back to article EU data ruling slaps filesharers with red herring

Internet users in the UK can safely ignore this week's EU Courts of Justice ruling on data protection for filesharing: it's already irrelevant. On top of that, the judgement covers an ISP belief system that's being rapidly eroded by governments and rights holders behind closed doors. Neither fact has stopped the judgement …


This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Ah well

    Guess I'll just be signing back up to encrypted usenet.

  2. IanKRolfe

    That's the way to do it...

    "*One ironic consequence of an established scheme to cut off filesharers without involving the courts might be that the bottom falls out of the new line of business being pursued by Davenport Lyons and other intellectual property ambulance chasers."

    Oh, wouldn't that be a shame.

    One in the eye for the legal ameoba.

  3. Dr. Mouse
    Paris Hilton


    Actualy they have a point.

    Anyone can connect to, say, a bittorrent tracker, and get a list of those leeching or seeding a file. This then removes the point of encrypted torrents, filtering/monitoring software at the ISP, etc. The list of IPs is there (so long as the tracker isnt password protected, this will be the next step).

    However, it doesnt stop such things as TOR. How would they be able to prove where the connection ORIGINATED? No matter, the ISP would just slap a warning on the user at the point where it joins the real world, and the lawyers would take the IP on the list to be proof that the person is, indeed, using P2P. Case closed.

    TBH I have real problems with the record industry. Firstly, the reason I dont buy music is because what they produce today is MINDLESS PAP. I am only 26, but I have only bought 1 record since the turn of the millenium (I know some think I should hang my head in shame, but I wont, it was Bat Out Of Hell 3). Anything else I listen to from the radio, or borrow friends CDs (never download illegaly ;) though lol), because I will probably not listen to it for more than a month or so, then it would get binned. If they want me to buy CDs, make some decent music.

    Also, the big bosses are the ones who make the money not the artists. I know this is true in every industry and is just a product of our capitalistic society, but it still bugs me.

    Third, those who download music probably wouldnt have bought it anyway. Most of those I know who do, do it because they have no money left over at the end of the month with which to buy CDs. These are the people who would, in the past, have copied a friends tape/CD/record. The record industry barely bothered with that, and yet that was probably the same scale of problem.

    My message to the record industry: If you want to make money, dont go after the filesharers who would never make you money anyway, and will just find ways to circumvent your attempts to shut them down, sell your music at a reasonable price, and/or make GODD QUALITY music.


    Paris Hilton because... well... WHO ARE YOU TO JUDGE MY CHOICE OF ICON?!?!

  4. Anonymous Coward
    Anonymous Coward

    They have an Internet connection....

    So part of the game logic could be on your companies servers. You then only serve to people you've sold the game to.

    Or you could do two versions, the stand alone version, and an enhanced version that requires a broadband connection, with extra bits on your company servers.

  5. Anonymous Coward
    Anonymous Coward

    @Dr. Mouse

    I'm me. Your choice of icon is shit. /razzes

  6. This post has been deleted by its author

  7. Albert Stienstra

    The analysis is not complete

    The court did not only rule that the member states have to ensure "especially in the information society, effective protection of industrial property, in particular copyright". The court also ruled that "such protection cannot, however, affect the requirements of the protection of personal data" .

    The court stated that the Directives allow member states to make exceptions [to the protection of IPR] to ensure confidentiality of traffic data.

    So, yes , it is up to the member states: they can lay down an obligation to disclose personal data in civil proceedings, but they cannot be compelled to do so by any EU Directive. If in the UK the government is already commited to dance to the pipe of the BPI, then perhaps for file sharing one had better move to another country...

  8. Anonymous Coward
    Black Helicopters

    He said leechers!

    n00b, they're just peers who aren't seeds yet, although some will probably be leechers.

  9. James

    Or Just

    Use a Torrent site that requires an invitation, login and has encripted trackers.

    - oh and avoid the largest ones as they are likly to be targeted/infiltrated first.

  10. Anonymous Coward

    @ Dr Mouse

    "Firstly, the reason I dont buy music is because what they produce today is MINDLESS PAP."

    Wrong, MOST of what is produced, or agreeably, all of what THEY produce is...

