Tweet enviado por @opinguino :
eurodiputada escocesa responde mi carta sobre #ACTA con un link a este estudio de su grupo: http://rfc.act-on-acta.eu/fundamental-rights ACTA VIOLA DERECHOS HUMANOS
Traducción breve sobre el tema:
El presente dictamen fue elaborado a petición del Grupo Los Verdes-Alianza Libre Europea en el Parlamento Europeo. De ello se desprende una solicitud de Jan Albrecht, Verde / ALE del MEP, a la Comisión de Asuntos Jurídicos del PE para averiguar "si la versión final del ACTA y su procedimiento legislativo previsto está en consonancia con los Tratados de la Unión Europea y que las posibilidades legales que existen para el Parlamento Europeo a desafiar esta al frente del Tribunal Europeo de Justicia. "Se trata de proporcionar parte de la respuesta a esa pregunta (solamente), en que la incompatibilidad del ACTA con el Convenio Europeo de Derechos Humanos o la Carta de la UE de los Derechos Fundamentales sería la adopción y aplicación del Acuerdo ilegal bajo la legislación de la UE. El dictamen establece las opiniones de los autores que efectivamente existe tal incompatibilidad, con los argumentos de fondo.
Traducción breve sobre el tema:
El presente dictamen fue elaborado a petición del Grupo Los Verdes-Alianza Libre Europea en el Parlamento Europeo. De ello se desprende una solicitud de Jan Albrecht, Verde / ALE del MEP, a la Comisión de Asuntos Jurídicos del PE para averiguar "si la versión final del ACTA y su procedimiento legislativo previsto está en consonancia con los Tratados de la Unión Europea y que las posibilidades legales que existen para el Parlamento Europeo a desafiar esta al frente del Tribunal Europeo de Justicia. "Se trata de proporcionar parte de la respuesta a esa pregunta (solamente), en que la incompatibilidad del ACTA con el Convenio Europeo de Derechos Humanos o la Carta de la UE de los Derechos Fundamentales sería la adopción y aplicación del Acuerdo ilegal bajo la legislación de la UE. El dictamen establece las opiniones de los autores que efectivamente existe tal incompatibilidad, con los argumentos de fondo.
Para tener una idea, de lo que es el ACTA, recomendamos ver, este vídeo:
Click to get the document in its original Microsoft Office Format (.doc), or converted to Open Document Format (.odt) or Portable Document Format (.pdf)
on the compatibility of the
Anti-Counterfeiting Trade Agreement (ACTA)
the European Convention on Human Rights &
the EU Charter of Fundamental Rights
Professor of International law
London Metropolitan University
Senior Research Fellow
Oxford Internet Institute
University of Oxford (UK)
Prepared at the request of
About this Opinion:
This Opinion was prepared at the request of the Greens/European Free Alliance group in the European Parliament. It follows a request by Jan Albrecht, Green/EFA MEP, to the EP Legal Affairs Committee to find out “if the final Version of ACTA and its foreseen legislative procedure is in line with the Treaties of the European Union and which legal possibilities there are for the European Parliament to challenge this in front of the European Court of Justice.” It seeks to provide part of the answer to that question (only), in that incompatibility of ACTA with the European Convention on Human Rights and/or the EU Charter of Fundamental Rights would make adoption and implementation of the Agreement illegal under EU law. The Opinion sets out the views of the authors that there is indeed such an incompatibility, with the underlying arguments.
The views expressed in this Opinion are those of the authors only: they do not necessarily reflect those of the Greens/EFA.
This report is issued under a CC-BY-SA License.
About the authors:
Douwe Korff is Professor of International Law at London Metropolitan University , London, UK, and a leading European human rights- and data protection expert. He has taught the European Convention on Human Rights at various Dutch and UK universities for more than twenty-five years, has extensive experience in the European Court of Human Rights, and has written many reports on human rights issues for the Council of Europe, the European Union and the Organisation for Security and Cooperation in Europe.
Ian Brown is Senior Research Fellow at the Oxford Internet Institute of the University of Oxford, and a leading expert on public policy issues around information and the Internet, particularly privacy, copyright and e-democracy. He also works in the more technical fields of information security, networking and healthcare informatics.
Both Ian and Douwe are members of the Advisory Council of the Foundation for Information Policy Research, FIPR, the leading think tank on information policy issues in the UK (see www.fipr.org) and with fellow members of FIPR have carried out several major studies for the UK Information Commissioner’s Office (ICO), Joseph Rowntree Reform Trust and others. They have written many papers together on information policy issues raising both legal and technical questions, most recently an Issue Paper for the Council of Europe Commissioner for Human Rights, on Social Media and Human Rights, due for publication in September 2011. They jointly led the 2010 European Commission’s “Comparative study on different approaches to new privacy challenges, in particular in the light of technological developments”, which aimed to underpin the debate on the new data protection regime for the EU after the Lisbon Treaty: see: http://ec.europa.eu/justice/policies/privacy/studies/index_en.htm
Douwe Korff & Ian Brown
on the compatibility of the
Anti-Counterfeiting Trade Agreement (ACTA)
with the European Convention on Human Rights &
the EU Charter of Fundamental Rights
- Introduction 1
- The Anti-Counterfeiting Trade Agreement 1
- Criticism by European experts, civil society organisations
and academics 2
- Responses from the EU authorities 10
- ACTA, the ECHR and the EU Charter of Fundamental Rights 18
- The issues addressed in this opinion 18
- ACTA and the right to property 20
- ACTA and the right to freedom of expression and information 22
- ACTA and the right to privacy and data protection 32
- ACTA and the right to a remedy and a fair trial 50
- Summary & Conclusions 57
- ACTA (final agreed text)
- LABtoLAB expression of concern
- Opinion of European academics
"Whereas intellectual property is important to society and must be protected, it should not be placed above individuals' fundamental rights to privacy and data protection [and other rights such as presumption of innocence, effective judicial protection and freedom of expression]. A right balance ... should be ensured."
European Data Protection Supervisor, Peter Hustinx
(Press release of 22 February 2010, accompanying the EDPS Opinion on the then available text of ACTA. The words in square brackets have been added; they are taken from para. 83 of the Opinion)
- The Anti-Counterfeiting Trade Agreement1
Many rich-world governments have been persuaded by lobbying from right holders that infringements of intellectual property rights (IPR) pose “an ever-increasing threat to the sustainable development of the world economy”2 and are “a problem with serious economic and social consequences.” The proposed Anti-Counterfeiting Trade Agreement (ACTA) seeks to deal with that problem.
The Agreement was originally developed by Japan and the US in 2006, with further input from Canada, the EU and Switzerland in 2007 and 2008. Australia, Mexico, Morocco, New Zealand, South Korea and Singapore then joined official negotiations, held largely in secret, with a final text released on 15 November 2010. The signatories aim to later encourage large emerging economies to join.
ACTA covers counterfeit trademark goods and pirated copyright goods, including those distributed online, and requires criminal penalties for wilful infringement on a commercial scale. It builds on the World Trade Organisation’s Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS), but has been negotiated outside the WTO (and World Intellectual Property Organisation) framework. It is governed by a new “ACTA committee” through which signatories may amend the agreement, with industry consultation but no requirement for public input.3
After earlier texts containing draconian measures without due process were “leaked”, the later drafts of the Agreement were watered-down in these respects. The no-longer mandatory proposals included a “three strikes” rule, under which individuals held to have thrice infringed IPRs would be barred from the Internet, and the imposition of wide-ranging liabilities on Internet Service Providers (ISPs). Whether these concessions to public and European Parliament concerns suffice will be discussed later.
Criticism by European experts, civil society organisations and academics
Expert study for the European Parliament:
There were a number of contentious issues about, and in, the Draft Agreement, only partly noted in the U.S. Summary of Key Elements Under Discussion, mentioned above. Some of these have been resolved, or at least alleviated; some are still of concern. They were summed up in a 2009/10 study for the European Parliament’s Directorate-General for External Policies’ Policy Department, as follows:4
4.3.4 Undermining progress: "TRIPS plus" and ACTA
In bilateral and multi-lateral trade negotiations it is very common for IP-rich counties to require other countries to commit to adopting IP enforcement mechanisms which are above the requirements of TRIPS, therefore known as "TRIPS plus" (Armstrong and Ford, 2006). At the time of writing, the most important and controversial multi-lateral agreement concerning IP rights is the Anti-Counterfeiting Trade Agreement (ACTA). This is a proposed trade agreement between the US, Japan, the European Commission, Switzerland, Australia, Canada, Jordan, Mexico, Morocco, New Zealand, South Korea and the United Arab Emirates. The final terms of ACTA are due to be agreed this year, following seven rounds of negotiation which commenced in October 2007.
ACTA is widely criticised by a number of stakeholders because it is being negotiated in secret, excluding civil society, accountability institutions and most developing countries and there are no mechanisms made available for feedback on proposals.
Speculation about what might or might not be included in the agreement was based on numerous leaks. The European Parliament had unsuccessfully requested a copy of the draft agreement from the European Commission on numerous occasions. In March 2010 the Parliament issued a resolution “deplor[ing] the calculated choice of the parties not to negotiate through well-established international bodies, such as WIPO and WTO, which have established frameworks for public information and consultation” (2010b:para 6). It “call[ed] on the Commission and the Council to grant public and parliamentary access to ACTA negotiation texts and summaries” (ibid:para 3). As a result, in April 2010, ACTA negotiators finally released the draft text having removed attribution to country positions. This highlights the value of public pressure, and provides an example of an effective tool that the European Parliament can use.
Fears that ACTA would make graduated response penalties mandatory have been alleviated as a footnote contained in leaked documents which proposed graduated response as a model policy, have been removed. There are still concerns that ACTA may be used to encourage third countries to adopt this policy as proposed text specifically states that such a policy is not in conflict with the agreement (Geist, 2010).
Other fears have been confirmed, namely that ACTA seeks to develop a regulatory IP regime more onerous than that which currently exists at the international level, including controversial "TRIPS plus" provisions. The draft ACTA calls for the increased use of criminal and civil penalties against people using copyright circumvention technologies and those accused of copyright infringements, and also for ISPs to have more responsibilities with regards to removing infringing material.
As already discussed, these provisions are dangerous, potentially offering limited protections for access to knowledge, information and culture in the public interest. There are also concerns that ACTA is not merely seeking to bind the negotiating states, but is also creating a new international standard which is likely to be imposed on third countries in future trade agreements, possibly even replacing WIPO (Geist, 2010a). The draft text indicated that there is still disagreement over many of the terms of the agreement.
The above is followed, in the study, by positive comments about “Alternatives to enhancing intellectual property rights”, with a box with examples (p. 62), and Conclusions that stress the need for such new approaches, and the errors in the ACTA process and substance:5
The human rights framework recognises the benefits that innovation, creativity and scientific progress can yield for individuals, societies and humanity. ICTs have helped to open up new opportunities for enhancing these benefits and enabling more people across the world to enjoy them. The challenge for the international development, human rights and business communities is to build on these opportunities to develop innovative and flexible business models that spur both human creativity and access to knowledge. However, national and international policy trends are pulling in the opposite direction. The tendency is to enhance intellectual property rights in ways that disproportionately protect the interests of big business and that threaten to undermine the careful balance between private and public rights to benefit from the production and distribution of culture and knowledge.
Europe has an important role to play on the international stage, both in terms of leading by example and in terms of promoting good practice and standards at the international level. This could be done through taking initiative in standard setting bodies and trade negotiations, for example through driving forwards the development agenda at WIPO. From a human rights perspective, Europe should take every measure possible to ensure that the ACTA process is conducted transparently and that the outcomes restore the balance between public and private rights to knowledge and culture, rather than further upsetting it.
The EU should also support and take on board independent research into the advantages and disadvantages of different approaches to copyright protection in order to counteract a general overreliance on data produced by industry. Academic analysts have heavily criticised reports produced by industry as overemphasising the costs and dangers of copyright infringement (see for example Karaganis, 2010). Despite this, digital rights activists are concerned that members of the European Parliament’s Legal Affairs Committee are set to adopt a report that conflates online file sharing with trading in counterfeit goods, and that advocates for the criminalisation of intellectual property infringement (EDRi, 2010). Similarly, the Council of Ministers have recently urged the European Commission to revive controversial plans to harmonise the criminalisation of IP infringement across Europe (Council of the EU, 2010b). Such debates need to be based on independent, accurate evidence and consideration of human rights.
In summary, the insertion of human rights principles and standards into these areas by the European Parliament and Commission would help to level the playing field between developed and developing nations in international trade relations; spur innovation and support small business; promote grassroots culture; and enhance human rights to expression and knowledge for people across the world.
As we shall see in Chapter 2, below, no such principles and standards have been explicitly inserted into the final ACTA text; indeed, the European Commission says that no such inclusion is needed.
Civil society criticism:
As is already indicated in the above quote from the 2009-10 study, civil society groups (including European Digital Rights and its constituent organisations, as well as EFF, LABtoLAB and FFII) and academics pointed out a series of deficiencies in the ACTA process and outcomes. Here, it may suffice to simply list the main criticisms of the Agreement, in terms of process and substance, and to provide some wider context:6
On the ACTA process:
- Civil society have expressed serious concern about the fact that the Agreement was negotiated outside the normal institutional frameworks, in particular WIPO and WTO - and in Europe, with minimal and belated input from the European Parliament - with the apparent aim of creating a legal IPR (enforcement) regime amenable to the major capitalist countries and their industries, without involving the “BRICs” (Brazil, Russia, India and China, the countries accused of being the main producers of counterfeit goods), which could then be effectively imposed on the rest of the world (including the BRICs countries) through economic and political pressure;
- They criticised the excessive secrecy surrounding the negotiations - at least towards possible critics, with NGOs being denied access to draft texts under both the U.S. FOI Act and EU access to information rules, on the basis that that would endanger “national security” (USA) or “might affect relations” with the other parties (EU), while negotiating drafts were being provided to “the major copyright moguls, such as Google, eBay, Dell, Intel, Business Software Alliance, Rupert Murdoch's News Corporation, Sony Pictures, Time Warner, the Motion Picture Association of America, and Verizon”;7 and
- The claim that the process breaches EU procedural law, e.g., that the Presidency of the Council, rather than the Commission, negotiated the contentious criminal-legal provisions in ACTA, contrary to EU law.8
On the substance of ACTA:
- Civil society groups claim that ACTA “export[s] one half of the complex U.S. legal regime” on IPR (the strict half), but without the “accompanying exceptions and limitations” - i.e., in particular, without the “fair use” and “fair comment” exceptions that until now have also been part of the law in the USA - with the double result that “other countries” (including the EU ones) “[will be required] to adopt lopsided laws with strengthened exclusive rights”, while the flexible exceptions and limitations in current U.S. regime are undermined (and not included in the laws of the other countries);9
- They say that ACTA requires the criminalisation of activities that used to - and, it is argued, should continue to be - addressed first and foremost under the civil law (droit de caractère civil, Zivilrecht), including unauthorised distribution, or even just use, of copyright-protected work, including unauthorised software, without appropriate “fair use”, “fair comment”, de minimis- or public-interest exceptions; and that as a result:
- ordinary companies and individuals could be criminalised for innocent activities or trivial breaches of copyright, or for technical breaches that serve a wider, overriding public interest (as in whistleblowing), without an appropriate defence;
- “the global flow of information [will be restricted] by regulating, and. potentially criminalizing, the next generation of innovative network technologies” and especially new, collaborative online research activities, such as LABtoLAB and Wikipedia;10 and
- indiscriminate and disproportionate draconian measures could be applied, without due process, to trivial or justified IPR infringements, including a “three-strike” rule; intrusive searches of laptops and mobile phones, especially at (or just beyond) borders, and the confiscation of such devices; and website blocking; and
- They claim that ACTA would restrict access to “generic” medicines in developing countries.11
Overall, it has been said that ACTA “vigorously” seeks “to enforce [in an online world] the old ‘offline tailored’ models of regulation and related out-dated business models”, rather than trying “to adapt the intellectual property law to the digital environment”.12 This echoes the concern expressed in the European Parliament Study Information And Communication Technologies And Human Rights, referred to earlier, that ACTA conflates online file sharing with trading in counterfeit goods, and over-emphasises enforcement, and especially criminal law enforcement, of IPR, rather than looking for alternatives that are better-suited to the new, global digital environment.
On the wider context: “privatisation” of the law:
The criticisms of ACTA by civil society should be seen in a wider context of NGO concerns about what they perceive as an abandoning of a “rule of law” approach by the EU (in particular, by the European Commission and the Council) in relation to regulation of the Internet. More specifically, they are concerned that increasingly, the enforcement of some laws that directly impact on individual fundamental or consumer rights is left to, or even explicitly handed over to, private entities. To again quote EDRi:13
Most western democracies either actively or passively recognise that they are based on the "rule of law" and protection of fundamental rights is normally provided within this framework.
In the EU, for example, the rule of law is affirmed four times in the Treaty on European Union. It is "confirmed" in the preamble of the Treaty and restated in Article 6. The EU also places an obligation on itself to contribute to the objective of consolidating "democracy and the rule of law" in its development policy (Article 177) and common foreign and security policy (Article 11). Furthermore, the European Convention on Fundamental Rights and the Charter of Fundamental Rights place obligations on EU Member States and on the Commission (ratification of the ECHR is pending) that restrictions to freedoms must be based on law. The 2003 Interinstitutional Agreement on better lawmaking which was agreed between the Commission, Parliament and Council further requires in Article 17 that self-regulation must respect criteria of representativeness of the parties involved and "will not be applicable where fundamental rights or important political options are at stake".
All of these obligations have not prevented the European Commission from:
- Launching a "dialogue" with industry on file-sharing, which included proposals from the European Commission on "voluntary" mass filtering of networks by ISPs;
- Launching a "dialogue" with industry on "voluntary" deletion of websites accused of containing unlawful material (unless the Internet provider is convinced the site is legal);
- Launching a dialogue on punishments to be meted out by online trading platforms against traders accused of counterfeiting;
- Launching a funding proposal for "self-regulatory" blocking of websites accused of containing illegal content;
- Launching a dialogue with the US Federal Bureau of Investigations on "voluntary" deletion of websites and removal of IP address from ISPs abroad;
- Promoting a reduction in privacy in favour of intellectual property rights, in the Commission Communication on enforcement of intellectual property rights;
- Agreeing on a global filtering of mobile Internet access with European GSM Operators, in the absence of an identified problem and, in the three years since the agreement was reached, any assessment of its impact;
- Agreeing on a text in the EU/Korea Free Trade Agreement which risks removing core aspects of ISP liability safe harbours, increasing the likelihood of ISPs feeling the need to take pre-emptive punitive measures against consumers suspected of illegal activity;
- Financially supporting an initiative to block funding to websites accused of illegal activity (the model used by Mastercard to block funding to Wikileaks and by Visa to block funding to websites accused of facilitating copyright infringement).
In addition, there are other projects elsewhere in the world and globally, such as the US-led "trans-pacific partnership" and the OECD project on the role of ISPs in achieving public policy objectives.
The issue of “privatisation” of the enforcement of legal rules is also noted as a serious concern and threat to fundamental rights in a soon-to-be-published “Issue Paper” of the Council of Europe Commissioner for Human Rights on Social Media & Human Rights14 (written for the Commissioner by the authors of the present Opinion), which includes the following recommendation on “The rule of law and due process: guaranteeing compliance”:
To the extent that entities of the private sector impose or give effect to restrictions on the [fundamental freedoms to communicate, express views or organise], they should be subject to [the same conditions as apply to entities of the public sector], possibly through [a new international instrument] – and pending that, by their State of establishment taking responsibility for their actions, and through enforceable “third party beneficiary” clauses in relevant contracts, etc.
The restrictions in question include, in particular, the need for such restrictions to be based on clear, specific and accessible (i.e., published) rules that do not grant the bodies in question excessive discretion and require them to give reasoned rulings that are subject to strict judicial supervision, in proceedings that conform to the “fair trial” requirements of the European Convention on Human Rights (ECHR) and to which civil society groups have real and effective access, e.g., in the form of class actions, without fear of, e.g., punitive financial risk. The restrictions themselves must, moreover, also in substance comply with the standards on limitations imposed by the ECHR, as further developed by the European Court of Human Rights (necessity, proportionality, etc.), and as also usefully further clarified by the UN Special Rapporteur on Freedom of Expression and the UN Human Rights Council.
We will return to these issues in Chapter 2 of this Opinion.
EU Academic assessment:
In January 2011, a large number of leading EU academics, experts in the fields of IPR and EU law, published a critical assessment of the final text of ACTA.15 The full text of this EU academics’ Opinion is attached as Attachment 3. It may therefore here suffice to (somewhat freely) paraphrase the broad critisisms of ACTA and note a number of selected points of particular relevance to the present Opinion.
The main, overall criticisms of the academics chime with the criticisms of civil society: that the Agreement was negotiated in secret, between some States keen to strengthen IPR, and could put other States under pressure to adopt the stricter, unflexible regime of ACTA, without having had input in its drafting; that the Agreement overall significantly strengthens enforcement measures (especially criminal law ones), without any of the safeguards and exceptions needed to ensure a balance of interests between right holders and parties; that certain provisions that have a direct impact on fundamental rights have been couched in excessively vague terms; and that the optional (“may”) clauses in the Agreement in effect incite States to adopt the very far-reaching and highly-criticised measures mentioned in them, rather than dropping them from the States’ arsenal of measures altogether. They add that in several respects the Agreement exceeds the current EU acquis, and that the Commission was not fully correct in its statements to the European Parliament.
More specifically, the academics criticise the following aspects of the Agreement that touch on fundamental rights (as further discussed in the main section of the present Opinion):
- the emphasis on the awarding of almost-automatic injunctive relief in civil cases, rather than allowing for lesser, alternative measures as under current EC law;
- the stipulation of criteria for the determination of compensatory damages that significantly benefit right holders to the detriment of other parties, again different from current law;
- a focus on the outright destruction of materials that infringe IPR, or that contain IPR-infringing elements, without any test of proportionality, and without any protection of non-infringing parties, once again unlike the current system;
- the provision of provisional measures inaudita altera parta (without all affected parties being heard), without the counter-balancing safeguards and guarantees that can be found in current EC law;
- the extension of the permissibility of border measures from “counterfeit goods” to goods that infringe any IPR, once again different from the current regime;
- the criminalisation of ill-defined acts, and in particular of IPR infringements on a “commercial scale”, with the latter being defined extremely vaguely as “includ[ing] at least” those carried out as “commercial activities for direct or indirect economic or commercial advantage”; and of the wilful importation and domestic use on a commercial scale of goods infringing trademark rights; and the encouragement (through “may” clauses) of the creation of even wider offences, with even less restrictions;
- the criminalisation of any circumvention of “technological measures” (read: digital rights management systems, DRMs) and of any preparatory acts to this effect, as well as of the offering of devices or products (hardware) or computer programs (software) or services that provide a means of such circumvention, including of technological measures that have dual (both legal and illegal) functions, again without clear exceptions or limitations;
- failure to provide any of the safeguards needed to ensure a balance of interests between the parties and to guarantee due process in the enforcement of these criminal-legal measures;
- an extremely wide-ranging provision allowing the ordering of disclosure of personal information on “any person involved in any aspect of [an IPR] infringement or alleged infringement and regarding the means of production or the channels of distribution of the infringing or allegedly infringing goods or services, including the identification of third persons alleged to be involved in the production and distribution of such goods or services and of their channels of distribution;” subject only to a very vague reference to this being “without prejudice to its law governing privilege, the protection of confidentiality of information sources, or the processing of personal data”;
- a similarly broad provision allowing (but clearly also encouraging) States to give their national authorities the power “to order an online service provider to disclose expeditiously to a right holder information sufficient to identify a [read: any] subscriber whose account was allegedly used for infringement”, subject again to the vaguest of stipulations that “[t]hese procedures shall be implemented in a manner that avoids the creation of barriers to legitimate activity, including electronic commerce, and [that], consistent with that Party’s law, preserves fundamental principles such as freedom of expression, fair process, and privacy”;
absence of any provision allowing for the compensation of anyone
suffering damage as a result of wrongful detentions (seizures) of goods;
the provision to right holders of an option to provide securities,
without extending this to owners or importers; and the absence of clear
limits on the duration of any detention of goods.
