call +44 20 7096 1079

Blog


March 19, 2013 | Peter Bradwell

Is the tide turning in the fight for our privacy rights?

The latest vote on the EU Data Protection Regulation suggests MEPs are starting to realise why privacy protections are important. We need your help now to get the message across.

This morning the Legal Affairs Committee (JURI) in the European Parliament voted on their opinion on the proposed Data Protection Regulation. This is the latest of four Committees to vote on the draft. 

There's good and bad news. On the one hand, the JURI opinion is better than the ones from previous Committees. The bad news is that it still proposes to weaken the Regulation and undermine our privacy rights.  In short, they proposed fewer of the changes to the Regulation that would really undermine our privacy rights. (We have written before about previous Committee votes. And we have produced a brief guide to the issues.)

Good bits from the JURI vote: 'Data portability', which would allow you to get your data from people who collect and use it, remained in the draft. The Committee also kept in some safeguards around profiling.

Bad bits: The Committee want companies to be able to profile people without their consent if they think it is in their own "legitimate interests". They also voted to allow companies to use data for purposes unrelated to those for which it was originally collected, again if they think it is in their "legitimate interest". That seriously undermines the control that people will have over how their personal information is used. 

More information is up on EDRi's write up of the vote

What you can do to help *now*

The vote today demonstrates that we are making some progress countering the huge amount of lobbying from data monopolies and the US government against the Regulation. 

But now we really need your help. The control that you have over your data is at stake. We need a Regulation that strengthens rights that help you decide how your information is used. We need stronger definitions of consent; the power to have data about us deleted; and the power to get our data back. But immense lobbying pressure from US data monopolies, the ad industry and the US government threatens to take these rights away.  

If you want the power to decide when and how information about you is used, please write to your MEP now.  The final and very important 'LIBE' Committee vote is soon. Writing to your MEP will help emphasise to them that people care about their privacy, and that the European Parliament should adopt a strong Regulation that enhances our rights.

Last year, we relied on the mobilisation of our supporters - for example your emails and phone calls - to convince MEPs to vote against ACTA. Your emails to your MEPs make a difference.  

You can easily write to your MEPs using our website

For more information on the key points, our brief guide to the issues is up here. If you have questions about what to say, or need to talk about a reply from your MEP, please do get in touch with me at peter@openrightsgroup.org

 

[Read more]


March 19, 2013 | Simon Phipps

Royal Charter or Star Chamber For Stars?

The new Royal Charter being rushed through the UK Parliament includes some drafting that appears to drag blogs, Twitter and other social media into the penalty net. This is an extremely worrying development that needs rapid response from the meshed society of citizen creator-consumers (that almost certainly means you).

(Hat tip to Alec Muffett for pointing this out

Unpacking all the nested definitions in the draft Charter, a person who:

  • publishes in the United Kingdom or for an audience mainly located in the United Kingdom
  • news or information about current affairs or
  • opinion about matters related to the news or current affairs or
  • gossip about celebrities, other public figures or other persons in the news, on
  • a website containing news-related material (whether or not related to a newspaper or magazine)

falls within the remit of this Charter as a “relevant publisher”. This is the only clear scope I can find in the whole proposed regulation.  Yes, that clearly includes my blog, Twitter, public posts on Facebook and pretty much any other social media channel. I do not believe this is a drafting error; I believe it’s an intentional gag on whistleblowers and individual attention, on anyone who doesn’t have a boss someone powerful can call to have them shut up.

Of course, the proposals have no regard for this meshed world of creator-consumers. All the thinking revolves around Big Media, so there’s no representation for me or you in the regulatory body it creates, nor accommodation for the realities of the meshed society we inhabit. By including the new meshed world of creator-consumer citizens into this measure intended as a leash for dinosaurs, nothing is achieved in terms of realistic regulation.

But a new, deadly weapon is created to allow the rich to chill and punish any of those creator-consumers who dare to challenge them. When an established publication publishes a diatribe, they provide an umbrella for its author to shelter them from the new threats made available through this new regulatory mechanism. They are already pretty good at shielding authors; as long as they have jumped through the new hoops and behave reasonably, there’s not much more threat here than before.

