It’s a very wide-ranging report.  (And bonus points for the first footnote being to Johnson & Post, an old favourite in cyberlaw).  In particular, it should be noted that one of its significant concerns is the type of non-negotiated agreement that governs the relationship between a provider and a user after the purchase of protected creative material, as well as the more conventional territory of the contractual situation of creators, performers and so on.  I intend on using it as student reading material for IT/Internet law and also for a module we teach on Commercial Aspects of Media Law.

Here are some points that I found particularly interesting or useful, in no particular order.  It’s a very thorough piece of work – although it would have been fun to see what the authors made of the contract/license debate, which is certainly coming to a head in a number of US cases (e.g. Jacobsen v Katzer, now settled), or the EULA issues raised in MDY v Blizzard and the issues highlighted through Amazon’s Orwellian mess.  But this could well have been beyond the tender, so we should turn to my recommendations and highlights, which are (with a bias towards paper 3 on end user / Internet issues given my own interests):

• Helpful ‘creator profiles’ of two examples (an electronica artist and a children’s book illustrator) (Kretschmer, paper 2, pp. 46-7 of full report)
• A table on ‘unfair DRM’ (Derclaye & Favale, paper 3, p. 139)
• An analysis of exceptions in the US and EU, with further discussion on member state transposition in UK, Ireland and Portugal (paper 3, pp. 87-104)
• A very readable summary of the role of contracts in restricting ‘user freedoms’ (paper 3, pp. 105-108)
• The wonderfully tantalising comment (after discussion of click-wrap cases in the US) that “rulings by European courts on similar circumstances are still to come” (paper 3, p. 116).  And the footnote to this point discussed the NPG/Wikipedia issue with links from Technollama (Andres Guadamuz) and Francis Davey!
• An argument about the application of ‘fairness’ criteria to copyright contracts (whether through the removal of the exclusion of copyright from the Unfair Contract Terms Act or otherwise (paper 2, p. 77 and paper 3, pp. 122-124).  [On this, note that BIS is currently consulting on the UK's position regarding fairness in the European directive, informed in particular by the Supreme Court's decision in OFT v Abbey National]
• A roundup of developments and academic work on collective societies and copyright, highlighting the cost of administration and the ultimate regulatory role of these agreements (Watt, paper 1, pp. 35-37 )

Full report from the SABIP website.

There’s a fabulous transcript (PDF) of the late-night hearing, with Smith J expressing some serious scepticism about the whole enterprise and the realistic impact of the spoof on Associated’s interests.  It does remind me of the climax of that excellent film The Yes Men Fix The World (which I saw at Cinema City in Norwich, recently broadcast on TV and now available on DVD).  They produced and circulated a note-perfect spoof New York Times.  No injunctions there.  Perhaps Associated are a little more sensitive about the fine brand that is Metro.

But seriously – how can a newspaper, in good conscience, go for an injunction like this, the type of thing that if it were served on a newspaper would provoke immediate (and fair) criticism of judges stopping the presses at the eleventh hour and suppression of press freedom.  The political campaigners and satirists behind Metr0 may not have the record of Private Eye, but to be the subject of an attack from a newspaper is just bizarre.  The fact that the basis was IP rather than defamation or privacy does not change this.  I feel like Neil Kinnock’s 1985 grotesque chaos quote is hanging over this…

Now I have a bit of prior interest in this area, and it’s only fair to point it out. I wrote an overview of a bundle of legal issues, published in 2009 here. At the time, I was a little concerned (and mentioned in passing) about this issue of responsibility for the actions of others using the network. It formed part of the broader theme (which was amplified in contemporary press coverage) that wireless networks play an important social role in providing access to underserved groups and thinking about Internet use as something beyond a way in which ISPs make money. I suggested that there might be some conflict between defining the admin of a wireless network as a customer of an ISP (subscriber) or as the operator of another provider (public electronic communications network). There are advantages and disadvantages either way. The Bill, though, seems to take this doubt, refuse to answer it, and throw in some previously-unknown restrictions that I would now argue are a serious threat to the development of open networks that I did not then anticipate. This is not to suggest that I had any great insight – quite the opposite, I feel as if my crystal ball needs an upgrade. That said, on with business.

The current state of play is that the Government is not prepared to consider exemptions. The argument is a rather ignorant one that an exemption e.g. for libraries would lead to abuse of the exemption and even fake institutions taking advantage of it.

We have considered the extent to which an exemption might be provided in the legislation. We cannot give blanket exemptions for any such establishment. This would send entirely the wrong signal and could lead to “fake” organisations being set up, claiming an exemption and becoming a hub for copyright infringement. Similarly existing establishments might simply ignore the issue of copyright infringement (or treat as “too difficult”) and allow users to infringe copyright with effective immunity.