Responses from the EU authorities
In response to the above criticisms, in March this year, the European Commission held a meeting with representatives of non-governmental organisations, as part of its “DG Trade Civil Society Dialogue”. According to the minutes,16 the Commission representatives said that:
“the Commission takes fundamental rights seriously and answered to every concern on this issue. ACTA will have no negative impact on fundamental rights, since it is not directly applicable and it does not go further than the EU enforcement rules, which have existed since 2004 without raising any concern of this kind.” (Martins, p. 2)
For the same reasons, there was “no justification for a [human rights] impact assessment on ACTA” (idem, p. 3, with reference to statements by Commissioner de Gucht).
In relation to the EU academics’ criticisms, they added in similar vein that, in their view:
“many criticisms [were] related to the non-repetition of existing rules from the TRIPS, the EU legislation, constitutional principles, etc, which remain applicable, since the ACTA Treaty is not rewriting the law but is inserted into an existing legal framework.” (Martins, p. 3)
Moreover, according to the Commission representatives in a core passage:
“ACTA is neutral on substantive protection of IPR and only addresses enforcement matters. Exceptions and derogations consist in lawful uses and not infringements to IPR. They can hence not be affected by the agreement. Moreover, the language contained in ACTA already safeguards existing exceptions and ensures the necessary flexibility.” (Martins/Lory, p. 4)
Furthermore, they said, the allegation that the “Criminal enforcement chapter” required criminal law harmonisation at EU level was “unfounded”. In support, however, they merely said that:
“This chapter was negotiated by the rotating EU Presidency on behalf of the Member States, and on the basis of negotiating positions unanimously agreed. National authorities examined in detail the negotiated provisions to ensure compliance with their national laws.” (Martins, p. 2)
On the more specific criticism of the vague concept of “commercial scale”, the Commission representatives merely said that the text on that concept:
“is the result of a negotiation by the Member States, which adopted it unanimously and ensured the compatibility with their national legislations. As far as the Commission is aware, there are no issues of incompatibility between national legislations and the definition agreed in ACTA.” (Martins, p. 4)
The alternative concept of “criminal intent” had been included in an Opinion of the EP on a piece of legislation that had not been adopted; the views of Parliament in that Opinion were therefore not legally binding (idem).
Finally, on the reported “three strikes” measures and other measures restricting access to the Internet, the Commission representatives said that:
“It is important to clarify that no such rules were ever proposed by any of the parties involved in the ACTA negotiations. On the other hand, ACTA introduces some common rules as regards internet, which are still below the level of the EU legislation while striking a balance between the rights of internet users (freedom of expression, right to privacy) and their obligations (respect the same law that applies to them in the physical world).” (Martins, p. 2)
European Parliament second study
In addition to the above, rather superficial discourse, the European Parliament’s Directorate-General for External Policies’ Policy Department most recently (in June 2011), published an assessment of ACTA.17
The Abstract on page 1 notes the EP’s concerns “regarding the non-transparent way [ACTA] was negotiated and whether it meets to aims agreed by the European Parliament and Commission that it would be compatible with the existing acquis communautaire and the World Trade Organisation’s Trade Related intellectual Property rights (TRIPs) Agreement” - but not the concerns about the Agreement’s compatibility with fundamental rights. These concerns are briefly noted in the Executive Summary:
Substantive areas of concern covered a range of issues including: the potential negative effect of ACTA on fundamental human freedoms and privacy; the possibility of requiring cut off of internet access to consumers that infringe the agreement; imposing liability on internet service providers that carry content that infringes the agreement; the potential negative effect of ACTA on access to medicines in Europe and in third countries. (p. 6)
However, they are effectively dismissed as having been resolved:
Many of the substantive issues that raised concerns in the early position papers have been addressed or are entirely absent from the final agreed text. (pp. 6 – 7)
The “two key questions” addressed in the study - conformity with the EU acquis, and conformity with existing international IPR obligations - therefore do not include any serious examination of the human rights implications of the final text, even though the study does note that:
The provisions of ACTA fall within the sphere of a number of sensitive areas of EU law, including fundamental rights recognised in the EU, such as the right to fair and due process, the right of information, freedom of speech, the protection of privacy and data protection rules. (p. 24)
even though the study also claims to have assessed ACTA by reference to (inter alia) the main Data Protection Directive (Directive 95/46/EC) (second indent on p. 25).
The EP study on Information And Communication Technologies And Human Rights, discussed earlier,18 is neither mentioned in the text nor listed in the otherwise quite extensive bibliography.
Consequently, in the body of the 75-page report, there is just one, short (less than half a page) specific section on “civil liberties”, in the chapter with “Sector Specific Analysis” (Chapter 7). This section reads as follows:
The most controversial enforcement proposals contained in earlier draft versions of ACTA have been abandoned or narrowed down.19 There are no ‘three strikes’ rules in relation to illegal downloading, no liability for internet service providers (ISPs) other than for direct infringement. Some issues still remain, especially in Section 5, the digital chapter of ACTA. The disclosure of subscriber’s information regime, Article 27.4 ACTA, is applicable to infringing, and non-infringing intermediaries. As such it is broader than the TRIPS norm contained in Article 47 TRIPS, which imposes such a regime on infringing intermediaries only. ACTA contains an express qualification that enforcement proceedings in relation to infringement of copyright or related rights over digital networks, as well as any legitimate request for subscriber information in relation to accounts allegedly used for infringement be subject to safeguards.20 The mechanisms to ensure that these rights are maintained have, however, to be found outside of ACTA.21 The provisions on legal protection against the circumvention of effective technological protection measures are covered in Chapter 5 and lie within the standards established by the Information Society Directive. There are no changes with respect to the EU’s civil liberties and privacy standards. (p. 60)
Some other issues are noted in sub-sections to the section on Access to Medicine, section 7.2; they deal with injunctions, border measures, and criminal enforcement.22 However, they do not address the question of the compatibility of these measures with European human rights law.
Chapter 4, section 2, of the study contains a discussion of ACTA provisions which, the General Overview and Introduction promises, “provides a basis for the sectoral examinations of” (inter alia) the civil liberties assessment set out above. However, contrary to what it says there (in section 2.3, on p. 11), this analysis is not article-by-article, but rather, discusses groups of articles, often omitting central issues of human rights, as we shall see.23
It may therefore here suffice to note just a few broad remarks in the study that are relevant to our Opinion. First of all, as it is put in the Executive Summary:
[ACTA] enables a degree of protection that appears to go beyond the limits established in [current] EU law. The primary area of concern is that of border measures, especially the expansion of the scope of such measures to all other forms of intellectual property, except for patents. Other areas that need clarification include: whether the criteria for damages in ACTA (i.e., the value of the goods or services concerned measured by market or retail price) fully match the criterion of “appropriateness of the damage to the actual prejudice suffered” envisaged in the IPR Enforcement Directive.
In addition, there are concerns that the criminal measures do not fully reflect the conditions set by the European Parliament, in its position of 25 April 2007 on the IPRED2 proposal from the Commission. ACTA extends criminal measures [to activities that result in]24 indirect commercial benefit, which may contradict the Parliaments position that acts ‘carried out by private users for personal and not-for- profit purposes’ were to be excluded from the scope of the IPRED2.
(p. 7, references omitted)
Secondly, the study concludes on the issue of data protection, as follows:
ACTA’s Chapters III (on Enforcement practices) and IV (on International Cooperation) could be relevant to the EU data protection rules inasmuch as they could entail the exchange of personal data between Parties’ authorities and/or private organisations. The relevant provisions in ACTA do not appear to impose on the EU and EU Member States an obligation to exchange personal data with other Parties’ authorities or stakeholders. In addition, Article 4 of ACTA expressly states, inter alia, that ACTA shall not require a Party to disclose information the disclosure of which would be contrary to its law, and provides for safeguards that apply to the information shared pursuant to the provisions of the Agreement.
However, given the relatively broad formulation of ACTA’s provisions on information sharing and cooperation, their real impact on EU data protection rules will most likely depend on how cooperation between Parties will be implemented. In this respect, reference may be made to the “Opinion of the European Data Protection Supervisor” advising on the safeguards that should apply to data transfers made in the context of ACTA.
(section 4.2.7, on p. 31, references omitted)
The study does not appear to have examined the question of compulsory disclosure of personal information, and the accompanying surveillance measures envisaged in ACTA, which were at the heart of the EDPS’ criticisms. (We will look at the EDPS opinion separately, below.)
Third, the following may be noted on some selected issues also addressed by the EU academics (emphases in bold and italics added):
Injunctions –Article 8.1 ACTA expands the application on injunctions under Article 44.1 TRIPS beyond alleged infringers to include third parties. Article 8.2 is generally identical to Article 44.2 TRIPS, but fails to specify as Article 44.2 does that it applies to remuneration under compulsory licensing under Article 31(k) TRIPS. This difference seems negligible but it is unclear why different language was chosen, appearing to make the application of the provision broader than Article 31(k).
Damages – Where Article 9 ACTA expands the scope of the bases for calculating damages, this may be characterised as an expansion of the TRIPS minimum. Article 45.2 TRIPS may be interpreted as placing a ceiling on the extent to which an innocent infringer may be ordered to pay costs or pre-established damages. However, parties are permitted to extend payments to an innocent infringer. Article 9 ACTA appears to exclude innocent infringers from the scope of the provisions on damages, while extending the scope of damages available against knowing infringers. This is not in conflict with the TRIPS provision.
Other remedies – nothing in Article 10 ACTA is out of conformity with the TRIPS Agreement. The provision is very similar to Article 46 TRIPS, except that it provides for the carrying out of procedures at the expense of the infringer. [ACTA] also does not reiterate the mandatory TRIPS safeguard that authorities must take into account the need for proportionality and the seriousness of the infringement in deciding whether or not to order the destruction of infringing goods.
ACTA’s articles on provisional measures are largely consistent with the TRIPS Agreement. Article 12.1 ACTA and Article 50.1 TRIPS are virtually identical. [However,] ACTA differs in that, unlike Articles 50.3 – 50.8 TRIPS, it contains no provisions safeguarding the rights of defendants in such procedures, such as strict time limits on the effect of provisional measures. Instead, ACTA extends the scope of materials that may be seized beyond just the infringing goods.
The border measures section in the agreements [TRIPS and ACTA] is quite similar. However, ACTA expands the application of these beyond counterfeit trademark goods and pirated copyright goods (but not to patents). Article 51 TRIPS explicitly allows for such extensions, subject to the requirement that they meet the standards and safeguards in Articles 52 – 58 TRIPS.
Article 61 TRIPS permits states to provide for criminal procedures and places no limits on how stringent these may be. The provisions in ACTA remain well within the language of Article 61 TRIPS. Where there remains some controversy is the definition of “commercial scale” adopted in Article 23.1 ACTA, which would apply criminal procedures to activities undertaken for indirect economic advantage. The 2009 WTO Panel decision in China – Measures Affecting the Protection and Enforcement of Intellectual Property Rights stated that the threshold for criminal enforcement covering activities on a commercial scale is set at: ‘counterfeiting or piracy carried on at the magnitude or extent of typical or usual commercial activity with respect to a given product in a given market’. The ACTA norm of ‘indirect economic or commercial advantage’ focuses on the intent of the alleged counterfeiter or pirate, rather than on assessment of the adverse effects on the market, and merely seems to further elaborate the term ‘wilful’. It must therefore be considered that ACTA is not in line with the WTO Panel decision.
(Section 4.1.2, on pp
In the light of these assessments (emphasised above), we find it surprising that the authors of the study felt that they could conclude that “the letter of the agreement is not incompatible with the Acquis” or TRIPS. However, even they concluded that:
there are no guarantees that its implementation will be [compatible]. The Parliament may therefore wish to consider a need for a clarification of and guidance on how ACTA will be implemented especially the border and criminal enforcement measures as well as the in-transit procedures. (p. 8)
The EDPS Opinion
The EDPS Opinion was issued in June 2010, i.e., it dealt with an earlier version of ACTA.25 It focussed on the “three-strike”-rule which was then much discussed, but which has since (according to the Commission and Council) been abandoned. Indeed, as we have seen earlier, they claim that “no such rules were ever proposed by any of the parties involved in the ACTA negotiations.”
We will examine that specific question later. Here, we should note that in spite of this focus on “three strikes”, the EDPS Opinion also contains many useful wider comments. In particular, he warns of “a slippery slope towards legitimising even more massive surveillance of Internet users’ activities”, also and in particular by or on behalf of private-sector entities, and repeatedly stresses the requirement, under both the ECHR and the Charter of Fundamental Rights (and indeed under the data protection directives) that any such monitoring, and any data disclosures, be “necessary” and “proportionate” in a democratic society. He also notes important issues in relation to international data exchanges between States.
“Necessity” and “Proportionality”
In his view, two matters in particular have a bearing on this question of “necessity” and “proportionality”: the scale and depth of any monitoring or surveillence of Internet use, and of Internet users, and of any disclosures of user data; and the scale of the IPR infringements against which this is directed. He also stresses a third, procedural matter, again derived from the ECHR and the Charter.
In relation to the first substantive matter, he notes the following important factors (which are not restricted to a “three strikes” context):
- the (unnoticed) monitoring would affect millions of individuals and all users, irrespective of whether they are under suspicion;
- the monitoring would entail the systematic recording of data, some of which may cause people to be brought to civil or even criminal courts; furthermore, some of the information collected would therefore qualify as sensitive data under Article 8 of Directive 95/46/EC which requires stronger safeguards;
- the monitoring is likely to trigger many cases of false positives. Copyright infringement is not a straight ‘yes’ or ‘no’ question. Often Courts have to examine a very significant quantity of technical and legal detail over dozens of pages in order to determine whether there is an infringement:[fn]
[fn] Courts may have to assess whether the material is indeed copyright protected, which rights have been infringed, if the use can be considered as a case of fair use, the applicable law, the damages, etc.
- the fact that the entity making the assessment and taking the decision will typically be a private entity (i.e. the copyright holders or the ISP). The EDPS already stated in a previous opinion his concerns regarding the monitoring of individuals by the private sector (e.g. ISPs or copyright holders), in areas that are in principle under the competence of law enforcement authorities.
(para. 32. The detail under point (iii) is taken from a footnote to this point in the Opinion. Point (iv) deals with the disproportionality of the effects of a “three-strike” rule, and is therefore not of wider application, as the other points are.)
The second matter, the scale of infringement that could make intrusive measures proportionate, is, in the EDPS’ view, properly linked to the first in the IPRE Directive:
The purpose of enforcing intellectual property rights can also be achieved by the monitoring of only a limited number of individuals suspected of engaging in non- trivial copyright infringement. The IPRE Directive provides some guidance in that respect. It sets forth the conditions under which authorities may order that personal data held by Internet access providers be disclosed for the purposes of enforcing intellectual property rights. Article 8 provides that ISPs may be ordered by competent judicial authorities to provide personal information that they hold about alleged infringers (e.g. information on the origin and distribution networks of the goods or services which infringe an intellectual property right) in response to a justified and proportionate request in cases of infringements on a ‘commercial scale’.
Accordingly, the ‘commercial scale’ criterion is decisive. Pursuant to this criterion, monitoring may be proportionate in the context of limited, specific, ad hoc situations where well-grounded suspicions of copyright abuse on a commercial scale exist. This criterion could encompass situations of clear copyright abuse by private individuals with the aim of obtaining direct or indirect economic commercial benefits.
In practice, to make the above effective, copyright holders might engage in targeted monitoring of certain IP addresses in order to verify the scale of the copyright violation. This would mean that copyright holders would also be allowed to keep track of reports alleging infringement for the same purposes. Such information should only be used after having verified the significance of the infringement. For example, clear cases of major infringements as well as non-significant yet continuous infringements, over a certain period of time, for the purpose of commercial advantage or financial gain. ....
This would mean that in such cases, the collection of information for the purposes of demonstrating alleged Internet abuse may be deemed proportionate and necessary for the purposes of preparing legal proceedings, including litigation.
(Paras. 43 – 46, emphases added)
Conversely, indiscriminate or widespread monitoring of Internet users (and disclosures of their IP addresses - that is: of their personal information), in relation to trivial, small-scale, not for gain infringements of IPR, would be disproportionate, and thus in violation of Article 8 ECHR, Articles 7 and 8 of the Charter of Fundamental Rights, and of the Data Protection Directives.
In addition, as the above already shows, the EDPS stresses the need for judicial (court-based) investigatory and sanction systems, such as are included in the only recently implemented IPRE Directive:
... since the IPRE Directive has only been in force for two years, it is difficult to understand why legislators would move from the criteria embodied in this Directive to more intrusive methods when the EU is just beginning to test those recently adopted. For the same reason it is also difficult to understand the need for replacing the current court based system by other type of measures (in addition to raising questions of due process, which are not addressed here). (para. 49)
This too is a wider issue, directly related to the European human rights instruments (as we will discuss further in Chapter 2).
The EDPS also points out, “as an additional guarantee”, the need, under the main EC Data Protection Directive, for the carrying out of “prior checks” by the relevant national data protection authorities on any proposed IPR-infringement Internet monitoring, because:
the fact that the data processing operations would present specific risks to the rights and freedoms of individuals in the light of their purposes, i.e. carrying out enforcement actions which could eventually be criminal and in the light of the sensitive nature of the data collected. The fact that the processing involves monitoring of electronic communications is an additional factor that calls for enhanced supervision. (para. 47)
International data exchanges
In his Opinion on the then (June 2010) available draft text of ACTA, the EDPS wrote that:
In view of the information available, it can be foreseen that a number of the measures planned for ensuring enforcement of intellectual property rights will involve international sharing of information about alleged IPR infringements amongst public authorities (such as custom authorities, police and justice) but also between public and private actors (such as ISPs and IP right-holders organ- isations). Such data transfers raise a number of issues from a data protection viewpoint. (para. 64)
At the time:
In the current state of the negotiations’ process in which a number of concrete data processing elements remain either undefined or unknown, it is impossible to verify whether the proposed framework of measures is in accordance with fundamental data protection principles and EU data protection law. (para. 65)
However, the EDPS still made a number of important comments, clarifying the kinds of matters that should be taken into account in such a future verification. In Chapter 2, section 5, we will attempt to provide such a check.
Human rights clause
Finally, the EDPS supports his approach by a reference to the so-called “138 Amendment” to Directive 2009/140/EC, which spells out the basic human rights requirements applicable to the electronic communications framework in the EU. We quote this amendment in full on pp. 19 – 20, below.
ACTA, THE EUROPEAN CONVENTION ON HUMAN RIGHTS AND THE EU CHARTER OF FUNDAMENTAL RIGHTS
- The issues addressed in this Opinion
The main overall criticisms of ACTA remain that (to paraphrase the EP study on Information And Communication Technologies And Human Rights) the Agreement gives disproportionate protection to the IPR and competitive interests (some would say, the global market domination) of big business; fails to level the playing field between developed and developing nations in international trade relations; hampers innovation (especially by SMEs); fails to promote grassroots culture; and could impede the dissemination of knowledge for people across the world.
However, that study, the EU academics, and the EDPS also expressed concern about the specific effects of ACTA on the right to information and education, freedom of expression, the right to privacy and protection of personal data, and the right to a fair trial and due process.26
In that regard, the study called for the inclusion in ACTA of a provision setting out the need to apply the Agreement in accordance with European (and international) human rights standards and principles.
The EDPS in fact pointed to precisely such a provision, included in another major recent EC instrument. This is the so-called “138 Amendment”, made to the 2002/21/EC Directive on a common regulatory framework for electronic communications networks and services27 by means of Directive 2009/140/EC.28 It constitutes a new paragraph (3a) in Article 1 of Directive 2002/21/EC, and reads as follows:
Measures taken by Member States regarding end-users access’ to, or use of, services and applications through electronic communications networks shall respect the fundamental rights and freedoms of natural persons, as guaranteed by the European Convention for the Protection of Human Rights and Fundamental Freedoms and general principles of Community law.
Any of these measures regarding end-users’ access to, or use of, services and applications through electronic communications networks liable to restrict those fundamental rights or freedoms may only be imposed if they are appropriate, proportionate and necessary within a democratic society, and their implementation shall be subject to adequate procedural safeguards in conformity with the European Convention for the Protection of Human Rights and Fundamental Freedoms and with general principles of Community law, including effective judicial protection and due process. Accordingly, these measures may only be taken with due respect for the principle of the presumption of innocence and the right to privacy. A prior, fair and impartial procedure shall be guaranteed, including the right to be heard of the person or persons concerned, subject to the need for appropriate conditions and procedural arrangements in duly substantiated cases of urgency in conformity with the European Convention for the Protection of Human Rights and Fundamental Freedoms. The right to effective and timely judicial review shall be guaranteed.
(Article 1(1)(b) of Directive 2009/140/EC, inserting a new paragraph (3a) into Article 1 of Directive 2002/21/EC, emphasis added)
ACTA touches on precisely these same rights and issues. However, in spite of the calls for this, it contains no such provision because, as we have seen, the European Commission felt that it was “not needed”.
This Opinion does not address the broad issues of international public policy underpinning the broad sweep of the overall criticisms cited at the beginning of this section. Rather, it addresses the specific issues that ACTA raises in terms of the European Convention on Human Rights, the EU Charter of Fundamental Rights, and the EC data protection directives, as indicated in the above “138 Amendment” quoted above, i.e.:
- The right to property (Article 1 First Protocol to the ECHR; Article 17 CFR);
- The right to freedom of expression and information (Article 10 ECHR; Article 11 CFR), also in relation to artistic expression and scientific research (Article 13 CFR);
- The right to respect for private and family life, home and correspondence/communication, and to the protection of one’s personal data (Article 8 ECHR; Articles 7 & 8 CFR; Directives 95/46/EC and 2002/58/EC);
- The right to an effective remedy and a fair trial (Articles 6 & 13 ECHR; Article 47 CFR); and
- The complex relationships between these rights, in particular between the first and second, and between the third and fourth of the above.
