Pirates of Yesteryear: The King Is Dead. Long Live the King!

Kim Dotcom as Doctor Evil

@KimDotcom: Hollywood had a plan, the copyright Taliban, hired the White House clan & John the fan, sending 72 armed men to Megauploadistan

I admit: I am fascinated with Kim Dotcom. I know, this is a highly problematic confession to make. My fascination with him isn’t because of his cool last name (though it helps) or that he is an appealing person, nor do I think that he is honest in any way. He is a commercial man, pure and simple. From what I hear, he is a criminal, a crook, a party man, and has a taste for cars and women.  I am fascinated with him because he is that bad penny that keeps coming back. That, and he exposes what is fundamentally wrong with our society. He does it so theatrically, too! For that, the man deserves some attention.

Not too long ago, Biella Coleman noted that geeks are the new defender of civil liberties. I consider Kim Dotcom to be a geek of some sorts. But, as his well-known nickname “Dr. Evil” suggests, he is a different kind of geek than, say, Anonymous or Aaron Swartz. He has a hacker sensibility like them, but he is not elusive. His identity is known and whereabouts well-documented. Nor does he claim the moral high ground, that is, until recently. Like an inmate who finds religion after incarceration, he seems to have found his idealism after he lost all his assets in the 2011 FBI raid of MegaUpload. What separates him from other geeks is that he is rich enough to make his own rules. That is exactly what he set out to do in copyright wars.

To be sure, the battle over copyright has proven to be the war of this century. Operation Payback initiated by Anonymous in October 2010 became an important milestone in these wars and was followed by others. Over the next several years, netizens collectively protested against and successfully crushed the controversial anti-piracy bills, specifically SOPA, PIPA, and ACTA, which went well beyond protecting the commercial interests of the content industry, but harbored the possibility of infringing on civil liberties online.It was within days of defeating these bills, that the FBI raided and shut down Kim Dotcom’s then highly-popular cyberlocker, MegaUpload, for housing pirated content. A year to the date after the raid, Dotcom took the stage to announce his new darling, Mega, a new and improved cyberlocker fortified with encryption capabilities that promised its users the utmost in security and privacy. Debuting the site with a mock-FBI raid that simulated the one which brought down MegaUpload, the new cyberlocker was announced as a privacy company. “The launch of Mega,” Dotcom declared “is not about mocking any government or Hollywood. This is about our right to innovate and start a new business.”

Yet, as if to say a big “fuck you” to the content industry and the government that cut the lifeline of his first baby, a staged FBI raid concluded Dotcom’s lengthy press conference. As the choppers hovered over and agents clad in black climbed down the walls of Dotcom’s mansion, it was hard see this under any light other than a blatant mockery of those who seized his property and put him in jail a year ago. Once the villain, Dotcom emerged as a Robin Hood-like figure out of the ashes of what was left of MegaUpload that night, boldly declaring that privacy was a basic human right.

The question to ask here is this: How did we come to a point where Dr. Evil has become a part of the digital rights movement?

In many ways, Dotcom’s launch of Mega as a privacy company is the latest response to piracy surveillance that has been going on since the infamous Digital Millennium Copyright Act (DMCA) was passed into law in 1998. The law scholar Sonia K. Katyal (2004) explains that this particular type of surveillance has emerged because of the absence of a specific constitutional right to privacy which left the property rights of user information and its protection at the hands of commercial interests. Since then, Internet activists have kept a watchful eye on companies like Google and Facebook and called them to task at every turn.

This missing link opened the doors to piracy surveillance, no doubt, but what established it as a strategy regularly deployed in copyright wars was the legislation that was passed along with it. DMCA, with its safe harbor clause, played a significant role in shifting the burden of detecting copyright infringement onto the content owners themselves. This bill, in conjunction with subsequent court rulings, helped cement the privatized protection of copyright as the norm in the war against piracy. As Katyal explains “the law … unwittingly invited intellectual property owners to cast an increasingly wider swath of private enforcement over the online activities of ordinary citizens” (Katyal, 2004). As a consequence, new zones of enterprise dedicated to the measurement, control, enforcement, regulation, and monetization of such infringing activities opened up and developed into a robust anti-piracy industry (Lobato and Thomas, 2012) of which surveillance became a major part.

