The anti-piracy elements of the UK’s controversial and much-delayed Digital Economy Act are continuing their slow march to implementation with the publication of OFCOM’s updated Initial Obligations Code today.
As the DEA dictates, ISP accounts linked to peer-to-peer infringements will be subject to receiving a series of notifications warning the bill payer that their activities (or those of people in their household) are unacceptable and in need of change.
The amendments to the Code, which provides a set of standards and procedures by which the anti-P2P (mainly BitTorrent related) elements of the Act will be governed, are very much a mixed bag.
First, and on the plus side for subscribers, is that evidence collection systems of copyright holders will have to fall into line with OFCOM standards before they can send any CIRs (copyright infringement reports) to ISPs.
Additionally, the Code states that copyright owners may only send a CIR if they have ‘gathered evidence in accordance with the approved procedures’ which lead to the ‘reasonable’ belief that the subscriber has infringed a rightsholder’s copyright or that he has allowed someone else to use his account in order to do so.
In the original version of OFCOM’s Code rightsholders were given 10 days in which to send CIRs to ISPs, but in the updated code they are allowed a month following the time of detection – roughly three times longer than before.
For their part, ISPs were previously allowed 10 days from receipt of a CIR to notify a customer that they had been tracked. That period has now been extended to one month. This means that there could be a 60 day gap between an alleged infringement and a subscriber being notified, up from just 20 days.
On the downside for consumer protection is the complete removal of a clause which allowed ISPs to reject rightholder CIRs if they felt in their ‘reasonable opinion’ they were invalid.
Originally it was envisaged that so-called ‘first and ‘second’ strike warnings would go out via email with only the ‘third’ going out by recorded regular mail. That has now been scrapped. All warnings will now go out by regular first class mail, meaning that there will be absolutely no proof that a subscriber has received his third warning.
In addition to conveying the warning itself, CIRs will now have to show the time and date when any infringement took place (as opposed to simply when the evidence was gathered) and also display the number of previous CIRs sent to the subscriber.
OFCOM reports that it has also introduced a requirement that there be a 20 day gap introduced between the date a previous CIR was sent out to a subscriber and evidence being valid for the creation of a subsequent CIR.
Under the previous iteration of the Code, copyright owners would only be able to request a copyright infringement report from ISPs once every three months, and the service provider would be given 5 days to produce it. That three month period has been reduced to a single month and ISPs will have double the time – 10 days – to produce it.
Under the Code subscribers will be able to lodge an appeal against wrongful accusations of infringement. The time to do so has now been clarified as 20 days from the date of receiving a CIR. It will cost an Internet account holder £20.00 to do so.
Finally, the amended Code ends with notes that the UK Government ordered the removal of two elements, both of which would have given a level of protection to subscribers.
‘On the instruction of Government we have removed the ability for subscribers to appeal on any other ground on which they choose to rely,’ the report notes, adding:
‘On the instruction of Government we have removed the requirement for ISPs and copyright owners to provide a statement showing how their processes and systems are compliant with the Data Protection Act.’
This draft Code is now open for a one month consultation period before being presented to parliament later this year. Letters will start going out in 2014…..maybe.
The full report is available here.
Digital Economy Act not in breach of EU laws, Court of Appeal rules: “A controversial law that forces internet service providers (ISPs) to help combat illegal file-sharing is lawful, the Court of Appeal has ruled.”
(Via OUT-LAW News.)
Digital Economy Act’s copyright provisions should be repealed, Lib Dem policy proposal says: “Copyright laws set out in the Digital Economy Act (DEA) are ‘deeply flawed and unworkable’ and should be abolished, a Liberal Democrat policy proposal has said.“
(Via OUT-LAW News.)
For all blocking methods circumvention by site operators and internet users is technically possible and would be relatively straightforward by determined users. (p.5)
Despite this, however, one branch of the UK Government still appears determined to keep its head in the sand, and according to that report:
The Department for Culture, Media and Sport has redacted some parts of this document where it refers to techniques that could be used to circumvent website blocks.
