OpenLife

On 5 September 2008 the Eastern division of the Danish High Court (Østre Landsret) issued a decision in an appellate case dealing with liability for illegal file sharing over a wireless access point.

The decision does not break any new ground in the sense that it follows an established procedural rules under Danish law regarding allocation of burden of proof in compensation claims. However, the decision is noteworthy as it states - what really ought to be self-evident - that in a legal environment that increasingly has been under pressure to accommodate the interests of holders of intellectual property rights as opposed to those of ordinary internet users:

copyright holders will have to prove like any other claimants in compensation claim suits that you actually committed a copyright violation and thus cannot - as was asserted by the copyright holders under the case - demand that the burden of proof is reversed to you so that it is you that have to prove that you did not commit the violation.

Here are the facts from the two similar cases that resulted in similar decisions from the Danish Appellate Court. The two defendants were both subscribers to Internet connections provided by a large Danish ISP. The defendants had not secured the routers with passwords or the like. People could therefore without permission access both the defendants’ computers and via these the Internet via the open WIFI access points.

In both cases the court considered it established through the evidence presented by the plaintiffs that via the two defendants’ internet connections unauthorised illegal copies of music files had in fact been made available for users of certain specific file sharing services. Even though that this is not clear from the court’s decision, the situation seemed to be that someone – according to the defendants, not themselves – had downloaded a file sharing client via the unsecured WIFI access point and installed it on the PC’s of the defendants and thereby made the illegal files found on the file sharing service available through the defendants’ WIFI access points with the PC’s serving as file sharing nodes.

The case was brought before the court by a number of Danish music rightsholders and their associations that claimed compensation for their alleged economic losses due to unauthorised making available of the music that had taken place via the defendants’ network connections.

The plaintiffs asserted that it was the defendants who were liable for the illegal file sharing that had taken place via the defendants’ internet connections, even though it was not established that the violations had in fact been committed by the defendants. The assertion was that the defendants consequently had to prove that they had not themselves undertaken the file sharing, if they were to avoid being liable for it. In other words, it was the plaintiff’s position that in this case a reverse burden of proof was to be applied when it was established – such as it was the case – that the internet connection had in fact been used for a copyright violation.

The Appellate Court found – as did the Court of First Instance – that a rule constituting a reversed burden of proof did not apply in the two cases. As in both cases it was indeed possible that many more users than the defendants had been using the defendants’ network connections and as the plaintiff had not shown that the defendants and nobody else had undertaken the observed file sharing, the court decided to acquit the two defendants.

The decision makes it clear that under Danish rules on copyright and civil procedure it is not sufficient for the plaintiff to establish that a specific copyright violation has taken place via an IP-address in order to make the owner of that IP-address liable for the violation. It is also necessary to establish that it is in fact the defendant who has committed the violation. In reality this is merely an application of the normal principle of the allocation of the burden of proof according to Danish law between plaintiff as the claimant and the defendant.

The decision makes clear that in the future, rightsowners who have suffered a violation will have difficulties in many cases making Internet users liable for file sharing activities as the IP-address used for the file sharing often will have many actual or potential users. These can be users of an internet connection within a household or unauthorised users who have locked-in or hacked their way into a wireless or wired network.

Another venue for the rightsholders - which was not to my knowledge pursued during the two cases - would be to claim that the defendants are liable due to what under American law would probably qualify as contributory negligence. The negligence on the part of the defendants would consist in not securing their WIFI access points. Whether such argument woyuld hold remains to be seen.

In a press release (Google translation from Danish into English) the plaintiffs have made clear that they will apply for a permission to have the case tried before the Danish Supreme Court.

Furthermore as spokepersons of the plaintiffs have mentioned in the press (Google translation from Danish into English) that if the decision is not granted review before the Supreme Court or if a decision in the Supreme Court confirms the Appellate Court’s decision, the different Danish rightowners’ associations that were part of the plaintiff’s consortium will probably ask the Parliament for a change of law.

