Holding Back the Digital Tide

May 13, 2009

Our digital society has little or no respect for the intellectual property of others.


With 90% of all music downloaded illegally,[1] who can really dispute this? Copyright in music tracks is no longer regarded as an asset that has an intrinsic value. The theft of it is not perceived as the taking of a ‘thing’, which is the property of another person. It is the taking and using of publicly available material that only a mug would pay for.


If this attitude prevails, what hope do we have of preventing illicit (nil cost) transactions of music, video and software files over the Internet? Last year in an effort to find a solution for all the parties concerned BERR[2] commissioned a consultation document seeking a variety of opinions on the options available to address unlawful P2P file- sharing. The resulting responses indicated a ‘marked polarisation of views between the rights holder community, consumer and ISPs.’ There appears no clear way forward.


We are engaged in a contentious IP&Technology practice – actively enforcing IP rights on behalf of our clients. Clients do not come to us for our views on how media files may be transacted over the Internet in five years time. They want to know about the reality of enforcing IPR in 2009. How can their IPR be protected, how long will it take and how much will it cost them?


In this article we first discuss the current copyright framework and the enforcement of IPR in the national courts. As has been widely documented, there are a number of inadequacies with the current regime and the UK Government has recently made a strong push for ISPs to assume greater responsibility through a co-regulated system. The disclosure of Internet user’s identification details by ISPs and the emergence of filtering and packet inspection technology may also play a part in the solution.


Alternatively, it may be that an entirely new business model will be adopted which will permit users to access music and other files, at no charge, from a platform such as youtube.com.[3]. We consider that we are heading towards that, or something similar, so that the next generation of downloaders will be amazed to hear stories about people actually paying to access and listen to music or watch movies that are online.


In light of the ever-changing copyright landscape, what measures can be deployed to try to hold back the digital tide and enforce and protect IPR in a converged world? And should we be putting these barriers up in the first place?


Enforcement of IPR through the National Courts


A former Scottish IP crime prosecutor recently expressed amazement that criminals still deal in drugs and rob banks. Why do they commit crimes which the law enforcement system is focussed on, when the lucrative copyright market provides ample opportunity for exploitation?


Copyright infringement continues to increase. The extent of the problem is in large part due to the fact that copying CDs or DVDs is frequently not viewed as a crime. In an effort to combat this perception enforcement action has taken two distinct routes. First a number of high profile litigations (mainly in the US) have targeted the P2P developers and distributors. The recent prosecution of the founders of Pirate Bay is a good example of this. A second wave of litigation, brought by copyright enforcers on both sides of the Atlantic, focused directly on individual file-sharers.


P2P File-sharing Litigations


The emergence of the Internet and the parallel opportunity to share and distribute information is now part of technology folklore. However, from Day One the Internet created the potential for a variety of legal wrongs including online defamation and copyright infringement. Understandably, due to the huge financial and technological possibilities the Internet offered, national legislators did not wish to bite the hand that could feed them. To get around such difficulties they provided ISPs with a safe harbour system of protection. As many readers will be aware, in the UK the E-Commerce Directive protects ‘mere conduits’ from liability for the copyright infringements of Internet users and similar systems exist elsewhere. This approach was solely reactive and non-interventionist in nature. No positive duty was placed on ISPs to monitor and filter the content made available through their networks.


National government’s non-interventionist approach to the problem altered with the emergence of P2P file-sharing technologies. This was getting difficult to ignore. The Internet is of course a global market or network through which we can exchange music, video and software etc. The introduction of P2P file-sharing techniques posed a novel and potentially debilitating challenge to the large (tax-generating) entertainment industries and resulted in the high profile Napster, Aimster and Grokster litigations. This string of decisions concluded that P2P developers were clearly aware that their systems were being used for infringing purposes and, as a result, they were liable for secondary copyright infringement.


