While the US is still pondering SOPA, we just got some absolutely fantastic news out of Europe. The European Court of Justice, the highest court in the European Union, has just ruled that P2P filters installed by ISPs violate the European Directive on electronic commerce as well as fundamental rights [full ruling]. This is a hugely important ruling that effectively protects all member states of the European Union from ever being subjected to ISP filtering and spying.
The origins of this ruling lie in Belgium. The Belgian version of the RIAA, SABAM, had sued Belgian internet provider Scarlet because the ISP’s users were downloading copyrighted content without paying royalties. The President of the Tribunal de première instance de Bruxelles (Brussels Court of First Instance) then ordered Scarlet to install a filtering system to monitor the internet traffic of its subscribers.
Scarlet didn’t like this and appealed, and argued before the European Court of Justice that such a filtering system is incompatible with the Directive on electronic commerce and with fundamental rights. Today, the European Court of Justice ruled in full agreement with Scarlet – this has to be one of the clearest and most straightforward rulings I’ve ever seen. The Court of Justice doesn’t mince any words here.
There are two elements to the ruling. First, imposing such a filtering system would hinder Scarlet in freely conducting business, a violation of the Directive on on electronic commerce. This is the practical side of the ruling.
“In the present case, the injunction requiring the installation of a filtering system involves monitoring, in the interests of copyright holders, all electronic communications made through the network of the internet service provider concerned. That monitoring, moreover, is not limited in time,” the Court of Justice states, “Such an injunction would thus result in a serious infringement of Scarlet’s freedom to conduct its business as it would require Scarlet to install a complicated, costly, permanent computer system at its own expense.”
Other than this practical side, the ruling also has a philosophical side which deals with the implications such a filtering system would have for fundamental rights such as privacy.
“What is more, the effects of the injunction would not be limited to Scarlet, as the filtering system would also be liable to infringe the fundamental rights of its customers, namely their right to protection of their personal data and their right to receive or impart information, which are rights safeguarded by the Charter of Fundamental Rights of the EU,” the Court continues.
“It is common ground, first, that the injunction would involve a systematic analysis of all content and the collection and identification of users’ IP addresses from which unlawful content on the network is sent. Those addresses are protected personal data,” the Court further clarifies, “Secondly, the injunction could potentially undermine freedom of information since that system might not distinguish adequately between unlawful content and lawful content, with the result that its introduction could lead to the blocking of lawful communications.”
The Court concludes, therefore, that ISP-side filtering systems would not strike a fair balance between IP protection on one side, and “the freedom to conduct
business, the right to protection of personal data and the right to receive or impart information” on the other.
The European digital rights organisation EDRI is obviously pleased with the ruling. “This result is hugely important, as it protects the openness of the Internet,” EDRI states in a press release, “The alternative would have been a decision which would ultimately have put all European networks under permanent surveillance and filtering. This would have had major negative consequences for both fundamental rights and the online economy in Europe.”
It’s interesting to see how many parts of Europe are starting to take serious stands against the draconian, anti-freedom laws and initiatives the United States is trying to impose upon the rest of the world. Just this week, the Dutch minister of foreign affairs refused to declassify all the documents and negotiation details surrounding ACTA – as a result, the Dutch Lower House accepted a motion to block all debates and talks in the Lower House until all materials related to ACTA are declassified and made available to the public. Until then, ACTA will not even be discussed in the Lower House, and thus, will not be accepted.
Meanwhile, the European Parliament is taking a stand against SOPA, and fighting to make unconditional net neutrality – as codified first by Chile and second by The Netherlands – part of European Union law. And now we have the highest courts on the side of freedom of speech and fundamental rights as well?
Only a few months ago I thought the fight was pretty much over, and that we, sanity, had lost. Now – things ain’t looking so dire any more. The tables are turning.
At least some officials are sane.
I wonder what’s going to happen to the existing controls already in place in member states. Such as in the UK where recently BT was forced to filter newzbin.com lookups by the British courts.
