Europe's data czar speaks out over ACTA

Yesterday Peter Hustinx (left), the European Data Protection Supervisor, issued a press statement expressing his disappointment for not being “consulted by the European Commission on the content” of the Anti-Counterfeiting Trade Agreement (ACTA) which was described by the statement as being “an agreement which raises significant issues as regards individuals’ fundamental rights, and in particular their right to privacy and data protection.” Hustinx stated:

"Whereas intellectual property is important to society and must be protected, it should not be placed above individuals' fundamental rights to privacy and data protection. A right balance between protection of intellectual property rights and the right to privacy and data protection should be ensured. It is also particularly crucial that data protection requirements are taken into account from the very beginning of the negotiations so as not later on having to find alternative privacy compliant solutions."

Hustinx also stated that he was concerned regarding the lack of publicly available information regarding the ACTA negotiations (see previous AmeriKat reports here and here) and specifically recommended that a “public and transparent dialogue on ACTA” be established to ensure that its proposals are compliant with EU privacy and data protection requirements.

Last Friday the chapter concerning the allegedly draft provisions of ACTA entitled “Enforcement procedures in the digital environment” was leaked online. The IPKat has summarized some of the key provisions for its readers below:

Section 2 states that each Party to ACTA confirms that civil remedies (as well as limitations, exceptions, or defences with respect to the application of such remedies) are available in its legal system in cases of third party liability for copyright and related rights infringement. “Third party liability” is defined as the liability for any person who “authorizes for a direct financial benefit, induces through or by conduct directed to promoting infringement, or knowingly and materially aids, any act of copyright or related rights infringement by another.”

Section 3 echoes the notice and takedown and Safe Harbor provisions contained in the US’s Digital Millennium Copyright Act (DMCA) (see this IPKat post that outlines the Safe Harbor provisions in action). Section 3 begins by stating that each Party recognizes that individuals using third party online service providers may engage “in copyright or related rights infringement” but that there is also substantial “legal uncertainty with respect to application of intellectual property rights, limitations, exceptions and defenses in the digital environment” which may present “barriers to the economic growth of, and opportunities in, electronic commerce.” The section then states that Parties should provide limitations on a service provider’s liability for infringing activities provided that the service provider:

(1) adopts and reasonably implements “a policy to address the unauthorized storage or transmission of materials protected by copyright or related rights”; and

(2) expeditiously removes or disables access to infringing material upon receipt of legally sufficient notice of alleged infringement.

The only example this document gives of the type of policy to which (1) applies is one that provides for “the termination in appropriate circumstances of subscriptions and accounts in the service provider’s system or network of repeater infringers.” To this Kat, the fact that only one example of a policy was given and this policy mentions “the termination of subscriptions and accounts” of “repeat infringers” points to only to one thing – a “three strike” type rule. If a three-strike policy was the only policy in the contemplation of the drafters at the time of formulating Section 3, how much scope does a service provider really have in formulating a policy that does not include a “three-strike” type rule?

Coincidentally, yesterday the UK Government stated that they were going to abandon the proposal of a “three strike” rule in the proposed Digital Economy Bill. The Guardian reports that following a petition to Number 10 regarding the proposal, the Government now states that it “will not terminate the accounts of infringers – it is very hard to see how this could be deemed proportionate except in the most extreme – and therefore probably criminal – cases." How this new position may affect the UK’s negotiations of Section 3’s conditions on liability limitation is unclear to this Kat.

This Kat will be at tomorrow’s, now sold out, UCL IBIL Brand Seminar - Trade Marks and the Internet (see link here). In the spirit of the issues being discussed at the event, this Kat would be interested to hear anyone’s views on this developing issue of third party service provider liability.

Europe's data czar speaks out over ACTA Europe's data czar speaks out over ACTA Reviewed by Annsley Merelle Ward on Tuesday, February 23, 2010 Rating: 5


  1. On the issue of third party service provider liability: it can be viewed that the service providers are treated somewhat as scapegoats, because it is so difficult to trace the real culprits of the crime (those producing the counterfeited goods). Furthermore, service provider companies such as ebay and google are the 'deep pockets' in this dispute, which is why it is easier for companies such as Louis Vuitton and Dior to chase them.

    It also seems that Trade Mark owners have been watching closely the debate over liability of the Internet Service Providers for music piracy, and have decided that they should emulate this approach.

    On the other hand, if the service providers have enough content control over the products sold or advertised on their websites, perhaps it is right that they are held at least partly liable.

    Interestingly, there seems to be little burden placed on the Trade Mark owners themselves to ensure protection of their own brands by essentially hunting down online counterfeit goods and informing the service providers of their existence.

  2. From my understanding of this, ACTA is limiting the ISP liability, and shifting focus onto users...

    “authorizes for a direct financial benefit, induces through or by conduct directed to promoting infringement, or knowingly and materially aids, any act of copyright or related rights infringement by another.”

    This describes any person involved in a peer-to-peer type file sharing network, those providing the software for such networks, any person providing links to protected material, etc.

    In essence, it seems to me that the ISPs are, by the threat of liability, being coerced into policing their users.


All comments must be moderated by a member of the IPKat team before they appear on the blog. Comments will not be allowed if the contravene the IPKat policy that readers' comments should not be obscene or defamatory; they should not consist of ad hominem attacks on members of the blog team or other comment-posters and they should make a constructive contribution to the discussion of the post on which they purport to comment.

It is also the IPKat policy that comments should not be made completely anonymously, and users should use a consistent name or pseudonym (which should not itself be defamatory or obscene, or that of another real person), either in the "identity" field, or at the beginning of the comment. Current practice is to, however, allow a limited number of comments that contravene this policy, provided that the comment has a high degree of relevance and the comment chain does not become too difficult to follow.

Learn more here:

Powered by Blogger.