On one view the ‘successful’ actions against the P2P file-sharing services – which have been hard-fought and expensive – achieved little. Mass infringement by consumers continues as Internet users consistently move on to the next big thing. After A & M closed down Napster – there was Aimster – after Aimster there was Grokster and more recently service providers such as Pirate Bay. However, the widespread judicial condemnation of P2P hindered the early developers from obtaining venture capital and further developing, refining and more importantly legitimising their service. The Pirate Bay was beginning to have an aura of legitimacy – if the Swedish prosecutors hadn’t taken steps against it, that aura would have gained in substance.


 In addition to action against those providing file-sharing services, a second front was opened against the customers using these services. Davenport Lyons recent campaign to pursue illegal downloaders has received some criticism as deploying heavy-handed tactics, but it will have been a wake-up call for those at the fringe of this activity. The threat of being sued for up to £1,000 for having downloaded a single film or game is effective for an occasional illegal downloader.

Recent examples have demonstrated that copyright infringement stretches beyond the large entertainment companies and is now impacting upon the wider business community. Last year Michael Walton pleaded guilty to copyright infringement charges after copying software and offering it for sale on eBay. Walton obtained a software programme known as AceCad, which was a 3D modelling programme used in the construction of steel structures. This software ordinarily retailed for around £12,000 but Walton broke the encryption code, made copies and slashed the price, offering copies for sale on eBay for £12.

The general manager of the company affected commented that ‘International popstars might be able to afford people copying their work but we can’t. We’re lucky that we managed to stop this before too many copies had been sold but, if it had carried on, we could have potentially lost a fortune. I’d go as far as to say that it would have meant us laying off staff.’

This example illustrates that copyright infringement is no longer the sole nemesis of the entertainment industry. Nonetheless music remains the hardest hit sector with the annual value of lost sales estimated at £165 million. In the meantime the film, gaming and software industrues are beginning to feel the pinch. Understandably the enforcers cannot just sit back.


The National Courts



There is a limit to what the national courts can achieve. While the Internet is global in nature, courts are parochial. It is a big ask to hope that the regulation of transactions conducted over the Internet can be patrolled by courts limited by geography and jurisdictional boundaries. What law applies and in what court will you seek to enforce it? Where is the IP infringer, where is the ISP? Take the hypothetical example whereby a UK rights holder’s content is being made available in the USA via an ISP based in Israel. Can the right holder raise proceedings in the US or Israel? Will the US courts uphold a finding of copyright infringement or will their wider fair use defence prevent this? Even where a judgment is obtained in one of these jurisdictions there is the practical issue of enforcement.


Such practical difficulties inevitably increase the cost of civil remedies for enforcing IPR. Even if I can raise proceedings in Scotland enforcing UK copyright law, the costs of each enforcement action will inevitably be many thousands of pounds. The ancillary process of recovery of evidence is fairly cumbersome and expensive in itself.


Criminal enforcement is again very limited by national boundaries but can be a cheaper solution. In Scotland it is not possible to bring private prosecutions, therefore we must rely on the Procurator Fiscal Service. There are again practical difficulties, including limited resources and a lack of expertise. In addition, when compared with other types of crime, there is a perception that there are more ‘worthy’ crimes requiring attention.


My impression is that the option of private prosecutions is an attractive one in England – with strong powers for interim seizure and recovery of evidence and for recovery of costs from the State.


But all of these actions rely on the rights holder having the name and address of the IP infringer. In the UK the Data Protection Act 1998 has provided a useful cloak for infringers to hide behind and ISPs will not disclose the source of infringing content unless the individual accused of infringement agrees to the release of the details (highly unlikely) or without a costly and time-consuming court order to that effect. A court order is not a cheap solution, especially where it is only a precursor to the main action. In cases where contact details are provided, if the individual is not located in Scotland (or the UK at large) taking further action becomes increasingly more problematic and expensive.


There is no doubt that there is a place for copyright enforcement action going forward. At the very least robust enforcement action is necessary to reiterate and compound the importance of the copyright system at large. Targeting the large- scale infringers and publicising any action taken often achieves this. Without an enforcement policy, the regime would no longer be credible.


