So while we continue merrily to sail ahead imposing unmanageable legal liability on those who dare offer free public wi fi, in America par contraire the FCC are thinking of rolling it out nationwide as part of their national broadband plan - says the Huffington Post.
Guess the US doesn't have any of those pesky downloaders, huh??
As part of public record, though I'm hardly the first to do so meanwhile, let me also point you at the Open Letter to the Liberal Democrats in the FT today, from many Great and Good, including various ISPs and telcos, Google, Facebook, ORG, leading academics and of course, Stephen Fry :-) Let us hope that the Liberal Democrats, who I know, are taking criticism of their amendment very seriously, will make appropriate further amendments as soon as possible.
(As for "Internet up for Nobel peace Prize" - um, is it April already? my how time flies! or is this a subtle Italian attempt to currypublic favour after the Google fiasco?! Mamma mia!)
Showing posts with label wi fi. Show all posts
Showing posts with label wi fi. Show all posts
Wednesday, March 10, 2010
Tuesday, December 01, 2009
The Death of Public Wi fi: Grauniad
I decided to write up a user friendly version of the wi fi story for the Grauniad, as you can see here. Many thanks to Francis Davey, inter alia counsel for Theyworkforyou.com, who pointed out the difficulties of the word "agreement" in terms of defining a subscriber and an ISP in the Digital Economy Bill.
Saturday, November 28, 2009
ZDNet, Wi Fi and the Digital Economy Bill
ZDNet is reporting , rather relevantly to Current Times, that a pub owner running an open wi fi hotspot has been "fined £8,000" for infringing downloads by its customers. The information was provided by the Cloud, who provided the hot spot capability (and who also, incidentally, do the same for McDonalds, my example for wi fi liability of a few days back on this blog.)
"Graham Cove told ZDNet UK on Friday he believes the case to be the first of its kind in the UK. However, he would not identify the pub concerned, because its owner — a pubco that is a client of The Cloud's — had not yet given their permission for the case to be publicised."
ZDNet asked me to comment on the story which I was happy to do, but unfortunately one major error has crept through the phone call process. EDIT - corrected! Thank you! Story also now specifies it was a civil case.
So what about the pub story? It sounds very odd. Basically, we need more details here. First it doesn't sound on first glance like a case where criminal copyright would be applicable. So that probably isn't a "fine", but damages . Even more likely is that the case settled rather than going to final judgment (in which case, wouldn't it be a novel enough decision to have an opinion, and be up on BAILII? I can't see it there). In that case the £8000 is just an estimate of damages both parties were willing to settle for, and, it should be stressed, not a legal precedent.
As for the crucial responsibility angle, one wonders if the issue was mainly one of proof. After all, if a publican was alleged to be regularly downloading without permission, and the defense was that wi fi users were using his IP address ("it wasnae me" as we say in Glasgow), and the wi fi was open, then there was no attributed log of downloads, and thus no proof of this beyond that mere assertion. In strict law, even in a civil case where the standard of proof was the balance of probabilities, the onus of proof should be on the plaintiffs ie the rightsholders. But in a settlement situation, I can conceivably see that the publican might decide to give up and settle without hard proof to back up his case, and cut his losses and the chance of losing the case and paying both side's costs.
The important point is if that if this is a settlement, that doesn't at alll translate into a theory of secondary liability for downloaders suing your open network, still less a legal precedent. If anyone has further details, I'd love to hear them.
I may as well now go on and quote the rest of myself :) (a bit odd I know)
"However, she said the measures that would be brought in under the Digital Economy Bill — measures that could include disconnection of the account holder — would not apply because the business could be classified as a public communications service provider, which would make it exempt. According to the terms of the bill, only "subscribers" can be targeted with sanctions**.
[** note for legally minded Pangloss readers: this is because the DigiEc Bill cl 16defines "subscribers" as excluding "communications providers", which can be traced back via the Communications Act 2003 to include providers of electronic communications services or networks. The pub hotspot would fall into that class, probably :-) ]
According to legal advice sent to The Cloud by the law firm Faegre & Benson on 17 August, "Wi-Fi hotspots in public and enterprise environments providing access to the internet to members of the public, free or paid, are public communications services".
A public communications service provider must, under the terms of the Data Retention Regulations that came into force in the UK in April of this year, retain records for 12 months on communications that have taken place over their network. This data includes user IDs, the times and dates of access, and the online destinations that were being accessed. The content of the communications cannot be retained without the user's permission, due to data-protection laws.
However, there is a get-out clause in the Data Retention Regulations, in that no public communications service provider has to keep such records unless they are notified by the government that they are required to do so.
According to Edwards, this is because "only the big six ISPs have the facilities to comply, and because the government agreed [in its legislation] to repay some of the costs [of retaining [[and accessing - Pangloss adds]] such records]". She noted that this clause might itself be non-compliant with the EU data-retention laws that were transposed into UK law in April.
Edwards pointed out that, even if the sanctions proposed in the Digital Economy Bill come into force, "no-one will know who [the downloader] was, because the IP address that will show up [upon investigation] will be of the hotspot". She added that the rights holder seeking infringers of their copyright would probably not know that the IP address in question was not that of a subscriber.
It would then be up to the hotspot operator to point out that they were not the end user downloading copyrighted material. "But when would they get to say that? Maybe straightaway, maybe not until after disconnection — it's not currently clear," Edwards said."
"Graham Cove told ZDNet UK on Friday he believes the case to be the first of its kind in the UK. However, he would not identify the pub concerned, because its owner — a pubco that is a client of The Cloud's — had not yet given their permission for the case to be publicised."
ZDNet asked me to comment on the story which I was happy to do, but unfortunately one major error has crept through the phone call process. EDIT - corrected! Thank you! Story also now specifies it was a civil case.
So what about the pub story? It sounds very odd. Basically, we need more details here. First it doesn't sound on first glance like a case where criminal copyright would be applicable. So that probably isn't a "fine", but damages . Even more likely is that the case settled rather than going to final judgment (in which case, wouldn't it be a novel enough decision to have an opinion, and be up on BAILII? I can't see it there). In that case the £8000 is just an estimate of damages both parties were willing to settle for, and, it should be stressed, not a legal precedent.
As for the crucial responsibility angle, one wonders if the issue was mainly one of proof. After all, if a publican was alleged to be regularly downloading without permission, and the defense was that wi fi users were using his IP address ("it wasnae me" as we say in Glasgow), and the wi fi was open, then there was no attributed log of downloads, and thus no proof of this beyond that mere assertion. In strict law, even in a civil case where the standard of proof was the balance of probabilities, the onus of proof should be on the plaintiffs ie the rightsholders. But in a settlement situation, I can conceivably see that the publican might decide to give up and settle without hard proof to back up his case, and cut his losses and the chance of losing the case and paying both side's costs.
The important point is if that if this is a settlement, that doesn't at alll translate into a theory of secondary liability for downloaders suing your open network, still less a legal precedent. If anyone has further details, I'd love to hear them.
I may as well now go on and quote the rest of myself :) (a bit odd I know)
"However, she said the measures that would be brought in under the Digital Economy Bill — measures that could include disconnection of the account holder — would not apply because the business could be classified as a public communications service provider, which would make it exempt. According to the terms of the bill, only "subscribers" can be targeted with sanctions**.
[** note for legally minded Pangloss readers: this is because the DigiEc Bill cl 16defines "subscribers" as excluding "communications providers", which can be traced back via the Communications Act 2003 to include providers of electronic communications services or networks. The pub hotspot would fall into that class, probably :-) ]
According to legal advice sent to The Cloud by the law firm Faegre & Benson on 17 August, "Wi-Fi hotspots in public and enterprise environments providing access to the internet to members of the public, free or paid, are public communications services".
A public communications service provider must, under the terms of the Data Retention Regulations that came into force in the UK in April of this year, retain records for 12 months on communications that have taken place over their network. This data includes user IDs, the times and dates of access, and the online destinations that were being accessed. The content of the communications cannot be retained without the user's permission, due to data-protection laws.
However, there is a get-out clause in the Data Retention Regulations, in that no public communications service provider has to keep such records unless they are notified by the government that they are required to do so.
According to Edwards, this is because "only the big six ISPs have the facilities to comply, and because the government agreed [in its legislation] to repay some of the costs [of retaining [[and accessing - Pangloss adds]] such records]". She noted that this clause might itself be non-compliant with the EU data-retention laws that were transposed into UK law in April.
Edwards pointed out that, even if the sanctions proposed in the Digital Economy Bill come into force, "no-one will know who [the downloader] was, because the IP address that will show up [upon investigation] will be of the hotspot". She added that the rights holder seeking infringers of their copyright would probably not know that the IP address in question was not that of a subscriber.
It would then be up to the hotspot operator to point out that they were not the end user downloading copyrighted material. "But when would they get to say that? Maybe straightaway, maybe not until after disconnection — it's not currently clear," Edwards said."
Tuesday, March 25, 2008
3 Strikes And You're Out talk from LSE conference
Ray Corrigan, one of the finest IT law bloggers on the block, has, incredibly helpfully, while I frolicked for the long Easter weekend, written up an account of my talk on the dubious legality of the posited "3 strikes and you're out" legislation which, if passed, would mandate disconnection of repeat filesharers in the UK from the Internet.
See http://b2fxxx.blogspot.com/2008/03/3-strikes-copyright.html (thanks Ray.)
There is also a third ground of possible illegality of any proposed "notice and disconnection" regime, , other than its transgression of due process and lack of propartionality with respect to human rights. I did not have time to get to this at the conference so Ray has not mentioned it - namely that in order to prevent an "it wasnae me" defense (as we say in Glasgow), legislation might also require the mandating of secured wi-fi for every user who maintains a wireless router. Without such a rule, every uploader could theoreticaly claim it was not them but a wi-fi piggy-backer who committed the "offence".
