On 1 October, 2007, Jammie Thomas - a single mother living in Brainerd, Minnesota - was sued in civil court for copyright infringement by the Recording Industry Association of America. Three days later, the jury returned the verdict; Ms Thomas was liable for willfully infringing the copyrights on 24 songs. The fine: $222,000.

Once the case got whittled down, the jury had to consider whether Ms Thomas was using a peer-to-peer network to download those 24 songs. The jury found that she had used Kazaa and had both downloaded the songs and in the process "made available" the songs for downloading by others.

Thus, for each song, there were several acts of infringement: downloading, storing, copying, posting ("making available"), and potentially aiding and abetting of the copying by others. Many of these terms overlap each other - for example, you can't download a song without copying it - even streaming a song copies it.

It could have been worse, much worse. Had she been prosecuted to the fullest extent of the law, Ms Thomas could have been fined $3.6m plus been forced to pay Capitol records' attorney's fees and costs. And that is just the civil fine. She could also be forced to pay a criminal fine of $6m and make restitution to the record companies, as well as serve 120 years in jail. In fact, had she previously been convicted of infringement - a matter of timing of the prosecution - she could have been sentenced to 240 years in jail. And that is just for 24 songs.

Just highlighting the possible sentencing demonstrates that there are several problems with the Thomas case. First and foremost, it really does not recognize - as current copyright law fails to recognize - the way normal, and presumedly law abiding, people use the internet. Indeed, the odds are very good that you committed a copyright infringement this morning, and, if not, you will by the end of the day.

As University of Utah law professor John Tehranian points out (pdf), mundane activities like downloading, copying, automatically replay to, or forwarding emails could be read to constitute copyright infringement. That's right - almost all emails are copyrighted.

Tehranian points out that just copying and replying to 20 emails could lead to $3m dollars in statutory damages. So too are such things as forwarding family photographs or pictures of the company holiday party that you didn't take, singing "I Wish You a Merry Christmas" at the party and videotaping the singing of the song, or posting the latest "Dilbert" comic on your cubicle wall. All create potential civil and criminal infringement liability.

Indeed, Tehranian notes that his hypothetical infringer, doing nothing more than the average person does, and not including any peer-to-peer file sharing, could have potential annual statutory civil liability of more than $4.5bn. And, of course, that is just in the United States. The internet, being a transnational medium, raises the specter of infringement liability in many countries at the same time.

So in a way, Thomas got off light with a judgment of only $220,000.

But it's also setting a legal precedent that has significant problems. The United States Department of Justice recently filed a brief (pdf) supporting the position of the movie and recording industries, urging that both the judgment and the fine against for copyright infringement against Jammie Thomas be affirmed.

Now, I am no fan of copyright infringement. Movie studios spend millions creating and marketing copyrighted works, as do record companies, publishers and others, and they are entitled to protect their works from harmful and infringing activities. Copyright infringement, of songs, music, software, books, articles, and even user generated content costs the bottom line, injures reputations, and in the long run may - and I emphasize may - discourage the creation of new copyrighted works. At least it may discourage their digital distribution.

I am also willing to accept the jury's finding that Ms Thomas acted willfully, and that the songs she downloaded were posted on Kazaa for others to download. Perhaps millions of people downloaded the songs she posted, perhaps nobody did.

Yet, the law has still not caught up with the technology.

Digital devices by their nature make copies. Digital cameras take pictures, including pictures of pictures and pictures of copyrighted works. Take a snapshot in Times Square, and you have infringed about 200 copyrights, more if you use a wide angle lens. Now, I am not suggesting that you will be successfully sued, or that you might not be able to take refuge in the "fair use" doctrine, but there is the potential for billions of dollars of infringement liability for genuinely innocent conduct.

Often times, your liability may not depend on what you do, but what technology you use to do it. Thus, if you buy or rent a digital video recorder from your cable TV or satellite provider, and record television shows for later viewing, you are OK. But if that DVR is located at the cable TV company and not in your living room, you have infringed. Watch a DVD and turn down the sound at the naughty bits, you are OK. Take out the naughty bits, you are creating an unauthorized derivative work and have liability. Stream a song to your cell phone, OK; download it, a felony - even if you immediately delete it.

Our ability to track everything you read, view, look at, download, not only enhances your potential copyright liability, but the ability to enforce such liability. ISP's, employers, colleges and universities, phone companies, search engines, online merchants, credit card companies, online photo companies, peer to peer file sharing providers, user generated content sharing entities, social networking sites and others maintain records of our viewing, copying, forwarding, and other potentially "infringing" activities.

This information may be subpoenaed, demanded, requested, or voluntarily turned over with our without our consent. Thus, every day we may commit millions of dollars worth of potential infringement, and we are keeping detailed records of exactly what we did.

And heaven help the poor person to whom the digital trail erroneously points. If the ISP's records show that your IP address committed an infringement, it can be forced to shut you down, disable your access, offload your content, and turn you in to the intellectual property police.

Even when the RIAA, Business Software Alliance (BSA) and Motion Picture Association of America (MPAA) are trying to do the right thing and go after genuine infringing activity, the fact that computers may be a shared resource (with kids and adults using the same computer) or the fact that servers can be hijacked, or people's general ignorance about security makes for potentially serious civil and criminal consequences for people who are doing nothing wrong.