Nonetheless the main threat to copyright is no longer large-scale P2P file-sharers but everyday individuals whose participation in minor infringement quickly mounts up. Our current regime can only deal with infringement where the infringer is readily identifiable and based in Scotland. In light of these loopholes, should the role of enforcement not be re-categorised to that of supporting act rather than main show?


In addition what other options have been contemplated moving forward?


Digital Rights Management



Doesn’t Really Matter?


One of the big problems with DRM is that they only really stop the good guys. Those who are not prepared to circumvent the restrictions are forced to make use of limited access to content. It is estimated that 1M songs a month are traded in illegal file-sharing networks. DRM simply has no impact on organised criminal piracy.


Princeton Professor Edward Felton put it that any ‘moderately skilled person expending moderate effort’ can crack DRM. Once breached the details of the hack can be disseminated online – with ease. Norwegian programmer Jon Johansen announced that he had been able to remove the DRM from iTunes music files. He achieved this as Apple applies their DRM to files after they have been downloaded. When Apple released a patch to close this door – the very same day Johansen issued an update to circumvent Apple’s new patch. The battle goes on!


Dangerously Restrictive Method


Meantime DRM defeats the fair use freedoms enshrined in copyright laws – meaning that the compromise lawmakers reached in awarding copyright protection on the condition that it does not hinder education and other fair uses is defeated. With DRM protection it is now the rights holders who decide how content can be accessed through a variety of access restrictions.


There are other negative consequences. DRM hinders software development as the reverse engineering necessary to create inter-operative hardware and software cannot be achieved without circumventing DRM. Circumvention is of course contrary to the CDPA 1988. DRM can give an unfair monopoly to rights holders in accessory markets. It can also be used to break up markets – preventing new products from entering the market place, as the body of material on it will not be accessible to it. Apple’s DRM in iTunes files and their restrictions for use with iPods are a good example.


We aren’t convinced that the answer lies in DRM protection.


Re-assessment of ISP Responsibility


In our experience, ISPs once alerted to copyright infringement will ensure contentious material is removed. We have issued take down notices to ISPs across the world and in every case have achieved takedown – usually within days if not hours. Of course ISPs toe the line as the safe harbour system has served them well. ISPs do not support the introduction of more onerous monitoring conditions and have an interest in maintaining the status quo.


However the copyright landscape continues to change and the role of ISPs is now being reassessed. In the BERR Consultation document the government disclosed that their preference was for an industry-based solution. A co-regulatory approach consisting of three key elements was suggested. Firstly a Code of Practice covering both ISPs and rights holders would be formulated. The Code of Practice would address education, making attractive content available to consumers and notification of alleged infringers. An independent regulator would oversee this. The second arm was the creation of a body to explore effective mechanisms for dealing with repeat infringers. Finally there would be an obligation on ISPs to take action against the subscribers on their networks participating in P2P file-sharing.


Comments were also invited on four regulatory options. These were (1) requiring ISPs to provide personal data without the need for a court order, (2) requiring ISPs to take direct action against P2P file-sharers, (3) establishing a third party to consider evidence and then to decide what action should be take, and if need be compel ISPs to take direct action against P2P file-sharers and (4) requiring ISPs to install filtering equipment.


The responses to the BERR consultation demonstrated a clear divergence of views between ISPs, rightsholders and individuals. Unsurprisingly, ISPs are opposed to additional duties being placed upon them and claim this jeopardises the development of their business model. In light of the difference of opinion, the government’s Digital Britain report is continuing to explore a variety of solutions including the establishment of a Rights Agency to devise incentives for legal use of copyright material, the option of various collecting societies working together to trace and prevent infringement and again the further use of DRM.


The Government’s own proposal to work with ISPs to find a solution is indicative of an overall trend that ISPs should now step up to the mark and take greater responsibility (if they are to continue to avoid liability) to prevent copyright infringement. This call for greater participation and responsibility by ISPs can broadly be categorised into two camps.


The first is data retention and disclosure. The Internet of course allows anonymity. A proposal has been put forward whereby ISPs would automatically release a subscriber’s personal details upon receipt of a complaint and without the need for a court order. This has resulted in various concerns over privacy but is nonetheless an area that requires serious consideration. Far be it from us to override legitimate privacy concerns but overall the pendulum has swung too far in the other direction and too high a level of anonymity is provided to infringers. Surely there is a middle ground here.


