• home
• your needs
  You can read about our services, the sectors we work in, our product ranges and how we can help you in your role by using the links below.

  • services

  • To view an a-z list of our services, click the link below.

  • view all services

  • sectors
  • health
  • public sector
  • private & public listed companies
  • insurance

  • products
  • basics
  • checker
  • tracker
  • navigator
  • reform
  • lawsure
  • quickcall
  • learn

  • your role
  • in house legal
  • managing a business
  • insurance claims
  • procurement
  • finance
  • human resources
  • property management
  • marketing

  • training
  • seminars
  • webinars
  • podcasts
  • BIIAB
  • delegate centre
  • claims club
• about us
  You can find out more about us, the training we offer, our news and publications and how to contact us, by using the links below.

  • our business
  • fast facts
  • international
  • our awards
  • our client charter
  • professional memberships
  • our technology
  • corporate social responsibility
  • groupe francais

  • contact us
  • our people
  • management team

  • press office
  • press releases
  • articles
  • press coverage

  • resources
  • bulletins
  • legal updates
  • clarity guides
  • transaction updates
  • consultation papers
  • survey reports

  • case studies

  • To find out more about what we've been working on, click the link below to search our case studies.

  • view all case studies
• join us

article

Will copyright enforcement tip the scales over privacy rights?

23 July 2008

From telephone tapping by law enforcement agencies to the publication of images of children of famous parents, the right to privacy has long been seen as a right which has to be balanced against other fundamental rights or legitimate interests. 

Increasingly, a newer balancing act is being required between the right to privacy and the enforcement rights of intellectual property (“IP”) holders.  The need for such a balancing act most prominently comes to the fore in relation to the prevention of illegal downloading or sharing of music and films; estimates of lost revenues from these activities in the UK alone run into billions of pounds annually. 

Another area where privacy issues and IP rights come head to head includes the on-going worldwide debate about domain name registration systems and whether they should seek to protect the personal information of domain name registrants from publicly available search facilities.

As the digital age progresses, the means through which IP rights can be infringed become more accessible and in many cases more difficult to detect.  It is in this environment that strenuous efforts are being made across the world to strike a workable balance between the rights of individuals to privacy and the rights of IP rights holders to enforce their IP rights.

The right to privacy

An estimated 600 million people worldwide have access to the Internet.  Where technology provides a means of capturing, reproducing and using information accessible over the Internet users are rightly concerned about the standards of privacy and security that they can expect.  Is this concern, however, a legitimate reason for withholding information about those infringing IP rights?

The expectation of privacy is enshrined within Article 8 of the European Convention on Human Rights (the Convention) which has been incorporated into English law by the Human Rights Act 1998 (HRA).  The HRA creates a general right to respect for privacy where none previously existed.  Article 8 offers general protection for a person’s private and family life, home and correspondence from arbitrary interference by the State, but this is a qualified right.   The qualification is that interferences by the State can be permissible, but they must be justified and must be (1) in accordance with law (e.g. in accordance with a piece of legislation or the rule of a professional body); and (2) in the interests of the legitimate objectives identified in the Convention (including for the prevention of crime and for the protection of the rights of others);  and (3) necessary in a democratic society; i.e. proportionate, meaning proportionate in the light of the harm being addressed.

The right to protection from invasion of privacy under the HRA affects the activities of central government, local government and other public bodies such as the police and the courts.   This right does not extend to being a general right to protection from invasion of privacy by other individuals in society.  However, piecemeal common law and statutory protections (for example, actions for harassment and breach of confidence, or under Regulation of Investigatory Powers Act (2000) (“RIPA”) which allows access to electronic data protected by encryption) together with the general obligation on the courts to interpret statute where possible in a way which is compatible with Convention rights does go some way to protecting the privacy of individuals by other individuals and companies in practice.

Protection of rights holders

On the other side of this balancing equation is the right of IP rights holders to assert their exclusive control over the use of their creative work by taking action against infringers.  Copyright action can only be taken where infringements can be detected and where the infringers can be identified.  It is here where the tension between the two rights is at its most acute.

Copyright infringement and file sharing

Although file sharing is by no means a new concept, the traditional technology limited the sharing to the circle of computer users an individual knew and agreed to share files with.  The improvement of the technology by which file sharing can occur, the development of advanced file sharing applications and the increasingly widespread availability of broadband access, means peer to peer file sharing networks have become extremely popular.

File sharing enables users to share files, including copyright works, amongst one another without the need for reference and more importantly payment to the relevant rights holders.  This uploading of the copyright work is a restricted act; a copy is being used without the IP rights holder’s permission. It also raises infringement issues as it is may be a communication of a copyright work to the public, a restricted act under s20 of the CDPA (as amended) and which can constitute a criminal offence under s 107 of the CDPA.

The above activity means that not only are IP rights holders suffering damage from such infringement, they are also being deprived of a potentially rich revenue stream by not being able to exclusively control their work.  Naturally right’s holders are aggrieved by these developments and are increasingly looking for ways to either capitalise on file sharing or methods to enforce their rights and stop the file sharing taking place.

Without relevant information about the identity of infringers the IP rights holder is powerless to stop the infringing activity.  IP rights holders believe they should be entitled to assistance in putting the file sharers activities to an end by being permitted access to identification information about those who are sharing their works in this way. File sharers who are aware that what they are doing is illegal should not be able to shield themselves with privacy.  From the rights holder’s perspective the file sharer is someone who is engaging in illegal activity and as such has forfeited its privacy rights and therefore should not be able to hide behind those rights to thwart the IP holder’s right to prevent work being exploited without its permission or being rewarded for such exploitation.

The file sharer’s counter argument is that it should be allowed to access content shared by others, particularly where such content is not made available by the IP rights holder itself.  Some file sharers view file sharing as no different to format shifting the copyright work themselves, such as recording television programmes to watch at a later date.

The International dimension – preventing the sharing

It is not only the UK that is struggling to strike a balance between these two rights.  In March of this year it was reported that four major internet service providers (ISPs) in Japan have signed up to a scheme to ban peer-to-peer network users who illegally share files.   Where the ISPs detect illegal downloading is taking place users will first receive a warning and if they continue with the downloads then their internet service will be blocked.

The scheme looks set to work by copyright owners downloading peer-to-peer software, searching for their content and gathering the Internet protocol addresses of those participating in the illegal downloading or file sharing.  The rights owners will then provide ISPs with the list of Internet addresses and ISPs will then warn the infringers at those addresses.

Hence the scheme does not rely on the disclosure by ISPs of private data but rather relies on the rights holders to detect when an infringement is taking place and then ISPs to link up the Internet protocol addresses with the private data on users they have.  The privacy of the user is maintained but their illegal activities are stopped.

Closer to home, the British Phonographic Industry (“BPI”) and Virgin Media (“Virgin”) have joined forces announcing a plan to assist in dealing with the problem of illegal downloading of music over the internet.  Statistics show that more than six and a half million people in the UK illegally access and distribute music, an unacceptably high figure for the music industry.  The BPI together with Virgin have settled on an education programme which involves letters being sent by Virgin and BPI to those Virgin customers whose accounts have been identified by Virgin as having been used to distribute music in breach of copyright.  The letters will provide practical advice on how to prevent misuse, links to legitimate sources of on line music and will highlight the dangers of downloading files from unauthorised sources.  Naturally the campaign has not been without its detractors, especially those objecting to such a campaign on the grounds that this is merely the thin end of the wedge which will eventually result in ISP’s becoming more like modern day Big Brother.  (The campaign, like the Japanese scheme, has avoided breach of privacy issues because all letters will be distributed by Virgin with no customer information being provided directly to the BPI). 

The ultimate goal of the BPI is to ask all ISP’s to operate a three strikes policy aided by information supplied by the BPI regarding illegal file sharers.  Those who don’t heed the advice being given and continue to share files may find their broadband accounts suspended or even cancelled.  Clearly for ISP’s such as Virgin there is a vested interest because Virgin is also a content provider that does not want to be inadvertently responsible through its broadband network for facilitating the illegal access to content it provides and wants people to pay for.  A form of the rights holder/enabler tension set out above.  This dual role is not lost on the illegal file sharers who point out that once ISPs begin to align themselves with content industry then they are no longer simply presenting themselves as a method by which to access and use information but are tools being used to shut down an avenue of what the file sharers see as free speech.  Rights holders and industry bodies such as the BPI by contrast see this education programme as a useful addition to the other tools at their disposal to combat theft of their rights such as adapting their business models to suit the digital age and implementing digital rights management tools.

Such schemes do not seek to invade users’ privacy by disclosing private information but instead provide for rights holders to monitor illegal activities and ISPs to take a proactive role in prevention.  One significant shortcoming is that they do not provide for rights holders to be compensated for their losses.  Another is the ease with which an illegal downloader can simply set up an account with another ISP.  In order to address these issues ISPs would need to share their information on the identity of wrong doers – perhaps a step too far in the balancing act being performed?