Then there is the problem of derivative liability. Sure, if I download copyrighted songs I should have some liability. But if I do it at work, should my employer have liability? If I do it at school, should the university be forced to pay too? What about the company that makes the software that furthers the infringement? Should they all be forced to pay? Should they also be forced to pony up records relating to my activity? The answer to the latter is probably yes.

One of the biggest problems with copyright infringement is the general sense among those infringing that they are not doing anything particularly "wrong". First, as I noted, there is an awful lot of infringing activity that quite frankly is done deliberately and willfully but not wrongfully.

Part of the problem deals with what I would call the iPod phenomenon. If I went into a Tower Records (OK, there are no more Tower Records, but stay with me here), and slip a CD into my pocket without paying, it's pretty clear I am committing a crime. It's also pretty clear that, at best what I stole was worth whatever was on the sticker, say 20 bucks. That's because I have some physical manifestation of the intellectual property.

On the other hand, let's say my buddy loans me the same CD, and I listen to it without paying. No problem. Now I make a copy of one of the 20 tracks to listen to later. An infringement? Sure. What's the damages? Let's assume that the only way you can get the song is to buy the entire CD. Are the damages $20? One buck? $150,000? Clearly I acted "willfully" when I copied the song, so there is the potential for statutory damages.

Finally, when what I own is just zeros and ones on a digital device (a track on my iPod) and not what is perceived to me as a digital manifestation of that intellectual property, I may feel as if I haven't stolen anything. I don't steal a song when I listen to it on the radio, and I don't feel like I have stolen it when I record it from the radio, even though the copyright law might consider the latter an infringement.

Ultimately, the recording industry is using the copyright law against Ms Thomas to place a stake in the ground. In an effort to prevent piracy generally, they are seeking draconian penalties against this individual. Let's just hope that Scott Adams doesn't try to do the same thing about all the "Dilbert" cartoons on the walls of my office.

This article originally appeared in Security Focus.

Copyright © 2007, SecurityFocus

Related stories

• Damages slashed for US freetard (25 January 2010)

  https://www.theregister.com/2010/01/25/jammie_appeal_damages/

• Jammie Thomas calls for file-sharing trial #3 (7 July 2009)

  https://www.theregister.com/2009/07/07/jammie_thomas_requests_trial_number_three/

• US record industry wins $1.92m from file sharer (19 June 2009)

  https://www.theregister.com/2009/06/19/copyright_victory_rich/

• RIAA filesharing target Jammie Thomas wins retrial (25 September 2008)

  https://www.theregister.com/2008/09/25/jammie_thomas_again/

• US beak pecks at RIAA's 'making available' filesharing attack (30 April 2008)

  https://www.theregister.com/2008/04/30/riaa_making_available_defeat_eff_howell_arizona/

• BSA sinks teeth into US dentists and door makers (12 February 2008)

  https://www.theregister.com/2008/02/12/bsa_us_unlicensed_software_claims/

• RIAA chief calls for copyright filters on PCs (8 February 2008)

  https://www.theregister.com/2008/02/08/riaa_wants_filters_for_end_users/

• EU supremes: ISPs don't always have to finger filesharers (29 January 2008)

  https://www.theregister.com/2008/01/29/eu_supreme_civil_isp_filesharing_case_law/

• MPAA admits movie piracy study is 29% full of @$#% (24 January 2008)

  https://www.theregister.com/2008/01/24/mpaa_admits_movie_study_error/

• RIAA told to pay legal fees for harrassed defendant (17 January 2008)

  https://www.theregister.com/2008/01/17/tanya_andersen_riaa_attorneys_fees/

• Dreamhost billing cock-up shocks customer bank accounts (15 January 2008)

  https://www.theregister.com/2008/01/15/dreamhost_bills_customers_years_worth_of_trouble/

• Canuck record labels accuse tunesmiths of smoking opium (8 January 2008)

  https://www.theregister.com/2008/01/08/songwriters_and_record_labels_discuss_flatrate_music_sharing_plan/

• World's Dumbest File Sharer loses lawyer, sells knickers (3 January 2008)

  https://www.theregister.com/2008/01/03/jammie_thomas_attorney_flees/

• Now RIAA says copying your own CDs is illegal (31 December 2007)

  https://www.theregister.com/2007/12/31/riaa_cds_copies_computer/

• Codemasters pledges to stay civil on file-sharing (7 December 2007)

  https://www.theregister.com/2007/12/07/davenport_lyons_codemasters_statement/

• Codemasters sets legal dogs on file-sharers (6 December 2007)

  https://www.theregister.com/2007/12/06/codemasters_file_sharers/

• World's Dumbest File-sharer megafine gets DoJ thumbs-up (5 December 2007)

  https://www.theregister.com/2007/12/05/jammie_thomas_fine_ok/

• BitTorrent site Demonoid.com downed by Canadian record industry (9 November 2007)

  https://www.theregister.com/2007/11/09/demonoid_cria/

• Surge in encrypted torrents blindsides record biz (8 November 2007)

  https://www.theregister.com/2007/11/08/bittorrent_encryption_explosion/

• World's Dumbest File Sharer demands retrial (16 October 2007)

  https://www.theregister.com/2007/10/16/jammie_thomas_demands_retrial/