Six months ago, authorities in the United States and eight other countries moved against Megaupload following a grand jury indictment that charged the company and its officers with five federal charges stemming from a “mega-conspiracy” of criminal copyright infringement. Police in New Zealand arrested the site’s founder, Kim Dotcom, and three other Megaupload employees at Dotcom’s mansion (two other employees indicted were arrested a few days later in Europe while the last employee charged in the indictment remains at large). The indictment alleges the company and its employees made over $175 million in illegal profits, and the case is considered one of the largest criminal copyright cases in US history.
There are a lot of moving parts to this case already — no surprise, given its size and complexity — so a quick update may be helpful. The New Zealand Listener has put together a handy timeline of the Megaupload case. Specifically, I want to look at some of the issues that have made headlines recently, including the New Zealand extradition proceedings, a motion to dismiss filed in the US, a New Zealand ruling that certain search warrants were illegal, and a US proceeding seeking access to user data stored on Megaupload servers.
The formal request for extradition of Dotcom and three other Megaupload defendants in New Zealand was filed on March 2nd. The hearing was originally scheduled for August, but the hearing has been postponed until at least March 2013, due to the growing legal complications surrounding the case.
Under New Zealand law, extradition is governed by the Extradition Act of 1999 and any bilateral treaty in place. The United States and New Zealand entered into an extradition treaty in 1970. That treaty lists thirty-two offenses for which subjects can be extradited; criminal copyright infringement is not one of them. However, under New Zealand’s Extradition Act, section 101B, someone may also be extradited for offenses that carry a penalty of not less than one year in the requesting country and involves conduct that would be criminal had it occurred in New Zealand and carries a similar penalty. Extradition of suspects indicted but not convicted require an arrest warrant and any accompanying depositions.
Here, the extradition hearing is likely to hinge on whether the offenses Dotcom has been charged with are offenses in New Zealand that would carry a similar penalty. Admittedly, the primary operation of Megaupload presents a novel set of facts for criminal liability of copyright infringement even in the US, but the indictment also alleges a number of the defendants personally uploaded infringing works to the service, which, by itself, could be sufficient to constitute an extraditable offense under New Zealand law.
And, in an odd twist, the New Zealand judge who had been presiding over the extradition proceeding stepped down last week after calling the US “the enemy” at a copyright conference earlier this month. Judge Nevin Dawson, who granted Dotcom bail in February, will be taking over the case.
Motion to Dismiss
On July 3, Megaupload filed a motion to dismiss for lack of personal jurisdiction. The motion to dismiss applies only to the Megaupload Limited corporation itself — it does not pertain to Kim Dotcom, or the other individual defendants, personally, nor does it pertain to Vestor Limited, the other corporate defendant indicted.
Corporations, as separate entities, have long been held liable for criminal actions. Said the Supreme Court in 1909 (quoting an earlier criminal law treatise):
Since a corporation acts by its officers and agents their purposes, motives, and intent are just as much those of the corporation as are the things done. If, for example, the invisible, intangible essence of air, which we term a corporation, can level mountains, fill up valleys, lay down iron tracks, and run railroad cars on them, it can intend to do it, and can act therein as well viciously as virtuously.
But, like with individual defendants, before a case can proceed against a corporation, the court must have personal jurisdiction over it, and before a court can exercise personal jurisdiction, the corporation must be properly served. Megaupload’s attorneys argue that charges against the company should be dismissed because it wasn’t properly served under Federal Rules of Criminal Procedure 4(c)(3)(C). Under that rule:
A summons is served on an organization by delivering a copy to an officer, to a managing or general agent, or to another agent appointed or legally authorized to receive service of process. A copy must also be mailed to the organization’s last known address within the district or to its principal place of business elsewhere in the United States.
Megaupload basically argues that, under the second portion of that rule, a corporation can never be held liable for crimes committed in the United States so long as it doesn’t maintain an office or address within the country. The United States responded that Megaupload’s reading of the Rule can’t possibly be correct — “Neither the facts, the law, nor common sense and the interests of justice, which the Federal Rules of Criminal Procedure are designed to serve, support as extreme a remedy as the outright dismissal sought by defense counsel” — and offers a number of arguments against it, as well as alternative methods that could be used to properly serve Megaupload. The court will hear oral arguments on the motion on July 27.
Should the court grant the motion to dismiss Megaupload Limited, the effects are unclear. Vestor Limited and the other indicted defendants, including Dotcom, would still remain. Given the allegations of personal involvement by the defendants, and the fact that Megaupload Limited can be considered merely a corporate “alter ego” of these defendants, dismissal may turn out to be mostly a symbolic victory.
