Home > Internet > Voltage’s Teksavvy Subscriber Shakedown: What’s a Good ISP to do?

Voltage’s Teksavvy Subscriber Shakedown: What’s a Good ISP to do?

Tomorrow will be a big day in a federal court in Toronto. At 11am, the court will hear a motion by Voltage Pictures to have Canadian indy-ISP and darling of the open internet community, TekSavvy, disclose the subscriber names and contact addresses associated with a list of 2000 IP addresses that Voltage alleges have been used to upload and share its films and tv programs in violation of copyright law.

At the end of the day we may know whether Voltage has prevailed and TekSavvy forced to hand-over the subscriber account information linked to those 2000 IP addresses. But while we wait, there is another question that I want to address in this post, and that is whether TekSavvy has done as much as it should to oppose Voltage’s motion?

As TekSavvy’s CEO Marc Gaudrault stated in DSL Reports last December when the case first erupted into public view, “we will not be making a case against the merit of what they are alleging. That’s for those affected and others to do if they wish to.”

That refusal to take a stand, to put it mildly, has displeased many of its subscribers. It has also unleashed a roiling discussion thread on DSL Report as well as the blogosphere. Respected copyright lawyer, Howard Knopf (here, here and here) and Jason Koblovsky (here & here), one of the co-founders of the Canadian Gamers Organization, have been highly critical of TekSavvy, arguing that it should be doing more to push back against Voltage’s shake-down of the ISP.

Drawing on his experience as legal counsel to CIPPIC in a close parallel to the motion now in front of us — the BMG case in 2005 — Knopf argues that TekSavvy should take the lead in opposing Voltage’s motion for at least three reasons:

  1. First, since it is the only entity that can resolve the link between IP addresses and subscriber identities, it is in the best place to challenge the technical evidence that Voltage and its forensics contractor, Canipre, have put forward;
  2. Second, in the BMG case, Telus and Shaw actively stood in opposition to the record labels’ bid to obtain subscribers’ identities on just this ground and TekSavvy should do no less in the present case, especially given that it holds itself out as being more attuned to its subscribers’ interests than its corporate cousins – a point that Koblovsky also relies on heavily;
  3. Third, it is too much to ask of CIPPIC, an organization with a skeletal staff and limited resources, to take the lead in the case.

The criticism of TekSavvy has led to a lot of soul-searching, mostly because, to most observers, the indy-ISP has been on the side of angels. The little-ISP-that-could, for instance, led the charge against the CRTC’s hated UBB decision in 2011, has intervened time and again in a myriad of regulatory decisions in which the fate of indy-ISPs has been on the line, held itself up as a plucky alternative to the incumbents with more affordable services, bigger caps or none at all, and has been a patron of Open Media, probably the most successful group this country has ever seen in terms of opening up arcane telecom, media and internet policy issues to a much bigger audience.

So, not surprisingly, others have come to TekSavvy’s defense. Most notably, in addition to denouncing Voltage’s mass copyright litigation (here and here), the other day David Ellis chastised TekSavvy’s critics. As Ellis sees it, TekSavvy has being working hard on behalf of its subscribers for two months. Moreover, TekSavvy quickly joined CIPPIC to ask the court to postpone the matter to give the ISP more time to notify its subscribers, for the court to consider CIPPIC’s request to join the proceedings and to give Voltage and its hired-gun, Canipre, more time to clean up their data. Ellis also suggests that the distance between pushing for a delay and outright opposition might not be that far, and we could still see it take on a more active oppositional role yet.

He also argues that TekSavvy’s reticence to take a stance is probably due to concerns that doing so could jeopardize its claims to being a neutral, common-carrier. In this view, by staying neutral, TekSavvy avails itself of ‘safe-harbour’ provisions that get ISPs off the hook in terms of their own liability in copyright infringement cases.

While I agree with Ellis that TekSavvy could yet change its stance, and that it has done much to buy its subscribers time to arrange their own defense, I do not think it has done enough. I also think worries that actively opposing Voltage’s motion could jeopardize its ‘safe-harbour’ defense are misguided. As a common carrier, ISPs already have limited liability for what their subscribers do, and what TekSavvy does in the courtroom will have no effect on that.