But when the same writer tweets an opinion, or when I post my opinion about it on my personal blog, this new regulation allows the well-resourced members of the media elite to subject us to weapons tuned for deterring the Murdochs of this world. The penalties involved are out of all proportion to any harm as well as way beyond your and my means even to buy insurance, let alone to pay.

Just the threat that we might get dragged into this Star Chamber for the stars would be enough to chill most of us. Until they were caught public figures, politicians and police were quite happy with the old arrangement, under which they and journalists committed illegal acts that benefited both sides. I’m sure those same people will be pleased to see a new arrangement that can be used to shut us all up, in prison if not in word.

You say such an abuse could never happen?  Tell Paul Chambers. Tell the security researcher imprisoned in the USA for longer than teenage rapists under a similarly ”misdrafted” regulation. Tell Matthew Keys. Tell the family of Aaron Swartz, hounded to his death by over-empowered investigators. Legislation aimed at powerful individuals and corporations kills people like us when it’s misapplied.

Cory Doctorow puts it this way:

In a nutshell, then: if you press a button labelled “publish” or “submit” or “tweet” while in the UK, these rules as written will treat you as a newspaper proprietor, and make you vulnerable to an arbitration procedure where the complainer pays nothing, but you have to pay to defend yourself, and that will potentially have the power to fine you, force you to censor your posts, and force you to print “corrections” and “apologies” in a manner that the regulator will get to specify.

The problem is not regulation; it’s that the politicians appear to have bought the acquiescence of the media industry to this limited restraint on their abuses by providing them with a new way to prevent inconvenient independent expression from further eroding their power. As Nick Cohen wrote in The Observer, “Did you not notice that Leveson hurt no one in power?”  The big story here is not erosion of press freedom; it is rather the chilling of the voice of the citizen.

(Also published on ComputerWorldUK)

[Read more] (3 comments)


March 07, 2013 | Ed Paton Williams

Snoopers' Charter: We need a consultation!

The Joint Committee on the Communications Data Bill instructed the Home Office to run a consultation on communications data. They've failed to do so. We need your help to tell the Home Office why we need a consultation. We've created an online submission page to make it as easy as possible to contact the Home Office.

Tell the Home Office why you should be consulted about the Communications Data Bill.

In December 2012, a Joint Committee of MPs and Lords reported on the Government’s draft Communications Data Bill, also known as the Snoopers’ Charter. Under the Bill, internet companies like BT, Virgin Media and Sky would monitor all of their customers' email and internet use. Law enforcement agencies would then be able to search this data to help them with investigations.

One of the Joint Committee's main criticisms was that the Home Office hadn't consulted widely enough on their plans before publishing the draft Bill. The last Home Office consultation on communications data had been run three years previously in 2009. Following widespread opposition to the Government's plans that were laid out in that consultation, the 2009 proposals were quickly dropped.

In their report, the Joint Committee said that the Home Office should learn its lesson and that "before  re-drafted  legislation  is  introduced  there  should  be  a  new  round  of consultation  with  technical  experts,  industry,  law  enforcement  bodies,  public authorities and  civil  liberties groups ... Meaningful consultation can take place only once there is clarity as to the real aims of the Home Office, and clarity as to the expected use of the powers under the Bill." The Joint Committee was very clear that rigorous consultation was necessary before the Home Office could present a new Bill to Parliament.

Unfortunately, such a consultation hasn't happened. Rather than conducting the crucial consultation that the Joint Committee called for, the Home Office has held piecemeal meetings with industry and civil society groups. Despite this lack of consultation, the Home Office is redrafting a new Bill and details have not been released. It's difficult to give feedback on proposals that haven't been published yet.

This just isn't good enough. The draft Bill contained significant changes to the law on communications data. It made considerable demands of internet companies and it wasn't clear how effectively those demands could be met. The Joint Committee's report, as well as many of the groups that gave evidence to the committee, thought that the Bill's impact on civil liberties needed significant consideration.