Unfortunately, the technical competence of the DCMS appears to be somewhat limited, and the sophisticated redaction was (ironically?) also easily circumvented by copying and pasting from the PDF. Here are the portions of the report which the DCMS attempted to quash. Text in italics was not redacted but appears for context:
Bypassing IP address blocking is technically straightforward for those who have an incentive to do so.
The blocked site operator may:
• change IP address but stay on the same network (i.e. on the same hosting provider);
• move to an entirely new network (to a previously unobserved IP address);
• offer encrypted network services which obscure the true network address/destination such as Virtual Private Networking;26,27 or
• server operators may institute a Fast Flux network (where users run software on behalf of blocked site which hides the true network address of the blocked site).
There are other methods available to site operators. When moving to a new IP address a site operator may register multiple IP addresses for a given site in order to maintain service in the event that some of those individual IP addresses are blocked. This approach has legitimate purposes also.28 Furthermore, by setting a low ‘Time to Live’ (TTL) Domain Name System (DNS) record value, determining the length of time that the IP address for a particular domain (expressed in seconds) remains in remote name server caches, it is easier for a site operator to move IP addresses without end users losing access. Where a low TTL is expressed the ISP DNS name server resolution cache is purged quickly thereby ensuring that newly assigned site IP addresses are retrieved from the authoritative name server and site accessibility is maintained. Figure 13 below shows that the TTL value for ‘kickasstorrents’ is one hour, demonstrating that any changes to IP address to DNS name are refreshed and propagated within ISP DNS servers in just over an hour.
Figure 13: Kickasstorrents DNS record Time to Live (1 hour) Name TTL Class Record Address
www.kickasstorrents.com. 3600 IN A 22.214.171.124
www.kickasstorrents.com. 3600 IN A 126.96.36.199
www.kickasstorrents.com. 3600 IN A 188.8.131.52
www.kickasstorrents.com. 3600 IN A 184.108.40.206
www.kickasstorrents.com. 3600 IN A 220.127.116.11
26 Ipredator – Surf anonymously with VPN and proxy https://www.ipredator.se/?lang=en
27 UK based VPN services facilitating access to copyright infringed material may be subject to site blocking injunctions. UK VPN operators may institute site blocking at the VPN egress point. NB: we are not aware of any UK based VPN service marketed or positioned for such activity. Such services are likely to be non-UK based.
DNS blocking robustness
For site operators and end users with a sufficient incentive to engage in circumvention DNS blocking is technically relatively straightforward to bypass:
• the blocked site may offer services such as Virtual Private Networking, which is where encryption and other security measures are deployed to ensure that the data cannot be viewed by third parties (DNS name resolution may occur within the VPN providers network thereby bypassing the ISP based DNS site-blocking);
• the end-user can change their DNS name servers to 3rd party DNS name servers;32,33
• users may use anonymous web proxy or other anonymising services which are not reliant on the ISP DNS servers; or
• name resolution may be performed locally by adding an entry to a hosts file (IP address resolution information can be obtained from websites running a web-enabled equivalent of ‘nslookup’ command).
32 Google Public DNS – http://code.google.com/speed/public-dns/
33 OpenDNS Store > Sign up for OpenDNS Basic: – https://store.opendns.com/get/basic/
For end users who want to bypass blocks there are several options. For instance, there are many legitimate alternative DNS providers to ISP DNS registries. Examples include OpenDNS and Google DNS. We consider the changing of DNS servers to alternative providers to require low technical skills, as the providers offer clear instructions using plain English. For instance, switching to Google DNS requires 11 steps for Windows users and only 8 for those using MAC OS.
With a modest understanding of internet technologies it is possible to access a site by entering the site IP address (if multiple websites are hosted at the same IP address the user will be displayed the default web site or page for that web server/IP address). Site operators can draw attention to online web based and alternative sources of DNS name resolution within emails to their user base or via online forums.