Currently, users are usually advised to make their wi-fi network secure, and most ISP T & Cs theoretically demand it, but many prominent security experts, notably including Bruce Schneier, deliberately keep their networks open (while maintaining high quality virus checking ware and firewalls for the security of their own data). they do son mainly on the grounds that the mobile Internet ought to be a public resource for those in transit or in public areas, like toilets or water fountains. Breach of a term imposing secure wi-fi only by an ISP may currently be a breach of contract which might conceivably lead the particular ISP in question to , legitimately, disconnect the user; but it would not, as "3 strikes" would, mean that user is then sent to Internet Coventry by every ISP in the country.
Cutting off the choice of providing public wi-fi to the user on pain of banishment from the Internet, raises obvious issues itself of infringement of freedom of expression and association. Avaiability of unsecured wi-fi in public areas, say, in parks or on streets or at emergencies, is also arguably , as Schneier and co believe, a public good. Given that, it should be asked whether a proper balance is being maintained if we legislate to ban an asset of general public interest, in order to protect the legitimate property interests of one narrow commercial sector. It also raises the question of whether a wi-fi operator might be a "mere conduit" under the E-Commerce Directive, Art 12, and if so whether, in effect, strict liability for other people's misdeeds can be imposed on such operators without infringing EC law.
This point is dealt with in my powerpoint which I believe will be soon up on the relevant website along with other slides from the day. Will add URL shortly.
I think the best point raised during the day which I had not really considered at all before, was how long a general ban or disconnection after notice would last. (I think this came from Michelle Childs, but I am not totally sure.) Does a foolish upload or two by a teenager in your house mean that dad and/or mum is banned from the Internet forever? Even when we talk of true criminal sanctions (and copyright is at root a civil matter), jail terms (bar "life means life" for murder) have to be of defined length. Do we want a world where ISPs are ordered by the content industry to patrol indefinite lifetime bans from the Internet? Would legislation include provisions for appeals after a certain time and has anyone thought through the due process ramifications? The more you think about it, the more damningly flawed the whole idea is.
In France, at least, the whole process is going to be under the supervision of an independent tribunal given directions by a judge. If we do end up going down this route in legislation, the French system should be the minimum starting point for transparency and due process. I hope instead however that the UK government and BERR will, after due consideration, decide this approach, with all its capacity for disproportionate human right infringement and errors in proof and process, is not a suitable way to police filesharing, when so many other routes exist.
See http://b2fxxx.blogspot.com/2008/03/3-strikes-copyright.html (thanks Ray.)
There is also a third ground of possible illegality of any proposed "notice and disconnection" regime, , other than its transgression of due process and lack of propartionality with respect to human rights. I did not have time to get to this at the conference so Ray has not mentioned it - namely that in order to prevent an "it wasnae me" defense (as we say in Glasgow), legislation might also require the mandating of secured wi-fi for every user who maintains a wireless router. Without such a rule, every uploader could theoreticaly claim it was not them but a wi-fi piggy-backer who committed the "offence".
Currently, users are usually advised to make their wi-fi network secure, and most ISP T & Cs theoretically demand it, but many prominent security experts, notably including Bruce Schneier, deliberately keep their networks open (while maintaining high quality virus checking ware and firewalls for the security of their own data). they do son mainly on the grounds that the mobile Internet ought to be a public resource for those in transit or in public areas, like toilets or water fountains. Breach of a term imposing secure wi-fi only by an ISP may currently be a breach of contract which might conceivably lead the particular ISP in question to , legitimately, disconnect the user; but it would not, as "3 strikes" would, mean that user is then sent to Internet Coventry by every ISP in the country.
Cutting off the choice of providing public wi-fi to the user on pain of banishment from the Internet, raises obvious issues itself of infringement of freedom of expression and association. Avaiability of unsecured wi-fi in public areas, say, in parks or on streets or at emergencies, is also arguably , as Schneier and co believe, a public good. Given that, it should be asked whether a proper balance is being maintained if we legislate to ban an asset of general public interest, in order to protect the legitimate property interests of one narrow commercial sector. It also raises the question of whether a wi-fi operator might be a "mere conduit" under the E-Commerce Directive, Art 12, and if so whether, in effect, strict liability for other people's misdeeds can be imposed on such operators without infringing EC law.
This point is dealt with in my powerpoint which I believe will be soon up on the relevant website along with other slides from the day. Will add URL shortly.
I think the best point raised during the day which I had not really considered at all before, was how long a general ban or disconnection after notice would last. (I think this came from Michelle Childs, but I am not totally sure.) Does a foolish upload or two by a teenager in your house mean that dad and/or mum is banned from the Internet forever? Even when we talk of true criminal sanctions (and copyright is at root a civil matter), jail terms (bar "life means life" for murder) have to be of defined length. Do we want a world where ISPs are ordered by the content industry to patrol indefinite lifetime bans from the Internet? Would legislation include provisions for appeals after a certain time and has anyone thought through the due process ramifications? The more you think about it, the more damningly flawed the whole idea is.
In France, at least, the whole process is going to be under the supervision of an independent tribunal given directions by a judge. If we do end up going down this route in legislation, the French system should be the minimum starting point for transparency and due process. I hope instead however that the UK government and BERR will, after due consideration, decide this approach, with all its capacity for disproportionate human right infringement and errors in proof and process, is not a suitable way to police filesharing, when so many other routes exist.
Subscribe to:
Posts (Atom)