Ontario Court of Appeal awards damages for invasion of personal privacy

4 Comments Posted by on January 19, 2012

In my view, it is appropriate for this court to confirm the existence of a right of action for intrusion upon seclusion. Recognition of such a cause of action would amount to an incremental step that is consistent with the role of this court to develop the common law in a manner consistent with the changing needs of society.

The quote above is from the case of Jones v. Tsige, 2012 ONCA 32, which was released by the Ontario Court of Appeal yesterday. Sandra Jones became the first individual in Ontario to receive a monetary award for a civil action of invasion of personal privacy. The Court ordered Winnie Tsige to pay Jones $10,000 for “surreptitiously looking at Jones’ banking record”.

In granting this unprecedented award, the Court noted that it was compelled to recognize the tort in light of “technological change [that] has motivated the legal protection of the individual’s right to privacy”:

[67]         For over one hundred years, technological change has motivated the legal protection of the individual’s right to privacy. In modern times, the pace of technological change has accelerated exponentially. Legal scholars such as Peter Burns have written of “the pressing need to preserve ‘privacy’ which is being threatened by science and technology to the point of surrender”: “The Law and Privacy: the Canadian Experience” at p. 1. See also Alan Westin, Privacy and Freedom (New York: Atheneum, 1967). The internet and digital technology have brought an enormous change in the way we communicate and in our capacity to capture, store and retrieve information. As the facts of this case indicate, routinely kept electronic data bases render our most personal financial information vulnerable. Sensitive information as to our health is similarly available, as are records of the books we have borrowed or bought, the movies we have rented or downloaded, where we have shopped, where we have travelled, and the nature of our communications by cell phone, e-mail or text message.

[68]         It is within the capacity of the common law to evolve to respond to the problem posed by the routine collection and aggregation of highly personal information that is readily accessible in electronic form. Technological change poses a novel threat to a right of privacy that has been protected for hundreds of years by the common law under various guises and that, since 1982 and the Charter, has been recognized as a right that is integral to our social and political order.

[69]         Finally, and most importantly, we are presented in this case with facts that cry out for a remedy. While Tsige is apologetic and contrite, her actions were deliberate, prolonged and shocking. Any person in Jones’ position would be profoundly disturbed by the significant intrusion into her highly personal information. The discipline administered by Tsige’s employer was governed by the principles of employment law and the interests of the employer and did not respond directly to the wrong that had been done to Jones. In my view, the law of this province would be sadly deficient if we were required to send Jones away without a legal remedy.

Test for Invasion of Privacy

In setting out the elements for the tort of invasion of privacy, the Court of Appeal borrowed from the U.S. Restatement (Second) of Torts:

[70]         I would essentially adopt as the elements of the action for intrusion upon seclusion the Restatement (Second) of Torts (2010) formulation which, for the sake of convenience, I repeat here:

“One who intentionally intrudes, physically or otherwise, upon the seclusion of another or his private affairs or concerns, is subject to liability to the other for invasion of his privacy, if the invasion would be highly offensive to a reasonable person.”

[71]         The key features of this cause of action are, first, that the defendant’s conduct must be intentional, within which I would include reckless; second that the defendant must have invaded, without lawful justification, the plaintiff’s private affairs or concerns; and third, that a reasonable person would regard the invasion as highly offensive causing distress, humiliation or anguish. However, proof of harm to a recognized economic interest is not an element of the cause of action. I return below to the question of damages, but state here that I believe it important to emphasize that given the intangible nature of the interest protected, damages for intrusion upon seclusion will ordinarily be measured by a modest conventional sum.

Damages

To determine the quantum of damages to be awarded, the Court canvassed a number of similar Ontario cases where, while not explicitly awarding damages under a privacy tort, courts had awarded a remedy to plaintiffs that had suffered some form of personal betrayal, embarrassment or harassment. In this case, the Court borrowed factors from Manitoba’s Privacy Act in order to determine the appropriate damage award:

[87]         In my view, damages for intrusion upon seclusion in cases where the plaintiff has suffered no pecuniary loss should be modest but sufficient to mark the wrong that has been done. I would fix the range at up to $20,000. The factors identified in the Manitoba Privacy Act, which, for convenience, I summarize again here, have also emerged from the decided cases and provide a useful guide to assist in determining where in the range the case falls:

1.   the nature, incidence and occasion of the defendant’s wrongful act;

2.   the effect of the wrong on the plaintiff’s health, welfare, social, business or financial position;

3.   any relationship, whether domestic or otherwise, between the parties;

4.   any distress, annoyance or embarrassment suffered by the plaintiff arising from the wrong; and

5.   the conduct of the parties, both before and after the wrong, including any apology or offer of amends made by the defendant.

[88]         I would neither exclude nor encourage awards of aggravated and punitive damages. I would not exclude such awards as there are bound to be exceptional cases calling for exceptional remedies. However, I would not encourage such awards as, in my view, predictability and consistency are paramount values in an area where symbolic or moral damages are awarded and absent truly exceptional circumstances, plaintiffs should be held to the range I have identified.

[89]         It is my view that in this case, Tsige committed the tort of intrusion upon seclusion when she repeatedly examined the private bank records of Jones. These acts satisfy the elements laid out above: the intrusion was intentional, it amounted to an unlawful invasion of Jones’ private affairs, it would be viewed as highly offensive to the reasonable person and caused distress, humiliation or anguish.

[90]         In determining damages, there are a number of factors to consider.  Favouring a higher award is the fact that Tsige’s actions were deliberate and repeated and arose from a complex web of domestic arrangements likely to provoke strong feelings and animosity. Jones was understandably very upset by the intrusion into her private financial affairs. On the other hand, Jones suffered no public embarrassment or harm to her health, welfare, social, business or financial position and Tsige has apologized for her conduct and made genuine attempts to make amends. On balance, I would place this case at the mid-point of the range I have identified and award damages in the amount of $10,000. Tsige’s intrusion upon Jones’ seclusion, this case does not, in my view, exhibit any exceptional quality calling for an award of aggravated or punitive damages.

Not even a month in, 2012 is shaping up to be a crucial year for many facets of Canadian privacy law.

