By publishing broadband provider comments about legal advice they may have obtained, the mag could have led them to waive the right to keep the details secret.

It’s vital for CSPs to understand the risk they may create if they publicly refer to legal advice they have received.

The problem

Normally, legal advice obtained by a company is ‘privileged’.  That means that nobody … particularly somebody who is suing it … can demand to see a copy.

But the courts have ruled that by publicly referring to legal advice in certain ways, the company may waive that privilege.  In other words, in a legal case, the other side may be entitled to say, ‘Great.  You claim to have taken legal advice and it says you’re in the clear.  Fine.  Give us a copy.’

Potential disaster

Because lawyers write legal advice for their clients’ eyes only, it often contains material that would do damage if it leaked.  For instance, they might talk about serious weaknesses in their client’s position.  Or they might discuss facts that would not be known to the company’s enemies.

Disclosure could be a first class disaster.

When is privilege waived ?

It’s complicated.  Normally, merely stating that you have obtained legal advice isn’t a problem.  And sometimes it could even be safe to go a little further and indicate the general thrust of the advice.  Or say, ‘We have taken the advice carefully into account in our actions.’

But it is easy to step over the line and waive privilege on all or part of the private advice.

Sound advice from the Victorian Government Solicitor

The Victorian Government Solicitor’s office offers good advice on the subject. 

Making public statements about legal advice

[The] manner in which legal advice is disclosed in public can lead to a waiver of [privilege].

It is less likely that [privilege] will be waived where reference is made only to the fact that legal advice has been obtained. Revealing the substance of that advice should generally be avoided. This includes summarising or describing the conclusion of legal advice, or giving the ‘gist’ of what it says.

If maintenance of the confidentiality of a particular legal advice is important …, advice should be obtained prior to publicly commenting on that legal advice to ensure there is no inadvertent waiver of [privilege].

While the VGS made these remarks in the context of advising Government, they stand true for private companies as well.

A case in point:  iiNet comments

We’ll be interested to see whether iiNet’s nemesis AFACT will try to use a public statement by iiNet to gain access to a copy of advice received from its lawyers about compliance with the copyright ‘safe harbour’ rules. 

iiNet may have obtained legal opinion on the effect of its public statement, and be confident that it does no harm.  Otherwise, it was extremely dangerous ground for the company to be treading on.

What if your company is asked about legal advice ?

What’s in it for you to take any risk ?  Unless there’s a special factor that makes it worth your while, just say that it is company policy not to comment on legal advice that may or may not have been received.

You might still make some general comments on whatever issue is at stake, but nothing that infers that you hold advice, or what its contents or effect may be.

No stranger to innovation – FunnyTel was Australia’s first ISP to introduce the random number billing that has since proved so popular with Telstra management – the FAT plans include Australia’s first internet unit pricing scheme.

‘We read about the Government’s idea for unit pricing with groceries,’ says FunnyTel spokesman Chad Blake.  ‘And we thought “This makes sense.”  Why should customers pay for an 80 gigs download allowance and not know exactly how many P2P movies they’ll get for their dough ?’

‘We’re actually thinking of applying to the ACCC for an award for this,’ said Blake.  ‘Our 2 New Hollywood Releases a Night’ plan is a revolution in truth-in-advertising.  ‘And that’s A-FACT !’ says Blake with a cheeky wink.

We asked Chad if he thought that other market leaders like iiNet would adopt the system. 
 
iiNet to be next ?

‘Not likely,’ he said.  ‘Pretty good operators at iiNet but they’ve been completely unsuccessful in attracting any customers interested in peer-to-peer movie downloads.  Haven’t you been following the court case ?

‘We can’t figure out where they’ve gone wrong, actually.  They seem to be offering all the right plans.  But somehow, they’ve only managed to sign up customers who need fifty gigs to spend between midnight and dawn for sharing home movies with the rellies in England. 

‘Must be very frustrating for them.  All the rest of us have to do is mention a big-gigs off-peak plan and we’re chockers with hungry pirates.  Poor bloody iiNet get stuck with a mob of Methodist parsons peer-to-peering their sermons around the world all night.  There’s no justice.’

