France

[FR] Re-launch of Plan to Monitor Peer-to-peer Networks

IRIS 2007-6:1/16

Amélie Blocman

Légipresse

The Act of 6 August 2004 amended the “Information Technology and Freedom” Act of 6 January 1978, which regulates the processing of personal data in France, with the addition of an Article 9-4 giving bodies that collect and manage royalties and neighbouring rights and bodies that defend the profession the possibility of implementing “the processing of personal data concerning unlawful action (…)”. The text was referred to the Constitutional Council, who validated the new provision, which was “aimed at combating piracy practices that are developing on the Internet network”. Carrying out data processing of this kind is subject to authorisation from the national commission on information technologies and freedoms (Commission Nationale de l’Informatique et des Libertés - CNIL), an independent administrative authority instituted by the 1978 Act. Thus the syndicate of leisure software editors ( Syndicat des éditeurs de logiciels de loisirs - SELL) was authorised in March 2005 to set up automatic systems to monitor the downloading of video games on the networks.

On the basis of this precedent and the new possibility offered by the Act, four societies of authors, composers and editors of music and phonograms asked the CNIL for authorisation to set up automated data processing with a view to researching and noting whenever musical works were being made available for downloading on peer-to-peer networks, and sending dissuasive messages to the Internet users making works available on these networks. The CNIL had refused this in October 2005, on the grounds that such processing was not in proportion with the aim being pursued since it would involve a massive collection of data and allow the exhaustive, continuous monitoring of networks for exchanging files. The refusal was submitted to the Conseil d’Etat , and in its decision delivered on 23 May it held that the CNIL had committed an error of evaluation. Indeed in view of the scale of the practice of exchanging music files on the Internet, the limited number of musical titles monitored (10,000 tittles, with 10% of the titles comprising the base being updated each week), and the number of titles (several million) handled by societies protecting the rights of authors and composers, the processing presented was proportionate. However, in respect of the sending of educational messages, the CNIL rightly considered that this was contrary to the provisions of the Code for the Postal Service and Electronic Communications. Indeed they are not relevant to the case of Internet access providers who are authorised to retain connection data about Internet users in order to make this available to the legal authorities for prosecuting criminal offenders. However, according to the Conseil d’Etat , this point could not in itself justify the CNIL’s refusal of authorisation. In reaction to the decision, the CNIL recalled that its objective was to “guarantee a fair balance between protecting copyright and protecting the privacy of Internet users”. It was therefore time for “resuming a constructive relationship with the bodies concerned”, which for their part had welcomed the decision. Although the monitoring arrangements are already prepared, no real progress is, in fact, expected before next autumn. The new Minister for Culture felt that this decision by the Conseil d’Etat, lifting the CNIL’s refusal to allow access to subscriber’s files, “opened the door” for setting up “graduated response” solutions consisting of sanctioning piracy on differing levels, and she welcomed the prospect.