The US government dropped a nuclear bomb on "cyberlocker" site Megaupload today, seizing its domain names, grabbing $50 million in assets, and getting New Zealand police to arrest four of the site's key employees, including enigmatic founder Kim Dotcom. In a 72-page indictment unsealed in a Virginia federal court, prosecutors charged that the site earned more than $175 million since its founding in 2005, most of it based on copyright infringement.

As for the site's employees, they were paid lavishly and they spent lavishly. Even the graphic designer, 35-year-old Slovakian resident Julius Bencko, made more than $1 million in 2010 alone.

The indictment goes after six individuals, who between them owned 14 Mercedes-Benz automobiles with license plates such as "POLICE," "MAFIA," "V," "STONED," "CEO," "HACKER," GOOD," "EVIL," and—perhaps presciently—"GUILTY." The group also had a 2010 Maserati, a 2008 Rolls-Royce, and a 1989 Lamborghini. They had not one but three Samsung 83" TVs, and two Sharp 108" TVs. Someone owned a "Predator statue." Motor bikes, jet skis, artwork, and even 60 Dell servers could all be forfeit to the government if it can prove its case against the members of the "Mega Conspiracy."

The case is a major one, involving international cooperation between the US, Hong Kong, the Netherlands, the UK, Germany, Canada, and the Philippines. In addition to the arrests, 20 search warrants were executed today in multiple countries.

No safe harbor for you



Going after Megaupload, one of the most popular sites in the world and one that uses a surprising amount of corporate bandwidth, might seem a strange choice. (As an example of its scale, Megaupload controlled 525 servers in Virginia alone and had another 630 in the Netherlands—and many more around the world.) For years, the site has claimed to take down unauthorized content when notified by rightsholders. It has registered a DMCA agent with the US government. It has created an “abuse tool” and given rightsholders access. It has negotiated with companies like Universal Music Group about licensing content. And CEO Kim Dotcom sent this curious e-mail to PayPal in late 2011:

Our legal team in the US is currently preparing to sue some of our competitors and expose their criminal activity. We like to give you a heads up and advice [sic] you not to work with sites that are known to pay up loaders for pirated content. They are damaging the image and the existence of the file hosting industry (see what's happening with the Protect IP Act). Look at Fileserve.com, Videobb.com, Filesonic.com, Wupload.com, Uploadstation.com. These sites pay everyone (no matter if the files are pirated or not) and have NO repeat infringer policy. And they are using PayPal to pay infringers.

But the government asserts that Megaupload merely wanted the veneer of legitimacy, while its employees knew full well that the site's main use was to distribute infringing content. Indeed, the government points to numerous internal e-mails and chat logs from employees showing that they were aware of copyrighted material on the site and even shared it with each other. Because of this, the government says that the site does not qualify for a “safe harbor” of the kind that protected YouTube from Viacom's $1 billion lawsuit.

For instance, the “abuse tool” allegedly does not remove the actual file being complained about by a rightsholder. Instead, it only removes a specific Web address linked to that file—but there might be hundreds of such addresses for popular content.

In addition, the government contends that everything about the site has been doctored to make it look more legitimate than it is. The “Top 100” download list does not “actually portray the most popular downloads,” say prosecutors, and they claim that Megaupload purposely offers no site-wide search engine as a way of concealing what people are storing and sharing through the site.

Megaupload employees apparently knew how the site was being used. When making payments through its “uploader rewards” program, employees sometimes looked through the material in those accounts first. "10+ Full popular DVD rips (split files), a few small porn movies, some software with keygenerators (warez)," said one of these notes. (The DMCA does not provide a "safe harbor" to sites who have actual knowledge of infringing material and do nothing about it.)

In a 2008 chat, one employee noted that "we have a funny business... modern days [sic] pirates :)," to which the reply was, "we're not pirates, we're just providing shipping servies [sic] to pirates :)."

Employees send each other e-mails saying things like, “can u pls get me some links to the series called ‘Seinfeld’ from MU [Megaupload]," since some employees did have access to a private internal search engine.

Employees even allegedly uploaded content themselves, such as a BBC Earth episode uploaded in 2008.

Other messages appear to indicate that employees knew how important copyrighted content was to their business. Content owners had a specific number of takedown requests they could make each day; in 2009, for instance, Time Warner was allowed to use the abuse tool to remove 2,500 links per day. When the company requested an increase, one employee suggested that "we can afford to be cooperative at current growth levels"— implying that if growth had not been so robust, takedowns should be limited. Kim Dotcom approved an increase to 5,000 takedowns a day.

Employees also had access to analytics. One report showed that a specific linking site had “produce[d] 164,214 visits to Megaupload for a download of the copyrighted CD/DVD burning software package Nero Suite 10. The software package had the suggested retail price of $99.” The government's conclusion: Megaupload knew what was happening and did little to stop it.

The need for care



Yet the indictment seems odd in some ways. When Viacom made many of the same charges against YouTube, it didn't go to the government and try to get Eric Schmidt or Chad Hurley arrested.

It's also full of strange non-sequiturs, such as the charge that "on or about November 10, 2011, a member of the Mega Conspiracy made a transfer of $185,000 to further an advertising campaign for Megaupload.com involved a musical recording and a video." So?

The money probably paid for a video that infuriated the RIAA by including major artists who support Megaupload. Megaupload later filed claims in US courts, trying to save the video, which it says was entirely legal, from takedown requests. (The RIAA has long said the site operators "thumb their noses at international laws, all while pocketing significant advertising revenues from trafficking in free, unlicensed copyrighted materials.")

Given that the site was already using US courts to file actions; given that the government had Megaupload e-mails talking about using US lawyers to file cases against other "pirate" sites; given that the site did at least take down content and built an abuse tool; and given that big-name artists support the site, the severity of the government's reaction is surprising.

There's no doubt that the indictment makes Megaupload look bad, though, and we're quite curious to see what comes of the case—especially once the site has a chance to respond.

Law professor James Grimmelmann of New York Law School tells Ars, "If proven at trial, there's easily enough in the indictment to prove criminal copyright infringement many times over. But much of what the indictment details are legitimate business strategies many websites use to increase their traffic and revenues: offering premium subscriptions, running ads, rewarding active users.

"I hope that if this case goes to trial and results in convictions, that the court will be careful in sorting out just what Megaupload did that crossed the line of criminality."

The MPAA doesn't have any doubts, though. "By all estimates, Megaupload.com is the largest and most active criminally operated website targeting creative content in the world," it said in a statement. "This criminal case, more than two years in development, shows that law enforcement can take strong action to protect American intellectual property stolen through sites housed in the United States."