Forgot your password?
typodupeerror
Piracy Privacy The Almighty Buck United Kingdom Your Rights Online

UK ISPs Profit From Coughing Up Customer Data 59

Posted by Soulskill
from the they-call-it-monetization-of-assets dept.
nk497 writes "ISPs in the UK are charging as much as £120 to hand customer data over to rightsholders looking for proof of piracy, according to the Federation Against Software Theft. While ISPs have to hand over log details for free in criminal cases, they are free to charge in civil cases — and can set the price. 'In 2006, we ran Operation Tracker in which we identified about 130 users who were sharing copies of a security program over the web,' said John Lovelock, chief executive of FAST. 'In the end we got about 100 names out of them, but that cost us £12,000, and that was on top of the investigative costs and the legal fees.'"
This discussion has been archived. No new comments can be posted.

UK ISPs Profit From Coughing Up Customer Data

Comments Filter:
  • by wvmarle (1070040) on Tuesday September 28, 2010 @02:23AM (#33719958)

    From a previous /. story [slashdot.org] you may recall that the UK has pretty stringent laws on the disclosure of personal data. Basically no disclosure to third parties without court order.

  • Re:GBP 85 / hr (Score:5, Informative)

    by Dr_Barnowl (709838) on Tuesday September 28, 2010 @03:20AM (#33720200)

    Flamebait or not, Time Warner ISP in the states does just this, claiming they can only process one of these requests PER DAY.

  • by grelmar (1823402) on Tuesday September 28, 2010 @04:14AM (#33720392)
    Not exactly sure about the UK, but I know here in Canada that FOIP (Freedom of Information and Privacy Act) has provisions that mean that ISPs aren't allowed to give out that info without a court order, and would be subject to Federal criminal prosecution if they did hand out the info to private 3rd parties. I had thought the laws were similar in the UK. It would be interesting if one of these users sued their ISP for unlawful disclosure of personal information. The privacy act in the UK can be nasty to those who break it. It all depends whether that information is protected or not. FOIP is the big reason why you don't see these types of lawsuits in Canada, that and a long history of the Canadian courts telling rights holders "tough noogies" when they sue people who make copies for personal use - we pay a blank media tax that gets divvied up amongst rights holders as a hedge against piracy.
  • by Rogerborg (306625) on Tuesday September 28, 2010 @06:06AM (#33720718) Homepage

    I do not quite see how does the data protection act authorise you to give the data in question.

    What, you can't read the Act?

    29 Crime and taxation

    (1)Personal data processed for any of the following purposes--
    (a)the prevention or detection of crime,
    [...]

    are exempt from the first data protection principle

    Go on, argue that copyright infringement isn't a "crime". Then read the Copyrights Designs and Patents Act 1988, section 107 1, (e)

    107 Criminal liability for making or dealing with infringing articles,
    (1)A person commits an offence who, without the licence of the copyright owner--
    [...]
    (e)distributes otherwise than in the course of a business to such an extent as to affect prejudicially the owner of the copyright
    an article which is, and which he knows or has reason to believe is, an infringing copy of a copyright work.

    That's the controlling statute. The only argument to be made is whether sharing a file constitutes "distributes [...] to such an extent as to affect prejudicially the owner of the copyright".

    Now, we can have an informed debate. Go ahead.

  • by malx (7723) on Tuesday September 28, 2010 @08:11AM (#33721146)

    OP said

    While ISPs have to hand over log details for free in criminal cases, they are free to charge in civil cases

    Actually, ISPs routinely charge the cost of obtaining, processing and handing over log details when asked for it by law enforcement authorities under the Regulation of Investigatory Powers Act 2000, including when the data is needed for criminal investigations.

    ISPs aren't allowed to make a profit from providing this data, whether for civil litigation or criminal investigations, just recover their costs. However ISPs' costs can be substantial: ISPs don't just spend time fishing out the records and handing them over, there are also significant overheads in training and systems to ensure this data is only handed over when it should be, to make sure the requesting authority is genuine and the ISP isn't being subjected to an imposter trying a social engineering attack, and so forth. Larger ISPs/telcos run dedicated units to cope with the high volumes of request from public authorities (in total, hundreds of thousands of RIPA requests are made each year, although most of these are for telephony data rather than Internet accounts).

    For confirmation see Chapter Four of the relevant Code of Practice [homeoffice.gov.uk].

You can do this in a number of ways. IBM chose to do all of them. Why do you find that funny? -- D. Taylor, Computer Science 350

Working...