Privacy

Canadian Hosting Provider Cites Weak Copyright Law to Attract Pirate Websites

Leave a Comment Posted by on January 4, 2012

There has been a lot of press lately in the U.S. about their proposed IP enforcement law, the Stop Online Piracy Act (“SOPA”). As I previously noted, when creator groups were asked which websites they intended to target with SOPA’s site-blocking provisions, the groups were clear that legitimate online businesses would be unaffected by the new law. Instead, they provided detailed lists of “rogue” wealth-destroying websites, which include a number of Canadian-hosted BitTorrent websites.

Investigating a little further into how these BitTorrent websites are operated shows that it’s no coincidence they chose Canada as a base of operation.

For instance, consider Torrentz.eu, which was ranked last year as the 2nd most popular BitTorrent site in the world, edging out fellow Canadian-based IsoHunt. Both the motion picture industry and the recording industry mentioned Torrentz.eu as a target site for SOPA enforcement. The website is hosted by a company called Amanah, which operates here in Toronto, about a block away from my office.

It’s not hard to see what made Torrentz.eu choose Amanah as its web host. In fact, Amanah seems to tout Canada’s weak copyright laws as a selling feature of its hosting services, promising pirate websites that they won’t be hassled if they host their sites on Amanah’s Toronto-based servers.

For instance, in the Overview page of its website, Amanah notes as one of the 3 key features the fact that it operates in a “DMCA-Free Zone”:

Why Choose Toronto Dedicated Server Hosting at 151 Front Street West?

151 Front Street West is the carrier hotel of choice for more than 150 telecommunications companies – and it’s easy to see why:

  • 9 unique fiber optic networks with more than 7000 strands of fiber optic cable.
  • 25 diverse entrances.
  • Located within a DMCA Freezone.

On the Location page, it again repeats the fact that it is located in a “DMCA Free-Zone”:

Why Choose Amanah?

  • Quality Enterprise Dell Servers
  • Quality 151 Front Street Location
  • Quality 100Mbps Bandwidth Included
  • DMCA Free-Zone
  • Canadian & USA IP(s)
  • Dedicated KVM Virtual Media Features

Even on the main page of its website, Amanah boasts one of its key selling features that hosted websites will enjoy “no more fighting with DMCA restrictions”. Under US copyright law, copyright owners may send DMCA takedown requests to websites or web hosts that make their content available without authorization. The websites and web hosts must then either take the content down or send a counter-notification to the copyright owner.

Amanah’s business model seems to be to use its Canadian location to entice American websites that face a high volume of DMCA takedown requests to relocate to Canada where Amanah will refuse to forward takedown requests to the websites. Current Canadian law does not require websites and web hosts to take down infringing content upon notice, as is the case in the US and the EU under what is known as “notice-and-takedown” systems.

Bill C-11, the Canadian Copyright Amendment Act, would do little to change the situation for Amanah and its “rogue” site customers. Bill C-11 would introduce a “notice-and-notice” rather than “notice-and-takedown” system into Canadian copyright law, which would require a web host to simply forward notices of infringement to websites that host infringing content. There would be no direct consequence under Bill C-11′s notice-and-notice system if a hosting company like Amanah or a website like Torrentz.eu fails to take down any infringing content even after thousands of such notices have been received. Little wonder that Canada continues to have a reputation as a haven for these wealth-destroying websites.

Notice-and-notice , , ,

Why the “digital lock” rules in Bill C-11 will not have any impact on fair dealing in the education community

Leave a Comment Posted by on December 12, 2011

Technological protection measures (or “TPMs”) are technologies that protect digital media and control how consumers can use digital products that they purchase. For instance, when you buy e-books from Kobo’s online book store, a TPM controls how that e-book can be copied. The TPM allows you to make copies of the e-book between devices that you own, but it will prevent you from making a copy onto another person’s e-book reader. The government’s new copyright bill, Bill C-11, would establish legal protections for TPMs by making it illegal to hack a TPM or traffic TPM-hacking devices.

Professor Michael Geist of the University of Ottawa has been leading the opposition to legal protections for TPMs, or what he calls “digital locks”. On his widely-read blog, he re-publishes position papers from the various groups that share his opinions about TPMs. He, along with the groups he quotes, argue that legal protection for TPMs will override an exception in copyright law called “fair dealing”[1] and that this will end up harming the education community in Canada.

Professor Geist’s claims, and the claims of those who follow his views, are completely unfounded when it comes to TPMs and fair dealing. Even though TPMs are used quite often in the education community and writers, editors and publishers of educational materials rely on TPMs to protect their revenue models, it is simply not accurate to state that Bill C-11 will have any real impact on educators’ ability to make fair dealing copies.

Here are five reasons why TPMs, and the legal protections for TPMs in Bill C-11, will not interfere with fair dealing that you probably won’t read on Professor Geist’s blog.

1. The education community has always operated on a permission culture

The best way to avoid any problems with copyright law has always been to get the original author’s permission to use his or her work and this applies especially in the education community. Most academics are always happy to have their papers republished, circulated and incorporated into the works of others. It’s very rare that a professor would not want someone to make further use of their publications. However, it’s always been a sign a respect to obtain the original author’s permission to use their work, whether or not that use would otherwise be considered a “fair dealing”.

Copyright law only prohibits copying that is done without the permission of the author. The proposed TPM laws in Bill C-11 work the same way. In fact, in the actual language of Bill C-11, it specifically states that it’s illegal to hack a TPM “unless it is done with the authority of the copyright owner”.

Bill C-11 does nothing to affect this permission culture that exists within the education community. Even if an academic intends to make a “fair dealing” copy of another academic’s work (like reproducing a substantial portion of research results), it is still customary to obtain the original author’s permission. And if the copying the academic intends to do is restricted by a TPM, there’s no reason the author cannot grant permission to bypass the TPM as well.

2. Most works are available in multiple formats

These days, there’s no shortage of different formats on which digital products are being published. Entertainment media like movies are made available physically on DVD and Blu-Ray, or online in a variety of on-demand, streaming and digital-download formats. The same can be said for academic and educational material. Articles by university professors will often be published in an academic journal, both in print and on the journal webiste, and the same article may appear in other research resources, compilation discs, blogs and online aggregators.

