Friday, September 29, 2023

TorrentFreak's Latest News

 

Disclosure of Pirates' Identities "Compatible With EU Privacy Laws"
Andy Maxwell, 29 Sep 09:00 AM

EU CopyrightFollowing the creation of its Hadopi anti-piracy agency over 13 years ago, France monitored and stored data on millions of users suspected of infringing copyrights.

The majority were BitTorrent users and the plan was to use evidence of their piracy activities as a basis for escalating actions including warnings, fines, and ultimately, internet disconnections.

Operating the program for a decade cost French taxpayers 82 million euros ($86.5 million) but according to digital rights group La Quadrature du Net, Hadopi's "mass internet surveillance" destroyed citizens' fundamental right to privacy.

In its quest to hold Hadopi to account, La Quadrature du Net highlighted one of the program's implementing decrees, which authorizes the creation of files containing internet users' IP addresses plus personal identification data obtained from their internet service providers.

In the belief that represents a breach of EU data protection laws, the digital rights group, ISPs, and other like-minded supporters, took their fight to the French legal system.

Referral to the EU's Highest Court

In the vast majority of cases, senior judges in EU member states have little need to consult Europe's highest court. At least in theory, all countries are already in compliance with EU law but every now and again, the gravity of specific cases becomes apparent, resulting in a referral seeking clarification on how EU law should be interpreted.

In advance of a full ruling, the conundrum posed by the French referral was evident in a non-binding opinion handed down last October by CJEU Advocate General Maciej Szpunar.

Under EU law, member states may not pass national laws that allow for the general and indiscriminate retention of citizens' traffic and location data. Retention of such data is permitted on a targeted basis, but only as a "preventative measure" for the purposes of fighting "serious crime." In respect of the information held by Hadopi, the Advocate General found that when the data points are combined, it's possible to link French citizens' identities with the content they access.

The CJEU's top legal advisor described the Hadopi situation as "serious interference with fundamental rights" but short of accepting "general impunity for offenses committed exclusively online," something would have to give. The compromise suggested last year would require "readjustment of the case-law of the Court" to allow rightsholders to enforce their rights when an IP address is the only means by which an infringer can be identified (CJEU, pdf).

Advocate General Delivers Opinion (Case C-470/21)

The opinion delivered Thursday begins with an overview of Hadopi and the methods it uses to deter online piracy. By monitoring initial and subsequent acts of infringement and maintaining relevant databases, it's possible to identify repeat infringers eligible for the next deterrent steps. A decree adopted in 2010 allows Hadopi to request subscriber information from ISPs in response to the provision of IP addresses, mostly obtained from BitTorrent swarms.

The legal proceedings brought by La Quadrature du Net and the Federation of Associative Internet Service Providers, French Data Network, and Franciliens.net, seek to establish whether the collection of civil identity data corresponding to IP addresses, and subsequent automated processing of data to protect of intellectual property, are compatible with EU law absent a review by a court or independent administrative body.

The short answer from the AG's opinion is that Article 15(1) of Directive 2002/58 (pdf) must be interpreted as not precluding national legislation which allows ISPs and other electronic communications services to retain, and an administrative authority such as Hadopi to access, civil identity data corresponding to IP addresses for the purposes of identifying suspected infringers.

No court or review body needs to be involved, but use of such data is only permitted when it is the only means of investigation that can enable a suspected infringer to be identified.

Discussion and Reasoning

In the opinion of AG Szpunar, there is a need to reconcile the rights at issue; the protection of private life and personal data on one hand, and the right to property enshrined in Article 17 of the Charter, which the graduated response mechanism seeks to uphold by protecting copyright and related rights.

The opinion notes that "the great majority" of the IP addresses communicated by Hadopi are dynamic IP addresses, which only correspond to a specific identity at a single moment, which preclude any exhaustive tracking.

"I must emphasise that the protection of fundamental rights on the internet does not in my view justify access to the data relating solely to the IP address, the content of a work and the identity of the person who made it available in breach of copyright not being permitted, but means only that the retention of and access to those data must be accompanied by guarantees," his opinion continues.

"To my mind, an analogy with the real world is telling: a person suspected of having committed theft cannot rely on his or her right to protection of his or her private life to prevent those responsible for prosecuting that offense from ascertaining what the content stolen is. On the other hand, that person may rightly rely on his or her fundamental rights to ensure that, during the proceedings, access will not be provided to more extensive data than just the data necessary for the classification of the alleged offense."

No Mass Surveillance But a Proportionate Response

The digital rights groups' legal action characterizes the Hadopi program as a general surveillance and data retention scheme, operating contrary to fundamental rights. AG Szpunar finds otherwise, noting that there doesn't even appear to be general surveillance of the users present in peer-to-peer networks.

"That procedure does not involve monitoring their entire activity on a given network in order to determine whether they have made a work available in breach of copyright, but rather determining, on the basis of a file identified as counterfeit, the holder of the internet access through which the user made the content available," his opinion reads.

"[I]t is not a question of monitoring the activity of all users of peer-to-peer networks, but only that of persons uploading infringing files, as the uploading of those files reveals much less information about the person's private life because files may be uploaded for the sole purpose of enabling those users then to download other files."

Inevitable Outcome in Favor of Rightsholders

The overall conclusion reached by the Attorney General considers the purpose for which the data is harvested and the challenges of identifying suspected online infringers by other means. The inability to establish a detailed profile of a person's private life via a dynamic IP address is cited on one hand, while the critical value of an IP address in an investigation sits somewhat uncomfortably on the other.

