Two opposing court verdicts on file-sharers

By EDRi · July 14, 2005

While the Irish High Court set a precedent on 9 July by ordering two ISPs to hand-over the name and address data of 17 file-sharers, a few days later a Dutch judge forbade the hand-over of contact details of 41 customers. In both cases the music industry used the services of the US-based company MediaSentry.

The Irish High Court allowed for the demand from the Irish Recorded Music Association (IRMA) on behalf of record majors. The ruling is not available online yet, but the Irish Times reports the judge “noted an undertaking by the record companies that the information would be used only for the purpose of seeking redress for alleged infringement of the copyright of sound recordings and granted the order on that basis.” The Irish Times also reports that the judge was not impressed by BT’s policy to immediately forward any complaints to their customers, with a demand to desist any future activity. Such a policy couldn’t ‘deprive the plaintiffs of their entitlement to seek damages’. It is expected that IRMA will now write to the 17 individuals accusing the recipient of illegally sharing music using the internet, seeking damages of up to 6.000 euro from each person for breaching copyright law and threatening legal action against anyone who refuses to pay.

A completely different verdict was given in the first Dutch preliminary proceedings against individual file-sharers. On 12 July 2005 the Utrecht court rejected the demand on 5 ISPs to each hand over 10 names and address data of customers suspected of unlawful file-sharing. The use of MediaSentry’s services turned out to be the major blocking issue. It is well known, writes the court, “that the United States of America cannot considered to be a country with a fitting level of data protection.” The company MediaSentry did not sign a safe harbour agreement, nor did the Dutch anti-piracy organisation ‘Brein’ apply for a special license with the Dutch data protection authority. MediaSentry searches all files in a users’ folder. “Amongst those can be files that do not infringe on somebody else’s rights or have a personal character,” writes the court, and this makes the data collection extra unlawful. On top of that, Brein made terrible mistakes in the times of the alleged file-sharing. In 3 different letters, different times were mentioned with the IP-addresses, thus possibly leading to a different customer. Since the ISPs had immediately forwarded the first demands from Brein to their users, possibly the wrong people received these intimidating claims.

On 16 April 2004 the Dutch DPA published a decision on the collection of IP addresses by the Dutch anti-piracy organisation. The collection could be lawful if Brein followed specific rules and would not engage any third parties. According to the court under these circumstances the ISPs should have refused the hand-over of any personal data, since they have an obligation to guard over the personal data of their customers and not hand-over unless justified by the law on personal data protection or upon court order.

On the other hand, the Dutch judge also ruled private parties such as Brein may demand personal data in civil proceedings, as long as they can prove beyond reasonable doubt that the IP addresses relate to users that actually offer illegal music or other files on their computer, by meticulously mentioning date and exact time of the infringing acts.

Irish Times, Music uploaders face legal action from record firms (09.07.2005)
-premium content, not available for free-

Response IRMA (09.07.2005)

Preliminary proceedings Brein v. 5 ISP’s (in Dutch, 12.07.2005)