As the French "three strikes" Hadopi process begins, with tens of thousands of notices being sent out to accused file sharers (their "first strike"), things may be even more ridiculous than previously assumed. Guillaume Champeau fills us in on the details of a leaked report from the French privacy commissioner (Google translation from the original French). Basically, the privacy commissioner CNIL admits that, due to the number of notices being sent, Hadopi will simply not be able to review the accusations for accuracy, and will need to accept the claims from TMG, the company hired by the entertainment industry to accuse people. Here's Champeau's summary:

"Rights holders have been authorized in June to collect IP addresses on P2P networks, by recruiting the services of the French company TMG. It will monitor P2P networks, store the IP addresses it believes illegally shares copyrighted works, and their rights holder customers will forward the ones they want to the French HADOPI.

Early this week, an internal report by the CNIL was leaked. The CNIL is the Privacy Commissioner in France. It is the Commission which has allowed rights holders to use the TMG services and collect IP addresses.

The report says that "due to the high number of expected cases (25 000 a day at first, then 150 000 a day), it is impossible for the [right holders' agents] to check the [infringement] reports one by one. Nonetheless, the system does not have particular control procedures, for instance by sampling, which would allow an agent to detect anomalies in a collection session".

It says that "the actions of the Hadopi will be limited to accepting or denying the transmitted findings, without the ability to check them. The first steps of the "three strikes" process will therefore lay only upon the collection operated by the TMG system".

Despite these concerns, the CNIL did authorize the right holders to collect the IP addresses, and did not oppose the 3 strikes process by the Hadopi.

Read that bold part carefully. What this is saying is that despite the fact that you can be kicked off the internet based solely on accusations, not convictions, and despite all of the problems with false accusations and the fact that an IP address alone does not accurately identify an individual, and despite the fact that the massive number of notices being sent out mean that there will surely be false positives, the only people reviewing these notices to make sure they're accurate will be employed by the agent hired by the copyright holders themselves. Due process? It's dead.