In this, we examine the issues at four levels, i.e.:
- whether any of the provisions of ACTA, on their face, anywhere specifically require States that want to implement it to adopt measures that would breach any of these instruments;
- whether any of those provisions are phrased in ways that are ambiguous in this respect, and require further unambiguous clarification to avoid such violations;
- whether any of those provisions encourage (or in the words of the EU academics, “incite”) such States to adopt such measures; as well as:
implications of the latter kinds of measures in particular, especially
when it comes to international cooperation between EU- and non-EU States
(e.g., in relation to the provision of personal information).
- ACTA and the right to property
The inclusion of a right to property in modern catalogues of fundamental rights was not uncontentious, even though it was included in the “grandmother” and “mother” of modern human rights treaties, the 1789 French Declaration of the Rights of Man and of the Citizen (see Article II of the Declaration) and the 1948 UN Universal Declaration of Human Rights (Article 17). Because of reluctance on the part of socialist-leaning post-WWII governments in some countries to include it in the European Convention on Human Rights, it was placed in a “Optional Protocol” to the Convention (in the form of Article 1 First Protocol [hereafter FP]), and phrased in much less protective terms than the main rights in the body of the Convention.29
Even so, the right to property, and to “the peaceful enjoyment of one’s possessions”, is now effectively regarded as an integral part of the Convention,30 and all Member States of the Council of Europe (and thus also all EU/EEA Member States) have signed up to it. The European Court of Human Rights interprets the concept broadly, and gives property rights largely similar protection to the other Convention rights.
Intellectual property rights are undoubtedly included in the concepts of “property” and “possessions”. For the purpose of EU law, this is in fact expressly (and rather unnecessarily) confirmed in Article 17(2) of the Charter of Fundamental Rights (CFR).
However, this of course also applies to the owners and users of devices and software: their PCs and laptops and mobile devices are “properties”, as are any software installed or held on them (or held in the “Cloud”), be this in the form of programs, text, music, audio or videofiles. Those are no less protected in principle.
When it comes to determining whether an interference with a property right is justified, the Strasbourg Court applies a “fair balance” test that is quite similar to the “necessity” and “proportionality” tests applied under the “typical” Convention articles (including Articles 8 and 10, discussed later).31 The wording of Article 17 CFR is closer to the wording of the “typical” Convention articles and their corresponding provisions in the Charter (“the use of property may be regulated by law in so far as is necessary for the general interest”), but in practice the ECHR and EU approaches in respect of property-as-a-fundamental-right are as good as the same. Specifically, in their assessments of this “fair balance”, both rely very heavily on procedural guarantees: there must be a proper avenue of appeal from any decision of a national authority to interfere with someone’s property rights, and the right kind of considerations must be taken into account in such proceedings. We will return to this in our discussion of the “fair trial” requirements relevant to ACTA, in section 2.6, below (because those requirements apply whenever a “property right” in the sense of Article 1 FP ECHR is being “determined”).
For the purpose of this Opinion, we should note that essentially all of the measures relating to (alleged or suspected) IPR infringements are aimed at protecting the property rights of IPR-rights-holders, but that those measures can also clearly affect (and seriously restrict) the property rights of users and consumers. The “fair balance” required by Article 1 FP and Article 17 CFR must therefore clearly take both into account: an instrument or measure that in some significant respect tilts the balance of protection manifestly unfairly in favour of one beneficiary of the right, and unfairly against others, or a procedure that fails to allow for the taking into account of the different, competing interests, but rather, stacks all the weight at one end, is incompatible with these fundamental European human rights instruments.
Moreover, in applying this “fair balance” test, the impact of the relevant instrument, procedure or measure on other rights must be taken into account. We shall now turn to the first of those, the right to freedom of expression and information, before returning to that issue.
- ACTA and the right to freedom of expression and information
The right to freedom of expression and information itself
The right to freedom of expression is, as such, expressed in the same words in Article 10(1), first sentence, of the ECHR and Article 11(1) of the CFR:
Everyone has the right to freedom of expression. This right shall include freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers.
(The ECHR adds a sentence relating to the licensing of broadcasting, but this is both largely redundant by now and irrelevant to the present Opinion).32
As the text of the right itself makes clear, it is in fact much wider than just a right to “express” oneself: in these European instruments, it includes the right “to hold opinions”33 and, what is more pertinent here, the right “to receive and impart information and ideas”. In fact, on this latter point, it also includes the right to “seek” information and ideas, and to have access to information and ideas.34
The UN Special Rapporteur on Freedom of Expression stresses that access to the Internet, and the absence of undue constraints on the freedom to seek, receive and impart information and ideas over the Internet, is an inherent - and in the digital age, crucial - part of the internationally-guaranteed right to freedom of expression. Overall, he places great emphasis on the need for proper, judicial procedures in relation to anything that affects the right to freedom of expression on the Internet, as contrasted with the arbitrariness he observes in many respects, including surveillance and monitoring of communications.35 These considerations are relevant also in relation to the ECHR and the CFR.
More generally, the European Court of Human Rights has consistently stressed that freedom of expression:36
constitutes one of the essential foundations of [a democratic society], one of the basic conditions for its progress and for the development of every man.
Broadly speaking, in terms of the ECHR, freedom of expression is much more central to a democratic society than is the protection of property. Of course, at one level, IPR supports freedom of expression: writers, artists and performers are entitled to due reward for their work, and companies to a return on their investment. But especially in the digital world, ordinary people - bloggers, tweeters, satirists, artists, and academic or political cooperatives of individuals - are at least as much, if not more, at the heart of the very societal progress and “development of every man” that the Court refers to.
Also important in this context is the obvious fact that restrictions on the freedom to disseminate information also make it impossible for the general public to find or obtain the information.37 This is of course especially relevant to information on matters of proper public concerns, such as murders of political activists, horrific side-effects of medicines, or illegal activities of the secret services.38 It has a bearing, e.g., on the release of secret or classified information on matters of public concern by organisations such as Wikileaks, or other activist groups: if the information is in the public interest, restrictions on its dissemination are very difficult to justify in terms of the European human rights instruments. In this respect, it is worth noting that the UN Special Rapporteur on Freedom of Expression stresses that:
as the Human Rights Council has also stated in its resolution 12/16, restrictions should never be applied, inter alia, to discussion of Government policies and political debate; reporting on human rights, Government activities and corruption in Government; engaging in election campaigns, peaceful demonstrations or political activities, including for peace or democracy; and expression of opinion and dissent, religion or belief, including by persons belonging to minorities or vulnerable groups. (para. 37)
To put this simply: both the right to property and the right to freely disseminate information are protected under the ECHR and the CFR, but they are not equally protected, especially as concerns information on matters of legitimate public interest, or as concerns literary or artistic expressions (such as satire or parody, or the “ripping” and mixing of of music). In a democratic society, there must be room for the dissemination of information on matters of public interest, and for parody and satire, and creative uses of exisiting information, without that being stifled by property interests, especially if the impact on those property rights is minor or trivial. Under the ECHR, States are not just undoubtedly entitled to limit IP rights in order to create scope for those expression rights, but indeed, failure to provide such scope - that is: failure to provide for what the Americans would call “fair use” and “fair comment” rights - and consequent disproportionate protection of IP rights over expression and information rights, would violate Article 10 ECHR and Article 11 CFR, in spite of Article 1 FP ECHR and Article 17(1) CFR, irrespective of the (basically redundant) Article 17(2) CFR.
The ACTA issues in relation to the right to freedom of expression and information
Three issues are consistently brought up by critics of ACTA that can usefully be discussed under the rubric of the right to freedom of expression and freedom of information:
- the alleged compulsory criminalisation of innocent or trivial acts of IPR infringement; and the claim that this could stifle free, informal data exchanges between individuals, including political and social activists (e.g., through blogs, tweets and social networking), and artistic or scientific collaborators (as in Wikipedia and LABtoLAB);
- the alleged threat of a shift of liability for IPR infringements to Internet Service Providers (ISPs) and the still-not-quite-allayed concerns about the imposition of “three-strike” rules, which would allow for the cutting off of alleged IPR violators from the Internet, without due process, and the related threat of the “privatisation” of the enforcement of the ACTA rules (and other rules); and
- quite draconian restrictions on the use of means to circumvent digital rights management restrictions.
We will look at each of these in turn.
Criminalisation of innocent or trivial IPR infringements
Civil society groups claim that ACTA, as currently drafted, criminalises ordinary companies and individuals:39
ACTA can be used to criminalise newspapers revealing a document, office workers forwarding a file and private downloaders. A whistle blower or weblog author revealing a document in the public interest, may easily be prosecutable, for instance if the webpage contains advertisements. Remixers and others sharing a file are included if there is an advantage. This advantage may be “indirect”.
This claim is based on ACTA Article 23.1 (and .4) and the clarification provided in a footnote to that article. The article reads as follows:
ARTICLE 23: CRIMINAL OFFENCES
- Each Party shall provide for criminal procedures and penalties to be applied at least in cases of wilful trademark counterfeiting or copyright or related rights piracy on a commercial scale.[fn] For the purposes of this Section, acts carried out on a commercial scale include at least those carried out as commercial activities for direct or indirect economic or commercial advantage.
- With respect to the offences specified in this Article for which a Party provides criminal procedures and penalties, that Party shall ensure that criminal liability for aiding and abetting is available under its law.
The footnote reads as follows:
[fn] Each Party shall treat wilful importation or exportation of counterfeit trademark goods or pirated copyright goods on a commercial scale as unlawful activities subject to criminal penalties under this Article. A Party may comply with its obligation relating to importation and exportation of counterfeit trademark goods or pirated copyright goods by providing for distribution, sale or offer for sale of such goods on a commercial scale as unlawful activities subject to criminal penalties.
As we have seen, the vagueness of the term “commercial scale” was a cause of concern for the EU academics and others. Particularly worrying is the apparent inclusion in this concept (“at least”) of any activities that confer some kind of “commercial advantage” on someone, either directly or indirectly, and the extension of the already rather borderless crime to even less-defined acts of “aiding and abetting”. FFII believes it covers a range of innocent or trivial activities:40
ACTA can be used to criminalise newspapers revealing a document, office workers forwarding a file and private downloaders. A whistle blower or weblog author revealing a document in the public interest, may easily be prosecutable, for instance if the webpage contains advertisements. Remixers and others sharing a file are included if there is an advantage. This advantage may be “indirect”, an element too unclear to incorporate in criminal law: it may be fulfilled by others. ACTA does not contain exceptions. ACTA is not limited to large scale activity, as claimed earlier by the Commission. There is no de minimis exception either.
For example an advertisement on a web page gives a commercial advantage. When someone downloads a song from the Internet without authorization, that person could be seen as having gained a commercial advantage by not paying for it.
What could be indirect economic or commercial advantage? Say you have a nice cd, make a copy for a friend. He then buys a cd and gives it to you. The non-infringing act of someone else fulfills the indirect advantage element, and makes you a criminal. This creates major legal uncertainty. You are already in the danger zone without advantage, since that condition may be fulfilled by someone else. Indirect advantages should never be an element of the crime, they are too unclear to incorporate in criminal law. It is a basic misconception to use a civil law definition for criminal law.
ACTA is not limited to unauthorised distribution. ACTA also includes unauthorised use of copyrighted works. At the WTO Council for TRIPS (October 2010), the US Trade Representative made clear ACTA also includes companies using unauthorised software.
ACTA’s criminal measures do not contain exceptions. ACTA removes the scale element from the definition of the crime. While in public the Commission mentions large scale criminal activities, in a secret document the Commission actually makes clear that the ACTA definition overturns the decision of the WTO dispute settlement panel in the recent China-Enforcement case.
If all of the above is true, it would indeed appear that Article 23.1 (and .4) of ACTA are disproportionate when applied to these kinds of innocent and/or trivial, not-really-commercial-as-it-is-normally-understood acts.
Is this scare-mongering? Will ACTA really be applied in this way? Must it be? Can it be? It is useful to try and clarify this here. The “secret” Commission document referred to in the final paragraph41 certainly suggests that the drafters intended the term “commercial scale” to lower the threshold set by the WTO panel in the case against China, of 500 fakes. It also points out that ACTA extends the criminal legal requirements of TRIPS by including “indirect” economic advantage, providing for ex officio criminal measures, and adding “aiding and abetting”.
However, that in itself does little to answer the question of whether ACTA’s criminal provisions violate the freedom of expression provisions in the ECHR and CFR. For that, we have to examine them at each of the four levels we mentioned at the end of section 2.1, above.
The first question is then whether ACTA requires States to adopt the lowered threshold, and the wider scope of the offences, in their domestic law. Here, there is an ambiguity, in that the Commission, in its dialogue with civil society, maintained that ACTA is “neutral” in this respect:42
DG TRADE (Pedro Velasco Martins) ... There is not yet an EU acquis in terms of penal sanctions for IPR infringements, but instead 27 national laws and this will not be modified by ACTA. (p. 3)
DG TRADE (Pedro Velasco Martins) and DG MARKT (Benoît Lory) recalled that ACTA is neutral on substantive protection of IPR and only addresses enforcement matters. Exceptions and derogations consist in lawful uses and not infringements to IPR. They can hence not be affected by the agreement. Moreover, the language contained in ACTA already safeguards existing exceptions and ensures the necessary flexibility. (p. 4)
If this is true, then individual States, when they implement ACTA, can retain (or even add) a de minimus rule to their current substantive IPR laws, and they could also add clarification on the scope of the IPR-infringing criminal acts defined in them.
In other words, if what the Commission said at that meeting is correct, States can choose to define a whole range of innocent and trivial acts that might technically infringe someone’s IPR as non-criminal - and then nothing in ACTA would apply to those.
The Commission view presumably relates to the following stipulation in Article 3(2) of ACTA:
This Agreement does not create any obligation on a Party to apply measures where a right in intellectual property is not protected under its laws and regulations.
This does indeed suggest that if a State creates an exemption from IPR protection in certain regards it does not have to apply the ACTA enforcement measures to those exempt (unprotected) areas. This raises the complicated, and rather distinct, questions (already touched on above) of when exemptions to IP rights to protect free speech are allowed, and when they might be required. In the USA, this is addressed under the so-called “fair use” and “fair comment” doctrines. In Europe, there is no generally-accepted corresponding single doctrine or set of doctrines,43 but as discussed earlier it is clear that when the unrestricted application of IP restrictions would disproportionally restrict freedom of expression, States have a duty under the ECHR to provide exemptions from them. For ease of speech, we will continue to refer to “fair use” and “fair comment” expressions as “shorthand” also for such ECHR-required exemptions. We note that, in fact, a preamble to the WTC too expressly recognises the need to strike a balance between the rights of authors and larger public interest, such as the general public’s interest to be informed of important matters.
However, ACTA nowhere recognises that under European human rights law “fair use” and “fair comment” exemptions to IPR are required to meet the requirements of the ECHR and the CFR, at least as far as matters of legitimate public interest and matters such as satire or parody of, or artistic use of IP-protected items are concerned.
Furthermore, the application of Article 3(2) ACTA is unclear with regard to de minimis rules: in our view, they constitute limitations on enforcement rather than on the substance of IPR, and in that case, they would not be caught by the exemption in Article 3(2).
We feel our concern in this regard is confirmed by the general tenor of the Agreement, and by the strong language of Article 23 itself (“Each Party shall provide” for the stipulated criminal offences).
In our opinion, Article 23 clearly suggests that States that sign up to ACTA must lower the criminal threshold for IPR infringements, and widen the scope of the criminal offences, and (in the absence of an express de minimis exception) does nothing to prevent the criminalisation of innocent and trivial acts that merely technically break the IPR rules.
If States read ACTA that way, and amend their current laws accordingly, that would be in violation of the “necessity” and “proportionality” requirements of Article 10(2) ECHR and Article 52(1) read together with Article 11 of the Charter of Fundamental Rights.
If this is not the way in which Article 23 is to be read, it is still the case that the article leaves this crucial matter unacceptably unclear: in our opinion, an explicit de minimis rule is the minimum that is required to bring Article 23 in accordance with the Convention and the Charter.
Furthermore, at the third level, however one reads Article 23 in Europe, in the light of the European human rights instruments, the text clearly encourages - indeed, as the EU academics put it, incites - non-European States to adopt the lower threshold, and the wider scope of criminal law provisions relating to IPR infringements, without including “fair use” or “fair comment” exceptions to the substance of IPR, or de minimis exceptions in respect of enforcement. ACTA would thus appear to encourage the adoption of standards in this field by non-EU States that are not acceptable within the EU. That is the precise opposite of what the European arrangements relating to human rights in EU instruments on relations with third countries otherwise require.
This will, we believe, haunt future relations with such third countries (the fourth level of our analysis). It suggests the wilful encouragement, by the EU (and the USA) of human rights-unfriendly measures by and in non-European (and non-US) countries, in support of mainly U.S. and EU corporations, who could not rely on such measures in their own regions. That may as such not, strictly speaking, be an ECHR/CFR issue (although it does have a significant bearing on international personal data exchanges, as we shall see in section 2.5, below), but it is unacceptable nevertheless.
ISP liability and “three strikes”: enforcement by private entities
ISP liability and the “three strikes” idea are areas in which the text of ACTA has, reportedly, been considerably watered down (although why the parties started from the undiluted positions on them in the first place remains a serious question: it does not suggest great a priori commitment to the rule of law). To quote the second EP study:44
Once one of the more extensive pieces of the ACTA framework, this section has been significantly pared down, especially with respect to liability of internet service providers. A review of the leaked 1 July Consolidated text shows extensive provisions relating to: liability of online service providers, including restricted safe harbours; takedown or removal of material at the request of rightholders; and third party secondary, and contributory liability. In prior proposals put forward by other parties206, provisions for the cutting-off of internet service of infringers (so-called three strikes provisions) were also put forward, although these did not appear in later texts.
In contrast, what we have now in the agreement does not bear out any of the fears regarding this section that were a staple of questions for European parliamentarians ... Article 27.1 essentially applies all the procedures and standards for civil and criminal enforcement to the digital environment. However, Footnote 13 preserves any party’s system for ISP liability limitation. It also preserves any laws that are aimed at preserving free expression, fair process and privacy.
Are the earlier fears really allayed? In order to assess that, one should first of all look closely at the text of Article 27.1 - .3 (in its final version, including the footnote mentioned above):45
ARTICLE 27: ENFORCEMENT IN THE DIGITAL ENVIRONMENT
- Each Party shall ensure that enforcement procedures, to the extent set forth in Sections 2 (Civil Enforcement) and 4 (Criminal Enforcement), are available under its law so as to permit effective action against an act of infringement of intellectual property rights which takes place in the digital environment, including expeditious remedies to prevent infringement and remedies which constitute a deterrent to further infringements.
- Further to paragraph 1, each Party’s enforcement procedures shall apply to infringement of copyright or related rights over digital networks, which may include the unlawful use of means of widespread distribution for infringing purposes. These procedures shall be implemented in a manner that avoids the creation of barriers to legitimate activity, including electronic commerce, and, consistent with that Party’s law, preserves fundamental principles such as freedom of expression, fair process, and privacy. [fn]
- Each Party shall endeavour to promote cooperative efforts within the business community to effectively address trademark and copyright or related rights infringement while preserving legitimate competition and, consistent with that Party’s law, preserving fundamental principles such as freedom of expression, fair process, and privacy.
The footnote reads as follows:
[fn] For instance, without prejudice to a Party’s law, adopting or maintaining a regime providing for limitations on the liability of, or on the remedies available against, online service providers while preserving the legitimate interests of right holder.
We fail to understand how the study can say that this latest text “does not bear out any of the fears regarding this section that were a staple of questions for European parliamentarians”. Article 27.1 requires “effective” procedures and “expeditious” - and clearly ex ante - remedies, without saying anything about the nature of those procedures or remedies. The second paragraph furthermore clearly requires (“shall apply”) the applicability of such processes to any infringement of copyright or related rights over digital networks. It adds that this “may include the unlawful use of means of widespread distribution for infringing purposes”, but it is clearly not limited to that: there is again no de minimis exception.
The nature of the procedures in question is left excessively vague, except that the third paragraph stresses that “Each Party shall endeavour to promote cooperative efforts within the business community” in implementing them.
The only restriction on the nature and form of these procedures and remedies is in the rather cryptic second sentence of the second paragraph, and the similarly phrased final clause in the third paragraph, which say that:
These procedures shall be implemented in a manner that ..., consistent with that Party’s law, preserves fundamental principles such as freedom of expression, fair process, and privacy.
In all these cases, the text emphasises that such encumbrances should be applied in such a way as to “preserve the legitimate interests of the right holder” (one almost hears: “above all”).
This deserves three comments. First, simply saying that these (unspecified) measures must be applied in ways that respect fundamental rights does little to ensure that: the text provides no guidance on this, not even a reference to relevant international standards. On the contrary, this limitation (if such it is) must be “consistent with [each] Party’s law”. This may imply that European States must comply with the ECHR and the CFR, but it leaves other States free to do as they please.
Indeed, second, the footnote, in an odd, roundabout way, confirms that one of the procedures or remedies that the drafters had in mind - indeed, presumably the main one - was precisely the imposition of liabilities on Internet Service Providers (ISPs). The footnote merely, seemingly generously, allows States to limit such liability (as long as the all-important “legitimate interests of the right holder” are “preserved”). This strongly suggests that, in the view of the drafters, States should still impose quite extensive liabilities on ISPs, even if, reluctantly, they accept that some State may have to limit this liability.
Third, the reference to “cooperative efforts with the business community” (which must be in addition to the information-disclosure arrangements which are separately dealt with in Article 27.4, as discussed in section 2.4, below) can almost only relate to the supposedly-dropped “third-strike” proposals.
In all these respects, Article 27.1 - .3 therefore still clearly prompts States to push enforcement of IP rights to the limits of their constitutional constraints.
In terms of our four-level analysis, we accept that the revised, final text no longer requires States to adopt the kind of draconian measures - excessive ISP liability, “three strike” rules, etc. - that were clearly originally in the minds of the drafters. To that extent, Article 27.1 – 3. is not in breach of the ECHR and the CFR per se.
But it still suffers from the same defects as the “criminal enforcement” provision discussed earlier: it is excessively vague, and it encourages non-EU States to adopt human rights-unfriendly measures in support of mainly U.S. and EU corporations, who could not rely on such measures in their own regions.
Moreover, civil society and European and national parliamentarians should beware lest EU Member States were to misread, or deliberately misconstrue, the provision and use it to introduce the ECHR- and CFR-incompatible measures (excessive ISP liability and a “three strike” rule) in spite of the retreat by the ACTA drafters in this regard. In case it is needed, they should refer to the EDPS Opinion which clearly exposes the incompatibility of the “three strikes” rule with the European standards.
Evasion of Digital Rights Management
Finally, in this section, we should mention the provisions in ACTA aimed at outlawing any means to circumvent electronic rights management systems (often referred to as digital rights management systems or DRMs). Suffice it to note that the relevant provisions (paragraphs .5 - .7 of Article 27) again do not provide a de minimis exception, and indeed also outlaw “dual use” systems or programs, that can be used both for unlawful circumvention of DRMs, and for lawful activities. The provisions also assume, without further ado, that right holders have unfettered rights to impose any kinds or forms of DRMs on their customers, irrespective of fair contract or consumer laws.
