by Mike Masnick
Tue, Jun 12th 2012 4:03am
by Mike Masnick
Mon, Jun 4th 2012 3:31pm
from the but-what-about-the-pirate-bay? dept
Here, the court said that a neutral intermediary is not responsible for infringement done by users, and cited last summer's European Court of Justice ruling in the eBay/L'Oreal case. We found that ruling to leave open way too many loopholes that would make intermediaries liable, but thankfully, the appeals court in the Netherlands recognized the key issues, and insisted that Marplaats retains its status as a neutral platform even though it provides many more functions beyond just hosting. The court found that since the functions it performs don't favor either buyers or sellers, it still is considered a "neutral" intermediary.
The court also looked at whether or not certain remedies that Stokke was pushing for made sense, and noted that injunctions that required pro-active monitoring to prevent infringement did not make sense, in part because they seemed disproportionate and expensive. It similarly rejects a "notice and stay-down" provision (like a notice and take-down, but which also requires proactive blocking of any future attempts to post something infringing), noting that such a system would be costly and provide little real benefit.
Overall, this latest ruling seems to make sense, and properly focuses the liability question away from the intermediary tool provider. However, I do wonder how the court rulings against The Pirate Bay (and against neutral proxy services) make sense under a similar light.
by Mike Masnick
Thu, May 31st 2012 3:03am
from the makes-sense dept
"The defendant is not responsible in principle for the video content on its site; only the users of the site are," the decision reads.The case went so poorly for TF1 that it was told to pay Google's legal expenses. TF1 has suggested that it will appeal, calling the ruling "surprising."
"It has no obligation to police the content before it is put online as long as it informs users that posting television shows, music videos, concerts or advertisements without prior consent of the owner is not allowed."
There have been a series of similar lawsuits filed around the globe, with mixed results, but hopefully we're reaching an era where courts (and companies) finally understand that a platform should never be directly liable for the actions of its users.
by Mike Masnick
Wed, May 30th 2012 3:04am
from the common-sense-prevails dept
Rand said it's reasonable for text message senders to assume the recipients will behave responsibly, and he also noted drivers are bombarded with many forms of distraction, whether they be text messages, notifications from smartphones, GPS devices or signs along the road.
"Were I to extend this duty to this case, in my judgment, any form of distraction could potentially serve as the basis of a liability case," Rand said.
by Mike Masnick
Mon, May 21st 2012 7:31pm
from the third-party-liability dept
by Mike Masnick
Thu, May 17th 2012 12:40am
from the good-to-see dept
by Mike Masnick
Mon, Apr 23rd 2012 10:01pm
Australian Government Plans To Continue Holding Secret Anti-Piracy 'Stakeholder' Meetings With Industry; No Consumer Advocates Allowed
from the ridiculous dept
The Federal Government would “closely examine” the High Court’s judgement in the long-running copyright infringement case won by ISP iiNet over film and TV studios this morning, Federal Attorney-General Nicola Roxon said this afternoon, as she noted that closed-door talks held by her department with industry on the matter would continue.Thankfully, iiNet's CEO seems to realize that with this ruling in hand, he doesn't need to give in to industry blackmail. While noting that the meetings had been "been going around in circles," in the wake of the High Court ruling, iiNet CEO Michael Malone announced at a press conference that "My preference would be to walk away now." If only it were that easy.
by Mike Masnick
Fri, Apr 20th 2012 7:02am
from the secondary-liability dept
iiNet fought back, and fought back hard -- and won at every single level in the court system, including today's High Court ruling that effectively ends the case. Oh yeah, the High Court also says that Hollywood has to pay iiNet's legal expenses -- approximately $9 million.
From the beginning, contrary to the MPAA's assumption, iiNet fought back hard. Beyond the obvious, which was pointing out that as a service provider it was not responsible for its users' actions, iiNet also protested that the notices the MPAA's anti-piracy front group AFACt, was sending were deficient:
They send us a list of IP addresses and say 'this IP address was involved in a breach on this date'. We look at that say 'well what do you want us to do with this? We can't release the person's details to you on the basis of an allegation and we can't go and kick the customer off on the basis of an allegation from someone else'. So we say 'you are alleging the person has broken the law; we're passing it to the police. Let them deal with it'.The original district court ruling was fantastic, and did such a great job illustrating why it makes no sense to blame third party service providers for infringement -- because infringement is not an absolute, but requires a court to decide what really is infringement. As the original ruling stated:
Regardless of the actual quality of the evidence gathering of DtecNet, copyright infringement is not a straight 'yes' or 'no' question. The Court has had to examine a very significant quantity of technical and legal detail over dozens of pages in this judgment in order to determine whether iiNet users, and how often iiNet users, infringe copyright by use of the BitTorrent system. The respondent had no such guidance before these proceedings came to be heard. The respondent apparently did not properly understand how the evidence of infringements underlying the AFACT Notices was gathered. The respondent was understandably reluctant to allege copyright infringement and terminate based on that allegation. However, the reasonableness of terminating subscribers on the basis of non-payment of fees does not dictate that warning and termination on the basis of AFACT Notices was equally reasonable. Unlike an allegation of copyright infringement, the respondent did not need a third party to provide evidence that its subscribers had not paid their fees before taking action to terminate an account for such reason.In other words, just because someone accuses someone else of infringement, it's ridiculous for the ISP to automatically assume infringement has taken place. That turns the basic concepts of due process on their head. AFACT/MPAA appealed and lost again, with the court once again pointing out that general knowledge that someone on your site infringes is not nearly enough to terminate or suspend users.
