Ofcom has today published its Draft Code of Practice for tackling internet copyright infringement by customers of UK broadband providers, which is a requirement of the recently passed Digital Economy Act (DEA). Happily for some it will only apply to the biggest fixed line ISPs covering 96.5% of the UK "residential and SME business" market.

The code itself sets out how and when Internet Service Providers (ISPs) covered by the code will send notifications (warning letters) / Copyright Infringement Reports (CIR) to their subscribers to inform them of allegations that their accounts have been used for unlawful file sharing (P2P) activity.

Who will it affect?

Initially only the seven largest broadband ISPs with over 400,000 subscribers will be covered; Mobile Broadband operators, with their capacity problems and other constraints, have also escaped, at least for now. Ofcom lists these providers as BT ( PlusNet ) , TalkTalk , Virgin Media , Sky Broadband , Orange , O2 ( including Be Broadband ) and oddly the Post Office.

As no CIRs have been issued to date, Ofcom does not have information about CIR volumes before the first notification period. They are therefore unable to set a CIR-based threshold for Qualifying ISPs, which is objectively justifiable, non-discriminatory and proportionate.

However Ofcom proposes to regularly review evidence of online copyright infringement across all service providers and to extend the scope of their code if appropriate. In other words, being small isn't a concrete defence, especially if a significant portion of your customers are found to be "suspected" of illegal downloading.

It's noted of Mobile Broadband operators that another reason for their initial exclusion is because 95% of alleged copyright infringement incidents identified were found to occur on fixed networks. The way mobile networks share a single IP address between multiple users was also found to be a problem.

What about open/public Wi-Fi networks?

The code will not apply to open access Wi-Fi networks where there is no payment from, and no agreement with, those making use of them. In those circumstances, the person making open access Wi-Fi available would themselves be classed as subscriber.

However some operators of Wi-Fi networks would fall within the definition of an ISP where the service is provided by means of an agreement with the subscriber, even where this is oral or implicit. In other words, Hotspots (such in a coffee shop or hotel) are not safe. In any case Ofcom's 400,000+ subscriber threshold would initially exclude those operators.

Ensuring robust and accurate evidence

For the notification process to be credible it is essential that the allegations of copyright infringement are robust and accurate. Therefore, Ofcom are proposing that Rights Holders should, before submitting their first CIR (and from then on an annual basis), provide the regulator with a Quality Assurance Report (QAR).

The QAR is designed to detail the processes and systems used by the Copyright Owner to gather evidence. It will also detail any steps taken to ensure the integrity / accuracy of evidence and any processes that the Copyright Owner has put in place to audit its systems, among other requirements.

Ofcom may require that systems and processes used to gather evidence be subject to audit by an appropriate independent party. However there is no mention of any clear measures that the regulator might take if a Rights Holder is found to be in breach of these requirements.

Copyright Infringement Reports (CIR)

Ofcom envisages that the first CIR received by an ISP would trigger the first notification (warning letter) being sent to a customer. This is somewhat different from an earlier suggestion of only sending the first warning after 10 CIRs.

The second notification would be triggered by the first CIR received on or after one month from the date of the first notification. A third and final notification would be triggered by the first CIR received on or after one month from the date of the second notification :confused: .

Presently an ISP can only send warnings and will not be forced to deploy any technical measures (bandwidth restrictions or account disconnection) upon customers when they reach a certain level of CIR's. Such provisions shall not be effective until the Secretary of State has decided that it is appropriate.

Previous reports suggest that technical measures could be introduced if piracy has not been reduced by 70% come April 2011; technical measures would then follow in July 2011.

However anybody who receives three letters in the space of 12 months could have their personal details handed over to the owner of the copyrighted material, allowing further legal action to take place.

Appeals

The Code also gives ISP customers the right to bring a subscriber appeal to an independent appeals body. Sadly the details on this remain somewhat vague and it looks like customers would still have to foot at least some of the bill for their own appeal. See the section below for more.

However we do note that the 'Grounds for Appeal' begs one very simple and obvious question; if you know you're innocent, how do you prove it (the assumption in this system is that you are guilty until proven innocent)?

For example, how would a non-technical person (pensioner etc.) defend themselves or even know if their wireless network had been hacked and used to download copyright material? It is an evidence less crime.

Imagine if a child visiting somebody elses home used the connection to do the same, what then? Rights Holders will claim you have committed copyright infringement but you have no way of knowing what happened.

Now take a look at the grounds for appeal below and ask yourself that same question again, how could an end-user feasibly prove their innocence?

The grounds of appeal may include the following:

• That the apparent infringement to which the CIR relates was not an infringement of copyright;
• That the CIR does not relate to the Subscriber’s IP address at the time of the apparent infringement;
• That the act constituting the apparent infringement to which a CIR relates was not done by the Subscriber and the Subscriber took reasonable steps to prevent other persons infringing copyright by means of his/her internet access service;
• That an act or omission by a Qualifying ISP or Qualifying Copyright Owner amounts to a contravention of the Code or of an obligation regulated by the Code; or
• Any other ground on which a Subscriber chooses to rely as to why the act or omission should not have occurred.

Costs and everything else

This consultation is only the first in a series (of three) that Ofcom intend to issue this calendar year related to measures introduced in the DEA. The next two will cover..

• Enforcement of the code and the handling of industry disputes [July]

• Tariff setting – i.e. sharing costs - from implementing and fulfilling requirements in the code [September – but dependent on the progress of Government’s cost sharing consultation and statutory instrument]

In other words we will be forced to wait a bit longer to find out how Ofcom intends to "share" the costs and enforce its code; hopefully these will also include more details on the appeals process.

We do know that Ofcom intends to share the costs between ISPs, Rights Holders and subscribers. In other words anybody who was hoping for Rights Holders to foot the bill will be very disappointed. Similarly penalties can be imposed where an ISP or Copyright Owner contravenes the obligations in the DEA. Penalties can be up to £250,000, but the Secretary has discretion to raise this maximum.

This first consultation is open until 30th July 2010.

Download the Initial Consultation
http://www.ofcom.org.uk/consult/condocs/copyright-infringement/condoc.pdf

UPDATE 29th May 2010

We have made some additions to the appeals and CIR sections of this news article with more details.