"[I]t follows from the actual case-law of the Court that, where an offense is committed exclusively online, such as an infringement of copyright on a peer-to-peer network, the IP address may be the only means of investigation enabling the person to whom that address was assigned at the time of the commission of the infringement to be identified," the AG continues.

In closing, the retention and access to civil identifying data, corresponding to an IP address for the purposes of prosecuting online infringements, is described as "strictly necessary" and "wholly proportionate" to the objective pursued

"Such an interpretation is in my view inevitable," the AG notes, "unless it is accepted that a whole range of criminal offenses may evade prosecution entirely."

The CJEU's summary and AG Szpunar's full opinion are available here (pdf) and here.

CJEU note: The Advocate General's Opinion is not binding on the Court of Justice. It is the role of the Advocates General to propose to the Court, in complete independence, a legal solution to the cases for which they are responsible. The Judges of the Court are now beginning their deliberations in this case. Judgment will be given at a later date

From: TF, for the latest news on copyright battles, piracy and more.

Authors: OpenAI's Fair Use Argument in Copyright Dispute is Misplaced
Ernesto Van der Sar, 28 Sep 09:15 PM

openaiGenerative AI models such as ChatGPT have captured the imaginations of millions of people, offering a glimpse of what an AI-assisted future might look like.

The new technology also brings up novel copyright issues. For example, several rightsholders are worried that their work is being used to train and exploit AI without any form of compensation.

These concerns have triggered numerous AI-related lawsuits in the United States, many of which target OpenAI. Just a few days ago, the Author's Guild and several prominent members including George RR Martin and John Grisham joined in on the legal action.

The allegations in their complaint are similar to others aired over the past few months. The first case was filed in a Californian federal court by authors Paul Tremblay and Mona Awad, who were later joined by writer/comedian Sarah Silverman and other authors in a similar suit.

According to the plaintiffs, large language model training sets shouldn't be permitted to use every piece of text they come across online. They accuse OpenAI of using books as training data, without permission, relying on datasets that were sourced from pirate sites.

The complaints mention the controversial Books2 and Books3 datasets that are believed to be sourced from shadow libraries such as LibGen, Z-Library, Sci-Hub, and Bibliotik.

OpenAI's Motion to Dismiss

In August, OpenAI responded to these complaints, asking a California federal court to dismiss nearly all claims. According to the tech company, there are no viable claims for vicarious copyright infringement, DMCA violation, unfair competition, and unjust enrichment.

The only claim that wasn't contested by OpenAI is direct copyright infringement, which the company plans to address at a later stage.

Among its arguments to dismiss the claims, the AI company cited fair use. It argued that the use of large amounts of copyrighted texts could be seen as 'fair' because it helps to facilitate progress and innovation.

"Numerous courts have applied the fair use doctrine to strike that balance, recognizing that the use of copyrighted materials by innovators in transformative ways does not violate copyright," OpenAI wrote.

Authors Respond

The authors responded to those arguments this week. While the 'Tremblay' and 'Silverman' cases are not yet officially merged, both submitted the exact same opposition briefs, asking the court to deny OpenAI's motion to dismiss the claims.

According to the authors, it is "telling" that OpenAI makes no attempt to dismiss the direct copyright infringement claim. This issue is best suited to be discussed at trial and the same applies to the other claims.

"Nevertheless, OpenAI still tries to leverage its motion to pre-litigate issues it thinks will carry the day in the future. This is improper on a motion to dismiss and should be disregarded," they write.

The Fair Use Urban Legend

The authors note that OpenAI's detailed interpretation of fair use in an AI context is irrelevant, at least at this stage. Fair use is a defense that is typically not used to dismiss copyright infringement claims before they're properly argued.

"Fair use, of course, is an important—yet limited—feature of U.S. copyright law. Importantly, however, fair use is an affirmative defense, and is "inappropriate to resolve on a motion to dismiss." Given that, OpenAI's arguments regarding fair use are wholly misplaced.

To bolster their argument, the authors refer to a recent ruling in a Thomson Reuters lawsuit, which also deals with AI-related copyright claims. In that case, the court rejected the fair use argument and referred the matter to trial.

In addition, the plaintiffs note that using copyrighted works for AI purposes isn't always considered fair use; that's an urban legend.

"Contrary to widespread urban legend in the AI industry, no U.S. court has squarely ruled on the question of whether training an AI model with copyrighted expression is fair use," plaintiffs write.

Piracy as a Source

The authors also double down on their piracy allegations and mention three types of copyright infringement. In addition to using copyrighted works for training data, the LLM models themselves are also infringing derivative works, and the same applies to the output of the models.

These accusations and claims largely rely on the suspicion that OpenAI used hundreds of thousands of copyrighted books as training material. While the company never mentioned its source, the authors believe that the models are trained on pirated books from shadow libraries such as LibGen, Z-Library, Sci-Hub, and Bibliotik.

"The book datasets used by OpenAI for training language models included thousands of copyrighted books, including books written by Plaintiffs," they write.

"Given the size of these book datasets, the most likely source of these books is one or more of the notorious 'shadow library' websites that host massive numbers of pirated texts that are not in the public domain."

The direct and vicarious copyright infringement claims rest on this suspicion, and the same is true for the DMCA violations. The authors hope that they will be able to prove this at trial and ask the court not to dismiss any claims prematurely.

Copies of the authors' identical opposition briefs in response to OpenAI's motion to dismiss are available here (Tremblay et. al / Silverman et al)

From: TF, for the latest news on copyright battles, piracy and more.

270x90-blue

Are you looking for a VPN service? TorrentFreak sponsor NordVPN has some excellent offers.

 
 
Powered by Mad Mimi®A GoDaddy® company

No comments: