By publishing broadband provider comments about legal advice they may have obtained, the mag could have led them to waive the right to keep the details secret.

It’s vital for CSPs to understand the risk they may create if they publicly refer to legal advice they have received.

The problem

Normally, legal advice obtained by a company is ‘privileged’.  That means that nobody … particularly somebody who is suing it … can demand to see a copy.

But the courts have ruled that by publicly referring to legal advice in certain ways, the company may waive that privilege.  In other words, in a legal case, the other side may be entitled to say, ‘Great.  You claim to have taken legal advice and it says you’re in the clear.  Fine.  Give us a copy.’

Potential disaster

Because lawyers write legal advice for their clients’ eyes only, it often contains material that would do damage if it leaked.  For instance, they might talk about serious weaknesses in their client’s position.  Or they might discuss facts that would not be known to the company’s enemies.

Disclosure could be a first class disaster.

When is privilege waived ?

It’s complicated.  Normally, merely stating that you have obtained legal advice isn’t a problem.  And sometimes it could even be safe to go a little further and indicate the general thrust of the advice.  Or say, ‘We have taken the advice carefully into account in our actions.’

But it is easy to step over the line and waive privilege on all or part of the private advice.

Sound advice from the Victorian Government Solicitor

The Victorian Government Solicitor’s office offers good advice on the subject. 

Making public statements about legal advice

[The] manner in which legal advice is disclosed in public can lead to a waiver of [privilege].

It is less likely that [privilege] will be waived where reference is made only to the fact that legal advice has been obtained. Revealing the substance of that advice should generally be avoided. This includes summarising or describing the conclusion of legal advice, or giving the ‘gist’ of what it says.

If maintenance of the confidentiality of a particular legal advice is important …, advice should be obtained prior to publicly commenting on that legal advice to ensure there is no inadvertent waiver of [privilege].

While the VGS made these remarks in the context of advising Government, they stand true for private companies as well.

A case in point:  iiNet comments

We’ll be interested to see whether iiNet’s nemesis AFACT will try to use a public statement by iiNet to gain access to a copy of advice received from its lawyers about compliance with the copyright ‘safe harbour’ rules. 

iiNet may have obtained legal opinion on the effect of its public statement, and be confident that it does no harm.  Otherwise, it was extremely dangerous ground for the company to be treading on.

What if your company is asked about legal advice ?

What’s in it for you to take any risk ?  Unless there’s a special factor that makes it worth your while, just say that it is company policy not to comment on legal advice that may or may not have been received.

You might still make some general comments on whatever issue is at stake, but nothing that infers that you hold advice, or what its contents or effect may be.

Yesterday, the Federal Court largely rejected iiNet’s request, limiting the scope of the documents to be produced by AFACT to certain categories  relating to local infringement investigations.

At the same time, the Court ordered that iiNet discover the details of 20 anonymous customer accounts, well short of the 300 to 400 accounts reportedly sought by AFACT.

Both sides were quick to claim a minor victory – AFACT saying 20 accounts is sufficient for them to prove their case and iiNet saying they have effectively got the documents they asked for.

View today’s court orders.

Trial dates can be moved for a variety of reasons, but the judge has previously indicated an intention to get the case resolved promptly.

There will also be a Directions Hearing on 29 July to deal with any further matters that are required before trial. 

In the meantime, iiNet has approached the copyright owners with a suggestion that they sit around a table with a mediator and attempt to negotiate an outcome.  We’re not surprised that the company’s gung ho attitude to a court battle has softened.  The copyright owners have said they’ll think about it, but won’t agree to anything that delays the formal trial.

More information and expert analysis to follow.

As a service to the debate, CSP Central has launched a ‘just facts’ page.  No commentary.  No analysis.  Just facts.  Bookmark it for access to a growing library of reliable information about the case and copyright law.

We’ve begun by posting the applicants’ court documents, and explaining what an ‘applicant’ is.

Some are calling it ‘entrapment’ but the tactic of gathering evidence by signing up as a paying customer is legal in Australia.

PI joins iiNet

According to a ‘Particulars‘ document that is referred to by the main Application, investigator Aaron Herp was employed by the Australian Federation Against Copyright Theft, and signed up with iiNet in late June 2007.

iiNet allocates IP address

At some stage between September 2007 and November 2008, iiNet is said to have allocated IP address 124.171.59.149 to Herps’ account.  This may be an IP address that lives in infamy for iiNet.

iiNet not fast enough for PI

For more than four months, the document states, Herps exchanged emails with iiNet support staff about the slowness of his BitTorrent downloads.

Whoops!  We bet those emails were about the first thing iiNet reached for after reading the court documents.  Let’s hope they don’t do serious damage.

Investigator turns downloader

Herps is then said to have spent 18 weeks downloading copyright movies as an iiNet customer and in turn making them available through BitTorrent.

AFACT informs iiNet

So the story goes, iiNet was then supplied with full details of Herp’s activities, including IP address, dates, times, file names, file hash values, the corresponding original film files and studio names.

