload was legal, despite the US Department of Justice’s claims that Megaupload’s overall operating model was geared towards criminal intent, because:

  • the vast majority of users did not have any significant long term private storage capability;
  • continued storage was dependent upon regular downloads of files occurring;
  • files that were infrequently accessed were usually rapidly removed, whereas popular downloaded files were retained;
  • only a small portion of users paid for storage subscriptions, meaning that the business was dependent on advertising revenue, and displaying adverts to downloaders;
  • an incentive programme was adopted encouraging the upload of “popular” files in return for payments to successful uploaders; and
  • (potentially most damning of all) there was a comprehensive take down process in use for child pornography and terrorist propaganda, but this same take down process was not deployed to remove infringing content.

Initial impressions would suggest that Mega does not share these strategies.  Certainly Dotcom would have to be incredibly foolish to not apply the take down  process this time around.  In fact, it’s perhaps a credit to Dotcom’s slick advertising/media persona, and Mega’s attractive user interface, that initial bloggers thought Mega would “dismantle copyright forever”.

As Jonathan Bailey succinctly puts it (in by far the best analysis of Mega which I have read):

where Megaupload provided incentives and tools that encouraged users to upload (often illegal) files for mass download, Mega  does not and in fact has a structure and service that puts barriers up against mass downloading of files, legal or otherwise.

What is certain is that we can expect plenty of fun and games over the next few months. 

When Mega launched this week as “The Privacy Company” their claims of super-security were bound to come under the highest levels of scrutiny (some cloud providers definitely perform better than  others in the security stakes – see my colleague Leigh’s analysis).  Yesterday the story was that Mega’s encryption was substandard, today the story (which is emerging as I write) appears to be some form of encryption prize – Kim Dotcom himself has just Tweeted:

We welcome the ongoing #Mega security debate & will offer a cash prize encryption challenge soon. Let’s see what you got ;-)

Who knows what tomorrow will bring?

John-McGonagle

0 Responses to “Kim Dotcom and Mega: Legal FAQs”



  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




Twitter: @BrodiesTechBlog feed

January 2013
M T W T F S S
« Dec   Feb »
 123456
78910111213
14151617181920
21222324252627
28293031  

%d bloggers like this: