Here are some observations of about certain
aspects of possible
mass copyright litigation in Canada. In some instances, mass copyright
litigation has aptly been referred to as “troll” litigation. Nothing in what
follows is necessarily a comment about any particular case or situation, unless
it is explicitly so indicated. Above all, nothing that follows endorses copyright
infringement by individuals in the form of illegal downloading or file sharing
(sometimes called “piracy”, although this term is seriously inappropriate and
misleading when applied to individuals who are engaged in non-commercial
activity).
Let us be clear. No responsible
copyright lawyer would ever encourage activity that flouts or undermines the
purpose of copyright law. But that said, serious damage can also be done and
disrespect for the law will inevitably result if privacy laws are breached,
ignored or not adequately observed in situations where innocent persons who may
even have been mistakenly identified are dragged into litigation or into a “machine”
designed to use the threat of litigation to extract large “settlements”. Such
settlements will frequently be paid because it will almost invariably seem cheaper
to “settle” than to fight, due to the
normally insurmountable difficulties of finding competent and cost-beneficial
access to justice in such circumstances. Even if the defendants have been
accurately identified, it is highly questionable whether Parliament intended
the Canadian courts to become a part of an aggressive en masse settlement extraction scenario that has proven futile
elsewhere in inhibiting infringement. Even the RIAA (Recording Industry Association of America), which started this type of
litigation in the USA and is not known for being particularly sensitive to
public opinion, has now abandoned the pursuit of any new mass litigation or “settlement”
activity.
Other matters should be also made
clear. There is no reason to believe that the taking of active, reasonable and
responsible steps by an ISP to safeguard and preserve its customers’ privacy would
in any way jeopardise the ISPs cherished “neutrality” status. There is
nothing in existing Canadian law or the still un-proclaimed provisions of Bill
C-11 that would point to the contrary. What is apparent, however, is that ISPs are
subject to PIPEDA
privacy law and cannot divulge customer’s private information in a mass copyright
litigation case without the customers’
consent or a court order. In the BMG
decision in 2005, the Federal Court of Appeal (“FCA”) made it clear
that:
Pursuant to PIPEDA, ISPs are not entitled to
"voluntarily" disclose personal information such as the identities
requested except with the customer's consent or pursuant to a court order.
Defending privacy is in no way whatsoever
tantamount to encouraging or even tolerating piracy.
The only real question is how far an
ISP should be expected to go to protect its customers’ privacy by ensuring that
a court order is warranted in the circumstances. Indeed,
that is the front-line and threshold question. This is because there will be
cases where copyright owners seek to engage in “trolling” activity and clearly
or arguably do not have an adequate basis to obtain a court order disclosing
the names of dozens, hundreds or thousands of subscribers. This was precisely
the case in the BMG v. Doe case in 2004 and nothing has materially changed
since then and the resulting landmark 2005 ruling from the FCA upholding the requirement
that there must be, inter alia, a bona fide intention of suing and that
there must be reliable, admissible, timely and non-hearsay evidence to warrant
such a disclosure order. More about the
BMG decision below.
Shaw and Telus bravely paved the path
for timely and straightforward challenges by ISPs when disclosure material was
inadequate. CIPPIC played a key role in that case and I was honoured to be
CIPPIC”s lead counsel. The path is now paved and the process is now clear and
potentially even be easy in some cases. In appropriate cases, it would be a
simple, inexpensive and risk-free effort for an ISP to actively step up to the plate
to safeguard its customers’ privacy. Indeed, it is conceivable that in some cases
there may be a real risk in not challenging the adequacy of the disclosure
order material, both in terms of a business and even, conceivably, a legal sense.
It is a legitimate question to ask
whether an ISP, rather than categorically deciding a priori not to resist disclosure motions, should at least be expected
to review the supporting documentation, to get an expert opinion as to whether
it meets the requirement of the law as laid down by the courts and Parliament, to
notify all of its customers of the
proceeding (if it is too
burdensome to notify only those whose IP address has been singled out by the
would-be plaintiff), to post copies of these documents, and to explain why, if
it is the case, that it believes that there is no reasonable basis to challenge
the disclosure motion on privacy grounds.
