Tech/Horsepower

News broke this morning that The Pirate Bay, arguably the most popular BitTorrent tracking service allowing peer-to-peer sharing of copyright (illegal) and other content is probably being sold to a Swedish software company. This has severe implications for privacy and personal data security perhaps unlike we’ve seen before.

As of this writing, the website boasts 3,724,336 registered users and certainly a greater number of unregistered users, each one with their own private download/upload history and information to the depth of which one can only speculate. The risk of using this service was eased by the defiant and sometimes animated nature of the current owners, who earned trust with their users similar to what we’d share with good friends. They’re the good guys, fighting for our privacy and right to share information on the internet. They can be trusted.

Until they can’t anymore. The recent loss of a major lawsuit seems to be the catalyst for the sale, though the owners are attempting to portray that this sale had been coming for some time and they had intended to convert the service to a model that would compensate content providers and copyright owners. Doubtful at best. So now The Pirate Bay and all of it’s user data will be the property of a company that isn’t motivated by the thrill of file sharing in defiance of law and cannot be bought, but by a company who can (and probably will). And what of all that history of illegal uploads and downloads of it’s users? The new owner will be free to do whatever, and more importantly, give to whoever it chooses – if it chooses.

If you’re an avid user of The Pirate Bay, this should be scary. I’m not saying that they’re going to start turning over your data to whatever law enforcement agency, but they could. Recall when Naspter, the grandfather of peer-to-peer sharing, was sued and acquired in a similar fashion this technology was in it’s infancy and I’ll argue that a precedent wasn’t set at that time because no one really knew what to do with the data, and many believed the shuttering of Naspter as a free service would itself kill illegal content sharing. Clearly, that didn’t happen and now we’re observing the collapse of another very large sharing service. I believe this one will set a precedent because of the far greater sensitivity of illegal content sharing in this age. I can hear lawyers lip-smacking already to compel vast amount of user data for study and perhaps even limited retribution. All eyes will now be on the new owner and what pressure they receive to release information. In any case, all of that data in accountable hands is unnerving.

While discussing this subject on other mediums, two important points were brought up:

1) The Pirate Bay contends they save no user or identifiable information, and if they did it wouldn’t be transferred to the new owners.
- This simply cannot be trusted. While The Pirate Bay may indeed remove user information, what controls do they employ to ensure the safe and complete removal of the data? Are these controls to be trusted?
- How will they ensure any retained data will not be transferred to the new owners, and what happens after the sale if they weren’t able to ensure this? The new owner also now owns the data.

We cannot verify these statements and just cannot know what data The Pirate Bay possesses, we’re falling back upon blind trust that they’re the good guys and they’ll do the right thing.

2) The way law is currently being enforced, only seeders (people uploading/sharing) are being pursued and prosecuted.
- “currently being enforced” What will the future hold?

Simply, this is another lesson that your data in the hands of others cannot be trusted – ever. It’s impossible to predict what the future holds for a given organization, and in a moment your personal data and information can go from trusted hands into the unknown. Guard your online practices as you guard your real personal information. The internet is real, simply because you access it in the comfort of your home and personal privacy doesn’t mean the risks are smaller.