DOJ Adds Wire Fraud, More Criminal Infringement Counts Against Megaupload

Access practice tools, as well as industry leading news, customizable alerts, dockets, and primary content, including a comprehensive collection of case law, dockets, and regulations. Leverage...

By Tamlin H. Bason  

The Department of Justice filed a 90-page superseding indictment Feb. 16 against the operators of the cyber locker website, adding additional criminal copyright infringement charges, and five counts of wire fraud (U.S. v. Megaupload Ltd., E.D. Va., No. 1:12CR3, superseding indictment filed 2/16/12).

The new 13-count indictment replaces the 5-count indictment that was unsealed Jan. 19 to coincide with the arrest in New Zealand of four individuals that operated the file sharing website (13 PTD, 1/23/12).

In the original indictment, the DOJ accused the operators of the cyber locker website of racketeering, conspiracy to commit copyright infringement, conspiracy to commit money laundering, and two counts of criminal copyright infringement. The superseding indictment added three additional counts of criminal copyright infringement and tacks on the wire fraud charges.

In a press release following the unsealing of the original indictment, the DOJ announced that four of the seven individuals named in the indictment had been arrested in New Zealand, and that $50 million in assets had been seized.

In what the Justice Department described as “among the largest criminal copyright cases every brought in the United States,” the government also seized the domain name and a number of related websites that it claimed had caused more than $500 million in damages to U.S. copyright holders.

Website Encouraged Linking to Copyrighted Files

The two companies named both indictments, Megaupload Ltd. and Vestor Ltd., operate several file storage websites. The indictment alleges that at one point was the 13th most popular site on the entire internet and attracted 50 million visitors a day. In fact, the website accounted for nearly 4 percent of all internet traffic, the indictment alleges.

Count two of both indictments alleges that the defendants conspired to commit copyright infringement in violation of 18 U.S.C. § 871. According to the indictments, Megaupload generated income in two ways: by selling premium subscriptions to users, and by selling online advertising. Premium subscriptions have generated more than $150 million in revenue for the defendants and advertising has generated an additional $25 million since the conspiracy began in 2005, the indictments allege.

Any user who visits the website can upload a file and Megaupload would then create a unique URL where those files can be viewed, the indictments allege. Users can then disseminate links to those files, which are at that point stored on Megaupload's servers. However, to view, copy, or download those files, users must pay a fee in order to become premium members.

The superseding indictment alleges that Megaupload's claim that it has 180 million registered users is incorrect. Rather, the DOJ said, “As of January 19, 2012, there were actually approximately 66.6 million users registered in the Mega Conspiracy's internal database records; of these registered users, the records further show that, at most, only 5.86 million users had ever uploaded a single file to either or”

According to the both indictments, Megaupload encouraged users to broadly distribute the URLs to thousands of third party sites, which would in turn drive traffic to Megaupload's servers. Users were in fact incentivized through a “rewards program” which provided points to users that uploaded popular files that could be redeemed either for premium user status or cash. Files that contain copyright content are almost always the ones that generate the most traffic, thus Megaupload was encouraging copyright infringement, the indictments claimed.

Website Ignored DMCA Takedown Requests

In addition to encouraging infringement, Megaupload also ignored takedown requests that were sent pursuant to the Digital Millennium Copyright Act, the two indictments claimed.

At Section 512(c)(1)(C), the DMCA contains a “take-down” provision that obligates a service provider to respond “expeditiously to remove, or disable access” to material for which it receives an appropriate notice of claimed infringement. The DMCA also requires an ISP to have procedures in place to ban users that are identified as repeat infringers.

Megaupload “made it more difficult for copyright holders to identify repeat infringers by removing the identity of the infringing file's uploader from public parts” of the website, the indictments allege.

The indictments go on to allege that Megaupload only “selectively complied with their obligations to remove any copyrighted materials (or links thereto) from the computer servers they controlled, and sometimes deliberately did not remove copyrighted works (or links thereto) when it would result in a loss of revenue.”

Website Tried to Copy All YouTube Videos

The original indictment alleges that the operators of Megaupload conspired to copy to its servers all copyrighted videos that appeared on third-party websites such as

Indeed, the grand jury was presented with internal e-mails that demonstrated that in 2006 Megaupload's founder, Kim Dotcom, thought that it was a “priority” to copy YouTube's videos.

