Slashdot Mirror
UK ISPs Profit From Coughing Up Customer Data
nk497 writes "ISPs in the UK are charging as much as £120 to hand customer data over to rightsholders looking for proof of piracy, according to the Federation Against Software Theft. While ISPs have to hand over log details for free in criminal cases, they are free to charge in civil cases — and can set the price. 'In 2006, we ran Operation Tracker in which we identified about 130 users who were sharing copies of a security program over the web,' said John Lovelock, chief executive of FAST. 'In the end we got about 100 names out of them, but that cost us £12,000, and that was on top of the investigative costs and the legal fees.'"
someone always profits from coughing up data, especialy customer data
GBP 85 / hr doesn't seem outlandishly expensive to me if you consider it a professional IT service. What would surprise me, is if there were ISPs valuing their time at less than GBP 50. What would concern me, is if ISPs were spending 10 minutes on these requests and just giving out data willie nillie.
If the ISPs have to cough up our info, I hope it costs the copyright mafia dearly!
As long as those ISPs follow the law regarding the disclosure of this personal data, I have nothing against it. Actually I would be all for it: let those rights holders pay up! After all they are losing so many billions in sales lost to piracy, that paying a few quid to get those evil pirates' names (and the rest of the population to go back to buying all those songs they are now sharing top-dollar on CD) should be no problem for them. And after all as we know it the record companies are always right in their accusations, suing only actual evil pirates, right?
Of course ISPs should only disclose personal data when the law requires them to do so. Potential profiting from non-compliance poses a danger of course. Oh well as long as the penalty for improper disclosure is high enough (preferably including throwing out court cases against alleged pirates) then they will.
If the the details requested are from people sharing files without the permission of the rights holder these costs should be part any settlement awarded by the court (in UK courts in most cases the costs of the winning party are payed by the losing party).
is that the chief exec of the Federation Against Copyright Theft conflated the web and the net in a way that hints at his ignorance on the topic he's acting as an authority on.
The more they charge the better. If it actually costs some real money, the rights holders will naturally be driven to avoid the frivolous requests they've become notorious for. Alas, 120 isn't likely enough. After all, the biggest repeat customers can and do afford a noticeable percentage of Bolivia's "agricultural exports" all by themselves. Perhaps if they spend 10K to find the name and address of someone offering a recording of Dr. Usher's lecture for download they'll finally start bothering to check the content first.
FAST has very dubious practices to get people to cough up to join their little group 'we offer a reward for copied software your employees may report to us, if you pay us, we'll let you know that we've had a report and let you get legit before we set the attack lawyers onto you". Anything to gouge them of some of their dubiously gained monies is great by me.
That advice about never talk to a cop because they'll twist it around somehow to ensnare you, even (probably) if you're innocent? They've got nothing on these jokers.
Waiting for an amusing sig.
'In 2006, we ran Operation Tracker in which we identified about 130 users who were sharing copies of a security program over the web,' said John Lovelock, chief executive of FAST. 'In the end we got about 100 names out of them, but that cost us £12,000, and that was on top of the investigative costs and the legal fees.'"
Cry ME a fucking river crybaby. Boohoo... we want to screw people, and want to make ISPs screw their customers with laws that we have made by buying legislators... and ISPs are charging us to screw their customers... the nerve of them I say! how can they!
Ubuntu is an African word meaning 'I can't configure Debian'
Not exactly sure about the UK, but I know here in Canada that FOIP (Freedom of Information and Privacy Act) has provisions that mean that ISPs aren't allowed to give out that info without a court order, and would be subject to Federal criminal prosecution if they did hand out the info to private 3rd parties. I had thought the laws were similar in the UK. It would be interesting if one of these users sued their ISP for unlawful disclosure of personal information. The privacy act in the UK can be nasty to those who break it. It all depends whether that information is protected or not. FOIP is the big reason why you don't see these types of lawsuits in Canada, that and a long history of the Canadian courts telling rights holders "tough noogies" when they sue people who make copies for personal use - we pay a blank media tax that gets divvied up amongst rights holders as a hedge against piracy.