The significance of the hash values is that they can provide practically indisputable proof that a file uploaded or downloaded is one and the same.  It isn’t just a different file with the same name, or even coincidentally the same file size.

This is the kind of evidence that courts have previously accepted as proving copyright ‘theft’.  In other words, AFACT is saying that iiNet wasn’t just being asked to act on the basis of unsubstantiated allegations; it had a mountain of evidence on hand.

Perhaps importantly, the document says that the evidence was addressed personally to iiNet supremo Michael Malone.

‘It’s OK’ says Malone

In a rather snide bit of legal pleading, the document next refers to three news stories where Malone seems unconcerned that peer-to-peer is booming.  Malone certainly doesn’t say that copyright breach is OK, but the reports are cited as if that’s a possible conclusion.

The PI escapes censure

The document claims that Herps was never contacted by iiNet about his downloading.

The document’s conclusion …

It asserts that failure to discipline Herps and others constituted encouragement to download in breach of copyright.  Contract terms prohibiting infringement could have been enforced, but weren’t.  Warnings could have been given, but weren’t.  Services could have been terminated, but weren’t.

It’s another brick in an (attempted) wall

Many internet users have denigrated the applicants’ evidence assuming it was nothing more than those computer-generated US-style notices that land in their thousands at ISPs’ headquarters.  If nothing else, Mr Herps’ involvement puts that idea to rest.

But was it legal ?

Forget about ‘entrapment’ arguments.  Herps’ evidence isn’t even being put forward in a way that would constitute entrapment under US law.  It’s mainly put as ‘icing on the cake’ to show that iiNet wouldn’t warn a user or enforce its own contract terms in (what AFACT will say) is the clearest of cases.

There may be problems with the Herps evidence, but ‘entrapment’ isn’t one of them.

Of course, everyone is entitled to their own opinion – including the army of ‘bush lawyers’ on Whirlpool.

But that doesn’t change the fact that a prudent ISP needs to understand how to bring itself inside the copyright ‘safe harbour’ rules.

Lawyers Logie-Smith Lanyon have provided a solution with their ISP Copyright Safe Harbour Kit, a detailed info-pack that’s essential reading for every Australian ISP.  Download contents and sample pages.

Features of the kit

• Understand the law and the issues … in plain english
• Detailed procedural checklists for safe harbour compliance
• Sample safe harbour policy
• All necessary forms and notices
• Best of both worlds … detailed explanations and summaries
• 50 information-packed pages
• Bonus membership of CSP Central iiNet Case update service

What’s it cost ?

$950

How to get it

Get your Safe Harbour Kit by email today.

Call Maria at Logie-Smith Lanyon on (03) 9620 0700
or email mmanzanal@logielaw.com

Major credit cards accepted

When all is said and done, the court has to decide three legal questions.

In this article, CSP Central helps you to focus on the real issues.

First question:  Did iiNet customers infringe copyright ?

This is foundational to the applicants’ claim.  (In the Federal Court of Australia, where this claim is made, the party who starts the case is the ‘applicant’, not ‘plaintiff’.  The party on the receiving end is the ‘respondent’, not ‘defendant’.)

The case against iiNet alleges that it authorised infringement by its customers.  If the applicants can’t prove infringement by the customers, there’s no case against iiNet.

Second question:  Is there something in the circumstances that changed iiNet into something more than a mere ‘data conduit’ ?

The Copyright Act protects an ISP from copyright claims if it ‘merely’ provides the facilities used to commit a breach.

That’s why a person who simply supplies a photocopier isn’t automatically liable for unlawful copying that occurs using it.

But if the provider goes further, or has some other involvement, or the circumstances are a bit different, that protection can easily be lost.

For instance, in one very important Australian case (‘Moorhouse Case‘), a university provided a photocopier in close proximity to books in a library. The court ruled that:

• The university should have known that this would probably result in some copyright breaches.
• The university did not adopt measures reasonably sufficient for the purpose of preventing infringements taking place.
• So the university was responsible for the breaches that did take place.

That kind of responsibility is called ‘authorising’ in law.

How the applicants will attack the second question

In the iiNet case, the applicants may rely on several arguments that iiNet was more than a ‘mere service provider’.

The key one that has emerged so far is that iiNet was provided with extremely detailed evidence that copyright infringement had taken place.  Apparently, it went far beyond the standard notices that we’ve all heard about many times.  It was practically the evidence for a full court case against certain customers.

The applicants will argue that an ISP with this level of detailed knowledge cannot claim the ‘mere service provider’ exception.  By allowing customers to continue to connect in the full knowledge of what had happened and what was likely to happen, iiNet lost the protection of the ‘mere ISP’ provision.

The applicants will say that under the principles in the Moorhouse Case (and others) iiNet must be held to be an authoriser of breaches that did occur.

If the court agrees with that, then iiNet is legally responsible for the breaches as if it had copied the movies itself.

Third question:  Is iiNet inside the ‘safe harbour’ ?

