A text transcription follows.
This transcript is for anyone with a hearing impairment or who for any other reason cannot listen to the MP3 audio file.
The following is the text spoken by OUT-LAW journalist Matthew Magee.
Hello and welcome to OUT-LAW Radio, the weekly podcast that keeps you up to date on all the twists and turns in the world of technology law.
Every week we bring you the latest news and in depth features that help you to make sense of the ever-changing laws that govern technology today.
My name is Matthew Magee, and this week we talk to someone who thinks that EU protections for databases have gone too far.
But first, the News:-
eBay sues Business Partners over cookie stuffing;
and
Privacy Regulator busts Data Protection myths.
Internet auction site eBay is suing some of its business partners for 'cookie stuffing', a kind of advertising fraud. It claims partner sites are pretending that users have clicked on eBay ads when they have not.
eBay has accused Digital Point Solutions (DPS) and Kessler's Flying Circus (KFC) of secretly redirecting web users' computers to eBay, where an eBay cookie would be placed in the user's browser.
The companies then claim payment for directing customers there if those customers happen to buy or sell items on eBay even though DPS and KFC were not involved in actually referring them there, the suit says.
Though eBay does not say how much it has lost through the alleged fraud, it did say that it has paid out to DPS and KFC on ‘a substantial number of Revenue Actions that were in no way related to referral of any user by either DPS's or KFC's advertisements’.
Organisations must not use the Data Protection Act as a smokescreen for not giving out information, privacy regulator the Information Commissioner's Office (ICO) has warned.
The ICO has identified the most common data protection myths which it says are used to avoid transparency or that has just developed through ignorance of the actual law. It said, for example, that it is not true that insurance companies can only send information to policy holders, and that those who claim that the taking of photographs of children in school plays or other activities breaches their rights are wrong. This is only true if the photos are to be used commercially, the Commissioner's office said.
Deputy commissioner, David Smith said that misinterpretations of the law by organisations could damage the effectiveness of the Data Protection Act itself.
That was this week’s OUT-LAW News.
Database rights may sound like they reside in a sedate corner of the intellectual property world, but it is vital if businesses from horse racing to newspapers, airlines to research firms are to protect the investments they make in information.
Some argue that without Database Rights anyone could just dip in and use information from companies’ databases at will.
Others argue that the existing rights are too protective, that they stifle legitimate economic activity in favour of anyone with a big collection of information.
Estelle Derclaye is certainly in the latter camp. She is an academic at the University of Nottingham who has just published a book on database law in the Legal Protection of Databases: A cooperative analysis she says that the law including the EU’s database directive is far too restrictive.
Derclaye: We in the European Union give too much protection to databases as a result of additional protection from different sources of the law and by over protection I mean the fact that we have to respect certain principles like human rights, like the public interest, basically the sui generis right in Europe is not that bad but we have to curtail it and tailor it so that it does not have such negative overprotective effects.
Database protection mostly stems from the European Union's database directive, which created a standalone protection just for databases, which is referred to as the sui generis or unique database right.
Some databases are protected by copyright law, but only those containing material which is creative enough to qualify. The sui generis right protects any databases which has been the subject of significant investment.
The thinking was that it would boost the digital economy by allowing people to recoup investments in digital projects.
Derclaye says, though, that the directive has been problematic because it was poorly written.
Derclaye: Many features of the rights were quite generally drafted, broadly drafted and in legislation if you draft something broadly then it can be interpreted in a way that protects more than it should. The definition of a database is really broad, the fact that substantial investment can be almost anything at a quite low level and then the exceptions that might not may be the worst part are really scarce in fact they are optional and then the term of protection, it is 15 years but it can be renewed. The thing is not bad that it can be renewed because if there is a new substantial investment as we want to give this sort of incentive to database producers to make these databases in the first place because it is in the public interest, but to give them an additional term of protection without specifying that it applies only to the new elements where the new and substantial investment has been made - that in fact protects the old elements and can protect perpetually. So they are, in a nutshell, the bad effects of the sui generis rights in terms of over-protection.