That a plaintiff will have to prove that the defendant acted in a way that made that person liable – and not the other way around – is a fundamental procedural principle according to Danish law – and I guess also in most other legal systems. It is hard to see why narrow interests of rightsholders should justify any deviation from that principle.

The interests of the society as a whole in making it easier for rightsowners to pursue their claims in cases of file sharing seem negligible compared to society’s interests in maintaining firm and fair procedural rules concerning burden of proof.

Technorati Tags:
copyright, reversedburdenofproof, ifpi

I was quoted on 2 September 2008 in the Danish tabloid ”Ekstra Bladet” in an article regarding the service www.mygazines.com through which it is possible to read articles from some of the world’s popular magazines, e g Esquire, Sports Illustrated and Newsweek.

The quotes read roughly translated from Danish

“It is unconditionally illegal to copy from a magazine and to upload it to a homepage (www.mygazine.com). But it is subject to discussion whether it is also illegal to download it. As a point of departure my opinion is that it is illegal to read (illelgay uploaded) magazines on the internet.”

and

“I will also add that the risk for individuals to be caught in the act of reading the magazines on the internet is discussable. I doubt that this can be traced. As a user, you probably to a large degree have to worry yourself with the moral aspects of breaking copyright law.”

The quotes above do not – as it is usually the case – reflect any more in-depth legal analysis of the problem from my side. The questions that I were asked during the interview for the newspaper were basically whether uploading and/or using the Mygazine service was illegal from the perspective of an ordinary Danish user.

It is beyond doubt that first it is a violation of Danish copyright law, if a Danish individual makes a copy of copyright protected materials such as the magazines mentioned above without the permission of the copyright holder. Furthermore it is a violation, if the person uploads the illegal copy to Mygazines.com.

In fact we are talking about two violations. First an illegal digitised copy from the magazine acquired in an analogue format. This is the case regardless of whether the copy is for the individual’s own use or for distribution to others. Second the illegal digital copying that takes places when uploading to Mygazines.com.

Downloading a copy from Mygazines.com of a magazine that is illegally copied and uploaded to the website also constitutes a violation of Danish copyright law. In my opinion there is no question that a Danish individual who downloads such a copy is acting in bad faith with respect to whether the copy is illegally copied and uploaded in the first place. The individual will be deemed as having knowledge about the illegal activity of the uploader in say Italy, US or Sweden.

The interesting question is however whether just reading a copy at Mygazines.com of an illegally uploaded copy of a magazine constitutes a violation of Danish copyright law. If the technique or the application by which the visitors to the website read the magazine is considered as the equivalent of accessing audio or video material by streaming material, reading the magazine will probably not be considered illegal under Danish copyright law.

Or as Kasper Heine, my colleague at Bender von Haller Dragsted, did put it when I asked on his take on the question:

“As long as reading the articles from Mygazine.com on your computer through your browser does not mean that you are making a copy of the article, it is difficult to see how you should be violating the right owners copyright under Danish law.”

Technorati Tags:
mygazine

The BSA - which also runs its inquisition in Denmark - has a scarry way with economics. The Business Software Alliance claimed 16 July 2008 that software piracy in the US is costing the industry $11.4bn and local government $1.7bn in lost taxes. Read the tear-driving statement here. Mike Masnick of Techdirt gives A Detailed Explanation Of How The BSA Misleads With Piracy Stats.

Technorati Tags:
bsa, techdirt

In the neverending, but still relevant discussion, about the asp loophole in the GPL, the most recent example from the loophole-will-kill-open-source camp is the pervasive use of open source software in cloud computing.

The company the modifies open source software released under the GPL ii not considered to be distributing (GPL v. 2) or conveying (GPL v. 3) when it run the modified software as part of collaborative cloud computing. Therefore, the company does not have to contribute the modified software back to the community pursuant to the copyleft clause of the GPL.