Over the last couple of decades, a host of practices have been implemented, each new one being more invasive than the last. RIAA, for example, commissioned third parties to maintain automated web-crawlers that regularly comb the Internet to record the Internet Protocol (IP) addresses of those who trade files on peer-to-peer networks. Universities agreed to monitor their students’ file-trading activities at the behest of media companies. Citizens were recruited as bounty hunters and paid to spy on each other. Internet Service Providers (ISP) policed their own costumers and exposed the infringers to dodge liability. On occasion, this private information was accidentally leaked on the Internet as the service providers, when presented with court orders, sent the requested user data to solicitors unencrypted. In the US, legislation that that would exempt copyright owners from computer fraud laws was introduced to legitimize some of illegal surveillance practices that were already taking place. If passed, the law would have exempted far worse computer crimes than those committed by Aaron Swartz.

One could well consider Dotcom as the product of this surveillance-laden atmosphere that put society between a rock and a hard place. Burdened with the pressure of law that criminalized society, exhausted from being under constant surveillance, and (in the case of the MegaUpload raid) angry at their personal files/assets being indefinitely seized, some welcomed an evil overlord who was loudly promoting civil liberties and citizen’s right to privacy. But make no mistake, like Google that executed a full-blown invasion of our society, Dotcom, too, is a false prophet.

What makes Mega a privacy company is its implementation of a wide-scale encryption technology (you can find the details here). All the files that are uploaded to and downloaded from Mega are encrypted with an encryption key generated partially by your password. Only you know your password, so if you lose it, you lose access to your files. Neither Mega nor anyone else will know so much as the file names stored in your account. Once uploaded, you’re able to share your files, again, through an encrypted link. Ironically, the Achilles heel of this otherwise perfect set-up, is the password itself which is notoriously insecure and could easily be hacked with a few tricks.

For all its technological wonders that make Mega possible, it is not encryption that makes it worthy of consideration, but rather, Dotcom’s personal quest to change the discourse around cyberlockers.

By launching Mega as a privacy company armed with encryption technology from head-to-toe, Dotcom does several things at once. First of all, he rebrands his business by situating it within the digital rights movement, a higher cause that has gained traction over the last decade or so, while de-emphasizing its illegal uses — piracy. This is a smart move, really, because this shift in branding labels any attack against Mega as an assault against privacy and is likely to elicit outrage. On another level, however, it aims to regain the trust of the previous clientele whose data have being seized by the FBI in the MegaUpload raid, and as a result, are likely considering switching over to other cloud storage services if they haven’t done so already.

Underneath Dotcom’s privacy rhetoric, however, lurks a very practical self-serving strategy: plausible deniability. While Google systematically deployed the mantra “Don’t be evil” to build the perfect commercial Panopticon, Dotcom uses “See no evil” in his quest to encrypt half of the Internet to end government surveillance.

At the hands of Dotcom, then, privacy becomes a powerful tool serving commercial interests. Eric Limer writes: “Mega isn’t so much securing your files for you as it is securing itself from your files. If Mega just takes down all the DMCAed links, it will have a 100 percent copyrighted material takedown record as far as its own knowledge is concerned. It literally can’t know about cases that aren’t actively pointed out to it, complete with file decryption keys.”

In effect, Mega shifts the burden of piracy onto the users themselves while being advertised as a tool that guarantees privacy. You are the pirate now, and rest assured, even though everything inside of Mega is encrypted, your personal identifying information like name and IP address aren’t.

For all intents and purposes, Mega’s significance comes from building an effective business model around civil liberties. In this respect, the MegaUpload raid appears to be a fleeting victory for the anti-piracy industry, one which may have given birth to its biggest nemesis thus far. Armed with money, power, and an entourage of legal advisers and hackers that help him build the perfect unbeatable system, Dotcom has reinvented himself as the shady defender of civil liberties who has co-opted the digital rights movement for his self-serving needs.

I doubt that Kim Dotcom is the prophet that Gotham deserves, but it just might be the false prophet it needs right now.


Katyal, Sonia. (2004). Privacy vs. Piracy. Yale Journal of Law & Technology Vol. 7, p. 222.

Lobato, R. & Thomas, J. (2012, April 12). The Business of Anti-Piracy: New Zones of Enterprise in the Copyright Wars. International Journal of Communication, Piracy Cultures, 6.