MediaDefender's Emails Hit The Internet: Entrapment? The New York Attorney General's Office?

MediaDefender, a company that “disrupts” p2p on behalf of record labels and movie studios, suffered an embarrassing leak this weekend when 700MB of internal company emails were distributed on the internet. Oops!

ArsTechnica has a detailed analysis of the emails, concentrating mostly on MediaDefender’s “entrapment” website MiiVi. Earlier this year, MediaDefender was outed for surreptitiously operating the video upload service offering high speed downloads of copyright-protected content. While MiiVi’s true purpose is still not known, emails from before and after MediaDefender’s affiliation with the site became public show that MiiVi was intended for public use and was not “an internal project” as MediaDefender founder Randy Saaf told the press.

Shortly after the public launch of MiiVi in June, developer Ben Grodsky e-mailed Saaf and his colleagues to inform them that the site was beginning to receive traffic. “We have some success! 12 people have signed up on [the] page. 7 have installed [the] app,” wrote Grodsky. “This is from about 3,000 uniques from limewire redirects.” Grodksy sent another user count status update a week later revealing that the site had drawn 19,000 unique visitors from LimeWire redirects. He also informed Saaf that his team was “working on putting Google Analytics all over MiiVi” in order to “better track what people are doing on the site.”

MediaDefender went to great lengths to obscure its affiliation with MiiVi. “I don’t want MediaDefender anywhere in your e-mail replies to people contacting Miivi,” Saaf instructed company employees. “Make sure MediaDefender can not be seen in any of the hidden email data crap that smart people can look in.” Grodsky and Saaf also began discussing new ways to drive traffic to the MiiVi site. “If we want more users, Dylan’s eDonkey messages would get us a lot of Europeans that are a little bit older crowd,” Grodsky wrote. “I would like it if our pictures were indexed with goggle [sic]. We need to get as much search traffic as we can,” Saaf replied.

After MiiVi was exposed, MediaDefender pulled the site but immediately began plans to launch the second version—a MiiVi clone called “Viide.”

In addition to the information about MiiVi and Viide, Ars reports that the New York Attorney General’s office and MediaDefender are working together to provide the AG’s office with data collected from P2P users.

Although the full scope of the project cannot be extrapolated from the e-mails, the information available indicates that MediaDefender intends to provide the Attorney General’s office with information about users accessing pornographic content. Other kinds of information could be involved as well. The e-mails clearly indicate that the data provided by MediaDefender was intended to be used for law enforcement purposes. In an e-mail to Mairs, Bartram says that the system must be specifically designed “to satisfy the legal and evidentiary requirements” before use.

“On your end, the peer-to-peer crawler will be identifying files matching the established search criteria from various hosts,” wrote Bartram. “This data will then be collected, filtered for New York resident ip addresses (to the accuracy limits imposed by geo-query tech). The data will then be transferred to us where; on our end, a separate piece of software will use that data to connect into the network and download the file from a host and store it on our servers for evidence retention and further analysis.”

And if you were wondering what MediaDefender charges record companies for “protection,” look no further:

One month of media defense on a single track will cost you $2,000. An entire album brings in $4,000 a month.

MediaDefender targets the following networks: FastTrack, Gnutella, IRC, Usenet, DirectConnect, eDonkey, MP2P, Kademlia, Overnet, BitTorrent, SoulSeek, and Shareaza.

More at Ars Technica. Interesting stuff.

Leaked Media Defender e-mails reveal secret government project [Ars Technica]