My personal take on the challenge of securing that open source software covered by the GPL continues to flourish despite the asp loophole is pragmatic as the view expressed by Gordon Haff expresses in Do we need to protect open source from the cloud?.

So far, open source seems to have survived the asp and the web-service challenge without any change to the GPL with respect to the asp loophole. And more fundamentally, the market for oss licenses should take adequately care of any inefficiencies here. If open source needs to close the loophole to continue to succeed then surely devlopers and project owner will abandon the GPL for licenses such as the Affero General Public License.

Technorati Tags:
agpl, asploophole, cloudcomputing

Last week I attended the OSBC 2008. Again, this year the conference was worth travelling all the way from Copenhagen to San Francisco to be part of. Excellent speakers and a very well balanced programme.

In one of the more entertaining sesions, Microsoft top-lawyer Brad Smith took the podium and addressed a crowd of about 400 people that - to put it mildly - were not all that Microsoft friendly. Brad Smith did a good job and his appearance at OSBC shows clearly that Microsoft has realized that open source is here to stay.

Despite all the positive rethorics from Brad Smith and other good people, it still seems to me that Microsoft is not at all into open source yet let alone openness. In my opinion, Microsoft still does what every monopolist would do as a rational self interested economic actor. It will try fervently to maintain its monopoly rents as long as possible. No sweet talking from Microsoft should let anyone to believe it to be otherwise.

This applies in particular to governments. Do not believe the monopolist’s talk about changing its ways to become more open. First, believe this talk when you should solid proof by actions!

Technorati Tags:
bradsmith, osbc2008, microsoft

I fully endorse the petition by among others the Electronic Frontier Foundation (EFF) and the Open Rights Group (ORG) to oppose the EU Commissioner Charlie McCreevy’s intention to extend the copyright term in sound recordings from 50 to 95 years retroactively.

Such extension makes absolutely no sense from an economic or democratic point of view. A lot of independant politicians and scientists agree on this. Read all the arguments here.
Here’s the petition:

Sign it here: http://www.soundcopyright.eu/petition

Technorati Tags:
soundcopyright

Læs her mit seneste indlæg “…og nu er der ikke adgang længere!” på CWs IT-advokat blog. Tak til min kollega Nis Peter Dall for hjælpen.

Technorati Tags:
it-advokaten

Her er en lille artikel om IT compliance for dem, der er perverse nok til at finde interesse heri

Technorati Tags:
it-compliance

I am quoted in an article by Federico Biancuzzi in SecurityFocus on disclosure of security breaches:

Full disclosure has a long tradition in the security community worldwide, yet different European countries have different views on the legality of vulnerability research. SecurityFocus contributor Federico Biancuzzi investigates the subject of full disclosure and the law by interviewing lawyers from twelve EU countries: Belgium, Denmark, Finland, France, Germany,Greece, Hungary, Ireland, Italy, Poland, Romania, and the UK.

Read the article at http://www.securityfocus.com/columnists/466/1

Technorati Tags:
fulldisclosure, FedericoBiancuzzi, SecurityFocus

From the EFF on Cyberlaw and cyberlawgs:

Eric Menhart may call himself a cyberlawyer, but we think he has a lot of learn about cyberlaw — and common sense. Menhart is the author of a blog about cyberlaw issues called, logically if not innovatively, “Cyberlawg.” (As he says in the top right corner, “Cyberlawg = Cyberlaw + blog.”) And he is “principal attorney” in a firm called “CyberLaw P.C.” OK, OK, we get it, he practices technology law. Based on this, he’s applied for a trademark on the use of the term “cyberlaw” in connection with the practice of, um, cyberlaw. That’s like a soda company claiming a trademark in the use of the word soda in connection with the sale of soda. Or an apple farmer claiming a trademark in the use of the term apple in connection with the sale of apples. Or … well, you get the picture.

Maybe, I should try to trademark here in Denmark “Internetadvokaten” or “IT-advokaten”

Technorati Tags:
cyberlawg, ericmenhart