I agree with Knopf that TekSavvy should be taking the lead in opposition to Voltage’s shake-down because it is in the best place to do so from a technical point of view. That there may be problems with the technical data that Voltage is presenting is evident in the fact the company cut their initial list of 4000 IP addresses down to 2000 at the last minute – a good sign that things are not quite in order. Given the weight the BMG case put on the quality of the data in determining whether privacy would be trumped by other pressing concerns, this is essential (see para 21).

Second, ISPs are common carriers and this means their liability for what subscribers say and do is very limited, both by law and by tradition. The basics of what that means is set out in the Telecommunications Act of 1993 (see sections 27-29 and 36). Common carrier principles are also carried over into the new Copyright Modernization Act, as the following passage indicates:

A person who, in providing services related to the operation of the Internet or another digital network, provides any means for the telecommunication or the reproduction of a work or other subject-matter through the Internet or that other network does not, solely by reason of providing those means, infringe copyright in that work or other subject-matter (sec. 31(1)).

Incumbent ISPs have always reserved the right to aid copyright claimants (read your Terms of Service agreement) and, indeed in 2011 Telus said that it was sending out 75,000 notices a month of alleged copyright infringement to its subscribers. The new Copyright Modernization Act has parlayed this informal arrangement into a notice-and-notice regime that now requires ISPs to do the same thing as a matter of law, and to retain and disclose subscribers’ information for a period of six months after receiving notice of copyright infringement.

There is nothing in the new act or the old legislation, however, that prevents or even discourages ISPs from taking a stance against a motion for disclosure. Again, as Knopf observes, when mass copyright litigation first hit Canada in the BMG case, Shaw and Telus stepped up to oppose BMG and the rest of the recorded music industry arrayed against them. Moreover, while Bell and Rogers were less committal in the opposition, ultimately they did line up foursquare with Shaw and Telus behind the view, as the court stated, that ISPs should step forward to “protect[] the privacy of their customers whom they were obliged to protect by virtue of the Personal Information Protection and Electronic Documents Act (2000) (para 13). They won.

TekSavvy should do the same. Going out on a limb a bit, at least one seasoned lawyer that I have spoken with suggest that the case could be fought and won easily, for five figures, i.e. under $100k.

Beyond the BMG case we can also look further afield to the United States at a recent example of what a real stance opposing a motion of disclosure looks like. Thus, when faced with a request from the Department of Justice to hand-over account information for three of its subscribers, without telling them, as part of the DOJ’s investigation of Wikileaks, Twitter refused. The company obtained a court order allowing it to disclose the request to the users in question. It also put them in touch with legal counsel at the Electronic Frontier Foundation.

Finally, Twitter fought the request tooth and nail, all the way to appeal, but lost because, according to the ruling, the social media company’s business model is based on the unbridled collection of user data for advertising purposes in return for free access to the service. The upshot of that, in turn, is that users have no reasonable expectation of privacy and thus Twitter had to hand over subscribers’ account information to the state.

Whether Twitter won or lost is not the key point; the fact that it stood up to the plate, and fought to the bitter end in support of its subscribers and a principle – privacy – is. Moreover, while a loser in the court of law, in the court of public opinion, it won: Twitter’s chief lawyer, Alex MacGillivray, was named by The Guardian as one of its top twenty “champions of the open internet” last April.  The Electronic Frontier Foundation offered its own honorifics.

The last point that I want to make is that TekSavvy has another option at its disposal: minimizing the collection, retention and disclosure of subscriber data as a matter of company policy. Apparently there has already been some discussion of this, with the ISP at one point in time before the Voltage motion hit the fan thinking about increasing the length of time that it keeps data logs from three months to six. That is now off. And that is certainly a good thing.

There are many reasons that ISPs need to keep data logs, not least of which are billing and network management. However, there are also ways of meeting these needs that limit the data kept to just these narrow purposes and which otherwise minimize how much data is collected, how long it is retained, and when it is disclosed. Billing data, for instance, can be kept separate from traffic data, with the former retained, and the latter tossed.

There are two excellent examples along these lines that I’ll close this post with. The first is Sonic.net, a San Francisco Bay area ISP with 45,000 subscribers. It keeps subscriber data logs for only two weeks and has been the recipient of copious amounts of praise and a four-star rating by the Electronic Frontier Foundation in the latter’s annual “Whose got your back” scorecard because of this practice. TekSavvy could take some lessons from Sonic.net.

