Data protection law protects illegal downloaders

Although a Dutch case that might not be followed in England & Wales,Foundation v UPC Nederland was interesting in that it demonstrated how data protection legislation designed to protect the innocent came to the rescue of alleged hackers. 

Here action was taken by certain music companies and the artists’ “trade union”(Brein) against certain ISPs that provided the internet to users in the Netherlands . Regular readers of our ezine and website have seen how in the UK and USA such ISPs have been forced successfully to reveal the identities of illegal downloaders.

What was different about this case was that a US company called MediaSentry had been contracted to gather a number of the suspect IP addresses. 

 

The ISPs refused to reveal the confidential date to MediaSentry on the grounds of Dutch data protection law since they argued the use of a US intermediary, outside the EU, risked inadequate level of protection of personal data on the facts since this US company had not signed up to the “Safe Harbour” framework agreement and the use of model clauses of protection which had been agreed as a compliance method to the EU Data Protection Directive. 

The court agreed stating “.. the United States of America cannot be regarded as a country with an appropriate level of protection for personal data…..it follows… the manner in which.. Brein had IP addresses collected and processed had no lawful basis.” which must be read with some concern from nationals form “the Land of the Free”!

The contents of this article are intended for general information purposes only and shall not be deemed to be, or constitute legal advice. We cannot accept responsibility for any loss as a result of acts or omissions taken in respect of this article.