The law in Canada, based upon the 2005
BMG decision in the FCA , is really quite simple. A list of names and
addresses of alleged infringers should not be handed over by an ISP to a
plaintiff unless certain conditions are met. As I wrote in 2005, closely
tracking the actual FCA language:
- The plaintiff must show that it has “a bona fide
claim” against the proposed defendant, “...i.e.,
that they really do intend to being an action…
based on the information they obtain, and that
there is no other improper purpose for seeking
the identity of these persons”.
- The
bona fide claim must be based on
admissible
evidence linking the IP address(es) with the
impugned
action(s).
- “There
should be clear evidence to the effect
that
the information cannot be obtained from another
source
such as the operators of the named
websites”.
- “...[T]he
public interest in favour of
disclosure
must outweigh the legitimate privacy
concerns
of the person sought to be identified
if a disclosure
order is made”.
- The
information
on which a request for identification
is made (e.g., IP address) must be
timely;
no undue delay between investigation
and motion
for disclosure.
- The
plaintiffs must not collect more personal
information
than necessary for the purpose of
their
claim.
- Re:
disclosure orders, “…caution must be exercised
by
the courts in ordering such disclosure,
to
make sure that privacy rights are invaded in
the
most minimal way”.21 In particular, “...if a
disclosure
order is granted, specific directions
should
be given as to the type of information
disclosed
and the manner in which it can be
used”.
In addition, the court should consider
making
a confidentiality order or identifying the
defendant
by initials only.
(footnotes omitted, emphasis added)
One paragraph from the BMG decision should
be quoted its entirety:
21] Much of the crucial evidence submitted
by the plaintiffs was hearsay and no grounds are provided for accepting that
hearsay evidence. In particular, the
evidence purporting to connect the pseudonyms with the IP addresses was hearsay
thus creating the risk that innocent persons might have their privacy invaded
and also be named as defendants where it is not warranted. Without this
evidence there is no basis upon which the motion can be granted and for this
reason alone the appeal should be dismissed.
Anyone wanting to drill deeper can read
the BMG
case, and my own short article here. By the way, the Canadian subsidiaries of the
multinational record companies either could not or chose not to come back to
the Court with the required evidence. The BMG litigation just quietly faded away without any names
being handed over and nobody was ever sued.
In the USA, the record companies
pressed further and longer, and in couple of notorious cases achieved enormous
jury awards of hundreds of thousands (in the Jamie Thomas Rasset case
almost $2 million now cut back to $222,000) for the illegal downloading of a few songs
worth $0.99 each on iTunes. The Thomas-Rasset case may yet reach the US Supreme
Court on the constitutionality of these enormous statutory damage awards. Canada
has wisely attenuated the upper end of such statutory damage awards to $5,000
where the activity is non-commercial.
Electing to seek this $5,000 statutory
damage award will have the interesting effect of barring the plaintiff and any
other copyright owners from seeking any statutory damages for any other non-commercial
infringing activity that took place before
that litigation commenced. It would seem unlikely to the point of being
inconceivable that any one plaintiff could prove actual damages or any other
head of damages that would exceed the $5,000 cap on statutory damages for
non-commercial activity. Damages for loss of profits would be negligible and the
possibility of damages for conversion has long since been abolished.
If any mass litigation gets to the
point of actual law suits, there could be any number of possible legitimate
procedural steps that defendants could take to safeguard their interests that
would render the pursuit of such en masse
litigation uneconomical for the plaintiff. I will come back to this point, if
it ever becomes necessary.
Flash forward from 2005 to 2011 when Voltage
Pictures sought disclosure of customers’ private information from certain
Quebec-based ISPS, one of which, Vidéotron, was actively on side with BMG in
2004. In any event, the ISPs simply took no position and did not oppose the
order or even appear at the hearing of the motion. The Federal Court was
apparently satisfied with the paper work that was presented and left
unchallenged. The proper parties had
been served. Understandably, the court granted the order. It is not the court’s
role nor is the court equipped to conduct its own investigation, which might
even require cross-examination, into the adequacy of such material.
Unopposed rulings rarely set important
precedents and this one breaks no new ground and is no exception. However, it
does tend to confirm that if a plaintiff presents the court with paper work
that at least appears to be adequate and in apparent good order and is left
unchallenged, it will get its disclosure order. That does not mean that ISPs
should shirk their responsibilities where the material may not appear to be adequate.
To the contrary, it confirms that an ISP cannot necessarily assume that a court
can or will take it upon itself to reject inadequate material, if the material
is indeed inadequate. (I make no comment on the material in that particular
case.)