This is a little surprising, given the range of existing special provisions and exemptions in the law for libraries; the Copyright, Designs & Patents Act 1988 contains stacks of them. Presumably on the Government’s new view they should all be repealed forthwith. Great.

Furthermore, it’s also being suggested that operators of open wifi be required to put in place untested, burdensome and potentially pointless restrictions such as peer-to-peer blocking, commercial filtering software, and terms and conditions for users. Registration is also suggested – just like pay-as-you-go mobiles, the intention to have a complete record of users is clear. This is putting in place restrictions that are not currently required under UK law. Filtering software is not a legal requirement in this jurisdiction nor should it be. Effectively requiring it for cafes, universities and libraries – at the very time that we are suggesting that the future is based around Internet delivery of everything from video news to Government services – is absurd. Surely a system like this will lead to an environment where there are fewer open networks and those that remain being crippled. The presumption in the new proposals is that the best network is a closed network – indeed, one idea is that admins be sent instructions on how to secure the network. I am, as I mentioned above, already associated with the anti-closed network view, but I accept that there are complex arguments here. That said, this is something that should be considered in full, rather than as a subset of a subset of a copyright debate. If wireless networks are to be controlled, this should not be achieved through the nod and wink approach of allowing open networks but forcing those who provide them to change the essence of Internet access through the threat of liability for supposed copyright infringement. Given that the Government refuses to say what the status of the wifi admin is, it’s far too early to decide what their responsibilities are, especially when the net result of those responsibilities is a dystopian vision of the version of the Web used in primary schools. I’ll leave the final word to the document, which appears confused as to whether it is a legal proposal, a statement of fear, or a sales pitch for software:

Wireless connections are harder to secure. It is straightforward to limit use to only authorised users – via a password or by registering the PCs that can access. Access might also be limited to particular times of the day. Preventing authorised users from miss-using a connection is more difficult. One option is to route all traffic via a proxy server which does not support or allow (eg) use of file-sharing technologies. Another is to place similar restrictions on the router.
The “Get Safe Online” website (http://www.getsafeonline.org/) – supported by HMG and Ofcom – lists three companies who provide filters and software which can block or filter content and who can also block the use of P2P programmes: Cybersitter, Net Nanny, and Cyberpatrol.
It also provides a link through to other sites such as GetNetWise.org which lists and evaluates a wider range of products including BSafe, Safe Eyes, ChildSafe and Cybersentinel.
These products typically cost in the region of US$40 (about £30) and allow the user to block the most popular P2P applications such as: Bit Torrent, eMule, Gnutella, Kazaa, Morpheus, and Limewire.

The talk was divided into five major sections: the idea of dual use technologies, a review of the case law, a discussion of the relationship between creativity and innovation, an argument regarding three asymmetrical issues, and a case for the benefits of P2P and similar technologies.

I’m going to assume that readers are relatively familiar with the first topic (a description of how P2P works) and with the inglorious history of cases like Napster, Aimster and Grokster. Carrier criticised the direction of these cases, reserving particular criticism for the idea of inducement as seen in the Supreme Court’s opinion in Grokster. For the third section, he touched on these points: alternative reason for the apparent decline in CD sales, alternative remedies (to secondary-infringement litigation) such as direct infringement cases, legislative lobbying and technological protection measures, differing concepts of creativity outside major record labels, and – crucially – the role of new technologies as disruptive innovation creating or contributing to new markets.

The next section dealt with what were argued to be three asymmetries, innovation, error cost and litigation. Taking them in order, the discussion of innovation suggested that the less-tangible non-infringing uses (and associated business models) lose out to the heavily emphasised perils of the infringing use; the error costs, borrowing from competition law, in this context highlight the cost of a potentially erroneous decision to stifle the new services; in terms of litigation, this is a particular problem when new entrants lack the deep pockets of incumbents for protracted litigation.

In conclusion, Carrier pointed to the possible benefits of P2P, mentioning again the possible move away from established industry ‘tastemakers’ and the efficiency of BitTorrent as a distribution method, but also referred to ideas like P2P search as an alternative to Google’s strong position. A very lively Q&A included the idea of dual-use technologies as a platform for free expression, problems with policy-making and regulatory capture, how to define innovation and creativity, quantifying the error cost of the ‘wrong’ decision, the differences between music and movie industries, and the ability of market leaders to be both incumbent and insurgent. It was an interesting argument, possibly easier to apply in the case of the music industry than others, but with useful illustrations of the relationship between IP and antitrust/competition law and the ultimate purpose(s) of copyright legislation. However, it is also quite the reminder how far the current parliamentary debate in the UK on the copyright provisions of the Digital Economy Bill is from the various provocative ideas that have been circulating in the academic side of copyright for quite some time now.

This submission is primarily concerned with privacy online, consumer rights, international developments and diversity of provision. With regard to user privacy, the Settlement is light on safeguards so the Commission is advised to intervene promptly to ensure the protection of fundamental rights and enforcement of EU law. In terms of digital rights management, we call for the Commission to raise the basic ‘floor’ of consumer rights to ensure users are not unduly restricted in performing lawfully permitted activities. In respect of international development and access to knowledge, the Commission should seek to ensure that the service is made available to institutions outside of the US, particularly in developing states, and at appropriately discounted subscription rates. We also recommend that the Commission encourage competition between Google and others in providing digital books, and considers solutions such as compulsory licences.

The European Commission will hold a hearing next month on the European response to the proposed settlement in the (US) Google Book Search case. Some very provocative questions have been set out. The summary above, and the full document at this link (PDF) is the response of the UK-based Open Rights Group to the Commission’s call for comments. (Disclosure: I am an ORG supporter, and I contributed to the writing of this document).

For all the information you could ever need on the settlement, see the Public Index, a project led by James Grimmelmann at New York Law School (who has also summarised and responded to the ORG document at his blog)

Registration is necessary (although the event is free of charge): contact Dr. Martina Gillen to register or to request further information. The day will consist of informal talks from both OBU and BILETA speakers, as well as presentations by participants (please let Martina know if you wish to present or not).

If any readers of this blog do attend, do consider sharing your experiences of the day and of your fellow researchers, and if such students are not bloggers, I’d be very happy to host those comments as a guest post here.

Back after coffee for a roundtable discussion on legal issues of all sorts. In the chair is Raquel Xalabarder, who makes the perceptive remark that we still struggle with definitions of the platforms that we are talking about. Platforms, though, clearly create rights and obligations – for the users and for the owners.

Profs. Jane Ginsburg from Columbia Law School and Alain Strowel of Saint-Louis in Brussels but also a lawyer with Covington & Burling collaborate on their presentation, weaving back and forth regarding copyright issues. Strowel opens with a reference to the recent FT article on Facebook, highlighting the desire for openness, sharing and co-operation. This is ‘free’ but there is an invisible or dark side, which is the economics. IP fits into this category. As services develop, they become more IP-conscious – look for example at Twitter’s assertion of trademark. We should distinguish between content originated by the users and content that is ‘made by others’.

This brings us over to Ginsburg, who will look at user-created content; typically this content is automatically endowed with protection (subject to the usual fixation and originality requirements), reminding us that literary merit is not a requirement of copyright law. She reads extracts from the Facebook and MySpace standard terms and translates them into their real meaning – to me, this is the gift that never stops giving, and the audience responds accordingly. The Creative Commons icons are a useful way of adopting user-friendly and meaningful terms … but they are certainly not ‘self-enforcing’ and actual enforcement is extremely difficult (not to mention certain registration requirements under US law).

Strowel picks up the question of non-UGC (i.e. potentially infringing content published on these platforms) and the various degrees of liability, considering the possible infringements (distribution? reproduction? derivative work?) as well as limitations to the law (the unclear status of ‘making available’ as applied to mere placement on the Internet in the US). It is refreshing to go into this in detail – often we take for granted some of the more complicated ‘old’ aspects of copyright law (or what Strowel calls the mechanics of copyright) when considering it in the digital context.

Selected other comments (from both contributors – put together they engaged in a good discussion/rotation):

- there is an issue in comparing something like YouTube (where the infringing content on which secondary liability is alleged is ‘high value’) with other sites where this is not the issue.
- even under EU law there are different interpretations from state to state of implied licences as applied to copyright.
- Art 5 EUCD (limitations) is quite different to (the flexible but unpredictable) ‘fair use’ doctrine in the US – the various cases on thumbnails are discussed as an example of this.
- there are more intermediaries on the Internet than was expected – and they can be in different categories when it comes to liability; hosting providers (inc. social networking sites) are different to traditional web-hosts too (multiple third parties, many more pages than a normal website, intermediary both technical and advertising-based) – art 14 EUCD has a too-brief definition of hosting provider in any event (does it cover Facebook? Strowel argues it is not certain)
- brief discussion of the French cases: MySpace, DailyMotion, Google Video have all been the subject of legal proceedings with some inconsistent results and some elaboration on the concept of notice; all of this is in the context of the (unresolved) Viacom case in the US, which may well be superceded by industry principles.
- YouTube’s business model is affected by the steps required to keep the safe harbour: they cannot tailor their advertising in the way that they might like to, as doing so would affect their categorisation
- can a HADOPI-like solution deal with repeat infringers outside of the ISP context?

