The Digital Economy Act has been in force since June. However, the Initial Obligations Code (the first step to cutting people's Internet connections) is now set to be finalised in April (due to the Government being slow, not due to concerns over a lack of consulting or research time).
However, before it comes into force it needs to be approved by both Houses of Parliament and the European Commission. There's a slight chance that any one of these might kick up a fuss about it. Having read the draft code and spoken to Ofcom and other lobbyists, they do seem to be making it as ridiculous as possible...
I am not sure which incident you are referring to? I am aware of two involving Twitter: 1) A person was about a Twitter message where someone was threatening to blow up an airport and 2) where a British politician suggested that a writer should be stoned to death.
I was referring to neither of those incidents, but the one I linked to. It concerned someone "trolling" a Facebook page. In your cases, 1) received a fine (of £1,000, recently appealed unsuccessfully and a criminal record) and 2) has yet to be charged, from what I understand.
In the case I mentioned, the individual was imprisoned for his actions. A criminal record and imprisonment are not trivial things - and while trolling is unpleasant, one hopes that there is a more suitable way of dealing with it.
Anyways, I wasn't intending to suggest that what was done was particularly wrong, but highlighting the irony of the OP's comment about how a society that locked people away for Facebook postings was barbaric.
Scale is just a case of numbers. Once you say it is OK to lock someone up for saying something some people don't like, there's nothing stopping you locking them up for ever for saying something worse - the principle is the same.
I don't remember reading about them threatening the life of anyone; they were merely trolling some Facebook memorial pages.
Yes, terrorists do sometimes call in bomb threats (often as a way of proving responsibility - it happened a lot in NI). In fact, the UK has a law against it. However, the CPS decided not to charge him with this, rather an obscure law against sending a malicious message using a public communications system (something originally aimed at protecting telephone operators from harassment) because the bomb threat laws actually require proof that the threat is intended to be taken seriously. Also, terrorists sending in bomb threats tend not to do so from their personal Twitter account from which they can easily be identified and located.
Law enforcement only found out about the threat because an off-duty airport worker stumbled across it and reported it to airport security, who decided it wasn't real, but forwarded it to the police. It was never considered a credible threat.
As for the punishment; yes, he received a slap on the wrist and a small fine (around £1,000, iirc), but the "slap on the wrist" consists of a criminal record which lost him his job, got him kicked off his professional-qualification course and has seriously limited his chance of getting another job for quite a while (iirc). If you think this is proportional to posting a joke on twitter, fair enough. Obviously a lot of Twitter users disagree.
While it is true that ACTA was negotiated by the European Commission and not the UK Government (in fact the "broadband minister" confessed to not even knowing about it a while ago), it does change a few definitions in a rather worrying way; such as by expanding the definition of a commercial scale.
As for this review, I've so far seen no indications that the public will be consulted on this, so it will all be civil servants sorting it out behind closed doors (no doubt with a few lobbyists chatting them up). I wouldn't be surprised if we end up with no fair use and instead ACTA and extended copyright (what is currently being pushed for). The UK has already given up on several chances to implement fair use (on the recommendation of the Gowers Review; which kind of led to the Digital Economy Act) over the last few years, somehow I doubt we'll get anything better this time.
Just for the record, this isn't really a publicity stunt - at least, not originally. This is what happens when you have a bunch of nerd-types discussing random things on a mailing list and someone comes up with an idea; people start chipping in with possible solutions. It just happened that someone at Forbes happened to read the mailing list (which shocked me) and decided to write something up about it...
I am not sure if they do the same in other EU countries, but in Denmark we just ignore the data retention regulation.
The data retention regulation wasn't encoded into law here in the UK either (the world-leader in defendingpersonalprivacy). Instead, it is my understanding that the major ISPs have a "gentleman's agreement" with the Home Office (similar to the one for our Internet censorship scheme) whereby the Government agrees not to order them to retain data if they agree to retain it. As far as I know, most of the smaller service providers completely ignore it.
I don't think it has been tested much; the important part may be this, in section 53 (2):
...if it is shown that that person was in possession of a key to any protected information at any time before the time of the giving of the section 49 notice, that person shall be taken for the purposes of those proceedings to have continued to be in possession of that key at all subsequent times, unless it is shown that the key was not in his possession
It seems that the prosecution needs to prove he has or had the key, then he needs to prove he no longer does. I would hope that the methods the police use to gather evidence mean the evidence is tamper-proof; if not every case should collapse.
Anyway, the relevant section of the law is on this page, feel free to have a read through.
I guess insisting on your privacy is taboo now. Even if you're a good kid, if you refuse to let the police into your private files just on principle, you're boned.
... or if you refuse to let the police into your house, on principle, when they turn up with a warrant.
This isn't just a case of a police officer saying "ooh you have password-protected files, hand over the password or we won't let you go", this is the police going to a judge (etc.) during an investigation into that person and saying "we have seized this material as part of an investigation and have reasonable grounds to suspect this guy has the key and that the information is important to the investigation" (actually, the judge needs the "reasonable grounds", but you get the picture). I would imagine that both the initial order (if granted) and the trial for non-compliance can both be contested.
Reading the (very limited) articles, there is nothing here to indicate he did this "on principle". No statement from him about how it is a stupid law, no obvious attempt to get privacy groups (PI, ORG, even PPUK) involved, no signs that this is anything other than someone deciding that six months in prison and a criminal record is less than what he would get if the information was made available.
Of course, I don't know if he contested the charges etc. but anyway; RIPA Part III is a tricky piece of legislation; it seems to be an attempt to apply the idea of a warrant to technology, whether or not successfully. Like a lot of other New Labour laws, it seems to depend entirely on how sensible those applying it are - which given things like this, makes me very glad that judges are involved, not just the police and the CPS....
If you read the summary it mentions that "they are free to charge in civil cases". In fact, the article itself states: "Under UK law, rights holders can only obtain details of who was using an IP address when copyright material was downloaded by obtaining a court order."
Basically, they still need to get the Court order, but that just forces the ISP to hand over the data - the ISP can still charge an "administrative fee" for doing so. In these cases, the disclosure is done as the result of a court order (so the ISPs can claim they were "forced" to hand over the information) although the information filtering out of the Courts suggest that they enter into agreements before the case takes place not to contest it.
Also, for the record, there is no "privacy act", "privacy law" or "privacy right" in the UK.
Frankly, I do not quite see how does the data protection act authorise you to give the data in question. With fee or without.
It is my understanding that this is where the Court order comes in. And from what we've seen; provided whoever is asking for the data is willing to pay, the person who has the data may not put up a fight. However, it seems that even the judges are beginning to question this.
Plus the Data Protection Act (based on the EU data protection directives) is all about consent; if when you signed your ISP agreement there was a clause that said "we will not share the data with any third parties unless required to do so by a court order or we feel like it" then everything may well be covered.
It might depend on how the information was taken from the bank. If the data was on discs of some sort then it may be that the individual stole the data - but yes, information cannot be stolen in the UK.
Of course, that doesn't mean that there aren't other laws that could be used - breach of confidence, data protection etc (copyright doesn't apply to facts and data).
And probably all rendered inadmissible in court because they were obtained illegally.
Ignoring the issue of whether or not this would make the evidence inadmissible (after all, the police can always go and demand the original data via a warrant), which law has been broken by those who obtained the data?
The data was made available to the public by the website's back-up system (likely breaking some laws), not by any hack, and there is no necessity that those who initially downloaded it also carried out the DDoS attack. So there wouldn't seem to be any "misuse of a computer"-type offence.
Distributing the information could be considered a "breach of confidence" but that has a very clear "public interest" exception. While some of the emails will fail that, others certainly meet it. Furthermore, breach of confidence does not apply to information which can be considered "in the public domain" (in the general, non-copyright-related sense), which it could be argued it was by being published.
Art. 8 of the ECHR could apply, but that would involve proceedings against the UK, not against any individual or group, and would be over the lack of appropriate remedies - but again, that gets balanced by Art. 10 and "public interest" claims.
This leaves copyright infringement. Some of the content of emails (i.e. photographs, songs) may be covered, but as for the emails themselves, it could be argued that they are not "original literary... or artistic works" (Section 1(1)(a), CDPA 1988), although the definition of "literary work" in S.3(1) is rather vague and includes databases, which this might count as. So, a lawyer who knows what he is doing could probably make a claim against everyone who uploads it for copyright infringement - but it might not hold. However, there are clear exemptions to copyright for "research and private study" (S.29) and "criticism, review and news reporting" (S.30), some of which could apply here. Finally, even if the emails themselves are copyrighted, the facts in them are not.
------ On the other hand, making this information available in the first place likely contravenes the Data Protection Act and breaches confidence on a massive scale (particularly client/lawyer confidentiality). Someone should get in serious trouble over this, but Mr Crossley seems to be a pretty slippery lawyer (hiring a top QC just for his SRA hearing... etc.) so I imagine he will find someone else to take all the legal flak from. However, one imagines his professional reputation will be further damaged - and I can't imagine the big law firms whose communications were also leaked "by him" are going to be very happy.
Anyways, so while as a lawyer I have no doubt he'll find a way to turn some of this around, I do question whether the files were illegally obtained.
As for the "Pirates hack into law-firm's servers" comment, I do worry about that as well - hence I tried to make it very clear that no hacking occurred (nor Pirates-with-a-P directly involved) when PPUK published its response.
Actually, we are nearly all "rights holders" - or rather "copyright owners" (to use slightly more accurate terminology). As nearly anything produced is automatically copyrighted, it if very hard to imagine any person who doesn't own the copyright on something (even if it is just comments like these). But yes, most artists seem to be forced to sell away their copyrights to the large publishers.
For a long time people have been complaining about the big copyright owner groups not innovating or coming up with new business models but they seem to have finally done so - and it is an impressively clever one.
The DEA (well, the relevant copyright-litigation measures) are designed to make it easier for rich copyright owners to sue people (or threaten to sue them, see ACS:Law). Their aim is that this will increase their revenue by £200mpa. As there is no consensus about whether stronger copyright will actually help artists, encourage creativity etc., this can only be about the money.
1. get a law passed designed so you can make £200mpa more money.
Of course, their aim is to maximise profit, so they don't want to pay for this (part of the reason they haven't been suing so far is that it is very expensive with small returns in the UK due to their being no statutory minimum damages unlike elsewhere). They start by saying the costs of forcing ISPs to "protect" their copyrights should be shared between them (if you look through the BIS consultation responses nearly all the copyright owner groups argued for a 50:50 split). ISPs, consumer groups, and nearly everyone else rightly pointed out this was ridiculous, so the Government decided to reach a compromise that still means ISPs will be paying to make copyright owners more money.
2. get someone else to pay for your revenue-generating scheme.
But we know that ISPs won't absorb these costs, they'll pass them on to their customers as an 'Internet Levy'. Similarly, the remaining 75% of costs isn't going to come out of copyright owner profits, or their executive salaries/bonuses, or their vast lobbying budgets. The publishing groups are 'middle-men' so most likely this money will come from both ends: We already know how most record labels will add any expenses they possibly can to the "artist's share" of their revenue, so expect to see extra charges here for "protecting the artist's copyright so people can pay the artistpublisher more money". Also expect to see end prices go up (i.e. us paying more for music/films to cover this cost).
3. ????? [fiddle accounts]
Of course, the aim of this is for the "creative industries" (an amusing phrase, although in fairness, they are good at creating new legislation and accounting practices) to generate this £200mpa - but where is this going to come from? Well... us. Either through being sent threatening letters demanding we pay up, a few high-profile lawsuits, or general increased sales due to greater fear over piracy (somehow I doubt this last one will actually happen, but we'll see..) but yes, this £200mpa comes from us, the consumers.
4. Profit.
So, in summary, this law is about getting us to pay copyright owners so we can pay them more money. As evil as it may seem, that is one impressively imaginative and innovative business model.
Oh, also it is interesting to see that there is currently no shortage of people complaining about this decision but strangely enough only 3 individuals actually responded to the BIS consultation on it... seems people are happy to complain once a bad decision is made, but aren't willing to actually do anything to help people make the right one.
The obvious solution to this would be for libraries to stop giving out library cards and start giving out eBook Readers. Give it a couple of years and one would imagine that you could get a very basic eBook Reader for about £50. Obviously you'd want to make it optional, and possibly giving it to those who couldn't afford one otherwise - I'm thinking pensioners etc. (who maybe have trouble reading the small print in books/turning pages anyway) and that sort of thing...
Of course, the stuff would legally be required to be covered in DRM... It seems to me that this move has happened in the UK because of Section 43 of the Digital Economy Act 2010, which changed the definition of a "book" in the Public Lending Right Act 1979 to include
a work, other than an audio-book, recorded in electronic form and consisting mainly of (or of any combination of) written or spoken words or still pictures (an “e-book”).
Unfortunately, it also amends the definition of "lent out" to being for a "limited time", so that's your DRM requirement, and it specifies that lending "does not include being communicated by means of electronic transmission to a place other than library premises" - so no renting eBooks directly from your library website either.
Still, Sony DRM aside, it is nice to see some potentially-good things coming from the DEA...
What if an American company (A) hires a foreign company (B) to do something (1), and in the process of doing (1), (B) commits a crime (2) in the US, even though (A) did not specifically ask (B) to do (2), nor was (2) the only way of achieving (1)?
Also, what if (B) does (2) but not in the US (noting that places like tPB are rarely hosted within the US these days)?
I'm fairly* sure the lawyers behind this knew what they were doing.
*inserted after remembering about ACS:Law
[More interested from a legal point of view than the story here; I agree what they did is probably wrong and should be illegal - but I don't know much about US law and would like to learn... plus I don't like this automatic assumption that because some company does something that is against the law in the US they are criminals. I know lots of people who do things that are against the law in the US and would hate to have to report them all...]
This company seems to be based in India, working for Bollywood companies and is threatening to DoS websites that I'm guessing mostly aren't based in the US either. I know this is/., but it is still worth remembering that (in theory, at least) US law does not apply to the rest of the world. There is no reason why it being illegal in the US should automatically make it illegal anywhere else.
That said, IANAIL so I don't know what the law on this in India - although if the website has T&Cs there might be a "breach of contract" case (assuming India still has that; iirc its legal system is based on the English one due to being an ex-colony, so most of the common law stuff should apply) but we all know how legally shaky those things are.
Two things to correct you on that. This isn't the EU; this is the European Parliament - the only democratically-elected part of the EU bureaucracy. The declaration is actually complaining about the work the EU's own negotiators (from the "appointed by ministers of the member states" European Commission) are doing on ACTA.
Secondly, sometimes the EP gets things right, sometimes it gets them very wrong. If you look at the list of adopted written declarations you will see that the most recent one they have is about adopting an early warning system for paedophiles and sex offenders that consists of extending the data retention directive to search engines; meaning that everything entered in any search engine in the EU would be logged and potentially handed straight over to police etc. so they can see if you searched for anything that *might* indicate you were a paedophile or sex offender.
Sure, this is a victory against ACTA but it doesn't mean that the EU is perfect. Even a stopped clock is right twice a day.
I know this is/., but that headline is still rather misleading (RTFA more carefully, perhaps).
Feargal Sharkey is not the UK Music Industry. He was a singer in the 80s and early 90s, who had a top-ten hit in the UK singles chart. He then became a middle-management guy for a record label or two and then in 2008 founded the (cleverly-named) organisation UK Music of which he is the CEO.
UK Music is another lobby group for the UK music companies. Basically, it is 7ish people who managed to get the big initials in the UK music business (BPI, PRS, PPL, BAC&S etc.) to agree to found (and presumably fund) it. From what I've heard/seen, it sends Feargal around the country to give talks and public appearances, but only when there is little risk of him getting any serious opposition (he pulled out of a Cambridge Union debate with Rick Falkvinge etc. at the last minute). Looking at their website, they don't seem to do much else. Also, it is my impression that nobody within the major lobbying groups takes him that seriously either (i.e. within the BPI/MPA). His offer of "a truce" is particularly amusing as he has neither the power, authority or influence to "call off" any of the lobbyists attacks on technology; the DEAct, ACTA (I wonder if he has even heard of it, even the relevant UK minister hadn't heard of it) or any of the restrictive licensing policies in place.
Anyways, on the subject of what he said... the idea of the "music industry being at war with technology" strikes me as rather amusing - something like a child standing on a beach throwing stones into the sea; they take every splash as a victory, but perhaps now the water is flooding into their wellington boots they call for a truce... the water doesn't care. Similarly, technology isn't really fighting music; and certainly the technology industry isn't - if it did, I think the music industry would lose rather quickly (total music industry is worth about $60bn - very rough estimate - compared with Google's $40bn, MS's $90bn, Apple's $50bn etc.). In the UK, the recorded music industry is under £1bn a year out of the £1tr GDP... it really is quite tiny.
People broke the law and now they're being told they have to pay for their crime?
Not quite. People are accused of breaking the law (in a way that may or may not be a crime - where I am it is merely a civil offence) and are told to pay or face a costly trial. In many cases, merely saying "I've talked to a lawyer" is enough to get them to back off. Unfortunately "innocent until proven guilty" doesn't quite hold that much weight when the cost of proving innocence (or even any sort of defence) is prohibitively large. It makes little difference to the plaintiffs (or claimants, whatever you call them) whether the accused is actually guilty/liable.
Incidentally, this has been going on for years over here (in the UK) and has been referred to as "a scam" and "legal blackmail" by politicians with one of the lawyers involved facing a disciplinary tribunal at the moment.
This guy is my (brand new) MP and so I've been keeping an eye out for him and it strikes me that this is partly him trying to get in the news. He's turned up in a couple of rather silly, but newsworthy debates so far. He's young, keen and probably after a ministerial job at some point - and what better way to get noticed by (and support from) the other conservative backbenchers than by complaining about these "evil, liberal lobby groups sending lots of emails to MPs through the Interwebs... It's also a little hypercritical of him as he was actively encouraging people to send him emails to discuss issues during his election campaign. So, given how important being able to write to an MP is, and the circumstances, I strongly disagree with him removing his email address from "the public HoC Internet".
That said, I think this is mainly 38 Degrees's fault, and I also disagree with what they (and the ORG) have been doing. Writing to one's MP is an important part of the system, however each MP may represent 100,000 people, so if each of them sent an email or letter each time they had a though, this system would break (which is almost what we are seeing here). As such, there is a useful check on this; the effort required to write a letter. Now, it may not seem like much, but when I ended up writing to his predecessor (over the Digital Economy Bill, now Act) it took the best part of a day to write the letter, make sure it was all properly worded, that I had a clear idea of what I wanted to say etc. and find out where to send it. This is a good thing, as it means that the only people contacting their MPs are those that are willing to spend the time and effort to do so. By setting up a mass-template-email system, you remove this check and make it as simple as clicking a button. This is great for us, but terrible for the MP who then has to manually go through all these emails and (unlike a ministerial office, or department) is unlikely to be able to set up a mass-response system - which is what is really needed. [When I wrote to my MP, he had obviously received many template emails/letters on the same issue, so he wrote one response and sent it out to everyone - after the Bill passed.] If anything, the mass-template-emails drown out the real responses, which is a bad thing.
Perhaps a more suitable way for 38 Degrees to act would be if they collect signatures, match them with their MP and send one email per issue (maybe after a week-long campaign) to each MP willing to take part in the system - so that MPs know how popular and important certain issues are, and get the details, but without being overloaded.
Anyways, finally in defence of my MP, it is worth noting that he is still emailable (he's set up a form here) and has explained his reasoning in detail on his blog (which includes his email address, sort of) - where he explains that he isn't against being emailed - he just doesn't want the mass-template emails from any lobby group, whether it is an industry or trade one.
[I wonder how different this story would have been if it was some big corporate website encouraging people to send template emails, rather than a civil liberties one...]
Slashdot Mirror
The Digital Economy Act has been in force since June. However, the Initial Obligations Code (the first step to cutting people's Internet connections) is now set to be finalised in April (due to the Government being slow, not due to concerns over a lack of consulting or research time).
However, before it comes into force it needs to be approved by both Houses of Parliament and the European Commission. There's a slight chance that any one of these might kick up a fuss about it. Having read the draft code and spoken to Ofcom and other lobbyists, they do seem to be making it as ridiculous as possible...
I am not sure which incident you are referring to? I am aware of two involving Twitter: 1) A person was about a Twitter message where someone was threatening to blow up an airport and 2) where a British politician suggested that a writer should be stoned to death.
I was referring to neither of those incidents, but the one I linked to. It concerned someone "trolling" a Facebook page. In your cases, 1) received a fine (of £1,000, recently appealed unsuccessfully and a criminal record) and 2) has yet to be charged, from what I understand.
In the case I mentioned, the individual was imprisoned for his actions. A criminal record and imprisonment are not trivial things - and while trolling is unpleasant, one hopes that there is a more suitable way of dealing with it.
Anyways, I wasn't intending to suggest that what was done was particularly wrong, but highlighting the irony of the OP's comment about how a society that locked people away for Facebook postings was barbaric.
Scale is just a case of numbers. Once you say it is OK to lock someone up for saying something some people don't like, there's nothing stopping you locking them up for ever for saying something worse - the principle is the same.
I don't remember reading about them threatening the life of anyone; they were merely trolling some Facebook memorial pages.
Of course, something like this (someone being locked up for trolling people on Facebook) would never happen in the Western world.
Oh, wait... it has happened, admittedly on a smaller scale. Our society isn't that much better; we just have different things we get worked up over.
Yes, terrorists do sometimes call in bomb threats (often as a way of proving responsibility - it happened a lot in NI). In fact, the UK has a law against it. However, the CPS decided not to charge him with this, rather an obscure law against sending a malicious message using a public communications system (something originally aimed at protecting telephone operators from harassment) because the bomb threat laws actually require proof that the threat is intended to be taken seriously. Also, terrorists sending in bomb threats tend not to do so from their personal Twitter account from which they can easily be identified and located.
Law enforcement only found out about the threat because an off-duty airport worker stumbled across it and reported it to airport security, who decided it wasn't real, but forwarded it to the police. It was never considered a credible threat.
As for the punishment; yes, he received a slap on the wrist and a small fine (around £1,000, iirc), but the "slap on the wrist" consists of a criminal record which lost him his job, got him kicked off his professional-qualification course and has seriously limited his chance of getting another job for quite a while (iirc). If you think this is proportional to posting a joke on twitter, fair enough. Obviously a lot of Twitter users disagree.
While it is true that ACTA was negotiated by the European Commission and not the UK Government (in fact the "broadband minister" confessed to not even knowing about it a while ago), it does change a few definitions in a rather worrying way; such as by expanding the definition of a commercial scale.
As for this review, I've so far seen no indications that the public will be consulted on this, so it will all be civil servants sorting it out behind closed doors (no doubt with a few lobbyists chatting them up). I wouldn't be surprised if we end up with no fair use and instead ACTA and extended copyright (what is currently being pushed for). The UK has already given up on several chances to implement fair use (on the recommendation of the Gowers Review; which kind of led to the Digital Economy Act) over the last few years, somehow I doubt we'll get anything better this time.
Just for the record, this isn't really a publicity stunt - at least, not originally. This is what happens when you have a bunch of nerd-types discussing random things on a mailing list and someone comes up with an idea; people start chipping in with possible solutions. It just happened that someone at Forbes happened to read the mailing list (which shocked me) and decided to write something up about it...
A common misconception; Australia was, in fact, founded by prison wardens. Once you remember this, it all becomes a lot more understandable.
I am not sure if they do the same in other EU countries, but in Denmark we just ignore the data retention regulation.
The data retention regulation wasn't encoded into law here in the UK either (the world-leader in defending personal privacy). Instead, it is my understanding that the major ISPs have a "gentleman's agreement" with the Home Office (similar to the one for our Internet censorship scheme) whereby the Government agrees not to order them to retain data if they agree to retain it. As far as I know, most of the smaller service providers completely ignore it.
I don't think it has been tested much; the important part may be this, in section 53 (2):
...if it is shown that that person was in possession of a key to any protected information at any time before the time of the giving of the section 49 notice, that person shall be taken for the purposes of those proceedings to have continued to be in possession of that key at all subsequent times, unless it is shown that the key was not in his possession
It seems that the prosecution needs to prove he has or had the key, then he needs to prove he no longer does. I would hope that the methods the police use to gather evidence mean the evidence is tamper-proof; if not every case should collapse.
Anyway, the relevant section of the law is on this page, feel free to have a read through.
I guess insisting on your privacy is taboo now. Even if you're a good kid, if you refuse to let the police into your private files just on principle, you're boned.
... or if you refuse to let the police into your house, on principle, when they turn up with a warrant.
This isn't just a case of a police officer saying "ooh you have password-protected files, hand over the password or we won't let you go", this is the police going to a judge (etc.) during an investigation into that person and saying "we have seized this material as part of an investigation and have reasonable grounds to suspect this guy has the key and that the information is important to the investigation" (actually, the judge needs the "reasonable grounds", but you get the picture). I would imagine that both the initial order (if granted) and the trial for non-compliance can both be contested.
