The ISPs have 14 days to comply. Once FAST receives the data –
customer names and addresses – it will decide whether to sue for
damages or bring private prosecutions that could result in
prison sentences of up to two years and/or
unlimited fines.
A 12-month investigation by FAST into the covert sharing of
software by PC users highlighted 150 suspected
"uploaders" – people who put copyrighted software on to internet
file-sharing networks, including Kazaa, and offered them to others
without permission from the copyright owners.
To catch the uploaders, the investigator conducted searches in
the peer-to-peer networks for popular software products. When
product name matches were found, downloads of the infringing
software were completed to check that it matched the descriptions.
FAST recorded the providers' IP addresses ready for the application
for Disclosure at the High Court.
FAST does not know how many people downloaded the software. The
copies might have been downloaded by one person (there was at least
FAST's investigator) or a million people. Legally, it does not
matter: the Copyright, Designs and Patents Act of 1988 was amended
by a Directive from Brussels to suggest that uploading such
material to Kazaa is a criminal offence:
"a person who infringes copyright in a work
by communicating the work to the public … otherwise than in the
course of a business to such an extent as to affect prejudicially
the owner of the copyright … commits an offence if he knows or has
reason to believe that, by doing so, he is infringing copyright in
that work."
Certainly there are millions of users of Kazaa, although only
those searching for particular products are invited to download the
infringing works.
This law has not been tested and an argument might be made over
the interpretation of the word "communicating": is it enough that
the software was offered to millions? Does it also need to be shown
that it was downloaded by several people, not just one individual?
Forensic evidence from the uploading PC, if it can be recovered,
could be used to measure the volume of downloads.
The Orders of Disclosure were granted on Friday
by Judge Raynor who described FAST's case for granting the Orders
as "overwhelming". The Orders require the ISPs to disclose the full
personal details of their users.
Judge Raynor's ruling follows similar Orders of Disclosure
granted in actions filed by the British music industry over the
file-sharing of music. By coincidence, the BPI also made progress
last Friday: it won its first awards of damages against identified
file-sharers.
FAST has not yet decided how many cases to bring or of what
type. It says it will see what comes from the ISPs – and some ISPs
will likely find it easier than others to provide the information
requested.
Some ISPs provide users with a different IP address every time
they connect, known as a 'dynamic' IP address (as opposed to a
'static' IP address). Both types of IP address can be traced to an
ISP (since even dynamic addresses allocated will be within a
certain range); but to ensure that suspects are caught, FAST
time-stamped every IP address at the point of identification.
Accordingly, ISPs need to match the customer with the IP address at
a specific date and time.
Julian Heathcote Hobbins, Senior Legal Counsel at FAST, told
OUT-LAW today that the ISPs have been very supportive of FAST's
action. "We see the ISP as innocent in all this," he said. But he
explained that the ISPs need to receive a court order to allow them
to disclose customer details – otherwise they breach the Data
Protection Act.
But he acknowledged that some suspects may escape capture if
their ISP no longer holds the data that matches a customer to an IP
address at a particular time. ISPs hold such data no longer than
necessary. In some cases, that will be a year; in other cases, it
will be a much shorter period, perhaps 90 days. The investigation
captured data over a 12 month period.
This investigative problem should largely disappear: ISPs will
be forced to keep such data for a minimum period when a
controversial European Directive, approved by MEPs in December, is
implemented in UK law. The UK Government will have discretion to
implement the Directive with a period of anything from six months
up to two years.
Heathcote Hobbins felt there was no alternative to stronger
action against software pirates.
"Traditionally most software owners have relied on notice and
take-down procedures and have failed to bring civil or criminal
proceedings against the infringers," he said. "We expect to be
bringing these actions anytime and anywhere we see software being
misused."
John Lovelock, FAST's Director General, added: “We can easily
take down links, but this does not tackle the root causes of
software piracy, because the links will reappear elsewhere in a
matter of hours. Instead, we plan to take action a lot further,
making an example of the perpetrators to stop them from stealing
and passing on the intellectual property of our members for
good.”
FAST says it will consider working with the Police and Crown
Prosecution Service once the individuals have been identified.