Other channels that site operators could use to widely distribute advice on how best to circumvent DNS blocking could include posting to online forums, Really Simple Syndication (RSS) or updates via micro blogging sites such as Twitter ®. The advice could include changing to unblocked DNS name servers, Virtual Private Networks and proxy services or other anonymising systems. Similarly, site operators may quickly mirror or make copies of a blocked site on new top level or country code domains pointing towards new IP addresses e.g. www.blockedsite.cc; www.blockedsite.ru; www.blockedsite.vn; www.blockedsite.net.
Techniques that may undermine URL blocking include:
• web site operators providing encrypted access to their web sites via Secure Sockets Layer/ Transport Layer Security i.e. https connectivity https://www.example.com/downloads/pirate.zip;
• a site operator may run a website on a network port other than port 80;
• the site operator changing the IP address and bypassing the network routing announcements;
• a site operator registering a new domain name e.g. www.example.net or www.example.org;
• the blocked site offering services such as Virtual Private Networking;
• the use of anonymous web proxy or other anonymising services;
• the site operator reorganising the site structure if the blocking is conducted against specific URLs; and
• the site operator or end user encoding URLs to bypass blocking.
Packet inspection blocking robustness
Both shallow and deep packet inspection can be bypassed by site operators using the following means:
• changing the IP address but staying on the same network;
• moving to an entirely new network (to a previously unobserved IP address);
• the site may use network encryption techniques such as Virtual Private Networking to render scrutiny of the IP packet‟s payload or real IP address destination impossible, given the technology available today; or
• the site operator may add or remove site IP addresses from a pool of IP addresses.
End users who wish to circumvent packet inspection may opt to use anonymous web proxies or other anonymsing services.
As with the deployment of any of the single primary techniques, the hybrid approach is also susceptible to circumvention by the use of anonymising tools such as The Onion Router, VPNs or anonymous proxy services.
Anonymous Web Proxy Service that allows users to place web requests via an intermediary server. The proxy server makes the connection on behalf of the user thereby hiding originating IP address and bypassing blocking network techniques.
The Onion Router (ToR) Anonymity network originally developed by the United States Navy. Used in many countries to bypass state censorship.
Needless to say, a department which is unable to censor a single PDF does not exactly inspire confidence when it proposes to introduce blocking for the entire UK internet, and it is just as well that the UK government has today announced plans to abandon the blocking provisions of the Digital Economy Act.
Yesterday the UK government announced that following a report from regulator OFCOM, plans to block alleged copyright-infringing websites would be dropped. However, there was a second report where OFCOM detailed ways of keeping the costs of Digital Economy Act infringement appeals down. The document carried the usual redactions but TorrentFreak has put on its X-ray vision for your viewing pleasure.
Yesterday, detailing the government’s response to the Hargreaves report, business secretary Vince Cable confirmed that the website blocking provisions put in place under the controversial Digital Economy Act will be discontinued. The decision coincided with an OFCOM report which noted that website blocking would not be effective.
OFCOM also released a second report titled Digital Economy Act, Online Copyright Infringement Appeals Process: Options for reducing costs.
On the front page of the report there is a note that redactions have taken place to censor sections relating to ‘on-going policy development’ of the Department of Culture, Media and Sport.
The DCMS did a better job of hiding the blacked-out text than earlier in the week but not so good as to keep out TorrentFreak and our X-ray specs.
The first redaction on Page 3 says simply ‘Revisit the grounds for appeal set out in Ofcom’s draft Initial Obligations Code’ but two pages later things start to get much more interesting. It seems the government (or more likely their friends in the copyright lobby) doesn’t want talk of an error-prone system becoming public.
Page 5 – OFCOM wants rights holders’ accusations to be ‘quality assured’
Ofcom has also sought to ensure efficiency by introducing into the Code a requirement that Copyright Owners take part in a quality assurance process with the aim of minimising errors. This should help to reduce the number of wrongly identified infringements and subscribers. (ISPs can also have some impact here by ensuring that the letters they send to subscribers make clear the implications of receiving a notification).
A ‘quality assurance process’ sounds like a great idea, but who could be trusted to implement such a regime and ensure independent scrutiny? Anti-piracy tracking companies are notoriously secretive and unlikely to be open about the short-comings of their ‘proprietary systems’.
