• Kissaki@beehaw.org
    link
    fedilink
    English
    arrow-up
    26
    ·
    5 months ago

    From the article-linked ruling press release - what it means in practice, what this was about:

    In order to protect works covered by copyright or related rights against offences committed on the internet, a French decree introduced two personal data processing operations. The first operation consists of the collection, by rightholder organisations, of IP addresses which appear to have been used on peer-to-peer websites to commit such offences and the referral of those IP addresses to the Haute Autorité pour la diffusion des œuvres et la protection des droits sur internet (High Authority for the dissemination of works and the protection of rights on the Internet) (Hadopi) 1. The second operation, carried out by the internet access providers at Hadopi’s request, consists, inter alia, of matching the IP address with the civil identity data of its holder. Those data processing operations enable Hadopi to initiate a procedure against the persons identified, combining educational and punitive measures, which may lead to a referral to the public prosecution service in the most serious cases.

    I find the ruling press release is much more understandable (and much more informative) than the OP-linked article.

    • boatswain@infosec.pub
      link
      fedilink
      arrow-up
      13
      ·
      5 months ago

      Definitely; OP’s linked article doesn’t have any quotes that refer to copyright, while this one of yours adds a lot of context that was otherwise missing. There’s a world of difference between allowing retention of IP addresses and creating a cleaning house for IPs suspected of distributing works.

    • barsoap@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      5 months ago

      The second operation, carried out by the internet access providers at Hadopi’s request, consists, inter alia, of matching the IP address with the civil identity data of its holder.

      Which just opens more questions: How long are ISPs allowed/required to store customer IPs, and then what happens if I have an open wifi: Can they just assume that I did it or declare me responsible anyway, that is, is it possible for a private individual to enjoy ISP privileges?

      • wizzim@infosec.pub
        link
        fedilink
        arrow-up
        2
        ·
        5 months ago

        Yes if I remember the Hadopi correctly, your are responsible for securing your access point and liable for any use made out of it.

        Le décret sur la négligence caractérisée a été publié au JO le 26 juin. Il instaure l’obligation de sécuriser sa connexion, sans en préciser les moyens, sous peine d’une amende salée et d’une coupure Internet en cas de délit de téléchargement illégal.

      • Kissaki@beehaw.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        5 months ago

        If you read more of the ruling, the ruling allows EU nations to impose requirements on ISPs. So the storage duration would be up to national law. (Which of course one may call into question bring before court on whether they are too long.)


        The question of whether you are liable as a provider of open access is an independent question. Yes, it becomes more relevant if you as a provider can’t bet on anonymity anymore. But it’s independent.

        Looking at DE Wikipedia, looks like previous EU court rulings were dismissing being held accountable, but there’s still one open. German law freed it in 2018. No mention of EU specifically in this article, so maybe it’s national concern - at least until the EU court makes a ruling.