We cannot go into this issue in depth here. However, we feel that ACTA once again too easily assumes that right holders’ rights always trump user and consumer rights. In our opinion, in specific contexts, this may not be right, and - if that approach unduly and disproportionally restricts access to information, or the free dissemination of information - would breach Article 10 ECHR and Article 11 CFR.
The article says, almost in passing, that these provisions must be implemented “to the extent provided by [each State’s] law”. Civil society and parliamentarians must, in this regard too, be vigilant to ensure that that proviso is used in any national law implementing ACTA to avoid such conflicts with these fundamental European standards.
- ACTA and the right to privacy and data protection
ACTA contains a number of provisions on disclosure of information from various entities on various entities to various entities (hereafter referred to as “information provisions”); some cover personal information, some commercially sensitive information, some statistical information, and some several or all of these. These provisions are all subject to the following, important caveats, in Article 4:
ARTICLE 4: PRIVACY AND DISCLOSURE OF INFORMATION
- Nothing in this Agreement shall require a Party to disclose:
- information, the disclosure of which would be contrary to its law, including laws protecting privacy rights, or international agreements to which it is party;
- confidential information, the disclosure of which would impede law enforcement or otherwise be contrary to the public interest; or
- confidential information, the disclosure of which would prejudice the legitimate commercial interests of particular enterprises, public or private.
- When a Party provides written information pursuant to the provisions of this Agreement, the Party receiving the information shall, subject to its law and practice, refrain from disclosing or using the information for a purpose other than that for which the information was provided, except with the prior consent of the Party providing the information.
Paragraph (1) suggests that States are “not required” to disclose personal data if to do so would be contrary to their national data protection law; or to disclose personal or other data, if to do so would be contrary to their national legal rules on confidentiality of personal or commercial information.
However, we note that this caveat only applies to disclosures of data by States; it does not cover the disclosure of data by private-sector entities (such as ISPs) to anyone. That is covered only by the more specific provisions, discussed below (although these, too, at least contain cross-references to privacy/data protection law, as will be noted).
Here, we will deal only with the rules on the provision on personal information, i.e.: with rules on information that relates to (an) identified or identifiable individual(s) (what we will call “personal data disclosure provisions”).46 We will examine these provisions first in their own terms, and then (under the heading “European data protection law”) in the light of the requirements of EU data protection law, which itself gives effect to requirements of the ECHR and CFR (as also further discussed there).
The core information provisions in ACTA:
ACTA contains separate, and different, personal data disclosure provisions in its different chapters and sections on civil enforcement, border measures, enforcement in the digital environment, enforcement practices, and international cooperation. The most important ones for the present purpose are Article 11, relating to civil enforcement (which includes the issuing of injunctions and “provisional measures”), and Article 27(4), relating to enforcement in the digital environment generally. Both are set out in full in a text box, overleaf, with emphases added.47
What is once again notable about these provisions is their elasticity and lack of clarity, in several respects; and the vagueness of the references (underlined in the box) to national laws. We will discuss these matters next, and will then turn to the question of international data exchanges. After that, we will set out the applicable European standards, and assess the provisions in the light of these.
The scope of data disclosures:
Article 11 allows for extremely extensive disclosure orders, covering not just information on “infringers”, but also on “alleged infringers”, and indeed on “[anyone] involved in any aspect of [any] alleged infringement”, as well information allowing for the identification of “third persons alleged to be involved” in the production and distribution of IPR infringements. Article 27 similarly allows for the issuing of disclosure orders identifying (or covering information that can be used to identify) “[any] subscriber [to any electronic communication service] whose account was allegedly used for infringement”. This is extremely wide, and undoubtedly includes large numbers of completely innocent individuals.
This is especially true of the concepts of “alleged infringers” and “a subscriber whose account was allegedly used for infringement”. What does that mean? It would appear that it suffices that a right holder makes a generic allegation to the effect that some infringements occur to obtain the release of information on any user who might be implicated.
Practical considerations, and to some extent the texts, suggest that the above would in fact operate in several stages. First, there would be orders aimed at identifying IP addresses that might be being used for IPR infringement; and then, secondly, there would be orders aimed at the disclosure of further information on IP addresses where the initial information seems to confirm this initial (vague) suspicion, and on the people associated with them. We note that the EDPS and the Article 29 Working Party have both concluded that IP addresses constitute “personal data”, certainly when they are linked to, or might at some stage be linked to, identifiable “natural persons”, such as subscribers to an ISP.48
On our reading, both articles, but especially Article 11, would appear to allow for the issuing of initial orders for the surreptitious monitoring and analysis of all the data on the extent and nature of Internet use of all subscribers to a particular ISP, if a right holder could make a case (see below, under the heading “Evidentiary basis for data disclosures”) that at least some of the ISP’s subscribers are infringing his or her IP rights (which in reality means always).
Indeed, for the system to work, the initial search would by its nature have to be largely speculative, and would presumably be based on statistical and other analyses of the use of all the ISP’s Internet accounts. In our view, this reading of the text is reinforced by the reference, in Article 11, to the provision of (undefined) information “for the purpose of collecting evidence”. In other words, the information itself need not (yet) in itself even constitute such evidence: it need merely contribute to the accumulation of evidentiary information.
In sum: Articles 11 and 27(4) both suggest that subscribers’ use of the Internet will be (or certainly may be) closely and routinely monitored with a view to identifying which IP addresses might possibly be involved in IPR infringements (even if the analyses will only provide a very rough indication in this respect, at best); that the IP addresses of the thus-identified possible infringers may then be ordered to be disclosed to right holders (see under the next sub-heading); and that the thus-disclosed data may then be used by those right holders to take civil and/or criminal law action, and that the latter can include the obtaining of yet further disclosure orders against the thus-identified possible infringers and (all sorts of) “third parties”, ordering them to disclose to the right holder any type of information deemed “relevant” by the court or by the “other” (non-judicial) authority in question.
Thus, as the EDPS put it, the ACTA text suggests that it envisages the surreptitious (the EDPS says “unnoticed”) “monitoring of millions of individuals and all users, irrespective of whether they are under suspicion”, and “the systematic recording of data [on their Internet use]”.49
We will return to this crucial issue several times below, and in our conclusions.
To whom the information is to be disclosed:
Article 11 says that the judicial authority that can order the disclosure of IP addresses and other personal data may stipulate that the information be provided either to “the judicial authorities” (i.e., presumably, to itself) or “to the right holder”. The first might suggest (but without spelling this out in any way) that the court could play a role in assessing whether the information was sufficiently concrete in terms of indicating an infringement to warrant disclosure to the right holder. However, the second option makes clear that any such safeguard can simply be dispensed with.
This has an impact on the question of compliance with the procedural/due process requirements of the ECHR and the CFR, discussed in section 2.5, below.
Evidentiary basis for data disclosures:
Next, there is the question of the required evidentiary basis for any such orders, and the question of discretion. Article 11 merely says that there must be a “justified request” for the relevant order from the right holder, and Article 27 requires a “legally sufficient claim” - but neither clarify at all what that means, i.e., when a request can be said to be “justified” or a claim to be “sufficient”. Presumably, this is left to the States to regulate, and that freedom extends to the scope of discretion they accord the relevant authorities (discussed below) in this regard. That at least is how we read the phrase “each Party shall provide that ... its judicial authorities have the authority” to issue the orders in Article 11: they must have the authority, but not necessarily the duty to issue the orders whenever requested to. The same, we feel, applies to the phrase in Article 27: “A Party may provide ... its competent authorities with the authority to order...”
But if we are right in this, then the breadth of that discretion is entirely unclear - contrary, as we shall see in section 2.5, below, to European due process standards.
This is problematic by itself. However, our concerns are seriously deepened by the fact that, as we shall also discuss in section 2.5, below, such orders can apparently be issued in preliminary, formally interlocutory proceedings, without the affected individuals (or the public) being informed of them. We will discuss the implications in that section, and in our conclusions.
The nature of the authorities issuing the disclosure orders:
Then there is the question of the nature of the authorities, and of the proceedings leading to such potentially extremely broad and intrusive orders. Clearly, Article 11 (which concerns civil proceedings) envisages the orders under that article to be issued by a (civil) court (“judicial authority”) in civil proceedings (including interlocutory proceedings).
However, Article 27 is less clear about this; it merely refers to “competent authorities with the authority to [issue the orders]”. That could be anyone - and in particular, could include the Executive, or some regulator, whose independence and impartiality need not be ensured. We will again return to this in section 2.5.
Inter-State cooperation and other international data exchanges:
Next, there is the important matter of transborder data transfers. This takes three forms: international cooperation between ACTA States, and the disclosures of information (including personal data) that they entail; the possibility of cross-border data transfers between private parties; and transborder data transfers between private and public-sector bodies (either way).
Inter-State data exchanges under ACTA:
ACTA provides the following in Article 34 in its chapter on International Cooperation (Chapter IV):
ARTICLE 34: INFORMATION SHARING
Without prejudice to the provisions of Article 29 (Management of Risk at Border), each Party shall endeavour to exchange with other Parties:
- information the Party collects under the provisions of Chapter III (Enforcement Practices), including statistical data and information on best practices;
- information on its legislative and regulatory measures related to the protection and enforcement of intellectual property rights; and
- other information as appropriate and mutually agreed.
We note in particular the word “including” in clause (a): clearly, the provision also covers the exchanging of other information than “statistical data and information on best practices”, mentioned in Chapter III. That means that it also covers exchanges of the “other relevant information” mentioned in Article 28(2). Just in case this were to be in doubt, clause (c) adds that States may in any case make arrangements for exchanges of “other information as appropriate” (read: as they deem appropriate) and as “mutally agreed”.
This provision is subject to the caveats we noted at the beginning of this section, in Article 4 (quoted in full on p. 31). As noted there, the first, in Article 4(1), is that States are “not required” to disclose personal data if to do so would be contrary to their national data protection law; or to disclose personal or other data, if to do so would be contrary to their national legal rules on confidentiality of personal or commercial information. The second caveat, in Article 4(2), says that:
When a Party provides written information pursuant to the provisions of this Agreement, the Party receiving the information shall, subject to its law and practice, refrain from disclosing or using the information for a purpose other than that for which the information was provided, except with the prior consent of the Party providing the information.
In our view, from a European perspective, the first caveat is much too timid. The stipulation should be that (EU) States shall not disclose personal data to other (non-EU, so-called “third”) States unless they are permitted to do so in accordance with European and their own national data protection laws: as we shall see (and as the EDPS rightly emphasised), the European rules in this respect are highly restrictive.
The second caveat is reminiscent of similar clauses in EU “Third Pillar” data exchange agreements, such as have been established in relation to Europol, Eurojust, the Schengen Information System, etc.50 However, in this respect there is a fundamental difference, in that those similar clauses in those latter agreements relate to exchanges of personal data within the EU only, whereas the caveat in Article 4(2) ACTA also (and especially) applies to exchanges of personal data between EU States and non-EU States, in which an “adequate” level of data protection may not be ensured (or where there may be no data protection at all).
In that respect, it is also worrying to note that the caveat in Article 4(2) ACTA appears itself to be subject to an exception, through the words “subject to its law and practice”. We can only understand that to mean that the restriction on further, different use of any received data (without the prior consent of the disclosing State) can be overridden by the national law - and indeed the national “practices” - of the receiving State. That would totally negate the safeguard, as will be further discussed below, in the sub-section in which we analyse the above from a data protection perspective.
Private-sector to private-sector transborder data transfers:
ACTA says nothing about the transfer of personal data (such as IP addresses suspected of involvement of IPR infringements) between private entities in different countries, including different States that are party to the Agreement.
This could suggest (to State Parties, and to right holders) that such transfers are not subject to any constraints.
However, as we shall see later in this section, European data protection rules (giving effect to ECHR and CFR-protected rights) in fact impose important restrictions on such transfers, if the party sending the data is in the EU/EEA, and the recipient is outside the EU/EEA, in a country that does not provide “adequate” data protection (either in general or in the specific context). However, ACTA does not even mention those restrictions (other than in the vague “without prejudice” provisions in Articles 11 and 27(4), discussed earlier), let alone stipulate that personal data transfers in relation to the Agreement between private-sector entities should conform to them.
Private–public and public–private-sector transborder data transfers:
The same applies to cross-border transfers of personal data from private-sector entities in one country to public-sector ones in another, or vice versa. The former (disclosures by private-sector bodies in one country to public-sector bodies in another country) are covered by the same restrictive EC data protection rules as are the cross-border private-sector-to-private-sector transfers mentioned above, and discussed later. Suffice it to note here that the recent SWIFT- and PNR-controversies have shown how sensitive such disclosures can be.
Disclosures of personal information by State entities in one country to private entities in another country are covered by different European rules, depending on whether the data are provided by the State in relation to “the activities of [that] State in areas of criminal law”, or not (cf. Article 3(2) of the main Data Protection Directive), but in neither case are they (or should they be) free from important, ECHR/CFR-based constraints.
Such transborder transfers are subject to the caveats in Article 4 that States are “not required” to disclose personal data if to do so would be contrary to their national data protection law, and that the receiving State may only use the data for the purposes for which they were disclosed - but as already noted this Article does not say that EU States shall not disclose personal data to other (non-EU, so-called “third”) States unless they are permitted to do so in accordance with European and their own national data protection laws, and would appear to allow receiving States to simply by-pass the secondary-use restriction, on the flimsiest of basis.
What ACTA appears to allow
If we draw our analyses of the personal data disclosure provisions, above, together, we gain a very worrying picture of what ACTA would appear to allow, and indeed encourage:
This is blatantly in violation of European human rights and data protection standards (as spelled out below, under the heading “European data protection law”, and summarised in our Conclusions and Recommendations).
However, before we jump to that conclusion, we must first check if the situation is not “rescued” by the references in ACTA to the personal data disclosure provisions being “without prejudice” to (inter alia) the State Party’s national laws.
“Without prejudice to national law”
The proponents of ACTA may claim that the above is all scaremongering (at least as far as the implementation of ACTA by EU Member States is concerned: the Agreement certainly does nothing to encourage human rights compliance by others), because of the various provisions in ACTA which suggest that its provisions are to be applied “without prejudice” to (inter alia) the States’ confidentiality and data protection laws, and “as provided for in” any of their “applicable” national laws (Article 11), or “in a manner that ..., consistent with [the State’s laws], preserve [inter alia] fair process and privacy” (Article 27(4)).
The problem with this is that it leaves the limitations to the unacceptable rules totally unclear. Indeed, as we have seen, it is not even stipulated explicitly anywhere in ACTA that the ACTA provisions must be implemented and applied in ways that conform to European (and wider international) human rights and data protection standards: there is no “138 Amendment” in the text (see section 2.1, above). Of course, as a matter of European “constitutional” law, ACTA must be applied by Member States and the EU in conformity with the ECHR and the CFR: when in doubt, its provisions should be read, implemented, interpreted and applied in conformity with these instrument, rather than in breach of them.
However, we feel that such an almost entirely abstract deference to European human rights and data protection standards is not enough. It does not in any way lessen any prima facie conflicts between ACTA and those standards, and does little or nothing to ensure that ACTA will in fact be applied in conformity with those standards. On the contrary, it simply invites initial application of the Agreement in human-rights-incompatible ways, with it being left to costly and lengthy legal challenges for this application to be brought in line with these standards. If that is so, ACTA is a discredit to the idea (and the ideal) of the EU as a torch-bearer for human rights in Europe and the rest of the world.
European data protection law
Origin, complexity and status of European data protection law
European data protection law has its origin, in a rather complex way, in Article 8 ECHR, which guarantees respect for the right to “private and family life, home and correspondence”. However, it is also in many ways a sui generis right.51 For this reason, the EU Charter of Fundamental Rights both effectively repeats the guarantee of Article 10 ECHR (substituting only the term “communications” for the outdated term “correspondence”) (Article 7 CFR), and contains a separate provision guaranteeing the right to protection of personal data (Article 8 CFR). Here, it suffices to note that these days, data protection is given forceful backing by both the European Court of Human Rights in its case-law under Article 8 ECHR, and by the European Court of Justice, in its case-law on more specific EC/EU data protection rules (but which it, too, acknowledges to be based on fundamental, EU-constitutionally-protected fundamental rights).52
Data protection has been given much more specific expression in both Council of Europe instruments, starting with the Council of Europe Convention on data protection (Convention No. 108), and supplemented by a wide range of Resolutions and Recommendations,53 and in EC/EU rules. The latter include especially, for what (until the Lisbon Treaty) used to be the EU’s “First Pillar” (Community Law), the main EC data protection directive, Directive 95/46/EC, and the subsidiary “e-Privacy Directive”, Directive 2002/58/EC (as amended by Directive 2006/24/EC to implement compulsory - and contentious - e-communications data retention requirements).
In the former “Third Pillar” area of police and judicial cooperation, a large number of further, more specific data protection rules have been adopted, which include the contentious “Prüm Treaty”, which enshrines a new principle of “availability” for that area. This means that if a law enforcement body in one EU Member States can lawfully obtain and use certain personal data, it should in principle make those data also freely available to law enforcement bodies in other EU Member States, albeit subject to the provision noted earlier, that the recipient EU State may only use the received data for the purpose for which the sending EU State provided it (unless, the sending EU State agrees to a subsequent change in purpose).54
We cannot here discuss the complex (technically former, but in practice still in effect) First- and Third Pillar EU data protection rules in any detail. However, some matters must be noted.
First of all, the processing and disclosures of personal data envisaged in Articles 11 and 27(4) ACTA fall mainly under the rules for the processing of personal data in the private sector. The monitoring and recording of Internet use by users is done by the ISPs to which those users subscribe; and the disclosures on the results of this monitoring, envisaged in the ACTA rules, is first of all from those ISPs to right holders, and only then, possibly, from the latter to State authorities for criminal law purposes.55
Processing and disclosures of personal data (including IP addresses) by EU ISPs and right holders under ACTA must therefore comply with the main EC data protection directives, Directives 95/46/EC (“the Data Protection [or just DP] Directive”) and Directive 2002/58/EC (“the e-Privacy Directive”). These include elaborate rules on compliance with basic data protection principles such as fair and lawful processing, purpose-specification and limitation, data avoidance and minimisation, data quality and data retention (Article 6 of the DP Directive); on the need for a recognised “legal basis” for the processing (Article 7, or Article 8 if the data are sensitive, e.g., because they relate to criminal matters); notification of data subjects (Article 10 and 11); strong restrictions on transfers of personal data to non-EU/EEA countries (unless the “third country” provides “adequate” protection under its own law); etc., etc.
Whatever ACTA says or suggests, it does not detract one iota from ISPs’ or right holders duties of compliance with these directives.
However, there is doubt about the compatibility of some of these First-Pillar rules with higher European human rights standards. This relates in particular to compulsory data retention under the amendments made to the latter directive by Directive 2006/24/EC (“the Data Retention Directive”). This includes compulsory retention by ISPs, for a period between six months and two years, of data linking the IP addresses of their users to the users’ real identities:
Categories of data to be retained
- Member States shall ensure that the following categories of data are retained under this Directive:
- data necessary to trace and identify the source of a communication:*
- concerning Internet access, ... :
- the name and address of the subscriber or registered user to whom an Internet Protocol (IP) address ... was allocated at the time of the communication;
(*Note that the concept of a “communication” is wider than that of a “call”, and includes “any information exchanged or conveyed between a finite number of parties by means of a publicly available communications service” - i.e., including “any information” of this kind exchanged over the Internet, such as IP addresses.)
As the Council of Europe Commissioner for Human Rights put it:56
[T]he Rule of Law requires ... in respect of Internet surveillance, [that] any measures should respect the prohibition in the Cybercrime Convention on “general or indiscriminate surveillance and collection of large amounts of traffic [and communications] data”; compulsory suspicionless retention of such data, currently required under EU law, fundamentally violates this principle (and, in our view, the ECHR and the EU Charter of Fundamental Rights, as well as several national constitutions)
In our opinion, this applies a fortiori to any analysis of such data without individualised suspicion - although the EDPS appears to accept some very circumscribed analysis in support of IPR counter-infringement actions, as discussed later.
Secondly, to the extent that some of the personal data processing or disclosures envisaged in ACTA can be said to fall within what used to be the “Third Pillar” areas of EU law (i.e., in particular, inter-State disclosures), it would certainly not be sufficient to check if those disclosures are in line with the current (still largely effective) Third-Pillar arrangements - because some of those too are of even more highly dubious legality in terms of European human rights standards. This applies in particular to the “availability” principle in the Prüm Treaty, mentioned earlier. More specifically, we should note that those doubts arise even in respect of Third-Pillar data exchanges entirely and solely between EU Member States. Any extension of the existing intra-EU Third-Pillar arrangements to non-EU States - and especially to non-EU States without (adequate) data protection laws - would be in contravention of the ECHR and the CFR, unless accompanied by strong, explicit, effective and enforceable data protection arrangements (quod non).
Application of the rules to personal data processing under ACTA
In the light of the above, we will examine the compatibility with the EC data protection rules and the ECHR and the CFR of the following data processing and data disclosure steps under ACTA:
- the suspicionless monitoring of the Internet use of ISP subscribers by those ISPs, the systematic recording of this subscribers’ use information by the ISPs, the analysis of this subscriber use information by the ISPs, and the singling out (“flagging up”) of individual subscribers whose use fits a particular pattern;
- the disclosure of the information gleaned from the above, including the identities of individual subscribers who are “flagged up” through these analyses, to right holders, and the subsequent processing of this information by those right holders;
- the disclosure of the information gleaned from the above, including the identities of individual subscribers who are “flagged up” through these analyses, to law enforcement bodies, and the subsequent processing of this information by those law enforcement bodies; and (in each case); and
- the complications that arise if any of the above involves transborder data disclosures, in particular from EU/EEA States to non-EU/EEA States without “adequate” data protection legislation.
Monitoring, Recording, Analysis and Singling out of Internet users:
As we have seen, ACTA implies that ISPs will monitor, record and analyse the Internet use of their subscribers, on an individual basis, to see if this usage reveals a pattern that might suggest that a particular subscriber is involved in illegal IPR infringements. Indeed, the personal data disclosure provisions in Articles 11 and 27(4), discussed in detail above, would be largely useless if they didn’t build on such monitoring, recording and analysis.
But that begs the question of whether this monitoring, recording and analysis is itself actually lawful under the EC Data Protection Directive, or under the e-Privacy Directive (which is a lex specialis in relation to the DP Directive). This is far from clear: after all, such monitoring, recording and analysis to detect possibly illegal Internet activity is clearly not the main, primary purpose for which the ISPs hold the data, which is simply to (a) allow the user to connect to the Internet, and (b) to the extent that the user’s Internet bill may depend on his or her usage, to bill for that.
The DP Directive, and thus also the e-Privacy Directive, does allow for the processing of personal data for other than the primary purpose, if this serves “the prevention, investigation, detection and prosecution of criminal offences”, but only if this is regulated by the relevant (“applicable”) national data protection law - which means that it must be provided for in specific, clear and accessible legal rules - and provided that the special rules allowing for such intrusive monitoring (etc.) constitute “necessary measure[s]” to achieve this purpose (see Article 13 DP Directive, which also applies to the processing under the e-Privacy Directive).