She believes that rather than boosting Europe's economic fortunes, the directive undermined them.
Derclaye: People want to have the sui generis right because it gives them the possibility to charge high prices and there are many ways they can get market power and the like. All these bad effects are not, there is no counter effect to that by having a short term of protection or lots of acceptations for users for research purposes or critism or review etc. A prime example would be a database that is made by the State. For example databases that they produce are highly valuable. Now since they are the only ones to be able to do that and they have a lot of power because they can charge for it and that is what a lot of trading funds like the Ordnance Survey or the Met Office in this country do, they charge for the information.
The problem is not just the database directive though. Derclaye points out in her book that a raft of laws apply to databases building up a patchwork of restrictive protections that are harmful to people who want to use the information in databases.
Derclaye: I review the protection by contract and then I review the protection by unfair competition which in Europe mainly is that the theory of slavish imitation which we do not have in the UK, in fact. And then finally, the protection by technological measures and the corresponding ant circumvention provisions that we have in Europe.
Now you might think you don't need to worry about database rights, but Derclaye says that all sorts of things from newspapers to government systems to libraries can qualify as databases and therefore can qualify for heavy protection.
So how could this affect our everyday lives? Well, just ask Ryanair. It is embroiled in a law suit in Ireland over aggregator website Bravofly's use of information from its site to sell Ryanair flights.
It is perhaps a mark of the uncertainty over exactly how extensive database protection is that Ryanair has not said that it will use database rights to protect its website information.
We haven't seen Ryanair's suit, but it could argue that database rights protect its website.
If it did, Derclaye says that the case would hinge on whether or not Bravofly could prove that having a website with fares and prices is just a by product of running an airline.
It would use similar arguments used by William Hill in its victory against the British Horseracing Board. There, William Hill successfully argued that the BHB couldn't protect its database of runners and riders because the database wasn't an end in itself. All the effort went into creating horse races, the European Court of Justice said, and putting that into a database did not demand a whole new effort. If Ryanair wanted to rely on database rights it would need to prove that it had put a whole new effort into the parts that Bravofly had used.
Derclaye: Ryanair’s website if it is a database, is a spinoff or by product of its activity. Because if it is then it is not obtaining or collecting or verifying or presenting the information which is what triggers the sui generis right it’s basically a by product of spinoff. If that’s the case then it would be very difficult for Ryanair to prove that he has a sui generis right. That is a really good and interesting point because we want the consumer to be able to make price comparisons and to increase competition but on the other hand you should have perhaps the right as company to your information if what you do is basically cut down the prices and you want the consumer to go on your website, and there is nothing in the database directive discussing this issue. And it is very pro database producer, so as I say I do not know what Bravofly takes but if they take just the information such as the departure and the arrival and the price and basic information like that then Ryanair has a much less strong case.
So if the problem is economic lost opportunity because of over-bearing protection, what is the solution?
Derclaye says that the directive needs to be re-drafted in more specific terms so that it is more precise in its protections. She also says it needs to have the same exceptions that other intellectual property law has and it should become databases’ only protection.
Derclaye: The sui generis right is bad in itself but there are some other laws that you can use in addition to it so it is even worse than what you had. This additional protection by unfair competition is over protective because it protects the same thing and as every lawyer would say you can’t sue for the same thing twice. Well, there should definitely be exceptions for research, and as I said, none of the exceptions are mandatory. So there should be, definitely, an exception for criticism and review or for press purposes. All the exceptions that we have in the copyrights acts in Europe that are underlined by some sort of public interest and lots of exceptions that are already there for copy right should also apply to the sui generis rights.
That’s all we have time for this week, thanks for listening.
Why not get in touch with OUT-LAW Radio? Do you know of a technology law story? We would love to hear from you on radio@out-law.com. Make sure you tune in next week; but for now, goodbye.