Reading the (very limited) articles, there is nothing here to indicate he did this "on principle". No statement from him about how it is a stupid law, no obvious attempt to get privacy groups (PI, ORG, even PPUK) involved, no signs that this is anything other than someone deciding that six months in prison and a criminal record is less than what he would get if the information was made available.
Of course, I don't know if he contested the charges etc. but anyway; RIPA Part III is a tricky piece of legislation; it seems to be an attempt to apply the idea of a warrant to technology, whether or not successfully. Like a lot of other New Labour laws, it seems to depend entirely on how sensible those applying it are - which given things like this, makes me very glad that judges are involved, not just the police and the CPS....
If you read the summary it mentions that "they are free to charge in civil cases". In fact, the article itself states: "Under UK law, rights holders can only obtain details of who was using an IP address when copyright material was downloaded by obtaining a court order."
Basically, they still need to get the Court order, but that just forces the ISP to hand over the data - the ISP can still charge an "administrative fee" for doing so. In these cases, the disclosure is done as the result of a court order (so the ISPs can claim they were "forced" to hand over the information) although the information filtering out of the Courts suggest that they enter into agreements before the case takes place not to contest it.
Also, for the record, there is no "privacy act", "privacy law" or "privacy right" in the UK.
[IANAL, but working on it...]
Frankly, I do not quite see how does the data protection act authorise you to give the data in question. With fee or without.
It is my understanding that this is where the Court order comes in. And from what we've seen; provided whoever is asking for the data is willing to pay, the person who has the data may not put up a fight. However, it seems that even the judges are beginning to question this.
Plus the Data Protection Act (based on the EU data protection directives) is all about consent; if when you signed your ISP agreement there was a clause that said "we will not share the data with any third parties unless required to do so by a court order or we feel like it" then everything may well be covered.
It might depend on how the information was taken from the bank. If the data was on discs of some sort then it may be that the individual stole the data - but yes, information cannot be stolen in the UK.
Of course, that doesn't mean that there aren't other laws that could be used - breach of confidence, data protection etc (copyright doesn't apply to facts and data).
Just for the record (should have posted this originally), I am law student, but not a lawyer, so no guarantees about the accuracy of all of that.
And probably all rendered inadmissible in court because they were obtained illegally.
Ignoring the issue of whether or not this would make the evidence inadmissible (after all, the police can always go and demand the original data via a warrant), which law has been broken by those who obtained the data?
The data was made available to the public by the website's back-up system (likely breaking some laws), not by any hack, and there is no necessity that those who initially downloaded it also carried out the DDoS attack. So there wouldn't seem to be any "misuse of a computer"-type offence.
Distributing the information could be considered a "breach of confidence" but that has a very clear "public interest" exception. While some of the emails will fail that, others certainly meet it. Furthermore, breach of confidence does not apply to information which can be considered "in the public domain" (in the general, non-copyright-related sense), which it could be argued it was by being published.
Art. 8 of the ECHR could apply, but that would involve proceedings against the UK, not against any individual or group, and would be over the lack of appropriate remedies - but again, that gets balanced by Art. 10 and "public interest" claims.
This leaves copyright infringement. Some of the content of emails (i.e. photographs, songs) may be covered, but as for the emails themselves, it could be argued that they are not "original literary ... or artistic works" (Section 1(1)(a), CDPA 1988), although the definition of "literary work" in S.3(1) is rather vague and includes databases, which this might count as. So, a lawyer who knows what he is doing could probably make a claim against everyone who uploads it for copyright infringement - but it might not hold. However, there are clear exemptions to copyright for "research and private study" (S.29) and "criticism, review and news reporting" (S.30), some of which could apply here. Finally, even if the emails themselves are copyrighted, the facts in them are not.
------
On the other hand, making this information available in the first place likely contravenes the Data Protection Act and breaches confidence on a massive scale (particularly client/lawyer confidentiality). Someone should get in serious trouble over this, but Mr Crossley seems to be a pretty slippery lawyer (hiring a top QC just for his SRA hearing... etc.) so I imagine he will find someone else to take all the legal flak from. However, one imagines his professional reputation will be further damaged - and I can't imagine the big law firms whose communications were also leaked "by him" are going to be very happy.
Anyways, so while as a lawyer I have no doubt he'll find a way to turn some of this around, I do question whether the files were illegally obtained.
As for the "Pirates hack into law-firm's servers" comment, I do worry about that as well - hence I tried to make it very clear that no hacking occurred (nor Pirates-with-a-P directly involved) when PPUK published its response.
If you're not a "Rights Holder", you're nobody.
Actually, we are nearly all "rights holders" - or rather "copyright owners" (to use slightly more accurate terminology). As nearly anything produced is automatically copyrighted, it if very hard to imagine any person who doesn't own the copyright on something (even if it is just comments like these). But yes, most artists seem to be forced to sell away their copyrights to the large publishers.
For a long time people have been complaining about the big copyright owner groups not innovating or coming up with new business models but they seem to have finally done so - and it is an impressively clever one.
The DEA (well, the relevant copyright-litigation measures) are designed to make it easier for rich copyright owners to sue people (or threaten to sue them, see ACS:Law). Their aim is that this will increase their revenue by £200mpa. As there is no consensus about whether stronger copyright will actually help artists, encourage creativity etc., this can only be about the money.
