Last year when thousands of Internet users had their privacy breached due to the actions of ACS:Law, watchdog Privacy International said it would pursue the anti-piracy law firm for breaching the Data Protection Act. Now, in PI’s 2010 report, there is a suggestion that BSkyB “contaminated” subscriber information it sent to ACS:Law, which led to someone being accused of piracy who had no broadband account with BSkyB.
In September last year, the email archives of ACS:Law, the UK law firm which pursued thousands of Internet users for alleged breaches of copyright on file-sharing networks, were spilled onto the Internet. In addition to the inner workings of ACS:Law being laid bare, many thousands of Internet subscribers accused by the company had their names, addresses and accusations of sharing pornography revealed too.
Surveillance and privacy watchdog Privacy International (PI) immediately notified the Information Commissioner’s Office (ICO) of this event in the belief that ACS:Law had breached the Data Protection Act with its mishandling of data handed to it by Internet service providers including BSkyB and BT.
In late December 2010, PI released their annual activity report and tucked away on page 23 is the following text which confirms their earlier announcement that they would pursue ACS:Law.
Commenced exploratory proceedings for legal action against law firms involved in file sharing prosecutions. Filed official complaint with ICO regarding the ACS:Law data breach and receiving complaints from individuals who were victims of the breach.
However, it is followed by another interesting statement, this time involving BSkyB.
Wrote statement of claim for an injunction against NPO [Norwich Pharamacal (disclosure) Orders] data after discovering BSkyB had contaminated data they sent to ACS:Law, currently working with barristers to file for injunction in the high court.
For legal reasons Privacy International declined to comment further, but information obtained by TorrentFreak outlines the basis for PI’s concerns surrounding the data supplied to ACS:Law by BSkyB.
The claim is that following the ACS:Law leak, an individual contacted PI explaining that their details had been leaked onto the Internet as part of the breach. Furthermore, ACS:Law had sent a letter with allegations of infringement of copyright on a pornographic movie with the usual offer to settle for cash. This letter was followed by a second, both of which asked for £495 to make the matter go away.
But there seems to have been a problem. Although its alleged that the person being accused had previously been a broadband subscriber with BSkyB, its claimed that the individual’s Internet subscription was terminated in 2007, some two years before the date of the alleged infringement.
The individual being accused by ACS:Law had, however, remained a customer of BSkyB but not for broadband Internet services. At the time of the alleged infringement the individual was a satellite TV subscriber with BSkyB, but a broadband customer of another supplier, BT.
This week TorrentFreak pointed out the Privacy International report to BSkyB along with an outline of the allegations and gave the company the opportunity to respond.
“Neither the customer nor Privacy International have formally contacted Sky to provide evidence of this alleged incident or to complain about our handling of their data. However, we have contacted PI to request more information. In the meantime, and in light of no substantive information or evidence, it would be inappropriate for us to comment further on this allegation,” a Sky spokesperson told us.
Quite how far direct discussions between Privacy International and BSkyB can go on this matter remains to be seen. The Sky subscriber at the center of the claims has asked PI not to disclose their details to a 3rd party and PI are still investigating legal action through the High Court against BSkyB.
PI have, however, been in touch with Sky to say that the customer did indeed lodge a complaint via the company’s customer support center.
“I will say that if you check your support logs you should be able to find more information as the victim contacted your support team directly to explain that you had passed on their details to ACS:Law despite them not being a Sky Broadband subscriber – however, your support team refused to discuss the matter with the victim,” Privacy International’s Alexander Hanff wrote to the company today.
For their part, Sky feel that all necessary precautions have been taken.
“Sky makes every effort to ensure it provides accurate information when complying with Court Orders. It does this by carrying out a number of checks against the IP session reported within the Order. If there’s any degree of uncertainty, the details are not supplied.”
For the countless individuals who believe that they have been wrongly accused by ACS:Law, this case will certainly be one to watch.