Take Professor Geist’s weekly column for example. His column on Canadian Internet law that appears in the Toronto Star each week can be viewed on the newspaper’s website for free. However, the Star requires website readers to pay a small fee before they can access articles that are more than a couple of years old. Someone who wants to make a fair dealing excerpt of one of Professor Geist’s legal columns from 2007 on the Star website would have to pay $4 to access the article. However, Geist himself makes copies of all of his columns available for free on his blog. So instead of hacking the Toronto Star’s content protection system, readers of Professor Geist’s column can simply find the same articles available on his personal blog.

The same applies to all types of academic materials. Out of the many different formats and platforms that researchers and professors use to publish their materials, it’s highly unlikely that they will all be protected with TPMs that restrict fair dealing copies. In that rare instance where educational materials are available only in a single format, it’s highly likely the author will give permission to make the copy anyway.

3. Bill C-11 regulation making powers

One aspect of the TPM laws in Bill C-11 that you won’t read about on Professor Geist’s blog is their remarkable flexibility to allow them to adapt to new technologies and uses of digital media. The TPM laws in Bill C-11 make extensive use of government regulation-making powers, which is a way of letting government agencies make quick adjustments to existing laws without having to go through the long process of getting a Parliamentary vote.

Bill C-11 would allow the government to enact regulations that would:

  • Prescribe a certain class of TPMs that would not be illegal to hack. If a particular TPM technology was having a drastic effect on preventing otherwise legal uses of educational material, the government could quickly step in and exempt those TPMs from the application of Bill C-11.
  • Prescribe a new exception to allow TPMs to be hacked for a new purpose. If TPMs did turn out to stifle academic research and access to educational materials, the government could quickly enact an exception to allow removal of any TPM for those purposes.
  • Require a copyright owner to allow access to a work protected by TPMs. As a last resort, Bill C-11 reserves the right for the government to order the removal of a particular TPM.

For all of the reasons set out above, it is simply false to say that the TPM laws in Bill C-11 will prevent academics from making fair dealing copies of educational materials. But in the event that they do, the government has numerous powers to quickly correct any problems that arise.

4. There are already existing exceptions

Let’s assume for argument’s sake that an academic wants to make a fair dealing copy of educational material that’s protected by a TPM that would prevent this copying. Let’s also assume that the academic was not able to get permission from the author of the materials to make the copy, that the materials aren’t available in any other format and that the government hasn’t enacted any regulation that would permit this copying.

Even in this very unlikely scenario, there are still eight other existing exceptions in Bill C-11 that allow hacking TPMs without the author’s permission. Some of these exceptions would apply in the academic context. For example, it would be legal to hack any TPM for the purpose of encryption research. As well, Bill C-11 permits hacking any TPM for the purpose of making materials accessible to persons with perceptual disabilities.

Even if none of these exceptions apply, the possibility of an academic, researcher or educational institution facing any damages is extremely remote. Bill C-11 specifically eliminates any statutory damages for acts of TPM hacking, so the only damages a copyright holder could recover are the actual monetary damages suffered by the TPM being hacked. This means that if the TPM is hacked for the purpose of making a fair dealing copy (and therefore the copyright holder suffers no actual monetary damages), there would likely be no penalty recoverable for making the copy. Bill C-11 even specifically exempts libraries, archives, museums and educational institutions from paying any damages if they had reasonable grounds to believe their actions did not violate the TPM laws.

5. Most TPMs don’t actually prevent copying and Bill C-11 doesn’t prevent hacking those that do

There’s one very important point about TPMs, Bill C-11 and fair dealing that you won’t hear from Professor Geist and those that have adopted his position: Bill C-11 doesn’t actually prohibit hacking the types of TPMs that would prevent fair dealing copies from being made.

Understanding this point requires a bit of a technical analysis, which is why it’s been saved for last, but it’s nonetheless absolutely true. Fair dealing is an exception to copyright law that allows users of materials to make limited copies and Bill C-11 does not prohibit hacking a TPM that would restrict someone from making a copy of those materials.

This might not sound believable given the outcry from those that follow Geist’s position, but it’s right there in the language of the Bill.

In Bill C-11, a “technological protection measure” is defined as a device that (a) controls access to a work (an “access-control TPM”); or (b) controls copying of a work (a “copy-control TPM”). A very key distinction is made in Bill C-11 in that it only prohibits hacking an access-control TPM. Nowhere in Bill C-11 is there a section that prevents someone from hacking a TPM that restricts copying of the underlying work. The section in Bill C-11 that outlaws trafficking TPM-hacking devices applies to both access-control and copy-control TPMs, but the section that prohibits TPM-hacking itself is very specifically limited to only access-control TPMs.

Let’s look again at the example of copying some of Professor Geist’s columns from the Toronto Star archives. Forgetting for a minute that the same columns are republished on his blog, suppose a researcher wants to make a fair dealing copy of part of Geist’s column from the Star archives. The Star requires those who wish to access its archives to pay $4 per article. A TPM prevents those who have not paid the fee from accessing the archived content (i.e. an access-control TPM). Bill C-11 would prohibit the researcher from hacking this “paywall” TPM in order to access Geist’s article for free, even if the researcher simply wants to make a fair dealing copy. The fair dealing defense in copyright law does not guarantee free access to content; it allows for limited copying of content to which the user already has access. In other words, fair dealing does not grant free access to the Star archive and Bill C-11 should not permit hacking these access controls even for the purpose of fair dealing.

Now, suppose the researcher pays the $4 and has access to an old column by Professor Geist. Suppose as well that the Star uses a copy-control TPM to prevent readers from copy/pasting the content they’ve paid to access (the Star doesn’t do this, but other online publications do). If the researcher really needs to copy that content for a fair dealing purpose, then nothing in Bill C-11 would prohibit hacking the TPM that disables this copying. This distinction between access-control TPMs and copy-control TPMs becomes more understandable when we realize that fair dealing grants copying “rights” to end users but not access “rights”. By allowing TPMs that prevent copying to be hacked, Bill C-11 has effectively ensured that there’s no concern with the TPM laws interfering with the fair dealing exception.

