In a 5 January 2007 ruling a Dutch district court held that an ISP had to provide personal data of a subscriber, who maintained a bittorrent tracker site, to the anti-piracy organization BREIN. In Brein v. KPN Telecom, the district court of The Hague held in summary proceedings that the tracker admin was liable for its actions under tort, but did not infringe copyrights directly. (This would be similar to the U.S. vicarious liability or contributory infringement actions.) In addition, the court held that the ISP was required, on equitable grounds, to provide name and residence information of its subscriber to BREIN, and terminate the connection of the subscriber if the same site would again come online.

This case confirms and develops Supreme Court case law that an ISP might be held to provide to copyright holders personal data of a customer under a theory of tort. (Pessers v. Lycos, in Dutch.)

Interestingly, the lower court here dismissed the claim that the mere provision of a bittorrent tracker site (and the tracker files) constitutes distribution or the making available of copyrighted works, and therefore a direct copyright infringement.

This case is the most recent installment in the ongoing scuffle between ISPs (and indirectly some of their subscribers that are likely infringing copyrights) and copyright holders and collecting societies.

An Adamant Maintainer of A Tracker Site

A broadband customer of KPN, the Dutch incumbent, decided to run a bittorrent tracker site from home, over the ADSL connection provided by KPN. The tracker dutchtorrent.org charged a fee for access to the site. So, although presumably no directly infringing material was hosted on the server, the tracker did allow for massive infringement by the users of the site. BREIN did apparently send a cease and desist letter to the admin, which the admin chose to ignore. The website did go off-line, but the admin did not provide BREIN with a written confirmation that it would not go online again, a customary request in connection with a cease and desist letter. In fact, the admin did post some belligerent statements (on the site or elsewhere on the Internet, that is not clear from the ruling), indicating the intention to go online again in the future.

BREIN was not able to determine the name and address of the website admin via public sources and consequently, BREIN was not able to hold the admin liable, in court or otherwise. Since KPN did not provide the information on request either, BREIN decided to sue KPN in order to obtain information on the identity of the bittorrent tracker site admin.

To get the court to require KPN to provide the information, BREIN would have to show that its interest in being able to hold the admin liable outweighed the interests of KPN and the subscriber.

From the ruling, it appears that the court groked well how bittorent, and a bittorrent site, works: no actual distribution of files takes place via the site, but the tracker files allow visitors of the site to download and upload files (most often, copyrighted works) .

Consequently, the court did not go along with the claimants argument that the making available of the tracker files constituted the distribution or making available of copyrighted works.

The court did however hold that, on the basis of the “mere nature of the files,” the admin of the site must have been aware that its site facilitated in a structured manner, infringement of copyrights and neighboring rights. It is not entirely clear from the published judgment, but I would assume that this is on the basis of the file names of the tracker files, which included “Over the Hedge” and “The Devil Wears Prada, ” and not on the basis of the mere bittorrent protocol.

This, and the fact that the admin charged a fee for access to the site, amounted for the court to a breach of the admin’s duty of care toward the copyright holders. The court did not go along with the claim of the ISP that BREIN, the claimant, did not provide a specified or itemized list of torrents relating to protected works when sending a cease and desist letter to the admin.

A Hesitant ISP

In November 2005, the Dutch Supreme Court had held in Pessers v. Lycos that an ISP could be held to provide subscriber data under certain circumstances. This separately from any safe-harbor provisions under the eCommerce Directive, which provide the ISP protection from liability for acts of infringements by its users.

In its defense, KPN tried to widen the requirements of Pessers v. Lycos, to include that the claimant did not obtain initial information illegally, a likelihood that the subscriber acted tortuously, and that the subscriber data is likely to lead to the actual person who acted tortuously.

The court did not go along with this and required, on the basis of the previously established rule in Pessers v. Lycos, that KPN had to provide BREIN with the subscriber data.

Most importantly, the court held that BREIN was not required to exhaust alternative means of trying to obtain the name and address of the admin, before it could turn to the ISP.

BREIN had also asked that KPN terminate the subscription of the bittorrent site admin, insofar the admin would maintain the same or similar tracker sites. The court also honored this request, going beyond the safe-harbor provisions of the eCommerce Directive, but not entirely. (This is possible, as the Directive is not exhaustive and allows for additional procedures or measures in the Member States.)

Recognizing the difficulty for KPN if it had to judge whether or not subscriber conduct was tortuous or not, the court held that KPN had to terminate the access of the subscriber upon request from BREIN, but only if the same dutchtorrent.org (or a completely similar) website would go online, under threat of a EUR 1,000 a day fine.

And this is I think the most important aspect, having to judge the illegality of customer behavior requires resources from an ISP, and potentially exposes the ISP to liability towards subscribers for removing content or terminating access, liability that might not be entirely written away in the applicable terms and conditions.

And a Determined Anti-Piracy Organization

To my knowledge, this is the second time that BREIN wins a case against an ISP, asking the ISP to provided subscriber data. (The first time was against the ISP UPC/Chello in the summer of 2006.)

According to BREIN (“the joint anti-piracy program of authors, artists and producers of music, film and interactive software”) they shut down some 115 sites in 2006, totaling 1.5 million users. (Source, in Dutch.) I am not sure what the total number of larger tracker sites was, but that is an impressive number.

A Summer Make?

As this case again shows, the EU safe-harbor rules harmonize liability for, amongst others, copyright infringements, only up to a point. National judges can, under their national civil law, go above and beyond that, and they are getting the cases that allow them to do so. It does not make ISP’s liable for now, but they clearly do have an additional burden to provide subscriber data under certain circumstances. The Netherlands is becoming an interesting jurisdiction to seek standing.

‡‡ [This is a post from Technology Law Culture: http://tlc.oosterbaan.net//. Olivier Oosterbaan, IT and media lawyer in Rotterdam, the Netherlands, maintains this blog.]

(Picture by: me, of a torrent in the North Cascades mountain range. Some rights reserved: BY-NC-ND 2.5 CC license.)

Speakers at IFCLA on Public Procurement, Hybrid Open Source, FRAND Licensing and Web 2.0 Licensing

This is the continuation of my previous post on the bi-annual IFCLA (International Federation of Computer Law Association) 2006 conference in Amsterdam. This posts relates Friday’s sessions on Public Procurement from Pekka Takki of Fennica in Helsinki and Steven De Schrijver of Van Bael & Bellis in Brussels; on Hybrid Open Source from Ian Kyer of Fasken Martineau DuMoulin in Toronto; on FRAND Licensing from Maurits Dolmans of Cleary Gottlieb in Brussels and on Web 2.0 Licensing from Prof. Michael D. Scott of Southwestern Law School in Los Angeles. Again, there where many more excellent speakers in addition to those mentioned here, and I refer you to the conference website for the full program.

Day Two, Friday Morning: Pekka Takki and Steven De Schrijver on Public Procurement

As the participants trickled in on Friday morning, Pekka Takki of the Finnish law firm Fennica introduced the speakers of the first panel of the day, on public procurement in IT, and on the use of IT in public procurement. Steven De Schrijver of Van Bael & Bellis in Brussels provided a quick run down of the new EU Directives on public procurement (Directive 2004/17/EC and Directive 2004/18/EC) before turning his attention on what he expects from one of the major new features: the competitive dialogue. (See for a good overview of all new features of the Directives this overview from the Commission’s Euro Information Center in Ireland.)

In short, the competitive dialogue allows tendering parties to use the technical (and contracting?) know-how of the submitting parties, by soliciting their input before the final tender is made. To quote the Center mentioned above:

The competitive dialogue can be used in complex contracts where technical solutions are difficult to define or where development of the best solution is wanted. To obtain the know-how and technical solutions of enterprises, they can now be involved at an early stage before the drawing up of the final tender document.

In my opinion, the question remains whether the more advanced vendor is able to prime the tendering party for its solution. (This would then not be a large improvement from today’s situation, where I understand that RfPs, or Requests for Proposal, are occasionally written not on the basis of a problem or need of the tendering party, but with a very specific solution in mind, because is is the known entity.)

Day Two, Friday Morning: Ian Kyer on Hybrid Open Source

Ian Kyer of Fasken Martineau in Toronto, replacing his colleague John P. Beardwood, talked next about hybrid open source. Like it says, hybrid software refers to software that uses some proprietary code and some open source code.

Ian’s talk included two take-away points. One, be sure to aggregate components, and not combine them. This should allow you to demonstrate later on what exactly is and is not covered by a particular license. The main reason for this is that not being able to quickly show what is the level of ownership and control over pieces of your software might negatively affect a potential deal, in time, value or even likelihood of happening. (Granted, this would be a little different for 100% open source companies, but even there control over your source may be key to your value.) Saying that “you don’t use open source” is probably not true in most cases, and if it is, you want to be able to prove it.