Speaking separately, Antoni Roig, a professor of constitutional law at the home-town Universitat Autònoma de Barcelona, brings the questions back into the realm of public law, but also wondering what the differences are between ‘IT law’ and ‘IT for lawyers’, and how jurists and engineers approach privacy in different ways. (Interestingly, he says that the Spanish data protection regulations date from 1978, along with the Constitution). Privacy and data protection can have different aspects – they are in many respects separate legal regimes, with the EU having a particular role on data protection and the role of the Article 29 Working Party. The courts have acknowledged a right to data protection but there is also the use of the human dignity clause as a way of ‘updating’ rights. Is the US moving towards an EU-style data protection framework?

Roig summarises the A29 approach as including on principles of
- awareness amongst the users not to give data if necessary (& this affects the providers too; the principles mention this which is a surprisingly radical move towards ethical engineering)
- informing the user e.g. when there has been a breach

He also has some good words for the role of privacy-enhancing technologies (PETs), and how they play a part in a constitutional concept of privacy based not on law alone. Persistent pseudonyms are crucial to success here. (We will be returning to data protection in the afternoon session). By designing for privacy, we can achieve a long-term solution even though there may be short-term difficulties with making it work. Legal scholars have not really legitimised these technologies yet, though there is potential for showing a court that a tool that protects privacy could prevent a violation of fundamental rights. Concluding, he argues that the European approach to RFID, where incorporation of privacy at the design stage is being encouraged, is promising and brings with it some optimism.

Issues covered in the Q&A included the power of terms and conditions, the potential for advertising revenue without violating safe harbour, the difference between the ‘user’ and the ‘provider’ terminology (should bloggers be considered providers for safe harbour purposes?), multiple vs unique pseudonyms (and the relationship with biometrics), the convergence between trademark law and domain name policy (with Facebook URLs being a good example of where there is controversy), the L’Oreal/Ebay litigation at the ECJ and the French courts

Sotiria Kechagia (Queen Mary) on how to manage copyright in the digital environment. I was a bit slow to start here, so apologies for missing part of the presentation. Looking with three approaches:
(a) DRM/TPM: governed by article 11 WCT, article 18 WPPT, DMCA and UECD implement; but we don’t understand the interface between DRM and limitations/exceptions, interoperability etc / management and contracts: no specific copyright contract rules, EULAs prevalent, and is there harmonisation? / collective rights management (how can they adapt to digital?)
(b) e-business models: pay-per-download or per-use, service convergence, Noank – but no common understand what new business models means for copyright
(c) Open Content Initiative: users access, create, modify etc the works: questions on creativity, role of authors

Users are creators too; copyright itself is changing in terms of subject matter, first ownership etc – and of course enforcement. What about various ideas such as sui generis approach, independent authorities like HADOPI (more on that in a moment), fundamental rights, the flexibility (or not) of the Berne three-step test…not forgetting that there is a creativity dimension (it is, apparently, the European Year of Creativity and Innovation).

Nicolas Jondet is presenting about a very controversial, current topic – the he French copyright authority (HADOPI), graduated responses and disconnection (outside France, often refered to as three strikes, though that means little within France/in French!). This reminds me that I really have dropped the ball on covering the Eircom issue in Ireland; Nick Scharf at UEA is working hard on comparative approaches to this question. Anyway, back to Nicolas, who starts with an explanation of the Olivennes report, including Olivennes’ own background with Fnac, and the wide consultation that took place. The report argued that there was a need for a better ‘legal offer’, but quickly Sarkozy stepped in and demanded action and the debate moved from report to draft law very quickly.
1. The media industry should act (VOD, no DRM, shorter release windows, seek VAT change at EU level).
2. Modifying the response to piracy, from strung but ineffective criminal provisions (hampered by constitutional difficulties with previous reforms): but technological and contractual solutions were found to be inappropriate or inadequate.
3. Graduated response – rebrand the DRM watchdog into a broader authority (HADOPI) with new missions to monitory piracy and implement the graduated response.
The response is a regulated warning phase (brought before HADOPI) which includes email/formal letter. There can be a disconnection, then, which should also apply to other operators (national directory of barred persons). Subscribers can follow recommended security, or even appeal the sanction to a court (Paris Court of Appeal, then Cour de Cassation). The response has been civil society campaigns (like la Quadrature), raising concerns like privacy, proportionality, the right to Internet access, technical questions (like triple play – ask Jacqui Smith!), and indeed the legislative/lobbying process behind the new law. However, there has been strong support in the Senate (a little less so in the Lower House), and the law is likely to pass. There may well be a constitutional reference too. Finally, there is the EU (Parliament) dimension (Guy Bono) – attempt to prevent disconnection (inc. in the Telecom Package), condemnation of the French proposals, and possible conflicts? [Lively question and answer - covering everything from standards of proof to the prospects for the legislation to the obligation to secure networks (open wifi etc) to the crucial question of proportionality - too much to follow!]

