MediaDefender's Emails Hit The Internet: Entrapment? The New York Attorney General's Office?

MediaDefender, a company that “disrupts” p2p on behalf of record labels and movie studios, suffered an embarrassing leak this weekend when 700MB of internal company emails were distributed on the internet. Oops!

ArsTechnica has a detailed analysis of the emails, concentrating mostly on MediaDefender’s “entrapment” website MiiVi. Earlier this year, MediaDefender was outed for surreptitiously operating the video upload service offering high speed downloads of copyright-protected content. While MiiVi’s true purpose is still not known, emails from before and after MediaDefender’s affiliation with the site became public show that MiiVi was intended for public use and was not “an internal project” as MediaDefender founder Randy Saaf told the press.

Shortly after the public launch of MiiVi in June, developer Ben Grodsky e-mailed Saaf and his colleagues to inform them that the site was beginning to receive traffic. “We have some success! 12 people have signed up on [the] page. 7 have installed [the] app,” wrote Grodsky. “This is from about 3,000 uniques from limewire redirects.” Grodksy sent another user count status update a week later revealing that the site had drawn 19,000 unique visitors from LimeWire redirects. He also informed Saaf that his team was “working on putting Google Analytics all over MiiVi” in order to “better track what people are doing on the site.”

MediaDefender went to great lengths to obscure its affiliation with MiiVi. “I don’t want MediaDefender anywhere in your e-mail replies to people contacting Miivi,” Saaf instructed company employees. “Make sure MediaDefender can not be seen in any of the hidden email data crap that smart people can look in.” Grodsky and Saaf also began discussing new ways to drive traffic to the MiiVi site. “If we want more users, Dylan’s eDonkey messages would get us a lot of Europeans that are a little bit older crowd,” Grodsky wrote. “I would like it if our pictures were indexed with goggle [sic]. We need to get as much search traffic as we can,” Saaf replied.

After MiiVi was exposed, MediaDefender pulled the site but immediately began plans to launch the second version—a MiiVi clone called “Viide.”

In addition to the information about MiiVi and Viide, Ars reports that the New York Attorney General’s office and MediaDefender are working together to provide the AG’s office with data collected from P2P users.

Although the full scope of the project cannot be extrapolated from the e-mails, the information available indicates that MediaDefender intends to provide the Attorney General’s office with information about users accessing pornographic content. Other kinds of information could be involved as well. The e-mails clearly indicate that the data provided by MediaDefender was intended to be used for law enforcement purposes. In an e-mail to Mairs, Bartram says that the system must be specifically designed “to satisfy the legal and evidentiary requirements” before use.

“On your end, the peer-to-peer crawler will be identifying files matching the established search criteria from various hosts,” wrote Bartram. “This data will then be collected, filtered for New York resident ip addresses (to the accuracy limits imposed by geo-query tech). The data will then be transferred to us where; on our end, a separate piece of software will use that data to connect into the network and download the file from a host and store it on our servers for evidence retention and further analysis.”

And if you were wondering what MediaDefender charges record companies for “protection,” look no further:

One month of media defense on a single track will cost you $2,000. An entire album brings in $4,000 a month.

MediaDefender targets the following networks: FastTrack, Gnutella, IRC, Usenet, DirectConnect, eDonkey, MP2P, Kademlia, Overnet, BitTorrent, SoulSeek, and Shareaza.

More at Ars Technica. Interesting stuff.

Leaked Media Defender e-mails reveal secret government project [Ars Technica]


Edit Your Comment

  1. NefariousNewt says:

    It’s amazing how the rats scurry when the light is switched on. This was not so much a leak as a volcanic eruption, as if somehow the company could hold it in no longer. Which begs the question: who leaked the material? A developer with a conscience? A contractor who had just been released from their contract? A tech who was doing a routine monthly dump of emails and accidentally clicked the wrong button?

    It strikes me as funny that group known for under-handed doings on the Internet and is the bane of free information lovers everywhere would be cooperating with the NY Attorney General’s office. Perhaps they were hoping to get on the NYAG’s good side to avoid the possibility of being sued by the same down the road. When you dabble in the black arts, you run the risk of being turned into a toad.

  2. Buran says:

    Isn’t it only entrapment if the government does it? e.g. if the police entrap you? Distasteful as this is, it’s a private entity doing it, and you weren’t forced or lured into doing anything, really, so this isn’t entrapment.

  3. axiomatic says:

    These MediaDefender guys were (yes, past tense) obviously the “keystone cops” with their poor job of covering their tracks and failing to follow even the most important credo of a sting operation “secrecy.”

    Good riddance!

    However, now that the idiots have been outed, there will most defiantly be a more serious implementation of this plan. Be careful, be smart people. Use encrypted P2P, use Usenet aggregation sites, whatever it takes, just don’t get caught.

    In my opinion, there is nothing new to pirate. I stopped buying RIAA music 7 years ago and am quite happy with my Sirius radio subscription.

    But this is not to say that I think P2P should go away. It has many lawful uses and companies like MediaDefender are doing the internet and American citizens a dis-service.

    Keep fighting, but please be smart, and be civil.