The second area in which ISPs can provide greater assistance, and take a degree of responsibility, is by implementing filtering technology. While 100% effectiveness cannot be guaranteed, technology exists which can identify the type of file, ascertain whether the file is protected by copyright and then check whether the person offering the file has the necessary permission to do so. Adopting this technology could prove a major step forward in the battle against copyright infringement.  ISPs have pointed to the costs of installing such technology. Given the support ISPs received from the safe harbour system, and the major impact on other industries, surely this hurdle can be ironed out. In fact one of the main reasons for introducing the safe harbour provisions under the E-Commerce Directive was that at that time the technology did not exist for ISPs to proactively monitor content. That is no longer the case and the whole ethos on which the safe harbour system was built no longer exists.



Over and above these two categories of proposals there is increasingly a view that ISPs have a duty to initiate infringement actions themselves. To do so would be fraught with difficulties. However, as a minimum, disabling the access of repeat infringers – the so called ‘three strikes and your out’ proposal – merits consideration.


Overall where the development of ISPs own filtering technology (often for other purposes) has now reached the stage when it can be utilised as part of the solution surely they have an obligation to assist. The E -Commerce Directive is based on a 2002 perspective, which no longer applies in 2009.



Mind Control


History has shown us that, wherever there is a market and demand for a product, suppliers will find a way to service that demand. Prohibition did not stop the sale of alcohol when it was wanted. Sending several armies into Afghanistan will not stop a flow of opium coming onto the streets of Britain. The music pirates will always find a way to meet demand.


Attempts to stop that supply from reaching its market are doomed to failure. The more successful the dam across a river – the more water builds up behind it and pressure is increased. To apply this analogy to online music, where we can obstruct or hinder the flow of illicit music sales, the effect is to increase the price of music files that do get onto the market. By closing down certain file-sharing sites we must make the services offered by others more attractive and select. Thereby increasing the value of their business and potentially encouraging new entrants to join a more lucrative market.


The average price of a fake music CD is £2.48, less than a third of the £8.15 average price of its legitimate counterpart. With margins like this available, is it any wonder the black-market is booming when High Street retailers like Woolworths and Zavvi are failing.


Part of the solution may be for rights holders to influence society’s attitude to the value and integrity of IPR in digital content. A good example is drink driving. In the 1970s whilst not exactly looked on favourably it was not seen as the social taboo which it is now. Many more people die from speeding than drink driving, but the effect of that campaign in changing public perception of this activity has been remarkable.


Theft of intellectual property is not viewed in the same way. So what if Sony or Paul McCartney doesn’t receive their share of the £10 for the CD? They don’t need it. At present there is a prevailing attitude that industry fat cats just want to line their pockets and the full impact on artists’ creativity is not appreciated.


Future Tidings


Copyright law attempts to provide a legal framework for negotiation. It’s more like a tide time-table, than a Thames Barrier. It lets you know what you can do, and what you can’t do, to make an honest penny; and if someone is dishonest, it provides a framework within which disputes can be resolved.


However, in this era of convergence, it does seem that legal solutions alone are not going to turn back the tide. The answer is obviously complicated as no one has yet devised a complete solution. The solution may lie in a hybrid of technological measures and market led products and services (in short offering an attractive service for a fair price) backed up by enforcement measures. Up to a point the legal arm may be as much about legitimising the ongoing copyright system per se as it is about stopping illegal P2P file-sharing.


In the meantime we may find that ISPs are forced to take responsibility and that technology and greater access to infringer’s data is the key.


Colin Hulme is a Partner and Jennifer Whitehead is a Senior Solicitor at Burness LLP. Colin is also a Board member of the Scottish Society for Computers and Law.  Both specialise in IP and technology matters.

[1] www.bpi.co.uk

[2] The Department for Business Enterprise and Regulatory Reform

[3] http://www.youtube.com/