call +44 20 7096 1079
October 07, 2010 | Simon Bradshaw

Comment on Ministry of Sound hearing (part two)

 

In the aftermath of the highly-publicised DDOS attack against ACS:Law and the data leak that followed, both BT and PlusNet expressed serious concerns to Ministry of Sound and law firm Gallant Macmillan about the proposed Norwich Pharmacal Order (NPO) requiring them to hand over details of alleged subscribers. (For more details of what an NPO is, see Part 1 of this post.) The chronology of what followed was discussed in some detail at the court hearing on Monday 4th October, but before I go through it I’ll set the scene a little.
This application was to be heard by the Chancery Chief Master, Chief Master Winegarten. As with most application hearings it was not in a courtroom but rather his office; fortunately, CM Winegarten’s office in the modern Thomas More building at the Royal Courts of Justice not only commands a nice view but was large enough for the seventeen lawyers and observers I counted. As well as myself observing on behalf of the ORG, the BBC was represented; the British Phonographic Industry – the music industry’s trade association –  also sent an observer and I suspect several of the others watching were there on behalf of other ISPs interested in the outcome. My thanks, incidentally, to CM Winegarten, who had apparently briefed his staff that there were likely to be a good number of observers (this is very unusual for an application in chambers!) and to counsel for both sides, who not only were happy with our presence but made a point of asking CM Winegarten to confirm that there were no reporting restrictions.
Having all assembled in front of the Chief Master, we then got first Ministry of Sound’s version of events, and then BT and PlusNet’s. The two sides had a rather different take on exactly what basis the events of the previous few days had unfolded, but after both had had their say – and CM Winegarten had asked some questions to clarify matters – the following timetable emerged.
24th September: The data leak from ACS:Law. Counsel for BT noted the ‘furore’ surrounding this and claimed that this was the point at which BT became seriously concerned as to the security of data handed over in respect of NPOs. In response to CM Winegarten’s observation that BT must have been aware of such concerns already, BT described the ACS:Law leak as a ‘learning step’.
28th September: BT wrote to Ministry of Sound stating that unless it could be satisfied by the latter’s security arrangements it would have to resist the application for an NPO.
30th September: BT followed this up by sending a further letter on Thursday afternoon stating that they intended to oppose the application for an NPO and asking Ministry of Sound to agree there and then that the hearing on Monday 4th October should be adjourned so that both sides could gather further evidence in support of a contested hearing.
It seems that Ministry of Sound did not immediately reply to this and BT concluded by Friday 1st October that it would have to go into Monday’s hearing – hitherto expected to be a formality – prepared to fully oppose the application for an NPO. It would need a proper legal argument and evidence to support it to do that, so BT’s lawyers worked flat-out over the weekend to produce this.
In the end, come the day itself, Ministry of Sound accepted that given the requests for an adjournment and the public interest arising from recent events the full hearing on the NPO would have to be adjourned. Their counsel noted that they did so with reluctance but acknowledged a number of factors that made an adjournment inevitable, including the publicity about ACS:Law. There would be no NPO today, nor even substantial argument about one.
What there was argument about was money. BT had done a lot of work over the weekend in anticipation that there would be a full legal argument, and wanted to be reimbursed by Ministry of Sound for this - to the tune of £52,000. CM Winegarten balked at this, and he pointed out that BT would have had to have done this work at some point anyway, even if the hearing had been adjourned earlier. In the end he did not order Ministry of Sound to pay BT’s costs, although depending on the outcome of the adjourned hearing one side may well end up seeking to bill the other.
In terms of that hearing, it was agreed that it would take place on 12th January 2011. A schedule was agreed whereby BT and PlusNet would submit evidence by early November as to why the NPO shouldn’t be granted; Ministry of Sound would then have a month to consider this and respond, and BT would have to get in its response to that by Christmas. BT did try to ask for longer, citing, for example, the need to get the best advice about the ‘industry standard’ for data security. CM Winegarten pointed out that BT had probably written the industry standard in that respect, and that four weeks ought to be more than long enough!
In the course of all this though there was some intriguing discussion of issues arising from the tracking of file-sharers. For instance, the Chief Master noted that ISPs were being asked to hand over a huge swathe of data for rights-holders or their lawyers to trawl through to determine whether alleged instances of file-sharing were, on the one extreme, lots of users sharing one file, or at the other, one user sharing a lot of files. Could ISPs not, he asked, be set criteria by rights-holders to work out who were the serious offenders and only hand over their details? Ministry of Sound’s counsel claimed that this assumed that there was a minimum threshold of infringement that would be followed up, and said that it was their policy that they would write to everyone alleged to have infringed their rights. For my part, whilst I can see that such a screening exercise would cut down on the amount of personal data to be handed over under an NPO, I can imagine that most ISPs would be very reluctant indeed to be seen to do anything of the kind. It will be interesting to see if we hear any more of this idea.
CM Winegarten also raised the matter of the Digital Economy Act and the powers it would bring in. BT pointed out that Ofcom was still consulting about the Initial Obligations Code, the set of rules that would govern action against alleged file-sharers, and that BT was itself seeking Judicial Review of some of the relevant portions of the Act on the basis that they did not comply with EU law or human rights law.
As for NPOs already previously granted to order it to disclose subscriber details to organisations other than the Ministry of Sound, BT indicated that it would be asking the Chief Master to suspend and review them in light of the arguments it would be making in January. Another interesting admission that came out of this discussion was that BT had a significant volume of disclosure requests from other agencies such as the Police and Security Services, and that even once an NPO had been issued it went into a very long queue. Although the exact timescales weren’t discussed in detail, I got the impression that it can take BT weeks or months to get around to trawling its subscriber records for the details rights-holders seek. As for what happens once rights-holders get them, Ministry of Sound conceded that they had yet to take any legal action in respect of alleged file-sharing after receiving details from other ISPs, although they pointed out that it was not long since they had first sent out letters about this and it would be, in their words, ‘oppressive’ to go to court straight away.
So, what will happen now is that there will be a lot of exchanging of evidence and counter-evidence about the way in which details of alleged file-sharing are gathered and the security measures applied to such data, followed by what all sides admitted would probably be a full day of argument in front of the Chief Master on 12th January. However – and this is a big however – we may not see all of that argument, because Ministry of Sound indicated that they would be asking for some parts of that hearing to be held in private as what they claimed to be sensitive details of their torrent-tracking technology would have to be discussed in detail. Whether this request is granted remains to be seen but it is certainly to be hoped that as much of the next hearing as possible is open to observation, as it will be an important day for deciding the extent to which ISPs can, under the current law at least, be compelled to hand over details of alleged infringing file-sharers.