1. get a law passed designed so you can make £200mpa more money.
Of course, their aim is to maximise profit, so they don't want to pay for this (part of the reason they haven't been suing so far is that it is very expensive with small returns in the UK due to their being no statutory minimum damages unlike elsewhere). They start by saying the costs of forcing ISPs to "protect" their copyrights should be shared between them (if you look through the BIS consultation responses nearly all the copyright owner groups argued for a 50:50 split). ISPs, consumer groups, and nearly everyone else rightly pointed out this was ridiculous, so the Government decided to reach a compromise that still means ISPs will be paying to make copyright owners more money.
2. get someone else to pay for your revenue-generating scheme.
But we know that ISPs won't absorb these costs, they'll pass them on to their customers as an 'Internet Levy'. Similarly, the remaining 75% of costs isn't going to come out of copyright owner profits, or their executive salaries/bonuses, or their vast lobbying budgets. The publishing groups are 'middle-men' so most likely this money will come from both ends: We already know how most record labels will add any expenses they possibly can to the "artist's share" of their revenue, so expect to see extra charges here for "protecting the artist's copyright so people can pay the artistpublisher more money". Also expect to see end prices go up (i.e. us paying more for music/films to cover this cost).
3. ????? [fiddle accounts]
Of course, the aim of this is for the "creative industries" (an amusing phrase, although in fairness, they are good at creating new legislation and accounting practices) to generate this £200mpa - but where is this going to come from? Well... us. Either through being sent threatening letters demanding we pay up, a few high-profile lawsuits, or general increased sales due to greater fear over piracy (somehow I doubt this last one will actually happen, but we'll see..) but yes, this £200mpa comes from us, the consumers.
4. Profit.
So, in summary, this law is about getting us to pay copyright owners so we can pay them more money.
As evil as it may seem, that is one impressively imaginative and innovative business model.
Oh, also it is interesting to see that there is currently no shortage of people complaining about this decision but strangely enough only 3 individuals actually responded to the BIS consultation on it... seems people are happy to complain once a bad decision is made, but aren't willing to actually do anything to help people make the right one.
The obvious solution to this would be for libraries to stop giving out library cards and start giving out eBook Readers. Give it a couple of years and one would imagine that you could get a very basic eBook Reader for about £50. Obviously you'd want to make it optional, and possibly giving it to those who couldn't afford one otherwise - I'm thinking pensioners etc. (who maybe have trouble reading the small print in books/turning pages anyway) and that sort of thing...
Of course, the stuff would legally be required to be covered in DRM ... It seems to me that this move has happened in the UK because of Section 43 of the Digital Economy Act 2010, which changed the definition of a "book" in the Public Lending Right Act 1979 to include
a work, other than an audio-book, recorded in electronic form and consisting mainly of (or of any combination of) written or spoken words or still pictures (an “e-book”).
Unfortunately, it also amends the definition of "lent out" to being for a "limited time", so that's your DRM requirement, and it specifies that lending "does not include being communicated by means of electronic transmission to a place other than library premises" - so no renting eBooks directly from your library website either.
Still, Sony DRM aside, it is nice to see some potentially-good things coming from the DEA...
What if an American company (A) hires a foreign company (B) to do something (1), and in the process of doing (1), (B) commits a crime (2) in the US, even though (A) did not specifically ask (B) to do (2), nor was (2) the only way of achieving (1)?
Also, what if (B) does (2) but not in the US (noting that places like tPB are rarely hosted within the US these days)?
I'm fairly* sure the lawyers behind this knew what they were doing.
*inserted after remembering about ACS:Law
[More interested from a legal point of view than the story here; I agree what they did is probably wrong and should be illegal - but I don't know much about US law and would like to learn ... plus I don't like this automatic assumption that because some company does something that is against the law in the US they are criminals. I know lots of people who do things that are against the law in the US and would hate to have to report them all...]
Aren't DoS attacks illegal? If so, why not?
They are (by my understanding) in the US!
This company seems to be based in India, working for Bollywood companies and is threatening to DoS websites that I'm guessing mostly aren't based in the US either. I know this is /., but it is still worth remembering that (in theory, at least) US law does not apply to the rest of the world. There is no reason why it being illegal in the US should automatically make it illegal anywhere else.
That said, IANAIL so I don't know what the law on this in India - although if the website has T&Cs there might be a "breach of contract" case (assuming India still has that; iirc its legal system is based on the English one due to being an ex-colony, so most of the common law stuff should apply) but we all know how legally shaky those things are.
EU has been impressing me lately.
Two things to correct you on that. This isn't the EU; this is the European Parliament - the only democratically-elected part of the EU bureaucracy. The declaration is actually complaining about the work the EU's own negotiators (from the "appointed by ministers of the member states" European Commission) are doing on ACTA.
Secondly, sometimes the EP gets things right, sometimes it gets them very wrong. If you look at the list of adopted written declarations you will see that the most recent one they have is about adopting an early warning system for paedophiles and sex offenders that consists of extending the data retention directive to search engines; meaning that everything entered in any search engine in the EU would be logged and potentially handed straight over to police etc. so they can see if you searched for anything that *might* indicate you were a paedophile or sex offender.