This latest (and final) ruling basically takes the same stance. The full ruling is a bit dry, but makes some salient points. It notes, for example, that as a mere ISP, iiNet has absolutely nothing to do with BitTorrent and can't control the fact that some of its subscribers used BitTorrent. It also notes that iiNet was not hosting any of the material, nor doing anything with the infringing material. On top of that, it notes the pointlessness of AFACT/MPAA insisting that iiNet has to kick people off the internet:
Termination of an iiNet account with a customer who has infringed will assuredly prevent the continuation of a specific act of communicating a film online using a particular .torrent file on a particular computer. Regrettably, however, on receiving a threat of such termination, it is possible for a customer to engage another ISP for access to the internet on that computer or access the internet on another computer using a different ISP. Whilst any new infringement would be just as serious as the specific primary infringements about which the appellants complain, this circumstance shows the limitations on iiNet's power to command a response from its customers, or to prevent continuing infringements by them.And, once again, the court finds that mere notice of infringement certainly is not proof of infringement, and requiring iiNet to investigate further is too big a burden:
Updating the investigative exercise in the AFACT notices would require iiNet to understand and apply DtecNet's methodology – which, among other things, involved a permission to DtecNet from AFACT to use the BitTorrent system to download the appellants' films. Before the filing of experts' reports in the proceedings, the information in the AFACT notices did not approximate the evidence which would be expected to be filed in civil proceedings in which interlocutory relief was sought by a copyright owner in respect of an allegation of copyright infringement. Also, any wrongful termination of a customer's account could expose iiNet to risk of liability. These considerations highlight the danger to an ISP, which is neither a copyright owner nor a licensee, which terminates (or threatens to terminate) a customer's internet service in the absence of any industry protocol binding on all ISPs, or any, even interim, curial assessment of relevant matters.All in all, this is a good ruling concerning copyright and secondary liability -- and a bunch of money down the drain for the MPAA, who could have spent this time helping its studios to innovate, but has instead focused on this quixotic legal strategy.
iiNet's inactivity after receipt of the AFACT notices was described by the appellants as demonstrating a sufficient degree of indifference to their rights to give rise to authorisation. However, the evidence showed that the inactivity was not the indifference of a company unconcerned with infringements of the appellants' rights. Rather, the true inference to be drawn is that iiNet was unwilling to act because of its assessment of the risks of taking steps based only on the information in the AFACT notices. Moreover, iiNet's customers could not possibly infer from iiNet's inactivity (if they knew about it), and the subsequent media releases (if they saw them), that iiNet was in a position to grant those customers rights to make the appellants' films available online.
Of course, it doesn't sound like this ruling will have the MPAA come to its senses either. The AFACT front group is already claiming that the ruling means Australia must change its laws to turn ISPs into copyright cops:
The Australian Federation Against Copyright Theft (AFACT) is ramping up the pressure on the government to act. It said today's judgment exposed the failure of copyright law to keep pace with the online environment and the need for the government to act.No, Neil, it's not Australian law that's the problem. It's reality, and the fact that the movie studios refuse to bother to understand how the internet works and how they can adapt. No law will fix this. It will only make things worse. And Gane and the MPAA should be careful, lest they think they can try to pass another SOPA down under. I get the feeling that won't go over well.
"It would seem apparent that the current Australian Copyright Act isn't capable of protecting content once it hits the internet and peer-to-peer networks...," AFACT managing director Neil Gane said.
by Leigh Beadon
Fri, Apr 13th 2012 5:05pm
from the it's-a-start-I-guess dept
The House Intelligence Committee has published a new draft of CISPA (pdf and embedded below), which includes the two amendments that were already approved, plus several other additions and changes. In some areas, there is genuine progress—in others, things actually seem to have gotten worse. Unfortunately, some of the biggest problems with the bill remain, and some of the new language seems to have little effect at all. Some changes I will discuss in future posts, but there are two that I wanted to look at right away:
A Narrower Definition Of Cybersecurity
This is the one clearly positive change in the bill. Previously, the definition of cybersecurity and cyber threat information was:
(A) efforts to degrade, disrupt, or destroy such system or network; or
(B) theft or misappropriation of private or government information, intellectual property, or personally identifiable information.
While the first part remains unchanged, the second part is now much narrower:
(B) efforts to gain unauthorized access to a system or network, including efforts to gain such unauthorized access to steal or misappropriate private or government information
Where the original language could be construed to include all sorts of activity that goes beyond what most people could consider "cybersecurity", the new definition makes it clear that we are talking about unauthorized network access. Most notably, it removes the reference to "intellectual property", which makes sense: the authors have always insisted that they were talking about the misappropriation of secret R&D by foreign entities, which is sufficiently covered by language referring to privacy and unauthorized access. Including "intellectual property" opened it up to all sorts of additional interpretations that went beyond this stated intent.
Now, there's still reason to be a little concerned here, because the attempts to charge people for "unauthorized access" under the CFAA have been ridiculous in the past. If this language in CISPA were construed to include things like violating terms of service (as some have claimed of the CFAA language) then it would be very dangerous. However, with last week's Ninth Circuit ruling which narrowly construed unauthorized access, legal thinking on this matter seems to be heading in the right direction. There's still some gray area, and I think there's still room for a much better definition of cybersecurity in CISPA (I know they want to future-proof it, but it doesn't have to be that short and vague) but this is still a significant improvement over the previous draft.
Extremely Limited Liability For Companies
The new draft of CISPA includes a whole new section carving out the requirements for a company to be held liable if they share information improperly. Basically, a company that shares data with the government receives immunity from all existing privacy laws unless you can show that their actions caused you injury and constituted "willful misconduct"—which is very specifically defined in CISPA as an action taken:
(I) intentionally to achieve a wrongful purpose;
(II) knowingly without legal or factual justification; and
(III) in disregard of a known or obvious risk that is so great as to make it highly probably that the harm of the act or omission will outweigh the benefit.
Yes: and. A company's actions need to satisfy all three of those conditions. I'm not even sure how that's possible. They have to be trying to harm you, knowingly breaking the law and, in a bizarre third clause, they also have to know there is a risk that the harm to you will outweigh the benefits to them. How you are supposed to weigh the harm to individuals whose private data is handed to the government, versus the benefits to cybersecurity services who improve their networks with data, is beyond me. But no matter how you slice it, this is an insanely onerous definition of willful misconduct that makes it essentially impossible to ever sue a company for wrongly sharing data under CISPA.
Overall, despite the progress made on the definition of cybersecurity, CISPA is still a highly problematic bill which still doesn't properly safeguard people's privacy. One of the biggest problems—the fact that the government can use, retain and affirmatively search the information they gather for vaguely defined "national security" purposes—is untouched in the new draft. There are some attempts to alter the rules on how federal agencies can share information between themselves, but many of those changes seem essentially meaningless. It's good to see some reaction from Congress, but if CISPA is to be fixed (a prospect I'm still dubious about) there is still a long way to go.
by Glyn Moody
Thu, Apr 12th 2012 8:01pm
from the in-russia,-isp-spy-on-you! dept
Something that's proving popular with politicians running out of ideas for tackling unauthorized sharing of copyright materials online is to make ISPs and Web sites responsible for the actions of their users -- even though nobody would think of doing the same for telephone companies. SOPA was one of the best-known examples of this approach, and now it looks like Russia wants to join the club:
The cyber crime department of Russia’s Interior Ministry says it intends to get tough on the country’s ISPs when their customers share copyrighted or otherwise illegal material. Authorities say they are currently carrying out nationwide checks on ISPs' local networks and could bring prosecutions as early as next month.
The proposed legislation is a little unusual in that it seems to concern the exchange of unauthorized copies of copyright material across ISPs' local networks:
These networks, present within the ISPs’ own infrastructure, provide users’ access to a wealth of legal content and services such as Internet Relay Chat, but inevitably unauthorized content is available too.
As would have happened with SOPA, the inevitable consequence of passing this kind of law will be round-the-clock surveillance of Internet users by their ISPs -- not because the law requires it, but because the ISPs would be crazy not to given the financial risks they would run otherwise. The other knock-on effect, of course, is that people will just start swapping 2Tbyte portable hard discs full of unauthorized material by hand, bypassing the networks completely.