There may be some situations where academic content is protected through some sort of “hybrid” TPM that is both a copy-control and access-control, however it’s hard to even think of such an example in that context offhand. In fact, the vast majority of educational and academic materials that are protected by TPMs are protected using access-control TPMs like the Toronto Star paywall. The use of copy-control TPMs is extremely rare in the academic world so the fair dealing argument is mostly moot. In any event, these copy-control TPMs can still be removed under Bill C-11.

Conclusion

So would the TPM laws in Bill C-11 prevent students and academics from making fair dealing copies of published materials? The answer to this question is definitely “no” in cases where:

  • the author has given permission to remove the TPM
  • the same materials can be found in another format
  • the government has enacted a regulation allowing the removal of the TPM for the particular purpose or removing that particular class of TPMs
  • the type of copying falls into one of the existing exceptions in Bill C-11
  • the TPM protecting the work is a copy-control TPM

In any other situation (which I challenge opponents of these provisions to name even one in the academic context), the “fine” for hacking the TPM would likely be zero since a fair dealing copy does not cause monetary damage to the original author. I hope the groups that have adopted Professor Geist’s positions take all this into account and reconsider their support for his views. TPMs (particularly access-control TPMs) have become widely used in the academic publishing world to protect revenues for academics and educational authors.

[1] “Fair dealing” is an exception to copyright infringement that allows users of copyright works to copy limited amounts of a work for the purpose of research, private study, criticism, review, or news reporting (Bill C-11 could also add education, parody and satire to that list).

Bill C-11, TPM , , , ,

Canadian BitTorrent Sites Dominate Rogue Website Lists in SOPA Submissions

1 Comment Posted by on November 17, 2011

Yesterday, hearings began in the United States House of Representatives on H.R. 3261, the “Stop Online Piracy Act” (SOPA). Witnesses from the U.S. Library of Congress, Pfizer, the MPAA, MasterCard and the AFL-CIO all voiced support for the Act, which would give judges injunction-granting powers against ISPs to block rogue piracy websites similar to the process that has been in place over a decade under Article 8(3) of the EU Copyright Directive.

Critics of the Act have begun to describe all kinds of unbelievable scenarios that will come to pass should SOPA be enacted; everything from comparisons to the dictators that shut down Internet access nation-wide in the Middle East to predictions that the legislation will be used to block websites like Google, Amazon and Wikipedia.

Trade groups for the recording and motion picture industries have since released their lists of websites they would actually target for court orders should the law be enacted and, unsurprisingly, nobody is seeking to block Wikipedia or Amazon from U.S. Internet users. Instead, these lists of websites include known pirate websites that look very much like the sites that have been targeted through Article 8(3) in Europe. This includes the notorious Pirate Bay, which has at one time or another been ordered to be blocked by ISPs in Denmark, Finland, Germany, Greece, Ireland, Italy, the Netherlands, Sweden, and the United Kingdom.

What’s more interesting in the lists of rogue sites cited by the MPAA and the RIAA is the predominance of Canadian-based websites.

Out of the 7 BitTorrent websites listed in the MPAA’s submission, 3 of these are Canadian-based:

Kat.ph – Canada. This website has steadily increased in popularity since 2009 and is currently ranked 323 by Alexa. Originally known as Kickasstorrents.com, the website transitioned to a new domain, Kat.ph, weeks after the U.S. Department of Homeland Security seized several domains associated with motion picture piracy. Motion pictures represent the largest category of content on this file-sharing website with 975,009 listed available, along with 55,330 titles listed under the Television category. Compete.com estimates 874,966 users visit Kat.ph each month through its servers hosted by Netelligent Hosting in Canada.

IsoHunt.com – Canada. Isohunt.com is the second most popular BitTorrent site on the Internet. The website claims to offer 33.29 million peers, 7.8 million active torrents, and is currently ranked as the 272nd most visited website on the Internet by Alexa.com. Compete.com estimates the website receives 1,225,982 visitors each month. In 2009, a U.S. Court found the operator liable for copyright infringement and issued a permanent injunction against Isohunt.com. The website, however, continues to operate through servers operated by Isohunt in Canada.

Torrentz.eu – Canada. As one of the oldest and most popular BitTorrent websites on the Internet, Torrentz.eu has been in operation for eight years. The website temporarily shut down in 2004 in response to a takedown notice from a copyright holder and then came back online with a more aggressive configuration. This BitTorrent metasearch engine currently searches 32 major BitTorrent websites that include Thepiratebay.org and Kat.ph. Its current Alexa ranking is 147. Compete.com currently estimates that Torrentz.eu receives 1,675,603 visitors each month. Torrentz.eu currently claims to offer 15.9 million active torrent files with over 3.5 million of those files tagged as motion picture content. Previously known as Torrentz.com, the website transitioned to the .EU domain weeks after the U.S. Department of Homeland Security seized several domains associated with motion picture piracy. The website is currently hosted through Amanah Tech in Canada.

The RIAA submission also cites the three Canadian sites noted above, but also added Monova.org, with servers in Brampton, Ontario, and Fenopy.eu, with servers in Scarborough, Ontario.

copyright , , ,

5 Steps to Understanding Bill C-11 and “Digital Locks”

1 Comment Posted by on November 2, 2011

Let’s clear up some of the confusion about copyright law and “digital locks”.

If you’ve been reading the press lately on the federal government’s latest attempt to reform Canadian copyright law, then it’s likely you’ve read about the government’s proposed legal protection for “digital locks”. And if you’ve been wondering exactly what a “digital lock” is, you’re not alone since nowhere in the government’s proposed copyright reform bill, Bill C-11, are the words “digital lock” actually used. Neither is it a common term in either the legal or technology fields. Instead, the ominous “digital locks” phrase was coined by opponents of these provisions, which is usually followed by begging the question of why our government would propose to legally protect these “digital locks”.

Therefore, the first step in clearing the confusion should involve using the proper legal term for these technologies that are used to protect digital media. In Bill C-11, they’re referred to as “technological protection measures” or “TPMs” and similar terminology is used in scores of copyright laws all over the world. In Bill C-11, a TPM is defined as a device or program that either (a) controls access to or (b) restricts copying of a copyright-protected work.

