Also in Billboard, the mag’s legal expert, Susan Butler, spends some time in the RIAA’s war room. Her story ($) is a dispassionate account of how exactly the organization wastes its time in a pointless, debilitating war on its own customers pursues its legal rights against wholesale copyright violations:

Deep inside the national headquarters of the RIAA is a purple room. Tinted windows shade the faces of young men and women working behind computer screens. They are part of the team investigating the illegal sharing of music files over peer-to-peer (P2P) networks, and they protect their identities carefully.

Such precautions are a reflection of the charged environment in which the RIAA is operating. The trade group views anti-piracy enforcement as vital to the recording industry’s future.

There are some …. interesting facts:

Despite the RIAA’s efforts, data suggests that demand for pirated content remains strong. A recent NPD Group report estimates that 19% of U.S. Internet subscribers 13 and older download free music from P2P services, barely less than the 20% reported when the RIAA began its user litigation campaign in 2003.

(I find the idea that file-sharing has in any way decreased in the last few years entirely far-fetched, but whatever.)

Here’s how it all works:

When a consumer rips a song from a CD and gives the digital file a name, the computer hardware, ripping software and other digital data together create a digital file identified by a distinct hash code. If the user rips the same song with an older computer—even with the same software—the file will have a different hash code. The slightest change in the music source, computer hardware, ripping software, P2P protocol, file name or length of recording will change the hash code identifying the resulting MP3 file.

For example, while searching for a Madonna song at the RIAA offices, dozens of users were sharing the same Madonna title over LimeWire—but six users were sharing the digital files with identical hash codes. Since it is highly improbable that more than one user would have the exact combination of equipment and timing to create identical hash codes, the investigator says, the six users are likely sharing copies of the same file that one person originally uploaded to the Internet and that was later downloaded and shared by other users.

And goes on from there:

Once the popular hash is identified, the MediaSentry program makes contact with the user through a “TCP handshake”—essentially a conversation between the Web server and the Web client, like LimeWire, via the Internet transmission control protocol.

“Are you online and do you have this hash code?” the program asks. If the user’s program says “yes,” then the user is pegged. Just one digital file is enough for the RIAA to send a take-down notice.