In 2007, Germany was of the world’s most risky places to share files with an estimated 200,000 people receiving threats of legal action. We talk to a lawyer helping to defend five hundred of them, examine the legality of tracking systems and look at how data being stored by ISPs can be used against sharers.
TF: Thanks for taking the time to talk with us. Please introduce yourself.
CS: My name is Christian Solmecke and I work as a lawyer in Germany at the Cologne Chambers of Lawyers Wilde & Beuger. There I work in the field of Internet law/New Media. Presently we are defending about 500 file-sharers against the German music industry.
Obtaining identities behind IP addresses
TF: We have written many times here on TorrentFreak about the P2P tracking company Logistep and how they track down alleged file-sharers. They are collecting data about internet users all over Europe yet their activities are not welcome in Italy or France. Their methods of getting user data from ISPs seem to questionably legal from a European standpoint (according to Juliane Kokott, Advocate General to the European Court of Justice) – why are they allowed to continue with these actions?
CS: First of all it has to be stated that the statements by Juliane Kokott at the European Court of Justice were construed in various ways. As far as I understood Ms. Kokott, the storage and the disclosure of data is not to be made impossible in general. The disclosure, however, is to be subject to control by the state.
TF: Are there ways for media companies to get data from ISPs about who an IP address belongs to in civil cases?
CS: At present, civil law does not provide a claim for disclosure of identities behind IP addresses for the rights owners (media companies) from the ISPs. For this reason the rights owners choose to gain disclosure via criminal procedures. Based on the data provided by Logistep and other P2P tracking enterprises, an offence is reported. The public prosecution service is obliged to investigate because a copyright infringement is a criminal offence in Germany. Here the legal situations differs from e.g. the Spanish system in which copyright infringements can only ever be committed within a commercial context. As the statements by Juliane Kokott relate to a legal action initiated by the Spanish music industry, they are not necessary fully transferable to all European legal systems.
The big question is if a German counsel for prosecution can, within criminal law proceedings, get information from the ISPs about who a certain IP address was assigned to at a certain time. Many legal practitioners argue that a court order is required before the data in question may be disclosed. In practice, however, the ISPs react directly to the requests by the counsels of prosecution and disclose the addresses without one. Most of the criminal proceedings are discontinued as the counsels for the prosecution regard these cases as petty offences. The music industry lawyers then authorise access to the records and thus obtain the address of the person behind the IP address. After this the civil law proceedings begin.
The future of disclosure/discovery
TF: This situation whereby the court’s time is wasted on these so-called criminal cases – just to get names behind IP addresses – is a terrible waste of public funds. Does this method have a future?
CS: In the future, obtaining disclosure via criminal proceedings is to be stopped. A civil law is planned for obtaining identities behind IP addresses. The rights owners (e.g. the music industry) are to be allowed to make an immediate request from the ISPs as to who a certain IP address belongs to. This rule is to serve the realization of the EU enforcement guidelines.
The big question here is if the rights owners (movie/recording industries) shall have such a claim for disclosure without prior obtaining a court order (which, of course, would entail expenses). Some German parties have different opinions. If I have correctly understood Juliane Kokott, a judicial caveat is an essential requisite so that our German copyright may remain consistent with the corresponding European guidelines.
European Data Retention
TF: On the 10th November 2007 the German Federal Parliament adopted the new EU data retention directive which essentially requires that ISPs spy on their customers and gather data about what they do on the internet. Who can access this information?
CS: Since the beginning of January 2008, the ISPs ARE required to store data about their customers for 6 months. This amendment was brought about by the EU data retention directive. The purpose of data storage, however, is the disclosure of data to the enforcement agencies in criminal cases. This storage rule is designed exclusively for the prevention of terrorism and the prosecution of organized criminals. The German federal Attorney General, Brigitte Zypries has stated that the data isn’t supposed to be disclosed to private parties such as the music industry.
TF: So can this data stored for use in future criminal cases be used in a civil case?
CS: As of today this question remain unsolved. If I have understood Ms. Kokott correctly, such disclosure would not be consistent with European law.
Challenging the accuracy of P2P tracking systems
TF: Logistep use a system called ‘The File-Sharing Monitor‘ which is a fairly secret piece of software based on the Shareaza P2P client. They use this to gather ‘evidence’ against alleged file-sharers yet this system is unlicensed and unaudited for accuracy by any official body or government. Cameras used by the police to detect speeding motorists need to be examined and calibrated carefully so why is the ‘evidence’ collected by this system allowed to be used when Logistep don’t allow it to be examined?
CS: In an exemplary legal proceeding at the Amtsgericht (Munipical Court) Frankfurt, we are currently having an expert clarify if the evidence logged by Logistep is accurate enough to be used as evidence in court. According to our opinion, various possibilities of manipulation exist in the whole chain of evidence.
TF: Do P2P tracking companies breach privacy laws?
CS: Up to now, no German court , as far as is known , has ever dealt with the question if collecting data by Logistep infringes upon data privacy law. Of course one could argue that the respective user consciously discloses the data by connecting to the internet. This controversial question is certain to be discussed in future.
Production line threats, risky Germany
TF: Logistep and their legal partners have threatened many thousands of people all around Europe, including the UK. We haven’t heard of any cases going to court. Have you heard of any cases actually going to court in any country in Europe and if so, what was the outcome?
CS : We estimate about 200,000 file-sharers have received threatening letters in 2007, in Germany alone. There a hundreds of filesharers in Germany who are being subjected to claims in courts. Most of this is carried out by the music industry but here the tracking was conducted by Pro Media GmbH and not by Logistep.
Mostly the music industry won these court cases. However, I have knowledge of one case where two numbers were inverted and the wrong owner of an IP address was identified.
Is an IP address alone enough evidence to identify a particular individual?
TF: TorrentFreak is in contact with many people who have received threatening letters in the UK and in many of these cases we’ve seen proof that the bill payer is not the one who committed any offense. Surely this threatening of innocent people is causing a problem?
CS: Frequently the truly infringing parties are not subjected to the claims, but the owner of the IP address instead. In most cases, children were the infringing parties and their parents were subjected to the claims. The parents then are then held liable as it’s felt they contributed to the copyright infringement. In this matter, too, diverging German court decisions exist. Some courts say that parents can only be held liable if they fail to instruct their children sufficiently or secondly, secure the computer in such a way as to render file-sharing impossible.
TF: Requiring that the parents block the use of all file-sharing software is a little too far don’t you think?
CS: According to our opinion, a complete blocking of file-sharing software cannot be accepted. File-sharing software in itself is not illegal. Solely the copyright infringement committed with it is illegal. However, the courts bring forward the argument that file-sharing software should be blocked because mainly copyright infringements are being committed with it.
TF: Accusing the bill payer regardless of if they did anything or not is a very blunt instrument. Are they really responsible for what others do on their connection? Are parents responsible for their children’s actions on the internet?
CS: There are some indications of a move towards a system which limits the liability of the bill payer. For example, some courts deem that simply instructing a child not to download is sufficient. A recent decision of the court in Frankfurt stated that adult family members don’t even have to be instructed or controlled by the bill payer unless they are suspected of committing any file-sharing activity. Another court said that a company could not be held liable if an employee used the company internet connection to commit copyright infringement.
Calculating compensation for rights holders
TF: The bottom line is always money, we know that. What sort of financial punishments are people being subjected to?
CS: The lawyers’ fees are calculated according to the amount of compensation. In standing jurisdiction, German courts presently assume compensation of 10,000 euros per song. German filesharers provide an average of 300 songs to upload. This would mean compensation of 3 million euros per case. Typically, based on these figures, fees for a single warning letter amount to 16,000 euros.
The threatening/warning letters amount to “just” 3,000 euros to 10,000 euros, but they point out that theoretically they are entitled to demand much more. Unfortunately many German courts concede to the music industry. Presently the District Court (Landgericht) has decided that in a case of uploading 50 music tracks, compensation amount of 500,000 euros may be assumed. In my opinion, this is a dramatic situation.
TF: It is indeed. Thanks for your time. Do you have anything to add?
CS: We publish fresh daily news (in German language) concerning filesharing cases on our internet site www.wb-law.de.