Page 11 – Government rejects OFCOM suggestion of subscriber appeal ‘on any reasonable grounds’
The grounds set out in the Act are non-exhaustive and we reflected this in our drafted Code by including an option to appeal on ‘any other reasonable ground’. This was intended to provide an efficient mechanism through which to avoid a lengthy revision of the Code should subscribers find additional, but reasonable, grounds for appeal as technologies and consumer behaviours evolve.
We understand that Government believes we should not include this mechanism in the final Code
It is far from clear why the government wishes to remove the right for a citizen to appeal a wrongful accusation on ‘any reasonable ground’. What is clear, however, is why the government might wish to redact this statement from the report – it looks very bad indeed.
Page 11 – ISP IP address matching to be ‘quality assured’
We have also introduced into the Code a requirement that Copyright Owners take part in a quality assurance process with the aim of minimising errors. We are proposing to sponsor a similar standard for the IP address matching processes of the ISPs, although participation will be voluntary. This should help to reduce the number of wrongly identified infringements and subscribers (appeal grounds (a) and (b)). We anticipate that the majority of appeals will rely on ground (c) in the absence of systematic failures by a Copyright Owner or ISP under the Code.
When it comes to copyright infringement cases ISPs make errors so it is good they will be required to adopt similar ‘quality assurance’ processes as rights holders. However, how many will choose to do so when participation is voluntary remains to be seen.
Redactions on page 17 merely repeat details covered in earlier redactions. Redactions on page 19 likewise, save a comment that a rightsholder ‘quality assurance’ process
….does not create a rebuttable presumption in favour of the rights holder but should help bring down the proportion of incorrect CIRs [Copyright Infringement Reports] and therefore appeals costs since there are likely to be fewer meritorious appeals in this respect. This quality assurance is also intended to make sure that the number of CIRs rejected by ISPs for process reasons is minimised
The full but redacted document can be downloaded here.
Individuals will have to pay to contest copyright infringement warnings, Government says: “Internet users who risk being blacklisted as illegal file-sharers will have to pay £20 to appeal against warning letters they receive about their behaviour, the Government has said.“
(Via OUT-LAW News.)
Mark Sweney and Josh Halliday
guardian.co.uk, Tuesday 2 August 2011 14.02 BST
Vince Cable, the business secretary, will say on Wednesday that government plans to block illegal filesharing websites under the controversial Digital Economy Act are in effect unworkable.
Outlining the government’s response to the Hargreaves report on the future of UK copyright law, Cable is also expected to announce legislation to sweep away restrictive rules on file copying and parody works.
In a speech at the British Library on Wednesday, the Liberal Democrat minister will outline the next steps for the introduction of the delayed Digital Economy Act.
Cable will row back on one of the act’s most contentious measures – introducing legislation to block access to copyright-infringing websites – and instead say that the existing Copyrights, Design and Patents Act is powerful enough.
That follows last week’s landmark high court ruling, which forced BT to cut off access to Newzbin2, a site found to be infringing copyright ‘on a grand scale’.
Cable’s intervention comes as ministers struggle to implement anti-piracy measures outlined by the Digital Economy Act rushed through by the Labour party at the end of its time in office.
The first warning letters to be sent to Britons accused of illegal filesharing are now not due until the second half of 2012 – more than a year later than originally planned.
A series of legal challenges have meant that cutting off the internet connections of serial pirates is unlikely to begin until 2013 at the earliest.
Cable is also expected to announce a ’scoping review’ into the viability of a setting up a digital copyright exchange, one of the key proposals of the Hargreaves report published in May – in effect kicking the idea into the long grass.
The rights exchange, which would effectively be a one-stop shop to make lawful use of copyrighted material easier, received ’serious pushback’ from media companies, according to one industry source. Film and music companies and broadcasters are understood to have raised a number of issues about the proposed exchange, including fears that it may contravene various European regulations by forcing all rights holders to participate. One industry source said that if it was a full ’stock exchange’ trading platform it may not generate as much revenue as selling rights directly.
