Yesterday the ruling in the Golden Eye case was handed down. It's overall pretty useful news for those who've been concerned aboutthe practice of what's been called 'speculative invoicing.'
This practice sees copyright owners or representatives writing en masse to alleged infringers of copyrights (in this case Golden Eye were seeking around 9,000 of O2's customers' details), demanding large sums (typically over £500, and in this case £700) with threats of court action attached. The letters tend to overstate or misrepresent the case and hence pressure the consumer into settling. In reality cases are hardly ever brought to court. When they are brought in front of the courts ACS:Law and Golden Eye have sought to discontinue the cases, and thus avoid judicial scrutiny, if a default judgment cannot be obtained.
If these sounds like a money making scheme first and a genuine attempt to protect creators rights second (or perhaps not even ranked), that's because they are.
As we've written about before, the decision has ramifications for how the Digital Economy Act will function because it provides more details about how copyright owners can seek the details of alleged infringers and subsequently pursue them through the court. The ruling is so useful because it addresses some of the key issues with this practice, issues which open a means for undesirable practices mentioned above. Here are three of the big points from yesterday's ruling that should help address these problems.
1. Fair letters to alleged infringers
The new ruling means that letters sent by copyright-owners or their representatives will have to properly safeguard the legitimate interests of consumers, in particular those who are innocent of wrong-doing. The Judge found that the draft letters Golden Eye proposed were 'objectionable in a number of respects' in a number of ways, including the claim that an application could be made to the ISP to disconnect the users' internet account (paragraphs 124-130).
The judge also agrees with Consumer Focus that the demand for £700 from alleged infringers is 'unsupportable'.
This should significantly restrict the ability of such companies to send out intimidating ‘pay now – or else' letters in the future, such as those seen in the high profile case of ACS Law. In a separate hearing soon, the High Court will impose conditions on the wording of the letters.
2. Standards of evidence
One of the biggest concerns about the pursuit of alleged infringers is the proof required against them. IP addresses can be a fallible way of identifying a subscriber, because there can be errors not only in matching IP addresses to the user, but also because identifying a subscriber does not mean you have identified an infringer. The judge explicitly acknowledges this in paragraph 103, part vi) of his judgment:
Even if the monitoring software is functioning correctly and the ISP correctly identifies the subscriber to whom the IP address which has been detected was allocated at the relevant time, it does not necessarily follow that the subscriber was the person who was participating in the P2P filesharing which was detected. There are a number of alternative possibilities, including the following:
- The IP address identifies a computer and someone else in the same household (whether a resident or visitor) was using the computer at the relevant time (which might be with or without the knowledge of the subscriber).
- The IP address identifies a router and someone else in the same household (whether a resident or visitor) was using a computer communicating via the same router (which might be with or without the knowledge of the subscriber).
- The IP address identifies a wireless router with an insecure (either open or weakly encrypted) connection and someone outside the household was accessing the internet via that router (in all probability, without the knowledge of the subscriber).
- The IP address identifies a computer or router, the computer or a computer connected to the router has been infected by a trojan and someone outside the household was using the computer to access the internet (almost certainly, without the knowledge of the subscriber).
- The IP address identifies a computer which is open to public use, for example in an internet café or library.
And the judge goes on to say that 'It is not possible to estimate an overall likely rate of erroneous identification. All that can be said with certainty is that there will be an unknown percentage of errors.'
So there is a need to build in an appreciation of such problems into the Norwich Pharmacal Order process and the Digital Economy Act. The fact that there will be an unknown percentage of errors in a given sample of IP address matching such this should have significant ramifications for the Digital Economy Act. For example, it should seriously undermine the idea that to challenge an allegation of infringement an internet subscriber should have to pay £20 to appeal.
Yesterday's judgment highlights the need for Ofcom to check that allegations of copyright infringement under the DEA by copyright owners (in the for of “copyright infringement reports”) is supported by reasonable and robust evidence that there may have been copyright infringement on that connection. Ofcom need to set a strong standard of evidence in the forthcoming Initial Obligations Code, and make provisions on the means of obtaining evidence.
This is required by the Digital Economy Act and when the DEBill went through parliament the House of Lords fought hard to get these safeguards in reference to the large number of people coming forward saying they were wrongly accused by ACS:Law.
If Ofcom do not make such provisions in the Initial Obligations Code there is a risk that a high number of entirely innocent subscribers will be placed on the “copyright infringement list” (after three notifications), which means they would be subject to technical measures once the 'technical stage' of the DEA commences.
Who defends the publics' interests?
These cases happen, of course, without the consumers whose details are being sought being present. And often, certainly in this case, the ISP (Telefonica, trading as O2 in the UK) did not challenge the request beyond ensuring they were remunerated for the administrative costs. In this case, the court asked Consumer Focus to act on behalf of the consumers who would be affected by the release of the data - which saw the request examined and led to the detail of the examination. They've done a fantastic job and deserve much credit.
But there's one final point to mention. We can't expect Consumer Focus to do this each time a case comes before the court simply because ISPs don't want to spend time and money ensuring their customers' details aren't handed out too freely. ISPs hold vast amounts of personal data about their customers and and when ISPs receive these kind of Norwich Pharamcal applications in future, we should expect that they:
- Check that the application is supported by evidence and that the evidence justifies the order sought.
- Verify that the applicant is able to comply with the terms of the order (for example, to keep the personal data confidential etc)
- If the information sought goes beyond name and address of the subscriber, check that the provision of further personal data is justified by the evidence and for the purpose of the order (for example, if the personal data is sought to take legal action for alleged copyright infringement, other personal data such as the credit card details, would not be justified).).