In that connection, it is worth noting that the compulsory data retention rules in Directive 2006/24/EC do not cover subscribers’ Internet usage data - which means that ISPs are not allowed to retain such data under that directive for the purpose of the above kind of monitoring and analysis, on a longer-term basis. The basic analysis, to the extent that it would be covered by Article 13 of the DP Directive, will have to be limited to “live” usage data. If this “live” analysis were to reasonably suggest any illegality (as discussed below), it may be possible to retain the usage data under the exception in Article 13(1)(d). But otherwise, Internet usage data should be deleted as soon as it is no longer needed for connection or billing purposes (which means that for subscribers with unlimited access, it shouldn’t even be collected in the first place).
In simple terms: ISPs are not allowed to retain links between individual IP addresses and Internet usage for the purpose of longer-term monitoring or analysis aimed at identifying “possible” IPR infringers.
The EDPS discussed this issue in his Opinion under the heading “legal ground for processing”, in the context of the “three-strikes” controversy, in relation to which he said that:
Three strikes approach schemes entail the processing of personal data, some of which will be used for the legal or administrative procedures towards cutting Internet access to repeated infringers. From this perspective, such data qualifies as sensitive data under Article 8 of Directive 95/46/EC. Article 8(5) establishes that ‘Processing of data relating to offences, criminal convictions or security measures may be carried out only under the control of official authority, or if suitable specific safeguards are provided under national law …’. (para. 51)
The point to be made here is that the data collection and disclosure measures envisaged (or implied) in Articles 11 and 27(4) ACTA also “relate to [alleged] offences”, and no less so than in the context envisaged by the EDPS. Article 11 may operate specifically in relation to civil proceedings, and Article 27 specifically in relation to enforcement in the digital environment generally, but given the wide scope of the crimes that States must create under ACTA, the information to be disclosed under these provisions will very often also expose criminal IPR infringements and lead to prosecutions. Indeed, one may assume that the private parties seeking the information (the right holders) will be most interested in, and will focus their requests for information on, large-scale infringements (i.e., on at least “commercial scale” infringements as excessively-widely defined in ACTA), and will not hesitate to disclose the information obtained in the course of civil proceedings to the prosecuting authorities (or could use them to bring criminal prosecutions themselves in countries with legal systems that allow this, such as the United Kingdom).
This means that the EDPS’s further analysis and conclusions also remain valid, and apply to the collection and disclosures of personal information under Articles 11 and 27(4):
In this context, it is pertinent to recall the Article 29 Working Party document mentioned before, which discusses the issue of processing judicial data.57 The Working Party states that
‘While any individual obviously has the right to process judicial data in the process of his/her own litigation, the principle does not go as far as permitting in depth investigation, collection and centralisation of personal data by third parties, including in particular, systematic research on a general scale such as the scanning of the Internet (…). Such investigation falls within the competence of judicial authorities’.
While the collection of targeted, specific evidence, particularly in cases of serious infringements may be necessary to establish and exercise a legal claim, the EDPS fully shares the views of the Article 29 Working Party on the lack of legitimacy of wide scale investigations involving the processing of massive amounts of data of Internet users.
(para. 52, emphasis added)
This fully accords with the COE Commissioner for Human Rights’ views, quoted earlier, that “compulsory suspicionless retention of [Internet usage data]” - and we may add, suspicionless monitoring and analysis of such data - violates the prohibition in the Cybercrime Convention on “general or indiscriminate surveillance and collection of large amounts of traffic [and communications] data”, as well as the principles of “necessity” and “proportionality” in the ECHR and the EU Charter of Fundamental Rights.
This incompatibility of suspicionless monitoring, retention and analysis of Internet users’ usage data with these fundamental instruments fatally undermines the very foundation on which ACTA’s personal data disclosure provisions are built. If ISPs are not allowed to perform these acts, the personal data disclosure provisions in ACTA become largely meaningless.
Here, however, the EDPS offers some glimmer of hope to ISPs in the EU/EEA monitoring the Internet use of their subscribers in support of right holders. However, the possibilities of lawful monitoring (by such ISPs) that the EDPS envisages are heavily qualified. Thus, in his Opinion, he stresses that:
... the ‘commercial scale’ criterion is decisive. Pursuant to this criterion, monitoring may be proportionate in the context of limited, specific, ad hoc situations where well-grounded suspicions of copyright abuse on a commercial scale exist. This criterion could encompass situations of clear copyright abuse by private individuals with the aim of obtaining direct or indirect economic commercial benefits.
In practice, to make the above effective, copyright holders might engage in targeted monitoring of certain IP addresses in order to verify the scale of the copyright violation. This would mean that copyright holders would also be allowed to keep track of reports alleging infringement for the same purposes. Such information should only be used after having verified the significance of the infringement. For example, clear cases of major infringements as well as non-significant yet continuous infringements, over a certain period of time, for the purpose of commercial advantage or financial gain. The need for continuity within certain periods of time is emphasised and further explained below in the discussion related to the conservation principle.
This would mean that in such cases, the collection of information for the purposes of demonstrating alleged Internet abuse may be deemed proportionate and necessary for the purposes of preparing legal proceedings, including litigation.
The EDPS considers, as an additional guarantee, that the data processing operations aimed at gathering such type of evidence should be prior checked and authorised by national data protection authorities. These views are based on the fact that the data processing operations would present specific risks to the rights and freedoms of individuals in the light of their purposes, i.e. carrying out enforcement actions which could eventually be criminal and in the light of the sensitive nature of the data collected. The fact that the processing involves monitoring of electronic communications is an additional factor that calls for enhanced supervision.
(paras. 44 – 47)
We read this to mean that it may be permissible, in terms of the EC data protection directives, for the relevant controllers (which are in fact the ISPs, at least initially, rather than the right holders, as the EDPS seems to think) to monitor and analyse the Internet usage of their subscribers, first of all to see if there are any indications of IPR infringement, and then to establish “the significance of the [possible] infringement”. If this monitoring and analysis suggests that a particular IP address is “clearly” used for either “major infringements”, or for “[in themselves] non-significant yet continuous infringements, over a certain period of time”, and if this is (again, clearly) “for the purpose of commercial advantage or financial gain”, then - but only then - might it be “necessary” and “proportionate” for the ISP to disclose this data (i.e., the data identifying such “major” or “continuous” infringers’ IP addresses and identities) to the right holders.
However, in the EDPS’ view, even these disclosures, in these exceptional cases, still pose “specific risks to the rights and freedoms of data subjects” (i.e., of Internet users), and they should therefore be subject to the important procedural guarantee of a “prior check” by the relevant national data protection authority (as is required in such cases of “specific risks” by Article 20 of the DP Directive).
ACTA reflects none of this. There isn’t a hint in Articles 11 or 27(4) to any of the above - apart from the fig leaves of the “without prejudice to national law” phrases.
In our Opinion, until and unless this is spelled out in clear terms in ACTA itself, the Agreement cannot be said to be compliant with EU data protection law.
What is more, given the close current interplay between EC and CoE data protection rules and the provisions in the ECHR and the CFR, the secondary uses of subscriber data implicit in the monitoring, recording and analyses mentioned above must be qualified as “interferences” in the privacy (private life and communication) rights of individuals in terms of those instruments. Allowing non-compliance with the conditions spelled out by the EDPS must be regarded as “unnecessary” and “disproportionate” in those terms; and indeed any absence of clear and specific legal rules reflecting those conditions mean that the interferences are also not based on “law” - which is a general, fundamental ECHR/CFR requirement.
In these respects, in our opinion, ACTA is so deficient that to adopt and implement it as it is would in itself breach these European human rights instruments.
Disclosures of identities of suspected IPR infringers to right holders:
The situation is little better in respect of the next step in what we see as the ACTA-envisaged process: the disclosure, by ISPs, of IP addresses and the identities of the users associated with them, to right holders, either in connection with civil proceedings (Article 11 ACTA), or in connection with “enforcement in the digital environment” generally (Article 17(4) ACTA).
In our analysis of these articles, we found that the evidentiary basis required for such disclosures is left extremely unclear. ISPs can, in ACTA terms, disclose this information, either on the basis of an order of a civil judge who feels that a request for this information, filed by a right holder, is “justified”, or when some other (unspecified, but clearly non-judicial) authority feels that a claim to that effect, by a right holder, is “sufficient”.
In our opinion, if the monitoring, recording and analysis of Internet user data poses “specific risks to the rights and freedoms of data subjects”, as the EDPS clearly feels (and we too believe), then these disclosures too pose such risks.
This view is strongly reinforced by the fact that, as the EDPS noted, the monitoring “is likely to trigger many cases of false positives” (see point (iii) in the quote from the EDPS Opinion on p. 16, above). This means that there are serious doubts as to whether the data on individuals that are “flagged up” by the ISPs’ monitoring and analyses is even of sufficient quality to meet the relevant requirements of Article 6(1)(c) and (d) of the DP Directive. Yet this unreliable data could cause data subjects serious problems.
If they are to be allowed at all, these disclosures, too, will therefore, under the EC directives, have to be made subject to a “prior check” by the relevant data protection authority (which could take the form of a prior check of a proposed general arrangement and evidentiary bases for the disclosures: it does not necessarily imply a prior check on each and every individual disclosure under such an arrangement).
But of course, yet again, nothing of the sort is included in ACTA, and the “without prejudice” provisions in Articles 11 and 27(4) (et al.) are manifestly insufficient to remedy this silence.
In our Opinion therefore, again, until and unless this need for a “prior check” is spelled out in extremely clear terms in ACTA itself, the Agreement cannot be said to be compliant with EU data protection law, or with the ECHR or the CFR.
Of course (in regard of the ECHR and CFR-requirements discussed under the previous sub-heading), non-EU States that are also not Member States of the CoE will not be subject to the ECHR, and they may not be subject to any comparable human rights treaty at all (or will not in practice guarantee compliance with such human rights treaties as they are a Party to). But this merely underscores our concern: EU States should not get involved in international arrangements that undermine the European/international human rights standards to which the EU is supposed to be committed.
In our opinion, this means that any disclosures of identities of suspected IPR infringers by EU-based ISPs to right holders outside the EU should be equally subject to the above-mentioned “prior checks”, and should not be allowed by the data protection authority carrying out the check, unless full respect for the data subjects’ data protection and other rights by the recipient in the third country is ensured.
Such disclosures to non-EU recipients would of course, in addition to this formal requirement, also have to comply with the transborder data transfer rules, discussed at the end of this section.
Disclosures of identities of suspected IPR infringers to law enforcement bodies:
When we talk of disclosures of information from private entities to law enforcement bodies we must make a distinction between information volunteered by the private entities, and information demanded by the law enforcement bodies (in the previous sub-section, we have assumed some sort of agreed cooperation system between the private parties [the ISPs and right holders] to be in place; as we have seen, such arrangements are expressly encouraged by ACTA).
On the first point, we are concerned that ACTA appears to encourage “informal” data exchanges between right holders and law enforcement authorities outside the proper frameworks for police and prosecutors’ information gathering or sharing frameworks. This is a more general trend, which we cannot discuss here at any length. Suffice it to note that under Police Acts or Criminal Procedure Codes, there are clear rules on what kind of information these law enforcement bodies are entitled to seek and obtain and use, subject to important procedural safeguards. However, increasingly, law enforcement bodies are collecting extremely wide-ranging and low-quality, often unreliable and/or hearsay information from all sorts of sources, and calling this “intelligence”. Such low-grade information then in turn tends to inform their more specific law enforcement actions.
We feel that the kind of intrinsically unreliable information that is produced by the above-mentioned monitoring and analyses of Internet users’ usage data falls into this very category. It is not the kind of information usually referred to in Criminal Procedure Codes as permitting certain intrusive actions, such as “factual indications” or “concrete evidence” of illegality.
We therefore feel that the offering of such low-grade information to law enforcement authorities (and its acceptance by the latter), even within the EU, again poses “specific risks to the rights and freedoms of data subjects”, and should be subject to a “prior check”. Unless this need for a “prior check” is spelled out in extremely clear terms in ACTA itself, the Agreement cannot be said to be compliant with EU data protection law, or with the ECHR or the CFR.
In addition, and again in line with what we said under the previous sub-heading, disclosures by EU-based ISPs to law enforcement agencies in non-EU countries should also be subject to “prior checks”; should not be allowed unless full respect for the data subjects’ data protection and other rights by the recipient in the third country is ensured; and should in any case have to comply with the transborder data transfer rules, discussed at the end of this section. The failure of ACTA to ensure this, in our view, constitutes yet another violation by that Agreement of fundamental European human rights standards.
ACTA & the EU rules on transborder data flows:
As noted above, there are very special, and highly restrictive EU rules on transborder flows of personal data from the EU/EEA to any other, non EU/EEA (so-called “third”) country.
For data transfers by private-sector entities in the EU/EEA to entities in third countries, these rules are contained in the EC Data Protection Directive (Articles 25 and 26). These rules essentially consist of an in-principle prohibition of the transfer of personal data to any third country without “adequate” data protection (Article 25(1)), coupled with (i) a procedure for the determination of “adequacy” in third countries by the EU (Article 25(2) – (6)), and (ii) a series of special exemptions from the in-principle prohibition in Article 25(1) (contained in Article 26). However, the latter include an exemption from the in-principle prohibition when:
the transfer is necessary or legally required on important public interest grounds, or for the establishment, exercise or defence of legal claims (Article 26((1)(d))
There is no coherent set of comparable rules for the (nominally former) Third Pillar. Rather, the rules on transfers of personal data relating to police and/or criminal matters are addressed ad hoc, in international agreements (treaties) covering specific data transfers or exchanges in specific contexts. Examples of the latter are the PNR agreements with the USA - which may serve to show how contentious such EU – third country agreements can be.
It is notable that ACTA totally ignores these complex restrictions (other than obliquely, yet again, in the form of “without prejudice” provisions which, however, even fail to specifically mention this complex of rules). As a result, it is unclear exactly how and to what extent the EU transborder rules apply.
Thus, as we have seen, Article 11 ACTA provides that each State Party shall provide that its judicial authorities can order the disclosure of personal data, in vaguely-described circumstances; and Article 27(4) stipulates that a State Party may provide its “competent” (not necessarily judicial) authorities with authority to order such disclosures, in similarly-vaguely-described circumstances.
This clearly envisages the issuing of “orders” by non-EU courts, or indeed by unspecified non-judicial non-EU bodies. Such orders could be issued at the request of EU or non-EU-based right holders, or of third country law enforcement agencies. And there is nothing in ACTA that would prevent such non-EU orders from being addressed to EU-based ISPs, for data on, and the identities of, EU-based Internet users whose IP addresses were “flagged up” by those ISPs as a result of the latter’s monitoring and analyses of these subscribers’ Internet usage - even though, as we have seen, such a “flag” may be seriously misleading, and may be attached to the IP address of an Internet user who has not infringed any IPR at all.
In this connection two questions arise: whether the disclosure of the personal data in such a case would become “legally required” under ACTA; and whether this precludes any scrutiny of the underlying evidentiary or other basis of the non-EU order by any authority (court) in the EU country where the addressee of the order is based, and any consideration of possible abuse of the data, or unjustified or disproportionate action against the individual on the basis of the dubious data.
We fear that ACTA suggests that the answer to the first question is “yes”: the data would have to be provided; and that the answer to the second is also “yes”: given that these orders are expressly envisaged in an international treaty (i.e., ACTA), EU courts might limit themselves to reviewing whether the order was valid in terms of the law of the requesting country, without examining the underlying factual basis for the order, or its proportionality.
We also doubt whether a disclosure made on the basis of such an order by a non-EU authority would constitute a State-to-State disclosure of the kind envisaged in Article 4, and whether the disclosure would therefore be subject to the prohibition on new uses of the data in the receiving country. After all, the disclosure would be made (even if perhaps after a hearing in the EU country where the ISP was based) by the ISP, and not by the State.
In our opinion, this opens up the possibility of widespread abuse of non-EU orders by EU or non-EU-based bodies to “crack down” on suspected IPR infringers in the EU, without respect for the data protection or other rights of the suspects.
In our opinion, ACTA, without much clearer provisions on the validity of non-EU personal data disclosure orders and the consequences of those in terms of transborder personal data disclosures, clearly fails to ensure compliance with the European data protection rules as enshrined in the Data Protection Directive and as rooted in the ECHR and the CFR. Unless such clear provisions and clarifications are added, ACTA in our opinion violates these European human rights standards.
- ACTA and the right to a remedy and a fair trial
Finally, we must mention the crucial right to a fair trial and the slightly less strong right to a remedy in Articles 6 and 13 ECHR and Article 47 CFR. Artice 6 ECHR guarantees everyone a fair trial before an independent and impartial tribunal established by law, “in the determination of his civil rights and obligations” or “of any criminal charge against him”. In respect of other issues, people should still be offered an “effective remedy” (Article 13 ECHR). However, the European Court of Human Rights has increasingly read elements of the full “fair trial” requirements of Article 6 into the “effective remedy” requirements of Article 13 (unless there was some special reason to allow a State to [somewhat] depart from them). This trend appears to be confirmed by Article 47 CFR, which also seems to largely conflate the two.58
Proceedings that involve a “determination” of property rights protected by Article 1 First Protocol to the ECHR are always subject to Article 6 ECHR: in its civil-legal aspect, Article 6 is the procedural counterpart to the substantive right to property in Article 1 FP. As we have seen, essentially everything that is done under ACTA is either aimed at enforcing the property rights of right holders, and/or affects property rights of users/consumers, or relates to - or can at least result in - criminal charges. It follows that all the issues that arise in connection with ACTA, as discussed in this opinion, should be fully justiciable in proceedings that meet all the requirements of Article 6 ECHR/Article 47 CFR. This conclusion is also in line with the views of the UN Special Rapporteur on Freedom of Expression that matters affecting the access to and use of the Internet by individuals should always be justiciable in full and fair legal proceedings.59
In that respect, our earlier analysis has demonstrated concerns in relation to the application of the criminal law, the civil law (including the issuing of injunctions and the providing of provisional measures by civil courts), and the somewhat imprecisely specified other measures relating to enforcement in the digital environment. We will discuss these in turn.
Criminal-legal enforcement of IPR under ACTA
Our concern in respect of criminal sanctions to enforce IPR rights under ACTA are not primarily with the adequacy of the process. At least in Europe, it should be beyond dispute that if anyone is charged with a criminal offence involving alleged IPR infringement, the trial must meet all the minimum requirements of Article 6 ECHR: presumption of innocence, prompt informing of the charge and the evidence against him, adequate time and facilities for one’s defence, “equality of arms”, etc., etc.
Rather, as noted earlier, our main concern in respect of the criminal enforcement of IPR under ACTA is the compulsory lowering of the criminal threshold for IPR infringements, and widening of the scope of the criminal offences, without any requirement of a de minimis exception. This same concern is also shared by the EU academics quoted earlier and, indeed, by the otherwise uncritical second EP study.
Under the ECHR, States are given wide discretion on the question of what acts to criminalise, or not to criminalise. The few cases dealing with this question focus on claims by applicants that certain matters should have been criminalised, but were not. Thus, in X and Y v. the Netherlands, a man who had had sexual intercourse with a mentally handicapped girl in a care home could not be prosecuted because of a gap in the law (which the Dutch authorities regretted and subsequently plugged). The European Court of Human Rights held that “[e]ffective deterrence is indispensable in this area and it can be achieved only by criminal-law provisions.”60 But in another case, Vo v. France, which concerned the unintentional abortion of an unborn child, the Court felt a criminal prosecution was not necessarily the only option.61 In fact, the then still existing European Commission of Human Rights (which examined cases on admissibility and merits before referring the meritorious ones to the Court) had stressed in X and Y that there was a general trend in Europe away from overreliance on the criminal law towards alternative, non-criminal approaches: the criminal law is ultimo remedium only, and should be reserved for only the most serious of societal transgressions.
For our purpose, we believe the question of excessive application of the criminal law - and with it, of criminal-law-related measures such as inspection and seizures of PCs and laptops and mobile phones on suspicion of a criminal offence - to trivial IPR infringements is best addressed in the context of the substantive articles to which the matter relates, and in particular to freedom of expression, freedom from arbitrary arrest and detention, and the right to property and respect for one’s home and communications. Using the criminal law to deal with a trivial IPR infringement is like using a hammer to crack a nut: in Convention terms, it will be disproportionate.
This would apply, e.g., if police powers were to be used to demand, in a street encounter, access to a person’s “smart phone” on suspicion that it may hold some unlicensed copy of a song, or access to a person’s home and PC or to his or her communications (including traffic) data, where there is no reasonable evidence of serious, large-scale for-profit infringement, or the arrest of a person if such trivial offences were to be found to have occurred. This is in line with the European Data Protection Superviser’s view that information that might reveal possible IPR infringements should initially only be used to verify the scale of the possible infringement, and should not be used for further, more intrusive action, unless it became clear that the infringement was “clearly” “major” (para. 45).
In other words disproportionate criminal-law actions over trivial IPR infringements will violate the right to freedom to obtain and disseminate information, the right to freedom from unreasonable search and arrest, the right to inviolability of the home, and the right to the peaceful enjoyment of one’s possessions.
In our opinion, ACTA, by not including a de minimis exception to its compulsory and draconian enforcement regime, fails to ensure these European human rights standards are adequately protected in the context of IPR enforcement.
Civil-legal enforcement of IPR under ACTA
(including injunctions, provisional measures, and the awarding of damages)
The civil law is traditionally seen as the most appropriate means to enforce IPR. ACTA therefore unsurprisingly includes civil-legal remedies, including the awarding of damages. ACTA also includes some special remedies that are still, as such, part of the normal civil-legal arsenal available to right holders, such as injunctions and provisional measures. We see no problem with the applicability of the civil law, or the availability of damages or of such special remedies, in the context of IPR enforcement per se.
However, once again, ACTA bends the normal rules, by unreasonably stretching some rules, by making the special the norm, and by failing to provide for safeguards. Thus, as the EU academics noted, ACTA places excessive reliance on injunctions, far beyond what IPRE for instances envisages. Most disturbing, it envisages the imposition of far-reaching “provisional measures”, such as seizures of devices, in proceedings inaudita altera parta, i.e., without the affected party being even heard.
Of course, the normal rules of civil procedure in Europe and elsewhere provide for injunctions, and for provisional measures, even in such inaudita proceedings. But the normal rules stress the exceptionality of such matters, and especially the high exceptionality of proceedings in which the affected party is not heard. This is because such proceedings run fundamentally counter to one of the core requirements for a fair trial, developed by the European Court of Human Rights (and equally strongly upheld by the European Court of Justice): the principle of “equality of arms”. This means that in civil (and criminal) proceedings a defendant may not be placed at a “substantial disadvantage” vis-à-vis his counter-party. Not even being aware of a law suit, or of a request for measures that will seriously impinge on the defendant’s rights (including his property rights), and therefore being denied even the chance to argue his case, is about as “unequal” as a process can be. It must therefore, in terms of the ECHR and CFR, be allowed only in the most exceptional circumstances, when adherence to the normal, fundamental principle of audita altera partem would fatally undermine the very purpose of the action. Even then, there must be strong counter-balancing safeguards to ensure that the affected person (defendant) can quickly and fully have his “equality of arms” restored.
