A year ago, Walled Culture wrote about an extremely important case that was being considered by the Court of Justice of the European Union (CJEU), the EU’s top court. The central question was wheth…
From the article-linked ruling press release - what it means in practice, what this was about:
In order to protect works covered by copyright or related rights against offences committed on the internet, a
French decree introduced two personal data processing operations. The first operation consists of the collection, by
rightholder organisations, of IP addresses which appear to have been used on peer-to-peer websites to commit
such offences and the referral of those IP addresses to the Haute Autorité pour la diffusion des œuvres et la
protection des droits sur internet (High Authority for the dissemination of works and the protection of rights on the
Internet) (Hadopi) 1. The second operation, carried out by the internet access providers at Hadopi’s request, consists,
inter alia, of matching the IP address with the civil identity data of its holder. Those data processing operations
enable Hadopi to initiate a procedure against the persons identified, combining educational and punitive measures,
which may lead to a referral to the public prosecution service in the most serious cases.
I find the ruling press release is much more understandable (and much more informative) than the OP-linked article.
The second operation, carried out by the internet access providers at Hadopi’s request, consists, inter alia, of matching the IP address with the civil identity data of its holder.
Which just opens more questions: How long are ISPs allowed/required to store customer IPs, and then what happens if I have an open wifi: Can they just assume that I did it or declare me responsible anyway, that is, is it possible for a private individual to enjoy ISP privileges?
If you read more of the ruling, the ruling allows EU nations to impose requirements on ISPs. So the storage duration would be up to national law. (Which of course one may call into question bring before court on whether they are too long.)
The question of whether you are liable as a provider of open access is an independent question. Yes, it becomes more relevant if you as a provider can’t bet on anonymity anymore. But it’s independent.
Looking at DE Wikipedia, looks like previous EU court rulings were dismissing being held accountable, but there’s still one open. German law freed it in 2018. No mention of EU specifically in this article, so maybe it’s national concern - at least until the EU court makes a ruling.
From the article-linked ruling press release - what it means in practice, what this was about:
I find the ruling press release is much more understandable (and much more informative) than the OP-linked article.
Which just opens more questions: How long are ISPs allowed/required to store customer IPs, and then what happens if I have an open wifi: Can they just assume that I did it or declare me responsible anyway, that is, is it possible for a private individual to enjoy ISP privileges?
If you read more of the ruling, the ruling allows EU nations to impose requirements on ISPs. So the storage duration would be up to national law. (Which of course one may call into question bring before court on whether they are too long.)
The question of whether you are liable as a provider of open access is an independent question. Yes, it becomes more relevant if you as a provider can’t bet on anonymity anymore. But it’s independent.
Looking at DE Wikipedia, looks like previous EU court rulings were dismissing being held accountable, but there’s still one open. German law freed it in 2018. No mention of EU specifically in this article, so maybe it’s national concern - at least until the EU court makes a ruling.