Lastly, in 2009, several Swedish ISPs, including one of the top 3 – Tele2 – began erasing “traffic data” in order to protect their subscribers privacy. They did so in response to the Sweden’s own new copyright law, IPRED, and in order to avoid precisely the kind of predicament that TekSavvy now finds itself in.

In my view, such a minimalist data collection, retention and disclosure policy is part and parcel of what a full-throated defense of principles and its subscribers would look like. The point is not to turn TekSavvy into a scofflaw, or a ghetto for copyright infringement abuse. The case of Sonic.net, Tele2, Twitter, and others demonstrate well that strong privacy and subscriber protections are not tantamount to such things, and indeed are good business and good for people’s rights.

Minimizing the collection, retention and disclosure of subscriber information embodies practices and values that apply across domains. Today it is copyright; tomorrow, lawful access and the son-of-Bill C30 (lawful access). Such values and practices will serve us well in that context, too.

We are in the midst of many events and choices that will be made that will set down the firmament in which the internet establishes deep roots. In my mind, we need to realize that these decisions and events will determine whether we can develop an internet fit for democracy, or whether we will see trade-offs all down the line to the point that an open internet and democracy are just a dream. Good night.

* Note: revised January 14th to acknowledge that Bell and Rogers were far more tepid in their stance than Telus or Shaw in the BMG case, while Quebecor (Videotron) actively sided with the record labels.

Categories: Internet Tags: , , , ,
  1. Sean Valjean
    February 12, 2013 at 8:39 pm

    This is great. Finding a good internet provider can be supper difficult.

  2. Chris
    January 16, 2013 at 3:04 pm

    “Apparently there has already been some discussion of this, with the ISP at one point in time before the Voltage motion hit the fan thinking about the length of time that it keeps data logs from three months to six.” – I can’t parse this sentence. Is it perhaps missing the word “increasing” ?

  3. January 14, 2013 at 10:41 pm

    As you alluded to, by opposing the motion would be good for business and good for consumers. Safe Harbor provisions, from being actively involved in the copyright consultations and debates myself, prior to this legislation being drawn up are to pretty much protect ISPs so that they can move forward with their responsibly to their customers. Many safe harbor provisions globally have been tried tested and true in that regard. I believe ours were specifically designed and modeled around that ideology.

    Over the past month TSI has been hammered over this decision by their own customers, consumers, media. Looking at this from the stand point of a risk assessment, there’s no logic to this and I highly doubt that this would be legally advised on not just law issues, but the amount of risk to this is enormous, especially when we have ample case law to allow them to move forward. The risks of taking a legal position to evoke time and debate is absurd. We’ve already had the national debates on this, why do we need another one? I think questions not to oppose will get stronger as a result of that debate, which brings more risk into the equation. This just doesn’t make any sense, and doesn’t add up.

  4. Jean-Francois Mezei
    January 14, 2013 at 4:31 am

    I’ve had some conversations and time to think about this. Amazing how this can change one’s opinion on the matter.

    We all want a good go at the patent troll to put their data collection tactics to a good legal test and full scrutiiny. and this needs to be done to set the right precedents to control further such patent trolling exercises.

    But why should a single ISP bear the full cost of such an exercise ? You want to challenge the data collection, then you pay to bring in the Garda Ley programmers to come from Germany and testify. Who pays for that ?

    You’d probably also want to find a torrent network operator willing to testify (tough job!) to demonstrate that the list of IPs in a tracker contains random ones to throw people off (or whatever tactics are used by different torrent networks).

    A thoughrough challenge of the validity of Canipre/Voltage’s data collection would be a very expensive endeavour and would have to be done in a true legal process, not what amouts to a pre-trial hearing.

    More importantly, we need one good legal test of the actual copyright infringement aspect. So this requires Voltage sue an individual. This can’t be done in the current stage because the current stage is not a trial. A real trial is when you not only cross examine Voltage/Canipre and Garda Ley, but also the whole issue of the bittorrent client doing automatic uploads, often without the user intentionally starting an upload .

