EU data ruling slaps filesharers with red herring

Analysis Internet users in the UK can safely ignore this week's EU Courts of Justice ruling on data protection for filesharing: it's already irrelevant.

On top of that, the judgement covers an ISP belief system that's being rapidly eroded by governments and rights holders behind closed doors.

Neither fact has stopped the judgement being widely misreported (here's the correct story).

Here's a typical example from The Times, the UK's supposed national newspaper of record: "Record labels and film studios cannot demand that telecoms companies reveal the personal details of people suspected of swapping copyrighted material on the internet, the European Court of Justice ruled yesterday."

No, it didn't.

The court ruled that EU law doesn't compel ISPs to reveal customer details in a civil case brought by a rights holder. National courts are in charge as to whether laws are introduced to that end on the ground.

And in the UK, that happened years ago. Most recently the media law firm Davenport Lyons, acting on behalf of videogames developer Codemasters, easily scored the personal details of ISP customers it wanted to accuse of copyright infringement over peer-to-peer networks.

It obtained a High Court order, which forces ISPs to hand over the details in exchange for a small administrative fee. PlusNet customers were among those targeted, and the firm explained its hands are tied under UK law in a posting here.

Davenport Lyons used the details to fire off dozens of demands for hundreds of pounds along with threats of criminal action.

Thus the EU's judges' ruling is an irrelevant footnote in the UK, where civil courts require a low threshold of proof to issue a court order that trumps data protection regulations.

But for rights holders, battling copyright-infringing filesharers by court order is expensive, time-consuming and impractical given the scale of peer-to-peer networks in 2008.

In the UK and France at least, the real frontline in the filesharing war isn't in the data protection field, but in the ongoing negotiations for a voluntary agreement for ISPs to disconnect persisitent illegal filesharers.

A BPI spokesman told us the system it is pushing for would not require any personal data to be handed over by ISPs.

The line makes logical sense. If the ISPs are one half of a voluntary agreement to cut off filesharers, then the personal data is already where it is needed. No need for courts, lawyers or nastygrams*.

The BPI man was cagey on the technical details of how infringers might be identified, saying that negotiations aren't past the stage of agreeing an enforcement procedure. The recording industry wants a three-stage slap: a first warning letter, a short suspension of service, followed by a termination of service. The government backs the push.

On the nuts and bolts, in our view it's most likely that simple witchfinder procedures will be used to target individual filesharers. All an investigator needs to do is join copyright-infringing BitTorrent swarms and log the IP addresses of the peers. The rest is simple database manipulation. For now, nebulous waffling about filtering technologies in the network can be reasonably disregarded for practical purposes.