The second step in understanding Bill C-11 and TPMs is to appreciate where these laws are coming from. About 15 years ago, 89 countries signed a pair of UN treaties (the “WIPO Treaties”) saying that each would enact effective legal protections for TPMs and make it illegal to either hack a TPM or sell a TPM-hacking device. Since then, 80 out of those 89 countries have come through with that commitment. But despite three previous attempts in the 00′s, it still remains on the Canadian federal government’s international to-do list. Other stragglers include Bolivia, Namibia, Nigeria and Venezuela. In other words, the TPM laws found in Bill C-11 are not without precedent, and virtually all of our major trading partners have enacted similar laws pursuant to these Treaties.

The third step in understanding TPMs is to know how and why they’re used. If you own a device that can play digital media (including a computer or a smartphone), then chances are you already interact with TPMs on a daily basis. A common example of TPMs are software serial numbers. Computer software is often sold along with a serial number or code that must be entered when installing the program. Once somebody has used a serial number to install a computer program, nobody else can use that number to install the same program. The point of serial numbers is to ensure that each person using the program pays the original developer for a copy of the software. Absent these numbers or other TPMs, software developers could theoretically only sell a single copy of their programs before everyone had a copy of it.

Evidence has clearly shown that TPMs are the reason online digital markets are now thriving. When Internet file-sharing technologies gained prominence in the late 90′s, content owners were understandably weary of releasing their works onto this wide open medium. Fast forward a decade and almost all media can be legally accessed one way or another through channels protected with TPMs. When you buy books through Kobo’s online store, their TPM lets you copy that book to your e-reader, smartphone, or computer, but it won’t let you send it to all of your friends. Movies purchased through iTunes contain TPMs that let you copy the movie on up to, but no more than, five Apple devices. The popular PC gaming platform Steam has a TPM that lets you play games you’ve purchased on any computer where you log into your Steam account, but you have to buy additional copies of games if you want to send them to friends. Even the major record labels are now making hit singles available for free on YouTube, subject to TPMs that require viewers to watch a short ad before accessing the song.

The amount of content that artists and other creators have now made available online through TPM-protected channels is staggering. It’s fair to say that TPMs have done more to encourage the dissemination of content online than all of the file-sharing technologies like Napster or BitTorrent combined. You don’t necessarily have to love the commercials that CTV or CBC make you watch before accessing shows on their websites to appreciate that, without them, these shows wouldn’t be (legally) available on the web in the first place.

The fourth step in understanding TPMs is to appreciate that it’s all about trade. Canada has always been a major player in the cultural industries. We export our music, movies, books, software and (increasingly) video games all over the world and in turn our diverse population consumes tonnes of foreign content. It is ironic that the technologies used to protect Canadian-made cultural products are subject to legal protections in virtually every country where they are exported but remain legal to hack here in Canada. Of course this rattles our trading partners and affects our positions in international trade negotiations. And of course it puts us in a tough spot negotiating the upcoming Canada-EU Trade Agreement.

Being the lone holdout among our trading partners in offering legal protections to TPMs has also fostered the growth of a TPM-hacking industry here in Canada. Small, back-room shops all across the country have made huge profits selling TPM-hacking chips and devices all over the world. In fact, much of the opposition to the TPM laws in Bill C-11 can be traced back to a coalition of these device exporters. Last year, during the government’s open consultation on copyright reform, the hacking tool makers pleaded with their customers to send letters to the Canadian government demanding that TPM-hacking remain legal in Canada. The government received thousands of these letters from all over the world.

It’s also no secret that a large number of these devices end up in the hands of American consumers – many of the Canadian TPM-hacking chip makers offer free shipping to anywhere in North America.  Of course this affects our standing to oppose US trade measures like “Buy American” policies. And of course the US will place Canada on international trade lists along with China, Pakistan and Russia as the countries lacking the most in intellectual property protection. It’s one thing to be known as a country that leads the world in illegally copying our trading partners’ products. It’s a whole other ballgame when we actually flood their domestic markets with Canadian-made piracy-enabling tools.

Finally, the fifth step in understanding TPMs and Bill C-11 is to appreciate the importance of international standards for TPM protection. Right now, Canada has been the proverbial “weakest link” in legal protection for TPMs and a global leader in TPM-hacking exports. This situation won’t change if we enact legal protections that fall short of the “adequate legal protection and effective legal remedies” standard required under the WIPO Treaties that the other 80 signatories have adhered to.

Critics of the TPM provisions in Bill C-11 often claim to have a “balanced” solution for TPM protection: to create an exception that allows hacking for legal purposes. The theory is that if I can legally copy a protected work, then I should also be able to legally hack any TPM protecting that work.  The problem here is that this would allow anyone to claim a copyright exception every time a TPM is hacked. For example, Bill C-11 creates new copying exceptions that would allow anyone, at any time, to create a backup copy of a copyright work. Therefore, it would also be an exception to the TPM laws for anyone, at any time, to hack a TPM claiming it was for the purpose of backup copying (or any of the other copyright exceptions). The net effect of this proposed “balanced” approach for TPM protection would be that, under Canadian law, it is illegal to hack a TPM unless it’s done by anyone, and unless it’s done at any time.  It would be like adding a exception to traffic laws saying it’s fine to break the speed limit if you say you’re in a hurry.

Of course, the proponents of this approach know that it would cause Canada to have a virtually unenforceable TPM protection law, which is probably why the hacking device exporters and their customers have been pushing so hard for its adoption. But I don’t see how we could, with a straight face, claim that this amounts to the effective legal protection for TPMs required under the WIPO Treaties. Out of the 80 WIPO-signatory countries with TPM provisions in force, only one other country (Switzerland) has tried to adopt anything close to such an approach, and even this has been criticized as failing to meet the standards of the Treaties.

Legal protection for TPMs is long overdue in Canada. As a nation that ought to be leading on such key trade-related matters, the biggest question we should be asking our government is why it took us so long to get here.

2011 Copyright Bill , , ,

CMA Confirms Canadian Government to Revisit Anti-Spam Regulations

Leave a Comment Posted by on October 24, 2011

In their Friday newsletter to members, the Canadian Marketing Association confirmed that the regulations to the Canadian Anti-Spam Law (formerly known at Bill C-27, the ECPA, and FISA) will be revisited:

Earlier today, CMA confirmed that the federal government will be undertaking further consultations with stakeholder groups as part of the process for developing detailed regulations required to implement Canada’s Anti-Spam Law. In commenting on the proposed regulations announced in the summer, CMA and other organizations raised concerns about potential negative impacts on e-commerce, and the government is now exploring ways to address these issues. These discussions and the ongoing regulatory process are likely to delay implementation of the law until at least mid-2012.