In another 2006 e-mail, an employee noted that while Megaupload currently had only 30 percent of YouTube's videos copied, it would be “nice to have everything” in order to “brainstorm later how we're going to benefit from it.”

The Feb. 16 indictment adds a charge of criminal copyright infringement based on these allegations.

Indictment Asserts Five Counts of Criminal Infringement

The superseding indictment articulates five separate counts of criminal copyright infringement in violation of 17 U.S.C. §506.

The first criminal count, which is identified as count four in the superseding indictment, is based on the movie “Taken,” which was allegedly distributed on Megaupload in October 2008, despite the fact that it was not made available for commercial distribution until January 2009.

Counts five through eight are more generic and are based on the facilitation of copyright infringement by “electronic means” by aiding and abetting criminal infringement. Thus, these counts are not based on the direct distribution of a copyrighted work, which serves as the basis for liability under count four. Specifically, counts five, six, and seven each separately allege that the defendants:


did willfully, and for purposes of private financial gain, infringe copyrights in certain motion pictures, television programs, musical recordings, electronic books, images, video games, and other computer software, by reproducing and distributing over the Internet, during a 180-day period, ten or more copies and phonorecords of one or more copyrighted works which had a total retail value of more than $2,500.

Count eight asserts a count of copyright infringement based on the alleged pilfering of YouTube's content. It alleges that the defendants “did willfully, and for purposes of commercial advantage and private financial gain, infringe copyrights from the platform, by reproducing and distributing by electronic means, during a 180-day period, at least ten copies and phonorecords of one or more copyrighted works which had a total retail value of more than $2,500.”

Websites Seized Pursuant to Pro IP Act

The websites in question were seized and are being held under powers that the government claims became available after the passage of the 2008 Pro-IP Act, Pub. L. No. 100-403, which at Section 2323 allows the government to seize the instrumentalities or proceeds of criminal conduct.

In other domain name seizures conducted by the DOJ and the Department of Homeland Security's Immigration and Customs Enforcement agency, the government has argued that domain names are instrumentalities that are used to traffic pirated and counterfeit goods. Thus, the government has said that the websites are subject to in rem proceedings (229 PTD, 11/29/11).

Seizures Differ From DNS Blocking That Derailed SOPA

The Pro IP Act in rem actions taken agains Megaupload are different from the most controversial remedies proposed under the recently stalled Stop Online Piracy Act (H.R. 3261) and the Protect IP Act (S.968). The initial language in both of those bills would have allowed the government to force an internet service provider to block an infringing website at the domain name system level. Although these provisions were later scaled down—and even dropped from H.R. 3261— opponents of the legislation continued to use the DNS language as a flashpoint and ultimately succeeded in getting both bills shelved.

Sherwin Siy, deputy legal director at Public Knowledge, a public interest group, told Bloomberg BNA Jan. 20 that the difference between DNS blocking and the seizure of is best understood by using the phone book analogy.

This analogy, used to describe the DNS blocking provisions, equates a website's IP address with a number in a phone book. The DNS allows an internet user to type in the domain name of a website, rather than typing in the complicated IP address. For example, a user who wishes to go to the search engine Google can simply type in into her browser, rather than typing in, which is the search engine's IP address.

Under SOPA and PIPA, an ISP would have been required to prevent a user from accessing an infringing website by simply typing in the domain name. A user could still access the site by typing in the IP address, but the ISP would, in essence, be required to delete the infringing website from the internet phone book.

Under the Pro IP Act, however, the DOJ is able to gain actual ownership of the infringing domain name.

“The IP address and the domain name still correspond directly, you have just changed the ownership of that IP address,” Siy said.

“In SOPA and PIPA, you take that entry out of the phone book or you change the number listed,” Siy said. “Here, instead you are actually changing ownership of that business. It doesn't do anything to the reliability or the consistency across phone books.”

The case is being prosecuted by the U.S. Attorney's Office for the Eastern District of Virginia and the Justice Department's Computer Crime and Intellectual Property Section.

For More Information

Initial indictment at

Superseding indictment at


Request Intellectual Property on Bloomberg Law