The Home Office needs to hear evidence on these issues and many others before it can proceed with the Bill. So far though, the Home Office has shown no desire to seek out outside views on communications data and the Communications Data Bill. Unless organisations and individuals with an interest in the Communications Data Bill demand that the Home Office consult them, the Bill will likely progress without the external input it desperately requires.

Open Rights Group is asking organisations and individuals to get in touch with the Home Office to demand they are consulted on communications data and the Communications Data Bill. The Joint Committee told the Home Office to consult but they've failed to do so. There's a wide range of views on what laws on communications data should look like and it's important that the Home Office hears them.

The Home Office dropped plans to legislate on communications data in 2009 after widespread opposition so they've shown that under enough pressure they're open to outside influence. If enough organisations and individuals contact them demanding to be consulted on communications data, the Home Office will have to run the consultation the Joint Committee called for.

We've created an online submission page to make it as easy as possible to contact the Home Office. Click here to tell the Home Office why you should be consulted about the Communications Data Bill.

Open Rights Group has prepared a much more detailed briefing on communications data, the draft Communications Data Bill, the Joint Committee's report and why this consultation is needed. Click here if you want more information before contacting the Home Office.

If you want any more information or have any other questions about the Communications Data Bill, feel free to contact Open Rights Group at campaigns@openrightsgroup.org

[Read more]


March 01, 2013 | Peter Bradwell

Another important privacy vote in the European Parliament

We need your help to remind MEPs that they should support stronger data protection rules.

Members of the European Parliament are in the process of shaping a new Data Protection Regulation, which was proposed by the European Commission last January. A number of Committees in the Parliament are giving their opinions, which will influence what the final law might look like. (Full text of the proposed Regulation (pdf))

The original proposals from the Commission were very promising, offering much stronger privacy rights and a stricter regime to make sure those that collect and use personal data play by the rules. This sort of update to data protection law is badly needed. We have produced a short guide to the issues

As we've written about before, however, our privacy rights are now in danger. Lobbying from industry and the US and UK Government is threatening to see the proposals seriously weakened. On February 20th, the Industry, Research and Energy Committee (the 'ITRE' Committee) agreed on some disastrous amendments that would weaken our privacy rights, not strengthen them.

The ITRE MEPs voted to weaken the meaning of consent, narrowed the definition of personal information so certain types have less protection, and opened up a loophole that will allow companies to use data for purposes unrelated to the original collection. That would mean companies could pass information on to third parties, who could then use it for purposes unrelated to the originally collection, so long as they believe it is in their own 'legitimate interest'. That completely undermines people's ability to control how their personal information is used.

Another important vote - and how you can help

On March 18th-19th, the JURI Committee (Legal Affairs) will vote on their opinion. We need your help reminding MEPs in the Committee that they should support stronger privacy rights in this vote. Please write to your MEP and let them know this matters to you!

There are two UK MEPs on the JURI Committee.

If you live in the North West of England, you should contact your MEP Sajjad Karim:

  • Party: Conservative
  • Contact Tel (Brussels): +3222845640
  • E-mail: sajjad.karim@europarl.europa.eu
  • MEP Karim is active in Twitter so that may be a good way to reach him: @SHKMEP

If you live in Yorkshire and the Humber, you should contact your MEP Rebecca Taylor:

  • Party: Liberal Democrats
  • Contact Tel (Brussels): +3222845201
  • E-mail: rebecca.taylor@europarl.europa.eu

If you don't live in either of these constituencies, it is still helpful for you to write to your MEP and tell them that you want to see a strong Data Protection Regulation. You can easily write to your MEP using our tool.

Remember, you should try to put your email in your own words, and please be polite - they are more likely to pay attention! 

If you have note been in touch with your MEP before about this, you could highlight that this is a unique opportunity to promote citizens' rights to privacy and data protection. People need to be given more control over their information, and we need to make sure companies play by the rules. By voting to give us stronger privacy rights for they will be helping make that happen.