Seems to me that the ruling system this judgment is about is one where the ISP would monitor ALL traffic and figure out what traffic is copyrighted.
The court says that :
1) Puting such a traffic monitoring in place is kind of costly and significantly impact the way the ISP is running its business.
2) Your ip address and the website you visit are personal informations. Therefore, monitoring them and (possibly) sending the ones that look suspicious to the content firms seems like a big violation of privacy.
Now, the UK judgment you are refering to seems to be about blocking a single website. Which is technically very easy to setup (by IP/DNS, even if it is kind of inneficient because the site will just change server) and doesn’t involve monitoring ALL the traffic. So neither of the two court arguments would apply.
So I think they are two different cases.
Yeah the UK judgement is about blocking a single website. In fact it’s so poorly executed that not only does using the I work around it, but using SSL (HTTPS as opposed to regular HTTP) works around it too.
As for the EU judgement, I’ll have to go back and re-read it (shamefully I just skimmed the article – which shows now by how epically I’ve missed the point)
Deep packet filtering? Really?
I’m always amused by this corporate gibberish. Cisco, Juniper and other network vendors are just looking forward to big profits from a complete internets overhaul. And goverments are buying into that because of lack of expertise and basic understanding. The only practical way to filter atm is L3-L4, DNS or routing blackholes. Which can easily be defeated by using standard P2P or SSL. State-of-the-art L7 filtering by Cisco and others is so naive, as to filter only plain unobfuscated bittorrent and old crap no one uses anymore (Gnutella, Napster, etc.)
I doubt true deep packet filtering as in what they want it to be (not what it really is) can really happen anytime soon, especially with the current developments of tens-of-Gb scale optical access networks.
Good thing EU guys are sensible enough.
Edited 2011-11-25 12:12 UTC
Well yes, DPI, really.
You’d be right to say that it is definitely not reasonable to even consider searching all electronics communications in, say, the U.S.A. through which most worldwide Internet traffic transits. At least not to compare it with an hypothetic database of all protected content. It just doesn’t make sense. Too much volume, not enough centralization.
That doesn’t mean that it NEVER makes sense, though…
I believe that today technologies allow deploying DPI on a global scale in smaller, less democratic countries, where bandwith is sparse and all traffic is centralized through a small number of govt controlled access points. This is real, not hypothetical (cf. Lybia, Syria, maybe Tunisia…). Even if the bandwidth is too high, DPI still remains useful when you’re not blindly searching everyone’s communications.
As for traffic encryption… Let media keep on shouting “piracy”, “pedopornography”, “terrorism” loud enough and often enough and in a few years from now everyone using cryptography for anything else than online banking/payments will look suspect. Cryptography used to be forbidden because it was considered as a weapon. I wouldn’t be surprised if some politicians started walking that path again.
So to put it bluntly, because the RIAA and friends are being too greedy today, we’re all letting laws pass that will transform our “democracies” in Lybia-look-alike for our grandchildren. That’s a bit of a shortcut, but that’s true nonetheless.
I wouldn’t have expected the EU institutions to lead the way to reason, here, but at least the judiciary seems less brain dead than the Commission. Note that another ruling of the same kind is expected quite soon. It was asked the very same question, but applied to hosting services. I do hope for the same kind of answer.
I have a bridge for sale. Interested?
Or maybe I can interest you in some snake oil?
Yes, I would like to refer to the judgement text:
So only preventative, non-specific measures may not be imposed by member states (nor by the EU itself). The court refers specific injunctions against intermediaries to the individual member states.
So the UK ruling seems to be in full compliance with EU law, as is the French HADOPI law. As long as ISPs aren’t being used for general, preventative detection and filtering, the prerogative still lies with the member states. These aforementioned laws/injunctions may or may not violate other EU directives, but it doesn’t seem to be this one.