Australia’s copyright law contains a special protection for ISPs.  It’s called the ‘safe harbour’ law.

It can only apply where the ISP has already been found ‘guilty’ of authorising copyright breaches.  If it does apply, it prevents the court from ordering the ISP to pay damages – which is the biggest fear in a copyright case.

The ISP has to show that it is entitled to the protection of this law.  It must prove that it satisfied the conditions that apply to it.

The safe harbour conditions

To claim the protection of the safe harbour, an ISP must show that:

• It adopted and reasonably implemented a policy that provides for termination, in appropriate circumstances, of the accounts of repeat infringers.
• It complied with the relevant provisions of any industry code relating to accommodating and not interfering with standard technical measures used to protect and identify copyright material. (This one’s easy … there is no such code in Australia yet.)
• Any transmission of copyright material was initiated by or at the direction of a person other than the ISP.
• The ISP did not make substantive modifications to copyright material transmitted. This does not apply to modifications made as part of a technical process.

The problem for iiNet here is the first test:  a policy for terminating repeat infringers.

iiNet seems to consider that ‘infringer’ in this context can only refer to an ‘infringer as proven in court’, not a person alleged to be an infringer – no matter how strong the allegation.

If iiNet is correct about that, and if it does have a policy for terminating repeat infringers (as proven in court) then it can claim the protection of the safe harbour.  It could not be ordered to pay damages.

If iiNet loses the infringement argument and the safe harbour argument, damages will be massive.  We’ll explain why in a later post.

ISPs might want more detail

Here’s information about the ISP Copyright Safe Harbour Kit.

The studios are claiming that iiNet infringed copyright by not stopping iiNet customers from using BitTorrent to infringe the studios’ copyright in their respective films.

Under Australian law, a person can be liable for infringement if he or she ‘authorises’ another person to infringe copyright.

Whether or not a person ‘authorised’ another will depend on:

• the extent of the person’s power to prevent the other from infringing,
• the nature of the relationship between the person and the infringer, and
• whether the person took reasonable steps to prevent or avoid the infringement

The list of litigants reads like a who’s who of Hollywood heavyweights along with Channel 7.  They include:

• Roadshow Films
• Paramount Pictures
• Sony Pictures
• Twentieth Century Fox
• Unversal Pictures
• Universal Stuidos
• Village Roadshow
• Warner Brothers
• Buena Vista
• Columbia Pictures
• Dream Works
• Disney Enterprises

The proceedings are unprecedented in Australia and could have serious ramifications for ISPs.  We’ll be monitoring it closely and providing updates as they come to hand.

A directions hearing before Justice Cowdroy is scheduled for 17 December.

This 2007 exchange on Whirlpool caught my eye …

When you sign up for the iinet voip service, you are required to sign the CSG waiver. Just wondering if somebody could take a look at the wording of the CSG waiver form that they have available at: www.iinet.net.au/about/c…i_CSG_waiver.pdf

As it doesn’t specifically state that you are waiving away your rights to just the voip service, (it just mentions “this telephone service” and “the service”) is it possible that you might be unintentionally signing away your CSG rights to the normal Phone Advantage service as well? I might be signing up for voip but I don’t want to sign away my CSG rights for my Phone Advantage.

And an iiNet representative responded:

We still honour the CSG for our normal PSTN services (including Phone Advantage)

The rep should have checked the rules for CSG waivers, and he would have seen that the original post identified a real problem for iiNet. In fact, if you read the rules carefully, there are three gaffes in iiNet’s document.

Background: The CSG is a bundle of rights that fixed line phone providers have to give to most customers. It’s regulated by the Telecommunications (Customer Service Guarantee) Standard 2000 (No. 2). Basically it sets targets for connections and fault repairs and allows for financial compensation if they aren’t met.

A provider can ask a customer to waive their rights, but there are very clear rules for how that works. Seems someone in iiNet Legals isn’t too careful. The iiNet waiver document as at 2007 and the date of this article fails two, and potentially three of the rules.

Clause 29(2) of the Standard says that ‘The document must clearly identify the customer … and the specified service to which the waiver applies.’

• The iiNet document fails to specify the service. That’s exactly what the original post pointed out. The mere fact that the iiNet rep had to clarify the point (as opposed to pointing out where in the document the service was specified) makes the point.
• The customer is not identified by the document. There is a place for them to sign, but unless they have a very simple, clear signature their name won’t be readable from it. Mine certainly wouldn’t. So in many cases, the form will fail this test.

Clause 29(1) of the Standard requires that a written waiver ‘is signed and dated by the customer’.

• The iiNet form has a place for a signature, but no indication it needs to be dated. And remember that the customer must date it, not the provider.

The way the rules work, the CSG applies until the provider gets a valid waiver. iiNet’s sloppy form clearly doesn’t satisfy the rules, and I would be surprised if a court or the TIO decided to overlook the deficiencies. In that case, iiNet may think it has no CSG liability in many cases, but that’s just not true.

It just goes to show how careful you need to be when writing consumer documents.