More detail on the JURI vote

You may wish to go into more detail - we're here to help if you do. The Committee is considering some specific amendments to the Regulation. We have produced an overview of the top amendments that we think your MEP should support or reject. EDRi have also produced an analysis of all of the amendments. For more information on what this vote in JURI is about, see the campaign site put together by EDRi. For general information about the Regulation, we have produced a quick guide to the issues.

Background: what is being proposed?

The Data Protection Regulation, put forward in January 2012, would give you more control over your personal information and help make sure businesses that handle data play by the rules. It strengthens the right to consent to data collection and processing; it would give you stronger rights to access your data and have it deleted; and it would make sure companies are more accountable for their mistakes or abuses when handling personal information. It is a badly needed update to the existing, weak law. 

What is happening now?

The proposed Regulation is currently being looked at by a number of Committees in the European Parliament. The 'lead' Committee is the Civil Liberties, Justice and Home Affairs Committee (LIBE). They will write an opinion that includes suggested changes to the Regulation. That will influence the final big vote in the European Parliament later in the year. The LIBE Committee have to take into account the opinion of several other Committees when they write their report. That means the votes in the other Committees are really important.

What is the problem?

The Regulation is coming under sustained lobbying attack from technology companies, the US Government, the ad industry, the UK Government and even the UK's Information Commissioner. They are all suggesting changes that would undermine your control over your personal information and weaken the obligations on the people who collect and use it.

A number of 'amendments' to the law have been written by industry lobbyists, and our concern is that citizens' interests are not being given a fair hearing. We have an analysis of what these amendments mean for privacy. Lots of the amendments that the Committee will vote on would make the Regulation significantly weaker. We need to make sure the MEPs understand people care about this issue, and that they should be supporting their constituents.

[Read more]


February 28, 2013 | Jim Killock

Court blocking orders lack transparency

Judge Arnold today handed down judgements allowing the BPI to instruct ISPs to block Fenopy, H33T and KickassTorrents. ISPs did not contest the orders.

Blocking is an extreme response, which will encourage new forms of distributed infringement. The BPI and others should be mindful that their tactics may have the opposite effect to their intention, by legitimising and promoting resistance to their actions.

 
We are concerned that these orders are not protecting speech, are overblocking forums and discussion, and are prone to error as the actual block lists are private.
 
Furthermore, users and the public interest have not been represented in the processes. ORG is actively examining ways to rectify this and will shortly be hiring a legal director. You can help by joining ORG.
 
ORG is documenting the UK's blocking orders

[Read more]


February 18, 2013 | Jabed Tarapdar

BPI set to block three more BitTorrent sites

The British Phonographic Industry (BPI) will ask the UK's six biggest Internet Service Providers (ISPs) to block three more sites accused of piracy at a court hearing tomorrow. (UPDATED)

BPI, which acts on behalf of rights holders, calls for ISPs to block access to Fenopy, H33t and Kickass Torrents.

BPI argue these sites infringe music label's copyright. The six ISPs (BT, Sky, Virgin Media, O2, EE and TalkTalk) have agreed to block these sites, but only if the court order is put in place.

The power stated in Section 97A of the Copyright, Designs and Patents Act 1988 was first used recently to block the pirate sites – Newzbin2 and Pirate Bay – paving the way for more sites to be blocked. This has led to several major problems for blocking sites in the UK:

  • Website blocking is an extreme response. There are growing fears this precedent will make it too easy and quick to block sites. Time needs to be taken to consider the legitimate use of the sites.

  • There needs to be a more specific and adequate definition of the precise URL or IP address to be blocked to prevent mistakes.

  • Once a site is blocked, its alleged clone sites can also be blocked, but in this case, BPI will be able to practice this without a court order. The decisions would be made between BPI and ISPs and will not be published. 

  • The blocking of these sites does not come with an expiry date. This indefinite blocking is potentially problematic if the number of sites blocked keep growing, leaving a large number of sites hidden from the public. 

  • These court hearings between a judge, ISPs and right holders do not sufficiently represent the needs of the user as their voice is not included during the hearing.

