Feeds

EU data ruling slaps filesharers with red herring

BPI: You don't have to show us any stinkin' personal data

SANS - Survey on application security programs

Analysis Internet users in the UK can safely ignore this week's EU Courts of Justice ruling on data protection for filesharing: it's already irrelevant.

On top of that, the judgement covers an ISP belief system that's being rapidly eroded by governments and rights holders behind closed doors.

Neither fact has stopped the judgement being widely misreported (here's the correct story).

Here's a typical example from The Times, the UK's supposed national newspaper of record: "Record labels and film studios cannot demand that telecoms companies reveal the personal details of people suspected of swapping copyrighted material on the internet, the European Court of Justice ruled yesterday."

No, it didn't.

The court ruled that EU law doesn't compel ISPs to reveal customer details in a civil case brought by a rights holder. National courts are in charge as to whether laws are introduced to that end on the ground.

And in the UK, that happened years ago. Most recently the media law firm Davenport Lyons, acting on behalf of videogames developer Codemasters, easily scored the personal details of ISP customers it wanted to accuse of copyright infringement over peer-to-peer networks.

It obtained a High Court order, which forces ISPs to hand over the details in exchange for a small administrative fee. PlusNet customers were among those targeted, and the firm explained its hands are tied under UK law in a posting here.

Davenport Lyons used the details to fire off dozens of demands for hundreds of pounds along with threats of criminal action.

Thus the EU's judges' ruling is an irrelevant footnote in the UK, where civil courts require a low threshold of proof to issue a court order that trumps data protection regulations.

But for rights holders, battling copyright-infringing filesharers by court order is expensive, time-consuming and impractical given the scale of peer-to-peer networks in 2008.

In the UK and France at least, the real frontline in the filesharing war isn't in the data protection field, but in the ongoing negotiations for a voluntary agreement for ISPs to disconnect persisitent illegal filesharers.

A BPI spokesman told us the system it is pushing for would not require any personal data to be handed over by ISPs.

The line makes logical sense. If the ISPs are one half of a voluntary agreement to cut off filesharers, then the personal data is already where it is needed. No need for courts, lawyers or nastygrams*.

The BPI man was cagey on the technical details of how infringers might be identified, saying that negotiations aren't past the stage of agreeing an enforcement procedure. The recording industry wants a three-stage slap: a first warning letter, a short suspension of service, followed by a termination of service. The government backs the push.

On the nuts and bolts, in our view it's most likely that simple witchfinder procedures will be used to target individual filesharers. All an investigator needs to do is join copyright-infringing BitTorrent swarms and log the IP addresses of the peers. The rest is simple database manipulation. For now, nebulous waffling about filtering technologies in the network can be reasonably disregarded for practical purposes.

High performance access to file storage

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.