FAT plans the NBT

‘Next Big Thing for sure.  Don’t want to give too much away, but you’re gonna love the Harry Potter Lovers’ Special and our new Parrot & Peg Leg package.’

We asked Blake whether marketing thought the ‘FAT’ tag would help customers get the message that the plans were ideal for super-sized downloading.  ‘Hadn’t thought of that,’ he said.  ‘Actually, it stands for Film And Television.’

Yesterday, the Federal Court largely rejected iiNet’s request, limiting the scope of the documents to be produced by AFACT to certain categories  relating to local infringement investigations.

At the same time, the Court ordered that iiNet discover the details of 20 anonymous customer accounts, well short of the 300 to 400 accounts reportedly sought by AFACT.

Both sides were quick to claim a minor victory – AFACT saying 20 accounts is sufficient for them to prove their case and iiNet saying they have effectively got the documents they asked for.

Online civil liberty group, Electronic Frontiers Australia, reports on a ‘remarkable victory’ by ISPs in New Zealand in relation to what EFA calls ‘guilt upon accusation’ laws.

Sounds promising, we thought, as we followed the link in our RSS reader.

Problem is, when we got there, we couldn’t figure out what was particularly remarkable or victorious.

Apparently, legislators across the Tasman have agreed to hold off implementing s. 92A of the NZ Copyright Act.  That section would have required ISPs to:

adopt and reasonably implement a policy that provides for termination, in appropriate circumstances, of the account with that Internet service provider of a repeat infringer

Sound familiar? It’s almost identical to s. 116AH of the Australian Copyright Act which sets out the safe harbour regime.

The difference, it seems, is that where the words in the Australian legislation set out safe harbour conditions (i.e. conditions under which damages cannot be awarded against an ISP) which can be disregarded (at the ISPs peril of course), the words in the NZ legislation provide a positive duty requiring ISPs to ‘adopt and reasonably implement’ a repeat infringer termination policy.

EFA correctly points out that a NZ ISPs would need some guidance on what such a policy should look like and how to determine who a ‘repeat infringer’ is. It’s just as well then that a draft code of practice has been released. The draft code essentially provides for a ’3 strikes’ policy where:

• copyright owners can serve copyright notices on ISPs where a user is infringing
• provided the notice satisfies the requirements of the code, it is taken as evidence of infringement
• the ISP then notifies the user that a copyright notice has been received
• if the user replies and denies infringement, the user is taken not to have infringed (for the purposes of s.92A)
• if the user doesn’t respond or doesn’t deny infringement and this happens 3 times in 18 months, the ISP should terminate the account

Seems fair enough.  Copyright owners may think that it’s too easy for users to escape termination by simply denying infringement but that’s not really the issue. The issue isn’t how best to enforce copyright – that’s already sufficiently covered by the law. The issue is: what does an ISP have to do to comply with the law and to avoid liability – and is this realistic?

In other words, is a requirement to ‘adopt and reasonably implement a policy that provides for termination, in appropriate circumstances, of the account with that Internet service provider of a repeat infringer’ an unrealistic burden on ISPs?  Does it, as EFA suggests, impose a law of ‘guilt upon accusation’?

The answer, clearly, is no.

The requirement to ‘adopt and reasonably implement a policy’ is achievable. Remember, we’re not talking about a requirement to implement a reasonable policy, or to implement a policy that determines if infringement occurred, or to penalise an ISP for not terminating an account. The requirement is to reasonably implement a policy. We know this is achievable because the draft code provides such a policy. Adopt and follow it and you’ve adopted and reasonably implemented a policy.

What internet-shattering law were they fighting against in NZ again?

Turning to the Australian context, the EFA has this rather interesting thing to say:

The delay in the NZ law is a good sign, but there are still many more problems. The current case before the Federal Court between AFACT and iiNet will examine what responsibility ISPs have under Australian law, which already includes a provision requiring termination of repeat infringers.

The text in bold is pretty close but does not reflect the key point of the safe harbour provisions.

There is no direct requirement for an Australian ISP to terminate repeat infringers. There is no requirement in Australia for ISPs to even adopt and reasonably implement a repeat infringer termination policy. ISPs do so to bring themselves into safe harbour.