General

Hadopi Issues 18 Month Report

Leave a Comment Posted by on October 18, 2011

Hadopi, the French independent government authority in charge of administering France’s graduated response law (often referred to also as “Hadopi”) has issued an 18 month report outlining the progress of the organization’s mission of educating French Internet users and diverting them to legal sources of online digital content. Both a long and short version of the report are available. Unfortunately, the report is currently only available in French, which is a shame given that, following its mantra of “Open Data”, a huge amount of information has been made available about the French implementation of a graduated response regime. The report should be required reading for any country considering new solutions to preventing massive Internet copyright infringement.

Below are some of the highlights of the report.

Encouraging the Use of Legal Digital Media

Much like the proposed “notice-and-notice” system in the Canadian Bill C-11, the primary purpose of the Hadopi law is to educate Internet subscribers and inform them if their Internet access is being used for the purpose of copyright infringement. Of course, the primary difference between a graduated response and notice-and-notice system is that there are no consequences under the notice-and-notice system for those that repeatedly ignore infringement warnings – under Hadopi, if multiple warnings are ignored, copyright holders may petition a court to impose sanctions on the subscriber that could include a fine of up to 1,500 euros or suspension of Internet access for a maximum of one month.

The report notes that the system has been extremely successful in its objective of steering French Internet users towards legitimate sources of cultural works:

Au vu des sondages précités, on voit notamment que 16 % des internautes français indiquent s’être tournés vers les offres légales durant les 6 premiers mois de la réponse graduée, que 50 % d’entre eux sont incités par l’Hadopi à consommer plus régulièrement des œuvres culturelles sur des sites respectueux du droit d’auteur, que 41% des internautes interrogés connaissant l’Hadopi déclarent que celle-ci les incite à changer leurs habitudes de consommation sur Internet, et 44% des internautes ayant déclaré un usage illicite et connaissant l’Hadopi se disent “tout à fait” ou “plutôt” incités par l’Hadopi à changer leurs habitudes de consommation de biens culturels sur Internet.

Google Translate:

We see in particular that 16% of French Internet users said they had turned to legal alternatives during the first 6 months of the graduated response, 50% of them are motivated by Hadopi to consume more regularly cultural works on sites respectful of copyright, that 41% of Internet users surveyed knew the Hadopi law that encourages them to change their habits on the Internet, and 44% of Internet users who reported illicit use and know of Hadopi say they are “completely” or “somewhat”encouraged by Hadopi to change their habits of consumption of cultural goods on the Internet.

Deterrent Effect of Warning Letters

The Hadopi report also contains statistics related to the number of warning emails that were sent to subscribers. Recall that earlier this year at the C-32 Committee Hearings, a representative from Rogers testified that about a third of those who receive a first warning email under the Rogers notice-and-notice system will go on to receive a second, although the math behind these numbers didn’t quite add up. Research out of Europe puts the actual re-offense rate somewhere around 70% for notices that are sent without any potential sanctions against persistent offenders, whereas notices that include the possibility of such sanctions generate much lower re-offense rates (by more than half).

The Hadopi report published 2 numbers with respect to warning letters that were sent out in France:

  1. 470,935 first warning emails were sent to Internet subscribers; and
  2. 20,598 second warning emails were sent, in the first 18 months of the initiative (approximately 4% of those who received a first notice).

Mireille Imbert-Quarett, president of the rights-protection branch of Hadopi, also later confirmed that 60 French Internet subscribers had received a third warning. This amounts to about 0.2% of those who received a second notice or 0.01%, one in ten thousand, of those that received a first notice. Assuming Rogers’ one-third rate of follow-up notices is accurate, that would still put their third-notice (without possibility of sanction) rate at over 10%.

These numbers demonstrate a remarkable success in deterring Internet users from accessing infringing works. To go from 470,935 users found to be downloading illegal content down to only 60 users who ignore two warnings shows that the primary goal of deterrence has been achieved under the existing framework, all without disconnecting a single user’s Internet account (although the copyright holders who’s works were infringed by those 60 users have the option to apply to a court to impose sanctions against those 60). Those who receive warnings under Hadopi can appeal each warning that is received, although the report also notes that over 83% of the 26,425 inquiries received by the appeal centre were simply questions about either Hadopi warnings, securing your WiFi access, or legal sources of digital media.

The report confirms once again that it is possible to design an effective graduated response system that includes court oversight, a robust appeals process, protections for personal information and limited sanctions for repeat offenders. The numbers in the report confirm that warning letters to Internet users who infringe copyright works are an effective method of deterring online piracy when the possibility exists for sanctions against re-offenders.

Graduated Response , , ,

Bill C-11 and statutory damages: a guide for Canadian copyright law

1 Comment Posted by on October 6, 2011

Aside from the issue of TPMs or “digital locks”, another aspect of Bill C-11 (and formerly Bill C-32) that is often misunderstood in media reporting and by the general public is the issue of statutory damages. News reports, such as a highly flawed piece that ran in the Montreal Gazette, have been quoting a figure of $5,000 that Bill C-11 would impose in “fines” for violations or various provisions found in the Bill.

In order to clarify the changes in statutory damages proposed in Bill C-11, below is a comparison of the current regime and the revised regime that would be in place post-Bill C-11.

Statutory damages under current Canadian copyright law

Under current Canadian copyright law, when a person is found to infringe copyright, that person must pay monetary damages to the copyright owner. These damages are calculated to be a restitution for the amount the copyright owner has suffered due to the infringement. In addition, if the person who infringed the copyright made any profits off of the infringing activity, the copyright owner may seek to recover those profits as well if they go beyond the damages calculation.