The government is anticipated to legislate to sweep away many of the UK’s archaic intellectual property restrictions that make it technically illegal to transfer content from CDs or DVDs to other formats, such as iPods. The reforms will also make it legal for Britons to burn copies of music and video files for family members to use, and give legal protection to spoof works.
Cable has previously said that private copying is carried out by millions of people who are ‘astonished’ that it is technically illegal. He said: ‘We need to bring copyright into line with people’s expectations and update it for the modern digital world. This will free up innovative British businesses to develop new consumer technology and help boost economic growth.’
Cable is expected to outline further changes to the DEA, including how costs are apportioned between rights holders and ISPs. The judicial review ruled in April that ISPs should not foot the bill for setting up an appeals body.
Ed Vaizey, the communications minister, is understood to have set a date of mid-September to get ISPs and rights holders to another roundtable meeting aimed at curbing infringing sites voluntarily.
However, many rights holders are dismayed at the delays in implementing the Digital Economy Act. ‘What we would very much like is the government to get on drafting and writing the code that goes with the DEA and to fast-track the legal process so it doesn’t take hundreds of thousands of pounds and a long time to sort these things out,’ said Lavinia Carey, director general of the British Video Association.
BBC News – Digital Economy Act court challenge fails: “Digital Economy Act court challenge fails
20 April 2011
A legal challenge to the Digital Economy Act has failed get the controversial legislation overturned.
The judicial review, requested by BT and Talk Talk, rejected claims that Parliament had overstepped its powers with anti-piracy measures.
However, Mr Justice Kenneth Parker upheld one of the objections, relating to who pays for the law’s enforcement.
Today’s ruling was welcomed by copyright holders who said that it would help reduce illegal file sharing.
The act, which was rushed through Parliament before the 2010 general election, obliges internet service providers (ISPs) to co-operate with rights holders in identifying computer users who may have downloaded music, software or videos illegally.
BT and Talk Talk mounted a legal challenge in the High Court, claiming the legislation violated several European laws on commerce and privacy.
Justice Parker rejected four of the five points put forward by the ISPs but ruled in their favour regarding a piece of associated legislation that makes service providers liable for 25% of the cost of policing their users.
The government will now be forced to re-examine the draft costs sharing order, however it is unlikely that will significantly delay the implementation of the Digital Economy Act.
In a statement, BT expressed its disappointment with the ruling.
‘Protecting our customers is our number one priority and we will consider our options once we have fully understood the implications for our customers and businesses.
‘This was always about seeking clarity on certain points of law and we have to consider whether this judgment achieves these aims,’ said a BT spokesperson.
The government said that it was ‘pleased’ with the High Court’s decision and that it would set out the next steps for implementing the law shortly.
Prior to the Digital Economy Act, content producers, such as record companies and film studios, had argued that the UK needed legislation to help them pursue illegal file sharers.
Continue reading the main story
This judgement gives the green light for action to tackle illegal downloading in the UK.’
End Quote Geoff Taylor British Phonographic Institute
What they eventually secured was a law that compels ISPs to write to their customers at the rights holders’ behest, warning them to cease their behaviour.
If the the customer does not comply, their ISP may eventually be asked to limit the user’s internet access or, in extreme cases, make their personal details available so legal action can be taken.
Opponents of the Digital Economy Act claimed that it allowed for severe sanctions against computer users, based on little more than the word of a large corporation.
They pointed out that the act also failed to clearly define a route of appeal for those users targeted.
Rights holders argued that rather than contesting the law, companies like BT and TalkTalk ought to have worked with them to try to iron out these problems.
One such group, the British Phonographic Institute (BPI) which represents record companies, welcomed Wednesday’s ruling.
BPI chief executive Geoff Taylor said: ‘This judgement gives the green light for action to tackle illegal downloading in the UK.
‘It confirms that the DEA is proportionate and consistent with European Law.
‘Shareholders and customers of BT and TalkTalk might ask why so much time and money has been spent challenging an act of Parliament to help reduce the illegal traffic on their networks.’
