People who torrent are monitored, recorded within 3 hours of download [Study]

Do you enjoy the occasional movie off of The Pirate Bay? Or maybe you prefer a “private” torrent club? As it turns out, regardless of if you are torrenting off The Pirate Bay or exclusive, members-only torrent clubs, your IP address is not safe.

Dr. Tom Chothia and other computer scientists from Birmingham University conducted a three-year research study in which they found a somewhat astonishing trend: the IP addresses of people who illegally torrent popular content is monitored and recorded within three hours of the download.

As part of their research, Dr. Chothia and his team developed their own BitTorrent tracker that logged all the connections that where made to it. According to their research paper, Dr. Chothia and team used their tool to “gather newly-published torrent files from the Top 100 in each category on The Pirate Bay, and continually contacts each of the trackers and stores (IP address, port number, infohash, time) tuples from the peer lists that are returned; it then attempts to establish a TCP connection with each host and sends a handshake message to ensure that the host is in fact BitTorrent peer. The monitor also requests from trackers the number of seeders and leechers in each swarm.” Using this method, the team was able to gather over 150GB worth of BitTorrent activity involving 1,033 swarms and 421 trackers, over a time span of roughly two years.

In the process of the just-mentioned data mining, the researchers discovered roughly 10 monitoring companies that were (are) logging downloader data. Some of these monitors were identified as copyright enforcement firms, researchers, and security firms while the six biggest monitors were unable to be identified because of the way they routed their traffic through third-party services.

According to Dr. Chothia, it does not matter if you are a regular downloader or download once a in a while — the above-mentioned monitoring companies log the data of anyone and everyone. If you downloaded popular content, your information is logged within roughly three hours while the monitoring of less popular content is also prevalent but not as much.

You don’t have to be a mass downloader. Someone who downloads a single movie will be logged as well. If the content was in the top 100 it was monitored within hours. Someone will notice and it will be recorded.

-Dr. Chothia

While it may seem plausible for monitoring to happen on public torrent trackers, private torrent clubs should prevent it, right? Not so. Dr. Chothia’s team discovered that private torrenting clubs, you know the ones that provide access to members only and supposedly blacklist monitoring firms, are not very effective:

Many of the monitors we found weren’t on the blocklists so these measures to bypass the monitors aren’t really working.

Interestingly enough, while some of the logged information will definitely be used to try to extort money out of illegal file sharers, the researchers mention that some of the firms collecting the torrent data are “simply sitting on the data” in the hope that such information will be useful in the future. On the other hand, other monitoring firms are selling the collected data for marketing purposes — to help show what movies, TV shows, etc. is popular where.

As expected, people aren’t exactly happy about this despite the questionable actions of file sharers. As one commentator puts it, file sharing may be illegal but so is monitoring Internet usage without a warrant (or so he thinks) — does that mean the victims of torrent monitoring can sue the monitors:

Okay illegal downloading is stealing, but what of monitoring my internet use without a court order. Can I demand a copy of all their info under data protection? Can I correct errors? Can I sue the monitors for breech of privacy? Doesn’t all this sound slightly one sided? Once again big business rides over the rights of the little guy who can do nothing to stop them.

Legal or not, the bottom line is monitoring and logging of people that torrent is going on. So keep that in mind the next time you go to download The Twilight Saga.

[via BBC | Image via nrkbeta]

Share this post

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

14 comments

  1. sl0j0n

    Hello, all.
    Well, I think that most of us *should* be somewhat disturbed by this.
    I’ve used torrents, but its been almost exclusively to download software.
    Legal, legitimate and usually freeware.
    Now, if the point that Horrabin makes is valid, nobody has any business tracking the kinds of torrents that I typically use.
    While its been a while (years?) since the last time I used a bittorrent client, [installed µtorrent over a year ago, never used that install] and I can’t even remember the last files dwnldd via torrent, I do know that ASUS uses torrents to lighten the load on their servers.
    Tho I usually do tho direct dwnld, myself.
    So, my question is;
    what do youse guys think?
    Is ‘legal’ to track the torrent user,
    if the torrent is legit,
    like ASUS’ mobo’s BIOS’ and drivers?
    Have a GREAT day, neighbors!

  2. Dr. Who Dat

    You don’t have to be faster than the bear chasing you, just faster than the guy next to you.

    Similarly, you don’t have to be stealthy in this situation, just stealthier than the guy next to you. If a tree falls in the woods, nobody’s gonna hear it if they’re all focused on the asteroid that has struck the earth elsewhere. It’s no longer about privacy on the net, it’s about consequences and removing yourself from the low-hanging fruit category.

    Not using torrents is a good start and SWIM says there are better alternatives should you need to keep your activities on the down-low. Using a VPN tunnel is another. Of course, this is all relative to the nature of your activities. Plotting to view The Lion King gratis is one thing; plotting to become the next OBL quite another.

    No anti-copyright infringement nor national security efforts were harmed in the posting of this message.

  3. fermier

    @tony:

    Very good….vs the 99.9% “I could care less,” which means exact opposite.

    As for private browsing, do you know if a program such as Sandboxie would work? Not that any of us would ever go to these wicked placed anyhow.

  4. Horrabin

    There is also a point many people miss….. not all torrent activity is illegal. World of Warcraft, for instance, uses torrents for updates, although you have to be logged in; a number of other companies use torrents for distribution of stuff also, quite legally. I am concerned though if an instance like this is monitored in this fashion, is it legal to do so? Party one is clearly communicating information of value to party two, although once the initial file leaves the originating server eventually you’ll get a piece of it from party 45,000 or so. But the file originally is meant (in part) for you as well as the other 39,999 users. Since they say they can get into and log “private” torrents, who knows?

  5. Seamus McSeamus

    Everything we do on the internet is logged, no doubt. Here in the US anyway. I mean, all our text messages, email and phone conversations are sucked into an NSA database, so why not all our internet activities as well?

  6. Jazz

    I find it hard to sympathise with people who get angry because someone is watching them when they do something illegal. If you don’t want to be logged, then stay away from illegal activity or accept the penalty.

    I do, however, sympathise with people who get angry when innocent actions are stealthily logged or abused. If either stealth or abuse is imposed on innocent people, that is the thing that should be condemned in public.

  7. Ashraf
    Author/Mr. Boss

    @acr: You tell ‘em acr!
    For what it is worth, in the article I was reporting on what the commentator felt not necessarily how I feel. I don’t know enough about the law to declare recording of IP addresses without a warrant legal or not.

  8. acr

    I’m not sure monitoring internet activity would require a warrant, especially monitoring illegal downloading. Off the top of my head at 2:00 a.m. in the morning, I don’t think a warrant in the U.S. would be needed unless the internet was used for communication or if there was a legitimate expectation of privacy. Generally, there is no expectation of privacy on the internet in non-communication activity. Would a private company monitoring internet downloads be breaking the law? Perhaps, but most ISP’s monitor internet activity anyway. It would be hard to establish a cause of action against a monitoring company. How has a person who downloads illegal files been damaged to an extent that he should expect monetary compensation?