My belief is that they ISP's should charge more. £10000 per person. At least then they would be able to sort out the shambles that is "up to 20 MEG DOWNLOAD!!!" and you never get more than 200mbits per sec. YOU KNOW WHO YOU ARE!
-1 disagree is not a modifier for a reason. -1 troll, flamebait, redundant, overrated are NOT acceptable substitutes.
If you read the summary it mentions that "they are free to charge in civil cases". In fact, the article itself states: "Under UK law, rights holders can only obtain details of who was using an IP address when copyright material was downloaded by obtaining a court order."
Basically, they still need to get the Court order, but that just forces the ISP to hand over the data - the ISP can still charge an "administrative fee" for doing so. In these cases, the disclosure is done as the result of a court order (so the ISPs can claim they were "forced" to hand over the information) although the information filtering out of the Courts suggest that they enter into agreements before the case takes place not to contest it.
Also, for the record, there is no "privacy act", "privacy law" or "privacy right" in the UK.
[IANAL, but working on it...]
130 users who were sharing copies of a security program over the web
That's a lot of people who are concerned about security enough to get special software for it, but never stopping to think that the copies they're illegally downloading might be compromised?
We're all doomed.
I dunno, maybe I am missing something, but either you _have_ to give out the data by law in which you can't charge anything. Or you do not _have_ to give out the data in which handing it out seems questionable at best. Charging for it smells illegal, to me.
I see ISPs charging to rat out their subscribers as a good thing. For starters, it cuts down on morally bankrupt ambulance-chasers wasting everyone's time with pointless fishing expeditions. Remember, we're talking ACS:Law, the kings of all ambulance chasers -- they'll happily try and make a buck at somebody else's expense, including your ISP (who'll happily pass on the cost) for a few squalid pounds.
I understand this concern on behalf of the taxpayers. People want value for money. And that’s why we always insist on the principle of Information Retrieval Charges. It's absolutely right and fair that those found guilty should pay for their periods of detention and the Information Retrieval Procedures used in their interrogation.
-Deputy Minister Helpmann
This is bad because ISPs now have an incentive reveal your identity to the mega corporations who will sue you. If all ISPs in the UK are required to do this, then ISP won't need to worry about losing customers by revealing their customer names. Here's how it will work:
1) MPAA pays ISP $120 to get your name from your IP address. I don't know why people still think that the ISP account holder is necessarily the person who is sharing copyrighted material.
2) ISP profits!
3) MPAA sues you for $150000, but settles for $3000.
4) MPAA profits! ($3000 - $120 - $0.5 (stamp)) = $2879.50
YOU LOSE $3000, lot of sleep, and get stressed because you feel so powerless to stop those parasites.
How about pass savings to a customer? If you are getting paid 120 per inquiry, then those subscribers are becoming a revenue stream for your ISP. Knock off some percentage of their bill for a while, to encourage their staying with your service. Hell, next time they are accused of infringing, you get 120! Since people don't like change, even if they wanted to change ISPs after you shared their data, they will be getting a discount, so they are less likely to move.
OP said
Actually, ISPs routinely charge the cost of obtaining, processing and handing over log details when asked for it by law enforcement authorities under the Regulation of Investigatory Powers Act 2000, including when the data is needed for criminal investigations.
ISPs aren't allowed to make a profit from providing this data, whether for civil litigation or criminal investigations, just recover their costs. However ISPs' costs can be substantial: ISPs don't just spend time fishing out the records and handing them over, there are also significant overheads in training and systems to ensure this data is only handed over when it should be, to make sure the requesting authority is genuine and the ISP isn't being subjected to an imposter trying a social engineering attack, and so forth. Larger ISPs/telcos run dedicated units to cope with the high volumes of request from public authorities (in total, hundreds of thousands of RIPA requests are made each year, although most of these are for telephony data rather than Internet accounts).
For confirmation see Chapter Four of the relevant Code of Practice.