Previously, harvesting data on illicit file-sharers was ruled a breach of Sweden’s Personal Data Act but last year an exception was made in the IPRED legislation to permit it. Nevertheless, if organizations such as the IFPI and Antipiratbyrån wish to collect data on Internet file-sharers, they have to comply with standards enforced by Sweden’s Data Inspection Board.
To ensure that this is indeed the case, last December two lawyers and an IT security expert conducted an audit at Antipiratbyrån’s offices. Although IFPI would also face a visit, the group said that it held no data, instead choosing to outsource their harvesting work to companies outside the country.
The results of those audits have now been made public. According to the Data Inspection Board, both Antipiratbyrån and IFPI conform to all necessary regulations when collecting information on Internet users they suspect are sharing copyright works.
According to Jonas Agnvall from the Data Inspection Board, although many IP addresses are gathered, most are discarded and there are now just 100 to 200 IP addresses currently held on record.
Previously data had been used to send out warning letters to suspected infringers, but it now seems that practice will completely cease.
“The reason is that the ISPs refused to send letters to subscribers,” notes a statement from Antipiratbyrån.
There had been criticism of the Data Inspection Board after they gave both Antipiratbyrån and IFPI advance notice that they would conduct audits. Some felt that this would give them time to adjust suspect operating practices. Jonas Agnvall said that unannounced visits do happen, but only in extremely rare circumstances.