    "Anything else I listen to from the radio" See there's your problem right there. There's plenty decent music out there, you just have to find it. The radio is probably the worst place in the world to start, as it's either commercial or it's BBC, which for the most part play shit if it's through the day, or R&B pish which has overrun Radio1 these days. It depends what you like of course, plenty music I like was played by John Peel (a sad sad loss - RIP) on the radio many moons ago.

    Aaaaanyhoo, I find that a good way is to download a few things, info gathered on online shops' favourite lists and stuff like that, recommended things. I usually download a few, go through them, think nah, that's crap, nah, that's alright but neh, nah it's shit, now that's good. Delete the crap and buy what I like (from the amazon resellers cos it saves paying tossers like HMV for sticking it on a shelf and charging too much), it's the only way apart from listening to the radio for an hour a week at a stupid time to hear the kind of things I like..

    That reminds me, must rip the latest CD I just BOUGHT. Thankfully I can.

    Also, I like to buy the CD of things I like cos I still appreciate a decent stereo, unlike everyone with their pcs and "pods" that are paying for shit quality music? Fuck that, it's cheaper to buy the CD if you don't go through a shop. Goes to show how much actually goes to the artist. Far better to see someone live cos that's where the money is/should be.

    I'll stop now, I've gibbered on too long.

  11. Nick Drew
    Thumb Down

    petty, but worth making

    'national newspaper of record' - the Times? Have you actually read the thing recently?! It's basically the Sun with (slightly) fewer nipples on show.

    The only people who reckon the it's the national newspaper of record are the Murdochs and the editor-in-chief.

    By that count, I'm actually the regent-in-waiting of this fine country.

    Coat? Yep, it's the big red robe with the ermine, comes with a crown.

  12. Chris Williams (Written by Reg staff)

    Re: petty, but worth making

    Hi Nick,

    See "supposed" immediately before the passage you quote.

    - Chris

  13. Chris Branch

    Chicken and egg

    Why is filesharing popular? So people can get music they wouldn't pay for/can't pay for.

    Why can't the labels lower prices/improve legal download quality? Because they think filesharers have eaten away at their profit margins.

    Unfortunately until they realise how to monetise the filesharers by giving them high quality, easy to find, cheap music (perish the thought) they will stick to their "home taping is killing music" mantra and keep their heads in the sand while revenue plummets.

    Ironic that legal download sites fail to give me 'audiophile' quality DRM-free music that I actually *want*, yet mp3sparks does it without skipping a heartbeat. Well done record labels.

  14. Kevin Kenny

    @Dr Mouse & AC

    Dr Mouse: "Firstly, the reason I dont buy music is because what they produce today is MINDLESS PAP."

    AC: "Wrong, MOST of what is produced, or agreeably, all of what THEY produce is..."

    AC, you're bang on.

    Dr Mouse, you're clearly listening to the wrong stations. You should check out Radio 6 and shows like Stuart Maconies Freakzone, or Tom Robinsons evening shows, or Craig Charles' funk show on a sat night. Radio 6 seems to be the last bastion of good tunes.

    I still buy CD's because like AC I still play 'em in a decent CD player with a decent amp and speakers. I also grab certain albums via p2p either because I don't want to risk blowing 15-20 quid on something that might be a load of crap or it's no longer available but I'm more than happy to part with my cash to get the actual physical media.

  15. Julian

    An essential service

    At what point will e-government require that internet access is an essential service? If it becomes impossible to access services in any other way, they are going to have to regulate this kind of problem.

    If your provider wants to cut off your phone (because of abuse), there is a formal process to do so. It isn't a private arrangement between the abused party and the telephone service provider.

  16. Chris Cheale


    I may be way off the mark here, but I'd have thought that the whole "intaweb music thingy" is working out quite nicely for the independant labels - it's a much cheaper distribution model, especially for the smaller bands who are never going to get radio play.

    Sites like have swathes of free songs to download from unsigned or indy bands - grab a few and those you like you can (if you find a half decent specialist music retailer) buy the CD. Probably >95% of all the CDs I've bought in recent years has been through this method and I've got some good tunes from bands that very few people (in the UK) have ever heard of (Zombie Girl, Sister Machine Gun, Anders Manga, Emilie Autumn and so on).