Finally, Tobias Bednarz addresses the question of collective management of music copyright.
1. He starts with a quick explanation of collective copyright management: exclusive rights exercised/enforced through collecting societies, collecting from commercial users. Typically, rights-holders transfer all their worldwide rights to the collecting society. This means that a user in one country would need multiple licences – so in practice CISAC coordinates this through a series of bilaterial agreements. Thus, each collecting society can issue ‘multi-repertoire licences’, being a monopoly within a territory.
2. This is under significant pressure due to online exploitation. Territorial boundaries are barely there, and there’s not even a EU-wide copyright. So the provider needs a number of licences. The ‘one-stop-shop’ advantage is gone, and then there’s….
3. EC competition law: can you go through a foreign collectng society? Lucazeau and Tournier cases, where nightclubs wanted to get licences from foreign collecting societies. ECJ found territorial limitations were not included in the reciprocal arrangements, and no concerted practice present (esp due to objective reason for societies not to engage in foreign markets). Revisited in CISAC (Commission decision) re Music Choice (more about it here), where it’s found that there is parallel behaviour and no objective reason due to online activities. This has been criticised that it is vague, and also the fear of a ‘race to the bottom’ (though administration costs might prevent this?)
4. The way forward:
- unconcerted responses (independent review of territorial restrictions), but does that really help the download store
- concerted response, meaning that the download store would have a choice (within the EEA).

That’s it for today’s SCRIPTed blogging. More tomorrow, battery etc permitting

Pleased to be at the RSA – since 1754, ‘how do we get innovation right, how do we encourage it?’ – incentives not based on IP. We fail to understand the public domain – needs to be balanced with IP and the current approach is unbalanced and not based on evidence. That’s the theme of today’s talk. But first:

• Which network would you choose (in 1992) – Network #1: like a global version of Ceefax/Minitel (State or privately controlled network with terminals, approved, safe sites) or Network #2: the (then) Internet, completely open, distributed, free protocols, anyone can connect/do anything at any end, possibility of malicious/exploitative content. Which one would you invest in? The former seems safer and more sensible and the latter sounds insane (despite the innovation it subsequently enabled)
• Second question: design an encyclopedia better than the Britannica. Choice between a top-down command model, hierarchy of researchers, protected by copyright, guarantee of authenticity vs “I’d like to put up a website, where people could post stuff”
• Third question: software! Would you control copying or allow it to be done freely? “Linux, seen from 1992, is economically irrational”
• The point is that we have a ‘bias against openness’ – we see the (real) dangers of openness, our ’20/20 downside vision’ – we should be aware of this bias as we’re making our cultural and social policy on this basis. It’s based in part on property/goods.

US and UK share a legal tradition of protecting freedom of expression. “The greatest examples of censorship in the history of democracy” were term extension (in the 1970s). What would the public domain have looked like today if the rules hadn’t been changed? Yet we expanded, and so much work is still covered by copyright, including massive amounts of orphan works, automatically covered on fixation. The vast majority of content eg. in the Library of Congress is commercially unavailable but covered by copyright. I’d rather we gave those copyright holders with works commercially available a big pile of cash and put everything else into the public domain. And with the Internet, that material could have been made available – for free. Our rules are ‘uniquely badly designed’ for the world we live in.

Discusses his lovely phrase of ‘cultural agoraphobia’, the fear of openness. And here comes an example: The WWW was developed in order to aid science. But it has become a brilliant source of easy access for books, shoes, travel, cultural information, porn. But for science itself, the Web is more like Compuserve. Researchers are funded by Government and the money is well spent – yet until recently there was no requirement to make the results available openly; commercial journals were the only way and you had to pay to read it on the screen. It’s not just for reading – why does the Web work with malicious/biased/stupid posters? The reason is the links(, dummy). People don’t link to the loonies, so the links are the peer review. Where are the links for science? There are no links other than the citations in the footnotes; when we built the Web, hyperlinks couldn’t work due to the walls. Imagine if we could do this! But: we’ve been doing some stupid things, making policy without evidence, doing retrospective extension.

Will tidy up later!