It’s a controversial case that pits the privacy of Internet users against intellectual property rights of music companies and legal observers are waiting with bated breath for its outcome.
Those who expected that ruling to come last week were disappointed. Instead, last Wednesday, the Ontario Federal Court of Appeal declined to pass judgment in a music file sharing case, BMG Canada vs. John Doe. The Canadian Recording Industry Association (CRIA) was asking that the names of 29 users who swapped music files over peer-to-peer networks be disclosed by five Internet service providers (ISPs).
The five ISPs include Bell Sympatico, Rogers Communications Inc., Shaw Communications Inc., Telus Corp., and Videotron Ltd.
In March 2004, the case was heard and thrown out by the trial court, which criticized CRIA’s evidence.
Hearing the appeal on the case, Justices Edgar Sexton, C.J. Richard, and Marc Noel reserved judgment on granting a court order asking ISPs to disclose the identity of the 29 subscribers, according to Ottawa-based Canadian Internet Policy and Public Interest Clinic (CIPPIC).
The protection of personal information is guaranteed under the Personal Information Protection and Electronic Documents Act (PIPEDA).
CIPPIC legal counsel David Fewer said this issue amounts to “piercing the privacy” of the Internet user. His organization has intervened in the case, presenting arguments based on public interest and copyright law.
Given the extraordinary nature of the order being sought, and the weakness of CRIA’s evidence, the court would have to be satisfied there is a very good case before it could grant the order, Fewer said.
He said it is not known when the Appeals Court will make the decision, but guessed it would not take long, given the high profile nature of the case. “Although the context is music downloading, this case is primarily about privacy. We should be very careful about the circumstances in which we allow disclosure of online identities,” Fewer said.
The court’s decision would define circumstances under which ISPs would be required to disclose identities of subscribers for private litigation, said Fewer.
However, he added, it must identify what kind of evidence it would require to order such a disclosure. “Do we have to show that (CRIA) has a strong case, or are we satisfied that all CRIA has to do is go to court, prove whether or not there is infringement, and get the identities of these individuals?”
CIPPIC argued that to get a court order, CRIA must have strong and reliable evidence, be able to show the court it has properly identified the defendants, and that there is a breach.
Fewer said based on evidence presented by CRIA, the unknown defendants were identified by pseudonyms used while swapping files. These pseudonyms were matched with corresponding IP addresses, which ISPs assign to each subscriber.
However, the Ottawa lawyer said CRIA was not able to vouch for the reliability of the source of the IP addresses. He added that when the recording companies first went to the ISPs, some of the IP addresses did not match any of its subscribers.
“The problem is CRIA did a very bad job on their evidence. The person who swore the evidence was not even the one who did the identification. There is a real [reliability] problem,” Fewer said.
He said the risk with unreliable evidence is that it may lead to defendants being falsely identified.
Even a single number incorrectly keyed would wrongly identify a defendant, he noted. That is why the court has to be satisfied that evidence is failsafe before it gives this kind of extraordinary order, Fewer said.
CRIA president Graham Henderson, however, countered CIPPIC’s position on the reliability of CRIA’s evidence. He said out of the 29 IP addresses presented, the ISPs matched 27 of them.
“If CIPPIC was right, then computer-generated documents of almost any kind would be unreliable. We live in a digital world, we know that computer-generated documents are reliable and we know that they are relied on in court all the time,” Henderson said.
Contradicting CIPPIC’s argument that the case is of an “extraordinary nature”, the CRIA chief said similar cases are being brought to court in other countries such as Japan, Australia, Norway, France and Denmark.
In these countries, evidence similar to what CRIA has presented are brought before the courts, which then issue an order to get the names of the alleged violators from the ISPs, said Henderson.
He said a Videotron executive has said in court that the process of matching the IP addresses was easy, cheap and could be done in a day.
Henderson also stressed that CRIA is after the big volume swappers. “We are not talking about small potatoes here, we are talking about people who would put out (between) 3,000 to 5000 tracks, (which is) about 300 CDs.”
Under Canadian law, statutory damage for copyright infringement is $500 for each instance of violation.