    Could the increased exposure/distribution of these smaller bands be eating into sales of the "big boys" as well? It's a lot easier and cheaper than it's ever been to get your music produced to a "good enough" standard - hell some people start their own record labels just to distribute their own music.

    I think part of what's happening is that the big labels are pushing out "music for the masses" - whereby the masses are teenagers and children, the traditional "singles buyers" whereas most music is actually bought by 30-somethings (especially albums); people who have developed their own taste in music and don't buy into the latest wave of pointless pop-pap.

    What's more, less teenagers are buying into it as well. They are getting hold of more diverse music more easily. So while there are still crowds of MCR sheeple out there, there's less of them than Oasis fans in the 90's or Kylie fans in the 80's. The big labels are pushing to an ever dwindling demographic.

  17. system

    Security researcher?

    Is that title self appointed these days?

    "You are guaranteed to be nabbed if you don't use a blocklist". Really? I could produce thousands of users who have never recieved so much as a letter and have been torrenting for many years. That's like saying you're guaranteed to be abducted if you don't wear your tinfoil hat.

    He also forgets to mention the number of false positives. Blocklists frequently employ a range banning when a single IP is flagged. When they ban a range from a colo, they are cutting out some of the fastest seeds in the swarm, leaving you connected to the swarm and exposed for a longer period of time.

    Yet another complication is that blocklists do not work. Many have been caught while running the things. If you think about how they are supposed to work, the only effective list that could be put together would be compiled by an omnipotent agency who had knowledge of every renter of every IP in the world, down to the split second. With 4 billion IPv4 addresses, that is not going to happen.

    He hits on the only 100% effective solution at one point but skips right past it. By not using your own IP address, you cannot be tracked in this way. He's less of a security researcher and more of a snakeoil salesman.

    And for the record, that is not the easiest way to track users in swarms.

    A custom client is often employed, because it can simply do nothing but connect and request the bitfield of pieces from other peers all day, thus categorising them by seed/leech very quickly and not wasting cycles with actually sharing anything. From there, it can output results into any custom format they want, such as a database. It's highly unlikely they are all sitting there taking logs from azureus which is well known for being heavy on processor and memory usage (it's written in java) and outputs logs with irrelevant data to a text format.

  18. Luke Wells

    isp blocking

    I think the ISP's are going to fight against blocking/cutting off p2p users.Particularly cable suppliers like Virgin

    No one is going to sign up to the latest fasted 22 terrabyte sewer internet connection, if all they can do without suspension is browse ebay. The ISP's know that pretty much anyone who pays for the most expensive premium broadband service they offer, is a p2p user. The ISP's don't want to loose their most profitable customers.

  19. Anonymous Coward
    Anonymous Coward

    re: Ah well

    >Guess I'll just be signing back up to encrypted ******.


    stop mentioning the U word!! you'll draw unwanted attention to it

    you know that when (if?) they finally manage to stop illegal p2p sharing then surely their next target will be the U*****

    we were lucky before, i was sure after Napster was done over that BitTorrent started up and presented the next easy target. when/if they ever solve the p2p problem, then i fear u***** will be the next to be targetted

  20. Someone

    Stop! Do you trust that website?

    One problem with giving free and easy access to personal details behind an IP address is that it opens up the possibility of all sorts of abuse. So, it’ll be not just a case of “do you trust that website not to be riddled with malware?” but also “do you trust the company behind that website not to do anything with your IP address?” Will we get to a point, as we have with the DVLA, that any company can have the personal details of anyone for any reason, for a small charge? While UK companies might be trusted to behave themselves, would companies from other parts of the world? You merely surf over to, say, a perfectly innocuous pornographic website. Next week the following letter turns up.

    “Our client, Extreme Porn Russia, alleges that on the 31 January 2008 you accessed their website www.sexygirls.invalid and that you interfered with its proper operation. Our client seeks damages of £500 for the losses they have incurred… Our client is prepared to take court action to recover this amount.”

    I’m sure you can imagine many people quietly coughing up.

    While not necessarily as extreme as my example above, the Reg has previously considered the problems of false accusations. I feel the EU Courts of Justice have very valid concerns over the potential for a huge imbalance between accuser and accused. For a company making the accusations, whether they’re sending out 1000 or 5000 letters, the effort is going to be about the same. The effect on someone falsely accused could be very high.

  21. Sean Aaron

    MD deck and radio 3

    The only way I get new music is to set the timer on my FM tuner for 11:15, turn on the MD deck and record Late Junction (now sadly only three days a week).

    Fuck the record companies.

  22. D
    Thumb Up

    For just over nine years now

    I've been illegally downloading movies, music and games whilst watching this debate rage on. It's funny because the music and movie industries just spend more and more money on lawyers and buying politicans to make this problem go away and none of it has ever had any real impact on my ability to download anything.

    There's great entertainment value in watching these pointless people running around like headless chickens because their gravy train is drying up and the world doesn't need them anymore.

  23. John Saunders

    truespeak - newspeak

    'swivel chair revolutionaries' and 'consume creativity online' in one paragraph. A feast of locution!

  24. Fred

    Actually, you're not quite right

    <<The court ruled that EU law doesn't compel ISPs to reveal customer details in a civil case brought by a rights holder. >>

    The court ruled that EU law does not compel Member States to compel ISPs...

    <<National courts are in charge as to whether laws are introduced to that end on the ground.>>

    Last time I looked, national courts didn't make the law (at least not in non-common-law jurisdictions)

  25. Mectron

    Way of getting proof

    1. The criminal organisations that are the big record labels have no right to play police and invade someone computer. wich make 100% of they court action illegal.

    2. Sniffing IP address is like taping a phone, you need a court order BEFORE doing the sniffing.

    3. Any country, court of law, judge or political figure who bows to Big Record Label/Movie Studios is the only proof needed to see that they have been corrupted and any rulling made should not be enforced in any way. Who can thrust the testimonies of a bunch of tugs who have criminal record longuer then my right arm?

    4. The MPAA and the RIAA is the most dangerous cartel in the world today and they are destroying more individual lives then any terrorist organisation will ever do. they must be stop at all cost.

  26. Morely Dotes
    Thumb Up

    Fighting Back

    The more people who do this, the less effective the RIAA/MPAA terrorists will be:

    1. Create files containing open-source software, but rename them to things like "Britney Spears Latest Album.MP3" and "Harry Potter Complete Collection.ISO"

    2. Seed those files on torrent trackers.

    3. Sit back and relax.

    When the RIAA/MPAA comes to call, ignore their demands until a subpoena arrives, then take your files to the court and show the judge that the charges against you are completely false, and the plaintiff has engaged in vexatious litigation.

  27. Anonymous Coward

    @ Morely Dotes

    Seeding files that look like copyright infringements, but are in fact pap is good in practice. In reality though the bottom feeders will usually have dome some basic checks on the files from the IP addresses under investigation before issueing court orders to ISP's.

    Davenport Lyons, BPI, FAST, FACT and others do this routinely. Encrypted files on the other hand are harder to inspect for obvious reasons, but that still won't put them off.

    There is probably a lot more damaging material on the host PC that the account holder would rather not have dragged out in court, and cough up the fine instead.

    I think this story is very relevant, and you will see why in a few weeks time. :)

  28. system


    "Sniffing IP address is like taping a phone, you need a court order BEFORE doing the sniffing."

    Only if the sniffing involves monitoring all traffic in and out of that IP.

    What they are doing is the equivalent of recording the fact that you phoned them, which is in no way illegal and does not require a court order.

    If you visit my web site, I am within my rights to record your IP. If you connect to my torrent client I can do the same. If you phone me up and offer me pirate DVDs, it's perfectly legal for me to write down your number, the time and what you offered.

  29. Joe Soap
    Paris Hilton

    Phone tap by another name :(

    What is the difference between having your phone taped by court order and that of you ISP sniffing your packets "because they can" ?

    What would happen if telco`s limited your call time due to talking too much on the phone, or could dissconect you for talking for to long to 0800 / 1 800 numbers ?