Sure, this is a victory against ACTA but it doesn't mean that the EU is perfect. Even a stopped clock is right twice a day.
I know this is /., but that headline is still rather misleading (RTFA more carefully, perhaps).
Feargal Sharkey is not the UK Music Industry. He was a singer in the 80s and early 90s, who had a top-ten hit in the UK singles chart. He then became a middle-management guy for a record label or two and then in 2008 founded the (cleverly-named) organisation UK Music of which he is the CEO.
UK Music is another lobby group for the UK music companies. Basically, it is 7ish people who managed to get the big initials in the UK music business (BPI, PRS, PPL, BAC&S etc.) to agree to found (and presumably fund) it. From what I've heard/seen, it sends Feargal around the country to give talks and public appearances, but only when there is little risk of him getting any serious opposition (he pulled out of a Cambridge Union debate with Rick Falkvinge etc. at the last minute). Looking at their website, they don't seem to do much else. Also, it is my impression that nobody within the major lobbying groups takes him that seriously either (i.e. within the BPI/MPA). His offer of "a truce" is particularly amusing as he has neither the power, authority or influence to "call off" any of the lobbyists attacks on technology; the DEAct, ACTA (I wonder if he has even heard of it, even the relevant UK minister hadn't heard of it) or any of the restrictive licensing policies in place.
Anyways, on the subject of what he said... the idea of the "music industry being at war with technology" strikes me as rather amusing - something like a child standing on a beach throwing stones into the sea; they take every splash as a victory, but perhaps now the water is flooding into their wellington boots they call for a truce... the water doesn't care. Similarly, technology isn't really fighting music; and certainly the technology industry isn't - if it did, I think the music industry would lose rather quickly (total music industry is worth about $60bn - very rough estimate - compared with Google's $40bn, MS's $90bn, Apple's $50bn etc.). In the UK, the recorded music industry is under £1bn a year out of the £1tr GDP... it really is quite tiny.
People broke the law and now they're being told they have to pay for their crime?
Not quite. People are accused of breaking the law (in a way that may or may not be a crime - where I am it is merely a civil offence) and are told to pay or face a costly trial. In many cases, merely saying "I've talked to a lawyer" is enough to get them to back off. Unfortunately "innocent until proven guilty" doesn't quite hold that much weight when the cost of proving innocence (or even any sort of defence) is prohibitively large. It makes little difference to the plaintiffs (or claimants, whatever you call them) whether the accused is actually guilty/liable.
Incidentally, this has been going on for years over here (in the UK) and has been referred to as "a scam" and "legal blackmail" by politicians with one of the lawyers involved facing a disciplinary tribunal at the moment.
This guy is my (brand new) MP and so I've been keeping an eye out for him and it strikes me that this is partly him trying to get in the news. He's turned up in a couple of rather silly, but newsworthy debates so far. He's young, keen and probably after a ministerial job at some point - and what better way to get noticed by (and support from) the other conservative backbenchers than by complaining about these "evil, liberal lobby groups sending lots of emails to MPs through the Interwebs... It's also a little hypercritical of him as he was actively encouraging people to send him emails to discuss issues during his election campaign. So, given how important being able to write to an MP is, and the circumstances, I strongly disagree with him removing his email address from "the public HoC Internet".
That said, I think this is mainly 38 Degrees's fault, and I also disagree with what they (and the ORG) have been doing. Writing to one's MP is an important part of the system, however each MP may represent 100,000 people, so if each of them sent an email or letter each time they had a though, this system would break (which is almost what we are seeing here). As such, there is a useful check on this; the effort required to write a letter. Now, it may not seem like much, but when I ended up writing to his predecessor (over the Digital Economy Bill, now Act) it took the best part of a day to write the letter, make sure it was all properly worded, that I had a clear idea of what I wanted to say etc. and find out where to send it. This is a good thing, as it means that the only people contacting their MPs are those that are willing to spend the time and effort to do so. By setting up a mass-template-email system, you remove this check and make it as simple as clicking a button. This is great for us, but terrible for the MP who then has to manually go through all these emails and (unlike a ministerial office, or department) is unlikely to be able to set up a mass-response system - which is what is really needed. [When I wrote to my MP, he had obviously received many template emails/letters on the same issue, so he wrote one response and sent it out to everyone - after the Bill passed.] If anything, the mass-template-emails drown out the real responses, which is a bad thing.
Perhaps a more suitable way for 38 Degrees to act would be if they collect signatures, match them with their MP and send one email per issue (maybe after a week-long campaign) to each MP willing to take part in the system - so that MPs know how popular and important certain issues are, and get the details, but without being overloaded.
Anyways, finally in defence of my MP, it is worth noting that he is still emailable (he's set up a form here) and has explained his reasoning in detail on his blog (which includes his email address, sort of) - where he explains that he isn't against being emailed - he just doesn't want the mass-template emails from any lobby group, whether it is an industry or trade one.
[I wonder how different this story would have been if it was some big corporate website encouraging people to send template emails, rather than a civil liberties one...]