Still, the worst that could happen to the web has now been averted (in Europe), so it’s still a big win. It’s a slap in the face if censorship and the EU has now recognized that it’s not the intermediaries who should be made responsible for the behaviour of their customers. If anyone, it should be the police (or other LEOs) policing the web. Not ISPs.
Seems UK is exempt as they have an opt-out on the Charter of Fundamental Rights (at least, according to Wikipedia – http://en.wikipedia.org/wiki/Member_state_of_the_European_Union).
Canadian officials… you see what’s going on over there? Follow that!
I’d say the same to U.S. officials, except that none ever try to learn anything from other countries. They call it “American exceptionalism” but it’s really an arrogant, short-sighted mentality that will hurt us longterm. Especially if we get into deep packet filtering, which is constantly proposed in Congress here and I believe will eventually pass and become law.
I actually had to look that up and …it’s actually a real term.
Funny reading though. Hubris rules.
No matter what anybody thinks about it, as long as content exists for people to copy, they will do so. (This is why I never attempted to make a living by trying to sell something that can be copied an infinite amount of times for $0.) Eventually, I think content owners will just give up and stop fighting a battle they can never win. Because when it comes to 1’s and 0’s, once you release it into the wild, you don’t own it anymore. And no amount of bitching and trying to pass laws to the contrary will change that.
They’ll have to regularly *shock gasp horror* perform to make money.
They’ll live.
Here here!
Thom, I am anti-patent, pro-P2P, and download my fair share of content. That said, I do not think that full-scale endorsement of the idea that all digital content should lose copyright protection makes much sense.
For example, if I write software for a living, how exactly do I “perform” to survive if all my customers are getting my product for free?
Part of the reason that I am so happily anti-patent for software is that copyright protection is enough. Without copyright, I am not sure my arguments make much sense.
By the way, my favourite software license (even for my own stuff) is ASL. So, it is not like I am one of those “all software should cost money” guys. Clearly though, if I am creating something of value and hoping that the fruits of my labour will feed my family, it would be an injustice to allow others to legally take it from me without any compensation.
You can argue that music recordings are viral advertisement for live performances. That seems less true of software, movies, and other stuff.
The problem is people will always find ways to pirate, so content holders treating everyone as criminals to catch a small few (comparatively speaking) who do pirate. This goes against everything that the developed world’s courts are based upon (innocent until proven guilty), not to mention massively inconveniences legitimate users.
I don’t have a problem with organisations auditing businesses to ensure they have the correct licences but there does come a point when fanaticism for catching every single user -who likely wouldn’t pay for your software under any conditions- starts costing you more than you’d recoup with software sales.
I’m not saying my ideology is perfect, but I do wonder if the cost of anti-piracy measures cost more than the money content holders earn from strong arming these sales. Perhaps that’s why we see ludicrous damages fees (several $millions) targeted at individuals who, all things considered, were small time P2P hosts; perhaps those damages are to cover the cost of catching these people rather than the loss of sales. Or perhaps I’m just looking for a conspiracy now?
You do what good software developers do – you support your customers and you listen to them. (Oh, and people who didn’t pay for your product shouldn’t be viewed as “customers”…)
I despise software developers who throw products out there and expects money to just roll in magically.
I’m in the software industry myself, and if there’s one thing that sticks in my mind from a company I used to work for – it was the belief that having others copy our software would be a godsend. It would make our product more popular, and when the infringers actually wanted to be customers (which they inevitably would have – it was an enterprise-level product), they would pay for it.
Ultimately, their product was never good enough that anyone wanted to “steal” it, so… oh well
Edited 2011-11-24 17:53 UTC
That’s ridiculous. So game developers, people who create financial management software or banking software, etc. should expect to live off what? Support? No, you create a product people want and sell it. If it is good, you have the money to write some more as you put food on the table and hope the combination of your reputation and quality of your next product allow you to continue to sell software and feed your family.
In terms of digital content losing its copyright protection, it is going to happen. I’m not here to make any moral judgements on this fact one way or the other, but just here to say that it WILL happen. Looking at it from a pragmatic sort of view, there’s no way it cannot.
Now, the question is, what do you as a software developer do when this happens? Well, one thing that is true right now is that you can’t make money selling open source software, other than the generous few that will throw some cash in your direction. And once copyright goes away, that will hold true for ALL software. In that case, you’ll have to do what the open source crowd does to make money:
– Charge people to customize the software however they want
– Sell services (such as support)
– Sell t-shirts, coffee mugs, etc.
Also, you could keep your source code under lock and key, set up a web app, and make people pay for subscriptions.
If none of those options work for you, you’ll probably have to find another career. That may not sound fair to you, but I’m sure the horse & buggy industry also cried foul when the automobile was invented. You’ll just have to move on.
Edited 2011-11-25 02:39 UTC
My view on this is very well… simple. You can’t sell air.
To be more precise. If something can be copied to everyone for 0$ why would anyone buy it? I’m sorry artists, programmers et al. Your business model doesn’t add up. Live with it, move along.
This ruling looks like the ultimate weapon against the obvious will of so called democratic governments to use Internet as a tool for oppression. There’s no way they could impose DPI technology for all purpose monitoring of all electronic communications, on the Internet backbones or in the modem you ISP lends you, right? Right? Because that’s the only way to do what the SABAM asked from Scarlet. That and force everyone to trust their government with all their cryptographic keys, or to forbid encryption altogether. But it would be just too much. Right? Right?
Well, no. It’s not that easy. The ruling says that what was asked to Scarlet fulfilled a set of 5 criteria (including “not limited in scope or time”, and “at the ISP’s cost”) that all put together are unacceptable.
You can count on big content to try to turn this ruling over its head. They’ll claim that anything that fails to fill any one of these 5 criteria is fair game, and can be required from an ISP. In fact, they already are.
http://www.ifpi.org/content/section_news/20111124.html
The fight is not over, and I expect more cases like this one to surface. I do hope that each and every time the defender will pull the EU Court in the loop, and push said Court to eventually admit that any kind of centralized monitoring of all electronic communications will not be compatible with human rights. Ever.
Not very likely, though.
Remember that this would, of course, cost a lot to several powerful cyber weapons (think deep packet inspection) manufacturers (google “BlueCoat Syria”, “Bull Amesys Lybia”). These guys have money, and their arguments do find a favorable echo in the right wing oligarchies that are currently running many western governments. Think France, where all politicians are trained in *one* school (ENA), whatever their conviction – nice example of an oligarchy here. One only has to see what was on display during the latest Milipol to realize that. Intellectual property is only an excuse for extremists to push their agenda, and those guy fight dirty.
Great to see that businesses are still allowed to offer the services they like in some cases, instead of being ordered by the state what to do.
Obviously in other cases this site advocated that governments must indeed order businesses what to do.
I suppose we’re having a bit of a split personality here.
How many times do I have to explain to you that sometimes, government intervention is bad, and sometimes, it’s good?
I don’t live in a fantasy world. Sometimes, the same thing in different situations can yield different outcomes. The world isn’t black and white, kiddo.
Edited 2011-11-24 20:38 UTC
I think I stand with the German Constitutional Court on this one Thom, the Government is there to provide services and not to impair on the day to day decisions of it’s citizens. It is when Governments seek to make decisions for us that restrict our liberties and freedoms be they for good or sinister intentions, Governments then become a problem.
Now we have most of the EU dancing to the tune of the “Markets” and I hope for the sake of the EU (a concept I like but not happy with it’s current implementation), that it wakes up and realises the poor choice of music they are dancing too.
I would hardly call the world of Minecraft real.
…says the guy who, not so long ago, was all for censorship on the internet in the name of the same right to do business.
just trolling, but let me tell u a story about my life… i am not a social person in the terms that i have lots of personal friends, rather, i like to hang at arbitrary places and have a debate with more or less anyone…
i enrolled university 1996, EE in sweden… in that particular year 320 students were admitted to study. apart fro the shortage of females, social life was not so bad
the EE students (and others as well), had our own place to take a beer or a coffe – there were hooks in the wall for each to hang the personal mug on, there were lots of people in the computer halls in the basement, lots of people in the reading rooms… in short, u were never alone…
in about 2000, all the student dorms in the city were atached to the university LAN, and in a period of some weeks, all the student facilities became empty of people… no one was in the cafeteria, no one in the reading rooms, no one in the computer halls… after the lectures, everyone rushed home to finish the studys, so thet they can watch the latest downloaded movie… i am not easily enterteined, but i tried to adapt and do what other did. i watched the movies…
of course, then came world of warcraft also, but i never played…
i was a moderatly cheerful being, moderatly social, and when u got to know me, quite friendly… but, slowly, i became mentally ill. rage and hatred towards my fellow humans consumed me…
so, my fellow lowlifes, me letting the rage and insanaty talk, let me tell u something…
i know who u people are… all this talk about free speech and liberties is just a show… u burn for content, its all u want, julia roberts and chuck norris to chase away the void and the shadows in ur life…
are u happey with this ruling? does the crap u download fill upp your little miserable life? are u enterteind? got a boner? is it hermione? or potter?
This!!
P.S. An interesting fact it is, Sweden is heavily on WoW needle. Must be the higher than average household income in EU, so that everyone can afford to have and account and active subscription.
Edited 2011-11-25 12:10 UTC
Considering I barely download a thing (and only American TV shows you can’t watch here anyway), I’m not entirely sure what all this is supposed to mean. Looks like to me you’re just trying to blame your own problems in your life on external factors, while instead, you should look at yourself.
Edited 2011-11-25 11:55 UTC
u r wise, i respect u
Edited 2011-11-25 12:56 UTC
Wonderful trolling!
Even I am happy about official rulings.
But it’s a sad thing that one has to enforce freedom.
It is legal in any term to be restricting p2p in any term is not only a violation for trust and contract (unless provided and agreed upon in advance) It is also punishable by not only fines but also by jailtime in the EU. (also Norway) Sharing illegal warez is as bad as selling illegal wares but the definition of “legal” must be clear and it is definitly not in europe and neither in the world as india and china respects not the patent system or ownership rights in whole.
Edit: Drunk
Note to self: remember to never post when drunk.
Why? Sometimes those are the most lucid posts… no inhibitions…
Haha one I does de difference… Going to edit the comment.
14:44 on Friday.
Looks like you had an early start 🙂
But at 14:44 in late Autumn Sweden is almost early evening?
The entertainment industry also use P2P as a valuable production tool.
A producer acquaintance of mine that mixes/master tracks for musicians use p2p to communicate big music files (uncompressed 24bit 96Khz/196khz files) between him and his clients that can’t be emailed. I can imagine the same for the video industry as well.
P2P is a valuable commercial tool and it’s unfortunate for the persistent negative connotation.
You do realize that there are other ways to communicate large sets of data, right?
I’m all ears.
I’m not saying P2P cannot be an effective medium, or the medium of choice in some cases. But SFTP or HTTPS are solutions I’ve come across more often.
Hell to the YEAH BABY! Finally something good comes out of the EU that does not completléy fucks us swedes over. Why we are even part of the EU is beyond my reasoning anymore. Northern alliance should have been instead of half of use joining the EU.
(teeny bit drunk)
Hypothetical; If norway invaded sweden, finland and denmark and we put up no resistance AT ALL (and even wellcomed our nordic brothers as liberators) would that be an “opt out” option from the EU?
Lol
In The Netherlands in will remain fully legal to make a copy for personal usage, even though the source is clearly illegal. We already pay taxes on blank (optical) media. In return, we get to download creative works legally.
The government wanted to abolish this and make downloading illegal, but it was blocked by the lower house. Hooray!