In the aftermath of the highly-publicised DDOS attack against ACS:Law and the data leak that followed, both BT and PlusNet expressed serious concerns to Ministry of Sound and law firm Gallant Macmillan about the proposed Norwich Pharmacal Order (NPO) requiring them to hand over details of alleged subscribers. (For more details of what an NPO is, see Part 1 of this post.) The chronology of what followed was discussed in some detail at the court hearing on Monday 4th October, but before I go through it I’ll set the scene a little.

This application was to be heard by the Chancery Chief Master, Chief Master Winegarten. As with most application hearings it was not in a courtroom but rather his office; fortunately, CM Winegarten’s office in the modern Thomas More building at the Royal Courts of Justice not only commands a nice view but was large enough for the seventeen lawyers and observers I counted. As well as myself observing on behalf of the ORG, the BBC was represented; the British Phonographic Industry – the music industry’s trade association –  also sent an observer and I suspect several of the others watching were there on behalf of other ISPs interested in the outcome. My thanks, incidentally, to CM Winegarten, who had apparently briefed his staff that there were likely to be a good number of observers (this is very unusual for an application in chambers!) and to counsel for both sides, who not only were happy with our presence but made a point of asking CM Winegarten to confirm that there were no reporting restrictions.

Having all assembled in front of the Chief Master, we then got first Ministry of Sound’s version of events, and then BT and PlusNet’s. The two sides had a rather different take on exactly what basis the events of the previous few days had unfolded, but after both had had their say – and CM Winegarten had asked some questions to clarify matters – the following timetable emerged.

24th September: The data leak from ACS:Law. Counsel for BT noted the ‘furore’ surrounding this and claimed that this was the point at which BT became seriously concerned as to the security of data handed over in respect of NPOs. In response to CM Winegarten’s observation that BT must have been aware of such concerns already, BT described the ACS:Law leak as a ‘learning step’.

28th September: BT wrote to Ministry of Sound stating that unless it could be satisfied by the latter’s security arrangements it would have to resist the application for an NPO.

30th September: BT followed this up by sending a further letter on Thursday afternoon stating that they intended to oppose the application for an NPO and asking Ministry of Sound to agree there and then that the hearing on Monday 4th October should be adjourned so that both sides could gather further evidence in support of a contested hearing.

It seems that Ministry of Sound did not immediately reply to this and BT concluded by Friday 1st October that it would have to go into Monday’s hearing – hitherto expected to be a formality – prepared to fully oppose the application for an NPO. It would need a proper legal argument and evidence to support it to do that, so BT’s lawyers worked flat-out over the weekend to produce this.

In the end, come the day itself, Ministry of Sound accepted that given the requests for an adjournment and the public interest arising from recent events the full hearing on the NPO would have to be adjourned. Their counsel noted that they did so with reluctance but acknowledged a number of factors that made an adjournment inevitable, including the publicity about ACS:Law. There would be no NPO today, nor even substantial argument about one.