Committee launches a new inquiry into the Protection of Intellectual Property Rights Online – UK Parliament: “Committee launches a new inquiry into the Protection of Intellectual Property Rights Online
10 November 2010
The Culture, Media and Sport Committee issues a call for evidence on the Protection of Intellectual Property Rights Online
The Committee will consider the new framework for the protection of intellectual property rights online that is being established under the Digital Economy Act, and the extent to which it is a reasonable and sufficient response to the challenges facing creative industries and individuals in digital markets. Issues the Committee will be considering include:
The implementation, practicality and likely effectiveness of the relevant measures contained in the Digital Economy Act. In particular:
* Whether the new framework has captured the right balance between supporting creative work online and the rights of subscribers and ISPs.
* Whether the notification process is fair and proportionate.
* The extent to which the associated costs might hinder the operation of the Act.
* At what point, if at all, consideration should be given to introducing the additional technical measures allowed for under the Act.
More broadly, the scope for additional activity and new approaches to ensure that original work is appropriately rewarded in the online environment, including the issues raised by the Government’s review of the intellectual property framework. In particular:
* Intellectual Property and barriers to new internet-based business models, including information access, the costs of obtaining permissions from existing rights-holders, and ‘fair use.’
The Committee is inviting written submission on the above and other matters relevant to the inquiry. A copy of the submission should be sent by e-mail to firstname.lastname@example.org and have ‘The Protection of Intellectual Property Rights Online’ in the subject line. Submissions should be received by Wednesday 5 January 2011.
Guidance on submitting written evidence
It assists the Committee if those submitting written evidence adhere to the following guidelines:
Each submission should:
* state clearly who the submission is from, i.e. whether from yourself in a personal capacity or sent on behalf of an organisation
* be about 3,000 words in length / run to no more than six sides of A4 paper;
* as far as possible comprise a single document attachment to the email;
* begin with a short summary in bullet point form;
* have numbered paragraphs;
* be in Word or Rich Text format (not PDF) with as little use of colour or logos as possible.
Please supply a postal address so a copy of the Committee’s report can be sent to you upon publication.
It would be helpful, for Data Protection purposes, if individuals submitting written evidence would send their contact details separately in a covering email in a block of text laid out vertically. You should also be aware that there may be circumstances in which the House of Commons will be required to communicate information to third parties on request, in order to comply with its obligations under the Freedom of Information Act 2000.
Though there is a strong preference for emailed submissions, those without access to a computer should send a hard copy to:
Culture, Media and Sport Committee
House of Commons
7 Millbank London
A guide for written submissions to Select Committees may be found on the parliamentary website.
Please also note that:
* Committees make public much of the evidence they receive during inquiries. If you do not wish your submission to be published, you must clearly say so. If you wish to include private or confidential information in your submission to the Committee, please contact the Clerk of the Committee to discuss this.
* Material already published elsewhere should not form the basis of a submission, but may be referred to within a proposed submission, in which case a hard copy of the published work should be included.
* Evidence submitted must be kept confidential until published by the Committee, unless publication by the person or organisation submitting it is specifically authorised.
* Once submitted, evidence is the property of the Committee. The Committee normally, though not always, chooses to make public the written evidence it receives, by publishing it on the Internet (where it will be searchable), by printing it or by making it available through the Parliamentary Archives. If there is any information you believe to be sensitive you should highlight it and explain what harm you believe would result from its disclosure. The Committee will take this into account in deciding whether to publish or further disclose the evidence.
* Committees do not normally investigate individual cases of complaint or allegations of maladministration.
* Once submitted, no public use should be made of any submission prepared specifically for the Committee unless you have first obtained permission from the Clerk of the Committee.
For up-to-date information on progress of the inquiry visit the Culture, Media and Sport Committtee’s inqury pages”
Digital Economy Act to be reviewed by courts and Parliament: “The Digital Economy Act is to be the subject of a judicial review and a Parliamentary Inquiry. The news is the latest blow to the controversial law, which opponents said was rushed through the dying days of the last Parliament without proper scrutiny.“
(Via OUT-LAW News.)