Friday, June 10, 2005

Sweden: Anti-Piracy Group Broke Data Protection Laws

The Swedish Data Ispection Board has ruled that the anti-piracy group Antipiratbyrån has broken the personal data act by recording the IP addresses of file-sharers, their alias, the file name and the server through which the connection was established. The Data Inspection Board argued that if an IP address can be linked to an individual user it is should be classed as personal information and thus be covered by the personal data act.

Antipiratbyrån monitored and tracked the IP address in their effort to crack down on the file-sharing of copyrighted material through P2P networks. This crack down can hardly be called a great success for the anti-piracy group, especially from a public relations perspective. Starting with a raid by Antipiratbyrån on an ISP Bahnhof back in March the organisation has been under constant scrutiny and legal complaints. Its email correspondence with American counterparts was published on the internet, it was discovered that an infiltrator linked to the group might have planted evidence on the ISP's server, before thousands of Swedes reported the group to the Data Inspection Board. It is not yet clear if under today's ruling Antipiratbyrån's collection could be classed as a criminal offence. For some time now the group has been giving the IP addresses to the police directly, instead of storing them themselves for later prosecution.

The Swedish ruling stands in contrast with a decision by the French Data Protection Authority (CNIL) last April. CNIL decided that the software lobbying organisation SELL was allowed to send "piracy prevention messages" to file-sharers and collect their IP addresses in databases. As outlined in this earlier post CNIL said that
IP addresses will only get a "personal character within the framework of a legal procedure". It also thought that the actions presented by "SELL were likely to preserve a balance between the protection of the rights of the people of which data are processed and the protection of the rights from which the authors and other rightsholder profit." [translation mine-RL]
The Swedish Data Inspection Board has now expressed another opinion. However, it made clear that "an organisation may apply for exemption from the personal data act." Antipiratbyrån is expected to have their application for examination with the Data Inspection Board on Monday. So, one of Europe's liveliest P2P stories continues, and, compared to other countries, is just to start
- - -
Related Austrian Court: IP Address = Telephone Number = No Privacy Protection


Post a Comment

<< Home