All “civilised” legal systems that provide for such extraordinary special processes also provide for such special counter-balancing safeguards. In the EU, it might perhaps be assumed that States will indeed only ever allow for the use of the extraordinary measures envisaged in ACTA (and especially for inaudita proceedings in IPR cases) in circumstances where this is exceptionally clearly warranted; and that they will surround those measures, also in IPR cases, with the kinds of counter-balancing safeguards they also provide for such special measures in other civil cases.
ACTA does not require this. This has two potentially pernicious effects. First, it might suggest to European States that the extraordinary measures should be seen as less extraordinary - perhaps even normal - when it comes to IPR enforcement; and that there is less need for counter-balancing safeguards. Secondly, it appears to signal to other countries that perhaps are less sensitive to defendants’ rights that a defendant-unfriendly approach is acceptable in IPR matters.
In terms of the ECHR, the first would amount to a clear violation of the Convention. And any complicity by the EU in the undermining of that principle in third countries would violate the principle in the Treaty that the EU will encourage respect for human rights in such other countries.
In our opinion, without clear provisions stressing that injunctions should be the exception, and inaudita proceedings the high exception, and that for both, there must be strong counter-balancing safeguards to preserve the “equality of arms” in IPR enforcement proceedings, ACTA is incompatible with the “fair trial” guarantees in the ECHR and the CFR.
Similar considerations apply in respect of the mandatory awarding of disproportionate damages for IPR infringements against users to right holders. The EU academics show beyond doubt that ACTA in this respect too departs significantly from accepted assessments. Of course, money taken from defendants, and handed to right holders constitutes an interference with the formers’ property rights - indeed, a deprivation of their property. If in this ACTA fails to strike a “fair balance” then, as we have already noted, that will ipso facto amount to a violation of the defendants’ property rights.
Under the ECHR, the assessment of the level of damages in civil proceedings is very largely left to the States: the European Court of Human Rights will only very marginally assess the compatibility of such an assessment with the Convention.
However, if the rules underpinning that assessment are manifestly skewed against one party, this changes: in such a case, the Court would find a violation of the right to property.
In our opinion, here too ACTA is deficient: without express clarification to the effect that damages awarded to right holders must be a reasonable reflection of actual loss, equitably assessed by a court (rather than an exaggerated assessment based on an unchallengeable but rigged formula), the Agreement violates both the right to property and the right to a fair (civil) trial of the defendants.
“Privatisation” of IPR law under ACTA
Finally, we must briefly return to the possibility of the ACTA rules being applied first and foremost by private parties, in processes largely outside of the formal legal system.
We are referring here to “cooperative efforts” between right holders and other private parties, in particular ISPs, under which the latter take action against alleged IPR infringers, at the behest of the right holders. As we have seen, ACTA expressly encourages this, in Article 27(3):
Each Party shall endeavour to promote cooperative efforts within the business community to effectively address trademark and copyright or related rights infringement while preserving legitimate competition and, consistent with that Party’s law, preserving fundamental principles such as freedom of expression, fair process, and privacy.
We have already seen that this broad umbrella could cover the supposedly abandoned “three-strikes” rule, perhaps under the guise of a contractual stipulation. It could also take the form of ISPs agreeing to block websites identified by right holders as permitting IPR infringements.
There are two problems with this. Users would find it very difficult to avoid the imposition of the kinds of contract clauses just mentioned, which would take the form of “take-it-or-leave-it” standard Terms and Conditions. Secondly, if users wished to challenge the latter types of restrictions (website blocking), they would be forced to take out expensive, lengthy and risky civil proceedings.
In our view, both situations would pose serious threats to the right to seek, receive and impart information and ideas across borders. The restrictions might not be imposed by “public authorities” as primarily envisaged by Article 10 ECHR, but if they became widespread, States would have a “positive duty” under the Convention to act against them if they significantly impeded this freedom.
One way to do that would be to hold the contractual stipulations to be invalid, in terms of contract law (i.e., because they are against public policy), or under consumer law, or indeed under data protection law. In relation to the idea of contractual stipulations allowing ISP monitoring of user accounts, the EDPS wrote in his opinion that he has:
serious doubts as to whether individuals asked to consent to the monitoring of their Internet activities will have the opportunity to make a genuine choice — especially because the alternative will be having no Internet access, thus potentially jeopardising many other areas of their life. (para. 55)
Such “consent”, he made clear, would therefore be invalid under the data protection directives.
Website blocking by ISPs at the request of right holders would raise even more serious problems. ISPs are not the appropriate bodies to judge whether a particular site (or group of collaborators on a site, such as LABtoLAB) violates IP rights. As the EDPS noted in his opinion, this requires delicate judgments on “whether the material is indeed copyright protected, which rights have been infringed, if the use can be considered as a case of fair use, the applicable law, the damages, etc.” Secondly, ISPs are commercial bodies: their primary aim is to make profit, and avoid risk. If in doubt, or when threatened with costly legal action, they will not necessarily make a stand for the free flow of information. Third, individuals affected by such action would be in a most disadvantageous position, in that they would have to bring legal proceedings against the ISPs, which would not be decided on the basis of human rights “fair balance” tests, but on the basis of civil law, which sets quite different standards.
These problems were discussed by the UN Special Rapporteur on Freedom of Expression in his most recent Annual Report:62
[I]ntermediaries, as private entities, are not best placed to make the determination of whether a particular content is illegal, which requires careful balancing of competing interests and consideration of defences. ...
[Rather,] censorship measures should never be delegated to a private entity; no one should be held liable for content on the Internet of which they are not the author; and take-down should take place in principle only on the basis of court orders, after due process.
To avoid infringing the right to freedom of expression and the right to privacy of Internet users, the Special Rapporteur recommends intermediaries to: only implement restrictions to these rights after judicial intervention; be transparent to the user involved about measures taken, and where applicable to the wider public; provide, if possible, forewarning to users before the implementation of restrictive measures; and minimize the impact of restrictions strictly to the content involved. Finally, there must be effective remedies for affected users, including the possibility of appeal through the procedures provided by the intermediary and by a competent judicial authority.
(Somewhat shortened quotes from paras. 42, 43 and 47)
European and international human rights law has not yet developed appropriate ways to fully address these issues, which are typically associated with freedom of expression in a globalised, digital environment that is controlled more by private entities than by States.63 However, if anything this underlines the need for the EU (also in its external and multilateral arrangements) to develop the effective application of human rights standards in this context. ACTA, we fear, does precisely the opposite.
Rather than contributing to the upholding of freedom of expression and due process rights by the dominant, private-sector players on the Internet, ACTA erodes the development of the Rule of Law in that realm. It encourages the regulation of human rights-sensitive matters by private entities, outside the formal frameworks, and without ensuring compliance with “off-line” human rights standards.
This “privatisation” of the IPR regime therefore, in effect, deprives individuals from their right to have crucial issues of Internet freedom properly adjudicated in proceedings that meet all the requirements of Article 6 ECHR/Article 47 CFR.
- o – O – o -
SUMMARY & CONCLUSIONS
ACTA was negotiated in unwarranted secrecy, without adequate input from civil society or parliamentarians, but in close cooperation with major IP right holders. Not surprisingly, this resulted in a text that gives disproportionate protection to big business; fails to level the playing field between developed and developing nations in international trade relations; hampers innovation (especially by SMEs); fails to promote grassroots culture; and could impede the dissemination of knowledge for people across the world (and access to health care and generic medicines).
Human rights were effective ignored, apart from the inclusion in the Agreement of vague and ineffective “without prejudice” clauses that fail to redress the balance, and are little more than fig-leaves. The inclusion of a detailed provision on the need to respect human rights in the protection of IPR, on the lines of the “138 Amendment” to Directive 2002/21/EC, was rejected as “not needed”.
This was wrong. Our analysis shows that ACTA, as currently drafted, seriously threatens fundamental rights in the EU and in other countries, at various levels. Specifically:
THE RIGHT TO FREEDOM OF EXPRESSION AND INFORMATION:
- Re Application of ACTA to trivial or small-scale, not-for-profit technical infringements of IP rights, and to the dissemination of IP-protected information without the agreement of the right holder where this is justified on higher public interest grounds:
- Article 23 ACTA requires State parties to lower the criminal threshold for IPR infringements, and to widen the scope of the criminal offences, without a de minimis exception;
- Without such an exception and/or similar exceptions on the lines of the U.S. “fair use” and “fair comment” rules, IPR enforcement will disproportionately restrict the freedom to seek, receive and impart information and ideas;
- Since a de minimis exception can be seen as a limitation on procedural matters rather than on the substance of IP rights, this is not remedied by the fact that ACTA allows States to retain substantive exceptions to IP law;
- In our opinion, an explicit de minimis rule and an explicit public interest defence are the minimum that are required to bring Article 23 in accordance with the European Convention on Human Rights (ECHR) and the EU Charter of Fundamental Rights (CFR).
- Re Application of ACTA to evasion of Digital Rights Management systems:
- ACTA too easily assumes that right holders’ rights always trump user rights, that right holders can impose whatever kinds of DRM restrictions they like, and that these are always lawful in terms of contract- and consumer law, no matter how draconian.
- In our opinion, in specific contexts, this will not be right, and this approach therefore unduly and disproportionally restricts access to information, or the free dissemination of information, in violation of Article 10 ECHR and Article 11 CFR.
- Re “Three strikes” and extended ISP liability:
- the revised, final text of Article 27.1 – 3. ACTA no longer requires States to adopt the kind of draconian measures - excessive ISP liability, “three strike” rules, etc. - that were clearly originally in the minds of the drafters, and that the European Data Protection Superviser (EDPS) has shown to be clearly incompatible with European human rights and data protection law;
- However, it still suffers from some of the same defects as the “criminal enforcement” provision mentioned above. Article 27 is still excessively vague; it encourages non-EU States to adopt such human rights-unfriendly measures in support of mainly U.S. and EU corporations, who could not rely on such measures in their own regions; and it could still be misread or misconstrued by EU States to adopt such measures.
- In our opinion, without clear stipulations that require States that sign up to the Agreement not to allow private-sector-imposed “three strike” rules and not to impose excessive ISP liability in respect of IPR infringements, ACTA fails to ensure that it will be applied (by EU and non-EU States) in accordance with European and international human rights standards.
THE RIGHT TO PROTECTION OF PERSONAL DATA:
- Articles 11 and 27(4) allow for the following:
- the surreptitious monitoring of the Internet use of millions of individuals without any concrete suspicion of illegality, and the systematic recording and analyses of information on their Internet use;
- the disclosure of the information gleaned from such surveillance to right holders, even though it may be wildly unreliable as an indicator of illegality, without any real safeguards to ensure that only information is disclosed which seriously suggests widespread infringement by identified individuals;
- on the basis of completely unclear standards (essentially, mere claims by right holders);
- by judicial and “other” authorities, i.e. also by authorities that are neither independent nor impartial in these respects;
- across borders, including from EU Member States with strict data protection laws to non-EU Member States with “inadequate” data protection laws (or no data protection laws at all) ; and
- in proceedings to which the individuals do not have access, and in which they are not heard (inaudita altera parte).
- The above-mentioned suspicionless monitoring and disclosures of unreliable but sensitive personal data are incompatible with European human rights and data protection law, except under very stringent conditions, as outlined in our Opinion with reference to the Opinion of the EDPS, which include:
- limiting such monitoring to “clear” cases of “major IPR infringements”, and even then only subject to a “prior check” by the relevant national data protection authority;
- limiting transborder disclosures to right holders and law enforcement agencies in non-EU countries that ensure “adequate” protection of the received data, but in either case again only subject to such a “prior check”;
- imposing serious checks on the validity of non-EU personal data disclosure orders, and on assurances of limiting the use of the data by the non-EU recipient to the purpose of the disclosure (which is not properly ensured by ACTA, in spite of phrases suggesting this).
- In our opinion, the absence of such stringent conditions in ACTA means that the Agreement in these respects is incompatible with the ECHR, the CFR, and European data protection rules.
FAIR TRIAL/DUE PROCESS ISSUES RELATED TO OTHER FUNDAMENTAL RIGHTS:
- Re Criminal law enforcement of IPR under ACTA:
- In our opinion, ACTA, by not including a de minimis exception to its compulsory and draconian enforcement regime, fails to ensure adequate protection of the right to freedom to obtain and disseminate information, the right to freedom from unreasonable search and arrest, the right to inviolability of the home, and the right to the peaceful enjoyment of one’s possessions, and thus violates those rights.
- Re Civil-law enforcement of IPR under ACTA (including injunctions, provisional measures, and the awarding of damages):
- In our opinion, without clear provisions stressing that injunctions should be the exception, and inaudita proceedings the high exception, and that for both, there must be strong counterbalancing safeguards to preserve the “equality of arms” in IPR enforcement proceedings, ACTA is incompatible with the “fair trial” guarantees in the ECHR and the CFR.
- Re “Privatisation” of IPR law under ACTA
- Rather than contributing to the upholding of freedom of expression and due process rights by the dominant, private-sector players on the Internet, ACTA erodes the development of the Rule of Law in that realm. It encourages the regulation of human rights-sensitive matters by private entities, outside the formal frameworks, and without ensuring compliance with “off-line” human rights standards.
- This “privatisation” of the IPR regime therefore, in effect, deprives individuals from their right to have crucial issues of Internet freedom properly adjudicated in proceedings that meet all the requirements of Article 6 ECHR/Article 47 CFR.
Overall, ACTA tilts the balance of IPR protection manifestly unfairly towards one group of beneficiaries of the right to property, IP right holders, and unfairly against others. It equally disproportionately interferes with a range of other fundamental rights, and provides or allows for the determination of such rights in procedures that fail to allow for the taking into account of the different, competing interests, but rather, stack all the weight at one end.
This makes the entire Agreement, in our opinion, incompatible with fundamental European human rights instruments and standards.
- o – O – o -
Douwe Korff & Ian Brown
8 October 2011
- Final text of the Anti-Counterfeiting Trade Agreement (ACTA)
- LABtoLAB Expression of Concern regarding the ACTA-Agreement
- Opinion of European Academics on Anti-Counterfeiting Trade Agreement
FINAL TEXT OF THE ANTI-COUNTERFEITING TRADE AGREEMENT (ACTA)
The Parties to this Agreement,
Noting that effective enforcement of intellectual property rights is critical to sustaining economic growth across all industries and globally;
Noting further that the proliferation of counterfeit and pirated goods, as well as of services that distribute infringing material, undermines legitimate trade and sustainable development of the world economy, causes significant financial losses for right holders and for legitimate businesses, and, in some cases, provides a source of revenue for organized crime and otherwise poses risks to the public;
Desiring to combat such proliferation through enhanced international cooperation and more effective international enforcement;
Intending to provide effective and appropriate means, complementing the TRIPS Agreement, for the enforcement of intellectual property rights, taking into account differences in their respective legal systems and practices;
Desiring to ensure that measures and procedures to enforce intellectual property rights do not themselves become barriers to legitimate trade;
Desiring to address the problem of infringement of intellectual property rights, including infringement taking place in the digital environment, in particular with respect to copyright or related rights, in a manner that balances the rights and interests of the relevant right holders, service providers, and users;
Desiring to promote cooperation between service providers and right holders to address relevant infringements in the digital environment;
Desiring that this Agreement operates in a manner mutually supportive of international enforcement work and cooperation conducted within relevant international organizations;
Recognizing the principles set forth in the Doha Declaration on the TRIPS Agreement and Public Health, adopted on 14 November 2001, at the Fourth WTO Ministerial Conference;
Hereby agree as follows:
INITIAL PROVISIONS AND GENERAL DEFINITIONS
INITIAL PROVISIONS AND GENERAL DEFINITIONS
Section 1: Initial Provisions
ARTICLE 1: RELATION TO OTHER AGREEMENTS
Nothing in this Agreement shall derogate from any obligation of a Party with respect to any other Party under existing agreements, including the TRIPS Agreement.
ARTICLE 2: NATURE AND SCOPE OF OBLIGATIONS
1. Each Party shall give effect to the provisions of this Agreement. A Party may implement in its law more extensive enforcement of intellectual property rights than is required by this Agreement, provided that such enforcement does not contravene the provisions of this Agreement. Each Party shall be free to determine the appropriate method of implementing the provisions of this Agreement within its own legal system and practice.
2. Nothing in this Agreement creates any obligation with respect to the distribution of resources as between enforcement of intellectual property rights and enforcement of law in general.
3. The objectives and principles set forth in Part I of the TRIPS Agreement, in particular in Articles 7 and 8, shall apply, mutatis mutandis, to this Agreement.
ARTICLE 3: RELATION TO STANDARDS CONCERNING THE AVAILABILITY AND SCOPE OF INTELLECTUAL PROPERTY RIGHTS
1. This Agreement shall be without prejudice to provisions in a Party’s law governing the availability, acquisition, scope, and maintenance of intellectual property rights.
2. This Agreement does not create any obligation on a Party to apply measures where a right in intellectual property is not protected under its laws and regulations.
ARTICLE 4: PRIVACY AND DISCLOSURE OF INFORMATION
1. Nothing in this Agreement shall require a Party to disclose:
1. Nothing in this Agreement shall require a Party to disclose:
(a) information, the disclosure of which would be contrary to its law, including laws protecting privacy rights, or international agreements to which it is party;
(b) confidential information, the disclosure of which would impede law enforcement or otherwise be contrary to the public interest; or
(c) confidential information, the disclosure of which would prejudice the legitimate commercial interests of particular enterprises, public or private.
2. When a Party provides written information pursuant to the provisions of this Agreement, the Party receiving the information shall, subject to its law and practice, refrain from disclosing or using the information for a purpose other than that for which the information was provided, except with the prior consent of the Party providing the information.
Section 2: General Definitions
ARTICLE 5: GENERAL DEFINITIONS
For the purposes of this Agreement, unless otherwise specified:
(a) ACTA means the Anti-Counterfeiting Trade Agreement;
(b) Committee means the ACTA Committee established under Chapter V (Institutional Arrangements);
(c) competent authorities includes the appropriate judicial, administrative, or law enforcement authorities under a Party’s law;
(d) counterfeit trademark goods means any goods, including packaging, bearing without authorization a trademark which is identical to the trademark validly registered in respect of such goods, or which cannot be distinguished in its essential aspects from such a trademark, and which thereby infringes the rights of the owner of the trademark in question under the law of the country in which the procedures set forth in Chapter II (Legal Framework for Enforcement of Intellectual Property Rights) are invoked;
(e) country is to be understood to have the same meaning as that set forth in the Explanatory Notes to the WTO Agreement;
(f) customs transit means the customs procedure under which goods are transported under customs control from one customs office to another;
(g) days means calendar days;
(h) intellectual property refers to all categories of intellectual property that are the subject of Sections 1 through 7 of Part II of the TRIPS Agreement;
(i) in-transit goods means goods under customs transit or transhipment;
(j) person means a natural person or a legal person;
(k) pirated copyright goods means any goods which are copies made without the consent of the right holder or person duly authorized by the right holder in the country of production and which are made directly or indirectly from an article where the making of that copy would have constituted an infringement of a copyright or a related right under the law of the country in which the procedures set forth in Chapter II (Legal Framework for Enforcement of Intellectual Property Rights) are invoked;
(l) right holder includes a federation or an association having the legal standing to assert rights in intellectual property;
(m) territory, for the purposes of Section 3 (Border Measures) of Chapter II (Legal Framework for Enforcement of Intellectual Property Rights), means the customs territory and all free zones1 of a Party;
(n) transhipment means the customs procedure under which goods are transferred under customs control from the importing means of transport to the exporting means of transport within the area of one customs office which is the office of both importation and exportation;
(o) TRIPS Agreement means the Agreement on Trade-Related Aspects of Intellectual Property Rights, contained in Annex 1C to the WTO Agreement;
(p) WTO means the World Trade Organization; and
(q) WTO Agreement means the Marrakesh Agreement Establishing the World Trade Organization, done on 15 April 1994.
1 For greater certainty, the Parties acknowledge that free zone means a part of the territory of a Party where any goods introduced are generally regarded, insofar as import duties and taxes are concerned, as being outside the customs territory.
LEGAL FRAMEWORK FOR ENFORCEMENT OF INTELLECTUAL PROPERTY RIGHTS
LEGAL FRAMEWORK FOR ENFORCEMENT OF INTELLECTUAL PROPERTY RIGHTS
Section 1: General Obligations
ARTICLE 6: GENERAL OBLIGATIONS WITH RESPECT TO ENFORCEMENT
1. Each Party shall ensure that enforcement procedures are available under its law so as to permit effective action against any act of infringement of intellectual property rights covered by this Agreement, including expeditious remedies to prevent infringements and remedies which constitute a deterrent to further infringements. These procedures shall be applied in such a manner as to avoid the creation of barriers to legitimate trade and to provide for safeguards against their abuse.
2. Procedures adopted, maintained, or applied to implement the provisions of this Chapter shall be fair and equitable, and shall provide for the rights of all participants subject to such procedures to be appropriately protected. These procedures shall not be unnecessarily complicated or costly, or entail unreasonable time-limits or unwarranted delays.
3. In implementing the provisions of this Chapter, each Party shall take into account the need for proportionality between the seriousness of the infringement, the interests of third parties, and the applicable measures, remedies and penalties.
4. No provision of this Chapter shall be construed to require a Party to make its officials subject to liability for acts undertaken in the performance of their official duties.
Section 2: Civil Enforcement2
2 A Party may exclude patents and protection of undisclosed information from the scope of this Section.
ARTICLE 7: AVAILABILITY OF CIVIL PROCEDURES
1. Each Party shall make available to right holders civil judicial procedures concerning the enforcement of any intellectual property right as specified in this Section.
2. To the extent that any civil remedy can be ordered as a result of administrative procedures on the merits of a case, each Party shall provide that such procedures shall conform to principles equivalent in substance to those set forth in this Section.
ARTICLE 8: INJUNCTIONS
1. Each Party shall provide that, in civil judicial proceedings concerning the enforcement of intellectual property rights, its judicial authorities have the authority to issue an order against a party to desist from an infringement, and inter alia, an order to that party or, where appropriate, to a third party over whom the relevant judicial authority exercises jurisdiction, to prevent goods that involve the infringement of an intellectual property right from entering into the channels of commerce.
2. Notwithstanding the other provisions of this Section, a Party may limit the remedies available against use by governments, or by third parties authorized by a government, without the authorization of the right holder, to the payment of remuneration, provided that the Party complies with the provisions of Part II of the TRIPS Agreement specifically addressing such use. In other cases, the remedies under this Section shall apply or, where these remedies are inconsistent with a Party’s law, declaratory judgments and adequate compensation shall be available.