What there was argument about was money. BT had done a lot of work over the weekend in anticipation that there would be a full legal argument, and wanted to be reimbursed by Ministry of Sound for this - to the tune of £52,000. CM Winegarten balked at this, and he pointed out that BT would have had to have done this work at some point anyway, even if the hearing had been adjourned earlier. In the end he did not order Ministry of Sound to pay BT’s costs, although depending on the outcome of the adjourned hearing one side may well end up seeking to bill the other.

In terms of that hearing, it was agreed that it would take place on 12th January 2011. A schedule was agreed whereby BT and PlusNet would submit evidence by early November as to why the NPO shouldn’t be granted; Ministry of Sound would then have a month to consider this and respond, and BT would have to get in its response to that by Christmas. BT did try to ask for longer, citing, for example, the need to get the best advice about the ‘industry standard’ for data security. CM Winegarten pointed out that BT had probably written the industry standard in that respect, and that four weeks ought to be more than long enough!

In the course of all this though there was some intriguing discussion of issues arising from the tracking of file-sharers. For instance, the Chief Master noted that ISPs were being asked to hand over a huge swathe of data for rights-holders or their lawyers to trawl through to determine whether alleged instances of file-sharing were, on the one extreme, lots of users sharing one file, or at the other, one user sharing a lot of files. Could ISPs not, he asked, be set criteria by rights-holders to work out who were the serious offenders and only hand over their details? Ministry of Sound’s counsel claimed that this assumed that there was a minimum threshold of infringement that would be followed up, and said that it was their policy that they would write to everyone alleged to have infringed their rights. For my part, whilst I can see that such a screening exercise would cut down on the amount of personal data to be handed over under an NPO, I can imagine that most ISPs would be very reluctant indeed to be seen to do anything of the kind. It will be interesting to see if we hear any more of this idea.

CM Winegarten also raised the matter of the Digital Economy Act and the powers it would bring in. BT pointed out that Ofcom was still consulting about the Initial Obligations Code, the set of rules that would govern action against alleged file-sharers, and that BT was itself seeking Judicial Review of some of the relevant portions of the Act on the basis that they did not comply with EU law or human rights law.

As for NPOs already previously granted to order it to disclose subscriber details to organisations other than the Ministry of Sound, BT indicated that it would be asking the Chief Master to suspend and review them in light of the arguments it would be making in January. Another interesting admission that came out of this discussion was that BT had a significant volume of disclosure requests from other agencies such as the Police and Security Services, and that even once an NPO had been issued it went into a very long queue. Although the exact timescales weren’t discussed in detail, I got the impression that it can take BT weeks or months to get around to trawling its subscriber records for the details rights-holders seek. As for what happens once rights-holders get them, Ministry of Sound conceded that they had yet to take any legal action in respect of alleged file-sharing after receiving details from other ISPs, although they pointed out that it was not long since they had first sent out letters about this and it would be, in their words, ‘oppressive’ to go to court straight away.

So, what will happen now is that there will be a lot of exchanging of evidence and counter-evidence about the way in which details of alleged file-sharing are gathered and the security measures applied to such data, followed by what all sides admitted would probably be a full day of argument in front of the Chief Master on 12th January. However – and this is a big however – we may not see all of that argument, because Ministry of Sound indicated that they would be asking for some parts of that hearing to be held in private as what they claimed to be sensitive details of their torrent-tracking technology would have to be discussed in detail. Whether this request is granted remains to be seen but it is certainly to be hoped that as much of the next hearing as possible is open to observation, as it will be an important day for deciding the extent to which ISPs can, under the current law at least, be compelled to hand over details of alleged infringing file-sharers.

 

google plusdeliciousdiggfacebookgooglelinkedinstumbleupontwitteremail


Comments (8)

  1. Jim Killock:
    Oct 07, 2010 at 08:12 PM

    Thanks for attending and reporting Simon. These questions about "sensitive" elements of their torrent tracking technology sound extremely worrying: it would be good to hear if anyone knows why they think they have a right to ask, and what they think could be sensitive. Torrents are open and simple to harvest information from. So what exactly could the problem be? And why should a private agency hide their methods at all?

  2. Anonymous:
    Oct 07, 2010 at 04:00 PM

    Thank you Simon for the only full and clear report to come out of the hearing so far. Very informative! Your effort is very much appreciated.

  3. Mike:
    Oct 07, 2010 at 04:36 PM

    Congratulations and many thanks for your excellent report.

    I don't fileshare or download any copyright material (useage under 4gb/mth) but I am appalled at the wholesale handover of so much material to anyone -- let alone some of the highwaymen now skulking in the trees.

