UK ISPs Profit From Coughing Up Customer Data 59
nk497 writes "ISPs in the UK are charging as much as £120 to hand customer data over to rightsholders looking for proof of piracy, according to the Federation Against Software Theft. While ISPs have to hand over log details for free in criminal cases, they are free to charge in civil cases — and can set the price. 'In 2006, we ran Operation Tracker in which we identified about 130 users who were sharing copies of a security program over the web,' said John Lovelock, chief executive of FAST. 'In the end we got about 100 names out of them, but that cost us £12,000, and that was on top of the investigative costs and the legal fees.'"
Re:I hope they follow the law (Score:3, Informative)
From a previous /. story [slashdot.org] you may recall that the UK has pretty stringent laws on the disclosure of personal data. Basically no disclosure to third parties without court order.
Re:GBP 85 / hr (Score:5, Informative)
Flamebait or not, Time Warner ISP in the states does just this, claiming they can only process one of these requests PER DAY.
I wonder if this opens the ISP's up to liability.. (Score:2, Informative)
Re:I hope they follow the law (Score:4, Informative)
What, you can't read the Act?
Go on, argue that copyright infringement isn't a "crime". Then read the Copyrights Designs and Patents Act 1988, section 107 1, (e)
That's the controlling statute. The only argument to be made is whether sharing a file constitutes "distributes [...] to such an extent as to affect prejudicially the owner of the copyright".
Now, we can have an informed debate. Go ahead.
ISPs can recover costs, even in criminal cases (Score:3, Informative)
OP said
Actually, ISPs routinely charge the cost of obtaining, processing and handing over log details when asked for it by law enforcement authorities under the Regulation of Investigatory Powers Act 2000, including when the data is needed for criminal investigations.
ISPs aren't allowed to make a profit from providing this data, whether for civil litigation or criminal investigations, just recover their costs. However ISPs' costs can be substantial: ISPs don't just spend time fishing out the records and handing them over, there are also significant overheads in training and systems to ensure this data is only handed over when it should be, to make sure the requesting authority is genuine and the ISP isn't being subjected to an imposter trying a social engineering attack, and so forth. Larger ISPs/telcos run dedicated units to cope with the high volumes of request from public authorities (in total, hundreds of thousands of RIPA requests are made each year, although most of these are for telephony data rather than Internet accounts).
For confirmation see Chapter Four of the relevant Code of Practice [homeoffice.gov.uk].