    Paris icon for having a vidio record of her packet being sniffed lol

  30. This post has been deleted by its author

  31. Anonymous Coward

    Tapping etc in the (UK)


    1) Since the people employed to do this sniffing aren't government types then at least in the UK the Regulatory of Investigative Powers Act (RIP Act) doesn't apply to them, so they don't need a court order or any other authority from anyone. Just like a Private Detective doesn't need permission to follow you about video recording your activities. If they did then Investigative Journalists would be in trouble

    2) The method of gathering data does not involve any intrusive elements as they are simply being passive recording the information openly displayed so they cant be had or you protected by any of the labyrinthine acts governing such, e.g. the Computer Misuse Act. For example you are entitled to record all your phone conversations and in fact anything else, national security aside, without telling anyone. I like to record some calls when i have dealt with difficult companies in the past.

    3) The standard of proof required to get you done is a Civil Law Proof "On the Balance of Probabilities which is much lower than the criminal "Beyond Reasonable Doubt" so basically your probably gona get screwed if they send you to court.

    4) Transport Encryption of any flavour will prevent your ISP from Deep Packet Scanning your data transmitted over their network but this method the record industries employed footpads are using doesn't rely on this, so that wont help. Although it will confuse attempts at traffic shaping, mainly in the US.

    5) TOR or I2P proxy IP anonymising wont help much as the TOR network would crumble under the strain very quickly and I2P does not have “out-proxies”. This means that it is not possible to connect anonymously to clients outside of the I2P network. Therefore, to use I2P, all participants (BT tracker and BT clients) must be explicitly using I2P. This would really reduce the number of peers you could connect to although it would work but not unless everyone used it. I2P is a plugin in the mentioned Azureus client in the video although its still a bit beta sorta.

    6) The Ban lists are, although imperfect, a defence of sorts but they are more of roadblock that would slow down the sniffers rather than stop them.

    7) Your best legal defence is probably dynamic IP's and that dependent on your ISP not recording time and date stamps of which MAC addresses link to which IP at which time. Of course the sniffers still have to get the information from the company and they will need a court order for that as the Data Protection Act gives you some cover. With a Dynamic IP, that they cant pin to you at given time period, you could argue that the sniffers cannot prove, even on a balance of probabilities that it was you and not one of few hundred / thousand others.

    8) If you are downloading content of questionable copy right issues then the only content that could provide you a legal defence is TV broadcast or radio content you have access to. You could make a defence that you were simply time shifting which has UK legal precedent. If however that content is Music or Films not broadcast then your in bother and lets face it they only go after Music and Films at the moment anyway.

    9) Your best full fat defence is herd safety or swarm as it appears to be known. Just like the wilder beast your chances of getting killed by a big cat diminishes proportionally depending on how many other wilder beast are about. Its just probability although the Herd Defence still means someone's gona get it.

    10) So if your gona play in internet equivalent of the Serengeti, complete with tourists and vultures ready to capture moment for posterity, then take the steps outlined above, take what precautions you can but never forget it aint perfect just improbable.

    Duno why anyone would bother downloading the crap they produce anyway. If i dont want to pay for it, i dont want to waste time on it.

  32. Anonymous Coward

    To Follow up (from the 10 points above)

    To Make the Bittorrent Network as Secure as it could be in its current form i would suggest that users, trackers, sites and client builders:

    1) Use private trackers on invite peer referral invite only password protected sites that have a user base of about 25K so they aren't big enough to pop up on the radar nor small enough for the protocol to be useless.

    2) These sites should use SSL for every page to avoid packet scanning by ISP's which is a known route of detection and users could even get paranoid and user TOR for browsing the sites.

    3) The Private trackers should be configured to use only I2P anonymous IP configurations and clients should adopt this as standard option in the installation wizard. This will go along way to establishing anonymity of IP addresses.

    4) Clients should also have standard, pre selected, transport encryption enabled in the installation wizard as well without fall backs. To avoid deep packet scanning.

    5) Ban lists should also be standard, pre selected, options for the installation wizard.

    Its not perfect but it will really make the business of sniffing much harder and may even force them to use non legal invasive techniques and risk getting into trouble themselves or alternatively not being able to use the illegally gathered data in court.

    Firewalls etc of course a necessity.

    I have to say though, its an awful lot of effort to go to download crap. Still i suppose the anti authoritarian community out there could automate all the above without much effort.

  33. Jon

    And ban the 0wned machines?...

    Might be wearable if ISP's policed 0wned machines with the same policy. Might save us enough money from spam and malware that a tax to the RIAA/MPAA might be a pittance..

This topic is closed for new posts.