ARTICLE 9: DAMAGES
1. Each Party shall provide that, in civil judicial proceedings concerning the enforcement of intellectual property rights, its judicial authorities have the authority to order the infringer who, knowingly or with reasonable grounds to know, engaged in infringing activity to pay the right holder damages adequate to compensate for the injury the right holder has suffered as a result of the infringement. In determining the amount of damages for infringement of intellectual property rights, a Party’s judicial authorities shall have the authority to consider, inter alia, any legitimate measure of value the right holder submits, which may include lost profits, the value of the infringed goods or services measured by the market price, or the suggested retail price.
2. At least in cases of copyright or related rights infringement and trademark counterfeiting, each Party shall provide that, in civil judicial proceedings, its judicial authorities have the authority to order the infringer to pay the right holder the infringer’s profits that are attributable to the infringement. A Party may presume those profits to be the amount of damages referred to in paragraph 1.
3. At least with respect to infringement of copyright or related rights protecting works, phonograms, and performances, and in cases of trademark counterfeiting, each Party shall also establish or maintain a system that provides for one or more of the following:
(a) pre-established damages; or
(b) presumptions3 for determining the amount of damages sufficient to compensate the right holder for the harm caused by the infringement; or
(c) at least for copyright, additional damages.
3 The presumptions referred to in subparagraph 3(b) may include a presumption that the amount of damages is: (i) the quantity of the goods infringing the right holder’s intellectual property right in question and actually assigned to third persons, multiplied by the amount of profit per unit of goods which would have been sold by the right holder if there had not been the act of infringement; or (ii) a reasonable royalty; or (iii) a lump sum on the basis of elements such as at least the amount of royalties or fees which would have been due if the infringer had requested authorization to use the intellectual property right in question.
4. Where a Party provides the remedy referred to in subparagraph 3(a) or the presumptions referred to in subparagraph 3(b), it shall ensure that either its judicial authorities or the right holder has the right to choose such a remedy or presumptions as an alternative to the remedies referred to in paragraphs 1 and 2.
5. Each Party shall provide that its judicial authorities, where appropriate, have the authority to order, at the conclusion of civil judicial proceedings concerning infringement of at least copyright or related rights, or trademarks, that the prevailing party be awarded payment by the losing party of court costs or fees and appropriate attorney’s fees, or any other expenses as provided for under that Party’s law.
ARTICLE 10: OTHER REMEDIES
1. At least with respect to pirated copyright goods and counterfeit trademark goods, each Party shall provide that, in civil judicial proceedings, at the right holder’s request, its judicial authorities have the authority to order that such infringing goods be destroyed, except in exceptional circumstances, without compensation of any sort.
2. Each Party shall further provide that its judicial authorities have the authority to order that materials and implements, the predominant use of which has been in the manufacture or creation of such infringing goods, be, without undue delay and without compensation of any sort, destroyed or disposed of outside the channels of commerce in such a manner as to minimize the risks of further infringements.
3. A Party may provide for the remedies described in this Article to be carried out at the infringer’s expense.
ARTICLE 11: INFORMATION RELATED TO INFRINGEMENT
Without prejudice to its law governing privilege, the protection of confidentiality of information sources, or the processing of personal data, each Party shall provide that, in civil judicial proceedings concerning the enforcement of intellectual property rights, its judicial authorities have the authority, upon a justified request of the right holder, to order the infringer or, in the alternative, the alleged infringer, to provide to the right holder or to the judicial authorities, at least for the purpose of collecting evidence, relevant information as provided for in its applicable laws and regulations that the infringer or alleged infringer possesses or controls. Such information may include information regarding any person involved in any aspect of the infringement or alleged infringement and regarding the means of production or the channels of distribution of the infringing or allegedly infringing goods or services, including the identification of third persons alleged to be involved in the production and distribution of such goods or services and of their channels of distribution.
ARTICLE 12: PROVISIONAL MEASURES
1. Each Party shall provide that its judicial authorities have the authority to order prompt and effective provisional measures:
(a) against a party or, where appropriate, a third party over whom the relevant judicial authority exercises jurisdiction, to prevent an infringement of any intellectual property right from occurring, and in particular, to prevent goods that involve the infringement of an intellectual property right from entering into the channels of commerce;
(b) to preserve relevant evidence in regard to the alleged infringement.
2. Each Party shall provide that its judicial authorities have the authority to adopt provisional measures inaudita altera parte where appropriate, in particular where any delay is likely to cause irreparable harm to the right holder, or where there is a demonstrable risk of evidence being destroyed. In proceedings conducted inaudita altera parte, each Party shall provide its judicial authorities with the authority to act expeditiously on requests for provisional measures and to make a decision without undue delay.
3. At least in cases of copyright or related rights infringement and trademark counterfeiting, each Party shall provide that, in civil judicial proceedings, its judicial authorities have the authority to order the seizure or other taking into custody of suspect goods, and of materials and implements relevant to the act of infringement, and, at least for trademark counterfeiting, documentary evidence, either originals or copies thereof, relevant to the infringement.
4. Each Party shall provide that its authorities have the authority to require the applicant, with respect to provisional measures, to provide any reasonably available evidence in order to satisfy themselves with a sufficient degree of certainty that the applicant’s right is being infringed or that such infringement is imminent, and to order the applicant to provide a security or equivalent assurance sufficient to protect the defendant and to prevent abuse. Such security or equivalent assurance shall not unreasonably deter recourse to procedures for such provisional measures.
5. Where the provisional measures are revoked or where they lapse due to any act or omission by the applicant, or where it is subsequently found that there has been no infringement of an intellectual property right, the judicial authorities shall have the authority to order the applicant, upon request of the defendant, to provide the defendant appropriate compensation for any injury caused by these measures.
Section 3: Border Measures4, 5
4 Where a Party has dismantled substantially all controls over movement of goods across its border with another Party with which it forms part of a customs union, it shall not be required to apply the provisions of this Section at that border.
5 It is understood that there shall be no obligation to apply the procedures set forth in this Section to goods put on the market in another country by or with the consent of the right holder.
ARTICLE 13: SCOPE OF THE BORDER MEASURES6
6 The Parties agree that patents and protection of undisclosed information do not fall within the scope of this Section.
In providing, as appropriate, and consistent with its domestic system of intellectual property rights protection and without prejudice to the requirements of the TRIPS Agreement, for effective border enforcement of intellectual property rights, a Party should do so in a manner that does not discriminate unjustifiably between intellectual property rights and that avoids the creation of barriers to legitimate trade.
ARTICLE 14: SMALL CONSIGNMENTS AND PERSONAL LUGGAGE
1. Each Party shall include in the application of this Section goods of a commercial nature sent in small consignments.
2. A Party may exclude from the application of this Section small quantities of goods of a non-commercial nature contained in travellers’ personal luggage.
ARTICLE 15: PROVISION OF INFORMATION FROM THE RIGHT HOLDER
Each Party shall permit its competent authorities to request a right holder to supply relevant information to assist the competent authorities in taking the border measures referred to in this Section. A Party may also allow a right holder to supply relevant information to its competent authorities.
ARTICLE 16: BORDER MEASURES
1. Each Party shall adopt or maintain procedures with respect to import and export shipments under which:
(a) its customs authorities may act upon their own initiative to suspend the release of suspect goods; and
(b) where appropriate, a right holder may request its competent authorities to suspend the release of suspect goods.
2. A Party may adopt or maintain procedures with respect to suspect in-transit goods or in other situations where the goods are under customs control under which:
(a) its customs authorities may act upon their own initiative to suspend the release of, or to detain, suspect goods; and
(b) where appropriate, a right holder may request its competent authorities to suspend the release of, or to detain, suspect goods.
Article 17: APPLICATION BY THE RIGHT HOLDER
1. Each Party shall provide that its competent authorities require a right holder that requests the procedures described in subparagraphs 1(b) and 2(b) of Article 16 (Border Measures) to provide adequate evidence to satisfy the competent authorities that, under the law of the Party providing the procedures, there is prima facie an infringement of the right holder's intellectual property right, and to supply sufficient information that may reasonably be expected to be within the right holder’s knowledge to make the suspect goods reasonably recognizable by the competent authorities. The requirement to provide sufficient information shall not unreasonably deter recourse to the procedures described in subparagraphs 1(b) and 2(b) of Article 16 (Border Measures).
2. Each Party shall provide for applications to suspend the release of, or to detain, any suspect goods7 under customs control in its territory. A Party may provide for such applications to apply to multiple shipments. A Party may provide that, at the request of the right holder, the application to suspend the release of, or to detain, suspect goods may apply to selected points of entry and exit under customs control.
3. Each Party shall ensure that its competent authorities inform the applicant within a reasonable period whether they have accepted the application. Where its competent authorities have accepted the application, they shall also inform the applicant of the period of validity of the application.
4. A Party may provide that, where the applicant has abused the procedures described in subparagraphs 1(b) and 2(b) of Article 16 (Border Measures), or where there is due cause, its competent authorities have the authority to deny, suspend, or void an application.
7 The requirement to provide for such applications is subject to the obligations to provide procedures referred to in subparagraphs 1(b) and 2(b) of Article 16 (Border Measures).
ARTICLE 18: SECURITY OR EQUIVALENT ASSURANCE
Each Party shall provide that its competent authorities have the authority to require a right holder that requests the procedures described in subparagraphs 1(b) and 2(b) of Article 16 (Border Measures) to provide a reasonable security or equivalent assurance sufficient to protect the defendant and the competent authorities and to prevent abuse. Each Party shall provide that such security or equivalent assurance shall not unreasonably deter recourse to these procedures. A Party may provide that such security may be in the form of a bond conditioned to hold the defendant harmless from any loss or damage resulting from any suspension of the release of, or detention of, the goods in the event the competent authorities determine that the goods are not infringing. A Party may, only in exceptional circumstances or pursuant to a judicial order, permit the defendant to obtain possession of suspect goods by posting a bond or other security.
ARTICLE 19: DETERMINATION AS TO INFRINGEMENT
Each Party shall adopt or maintain procedures by which its competent authorities may determine, within a reasonable period after the initiation of the procedures described in Article 16 (Border Measures), whether the suspect goods infringe an intellectual property right.
ARTICLE 20: REMEDIES
1. Each Party shall provide that its competent authorities have the authority to order the destruction of goods following a determination referred to in Article 19 (Determination as to Infringement) that the goods are infringing. In cases where such goods are not destroyed, each Party shall ensure that, except in exceptional circumstances, such goods are disposed of outside the channels of commerce in such a manner as to avoid any harm to the right holder.
2. In regard to counterfeit trademark goods, the simple removal of the trademark unlawfully affixed shall not be sufficient, other than in exceptional cases, to permit release of the goods into the channels of commerce.
3. A Party may provide that its competent authorities have the authority to impose administrative penalties following a determination referred to in Article 19 (Determination as to Infringement) that the goods are infringing.
ARTICLE 21: FEES
Each Party shall provide that any application fee, storage fee, or destruction fee to be assessed by its competent authorities in connection with the procedures described in this Section shall not be used to unreasonably deter recourse to these procedures.
ARTICLE 22: DISCLOSURE OF INFORMATION
Without prejudice to a Party’s laws pertaining to the privacy or confidentiality of information:
(a) a Party may authorize its competent authorities to provide a right holder with information about specific shipments of goods, including the description and quantity of the goods, to assist in the detection of infringing goods;
(b) a Party may authorize its competent authorities to provide a right holder with information about goods, including, but not limited to, the description and quantity of the goods, the name and address of the consignor, importer, exporter, or consignee, and, if known, the country of origin of the goods, and the name and address of the manufacturer of the goods, to assist in the determination referred to in Article 19 (Determination as to Infringement);
(c) unless a Party has provided its competent authorities with the authority described in subparagraph (b), at least in cases of imported goods, where its competent authorities have seized suspect goods or, in the alternative, made a determination referred to in Article 19 (Determination as to Infringement) that the goods are infringing, the Party shall authorize its competent authorities to provide a right holder, within thirty days8 of the seizure or determination, with information about such goods, including, but not limited to, the description and quantity of the goods, the name and address of the consignor, importer, exporter, or consignee, and, if known, the country of origin of the goods, and the name and address of the manufacturer of the goods.
8 For the purposes of this Article, days means business days.
Section 4: Criminal Enforcement
ARTICLE 23: CRIMINAL OFFENCES
1. Each Party shall provide for criminal procedures and penalties to be applied at least in cases of wilful trademark counterfeiting or copyright or related rights piracy on a commercial scale.9 For the purposes of this Section, acts carried out on a commercial scale include at least those carried out as commercial activities for direct or indirect economic or commercial advantage.
2. Each Party shall provide for criminal procedures and penalties to be applied in cases of wilful importation10 and domestic use, in the course of trade and on a commercial scale, of labels or packaging:11
(a) to which a mark has been applied without authorization which is identical to, or cannot be distinguished from, a trademark registered in its territory; and
(b) which are intended to be used in the course of trade on goods or in relation to services which are identical to goods or services for which such trademark is registered.
9 Each Party shall treat wilful importation or exportation of counterfeit trademark goods or pirated copyright goods on a commercial scale as unlawful activities subject to criminal penalties under this Article. A Party may comply with its obligation relating to importation and exportation of counterfeit trademark goods or pirated copyright goods by providing for distribution, sale or offer for sale of such goods on a commercial scale as unlawful activities subject to criminal penalties.
10 A Party may comply with its obligation relating to importation of labels or packaging through its measures concerning distribution.
11 A Party may comply with its obligations under this paragraph by providing for criminal procedures and penalties to be applied to attempts to commit a trademark offence.
3. A Party may provide criminal procedures and penalties in appropriate cases for the unauthorized copying of cinematographic works from a performance in a motion picture exhibition facility generally open to the public.
4. With respect to the offences specified in this Article for which a Party provides criminal procedures and penalties, that Party shall ensure that criminal liability for aiding and abetting is available under its law.
5. Each Party shall adopt such measures as may be necessary, consistent with its legal principles, to establish the liability, which may be criminal, of legal persons for the offences specified in this Article for which the Party provides criminal procedures and penalties. Such liability shall be without prejudice to the criminal liability of the natural persons who have committed the criminal offences.
ARTICLE 24: PENALTIES
For offences specified in paragraphs 1, 2, and 4 of Article 23 (Criminal Offences), each Party shall provide penalties that include imprisonment as well as monetary fines12 sufficiently high to provide a deterrent to future acts of infringement, consistently with the level of penalties applied for crimes of a corresponding gravity.
12 It is understood that there is no obligation for a Party to provide for the possibility of imprisonment and monetary fines to be imposed in parallel.
ARTICLE 25: SEIZURE, FORFEITURE, AND DESTRUCTION
1. With respect to the offences specified in paragraphs 1, 2, 3, and 4 of Article 23 (Criminal Offences) for which a Party provides criminal procedures and penalties, that Party shall provide that its competent authorities have the authority to order the seizure of suspected counterfeit trademark goods or pirated copyright goods, any related materials and implements used in the commission of the alleged offence, documentary evidence relevant to the alleged offence, and the assets derived from, or obtained directly or indirectly through, the alleged infringing activity.
2. Where a Party requires the identification of items subject to seizure as a prerequisite for issuing an order referred to in paragraph 1, that Party shall not require the items to be described in greater detail than necessary to identify them for the purpose of seizure.
3. With respect to the offences specified in paragraphs 1, 2, 3, and 4 of Article 23 (Criminal Offences) for which a Party provides criminal procedures and penalties, that Party shall provide that its competent authorities have the authority to order the forfeiture or destruction of all counterfeit trademark goods or pirated copyright goods. In cases where counterfeit trademark goods and pirated copyright goods are not destroyed, the competent authorities shall ensure that, except in exceptional circumstances, such goods shall be disposed of outside the channels of commerce in such a manner as to avoid causing any harm to the right holder. Each Party shall ensure that the forfeiture or destruction of such goods shall occur without compensation of any sort to the infringer.
4. With respect to the offences specified in paragraphs 1, 2, 3, and 4 of Article 23 (Criminal Offences) for which a Party provides criminal procedures and penalties, that Party shall provide that its competent authorities have the authority to order the forfeiture or destruction of materials and implements predominantly used in the creation of counterfeit trademark goods or pirated copyright goods and, at least for serious offences, of the assets derived from, or obtained directly or indirectly through, the infringing activity. Each Party shall ensure that the forfeiture or destruction of such materials, implements, or assets shall occur without compensation of any sort to the infringer.
5. With respect to the offences specified in paragraphs 1, 2, 3, and 4 of Article 23 (Criminal Offences) for which a Party provides criminal procedures and penalties, that Party may provide that its judicial authorities have the authority to order:
(a) the seizure of assets the value of which corresponds to that of the assets derived from, or obtained directly or indirectly through, the allegedly infringing activity; and
(b) the forfeiture of assets the value of which corresponds to that of the assets derived from, or obtained directly or indirectly through, the infringing activity.
ARTICLE 26: EX OFFICIO CRIMINAL ENFORCEMENT
Each Party shall provide that, in appropriate cases, its competent authorities may act upon their own initiative to initiate investigation or legal action with respect to the criminal offences specified in paragraphs 1, 2, 3, and 4 of Article 23 (Criminal Offences) for which that Party provides criminal procedures and penalties.
Section 5: Enforcement of Intellectual Property Rights in the Digital Environment
ARTICLE 27: ENFORCEMENT IN THE DIGITAL ENVIRONMENT
1. Each Party shall ensure that enforcement procedures, to the extent set forth in Sections 2 (Civil Enforcement) and 4 (Criminal Enforcement), are available under its law so as to permit effective action against an act of infringement of intellectual property rights which takes place in the digital environment, including expeditious remedies to prevent infringement and remedies which constitute a deterrent to further infringements.
2. Further to paragraph 1, each Party’s enforcement procedures shall apply to infringement of copyright or related rights over digital networks, which may include the unlawful use of means of widespread distribution for infringing purposes. These procedures shall be implemented in a manner that avoids the creation of barriers to legitimate activity, including electronic commerce, and, consistent with that Party’s law, preserves fundamental principles such as freedom of expression, fair process, and privacy.13
3. Each Party shall endeavour to promote cooperative efforts within the business community to effectively address trademark and copyright or related rights infringement while preserving legitimate competition and, consistent with that Party’s law, preserving fundamental principles such as freedom of expression, fair process, and privacy.
4. A Party may provide, in accordance with its laws and regulations, its competent authorities with the authority to order an online service provider to disclose expeditiously to a right holder information sufficient to identify a subscriber whose account was allegedly used for infringement, where that right holder has filed a legally sufficient claim of trademark or copyright or related rights infringement, and where such information is being sought for the purpose of protecting or enforcing those rights. These procedures shall be implemented in a manner that avoids the creation of barriers to legitimate activity, including electronic commerce, and, consistent with that Party’s law, preserves fundamental principles such as freedom of expression, fair process, and privacy.
5. Each Party shall provide adequate legal protection and effective legal remedies against the circumvention of effective technological measures14 that are used by authors, performers or producers of phonograms in connection with the exercise of their rights in, and that restrict acts in respect of, their works, performances, and phonograms, which are not authorized by the authors, the performers or the producers of phonograms concerned or permitted by law.
13 For instance, without prejudice to a Party’s law, adopting or maintaining a regime providing for limitations on the liability of, or on the remedies available against, online service providers while preserving the legitimate interests of right holder.
14 For the purposes of this Article, technological measures means any technology, device, or component that, in the normal course of its operation, is designed to prevent or restrict acts, in respect of works, performances, or phonograms, which are not authorized by authors, performers or producers of phonograms, as provided for by a Party’s law. Without prejudice to the scope of copyright or related rights contained in a Party’s law, technological measures shall be deemed effective where the use of protected works, performances, or phonograms is controlled by authors, performers or producers of phonograms through the application of a relevant access control or protection process, such as encryption or scrambling, or a copy control mechanism, which achieves the objective of protection.
6. In order to provide the adequate legal protection and effective legal remedies referred to in paragraph 5, each Party shall provide protection at least against:
(a) to the extent provided by its law:
(i) the unauthorized circumvention of an effective technological measure carried out knowingly or with reasonable grounds to know; and
(ii) the offering to the public by marketing of a device or product, including computer programs, or a service, as a means of circumventing an effective technological measure; and
(b) the manufacture, importation, or distribution of a device or product, including computer programs, or provision of a service that:
(i) is primarily designed or produced for the purpose of circumventing an effective technological measure; or
(ii) has only a limited commercially significant purpose other than circumventing an effective technological measure. 15
7. To protect electronic rights management information,16 each Party shall provide adequate legal protection and effective legal remedies against any person knowingly performing without authority any of the following acts knowing, or with respect to civil remedies, having reasonable grounds to know, that it will induce, enable, facilitate, or conceal an infringement of any copyright or related rights:
(a) to remove or alter any electronic rights management information;
(b) to distribute, import for distribution, broadcast, communicate, or make available to the public copies of works, performances, or phonograms, knowing that electronic rights management information has been removed or altered without authority.
8. In providing adequate legal protection and effective legal remedies pursuant to the provisions of paragraphs 5 and 7, a Party may adopt or maintain appropriate limitations or exceptions to measures implementing the provisions of paragraphs 5, 6, and 7. The obligations set forth in paragraphs 5, 6, and 7 are without prejudice to the rights, limitations, exceptions, or defences to copyright or related rights infringement under a Party’s law.
15 In implementing paragraphs 5 and 6, no Party shall be obligated to require that the design of, or the design and selection of parts and components for, a consumer electronics, telecommunications, or computing product provide for a response to any particular technological measure, so long as the product does not otherwise contravene its measures implementing these paragraphs.
16 For the purposes of this Article, rights management information means:
(a) information that identifies the work, the performance, or the phonogram; the author of the work, the performer of the performance, or the producer of the phonogram; or the owner of any right in the work, performance, or phonogram;
(b) information about the terms and conditions of use of the work, performance, or phonogram; or
(c) any numbers or codes that represent the information described in (a) and (b) above;
when any of these items of information is attached to a copy of a work, performance, or phonogram, or appears in connection with the communication or making available of a work, performance, or phonogram to the public.
ARTICLE 28: ENFORCEMENT EXPERTISE, INFORMATION, AND DOMESTIC COORDINATION
1. Each Party shall encourage the development of specialized expertise within its competent authorities responsible for the enforcement of intellectual property rights.
2. Each Party shall promote the collection and analysis of statistical data and other relevant information concerning intellectual property rights infringements as well as the collection of information on best practices to prevent and combat infringements.
3. Each Party shall, as appropriate, promote internal coordination among, and facilitate joint actions by, its competent authorities responsible for the enforcement of intellectual property rights.
4. Each Party shall endeavour to promote, where appropriate, the establishment and maintenance of formal or informal mechanisms, such as advisory groups, whereby its competent authorities may receive the views of right holders and other relevant stakeholders.
ARTICLE 29: MANAGEMENT OF RISK AT BORDER
1. In order to enhance the effectiveness of border enforcement of intellectual property rights, the competent authorities of a Party may:
(a) consult with the relevant stakeholders, and the competent authorities of other Parties responsible for the enforcement of intellectual property rights to identify and address significant risks, and promote actions to mitigate those risks; and
(b) share information with the competent authorities of other Parties on border enforcement of intellectual property rights, including relevant information to better identify and target for inspection shipments suspected of containing infringing goods.