Canadian copyright law also gives plaintiffs the option to seek “statutory damages” against infringers instead of damages and profits. Under the current Copyright Act:

  • Statutory damages normally range from $500 to $20,000 per work that was infringed.  (s.38.1(1))
  • If the infringing party did not know they were infringing someone’s copyright, that amount can be reduced as far as $200 per work infringed.  (s.38.1(2))
  • If there is more than one work being infringed on a single medium (for example, 12 songs on a CD), and at $500 per work infringed the total award would be “grossly out of proportion to the infringement”, that amount can be lowered to any amount the court considers just, including $0. (s.38.1(3))
  • In deciding what amount in the $0-$20,000 range to award, the courts will consider: (1) the intentions of the infringer, (2) the conduct of both parties, and (3) the need to deter other similar infringement. (s.38.1(5))

Statutory damages under Bill C-11

Bill C-11 would significantly alter the way statutory damages would apply to instances of copyright infringement for “non-commercial purposes”.  In particular, under Bill C-11, in the case of non-commercial infringement:

  • Statutory damages normally range from $100 to $5,000 for all works that are infringed (s.38.1(1)(b))
  • If a person has already had to pay non-commercial statutory damages in another lawsuit, then no other copyright owner can seek non-commercial statutory damages against that person for any acts of infringement that occurred prior to that lawsuit. (s.38.1(1.1) and (1.2))
  • If the non-commercial infringer (1) did not know they were infringing someone’s copyright, (2) copied more than one work from a single medium, and (3) at $100 per work infringed the total award would be “grossly out of proportion to the infringement”, then the damages amount can be lowered to any amount the court considers just, including $0. (s.38.1(2) and (3))
  • In addition to the existing factors, in deciding the amount in the $0-$5,000 range to award, courts will also consider: (1) the need for the award to be proportionate to the infringements, (2) the hardship the award may cause to the defendant, (3) whether the infringement was for private purposes, and (4) the impact of the infringement on the plaintiff. (s.38.1(5)(d))
  • Courts cannot award statutory damages against those that enable acts of infringement (i.e. a pirate BitTorrent website), whether for commercial or non-commercial purposes (s.38.1(6)(d))
  • Courts cannot award statutory damages against those that circumvent TPMs or “digital locks” for private purposes (s.41.1(3)).

 

Common Myths

As Bob Tarantino accurately points out, there has been a significant number of errors when it comes to reporting on the statutory damages provision in Bill C-11. In particular:

  • Statutory damages are not “fines”. They are an alternative way to compensate those whose works have been infringed and must be sought by plaintiffs who can prove to a court that their work has been infringed.
  • The amount for statutory damages is not $5,000, or any set amount. Under Bill C-11, statutory damages would range from $0-$20,000 in the case of commercial infringement, and $0-$5,000 in the case of non-commercial infringement.
  • The imposition of a $5,000 statutory damage award would be rare under Bill C-11, and they would very rarely lead to a bankrupt defendant. Courts would have to consider the hardship the award may cause to the defendant in addition to other factors that could lead to a lower amount on the scale.
  • There are no statutory damage awards for circumventing a TPM or “digital lock” for private purposes. A copyright owner would only be able to recover from someone who circumvents a TPM for private purposes monetary damage that they can prove to a court was caused by the act of circumvention. In the case of “even the smallest such violations” as described by the Gazette, this amount would likely be far from the reported $5,000.
As with my Comprehensive Guide to TPMs, I hope this clarifies some common misconceptions and explains how the statutory damage provisions in Bill C-11 would operate if the Bill passes in its current form.
General

Bill C-11, Digital Locks and TPMs: A comprehensive guide for Canadian copyright law

1 Comment Posted by on September 30, 2011

Once again, it seems that the issue of TPMs (or “digital locks”) has become one of the main focus point of the new copyright bill, Bill C-11. And, once again, the reporting on the TPM provisions of Bill C-11, which like the remainder of the Bill remains unchanged from last year’s Bill C-32, is replete with inaccurate and incomplete descriptions of those provisions.

In order to clear up confusion, I have re-posted below one of the most popular posts from my blog, titled “TPMs: A comprehensive guide for Canadian copyright law”. See also some other posts I wrote on Bill C-32′s TPM provisions, which would all apply equally to Bill C-11:

TPMs: A comprehensive guide for Canadian copyright law

Based on last week’s debate in the House of Commons, it appears as though one of the more contentious elements of Bill C-32, the Copyright Amendment Act, are the provision pertaining to digital locks, or technological protection measures (“TPMs”) as they’re called in the Bill. Although I earlier pointed to many errors the NPD critic made with respect to these provisions, in fairness the debate surrounding Bill C-32′s TPM provisions contained a number of persistent misunderstandings by most commentators. In an effort to help ground these debates in the actual content of the Bill and the proposed TPM circumvention laws, below is my attempt at a plain explanation of the relevant clauses in Bill C-32.

Summary of Bill C-32 TPM Provisions

The crux of the TPM provisions can be summarized as follows:

  • A technological protection measure (TPM) is a device that a copyright holder uses to (A) control access to a creative work or (B) prevent copying of a creative work (s.41)
  • It is an infringement of copyright to circumvent a TPM, but only if it restricts access to a work as in (A) above. There is no restriction on the act a circumventing a copy-control TPM under the definition of (B) above (s.41.1(1)(a)).
  • It is an infringement of copyright to provide circumvention services (s.41.1(1)(b)) or provide circumvention devices (s.41.1(1)(c)) for both definitions of TPMs in (A) and (B) above.
  • There are eight exceptions to the circumvention prohibition and the government can enact new exceptions through regulation as needed (s.41.21).
  • There are no statutory damages (i.e. “default damages” of $100-$5000 per infringement) for circumventing a TPM for private purposes (s.41.1(3)). Those found to have circumvented a TPM for private purposes will only have to reimburse the copyright holder for the damage caused by their act of circumvention (s.41.1(4)).
  • Large-scale, commercial and purposeful infringement of TPMs is punishable as a criminal offense (s.42(3.1)), except for libraries, archives, museums or educational institutions.
  • Libraries, archives, museum and educational institutions will pay no damages if they had reasonable grounds to believe their actions did not violate the TPM provisions (s.41.2)

Exceptions

Bill C-32 contains 8 exceptions that allow circumventing a TPM for a certain purpose:

  • Law enforcement and national security (s.41.11)
  • Interoperability of computer programs (s.41.12)
  • Encryption research (s.41.13)
  • Protection of personal information (s.41.14)
  • Security of computer system or network (s.41.15)
  • Persons with perceptual disabilities (s.41.16)
  • Broadcasting undertakings (s.41.17)
  • Radio apparatus (e.g. cell phone carrier restrictions) (s.41.18)

In addition, the government can, at any time through regulation:

  • Prescribe that a certain class of TPMs will not be protected under these provisions (s.41.21(1))
  • Prescribe a new exception to allow circumvention for a particular purpose (s.41.21(2)(a))
  • Require a copyright owner who limits access to a work through TPMs to allow access (s.41.21(2)(b))

Few other countries, including the US, have included such wide-ranging abilities for amendment through regulation in their TPM-protection laws.

