•  Kissaki   ( @Kissaki@beehaw.org ) 
    link
    fedilink
    English
    276 months ago

    From the article-linked ruling press release - what it means in practice, what this was about:

    In order to protect works covered by copyright or related rights against offences committed on the internet, a French decree introduced two personal data processing operations. The first operation consists of the collection, by rightholder organisations, of IP addresses which appear to have been used on peer-to-peer websites to commit such offences and the referral of those IP addresses to the Haute Autorité pour la diffusion des œuvres et la protection des droits sur internet (High Authority for the dissemination of works and the protection of rights on the Internet) (Hadopi) 1. The second operation, carried out by the internet access providers at Hadopi’s request, consists, inter alia, of matching the IP address with the civil identity data of its holder. Those data processing operations enable Hadopi to initiate a procedure against the persons identified, combining educational and punitive measures, which may lead to a referral to the public prosecution service in the most serious cases.

    I find the ruling press release is much more understandable (and much more informative) than the OP-linked article.

    • Definitely; OP’s linked article doesn’t have any quotes that refer to copyright, while this one of yours adds a lot of context that was otherwise missing. There’s a world of difference between allowing retention of IP addresses and creating a cleaning house for IPs suspected of distributing works.

    • The second operation, carried out by the internet access providers at Hadopi’s request, consists, inter alia, of matching the IP address with the civil identity data of its holder.

      Which just opens more questions: How long are ISPs allowed/required to store customer IPs, and then what happens if I have an open wifi: Can they just assume that I did it or declare me responsible anyway, that is, is it possible for a private individual to enjoy ISP privileges?

      • Yes if I remember the Hadopi correctly, your are responsible for securing your access point and liable for any use made out of it.

        Le décret sur la négligence caractérisée a été publié au JO le 26 juin. Il instaure l’obligation de sécuriser sa connexion, sans en préciser les moyens, sous peine d’une amende salée et d’une coupure Internet en cas de délit de téléchargement illégal.

      •  Kissaki   ( @Kissaki@beehaw.org ) 
        link
        fedilink
        English
        1
        edit-2
        6 months ago

        If you read more of the ruling, the ruling allows EU nations to impose requirements on ISPs. So the storage duration would be up to national law. (Which of course one may call into question bring before court on whether they are too long.)


        The question of whether you are liable as a provider of open access is an independent question. Yes, it becomes more relevant if you as a provider can’t bet on anonymity anymore. But it’s independent.

        Looking at DE Wikipedia, looks like previous EU court rulings were dismissing being held accountable, but there’s still one open. German law freed it in 2018. No mention of EU specifically in this article, so maybe it’s national concern - at least until the EU court makes a ruling.

  • The inherent flaw is thinking that “privacy” is something that the courts are capable of providing. They aren’t. The most that government/courts could possibly do is make it illegal to generally and indiscriminately retain IP address records. But that only protects you from law-abiding privacy invaders; it does nothing to protect you from criminals who would use that information nefariously.

    When you take adequate and appropriate steps to secure your privacy, it doesn’t actually matter what the courts have to say about “privacy”.

    • I think that take is short sighted. Because the next obvious step to “no right to online anonymity” is “online anonymity is illegal”, and it’s pretty obvious we’re headed that way. In that case, courts can make it pretty fucking hard to protect your right to privacy.

      • The scenario you describe actually demonstrates my point. Where anonymity is “illegal”, the only entity you can trust to protect your privacy is you.

        That fact does not change when anonymity is “legal”. That fact does not change even when anonymity is mandated. Even if it is a criminal act for me to make a record of who is accessing my service, that is only a legal restriction. It is not a technical restriction. You can’t know whether I am abiding by such a law at the time you are accessing my service. A law mandating anonymity doesn’t actually protect your anonymity; it just gives you the illusion that your anonymity is being protected.

        The relevant difference between your scenario and reality is that in your scenario, nobody is blatantly lying about whether your privacy is under attack: it most certainly is.

    •  Kissaki   ( @Kissaki@beehaw.org ) 
      link
      fedilink
      English
      36 months ago

      How did you come to the interpretation that protection of anonymity were violating copyright?

      How do you mean anonymity could give better control over copyrightable information?

      • People’s right to be forgotten effectively amounts to a right to make the internet remove content of your copyrightable data.

        And I was asking how that violated copyright, because the article above is about how the EU courts decided copyright is more important that privacy rights so there’s no right to internet anonymity.