We think an ISP who doesn’t do so is crazy – it’s an insurance policy that limits the damage if things go wrong. But taking out such insurance isn’t mandatory.

View today’s court orders.

Trial dates can be moved for a variety of reasons, but the judge has previously indicated an intention to get the case resolved promptly.

There will also be a Directions Hearing on 29 July to deal with any further matters that are required before trial. 

In the meantime, iiNet has approached the copyright owners with a suggestion that they sit around a table with a mediator and attempt to negotiate an outcome.  We’re not surprised that the company’s gung ho attitude to a court battle has softened.  The copyright owners have said they’ll think about it, but won’t agree to anything that delays the formal trial.

More information and expert analysis to follow.

CSP Central recently analysed notices received by some Australian ISPs and found that the majority were legally invalid.  Copyright owners and representatives are simply getting it wrong.

What the notices are about

An ISP is protected by the safe harbour rules if it satisfies certain conditions.

One of the conditions is that it must follow certain take down procedures if it receives a notice in official form.  There are actually several procedures, and each one is triggered by its own kind of notice.

• Notice A applies to one kind of case and triggers Procedure A.
• Notice B applies to another kind of case and triggers Procedure B.
• And so on …

So remember, each notice triggers a different, specific procedure.

There’s no ‘peer to peer’ notice or procedure

It’s important to understand that none of the official notices or procedures applies to P2P.  There are notices for cases where the ISP is actually hosting copyright material on its own servers, and notices where it is caching copyright material, but none for P2P.

Remember that, too. P2P has nothing to do with any of these notices.

To be valid, a notice must be in the ‘prescribed form’

That means the official form set out in the Copyright Regulations.  It doesn’t have to be 100% exactly identical.  It just has to be ‘in accordance with, or substantially in accordance with, the form prescribed’.

Many of the notices we have seen:

• are not in the form prescribed, and
• are not substantially in accordance with it.

That’s despite the fact that their heading ‘Commonwealth of Australia’ clearly shows that they are intended to be official notices.

What do they get wrong ?

We saw three common problems, each of which (in our opinion) invalidates a notice.

Mixed notices

Many of the notices combine two of the official forms.  Remember we said that:

• Notice A applies to one kind of case and triggers Procedure A.
• Notice B applies to another kind of case and triggers Procedure B.

Well, many notices are in the form of ‘Notice A + B’.  The problem is that there is no ‘Procedure A + B’ or ‘Procedure ‘A or B’ or ‘Procedure A and / or B’.  The combined form of notice does not clearly and unambiguously trigger one official procedure.

We consider that is a substantial variation from the official form.

Imagine we instruct you. ‘If we leave out mince meat, cook hamburgers for dinner.  If we leave out chicken cook a casserole.’   And you come home to find we have left out mince and chicken.

Even if you say, ‘Well, I’ll work it out.  I’ll choose between them, since I think the instructions entitle me to,’  or ‘I’ll play it safe and cook both’  my instructions are substantially different from what you had been told to expect – mince or chicken – and you have had to invent a solution.

The safe harbour rules do not call on ISPs to work out what to do in response to a notice.  They simply say:

• Notice A applies to one kind of case and triggers Procedure A.
• Notice B applies to another kind of case and triggers Procedure B.
• And so on …

That’s why we consider these notices are substantially different from the official ones.

Other notices include P2P allegations

Remember there is no notice applicable to P2P allegations.  But that doesn’t stop many rights holders including such allegations in their notices.

In fact, many we saw are in the form of ‘Notice A + B’ and don’t in fact allege type A or type B infringements … they solely contain P2P allegations.

P2P has no place in the official notices.  By including P2P allegations, the sender is using a form that is substantially different from the official ones.

Other notices ask for ‘non-official’ responses

Remember that:

• Notice A applies to one kind of case and triggers Procedure A.
• Notice B applies to another kind of case and triggers Procedure B.
• And so on …

The procedures are laid down in great detail by the Copyright Regulations.  You get the notice, you check the procedure, you follow the procedure, you’re in the safe harbour.

