Stanford CIS

Recording Industry Dealt Blow in P2P Decision by Canadian Federal Court

By Stanford Center for Internet and Society on

On March 31, 2004, the Federal Court of Canada refused to force 5 internet service providers (“ISPs”) to reveal the identities of 29 anonymous subscribers accused of copyright infringement by members of the Canadian Recording Industry Association (CRIA). The Does had allegedly uploaded or downloaded music files via the p2p networks KaZaA and iMesh. According to the CRIA, each Doe had downloaded more than 1,000 songs. The court first recognized that the Does had an expectation that their subscriber information would be kept private based both on ISP user agreements and on Sections 3 and 5 of the Personal Information Protection and Electronic Documents Act (“PIPEDA”) (although PIPEDA allows for disclosure of this information without consent where a court order has issued). The court then laid out a five-prong test, borrowed from non-Internet discovery cases, for determining whether one party’s interest in pre-trial discovery outweighs another’s privacy rights*: (a) the applicant for discovery must establish a “prima facie case” against the alleged Doe defendant; (b) the person from whom discovery is sought, in this case the ISP, must be “more than an innocent bystander”; (c) this person must be “the only practical source of information” available; (d) this person must be “reasonably compensated” for expenses related to compliance with the discovery order; and  (e) “the public interests in favour of disclosure must outweigh the legitimate privacy concerns” of the Doe.
 The court held that the CRIA did not satisfy the test. Under prong (a), it found serious deficiencies in the CRIA case, including insufficient evidence that files downloaded by the Does were copies of CRIA works, or that KaZaA and iMesh user pseudonyms were correctly linked to specific IP addresses.
Most significantly, the court found that the CRIA had failed to make out a prima facie case of infringement. According to the court, “downloading a song for personal use does not amount to infringement.” Nor does “merely setting up facilities allowing copies,” for example,  placing personal copies of downloaded files in a shared directory where they can be copied by other p2p network members. The court found no evidence of distribution or authorization of copying, or of knowing intent to engage in these infringing activities on the part of the Does. It compared the Does’ placement of files in shared directories to a library making a photocopier available to patrons in “a room full of copyrighted material.” Only if the Does had taken a positive step such as sending the copies out themselves or advertising to others their availability for copying would the requisite intent exist.
 The court next ruled that prong (b) favored the CRIA, holding that ISPs were
“definitively involved with the alleged infringers” and not “mere bystanders” since they offered “the means by which downloaders and uploaders access the internet and get in touch with each other.” Moving on to prong (c), the court found inadequate evidence to determine whether or not additional sources of information were available to the CRIA. Concluding that the requested discovery would impose a significant financial burden on the ISPs, the court held that under prong (d) they “would need to be reimbursed for their reasonable costs” if discovery were allowed.
 Finally, the court turned to the task of balancing discovery versus privacy interests as required by prong (e). While reaffirming the importance of privacy in Canadian society generally, and particularly in internet communications, the court held that disclosure is usually appropriate where infringement is alleged, so long as the court is satisfied that the information disclosed will be reliable and that the discovery request is not overbroad. Here, the court expressed concern that the data submitted by the CRIA was unreliable since several months had lapsed between the CRIA’s identification of allegedly infringing p2p users and its request for disclosure by the ISPs. Given “its unreliability and the serious possibility of an innocent account holder being identified,” the court ruled that privacy interests outweighed those in favor of discovery in the present case. Therefore, the court denied the CRIA’s motion for discovery.

Published in: Blog , Vol. 1, No. 13 , Packets