Chilly Storms Brewing in the Cloud Over Megaupload Takedown

Last week saw what felt like a surprise move by the US government against the Hong Kong-based file sharing site, Megaupload. Swooping in from afar the company and several of its executives found themselves embroiled in a legal battle. The takedown and its proximity to the SOPA protests even triggered one of the largest DDoS attacks ever perpetrated by Anonymous. Shortly thereafter, sites such as Filvesonic recoiled and shut down their sharing capabilities; while others such as Box.net and YouSendIt have commented that they involve themselves in a lot more sectors than just personal uploading and sharing.

However, the dark lining in the cloud right now is that Megaupload both claims and appears to have followed all the rules that should have given them an umbrella under the safe harbor provisions. In fact, according to legal analysis solicited of experts by Jennifer Granick of The Shout suggests that while Megaupload might have left themselves open to civil proceedings (which would have involved lawsuits) that they appear to me more-or-less innocent in the criminal lawsuit arena which the US DOJ seems to be moving forward with.

The upshot of this is that many of the other cloud-sharing and storage sites feel that they’re safe from this sort of prosecution but looking at what happened to Megaupload may be short sighted. If indeed Megaupload should have been protected under the DMCA by following its safe harbor guidelines then all the snow falling on them comes from a tussle they’ve been having with copyright holders lobbying the government to strike out at them using the impression that they were just a sleazy site.

As discovered by Granick, it seems that the indictment itself against Megaupload is incomplete in the criminal aspects and covers mostly civil aspects. Normally civil suits never proceed with such overbearing displays of firepower—and certainly rarely, if never with arrests or the threat of imprisonment.

This means that the US DOJ just showed that they can choose to hit any cloud-storage site they want essentially at the behest of highly motivated and deep protected content holders. The US is capable of causing tremendous harm to a business without much due process (including the total wipeout of the site itself by confiscating the domain) and the seizure of their servers. The US claimed jurisdiction over Megaupload because the Hong Kong-based company has servers in Virginia.

Memories to be Deleted from the Cloud

As snow begins to fall in the cloud during this blizzard we can see the first very real “chilling effect” of this sort of prosecution. According to a report released in the Associated Press and covered by SilionANGLE personal data on Megaupload servers could be deleted as soon as Thursday this week. According to TorrentFreak users of the site have already begun organizing proceedings against the US DOJ and FBI to sue them for losses and damages should this happen—already people who had valid business arrangements with Megaupload have lost access to their data due to this activity and deleting it would add permanence to that inaccessibility.

According to sources, the government did not seize the servers themselves but simply copied files from them (presumably for use in the criminal proceeding) but by freezing Megaupload’s assets the US government has essentially put the datacenter providers between a rock and a hard place: they aren’t receiving money to upkeep the servers that house the user data yet the servers are now laying fallow.

As a result, the FBI and others will be facing a lawsuit shortly if files unrelated to their investigation are deleted.

Further into the freezing rain falling from the cloud, smaller file sharing outfits who use the cloud are already deleting content to avoid being targeted by the United States.

“If the US government can come for Kim Dotcom it can happen to almost anyone,” a file-hosting operator told TorrentFreak on condition of anonymity. “I’m trying to think of everything I did possibly wrong in the last 3 years and worrying about that and the next 3 years also, if we even have that long.”

Although this purge is unlikely to do anything to the actual piracy scene, it will probably impact people who have uploaded their thoughts, images, and files to the web via these smaller outfits with a profoundness. The actual piracy scene doesn’t exist in bulk on sites like Megaupload or other cyberlocker sites—these are an extreme newcomer to the scene and that’s possibly why they got caught in the headlights when the DOJ came for them.

In fact, looking at cloud sharing sites, the remaining contenders have seen a huge increase in customers flocking to them after losing Megaupload. For the rest of the networks of piracy, they existed before cloud cyberlockers arrived on the scene and they still act behind the scenes in invisible black markets that still hadn’t thought of fully exploiting cloud-based sharing. That’s not to say that they don’t trickle into every single one…meaning that all cloud-storage could be just as vulnerable.

As the snow starts piling up, other sites receiving those customers may start wondering if the US and copyright holders will turn their high beams onto them and hopefully before then they’ll understand better how to protect themselves under the law.

While it might be true that staying within the confines of the DMCA may help them win in court, the US has made it obvious that these matters of law won’t save your business from being hammered from existence by asset and domain seizures and that’s all that it would take to crush the business model of many of these new startups.