Thursday, January 31, 2013

But, but... it's encrypted!

Oh dear. Mega hasn't even been in business for two weeks yet, but already there are problems; the Herald reports:

Kim Dotcom's new website has received around 150 notices for copyrighted content allegedly being hosted on the service since its launch 10 days ago.
The file-sharing and storage business, Mega, went live on January 20 with the internet entrepreneur's extradition case for alleged copyright violation concerning his previous business Megaupload still hanging over his head.
While Megaupload was taken down by US Government this time last year, Dotcom has claimed a team of lawyers scrutinised every aspect of the his new business and are convinced it won't suffer the same fate.
One of the key protections that Mega believes will keep it safe is that all files uploaded to the service are encrypted and its team cannot see what users are sharing or storing.
As Mega can claim to have no knowledge of what is being shared, the argument is that the website is legally shielded from responsibility for any swapping and copying of copyrighted material by users.
As well as this, Mega provides a system for rights holders to request for content to be taken down if they think their copyright is being infringed.
According to an intellectual property lawyer acting for Dotcom, Rick Shera, the website had received around 150 notices alleging copyright infringement as of yesterday.

So how do those people who are alleging copyright breaches by Mega know that their copyright has been breached? Is Mega's encryption service less secure than Mega's founders have boasted. Is the encryption nothing more than smoke and mirrors?

When it comes to Mega, and its predecessor Megaupload, nothing would surprise.


Harvey said...

Its encripted but you can supply a key. Lots of compy files have been listed on

meow said...

The keys are under the control of the uploader, so if that person decides to share the randomly generated link to the file along with the key to decrypt it then Mage can legitimately point to the user and say "it's all their fault, we can't decrypt it to see what's in there".

Also the watchdogs don't have to *know* the contents of the encrypted file, they simply file a claim and Mega take it down with no questions asked. Should the argument go to court then it is up to the watchdog who filed the copyright claim to prove it to the court - Mega is expecting them to make the claims with reasonable belief, of course that doesn't mean that they always will.