Open Rights Group (ORG) will not intervene in this case. However, due to the lack of user rights represented in this case, ORG are more likely to do so in the future.

To ensure user rights are adequately represented in future cases ORG are asking for contributions and are also advertising for a Legal Officer.

The hearing is scheduled for 19 February 2013 in the Chancery Division, High Court (Rolls Building).

Court number:

Fenopy - HC12F04957

H33t - HC12F04958

Kickass Torrents - HC12F04959

(Update: The daily courts list for Tuesday doesn't appear to show these cases.)

(Update: The Judge is expected to set a date for the hearing week beginning February 25, 2013) 

[Read more] (1 comments)


February 14, 2013 | Peter Bradwell

Will MEPs sell out your privacy rights?

There's a huge battle for our privacy and data protection rights in the European Parliament. We need your help.

Policy makers in the EU are currently considering a ground breaking new privacy law.

It would grant us more control over how our personal information is collected, stored and exploited, and make sure that those who hold our data play by the rules. This proposed Data Protection Regulation, made in the context of a booming trade in personal information, is a major and rare opportunity to give people back more control over their data.

But the proposed Regulation is under severe pressure. And we need your help to convince MEPs to support privacy.

Pretty much the entire UK establishment, most notably the Ministry of Justice and the UK's Information Commissioner, has decided to come out against the Regulation. Your Ministry of Justice and Information Commissioner are trying to undermine the proposals by pressing for lighter touch regulation.

They are backing an argument pushed by the advertising industry, US tech companies and the US government: giving you control over your data and making sure companies don't abuse is a costly nuisance to business. This lobbying could end up seriously weakening our privacy and data protection rights.

SomeUK MEPs are no better. As revealed by LobbyPlag.eu, UK MEPs such as Giles Chichester, Sajjad Karim and Malcolm Harbour have put forward amendments that were written by lobbyists for a number of US organisations, including Amazon and the American Chamber of Commerce. That's already generated interest from both the Telegraph and the Independent.

We've produced an analysis of these amendments.

A stronger regulation is much needed. 70% of Europeans are concerned about companies using information for a purpose different to the one it was collected for. The UK was highest at 80%. 74% said their specific consent should be required for personal information to be collected. Another study found that only 14 percent of respondents believe that Internet companies are honest about their use of consumers’ personal data. The current weak regime is not only leading to privacy intrusions - it is damaging trust in online markets.  

The rights put forward in the new Data Protection Regulation are a great start. They would mean you could more easily request data about you; know how it is being used; be told when it is misused; have it deleted. It would be regulation with teeth so companies know that if they break the rules there are consequences. Here's a our brief guide to the issues.

The Regulation is being considered by committees in the European Parliament now. Civil society groups from across the EU have joined together to campaign on this (see the campaign site.) Your MEPs need to hear from you to make sure they understand people care about their privacy.

 

What you can do now

If you are in the North West or South West of England please contact your MEPS now. They are voting next week (on Wednesday 20th February) in the Industry, Research and Energy Committee (ITRE). Some of the amendments they have put forward are very damaging, suggesting they will vote to weaken the Regulation.

If you are in theNorth West: please contact your MEP Sajjad Karim:

Party: Conservative
Contact Tel (Brussels): +32(0)2 28 45640
E-mail: sajjad.karim@europarl.europa.eu

If you are in the South West: please contact your MEP Giles Chichester:

Party: Conservative
Contact Tel (Brussels): +32(0)2 28 45296
E-mail: giles.chichester@europarl.europa.eu

See our quick guide to the key issues for more detail on what is at stake.

If you are not in these constituencies, you can find out who your MEP. Contact them and tell them you care about data protection rights and want to see a strong regulation.  You will likely need to contact them again when further votes take place. 

What should I say?

ITRE Committee

If you are contacting Sajjad Karim MEP or Giles Chichester MEP, you can talk about the basic need to support strong data protection rights and highlight that this is an unique opportunity to promote citizens' rights to privacy and data protection. We have produced a brief guide to the issues.