    Thank you again.

  4. Mark - ISPreview UK:
    Oct 08, 2010 at 12:49 PM

    We must also ask, if somebody is tracked on P2P, do those systems have the ability to detect when somebody has assisted in transfering 100% of the content to any specific individual. Is sharing fragments of a file, which alone is not viable content, unlawful?

  5. SusanH:
    Oct 08, 2010 at 05:46 PM

    So, basically, what we appear to be seeing here is a rerun of Universal Thermosensors (initially valuable order - in that case the AP - being abused to breaking point by irresponsible claimants/their solicitors, resulting in the imposition of restrictions on use which price it out of the reach of many litigants) only this time it's the turn of the Norwich Pharmacal order.

    Great. The sheer level of casual disregard for the NPO principles both on those applying for them and (apparently) on the defendants in (not) resisting them is one of the more dispiriting things to have come out of this whole mess.

    So; all on hold till next year. Which is going to be a bugger for those of us who might have to apply for (legitimate and restrained) NPOs in the interim, because everyone will be super-twitchy.

  6. Simon Bradshaw:
    Oct 09, 2010 at 08:28 PM

    Susan,

    I'm not sure how much impact this will have on NPO applications in general. The file-sharing NPOs have been a bit odd in that rather than 'A wants B to disclose the identity of C' they are 'A wants B to disclose C-1 to C-9,999 on the basis of data supplied by A'. This raises two issues which are at the heart of the current dispute:

    1) How accurate is the data supplied by A?

    2) What are the appropriate data protection provisions in the Order for such a large identity disclosure?

    Here, the ISPs are saying that they have concerns whether the safeguards in the NPOs being sought are adequate for disclosure of hundreds or thousands of subscriber details. They also want more assurance that the underlying data on torrent tracking is accurate enough to justify releasing the corresponding subscriber accounts. I'm not sure that these factors have much bearing on what one might call a 'traditional' NPO and I'd be surprised if this case affected applications for NPOs outside the rather unusual circumstances of mass disclosure requests against ISPs.

    Simon

  7. Tim:
    Oct 12, 2010 at 02:34 PM

    Universal Thermosensors involved Anton Piller orders, not Norwich Pharamacal orders.

    It is not clear why a data leak affecting one firm (ACS Law) should affect an application for a Norwich Pharmacal order made by an entirely different firm (Gallant Macmillan). If BT has concerns about the security of any data provided pursuant to a Norwich Pharmacal order, that could be dealt with by inserting appropriate safeguards in the text of the order or by the giving of undertakings by GM and/or their clients.

    The data are not supplied by A. They are supplied to A by a data-gathering company. A then places the relevant information before the court. It is interesting to note that, until now, none of the respondents to an application for any of these Norwich Pharmacal orders seems to have queried the reliability of such data.

  8. John:
    Oct 13, 2010 at 02:43 PM

    I think the Universal case was cited as an analogous example of a situation where the courts developed an order for a narrow purpose, but where, subsequently, they were granted in an increasingly wide range of circumatances that extended way beyond the original purpose. I would have to look Universal up, but my recollection is that it ended up with the executing solicitor being accused of false imprisonment, and arguments that they had exceeded the objective of preserving evidence known to exist and had developed into search warrants to see if any evidence existed to start with.

    One key issue is that in a typical NPO application, the applicant has a prima facie case against someone and the only lacking ingredient is the identity of the defendent. In these ISP cases, it is clear that although there might be a prima facie case against a person unknown; in most, if not almost all, of these cases, there is no evidence at all other than that a computer containing an unauthorised copy of the claimants work was connected to the internet via the connection in question at the time stated. And that assumes that the monitoring process is accurate.

    But in these applications, it appears that the applicants are asserting either (a) that the subscriber is likely to be the file sharer, or (b) that the purpose is to identify the subscriber - who is not necessarily the accused - so that further enquiries can be made. certainly in the ASC case, the High Court decided that a prima facie case had been made out relating to the subscribers, and if they are not accusing the subscriber of anything, the letters certainly convey the impression that they are.

    I would contend that unless there is some other evidence that the broadband subscriber either (a) is the file sharer, or (b) knows who the file sharer was, that the object of these applications is either as a component of a fishing exercise or as a means of trying to get someone (irrespective of who they are or whether liable or not) frightened into coughing up.


    Either way, I would have thought that if the applicant does not know whether the defendent is the subscriber or someone else, then is raises serious issues about granting a NPO at all.

    I think that if a requirement of these NPO's had been that the claimant identifies and quantifies the actual claim in the intital letter that goes to the subscriber, and also states in the application for the NPO, the prima facie case they have that is just lacking the identity, that a lot of what has gone on would have been avoided to start with.



This thread has been closed from taking new comments.