We saw many notices that had been changed to request that the ISP follow a quite different procedure.  They say (in effect) ‘This is an official notice to trigger Procedure A.  But we actually ask you to follow another procedure that we like better as follows …’

We consider that this alteration to the official form of notice is substantial, and invalidates the notice.

We sampled a tiny proportion

Millions of supposedly ‘official’ notices are issued every month.  Our survey was a tiny proportion.  But over 80% of notices we saw were invalid in our opinion.

They simply do not trigger the safe harbour procedures or require the ISP to initiate any safe harbour response.

As usual for a preliminary hearing, the court only made procedural orders to advance the case to the next stage.

Orders made in the Federal Court

1. Evidence in the proceedings be by way of affidavit.
2. The Respondent file and serve its defence by 5 February 2009.
3. The matter be listed for further directions at 9:30 am on 6 February 2009.
4. There be liberty to apply on 2 days’ notice.

The court notes that the Applicants have indicated that they will reply to the request for particulars contained in the letter from Herbert Greer (sic) dated 15 December 2008, before 16 January 2009.

Comment

Nothing unusual in this.

Evidence by affidavit

Evidence by affidavit is usual.  It means that witnesses must provide affidavits before the trial date.  The other side will then be entitled to require any witness to attend court for cross examination.

Date for defence

50 days to serve a defence document is a bit longer than usual, but the court is allowing for some Christmas / New Year ‘down time’.

Further directions

Absolutely normal to bring the matter back to court after the steps in this package have been completed.

Liberty to apply

This simply means that if a party wants to raise some further issue between now and 6 February, the judge will let them come back to him on 2 days’ notice to the other side.

For instance, if AFACT fails to meet its agreed time to deliver ‘further particulars’ – see below – iiNet might apply to the judge for orders that it give the particulars by a set date and / or that the time limit for a defence be extended a bit because of the delay.

Request for particulars

Pretty normal step.  iiNet has asked AFACT ‘Tell us more detail about this or that, so we can better understand your claim.’

What else ?

According to an SMH report:

• The judge stated his desire for the matter to ‘move along rapidly’, with a hearing to potentially begin as early as March.
• Lawyers for iiNet said that timetable was too ambitious, indicating a long, drawn out legal battle.
• AFACT lawyers said they would reject iiNet’s claims that it was not liable for the actions of its users due to safe harbour provisions introduced with the US free trade agreement.

In fact, the safe harbour rules only become relevant if a CSP has already been found ‘guilty’ of copyright breach.  Even though the CSP is ‘guilty’, as long as it has operated inside the safe harbour it cannot be ordered to pay damages.

So safe harbour is truly just for ‘losers’.  But if you do lose an infringement case, you’ll feel like a winner if your safe harbour claim holds up and damages aren’t awarded.

About safe harbour

The safe harbour rules were introduced into Australian copyright law in 2005.  They limit the orders a court can make against an internet service provider that is found to have breached a third party’s copyright.

The key limitation is that there can be no award of damages, and that’s where the ‘big bucks’ normally come from.

But it only applies after the CSP is found ‘guilty’

Here’s an analogy.  Imagine that the government introduced safe driving courses and said that anyone who completes one will get a 25% discount off any court speeding fines they are up for in the following two years.

You complete the course, and a week later you get charged with speeding.  You dispute the charge and fight it in court.

In making your defence, it’s irrelevant that you completed a safe driving course.  You defend the charge solely on the basis that you say you were not speeding. If the court accepts that, you win.  Nothing to do with safe driving courses.

But if you lose, the judge says ‘It’s a $500 fine.’  That’s when you say, ‘But I have done a safe driving course and I claim my 25% discount.’  The only relevance of your course is if you have already been found guilty.

It’s exactly the same for safe harbour

Safe harbour is a limitation on ‘penalty’ if an ISP has been found ‘guilty’ of copyright infringement.  It isn’t a defence to alleged copyright infringement.

Writing on Whirlpool, Australian broadband’s town square, Malone laid down the law:  ‘We have yet to receive any independently verified notice that show (sic) that a customer has actually infringed.’

His statement goes on to make it clear that iiNet will argue that an ISP is never obliged to discipline a user for peer-to-peer copyright infringement allegations unless they have been declared an infringer by a court; evidence that falls short of a court finding does not give an ISP any obligation to act.