If you want to go into more detail, there are some specific issues you could address: 

  • The definition of personal data should be broadenough to include data that can 'single out' an individual, not just identify them.

Just because data are not linked to a name does not mean that they are not personal data. It is becoming increasingly possible to identify a person using less and less data, or to “re-identify” someone from data previously considered anonymous.

So we support amendment 323, which takes into account the notion of ‘singling out’. But amendments excluding 'anonymous' or 'pseudonymous' data weaken the definition. Truly anonymous data is excluded, by definition, by Article 4 (1). However, 'anonymised' data is rarely if ever such. "De-anonymisation" is increasingly recognised as impossible.

  • Consent must be explicit, informed and freely given.

Amendments that undermine this significantly weaken the Regulation and undermine the principle that people should be given more control over what happens to their personal information.

So we would like to see amendment 198 rejected because it waters down the notion of consent and proposes to change ‘explicit’ to ‘unambiguous’ consent.“Explicit” needs to be kept in the text! We need to defend the right to say yes or no to the collection of our data.

  • The 'legitimate interest' provision means businesses can get away with all sorts of processing without people's consent, offering a convenient loophole for abusive or excessive processing.

We would like to see amendments that restrict this to exceptional circumstances. Amendments that extend this further, for instance to third parties, would be particularly damaging and should be rejected.

  • Data portability should be supported, as it gives people meaningful control over their data, helps them avoid ‘lock in’ to particular services and drive competition.

So we would like to see amendments 501 & 502 rejected as they undermine this opportunity. The UK Government are actively promoting the MiData initiative in the UK - it makes no sense to reject this in the EU. Citizens’ right to choose the best company and not be locked-in to services must be supported.

  • We need stronger controls over profiling. Through the information they give away, people are being ‘mapped’ and their profiles evaluated, analysed and used to predict behaviour. That influences how they are treated. People need the right to know about and object to profiling in all its forms. That is especially important for sensitive information such as health data.

We do not support amendments which weaken the controls over profiling. Amendment 538 should be supported since we need increased protection with regard to profiling.

  • Those who hold and use data must be held accountable. 

So, for example, we support amendments 673 and 675 because that would help make sure that data breaches are reported and not, as EDRi put it, "swept under the rug".

For more information on what this vote in ITRE is about, see the campaign site put together by EDRi.

For full details of the Regulation, see the EDRi site www.protectmydata.eu

 

More Background

What is being proposed?

The Regulation, proposed in January 2012, would give you more control over your personal information and help make sure businesses that handle data play by the rules. It strengthens the right to consent to data collection and processing; it would give you stronger rights to access your data and have it deleted; and it would make sure companies are more accountable for their mistakes or abuses when handling personal information. It is a badly needed update to the existing, weak law.

What is happening now?

The proposed Regulation is currently being looked at by a number of Committees in the European Parliament. The 'lead' Committee is the Civil Liberties, Justice and Home Affairs Committee (LIBE). They will write an opinion that includes suggested changes to the Regulation. That will influence the final big vote in the European Parliament later in the year. The LIBE Committee have to take into account the opinion of several other Committees when they write their report. That means the votes in the other Committees are really important.

What is the problem?

The Regulation is coming under sustained lobbying attack from technology companies, the US Government, the ad industry, the UK Government and even the UK's Information Commissioner. They are all suggesting changes that would undermine your control over your personal information and weaken the obligations on the people who collect and use it.

A number of 'amendments' to the law that have been written by industry lobbyists. Lots of the amendments that the Committee will vote on would make the Regulation significantly weaker. We need to make sure the MEPs understand people care about this issue, and that they should be supporting their constituents.

Fr more, see our guide to the issues. EDRi have put together a comprehensive overview of the Regulation.

If you need more information please get in touch with Peter Bradwell: peter@openrightsgroup.org

 

[Read more]


February 05, 2013 | Peter Bradwell

Golden Eye write to alleged copyright infringers

Here is what to do if you receive a letter

Just under 1,000 broadband subscribers in the UK received letters in December from O2 or Be Broadband, saying that the company is passing on their name and address details to a company called Golden Eye.