    Voltage may have no intentions of suing anyone and going to court against individuals. Its intentions may simply to generate scare publicity to make people affraid to view any Voltage products. And Teksavvy, by making the process more public and transparent may have actually played right into Voltage’s hand because everyone is talking about it.

    It is time that Voltage be forced to actually sue someone. It is time to have a real trial and set the precedents that Voltage doesn’t want to be set.

    A real trial is when you bring out the big artillery to kill the bear in one decisive shot. Wounding the bear will only get it madder and it will attack you again and again and again.

    Why should a single ISP bear the full cost of such an full fledged attack ? Shouldn’t it be the ISP industry together that mount the challenge ? Or better yet, wait for the real trial when you mount the real and final precedent setting attacks against the bear to make it go away once and for all.

    It must be noted that Teksavvy has already done much more than many other ISPs. TSI isn’t the first target. In 2011, Bell,Vidéotron,Cogéco struck a deal with Voltage where they not only agreed to not fight the request to divulge identity associated with 50 IP addresses, but also agreed to NOT SHOW UP IN COURT.

    I hear Distributel recentrly got served with similar request and did not fight it. We didn’t hear about it because Distributel didn’t raise a big fuss and did not bother to inform its customers. Nobody is accusing Distributel.

    Perhaps Teksavvy should have done as Distributel and quietly accept a court order, hand over the information to Voltage and the first we would have heard would be when end users start getting those threath letters from Voltage.

    Teksavvy has already done more that other ISPs. They got a delay so they could warn their customers about their identity being at risk of being divulged to Voltage. And they got a delay to give time for CIPPIC to get involved.

    And if CIPPIC is accepted as an “intervenor” in the case, they may be able to raise arguments on a wider aspect of subjects than Teksavvy (as an ISP) could raise.

    Remember that Teksavvy has no business defending its customers against copyright allegations. And at the current state of proceeding, the burden of proof necessary for judge to decide the court proceedings can go ahead (aka: allow Voltage to send letters to individuals) is very low.

    It is in an actual trial that the burden of proof rises significantly and where errors by Canipre become significant.

    Yeah, it would be nice if Teksavvy could finish the bear once and for all. You can wish and dream this will happen. But the harsh reality is that Teksavvy is just a business with budgets, expenses and most importantly, a growing business to run and manage. Spending megabucks on lawyers AND spending mega hours on this legal process instead of managing the company would put the company in jeoperdy.

    Teksavvy hasn’t done anything wrong. It is not being accused of copyright infringement. Why should it have to be the one spending over a million bucks on armani wearing lawyers to defend something it isn’t accused of doing ?

    I believe Teksavvy has done the right thing by allowing CIPPIC to insert itself into the process. CIPPIC are better positioned to argue the case from many aspects (privacy, copyright etc) and they can corss examine Teksavvy on technical issues if needed.

    • Bill
      January 14, 2013 at 6:21 am

      This is a good point and on this point alone, indicates the invalid nature of the complaint and process.

      • January 15, 2013 at 1:12 am

        Just to add to my previous point in economics. As far as I know there are no test cases globally with respect to the economics of the situation. Does the current legislation not require an economic test to even qualify for statutory damages. Why would you dance around the issue and argue based on how bittorrent works? That’s being I think too politically correct, and dances around the huge amounts of economic data.

        A precedent in the either case would yield the same result. Why not attack this head on and put the issue to bed, once and for all. That’s what I don’t understand in all of this. The political ideology needs to change here. If it doesn’t we’re going to be arguing how bit torrent works until the cows come home. It’s not fair that within 2 years, someone is going to have to be yet another test case.

    • January 15, 2013 at 12:50 am

      Jean-Francois Mezei – I find your comments on here fascinating. I very much agree there needs to be a test case here in court. The economics of non-commercial infringement needs to be brought to light in a court setting. The independent academic, view at least globally supports the notion that media industries are in a cycle of creative destruction. A lot of my research over the years, indicates that it’s not non-commercial infringement that’s the problem, it’s the protectionism within copyright law around this subject due to ideological and political reasons that’s causing economic harm. There’s solid economic evidence that could and most likely would withstand a legal test as being not just credible but should be widely accepted.