  4. Buran says:

    @axiomatic: Fight them legally. Breaking the law just gives them ammunition. Don’t use the “but I want their product so I’ll cheat to get it” tactic — find alternatives that show that you’ll get what you want, legally, without purchasing anything from them.

    Boycotting beer company A? Don’t steal their beer from a store — buy company B’s beer so that company A sees that there’s money out there that their distasteful practices are causing them to miss out on.

    Sends a much better message.

  5. Sonnymooks says:


    You’ve got it right. Only the government is restricted. Divorce lawyers are the most famous group when it comes to using entrapment. Private anti-discriminations groups also do it quite frequently.

    Corporations are pretty much just driving down roads already paved and well traveled.

  6. scoobyhed says:

    @Buran: What is company B’s beer in your analogy? Where am I supposed to legally get the music I like? There isn’t a (major) competing system to the RIAA out there. It’s more like boycotting beer company A and having the only alternative be moonshine from the crazy old bearded guy up on the mountain.

  7. mac-phisto says:

    Make sure MediaDefender can not be seen in any of the hidden email data crap that smart people can look in.

    lol. that’s awesome.

  8. TechnoDestructo says:


    For me, this isn’t about what I buy, this is about what I find out about in the first place. When it comes to music, I pretty much ONLY find out about new music (or older music I just didn’t know about before) via illegal means.

    Almost non-subscription LEGAL channels that used to showcase a diversity of music have been homogenized, while the mainstream recording industry has been NEUTERED. These two phenomena are not unrelated.

    I stopped buying new music in 1995-96, when every band I liked put out a shitty album. I didn’t start again in earnest until Napster. I stopped again (except direct from the artists) after about a couple years of file sharing lawsuits.

    It’s too late to give radio (even college radio…that college radio could go down the same path as commercial radio is sad) its freedom back. File sharing, and user-controlled internet radio (I listen to an unauthorized, mostly illegal, entirely user-controlled station) are so starkly BETTER at letting people find things they like that there is no going back.

    As long as the music industry longs to control that like they control radio, they can forget about getting a dime from me.

  9. goodguy812 says:

    you can never stop illegal downloads. i can remember before there was napster, you would go to a private mp3 chat room where servers would e-mail you a list, and you could request songs to be e-mailed to you. there will always be a new way around whatever. the music industry is never going to be able to completly stop it. i think the only way i would stop, is if the price of cd’s would go down. i use to be able to buy new tapes for $7-$8. (and they wouldn’t get scratched up or skip). but to pay $18 dollars for a disc that has an avg life expectancy (under normal use) of less than a year? gimmie a break! unless you treat a cd like its your most valuble possesion, its going to scratch and skip.

  10. goodguy812 says:

    uuggh!!! i cannot see my posts again!

  11. drjayphd says:

    @goodguy812: Wait, what are you doing to your CD’s that they only last a year? I haven’t had anything get so horribly scratched that it wouldn’t play right unless I bought it that way (and that’s how you counter the exorbitant prices, kids, buy used).

  12. Angiol says:

    @Buran: If I recall correctly, they were sharing songs at the request of the RIAA… in order to harvest IPs that they could sue. The clean hands doctrine could come into play here.

  13. Trai_Dep says:

    Yeah, Congress (and Clear Channel) killed the golden goose. Used to be able to discover new bands on the radio. Now it’s useless. And I’ll eat broken glass before I’m extorted to spend $150/yr on subscription radio b/c the Powers That Be went along and destroyed the one that uses public – our – airwaves.

    Paired with label execs bemoaning the fact that, if only they could get away with publishing six titles per genre (they choose, of course), they’d be so much happier. Indicates the industry is purposefully homogenizing our music, rigging the game thru payola (whatever they call it this week), closing down alternative channels (internet radio, P2P, anything that won’t be spoon-fed).

    Then they wonder why sales are down.

    “But Brittney has a new single,” they exclaim.

    Die flaming death.

  14. Trai_Dep says:

    PS: although, if the RIAA types are reading, I buy over 20 double CDs a year, mainly thru Amoeba Records used bins… About the only retail bricks retailer they haven’t destroyed. Probably buy twice that if they didn’t make it so difficult to discover new music.

    It seems that before the mid-90s, the labels’ job was discovering new talent and getting it out. Now it’s about limiting choice and preying on their honest customers. It’s worked pretty well for you so far, huh guys?

  15. Ickypoopy says:

    The e-mails were supposedly auto-forwarded to a GMail account by on of the employees for “easier access” while away from the company computer. Someone got the password to his gmail account and nabbed the e-mails.

  16. sammyboy says:

    LOL! My boyfriend’s sister works at this company! They called me from work today to scout hacking websites to see if they posted any of her personal information. She and everyone at her company had to go home early. Work’s closed due to raids >XD

  17. sammyboy says:

    Also to add to this, apparently they don’t track IP’s there, they just flood the P2P services with dud files with the names of popular music.

    That’s what I’ve been told, but who knows.

  18. magus_melchior says:

    “One month of media defense on a single track will cost you $2,000. An entire album brings in $4,000 a month.”

    <sarcasm>I suppose that’s the rationale behind the recording companies’ huge claims for infringement…</sarcasm>