Swedish court: IP addresses are personal data

By EDRi · July 1, 2009

This article is also available in:
Deutsch: [Schwedisches Gericht: IP-Adressen sind persönliche Daten | http://www.unwatched.org/node/1455]

Macedonian: [Шведска: ИП адресите се лични податоци | http://www.metamorphosis.org.mk/edri/shvedska-ip-adresite-se-lichni-podatoci.html]

The Swedish Supreme Administrative Court ruled on 18 June that the IP
addresses are personal data in a case regarding APB (the Swedish Anti-Piracy
Bureau, Antipiratbyrån), a lobby group representing copyright owners.

However, from the comments following the judgement, it became clear that
this ruling will not stop the implementation of the Swedish IPRED Directive
or the way the copyright holder representatives record and keep IP addresses
in order to identify alleged file-shares. Although the ruling means that
APB’s methods for chasing filesharers by logging their IP addresses was in
violation of the Personal Data Act, the new IPRED law changed the situation.

A policy adviser at the Swedish Ministry of Justice explained to The
Register: “The rumours that this decision will kill off IPRED are wrong,
because the bill creating the law includes an exemption for rights holders –
they may request and keep IP numbers for this purpose.”

Jonas Agnvall, a legal adviser with the Swedish Data Inspection Board,
says that the new IPRED law specifically allows the activities of IP logging
of the APB:
“I have not scrutinised the directive in detail, but as I understand do they
no longer need the legal exception whit the implementation of the
IPRED-law”, Jonas Agnvall says to Computer Sweden.

He also added: “During the autumn we will inquire this and how these lobby
groups of copyright holders use the personal records. This we can do now
when it stands clear that IP addresses’ really are personal records”.

A week later, on the 25 June 2009, a first ruling on the new IPRED law was
given by the Solna District Court which decided that an ISP must hand
information revealing its customers based on the IP addresses given by five
publishers of audiobooks who were trying to identify some alleged copyright
offenders.

In this case, the Swedish broadband service provider Ephone was asked by the
five publishers to reveal who owned a server suspected of containing some
several hundred audio book titles. The ISP refused to say who was behind
the IP address, questioning if the matter was indeed a copyright
infringement since the FTP server was not publicly available and the access
to it was possible only to the persons that knew the password to access it.

In the decision of the Solna District Court, the judges ordered Ephone to
reveal the information regarding the customers that are using several IP
addresses under a penalty of 750 000 Swedish crowns fine (approx. 70 000
euros). The company also needed to pay the publishers’ court costs.

Collecting IP Addresses Illegal in Sweden (18.06.2009)
http://torrentfreak.com/collecting-ip-addresses-illegal-sweden-090618/

Favorable court ruling do not save file-sharing (18.06.2009)
http://www.stockholmnews.com/more.aspx?NID=3440

Sweden: IP numbers are personal…unless you’re a pirate (18.06.2009)
http://www.theregister.co.uk/2009/06/18/sweden_ip_law/

Publishers win anti- piracy law test case (25.06.2009)
http://www.thelocal.se/20274/20090625/

First IPRED case settled (only in Swedish, 25.06.2009)
http://www.svd.se/naringsliv/it/artikel_3115633.svd