  5. Bill
    January 14, 2013 at 2:54 am

    This potential breach of private information will be a disaster for Tek-Savvy, even if the court decides in the favour of consumers (which it probably won’t). The damage done to their reputation has me reconsidering my subscription and has prompted me to seek an alternative. While I’m not an avid downloader or manic distributor of illegal content, I am greatly offended by the lack of action on the part of Tek-Savvy to protect my privacy. If they lose this case and Voltage gains access to my records, they gain access to everything. On the surface, this is not a concern, but the honest truth is that my info is none of the god damned business.

    On top of this, I have four concerns that all subscribers should share.

    ONE: Tek-Savvy is profiting from allowing people to download, therefore should be the one most liable for enabling file sharing and content distribution. As an ISP that has aggressively situated itself as the ‘download friendly’ ISP by opening the gates after 7PM and making substantial space available as part of its bandwidth availability for subscribers on a monthly basis, they have exposed themselves to potential lawsuits from the customers that they won from the likes of Bell and Rogers.

    TWO: The theoretical issue related to access to legitimate content. I subscribe to Netflix, which is blocked from distributing MOST of the content that I’d watch legitimately if it were available there, but our antiquated communications framework prevents me from doing the honest thing, even though I currently pay for this service and I’m even willing to pay a nominal fee for new content. I’m no longer interested in the extremely costly traditional option, yet no company in Canada is willing to step forward with a decent alternative and those that are from outside Canada are being blocked. This is criminal. Why are we protecting a framework that simply exists to allow our mega-media companies to profit from a duplication of the American advertising industry? Without blocking, there would be no point in having our closely-held media networks and monopolies except for maybe news and sports, but again, all they do is tap feeds from other suppliers, so why can’t we just go to the source and skip the middle manager?

    The media and content universe has changed and Canadians should not be punished for this profound lack of innovation.

    THREE: there’s the question of how many times I’m willing to pay for this content. When I go to see a movie, it’s presented by a single producer or distributor that distributes many other titles, most of which are junk, but are subsidized by the movie that I’ve chosen. Why is it that I can’t keep a voucher or indication of proof of payment and apply that to the producer/distributor for all of their content as opposed to being hunted like a wimpy kid in the school yard by a bunch of tyrannical bullies simply because I enjoyed a single title and wanted to see it again? The cost of a movie date alone gets up into the $40-$50 range, so I’m done with paying after that point. The music industry has been forced to accept that multiple formats exist and in fact, their revenue has exploded (as you’ve researched well, Dave) as they’ve made the digital channel a legit channel. They’ve also been working to change pricing so that consumers get what they want (ie. 2-3 good songs for a premium as opposed to a complete record of questionable additive).

    Companies like Voltage should adapt in a similar way. Or not exist if they don’t.

    FOUR: Smarter people than me simply use technology to avoid being tracked. Do we really want to encourage Canadians to seek out ways to avoid tracking, such as getting IP scramblers and other blocking services? We are at risk of creating a massive industry of avoidance simply to protect ourselves from this kind of overzealous tracking. Is this what we want as policy direction and as public response?

    In summary, this is an appalling situation and Canadians should be insulted by the apathy of their commercial infrastructure and legal system. I want to do the hones thing, but the infrastructure actually prevents me from doing so. The fact that this still repeats as a topic and issue puts us all to shame.

    It’s time to demand innovation. It’s time we move forward.

    • January 15, 2013 at 1:44 am

      Want to know how much economic data is out there supporting my arguments:

      http://musicbusinessresearch.wordpress.com/

      Pertaining to the music industry, however the same retaliative theory of creative destruction can be applied to video content as well. The difference between the two, is that music has a value chain disconnect, and their are not economic impacts. Video has a viable value chain:

      http://jkoblovsky.wordpress.com/2012/12/23/possible-value-chain-for-video-content-downloaded-from-p2p/

      Politically the government paved the path for this argument to be made in court with the new legislation. I think I helped in developing some of the economic understanding of the situation, during the consultations, and through some advocacy I did through Giests Fair Copyright for Canada movement. Politically. the path is there, and it’s meant to be taken and tested. So test it ;)

  1. January 22, 2013 at 12:33 pm
  2. January 17, 2013 at 6:31 am
  3. January 15, 2013 at 5:16 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 129 other followers

%d bloggers like this: