by Mary Aiken
The Pirate Bay
Criminologists will tell you that one of the first entry points into criminal activity is ambivalence about the law—and a lack of regard for the rules of society, particularly if these rules are keeping you from an activity that’s either enjoyable or economically rewarding. In other words, you don’t have to descend to the Darknet underworld to find opportunities to get caught up in criminal activity online. It can begin benignly.
As the Washington Post put it on December 10, 2014—the day after the Swedish government finally shut down the world’s largest pirating site:
In the late hours of Tuesday night, the Pirate Bay abruptly disappeared from the Internet, the result of a surprise raid on the site’s servers by Swedish police in Stockholm.
But forget the big-picture questions of Internet freedom or intellectual property. The real problem, for millions of Internet users, is How am I going to watch TV?
If, like me, you aren’t into shoplifting and you haven’t joined the tech-trendy anti–intellectual property movement, you might need a few things explained. Software piracy is the mislicensing, unauthorized reproduction, and illegal distribution of software for business or personal use. The Pirate Bay was a site where, once you had the proper software, you could download large files for no charge—free games, videos, movies, songs, books, or apps. The stated intention of the Swedish activists who founded the site in 2003 wasn’t content theft, criminality, or bald opportunism. Actually, they said they weren’t in it for the money. Like Ross Ulbricht, they claimed it was an effort to disrupt the corrupt capitalist marketplace.
There it is again: a common code.
The anti–intellectual property movement is popular with the tech industry—and has lots of fans in cyberspace. Shrewdly, the administrators of the Pirate Bay publicized their site by organizing political rallies and circulating petitions about “the practical, moral, and philosophical issues of file sharing.” It claimed it was all about mutuality and reciprocity and brotherhood, not stealing.
In cyberspace, “torrent” refers to any type of file that is shared via the protocol BitTorrent, a peer-to-peer system (in tech-lingo, “p2p”) for sharing big files. Rather than coming from just one server, segments are taken from multiple sources at the same time. The result? Lower bandwidth, so delivery is faster. This makes the pirating easy and quick, something that is mandatory for success online.
It’s a little like fast food: probably best not to think about quality, nutritional value, or place of origin. But at least when you bite into a Big Mac, you have the moral comfort of knowing you paid for it.
Napster was the groundbreaking site that pioneered mass music file-sharing and not-paying. In just two years, between 1999 and 2001, it acquired 60 million registered users until the Recording Industry Association of America (RIAA) took the company to court and forced it into liquidation. Law enforcement caught up with the Pirate Bay eventually too, and its founders were charged with copyright infringement. But the site stayed up, often shifting to new domains until it settled on a secure, cloud-based infrastructure in 2012. By then, it had tens of millions of Internet users.
How big was the impact of peer-to-peer file-sharing? The recording industry, already grappling with challenges from new technologies in the shift to digital, claims there was a 45 percent drop in music sales in the first decade after Napster was launched. In the first five years that the Pirate Bay was in operation, approximately 30 billion songs were illegally downloaded on file-sharing networks. These financial losses compound once you consider the millions of lost jobs, failed businesses, and uncollected tax revenue—and that’s before you factor in the impact on undiscovered creative talent.
But there were other costs, possibly greater. Once it began, the trend of pirating continued to become more popular, more prevalent—and cool. In 2010, an episode of Game of Thrones broke a piracy world record when it was shared 1.5 million times on the Pirate Bay within the first twelve hours of its original airing.
Rather than throwing a colossal and very uncool tantrum, Jeff Bewkes, the CEO of Time Warner, took another approach. “Game of Thrones is the most pirated show in the world,” he bragged. “Well, you know, that’s better than an Emmy.”
Hmmm. Is it really?
It costs HBO about $6 million to make each episode of Game of Thrones, two or three times the budget of a typical network or cable show. Could the executives at the premium cable channel really have been happy about that much lost revenue?
Or does HBO have to play along, just to stay popular? I guess that’s the cost of being cool. Which brings me to another puzzling conundrum of human behavior: Why do people break the law when they know it’s wrong?
Justifications for content theft online are plentiful and apparently compelling, according to the many studies that have been done on the behavior. To start with, some do not regard this as theft at all but more like sharing a library book. Next, there’s also considerable difference in how people regard the theft of tangible property versus intangible property, even though, from a moral and ethical perspective, there is no difference.
What do I mean? A person who feels nonchalant or ambivalent about downloading pirated material probably would never steal a CD from a record store or a yoga mat from a yoga studio. Tangible theft is commonly regarded as an ethical breach—a crime. But intangible theft seems…well, less real.
Everything is intangible in cyberspace. Does this mean that people are more willing to steal there? Some studies argue yes.
Another explanation for the prevalence of online theft (and other crime) may relate to the cyberpsychology construct minimization of status and authority online, which I flagged in a 2014 Europol report. There is little apparent governance in cyberspace, and therefore the risks of getting caught are perceived as being minimal. Why pay for an HBO service if there’s practically no negative repercussion?
The propensity to engage in online theft could also be fueled by the effects of perceived anonymity and online disinhibition. Last, the prevalence of online theft itself creates a shift in social outlook. When so many people are talking openly and posting about having pirated the latest Game of Thrones, it can change the perception of wrongdoing. It can normalize and socialize the activity. Sooner or later the law can cease to reflect the moral perceptions of the crowd. That’s the funny thing about moral perceptions: If enough people are breaking a law, it stops being regarded as immoral. As in the case of extreme cyberbullying and other problematic behaviors described in previous chapters, the fact that individuals who are inclined toward online piracy can easily syndicate with large groups of like-minded people means they are much more likely to regard their own behavior as normal.
This kind of cyber-socialization occurs each time an individual visits a pirating site where the index shows uploaded content from thousands of participants around the world.
How could so many generous file-sharers be wrong?
Attempts at deterring the behavior have also been ineffective. People have sought to make examples of piracy with widely publicized arrests, like the fifteen-year-old boy in Sweden who used his school servers to illegally download twenty-four movies, including The Social Network, The Mechanic, and The Fighter. Soon afterward, a virus was discovered on the school servers, which was traced to him. Rather than simply calling the boy into the principal’s office for a tough chat, and assigning punishment for both introducing the virus and downloading illegal files, the school policy required that a call to the police be made for any actual crimes on campus. While more than eighteen thousand people were sued by the recording industry for illegally sharing music in the mid-2000s, most of those cases were settled out of court. The case of the fifteen-year-old boy in Sweden, though, was not. He faced up to two years in jail.
Does that seem fair? Probably not to the boy in Sweden. And probably not to millions of others who argue that piracy is a victimless act that causes no real harm to artists and the recording industry, both of wh
ich could afford the financial loss. It doesn’t seem to matter to them that it is still stealing. I enjoy the discussion of ethics and morals online, but it’s troubling to me that nobody else seems to care. What it says to me: A new norm has effectively been created.
In real life, a new norm can be created quickly, in a generation. But as I have discussed in previous chapters, due to cyber effects, norms evolve online at the speed of light. How long did it take before we were all taking selfies—or before the Oxford English Dictionary had anointed the word? Changes occur so quickly online that it is hard to keep up. We may be raising a generation of what I call virtual shoplifters who have a different sense of beliefs about property rights, privacy, national security, and authority.
Does that sound cool?
Coolness is just another aspect of peer pressure that serves the creation of new norms. Coolness is a way to win approval for cleverness, for knowingness, and for being an early adopter of new technology, new behaviors, and apparently new ethics. Coolness can also win you a free one-way slide down the moral slippery slope.
The cyber environment, whether we’re talking about the Surface Web or the Deep Web, makes the slope even steeper and slipperier. Even with the popularity of streaming sites like Spotify and Pandora, which offer better sound quality and custom channels—a business model that was essentially designed to combat piracy—the robbing of songs and movies and TV shows goes on.
A move to decriminalize piracy in the U.K. is a further indication that society’s norms, impacted by technology, are beginning to dictate the law. After four years of discussion, and despite pressure from the entertainment industry—which asked for Internet service providers (ISPs) to keep a database of suspected illegal downloaders and to threaten prosecution—the government has decided to send persistent file-sharers “educational” warning letters. A maximum of four letters, which will escalate in severity, will be sent. But there will be no threats of legal action. Why? “We found that many people are not necessarily aware that what they are doing is illegal,” said a spokesperson for the U.K. Department for Business, Innovation and Skills. “The new alerts make users aware of the impact of illegal downloading and will help promote the use of legal digital content.” This amounts to little more than a slap on the wrist.
In other words, on the high seas of cyberspace, it appears the pirates have won.
Psychology of the Hacker
Not long ago, I was invited to join the Steed Symposium panel on cyber-security at the Los Angeles Film Festival and found myself sitting on a stage with blinding lights, awkwardly perched on a very tall director’s chair. I don’t want to go on too long about this chair, but it was really cool-looking and probably the most uncomfortable thing ever to sit on—a narrow seat, rigid back, unnaturally and uncomfortably high off the ground, with a tiny band of wood for a footrest, only an inch wide, which seemed to be the only thing keeping me from tumbling down to the floor in front of several hundred people.
Next to me, perched on his own precarious chair, was a famous ethical hacker, Ralph Echemendia, a brilliant self-taught tech expert who had recently served as the subject-matter expert on Snowden, the Oliver Stone movie.
Ralph was radiating swagger, and had a unique, ineffable vibe—like a cross between a Mexican gunslinger and the lead singer in a heavy metal band. Based on our differences—I am definitely not cool, am not self-taught, and am pro-governance—and based on what I knew about hacker culture, I suspected that Ralph and I would have nothing in common and very little to say to each other.
I looked out into the audience. Their faces were like those of the participants of all the other cyber-security conferences I’ve attended—they had that look of grim determination and endurance. The same issues and problems would probably be discussed. And no one was likely to come away any wiser. And meanwhile, it wasn’t going to be much fun, either.
At cyber-security conferences and summits, while the participants are talking about vulnerability or privacy for the one-millionth time, I am always thinking, So what is the motive behind this behavior? What is the cyberpsychology? One way or another, everything that involves human beings must come back to human behavior—and to motives—no matter where they are, including cyberspace. Which brings me to an interesting question.
What is the motive behind hacking?
The common definition of a hacker is a person who secretly gets into a computer system intending to do damage. Since the earliest days of computer networks, the most highly skilled technicians, programmers, and coders at the world’s foremost university computer-science departments have enjoyed swapping stories of hacking, sometimes done as a practical joke, sometimes done more maliciously. There are lots of examples of how a clever hacker has exploited social convention to gain entry by using private information, such as finding out someone’s birthday and sending them an email with a masked and malicious link. This kind of socio-technical approach runs through the whole phenomenon of malware and other cybercrime tools such as worms, Trojans, spyware, keyloggers, ransomware, and rootkits, to name a few. Because hackers understand both tech and human behavior, they have an advantage over those who don’t, which only makes a stronger case for all of us becoming more savvy about human behavior online, in order to properly protect ourselves.
As with pirates, there are folkloric aspects to hackerdom, as well as a David-and-Goliath story line that appeals to young people. Hackers seem magical, almost superhuman. And like superheroes, they are often individuals who are regarded as weak-bodied nerds in the real world. That’s until they deploy their special powers—the brains and the tech skills to upset an entire corporation, a bank, a health insurance provider, or an entire nation. Like Superman’s nemesis, Lex Luthor, some claim they can bring down a power grid and turn the lights off in a vast metropolis with a click of their index finger. They are swashbuckling in their way, inventive and courageous, as well as defiant.
And, yes, pretty smart.
Motives for hacking? There’s an array of them: boredom, emotional release, monetary gain, curiosity, political or religious or philosophical beliefs, sexual impulses. Before we get to that last one, let’s look at hacker culture.
Hackers also have a famous code, or something like a code, “The Hacker’s Manifesto,” an essay written by “The Mentor” (a.k.a. Loyd Blankenship) that has been shared for three decades now, since 1986—and still has relevance today:
Another one got caught today, it’s all over the papers. “Teenager Arrested in Computer Crime Scandal,” “Hacker Arrested after Bank Tampering.”…Damn kids. They’re all alike. But did you, in your three-piece psychology and 1950’s technobrain, ever take a look behind the eyes of the hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him? I am a hacker, enter my world….Mine is a world that begins with school….I’m smarter than most of the other kids, this crap they teach us bores me….Damn underachiever. They’re all alike.
Talented and lawless, beyond society, the criminal hacker’s story could be taken from the pirate playbook, like a mash-up of Bluebeard and Revenge of the Nerds with a dash of teenage narcissism à la Holden Caulfield thrown in. And while Edward Snowden isn’t truly one of them, his sharing of confidential NSA files raises the same questions that are raised by the persistence of hacking in our culture.
Is it heroic or criminal?
Are hackers courageous—or just angry?
According to technology writer Debra Littlejohn Shinder, typical criminal hackers share a set of personality traits:
• They have a tolerance for risk.
• They tend to have a “control freak” nature and enjoy manipulating or outsmarting others.
• They have advanced tech skills (to varying degrees) but at the very least can manipulate code.
• They have a certain disregard for the law or rationalizations about why particular laws are invalid or should not apply to them.
The media and popular entertainment of
ten use the term hacking in a derogatory way. A more accurate view of hacking is not always negative. While there are still hackers, or “black hats,” who violate cyber-security due to pure maliciousness or for personal gain, like stealing credit card numbers (or “carding”) or cooking up a new virus, there has been a rise in “white hats” or “ethical hackers,” who use their skills for good, ethical, and legal purposes. They are often employed by large organizations to test their computer security systems. This is called penetration testing. If these hackers find vulnerabilities, they will disclose it to their client.
Falling somewhere in between are the “gray hats.” They don’t work for their own personal gain but may do unethical things or commit crimes, which they tend to justify as for a good cause. For instance, they might test the security of a cyber system, looking for vulnerability, and let the operator know about it.
Suppose, say, that you woke up in the morning and heard a knock at your bedroom door. You opened it and found an ethical burglar standing there, wanting to tell you that he had broken into your house, bypassed your alarm system, entered your bedroom the night before, and left a note by your bedside. Your house has a serious security flaw. What would you say to this intruder? “Thanks”? That’s what gray-hat hackers do, and they don’t always get thanked for it.
At the start of the Steed Symposium, after introductions were made, a short film was aired. It was set in the future—2024—and told the story of a woman who had been given a brain implant, a chip that regulated and controlled her. She had committed a murder, in fact. But she had no motive. She had been directed to kill a man by the chip implanted in her brain.
The audience perked up—hey, maybe this was going to be a good night after all.