Last week, Golden Eye International sent the first batch of 'pre-action' letters to about 150 of those people. The letters threaten court action for alleged copyright infringement via p2p file-sharing networks. The allegations concern copyright infringement of various 'Ben Dover Productions' films.

Golden Eye will be sending out the remaining letters in stages over this month.

The letters mainly involve O2 broadband customers, and some BE Broadband customers (both are owned by Telefonica UK).

For some background to this, see Consumer Focus' outline of the case, and our blog on the original case.

Consumer Focus have also posted a blog on what to do if you receive a letter. 


Advice for those who have received letters

1. What to do if you have only received a letter from O2 or Be Broadband

The letters from O2 or Be are simply to inform you that they have handed over information about you to Golden Eye. You do not need to take action or seek advice from Citizens Advice at this stage – but understanding what is happening is important. It is likely you will receive a letter in the near future from Golden Eye. 

2. What to do if you have received a letter from Golden Eye

These are 'pre-action' letters. The wording of the letters was set by the court. You can download and check if the letters look how they should. If your letter does not look like this, that is really important. It is something you should let Citizens Advice know about.

Regardless of whether you (as one of the relevant O2 or Be Broadband customers) are guilty of the alleged infringement, you need to respond to Golden Eye within 28 days, setting out whether you deny the allegation, or admit to copyright infringement.

Free and confidential help is at hand. Consumer Focus and Citizens Advice have worked together to establish detailed advice scripts for alleged copyright infringement. The legal system is devolved, therefore Citizens Advice has prepared suitable advice scripts for England and Wales, for Scotland and for Northern Ireland.

Citizens Advice provides free advice and are able to advice O2 and BE customers regardless of whether they are guilty or not. The advice is free and confidential.

If it turns out that the copyright infringement was committed by a child in the household, Citizens Advice will be able to advise O2 and BE customers on possible courses of action.

Visit www.adviceguide.org.uk or call 08454 04 05 06 from 9am to 5pm Monday to Friday. Alternatively, visit your local Citizens Advice Bureau – find the details online at www.adviceguide.org.uk or look under C in the phone book.

You are welcome to get in touch with us if you would like to discuss this. But we can't offer you the sort of legal advice now about how to respond to the letters, so this should not be a substitute for you contacting Citizens Advice. 


3. Why have I received this letter?

Golden Eye International (GEIL) represents the pornography producer Ben Dover.

You have received the letter because GEIL obtained a so-called Norwich Pharmacal Order forcing O2 (or rather its parent company, Telefónica UK) to give GEIL your name and address on the basis that you are a subscriber to its Internet service and GEIL claims to have observed an IP address associated with your account distributing files in infiringement of copyright. 

The next step is the letter from GEIL. That includes a demand for a sum of money in settlement of the rights holder's claim. The letter also threatens court proceedings should you not respond.


4. More background: what do they know?

First, the High Court recognised in its decision that the subscriber - the bill payer for an Internet connection - may well not be the individual that has committed an alleged infringement. Most internet connections in the UK are shared.

Golden Eye can identify IP addresses relating to alleged infringement, which then identify an internet connection. That does not identify a device or the individual using it.

Second, it is important to stress the quality of the evidence on which the accusation against you is based may be dubious.

Peer-to-peer (P2P) file-sharing is a system of distributing files across the Internet (often also called "torrenting"). The key element is that file-sharing is decentralised, so that there is no central server that holds copies of these files; instead, users connect directly to each other. Someone who downloads (receives) a file is also simultaneously uploading (distributing, or sending) the parts of the file they have already received. If there were a central server, rights holders who believe the works they own are being copied without authorisation would simply seek to shut that down. As that approach is impossible with file-sharing, rights holders seek to identify and stop consumers directly.

All Internet users are familiar with the names sites use to identify themselves online: Google.com, OpenRightsGroup.org, and so on. Networked computers, however, identify themselves and send traffic to each other using numbers called IP (for Internet Protocol) addresses.

