ISPs Ordered to hand over user details – users not notified of case or given chance to make submissions

The High Court yesterday made an order requiring ISPs to hand over details of 49 alleged filesharers to the music industry. After the first such order, in July 2005, we expressed concern about the procedure which had been adopted. When we learnt about this second application, we wrote to the parties asking them to bring these concerns to the attention of the court. Unfortunately, not all of these points were put before the court and the judgment of Mr. Justice Kelly doesn’t address these issues.

A particular problem is that the decision was made without the users being notified of the action or given a chance to make submissions to the court, despite an English authority recommending that this should be done, and contrary to the practice in the US where this must be done before the user is identified.

This sets a worrying precedent. There are many reasons why a person may wish to remain anonymous online – for example, a whistleblower who seeks to expose corruption or safety issues may be intimidated by fear of retaliation. As a US court recently said:

“setting the standard too low will chill potential posters from exercising their First Amendment right to speak anonymously. The possibility of losing anonymity in a future lawsuit could intimidate anonymous posters into self-censoring their comments or simply not commenting at all. A defamation plaintiff, particularly a public figure, obtains a very important form of relief by unmasking the identity of his anonymous critics … After obtaining the identity of an anonymous critic through the compulsory discovery process, a defamation plaintiff who either loses on the merits or fails to pursue a lawsuit is still free to engage in extra-judicial self-help remedies; more bluntly, the plaintiff can simply seek revenge or retribution … Indeed, there is reason to believe that many defamation plaintiffs bring suit merely to unmask the identities of anonymous critics.”

If the user is not given an opportunity to challenge an application to reveal their identity, there is a real risk that such applications might be abused by plaintiffs in future.

A full account of the hearing follows:

Justice Kelly was delivering his judgement in a motion by EMI Records (Ireland) Limited, Sony BMG Music Entertainment (IRL) Ltd, Universal Music Ireland Limited, and Warner Music Ireland Limited to compel Eircom Limited, BT Communications Ireland Limited and Irish Broadband Internet Services Limited to divulge the identity of 49 of their subscribers whose IP addresses had been recorded at particular times and dates.

Counsel for the Plaintiff, Johnathan Newman BL outlined the case for granting the court order. He took the court through the thread of the detective work completed on behalf of the record companies, describing how IP numbers can be traced back to particular ISPs, how such numbers can be obtained in relation to people using peer to peer services who are making files on a shared folder available to others. They estimated that there were 6 million users at any time on the networks being dealt with in court which were the Fasttrack and Gnuttela networks.

Counsel said that a company, MediaSentry Inc were engaged to investigate these matters on behalf of the copyright holders of audio files. They identified recordings, to which their clients believed they held the copyright. MediaSentry then downloaded sample tracks from users over the peer to peer network. By watching the transmission of data packets they identified which user’s IP numbers were originating in Ireland. Where they did so originate, a snapshot of the full contents of the shared folders were recorded. Of the persons whose details were being sought in court, the least number of copyright infringing files made available was 501. The greatest number was approximately 5000. The Judge noted that one address appeared so often it was “almost an industry”.

Counsel continued, drawing the courts attention to the need to balance Data Protection Acts’ rights to privacy with the rights of property owners. He outlined that Mr. Kavanagh, Managing Director of EMI Records (Ireland) Limited on Affidavit swore that he felt that publicity measures by ISPs regarding the illegality of filesharing were not likely to succeed.

Following the judgement granted in July 2005, there was a significant drop around that time of use of peer to peer services. However use had now risen again. The Plaintiffs acknowledged that the Defendants in this case, the ISPs, had been “innocently embroiled” in the matter.

Counsel continued that this copyright infringement was contrary to S140 of the Copyright and Related Rights Act 2000. Mr Justice Kelly asked if this was also a criminal offence. Plaintiff Counsel responded that “off the top of my head, yes”.

Counsel went on to outline the evidence gathered by MediaSentry- 29 of the 49 users had files whose copyright was owned by Warner Music downloaded by Media Sentry. All of those being sought had files listed in their shared drives from Warner Music. 15 people had files whose copyright was owned by Universal music downloaded. All 49 had files listed in their shared drives from Universal music. 29 of the 49 users had files downloaded whose copyright was owned by Sony Music and all of them had files listed in their shared folder from Sony Music.

Counsel for the Plaintiff continued saying that there had been no subsequent Irish decision in this area since the Court had made its ruling in July 2005. The Court asked if there were any other “Common Law authorities”. Plaintiff Counsel said that there were none.

Plaintiff Counsel then summed up the legal position for the court:

The jurisdiction of the Court was to be exercised sparingly in this area. That the Common Law case law indicated that the Plaintiff should have established the wrong, prima facia, but can’t institute proceedings as they can’t identify the wrongdoers. The court must be satisfied on the evidence provided. The court was directed on the last occation to the Data Protection Acts- there was a need for a balance between property and privacy rights and counsel said, the level of infringement here sets property rights at nought.

Counsel said that while it was not certain that the holder of the IP address computer was the wrongdoer, the Plaintiffs should be given the opportunity to challenge the person and decide whether proceedings are permitted against them.

Plaintiff Counsel then ended their submissions.

Counsel for Eircom Limited pointed out that 42 of the 49 persons whose identities was sought were with Eircom Limited. They were neither consenting nor objecting to the application.
Eircom Counsel submitted that that the court ought to have consideration of the amount of music being downloaded and the timeframe within which it takes place ie whether it was serial rather than occational. In addition, Counsel pointed out that the copyright infringer is the owner of the IP address.

Counsel for BT Communications Ireland Limited and Irish Broadband Internet Services Limited, Cian Ferriter BL, outlined his latter client’s position, as they had not been named in the earlier, July, court case. They did not condone unlawful use of their services. Clause 18 of their Terms and Conditions of Use forbid unlawful use of this kind.

Irish Broadband couldn’t monitor usage. They had been caught up innocently in the matter. His clients did not want a perception that they had lost a court case to be given out if the court ordered that they should hand over their subscribers details. He stated that they were precluded from handing this information voluntarily as, per previous judgements, they have duty under Data Protection legislation to their subscribers.

Counsel then informed the court that solicitor for his clients had received a letter from solicitors for Digital Rights Ireland Limited, a public interest group. This letter made reference to a Dutch authority in a similar case where the motion sought by the copyright holders had been declined. Counsel said he merely flagged this case for the Court, as he said that he was not making the arguments used in that case. However, it was a live issue across Europe.

Counsel for the Plaintiffs responded that his clients had also received a letter from Digital Rights Ireland Limited’s solicitors. He stated that given the scale of the issue, litigation was being conducted in many countries and the courts there were applying the Data Protection legislation as they find it.

Giving his judgement in favour of the Plaintiffs’ application, Mr. Justice Peter Kelly stated that the kind of actions at issue in this case were “A modern form of thieving.” He also clarified that the undertakings by the Plaintiffs to ensure that the information gleaned from the order is only to be used for the purposes it is given for specifically left it open to the Plaintiffs to allow the information to be passed on to the criminal prosecution authorities, and that “perhaps you ought”.

Eircom Limited were given 3 weeks to produce the user names and addresses, while the 2nd and 3rd named defendants were given 7 days. The Plaintiffs accepted they should pay the reasonable costs of the defendants, who were innocent parties in the matter, including the reasonable costs of the extraction of the required information.