The RIAA may have given up on lawsuits targeting P2P users, but other companies have stepped into their shoes. There are many ways to detect P2P users and collect evidence of their behaviors for use in lawsuits. The simplest way needs nothing more than a BitTorrent client.

We’ve covered some of the more exotic ways people can be tracked or monitored in the past (including some that don’t work) but the lawsuits, abandoned by the record industry as bad for business, have been adopted by a group of lawyers who don’t let a little hypocrisy stand in their way.

There’s a lot of misinformation about which companies and agencies can do what, and how they do it. People claim industry groups or random companies can search and send out letters at random, whereas the reality is the investigator must be authorized or they could be deemed guilty of copyright infringement themselves.

There’s also a lot of confusion about exactly how evidence is collected, with people sometimes believing that it can only be collected from corporate networks, or that private trackers are safe because investigators can’t share and so would be banned for their ratio. Much of this is untrue and these beliefs can make it easier to collect evidence.

The easiest way of all is to simply collect information from trackers. It’s an easy and quick way to do it, although as was revealed 2 years ago, it’s often quite inaccurate.

The next simplest way, which provides lots of data, is just to join a swarm and monitor. Some people believe that clients doing this will stand out, as modified clients will behave differently. The reality is that clients don’t have to be monitored at all.

Researcher Andrew Norton produced this video explaining how a vanilla µTorrent client can be used to identify and log peers without any modification or abnormal behavior.

The raw data shown in the video – all that’s needed for a lawsuit or allegation under most 3-strikes laws – is nothing more than basic communication data. However, it’s critical to note that this data, while it is evidence of activity, is NOT evidence of infringement in many cases.

We can’t testify that this is the method used by any company – they’re notoriously tight-lipped about their methods – but it’s quite possible that it’s being used and sold on as a very high priced service to customers. Selling simple and not always accurate or effective methods for thousands of dollars a week was revealed to be a key method of MediaDefender. Anyone reading this and intending to hire such companies would be advised to ask for a demonstration of their detection system first-hand.

It should, however, come as yet another wakeup call to those using blocklist-based software. Without any way to identify a client using this method, there’s no way to add its IP to the list. In fact, the public availability of block-list contents means it’s extremely easy to avoid being on them.

On the other hand VPNs, proxies and seedboxes will provide some protection, but the only real solution is to press for the peer-review of anti-P2P companies and their methods, but that doesn’t look like it will come any time soon.