Potentially hesitant buyers are also the main reason for Ian’s second point: when developing an hybrid source product, you should be careful about using code that is covered by “viral” (or copyleft) GPL-type licenses, and look at available alternatives. On the last topic, the viral trait of the GPL license and other licenses that contain similar clauses, I do not claim to have the definite answer, but the unconfirmed (as in, unconfirmed in a sufficiently large body of case law) nature of this feature might cause you to err on the safe side. If the buyer of your company or product-line starts to wonder what exactly the influence of using a copyleft-license is you might have lost some valuable time, and possibly value, right there.

(By the way, some of these issues where also raised in a good IT Conversations installment I heard the other day: “Open Source Code, Managing the Opportunity.”)

Day Two, Friday Morning: Maurits Dolmans on FRAND Licensing

Next up was Maurits Dolmans, on FRAND (fair, reasonable and non-discriminatory) licensing. In short, FRAND licensing is relevant in the context of SSO’s (Standard Setting Organizations), whereby participants to the organization pool together IP (mostly patents, hence “patent pools”) and cross-license it to all members. Problems arise when participants do not declare patents necessary (“essential”) for the standard, only to charge (exorbitantly) high license fees (that is, not FRAND) once the standard is adopted. Maurits highlighted, amongst other things, the possibility of ex-ante negotiations to prevent such behavior. (The evening before, Maurits, whom I used to work with when at Cleary Gottlieb in Brussels, talked very enthusiastically about a case he is in involved in these days, and that has FRAND aspects.)

After this Maurits moved into a higher gear, and I have to admit that I stopped taking notes. (You can read more about his take on FRAND in a 2002 testimony before the U.S. Doj/FTC here [pdf], and in a 2002 paper “Standards for Standards” [pdf].)

Day Two, Friday Afternoon: Professor Michael D. Scott on Web 2.0 Licensing

At the end of the conference, Professor Michael D. Scott of Southwestern Law School gave a heads-up on licensing issues that we are likely to see around the evolution of the Internet (Web 2.0! by another name). Professor Scott mentioned U.S. click-wrap cases and pointed out that we will have to deal again with the issues that surrounded those in connection with new web-services.

To give an example that I came up with (and I am not sure that I am really on to something): open API’s cannot discriminate between types of use, or users for that matter. Something to explore in a future post?

Book

You can order the 160-page book from Elsevier Juridisch with papers from the conference for only EUR 19 here.

‡‡
[This is a post from Technology Law Culture: http://tlc.oosterbaan.net//. Olivier Oosterbaan, ICT and media lawyer in Rotterdam, the Netherlands, maintains this blog.]

(Already, a deviation from the formulated concept of TLC’s one-post-a-month. Let’s call it a PicoPost, small posts in between the monthly posts.)

Last Saturday, 21 May 2006, I attended BarCampAmsterdam. (Mostly organized by Andy Smith.) The blurb on BarCamp:

BarCamp is an ad-hoc gathering born from the desire for people to share and learn in an open environment. It is an intense event with discussions, demos, and interaction from attendees.

So, no set subject, anybody can talk about whatever strikes their fancy. And the talks ran a full gamut: a product presentation of Avi Bryant on Dabble DB, a lightweight web-based database app; an open question for new ways to use Firefox if you could touch it from David Humphrey; some technical background info from Edwin Mons on the iRex iLiad e-ink based reader (with a little hands-on time with the iLiad reader!); a call for technical ways to distribute information from and to rural, not always online, environments in India from Freeman Murray; and Ryan King on microformats (which was beyond my technical knowledge) to name a few. And there was pleny of conversation going on off-topic as well.

I also dropped in to see as a tourist how such a get together works, as it would be nice to try out something akin to it for the Dutch tech and media law world. (LexThink in the U.S. comes to mind also.) I enjoyed (the concept of) BarCamp, and I think it could work well for legal conferences as well.

Flickr pictures taged barcampamsterdamii.

++

[This is a post from Technology Law Culture: http://tlc.oosterbaan.net. Olivier Oosterbaan, ICT and media lawyer in Rotterdam, the Netherlands, maintains this blog.]

(Picture by: Me.)