Digital rights management

Digital rights management technology presents its own difficulties and is thrust into the rights versus privacy debate when questions arise over the information being stored and accessed by those controlling the technology.  Similarly privacy issues arise where information is gathered in lieu of a digital rights management technology being used.  This was the case with last year’s launch by Apple of the iTunes Plus service.  The service was heralded as a breakthrough by offering music tracks for sale with no digital rights management, which would allow iTunes tracks to be played on other forms of MP3 players rather than just the iPod.  The user pays increased rates for such tracks but in return receives more freedom in the way that it can use the tracks after purchase.  However it was discovered that personal data including names and e-mail addresses of the purchaser were embedded into the tracks.  Technical expert opinions was that this and other embedded information in the files used by Apple could be used to identify the purchaser if the track was eventually found to have been illegally shared.  So far other rights holders have been reluctant to relinquish the use of digital rights management technology, and perhaps with good reason, given that it is estimated that 40 tracks are digitally bootlegged for every legally downloaded track.

Judicial Assistance

IP rights holders are increasingly willing to bring pressure to bear on ISPs to release information about illegal file sharers through the Courts.  However the approach of the courts will depend on where the IP rights holder brings its case following the recent clarification provided by the European Court of Justice in the Telefonica case. (Productores de Musica de Espana (Promusicae) v Telefonica de Espana SAU)

The Spanish Courts ordered the disclosure of subscriber information to Promuiscae (a trade association of music producers) about Telefonica customers who had been identified as illegal file sharers.  Telefonica objected on the basis that its obligation to disclose this information was only enforceable in the context of criminal proceedings not civil proceedings like those issued by Promuiscuae. 

The ECJ was asked to consider by the Spanish Court whether Spain was entitled to have a rule preventing disclosure in civil cases given that this appeared to go against the EU Directive protecting copyright (Directive 2001/29 Copyright and related rights in the information society).

The ECJ considered the IP rights holder versus privacy issue and held that Spain was entitled to rely on its law to only oblige access providers to disclose information about the file sharers in criminal cases.  However the ECJ’s judgment also means that Member States are perfectly entitled to decide how the balance of the rights are maintained and have a law requiring disclosure in civil cases if it wishes, provided it can show that there is a balance between the different fundamental rights of privacy and copyright which are both protected in EU law.

This can be seen in the UK Courts’ approach to the release of file sharers’ personal information by ISPs.  The UK Courts have ordered the disclosure of file sharer’s information, notably the High Court required 10 ISPs including BT Tiscali and NTL to provide the names addresses and other personal details of the alleged file-sharers to Federation Against Software Theft (“FAST”).  The alleged file sharers were identified by a covert investigation conducted by FAST which identified the suspects as having uploaded software protected by copyright onto file sharing networks.  The BPI has also been successful in the UK Courts at obtaining disclosure of file sharers information which it has subsequently been able to use to take successful legal action against the file sharers resulting in damages and costs being ordered against the filer sharers in favour of the BPI.

Protecting privacy – a shield for IP rights holders as well as infringers

IP rights holders are not always on the other side of the IP rights enforcement versus privacy debate.   A debate about the right to privacy and the right of domain name holders to remain anonymous has resulted in some Internet domain name registrars  operating a  privacy service where they assign an alias to a domain name holder or otherwise withhold the identity as restricted information which is available on the publicly available WHOIS search facility whilst the true identity of the registrant is maintained by the registrar.

Just a few weeks ago the Canadian Internet Registration Authority (CIRA) launched a new privacy policy and WHOIS domain name search tool to protect the privacy of .ca domain name registrants.  The new policy limits public access to personal information except under extraordinary circumstances or with the explicit consent of the registrant.  So the default position for individuals is that personal information is automatically protected as private; full registration information for corporate domain name holders will remain automatically accessible.  The policy does however set out certain limited circumstances in which registrant contact information may be disclosed and these include intellectual property disputes (e.g. cyber squatting), threats to the Internet, and identity theft.  So, the debate is not simply a polarised one about IP rights v privacy, since IP rights holders themselves can look to privacy arguments to preserve their own identities.

Conclusion

The ever increasing capability of technology to monitor, measure, detect and locate means that privacy issues will increasingly materialise where IP rights are concerned.

Unless IP rights holders find a way of balancing their exclusive right to control the use of their IP rights with individuals’ rights to and reasonable expectations of privacy, then the future of enforcement, particularly copyright enforcement, looks set to be a challenging one.