Every ISP is assigned a pool of these addresses. When you connect to the Internet your Internet service provider (whether you use broadband, dial-up modem, wifi, or mobile) assigns an address in their pool to the device you're using to connect (whether that's a network router, a mobile phone, or a computer). How long you keep a particular address depends on the kind of connection you have and your ISP's policy. Businesses and some consumers have "static" IP addresses: numbers they have been permanently assigned.

Most consumers and all mobile or dial-up connections, however, have "dynamic" IP addresses that are assigned randomly for a limited period of time. ISPs keep logs showing which of their subscribers used which of its pool of numbers at any given time.

File-sharing software uses these numbers to connect file-sharers to each other - and makes no effort to hide them. Rights holders accordingly use special software to monitor these connections and record the IP addresses, along with the date and time, of users spotted sharing copies of the works they own.

To find out who was using the IP number at a particular time, a rights holder must obtain a court order known as a "Norwich Pharmacal Order" against your ISP. The ISP then matches the IP addresses the rights holder has recorded against its logs and advises the rights holder of the subscriber's identity.

That's the theory. In practice, this system is far from perfect and the fact that you've been accused does necessarily not mean you are guilty.

More information on the allocation, tracing and matching of IP addresses can be found in a report by Dr Richard Clayton, which takes you through all the steps and explains what can go wrong: Online traceability: Who did that? – Technical expert report on collecting robust evidence of copyright infringement through peer-to-peer filesharing


5. What does the accusation mean?

Copyright actions of this nature are civil, not criminal cases; civil cases are assessed on the balance of probabilities rather than the principle of beyond reasonable doubt. Under the High Court's decision in July 2012, GEIL must demonstrate that you were personally involved in copying or sharing of all or part of the work.

However, the IP address and the time of the alleged infringement is the only evidence GEIL has. Such evidence has never been fully tested by a UK court, and so far it has not been establish whether the evidence proves beyond reasonable doubt that a copyright infringement has occurred on an Internet connection. Accordingly, all GEIL actually knows is that O2 identified you as the subscriber matched to the IP address, date, and time. This information is not always reliable, and similar cases in the past have produced many unjust accusations.

When the High Court granted the Norwich Pharmcal Order it merely examined whether on the face of it, the evidence suggests that a copyright infringement has been committed on the Internet connection as identified by an IP address. It will be for courts to test the evidence in a fully contested case. Because Internet connections are typically shared, in granting the order the court also ruled that consumers identified as above could not be presumed guilty. 

If you do not recognise the material you are accused of downloading or sharing, there are a number of possible reasons why you might have been unjustly linked to it: someone else in your household might have used the connection; an open wifi connection might have allowed an outsider to piggyback on your connection; IP addresses can be spoofed, redirected, or hijacked; or the information might simply be wrong.


6. What should I do now?

Do not panic. Get advice from Citizens Advice (see below). Do not send money or admit guilt until or unless you are advised to do so by someone competent.


7. Where to get advice

If you have received a letter from O2 or Be

At this stage you do not need to seek advice. You will likely receive a letter in the future from Golden Eye. At that stage, it is important to seek advice.

If you receive a letter from Golden Eye

Consumer Focus and Citizens Advice have worked together to establish detailed advice scripts for alleged copyright infringement. The legal system is devolved, therefore Citizens Advice has prepared suitable advice scripts for England and Wales, for Scotland and for Northern Ireland.

Citizens Advice provides free advice and are able to advice O2 and BE customers regardless of whether they are guilty or not.

If it turns out that the copyright infringement was committed by a child in the household, Citizens Advice will be able to advise O2 and BE customers on possible courses of action.

Visit www.adviceguide.org.uk or call 08454 04 05 06 from 9am to 5pm Monday to Friday. Alternatively, visit your local Citizens Advice Bureau – find the details online at www.adviceguide.org.uk or look under C in the phone book.

[Read more]


google plusdeliciousdiggfacebookgooglelinkedinstumbleupontwitteremail