Search Warrant Illegal
On June 28, a New Zealand judge ruled that certain search warrants, used to gather evidence from Dotcom’s mansion during his arrest, were illegal. The search warrants were executed by New Zealand police, on behalf of the US pursuant to New Zealand’s Mutual Assistance in Criminal Matters Act (MACMA). The US had requested the warrants to search Dotcom’s residence for evidence that could be used to “demonstrate that the mega-conspiracy’s directors and employees were aware that Megaupload’s websites were regularly used to reproduce and distribute infringing copies of copyright works, to gain a better understanding of and document the mega-conspiracy’s activities, and to identify additional individuals who were working with the mega-conspiracy.”
The judge concluded that the search and seizure was overly broad and, thus, illegal. She also held that the New Zealand Central Authority breached MACMA when it shipped clones of hard drives seized to the FBI. The immediate impact of the ruling is unknown. New Zealand police and the FBI haven’t responded, and it is highly likely the ruling will be appealed up through the New Zealand court system. If the warrants were illegal, the New Zealand police may be able to cure the defect with new, narrower warrants. Or, some of the evidence may become excludable at trial as “fruit of the poisonous tree.”
I’m not familiar with New Zealand extradition proceedings, so take this with a grain of salt, but I doubt this ruling would affect Dotcom’s extradition hearing. The evidence seized here was for the US criminal trial; the extradition hearing is similar to a preliminary hearing or grand jury in that the judge is primarily concerned with whether there is sufficient evidence for a trial to proceed, evidence which the US had already submitted.
The entry of third parties seeking access to their own data that had been uploaded to Megaupload adds a collateral issue to this case. On June 29, a hearing on the motion was held, and a decision is forthcoming.
MegaUpload leased over 500 servers from Virginia based Carpathia Hosting as part of its business. As part of its investigation, the United States served a search warrant on Carpathia. It copied select data from the servers and then released the servers back into the custody of Carpathia.
Carpathia later moved for a protective order regarding the servers. According to the order, it is costing Carpathia thousands of dollars a day to preserve the servers, and the company is losing money because it cannot repurpose the servers for other clients. As the company notes, “Carpathia does not have any legal obligation to preserve evidence on the Mega Servers” — it likely could delete the data on the servers and put them back into use without liability. However, it has so far refrained from doing so because several parties have expressed interest in the data. Those include MegaUpload itself, which wishes to examine the servers for evidence to prepare for its defense in the criminal trial, and the Electronic Frontier Foundation, which, according to Carpathia, “claims to represent the interests of end users who have non-infringing content stored on the Mega Servers and has requested that the data be preserved in order to facilitate its return to Mega users who have not engaged in copyright infringement.”
In May, an individual who had an account with MegaUpload before it was indicted filed with the court to have his property returned. In response, the US has reiterated that it has no continuing interest in the servers or data. The MPAA, an interested non party, told the court that it has no position in the matter, but whatever the court decides to facilitate return of user data, “it is essential that the mechanism include a procedure that ensures that any materials the users access and copy or download are not files that have been illegally uploaded to their accounts.”
Demand Progress, a 527 group which specializes in writing strident headlines, added its own two cents with its own court filing. The PAC told the court, “Our sincere hope is for the immediate return of all property not related to Mr. Dotcom’s indictment and a clear pronouncement that the seizure of the private property of innocent third parties is not countenanced by our Constitution.” But Demand Progress has it entirely wrong: the US never seized Megaupload’s servers in the US and is not exercising any continuing custody over them.
As the Government notes in its brief:
The government does not possess any of Mr. Goodwin’s property, nor does it seek to forfeit it. The government also does not oppose access by Kyle Goodwin to the 1103 servers previously leased by Megaupload. But access is not the issue – if it was, Mr. Goodwin could simply hire a forensic expert to retrieve what he claims is his property and reimburse Carpathia for its associated costs. The issue is that the process of identifying, copying, and returning Mr. Goodwin’s data will be inordinately expensive, and Mr. Goodwin wants the government, or Megaupload, or Carpathia, or anyone other than himself, to bear the cost.
The US later points out, “Mr. Goodwin does not argue that the actual search violated his rights – he actually argues the opposite. Mr. Goodwin claims that the government’s failure to seize his information led to its abandonment ‘under circumstances in which it was both inaccessible and potentially subject to destruction.'”
From a legal standpoint, I don’t see how the court can exercise its jurisdiction over Megaupload’s servers as Goodwin and Demand Progress have asked. Courts can exercise jurisdiction where the federal government once had property but later gave it away, lost it, or destroyed it. But a court can’t force the government to return property it never possessed, as here.
In the event the court denies any relief, Goodwin is unfortunately in the same situation as he would be had Megaupload stopped paying its bills to Carpathia — he could seek a remedy from Megaupload (highly unlikely, given that Megaupload’s terms of service waived all liability for loss of data) or arrange to recover his data himself from Carpathia.