Voltage was given a timetable pursuant
to which it was expected by the Court to identify the potential defendants in
the litigation, etc. For unknown reasons,
Voltage did not follow through on this and it never actually sued anyone in that case. Its
counsel advised the Court on March 28, 2012 that the case was being
discontinued. It is not known whether any “settlements” were ever sought or procured
prior to the discountenance.
Individual users who fear that their
names will be handed over are essentially helpless at the outset – both for
economic and legal reasons. It is simply
not viable for individuals to put their name on the record and to retain counsel
in order to stop this process before they are even sued – even if it is clear
that it could and should be stopped. The individuals in these cases are not RIM
or isoHunt, who have sufficient resources and have successfully used peremptory
proceedings to advantage to deal with threatened copyright litigation.
It’s not just remaining anonymous that could
be a problem, and which might very well be a problem for any individual seeking
to engage at a peremptory stage. The problem will be the disproportionate
expense that would be incurred and the long-shot odds of being able to recover
anything close to reasonable legal costs. Any lawyer thinking of getting
involved on a pro bono or discounted basis
at this pre-litigation or even early litigation stage on the assumption that
the involvement will be short should realize that getting off the record may be
very difficult if the proceedings continue, even if the client refuses to pay.
Obviously, ISPs are not required or
expected to fight to the finish or even at all on each and every disclosure
application. However, if the material served on an ISP is clearly deficient, or
even arguably deficient in light of the
BMG case, the ISP must then decide if it should object to the disclosure order.
Leaving aside whether there is any legal obligation on the ISP to do so, there may
be good business reasons to do so. The main one would be that of keeping its
customers happy – and even keeping them at all. Then, of course, there is the
question of what is “the right thing to do”.
Suppose that an ISP promises in its
advertising, terms of service or otherwise that customers have a right to have
their privacy safeguarded and that it will not use or disclose personal
information for purposes other than those for which it was collected, except
with the consent of the individual or as required by law.
Then, it is arguable that customers
would, at the very least, expect that ISP to scrutinize any disclosure motion
material very carefully and to oppose it if it appears to be clearly or even arguably
deficient. Whether this an issue of
privacy law requirements, contract law, consumer protection law, or simply a
question of being “the right thing to do”, there will be an expectation that an
ISP should step up to the plate when the material is not sufficient to warrant
disclosure.
Many would argue forcefully that it’s
not only the right thing to do but it’s an ISP’s job and duty to guard against
clearly (or even arguably) inadequate attempts to open the door to mass
litigation against its customers. That has enormous privacy implications. Shaw
and Telus fought hard for this in 2004, with Bell and Rogers at least somewhat supportive.
An ISP that stands up in this type of situation is not taking sides in the
copyright wars; it is only defending its customer privacy – which is arguably,
at the very least, not only the right thing to do but the smart thing to do.
Our judicial process is based upon the
“adversarial system”. If nobody steps up to the plate to oppose a proceeding,
and the paperwork is in order, the Court cannot be expected to conduct its own
inquiry as to the adequacy of the paper work. A non-profit organization such as
CIPPIC cannot be expected to intervene in every instance of inadequately framed mass
litigation disclosure motions simply because others who could or should do so are
unwilling or don’t care. In any event,
it cannot be assumed that an intervener such as CIPPIC would be given the right
to cross-examine on an apparently problematic affidavit, if this were in fact
the situation.
ISPs are the only entities in the
system that are in a position to efficiently assist the court in these
situations and, at the same time safeguard their customers’ privacy by
challenging the sufficiency of a disclosure motion when warranted. As in so many aspects of the Canadian
copyright system, there is a delicate balance here. Deserving copyright plaintiffs
are entitled to adequate, effective and efficient remedies under appropriate
circumstances. However, when they cannot make their case because they cannot or
will not provide adequate evidence to warrant the disclosure of massive numbers
of defendants’ identities, the required balance of the system requires that someone
needs to step forward to make that point.
In most cases, for ISPs to step up to
the plate at the preliminary disclosure stage will involve only a modest
expenditure to assess the material and to proceed, if the material is clearly
or arguably deficient. Doing so at this stage may even pay substantial
dividends in good will. Doing the right thing is often the right thing to do,
both for legal and business reasons.
HPK