UK Passes Digital Economy Act

The UK House of Commons recently passed the Digital Economy Act (DEA), which introduces several major policies designed to regulate and stimulate the UK digital economy. Although it includes provisions governing video game ratings and registration of domain names, it is the provisions aimed at curbing file-sharing that have been the primary focus of attention. For copyright holders and their representative interest groups, the DEA is a welcome piece of legislation that sets out the legal obligations of Internet Service Providers (ISPs), copyright holders and end-users in the bid to stem online piracy.

Most practical details of the DEA’s provisions regarding online copyright infringement are not set out in the DEA, but will be expressed in a series of regulatory codes produced by the Office of Communication (Ofcom), the UK’s independent regulator and competition authority for the communications industries. To date, Ofcom has only issued a Draft Initial Obligations Code (the Draft Code), and the public consultation period on it just closed. Ofcom is currently evaluating the results and performing a cost analysis of the proposed regulations.

The Increased Role of ISPs

The UK’s Electronic Commerce (EC Directive) Regulations 2002, which implement the European Union (EU) E-Commerce Directive on a national level, limit the liability of ISPs for material that passes through its networks provided that it "acts as a mere conduit, caches the material or hosts the material." In the past, this has been interpreted as restricting the potential role of ISPs in policing the Internet.

The DEA has now introduced provisions requiring ISPs to take a more active role in assisting rights holders to protect their works from infringement. It also clarifies the new procedural steps that rights holders should take in notifying ISPs of suspected infringement by their subscribers. Under the Draft Code, ISPs with fewer than 400,000 customers, as well as mobile operators, would not have to participate in the new procedure. However, these requirements will apply to major ISPs such as BT, TalkTalk, Virgin Media, Sky, Orange, O2 and the Post Office, who together control 96.5% of the residential- and small- and medium-sized business broadband market.

Significantly, the DEA has introduced provisions that:

  1. Enable rights holders to notify ISPs of alleged infringement of their rights by subscribers utilizing the ISPs’ network. This notification would be in the form of a "Copyright Infringement Report" (CIR) that sets out information about the infringement taking place through the ISPs’ networks and about the alleged infringers, including their IP addresses and port numbers. Under the Draft Code, CIRs should be sent out within 10 working days of the evidence being gathered.
  2. Require ISPs that have received CIRs to send a notification to the subscriber in question. The notice should contain information about the copyright owner reporting the alleged infringement, the subscriber's IP address, and the time the evidence was collected. It also must explain where the subscriber may receive advice, as well as details of the appeal process by which the subscriber may contest the alleged infringement.
  3. Permit rights holders to request a "copyright infringement list" from the ISP that contains a list of all subscribers who have surpassed a specified threshold of CIRs (the Draft Code sets it at three). While the list reveals some details of the subscribers in question, it will not reveal the personal identity of the end-user.

Upon obtaining the copyright infringement list, the rights holder is entitled to seek a court order to identify some or all subscribers listed. If successful in obtaining the personal identities of the alleged infringers, the rights holder may then bring legal proceedings against them.

In this regard, the DEA has attempted to clarify the role of ISPs in aiding rights holders seeking to protect themselves from copyright infringement, and has set out a procedure designed to facilitate the process of tracking, identifying and bringing claims against repeat infringers. However, the new procedure will only come into effect once Ofcom’s Draft Code is approved by Parliament.

Technical Measures and Blocking Injunctions

The DEA has also provided for the possible creation of technical measures that may result in the suspension of infringing subscribers’ Internet access. Once the Ofcom regulatory code has been in force for 12 months, the Secretary of State will be enabled to seek an order for ISPs to impose "technical measures" on subscribers who have reached the CIR threshold set by Ofcom, limiting or even fully suspending Internet access. Both the House of Commons and the House of Lords must approve the Secretary of State's order before it can be enforced.

The DEA also enables the Secretary of State for Business to introduce regulations granting courts the power to issue blocking injunctions that force ISPs to bar user access to a website that a court is satisfied "is being or is likely to be used for or in connection with an activity that infringes copyright." A court contemplating such an injunction must be satisfied that the location is one from which "a substantial amount of material has been, is being or is likely to be obtained in infringement of copyright."

Judicial Challenges to the Digital Economy Act

ISPs are currently contemplating the additional costs that the expanded role of ISPs set out under the DEA will entail. Recently, two of the largest ISPs — BT and TalkTalk — launched a legal challenge in the High Court to obtain a judicial review of the DEA, which they claim contravenes EU directives on issues of privacy, proportionality and the non-active role of ISPs. If BT and TalkTalk are unsuccessful in their legal actions, they may bring the matter before the EU courts.

At present, Ofcom has no plans to accommodate the ISPs’ concerns, and has stated its intention to continue with its plan for implementation of the Initial Obligations Code "unless otherwise advised by Government." As the Draft Initial Code must be approved by both the European Commission Committee and the UK Parliament prior to enforcement, Ofcom plans to submit the Initial Obligations Code to the EU by September 2010, and anticipates its finalization by the end of January 2011.