Malone draws the battle lines

This view takes paragraph 63(a) of the Federal Court ‘Statement of Claim‘ head on.  The para reads that ‘at all material times, iiNet knew or had reason to suspect that iiNet users engaged in, and were likely to continue to engage in’ copyright infringement.

No says Malone.  We did not know that, and had no reason to suspect it.  All we had was the evidence provided by AFACT, and that wasn’t a court judgment as (we say) is required.

Their evidence was pretty good, says Malone

Malone acknowledged that the evidence delivered to him wasn’t at all bad.

With the evidence that AFACT has, I’m betting that a magistrate will happily issue an order for us to disclose the account holder’s identity for under $50.

Michael Malone, iiNet

That’s a big concession, and shows how iiNet is committed to its argument that nothing short of a court finding carries any weight.

For a court to order disclosure of an account holder’s identity, it must be satisfied that there’s a realistic prospect that an unlawful act has been committed.  So Malone is happy to admit that the evidence he received from AFACT would satisfy a court that there ‘could be something in it.’

Evidence has to be ‘independent’

As noted above, Malone’s position is that: ‘We have yet to receive any independently verified notice that show that a customer has actually infringed.’

This head buts a key element of the AFACT Statement of Claim:  that third party DtecNet did independently verify infringement.

Another part of Malone’s post suggests that this denial is based on the same key argument:  ‘Whatever the action, it will then be overseen by the independent legal system.’  If we read this correctly, iiNet will say that only the legal system is independent, so DtecNet could never be.

That would explain why he can claim that, despite having the DtecNet evidence, ‘We have yet to receive any independently verified notice …’

Our take on it

This is an interesting move by iiNet.  It has made it clear, before the company has even filed a Defence document, that it will argue a very simple case.  Malone’s statements strictly don’t limit the defences iiNet’s lawyers can raise, but they do set a clear course for the defence team to follow.

It’s a different kind of case to the recent iiNet litigation.  Interville was storing and serving up whole copyright files, not just supplying bandwidth that was used by customers for peer-to-peer file sharing.  But the Australian Federation Against Copyright Theft is involved in both cases, and a win is a win.  The court result underscores how much is at stake for iiNet and its shareholders.

‘It’s a raid !’

The first Interville Technology knew of a long-running investigation into its file sharing activities was an Australian Federal Police raid on 18 December 2007.

According to a Sydney Morning Herald report at the time ‘heavy duty electronic equipment was discovered at the premises and employees at the internet cafe were hired to scour the web for suitable material to download.’

According to industry body MIPI:  ‘The internet cafe was operating 60 computer terminals and three servers which contained a total of 8 terrabytes storage which contained hundreds of thousands of infringing movie, TV and music titles. Seized movie titles included titles not yet released in Australian cinemas including American Gangster, National Treasure Book of Secrets while numerous music tracks from over 150 well-known artists such as 50 Cent, Alicia Keys and Justin Timberlake.’

Interville ‘rolls over’

In Downing Centre Local Court, Interville pleaded guilty to a bundle of charges, probably in a negotiated ‘plea deal’ with prosecutors.

AFACT commented:

The conviction and sentencing marks the successful conclusion of excellent work by the Australian Federal Police, said Neil Gane, AFACT Director of Operations at the conclusion of the case.

It is satisfying to see sentences handed down which properly reflect the damage operations like this do to rights owners and the 50,000 Australians working in the film and TV industries. The sentences will send a clear message to all Internet cafe owners engaged in commercial scale copyright infringement; you will be caught and you risk severe penalties.’

Our take on it

This was a case of ‘direct’ copyright infringement, and was clearly on a commercial scale.  Criminal charges were plainly available to the Commonwealth, so that’s what it has done.

The claim against iiNet is based on a second kind of alleged breach:  ‘authorisation’.  It’s more subtle to prove than direct infringement.  But if ‘authorisation’ infringement is proven, it’s hard to see how it wasn’t also on a commercial scale.

It should also be noted that the $82,000 represents a criminal fine, not civil damages.  It isn’t a benchmark for damages that might be sought from iiNet if things get that far.