Italy Says P2P Monitoring Firm Broke The Law -- But This Might Not Be A Good Thing
from the there-goes-that-evidence dept
There have been various accusations in the US that the techniques used by various P2P monitoring firms that the entertainment industry uses are an "illegal investigation." While we're still waiting to see the outcome of such cases, over in Italy, the government organization in charge of privacy has determined that, indeed, the efforts to monitor P2P use violates local privacy laws. This comes just a few months after a similar finding in Switzerland. With the EU recently saying that IP addresses are private information, you can see why these types of rulings are coming through.While I will argue vehemently over the fact that the entertainment industry's tactics are wrong, short-sighted and unfair to many of the people it accuses of copyright infringement, I'm not so sure that merely collecting information that someone's computer broadcasts about themselves should be considered a violation of privacy. I do agree that ISPs shouldn't just hand over data on who's account is attached to a certain IP address (that's a privacy violation. But, to simply collect the data, which is publicly "broadcast" by the user, hardly seems like a privacy violation. There are plenty of arguments against the entertainment industry's tactics -- but you get into dangerous territory when you start declaring publicly broadcast information as somehow "private." While it may be appealing in that it makes life more difficult for short-sighted entertainment industry execs hellbent on suing customers, the unintended consequences of such things could be dire. It raises serious questions about how other types of publicly broadcast info may be judged later.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: ip address, italy, monitoring, p2p, privacy
Reader Comments
Subscribe: RSS
View by: Time | Thread
P2P not public broadcast
The thing is P2P communication is not public broadcast.
[ link to this | view in chronology ]
Re: P2P not public broadcast
All of those (with the possible exception of WiFi) are encrypted. That's quite different.
The thing is P2P communication is not public broadcast.
Your IP address is publicly broadcast via your P2P app. Yes, it is a public broadcast.
[ link to this | view in chronology ]
Re: Re: P2P not public broadcast
In technical terms, it is NOT a broadcast. The IP is provided to any peers contributing or downloading but it is not provided to everyone, and that's only if the P2P app doesn't use tunneling to obfuscate/encrypt the data/IP.
[ link to this | view in chronology ]
No, it is wrong
[ link to this | view in chronology ]
Death to RIAA!
[ link to this | view in chronology ]
Here in the EU, with the penetration of always-connected Internet connections being what they are, your IP address probably will be 'personally identifiable information'. There are laws around the use of such information. And personally identifiable information can be those bits-and-pieces that, in themselves, don't lead back to the identity of a person, but when used in conglomerate do reveal a person's identity.
One of those laws is that information like that CAN be used - but the collector of that information needs to inform the person WHAT is being collected and, more importantly, HOW it's going to be used. Using that information for something other than the stated reasons is illegal; the user hasn't been informed beforehand that the information could be so used.
Also, the uses that the information is put too has to have some relevance to WHY the information is being used. Using the data collected from an electronic public-transport ticket to collect the fare from you bank account would be relevant. Using it to send you marketing information based on your travel profile probably wouldn't be.
Whether you agree with the EU view on this or not - it IS the law here and needs to be respected by those companies doing business over here.
Disclaimer: IANAL nor have I played one on television.
[ link to this | view in chronology ]
Encrypted
[ link to this | view in chronology ]
Re: Encrypted
You miss my point. I said encrypted -- not encoded. All of your examples were encrypted in a manner purposely designed to hide what the data is. In other words, designed in a way that you cannot simply read the information without a specific key.
That is not the case with an IP address.
[ link to this | view in chronology ]
Re: Encrypted
JPEG is an encoding sceme, allowing you to quickly describe an image. AES is an encryption sceme, making data difficult to extract without additional special, secret information (the key).
[ link to this | view in chronology ]
Privacy
[ link to this | view in chronology ]
Re: Privacy
Interesting. Still not sure I agree with it, however. It still seems to go down a slippery slope.
I guess, at best, you could say not so much that it's a privacy violation, but that there's some kind of fraud going on, in that Logistep is claiming one thing, but really doing another...
[ link to this | view in chronology ]
Re: Re: Privacy
If the states had the same protection, everyone would be better off.
[ link to this | view in chronology ]
Re: Re: Privacy
P2p not knowing his machine was customly set up that way do to lack of technical knowledge
[ link to this | view in chronology ]
Re: Privacy
[ link to this | view in chronology ]
EU != US
Without my consent my bank may not pass on any information about me to anyone, not even other divisions within the same corporation in order to try and sell me some service or package. Without providing full disclosure and obtaining my explicit permission -- signed and dated -- no company can distribute any personal information they may have about me. They cannot even confirm that I'm a customer unless I've signed a waiver or instruction to release such information.
And you think this is a bad thing... why?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
I hate to break it to you - but your address isn't private. Hundreds of people are aware of your street address. The person delivering your mail is probably familiar with it, the town you live in and the post office are vaguely familiar with it. Heck, everyone that lives on your street, particularly those with a number higher on their address are aware your address exists. It isn't private information.
And much like you said about your address being visible on the front of your house, your IP address is equally not private.
Now, your name attached to your address - thats different.
And thats the same thing with the IP address.
And like your address, keeping that private is your responsibility. How far you want to go with your anonymity is your choice and your risks to gauge.
[ link to this | view in chronology ]
Re:
This is pretty much what Mike said above: the address is public. If you want to claim the ASSOCIATION as private, that's more than understandable and very reasonable. But it's dangerous to say that information any passerby can get in a glace is somehow "private."
[ link to this | view in chronology ]
Physical address is not private
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
It is how ever an invasion of privacy to walk down a street, look in the windows of every house, collect data of what is in thier houses legal or otherwise, and then write down that address to identify the contents of those houses.
Oh, and on the encrypted conversation not all models of cordless phones are encrypted, but it is still illegal to monitor the signal.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re: Re: P2P not public broadcast
Your IP address is not broadcast, it is provided in a point-to-point connection (outside of your local network that is).
It's no different from having an unlisted telephone number and then using your phone to call someone else who has an unlisted phone number.
[ link to this | view in chronology ]
Coverage from italy
Italy
- monitoring is unlawful because it's active, massive, detailed, long-term surveillance of many users (i.e., not the same thing that receving a broadcasted information)
- Logistep stored data that usually would be deleted because they are not necessary to P2P activities
- data got collected from P2P networks for different reasons than using/participating P2P networks themselves
- data got collected secretly
Germany:
- you can't do automatic scanning against users without their previous consent
- you can't ask to ISPs users' IP addresses - only enforcement agencies can
[ link to this | view in chronology ]
Re: Re: P2P not public broadcast
It varies from system to system, but discovery and publication activities typically are broadcast - in that you try and get your message out to as many people as possible. Yes, this might involve many point-to-point connections, but then so does normal network broadcasting.
P2P systems are public systems, so if you broadcast "Who has this file?" or "I'm sharing X" - they you are effectively broadcasting into the public domain.
[ link to this | view in chronology ]