WIPO Requirements

There was a lot of debate last week regarding what the WIPO Internet Treaties required in terms of protection for TPMs. As I set out in my blog post on the subject, the requirements (which are met by Bill C-32) are as follows:

  • The laws must prohibit circumvention devices of both access-control and copy-control TPMs
  • The laws must prohibit the act of circumventing a TPM, as well as providing circumvention services or manufacturing, importing and distributing circumvention tools
  • The laws must not only prohibit devices whose sole purpose is TPM circumvention, but also those which are primarily designed and produced for such purposes
  • The laws must not only prohibit an entire device which is of the nature just described, but also individual components or built-in special functions of devices

It has also been suggested that Canada could fulfill the WIPO Internet Treaties’ requirements by only prohibiting circumvention for an infringing purpose. Besides rendering the TPM provisions almost entirely redundant, this approach is widely regarded as failing to conform with the treaty obligations by, among others, one of the key architects of the treaties themselves. Mihály Ficsor and Barry Sookman have written extensively on this subject, see:

Others have also questioned the need to ratify the WIPO Internet Treaties at all. While the desire to fulfill Canada’s international commitments and the benefits that TPMs have shown to provide artists and creators are compelling reasons enough to enact robust protection for TPMs, the global nature of digital piracy also highlights the importance of these laws. Large-scale commercial pirates will take advantage of legal gaps wherever they are found. For years, as the lone holdout among the G7 in ratifying the WIPO Internet Treaties, Canada has encouraged the growth of domestic commercial piracy operations such as file-sharing services and TPM-circumvention tool manufacturers. The weak laws in Canada facilitated piracy on a global scale. Implementing the requirements of the WIPO Treaties will bring Canada in line with international standards that have been adopted amongst our trading partners and put an end to the era where Canada is known as the weakest link in global copyright enforcement.

Do the TPM provisions override the user exceptions?

Yes, under certain circumstances, the new user exceptions do not apply if the user circumvented a TPM in order to make a copy of the work.

Bill C-32 provides four new consumer exceptions to copyright law. These would allows users to create additional copies of works they purchase for the purpose of format shifting (s.29.22), time shifting (i.e. PVRs, s.29.23), backup copies (s.29.24) or a controversial exception to create non-commercial user-generated content (s.29.21). Under each exception, except for the user-generated content exception, the provision does not apply if the user circumvented a TPM in order to make the copy.

This condition is absolutely vital for the sustainability of certain business models that are increasingly being used for digital distribution. Without this condition, the technologies that enable certain business models such as ad-supported streaming (i.e. YouTube), trial software, digital rentals and previews are completely undermined. I’ve written more on the subject explaining why user exceptions must not override protection for TPMs.

Do the TPM provisions override fair dealing?

No. Perhaps the greatest myth surrounding the TPM provisions in Bill C-32 is that these would override or “trump” the fair dealing defense.  It then bears repeating: there is nothing in Bill C-32 (and specifically in the TPM provisions) that would inhibit a user’s right to copy works under the fair dealing defense.

As noted above, the circumvention prohibition in Bill C-32 only applies to devices that control a user’s access to a work. Circumventing a TPM that prevents copying a work is permitted under Bill C-32.

Fair dealing is a defense to copyright infringement. It allows users to make fair copies of portions of a work for certain purposes. It does not grant any user a right to free access to that work. A researcher must still legally obtain access to a work in order to make a fair dealing copy. As was noted by a US court “it is not permissible to break into a locked room in order to make fair use of a manuscript kept inside”.

For example, if an academic article was only being provided behind a “paywall” (where the reader must pay a certain amount to access the article), users desiring to make fair dealing copies would still have to pay to access the article. However, once the content is legally accessed or acquired, users could circumvent any technology that prevents them from making fair dealing copies of the text of the article.

Despite the Bill’s clear distinction between access and copy control circumvention, some misunderstanding still persists. Therefore, I repeat: nothing in Bill C-32 prevents users from making fair dealing copies of works they have legally obtained.

Big picture on TPMs

One advantage of having been the holdout in implementing legal protection for TPMs is that Canada has the benefit of observing its effect in countries where protection has often been in place for over a decade. What has not occurred in Europe, Australia, the US and Asia are the cataclysmic predictions of “digital lockdown” when in fact many new and innovative digital media distribution services have emerged in these countries (and have been largely absent from Canada).

Ultimately, the use of TPMs to protect media remains a choice of the artist and distributor; and the decision to purchase protected media remains entirely with the consumer (with many works now being made available in a number of formats subject to more or less protection). Although Parliamentarians may disagree on where the appropriate balance is to be struck between legal protection for TPMs and user exceptions, what is most important is that these decisions are centered around the actual provisions of the proposed law rather than unsubstantiated assertions.

Bill C-11 , , ,

Copyright and privacy reform bills on Notice Paper

Leave a Comment Posted by on September 28, 2011

Tuesday afternoon saw bills to amend both the Copyright Act and PIPEDA appear on Parliament’s Notice Paper as Government bills. It is likely both bills will have first reading on Thursday morning.

It has already been announced that the copyright reform bill (Bill C-11?) will be unchanged from last Parliament’s Bill C-32. Will the privacy reform bill (Bill C-12?) also be identical to last year’s Bill C-29, which included breach notification requirements in PIPEDA? Stay tuned for updates later this week…

2011 Copyright Bill, Privacy , , , ,

Older posts

Follow

Get every new post delivered to your Inbox.