Will the BPI disclose their surveillance methods?
ACS:Law have managed to highlight the perils of companies operating as private surveillance agencies. By collecting extremely sensitive information – and letting it into the wild through their own incompetence – many people will be suffering serious personal trauma.
Possibilities of this, or smaller scale abuse, are exactly why Peter Hustinx warned that private surveillance was unlikely to be a proportionate means of dealing with copyright infringement, compatible with privacy rights.
Even assuming the data is held safely, the threat of placing in the public domain via court action may well be enough to make people pay up in the case of accusations of sharing copyrighted pornography.
Such accusations are frequently inaccurate, and cause pain and anger. The question is, however, exactly why the evidence is so flawed, and whether, as the BPI and other rights holder lobbyists claim, their systems are more accurate.
Problems can arise from collection, comparison at the ISP, and the basic fact that IP addresses fail to identify anything more specific than a router. Surprisingly, the ACS:Law leaks suggest that their methods are in fact quite similar to those used by the BPI and others, as they identify actual sharing, rather than, for instance, IP addresses appearing to register on a torrent tracker.
Given all the pain and anger that can result from inaccurate accusations, is the BPI calling for the evidential processes to be fully transparent, to reassure people who may be accused? Apparently not, according to their submission to Ofcom:
BPI advocates confidentiality for parts of their surveillance methods:
Where certain features of the detection process and contractual information are subject to commercial confidentiality agreements between Copyright Owners and third- party providers, we would require Ofcom to observe this and not make these aspects publicly available.[i]
We see no reason for ‘commercial confidentiality’. Yet clearly any lack of transparency is going to undermine confidence in the process.
BPI says the non-transparent methods should be unchallengeable
adherence to the processes set out in the Quality Assurance standard should be a sufficient basis for the Appeals Body to be satisfied that the qualifying entities have conducted themselves correctly. It could not be a ground for appeal against the receipt of a CIR that the processes used are not satisfactory provided that they have been complied with by the rightsholder. Given Ofcom will have established clear quality standards, provided these have been met, the Appeals Body should not second guess the standards themselves.[ii]
Despite parts of the methods being closed; and despite these methods being defined privately by the copyright owners, they are not to be challenged.
BPI says your grandmother has no excuse
There is no reason why any level of technical ignorance on the part of a subscriber should be relevant to the question whether a notification has been properly made and is supported by adequate evidence.[iii]
In other words, the BPI want to be perfectly clear that your technically incapable grandmother must appear on serious infringer lists if copyright infringement takes place in her home.
The purpose of the infringer list is purely to identify which accounts have accrued instances of copyright infringement, according to the BPI: a stance which is only partly true, as it is there to drive people into civil courts, and therefore removing people who have done no wrong would be a seriously good thing.
ACS:Law has driven a hole in public confidence in copyright monitoring, as well as sustaining real harm for individuals. The BPI and Ofcom should react with a pledge for full transparency at all levels in what they intend to do.
[i] BPI submission to Ofcom, page 7 http://stakeholders.ofcom.org.uk/binaries/consultations/copyright-infringement/responses/bpi.pdf
[ii] As above, page 9
[iii] As above, page 19