2. Where a Party seizes imported goods infringing an intellectual property right, its competent authorities may provide the Party of export with information necessary for identification of the parties and goods involved in the exportation of the seized goods. The competent authorities of the Party of export may take action against those parties and future shipments in accordance with that Party’s law.
ARTICLE 30: TRANSPARENCY
To promote transparency in the administration of its intellectual property rights enforcement system, each Party shall take appropriate measures, pursuant to its law and policies, to publish or otherwise make available to the public information on:
(a) procedures available under its law for enforcing intellectual property rights, its competent authorities responsible for such enforcement, and contact points available for assistance;
(b) relevant laws, regulations, final judicial decisions, and administrative rulings of general application pertaining to the enforcement of intellectual property rights; and
(c) its efforts to ensure an effective system of enforcement and protection of intellectual property rights.
ARTICLE 31: PUBLIC AWARENESS
Each Party shall, as appropriate, promote the adoption of measures to enhance public awareness of the importance of respecting intellectual property rights and the detrimental effects of intellectual property rights infringement.
ARTICLE 32: ENVIRONMENTAL CONSIDERATIONS IN DESTRUCTION OF INFRINGING GOODS
The destruction of goods infringing intellectual property rights shall be done consistently with the laws and regulations on environmental matters of the Party in which the destruction takes place.
ARTICLE 33: INTERNATIONAL COOPERATION
1. Each Party recognizes that international cooperation is vital to realizing effective protection of intellectual property rights and that it should be encouraged regardless of the origin of the goods infringing intellectual property rights, or the location or nationality of the right holder.
2. In order to combat intellectual property rights infringement, in particular trademark counterfeiting and copyright or related rights piracy, the Parties shall promote cooperation, where appropriate, among their competent authorities responsible for the enforcement of intellectual property rights. Such cooperation may include law enforcement cooperation with respect to criminal enforcement and border measures covered by this Agreement.
3. Cooperation under this Chapter shall be conducted consistent with relevant international agreements, and subject to the laws, policies, resource allocation, and law enforcement priorities of each Party.
ARTICLE 34: INFORMATION SHARING
Without prejudice to the provisions of Article 29 (Management of Risk at Border), each Party shall endeavour to exchange with other Parties:
(a) information the Party collects under the provisions of Chapter III (Enforcement Practices), including statistical data and information on best practices;
(b) information on its legislative and regulatory measures related to the protection and enforcement of intellectual property rights; and
(c) other information as appropriate and mutually agreed.
ARTICLE 35: CAPACITY BUILDING AND TECHNICAL ASSISTANCE
1. Each Party shall endeavour to provide, upon request and on mutually agreed terms and conditions, assistance in capacity building and technical assistance in improving the enforcement of intellectual property rights to other Parties to this Agreement and, where appropriate, to prospective Parties. The capacity building and technical assistance may cover such areas as:
(a) enhancement of public awareness on intellectual property rights;
(b) development and implementation of national legislation related to the enforcement of intellectual property rights;
(c) training of officials on the enforcement of intellectual property rights; and
(d) coordinated operations conducted at the regional and multilateral levels.
2. Each Party shall endeavour to work closely with other Parties and, where appropriate, non-Parties to this Agreement for the purpose of implementing the provisions of paragraph 1.
3. A Party may undertake the activities described in this Article in conjunction with relevant private sector or international organizations. Each Party shall strive to avoid unnecessary duplication between the activities described in this Article and other international cooperation activities.
ARTICLE 36: THE ACTA COMMITTEE
1. The Parties hereby establish the ACTA Committee. Each Party shall be represented on the Committee.
- The Committee shall:
(a) review the implementation and operation of this Agreement;
(b) consider matters concerning the development of this Agreement;
(c) consider any proposed amendments to this Agreement in accordance with Article 42 (Amendments);
(d) decide, in accordance with paragraph 2 of Article 43 (Accession), upon the terms of accession to this Agreement of any Member of the WTO; and
(e) consider any other matter that may affect the implementation and operation of this Agreement.
- The Committee may decide to:
(a) establish ad hoc committees or working groups to assist the Committee in carrying out its responsibilities under paragraph 2, or to assist a prospective Party upon its request in acceding to this Agreement in accordance with Article 43 (Accession);
(b) seek the advice of non-governmental persons or groups;
(c) make recommendations regarding the implementation and operation of this Agreement, including by endorsing best practice guidelines related thereto;
(d) share information and best practices with third parties on reducing intellectual property rights infringements, including techniques for identifying and monitoring piracy and counterfeiting; and
(e) take other actions in the exercise of its functions.
4. All decisions of the Committee shall be taken by consensus, except as the Committee may otherwise decide by consensus. The Committee shall be deemed to have acted by consensus on a matter submitted for its consideration, if no Party present at the meeting when the decision is taken formally objects to the proposed decision. English shall be the working language of the Committee and the documents supporting its work shall be in the English language.
5. The Committee shall adopt its rules and procedures within a reasonable period after the entry into force of this Agreement, and shall invite those Signatories not Parties to this Agreement to participate in the Committee’s deliberations on those rules and procedures. The rules and procedures:
(a) shall address such matters as chairing and hosting meetings, and the performance of organizational duties relevant to this Agreement and its operation; and
(b) may also address such matters as granting observer status, and any other matter the Committee decides necessary for its proper operation.
6. The Committee may amend the rules and procedures.
7. Notwithstanding the provisions of paragraph 4, during the first five years following the entry into force of this Agreement, the Committee’s decisions to adopt or amend the rules and procedures shall be taken by consensus of the Parties and those Signatories not Parties to this Agreement.
8. After the period specified in paragraph 7, the Committee may adopt or amend the rules and procedures upon the consensus of the Parties to this Agreement.
9. Notwithstanding the provisions of paragraph 8, the Committee may decide that the adoption or amendment of a particular rule or procedure requires the consensus of the Parties and those Signatories not Parties to this Agreement.
10. The Committee shall convene at least once every year unless the Committee decides otherwise. The first meeting of the Committee shall be held within a reasonable period after the entry into force of this Agreement.
11. For greater certainty, the Committee shall not oversee or supervise domestic or international enforcement or criminal investigations of specific intellectual property cases.
12. The Committee shall strive to avoid unnecessary duplication between its activities and other international efforts regarding the enforcement of intellectual property rights.
ARTICLE 37: CONTACT POINTS
1. Each Party shall designate a contact point to facilitate communications between the Parties on any matter covered by this Agreement.
2. On the request of another Party, a Party’s contact point shall identify an appropriate office or official to whom the requesting Party’s inquiry may be addressed, and assist, as necessary, in facilitating communications between the office or official concerned and the requesting Party.
ARTICLE 38: CONSULTATIONS
1. A Party may request in writing consultations with another Party with respect to any matter affecting the implementation of this Agreement. The requested Party shall accord sympathetic consideration to such a request, provide a response, and afford adequate opportunity to consult.
2. The consultations, including particular positions taken by consulting Parties, shall be kept confidential and be without prejudice to the rights or positions of either Party in any other proceeding, including a proceeding under the auspices of the Understanding on Rules and Procedures Governing the Settlement of Disputes contained in Annex 2 to the WTO Agreement.
3. The consulting Parties may, by mutual consent, notify the Committee of the result of their consultations under this Article.
ARTICLE 39: SIGNATURE
This Agreement shall remain open for signature by participants in its negotiation,17 and by any other WTO Members the participants may agree to by consensus, from 1 May 2011 until 1 May 2013.
This Agreement shall remain open for signature by participants in its negotiation,17 and by any other WTO Members the participants may agree to by consensus, from 1 May 2011 until 1 May 2013.
17 Australia, the Republic of Austria, the Kingdom of Belgium, the Republic of Bulgaria, Canada, the Republic of Cyprus, the Czech Republic, the Kingdom of Denmark, the Republic of Estonia, the European Union, the Republic of Finland, the French Republic, the Federal Republic of Germany, the Hellenic Republic, the Republic of Hungary, Ireland, the Italian Republic, Japan, the Republic of Korea, the Republic of Latvia, the Republic of Lithuania, the Grand Duchy of Luxembourg, the Republic of Malta, the United Mexican States, the Kingdom of Morocco, the Kingdom of the Netherlands, New Zealand, the Republic of Poland, the Portuguese Republic, Romania, the Republic of Singapore, the Slovak Republic, the Republic of Slovenia, the Kingdom of Spain, the Kingdom of Sweden, the Swiss Confederation, the United Kingdom of Great Britain and Northern Ireland, and the United States of America.
ARTICLE 40: ENTRY INTO FORCE
1. This Agreement shall enter into force thirty days after the date of deposit of the sixth instrument of ratification, acceptance, or approval as between those Signatories that have deposited their respective instruments of ratification, acceptance, or approval.
2. This Agreement shall enter into force for each Signatory that deposits its instrument of ratification, acceptance, or approval after the deposit of the sixth instrument of ratification, acceptance, or approval, thirty days after the date of deposit by such Signatory of its instrument of ratification, acceptance, or approval.
ARTICLE 41: WITHDRAWAL
A Party may withdraw from this Agreement by means of a written notification to the Depositary. The withdrawal shall take effect 180 days after the Depositary receives the notification.
ARTICLE 42: AMENDMENTS
1. A Party may propose amendments to this Agreement to the Committee. The Committee shall decide whether to present a proposed amendment to the Parties for ratification, acceptance, or approval.
2. Any amendment shall enter into force ninety days after the date that all the Parties have deposited their respective instruments of ratification, acceptance, or approval with the Depositary.
ARTICLE 43: ACCESSION
1. After the expiration of the period provided in Article 39 (Signature), any Member of the WTO may apply to accede to this Agreement.
2. The Committee shall decide upon the terms of accession for each applicant.
3. This Agreement shall enter into force for the applicant thirty days after the date of deposit of its instrument of accession based upon the terms of accession referred to in paragraph 2.
ARTICLE 44: TEXTS OF THE AGREEMENT
This Agreement shall be signed in a single original in the English, French, and Spanish languages, each version being equally authentic.
ARTICLE 45: DEPOSITARY
The Government of Japan shall be the Depositary of this Agreement.
The Government of Japan shall be the Depositary of this Agreement.
EXPRESSION OF CONCERN REGARDING THE ACTA-AGREEMENT
This expression of concern has been sent to the members of the European Parliament and members of the national parliaments of the signatories.
The initiative to write this expression of concern was taken by the members of the following organisations: Medialab-Prado (Madrid), Kitchen Budapest (Budapest), Constant (Brussels) and PING (Nantes). These European medialabs collaborate in LABtoLAB, a two year programme of collective reflection on informal learning. LABtoLAB is supported through the European Commission’s Lifelong Learning Programme Grundtvig.
The LABtoLAB network aims to create a platform for:
- Sharing experiences and ways of doing, by studying specific cases,
- Exploring the role of the lab in offering spaces for collaborative learning and knowledge exchange,
- Examining the possibilities of life-long learning in the context of the lab.
The project builds on our belief in:
- Open sharing of knowledge,
- The use of Free Software tools,
- The freedom of participation in the organization of culture and society.
The Directorate-General for Trade of the European Commission defines Anti-Counterfeiting Trade Agreement (ACTA) in these terms: The EU's objective with ACTA partners is to have a new plurilateral treaty improving global standards for the enforcement of IPR, to more effectively combat trade in counterfeit and pirated goods.
We have sent you this statement because we have become convinced that the measures evoked by the Anti-Counterfeiting Trade Agreement will make our work harder, less efficient and sometimes even impossible. As our practice is funded and supported by the European Commission, and by many major cultural organisations in member states[*], we believe that it would be counterproductive if the EU adopts laws which have a direct negative impact on the same activities they validate through their support.
In this document we try to explain aspects of our work and the negative impact that the adoption of the ACTA would have on it. We hope you find enough reasons for not supporting the treaty when an opinion to the European Court of Justice can still be requested and the treaty still not be signed.
Wikipedia is a wonderful example of free culture. It produces knowledge and the process by which it does so also enriches its participants. It is a large scale pedagogical experiment where all learn from all, radically democratic, open to reading and writing. It encourages debate and is in constant evolution. Problems like defamation and copyright infringement exist in Wikipedia but are handled ad hoc when they occur. Wikipedia doesn't ignore these problems, but chooses to explain participants what fits in the platform and what not. And when errors are made, they are taken care of with flexibility and in dialog. The fundamental a priori relationship Wikipedia has with its user is trust.
Free culture questions and nourishes society; it feeds imaginaries and can act as an antibiotic to its diseases. It evolves through comments, re-interpretations, mixes, forks and variations. Creation is not a one-way process, it is a complex feedback loop that encourages participation and contribution. To develop and survive, free culture requires tools, workspaces, and collaborations based on an exchange system:
- Free culture needs to be able to customize existing tools, and create new tools if needed. This creates the possibility to explore tastes, styles and ideas beyond what is taught at school. The learning process requires access to source code and documentation, in order to understand what is behind an interface and how to engage with the communities that develop them. Proprietary software is expensive and reduces the diversity of tools available. Monopoly practices of closed source software companies reduce it even further. With limited cultural budgets, we prefer to support the development of free software which can be shared amongst a community of libre practitioners.
- It requires the availability of flexible workspaces. Medialabs provide high quality digital spaces for experimentation. A painter may choose a studio because of certain light conditions, an artist working in a medialab must be able to adapt a digital space to the conditions of his or her specific cultural production.
- It thrives in a context that fosters diversity. Confronting different languages for example, offers different ways of thinking; diversity allows people to change perspective and therefore they can transform and innovate.
- It supposes ongoing Collaboration and exchange. In free culture, participants are not confined to the role of consumers. They are allowed to access, respond and transform materials. Free culture presupposes collaboration and dialogue, involving an exchange between multiple disciplines: artists, engineers, scientists, musicians and everyday citizens.
As will be evident through the following 5 main concerns, ACTA threatens this exchange system on several levels.
What if Wikipedia, by the effect of harsh policy, had to adopt a defensive approach against its users? What if it had to prevent any infringement before even it happens? Any modification before it would become public? To chose always the safer description to stay away from trouble? To create committees of moderators, and committees of committees who would have to approve all additions? The Wikipedia model would shift away from content and discussion towards regulations. Or more simply put, Wikipedia would go back to the old model of encyclopedia Universalis.
- Free culture needs clear laws
In creative production, mixing and meshing is common practice. The ability to make citations, appropriations, parodies etc. is essential for a vibrant culture. The vagueness of ACTA is therefore a problem. Actors need to be confident about their investment in free culture in order to engage and invest in it. By badly defining possible infringements and their scope, ACTA creates a climate of doubt and insecurity. Vagueness is a deterrent, it actually implies rigidity. When the scope of the treaty remains undefined, we can expect that disproportionate measures will be taken "to stay on the safe side": publishers will want to prevent problems before they occur, artists will anticipate the decision of publishers.
ACTA brings under the same hood a mixed bag of 'infringements': file sharing, copying, counterfeiting, patenting are treated as if they are of the same order. But copying and counterfeiting are not synonyms. Assimilating all IP infringement to counterfeiting, makes it difficult to respond adequately to a situation where exceptions to author's rights and fair use provisions have their role to play. It makes it hard to be nuanced in a cultural context where nuance makes all the difference.
- Cultural practice is not about commerce
ACTA is based on a poor definition of 'commercial' and 'non-commercial' activities. For the interwoven tissue of hybrid economies that drives cultural production, such a definition is at the same time disproportionate and inoperative. ACTA blindly affirms distinctions based on a caricature of cultural practice. The crass fuzziness of ACTA leaves the door open to grotesque measures and arbitrary decisions.
The definition is disproportionate. ACTA states that harsh measures will be applied to 'commercial scale infringement', but extends measures to 'non-commercial infringements giving a commercial advantage to a third party'. This results in a very wide definition of commercial activities, therefore it extends the scope of the treaty almost indefinitely. Concretely, it would mean a blogger sharing a file on a page that displays advertising, would be met with the same rigour as a large-scale infringer; linking to a PayPal account would qualify as 'operating on a commercial scale'. Medialabs provide their collaborators with digital workspaces. They offer online services to a large network of practitioners. The current ACTA agreement would define a medialab as an ISP and make them subjacent to the same measurements that exclude flexibility and experimentation and would paralyze their functioning.
The definition is inoperative because it refuses to recognize the assemblages of innovative models in the permanent process of constructing cultural wealth. The un-challenged distinction between 'commercial' and 'non-commercial' obscures the fact that professional production relies on our culture at large. What would Walt Disney be, without traditional fairy tales? The company makes millions from Snow White, but calls the same people who conveyed the oral memory of the tale to the present day 'infringers' when they want to re-interpret the tale. Would Snow White have been such a success if millions of families had not already for centuries told and enriched the tale, with all their love and creativity, long before Disney had ever thought of drawing the first scene of the movie? Why is their commercial appropriation legitimate when the re-use of Disney imagery is met by the most rigourous enforcement measures?
Professional artists and entertainment companies have always both nurtured and exploited resources from living culture. Living culture borrows from, responds to, and is inspired by commercial production. But rather than encouraging the continuous flow of creativity between cultural zones, ACTA legislators consolidate an artificial vision of culture where a few 'creators' are broadcasting to a passive mass of customers while, in fact, these 'customers' co-create commercial products in various ways.
- Cultural heritage deserves to be used
On-line cultural heritage archives help build and reinforce our historical memory and identity. They empower the social and political awareness of citizens. It is important to acknowledge and promote new forms of collective production and take full advantage of the technical properties of digital objects, use new technologies of information and communication and revive and reuse archive materials. We are concerned that ACTA contributes to a counter-productive fear of participation in reading, writing, adapting and distributing digital cultural objects.
Digital environments offer the potential of easy access to books, photographs, pamphlets, audio recordings, video files, radio broadcasts... Digital reproductions of public domain documents that are part of our mutual cultural heritages, can and should in principle be copied, remixed and re-used in new works. They should be consulted, tagged, connected, and commented upon. In this way, users collectively build high quality public repositories and sustainable archives of information, enabling the culture of our future to benefit from the richness of our cultural past.
EU policy aims to support citizens to appreciate and enjoy their heritage. For that purpose they need to be and feel part of the process of culture. If laws are made to regulate the circulation of digital objects, we not only need to worry about the protection of commercial production, but we most of all need to make sure that the acccessibility of past and future culture is guaranteed. How can future generations build on a legal actuality that is aimed at exclusion and the protection of products, and not on the protection of culture?
For this reason, we are concerned about the future of orphaned works. Under the Berne Convention, The European Commission has provided partial solutions understanding the importance of making available to the public an heritage whose owners are difficult to trace. We strongly support the idea that works with no explicit copyright or owner should belong to the public domain and should therefore be managed, accessed, re-used and distributed collectively. The provisions in ACTA are closing off one promising avenue for policy intervention.
- ACTA would harm our international collaborators
The day to day reality of cultural production in the age of the internet means that work takes place in an international and intercontinental context. This is an aim and a desire, and an integral part of our daily practice. Building productive exchanges with international networks is vital for our work. Now and in the future, we contribute to projects in developing countries, and in countries outside ACTA.
Needless to say that adopting ACTA will have a recursive negative effect on all cultural work done within ACTA countries. Restrictive measures that hit one area of production, will without doubt be felt in another.
Defining an all-encompassing commercial way of dealing with culture will have a disastrous effect on digital literacy and access for people from developing countries. They would be suffering even more from the weakening of free software, from harsh restrictions on legitimate copying, losing the flexibility that is necessary for collaborative production.
- We are alarmed by the opaqueness of the process
Transparency is central to open networks. As medialabs, we try hard to make our organisations function in ways that are easy to understand for everyone involved. In our projects we favour systems open to discussion, questions and contestation. We therefore cannot help but to be alarmed by the way this treaty has been drafted.
As long as the definition of the terms, on which ACTA is based, remain open to interpretation, the treaty will provide avenues for arbitrary decisions. This in itself is enough reason not to ratify the agreement.
We are irate to find out that a treaty that has been negotiated in the most opaque way imaginable, demands faith in a future committee whose powers will include changing the terms of the treaty itself. We see no reason to trust ACTA with a blank cheque.
ACTA is the result of a process that only very late acted out a mere parody of consultation, and involved a very limited representation of stakeholders. This treaty should by no means be validated.
This statement has been written and signed by participants of LABtoLAB meeting in Brussels, January-February 2011.
- o – O – o –
OPINION OF EUROPEAN ACADEMICS ON ANTI-COUNTERFEITING TRADE AGREEMENT
The Signatories of the Opinion
following the adoption of the Anti-Counterfeiting Trade Agreement (ACTA) on 3rd December 2010
extensive international trade in goods infringing intellectual property
rights prejudices the legitimate interests of right holders and thus
appropriate enforcement standards as well as international cooperation
- ACTA does not intend to extend the scope of protection of intellectual property rights granted under national laws and contains general provisions committed to balanced enforcement procedures;
- the most controversial enforcement measures proposed in the initial stages of the negotiations of ACTA have been narrowed down or abandoned in its final version;
- the appropriate balance needs to be effectively ensured between the enforcement of intellectual property rights and the fundamental rights of users such as the right to information and education, the freedom of expression, the right to accessible health care, the right to privacy and protection of personal data, the right to due process as well as other human rights and good governance in general;
- the protection and enforcement of intellectual property is one of the means to promote technological and creative innovation and its dissemination to the public; it thus must be seen together and not in conflict with other EU internal and external policies such as the promotion of the information society, the fostering of education, health care and development in third countries, and the promotion of biological and cultural diversity on an international scale;
- the Commission repeatedly reassured and the European Parliament welcomed in its Resolution of 24 November 2010 that ACTA is entirely compatible with existing EU law, but in fact this is not clear;
- certain controversial provisions were not fully removed from ACTA but are in some cases formulated as non-binding (“may”) clauses, which signifies international political incitement to implement these clauses into contracting Party`s law;
- ACTA, being plurilateral in its nature, contains numerous provisions requiring higher enforcement standards than those set under existing international agreements; no state shall be put under pressure to adopt standards negotiated in a forum in which it did not participate;
draw the attention to the following points:
I. EU LAW
Contrary to the European Commission's repeated statements and the European Parliament's resolution of 24 November 2010, certain ACTA provisions are not entirely compatible with EU law and will directly or indirectly require additional action on the EU level.
The following is a non-exhaustive list of illustrations that indicate the general tendency of ACTA:
1. Injunctions: art. 8.1 ACTA requires Contracting Parties to grant an order against a party to desist from an infringement, and inter alia, an order to that party or, where appropriate, to a third party to prevent infringing goods from entering into the channels of commerce. While the wording of art. 8.1 ACTA itself appears to be similar to the corresponding provision of art. 11 Directive 2004/48, it is worth mentioning that art. 12 of Directive 2004/48 gives the Member States an option to order pecuniary compensation to be paid to the injured party instead of applying the measures provided for in art. 11 Directive 2004/48, if the conditions specified in art. 12 are met. It seems that this option would be lost or at least called into question if art. 8.1 ACTA were enacted in its present form. It should not be forgotten that the US Supreme Court has recently upheld the traditional equitable four-factor test for injunctions in patent law and rejected an approach which favours automatic injunctive relief.64
2. Damages: art. 9.1 ACTA refers to a set of criteria which specifies the amount of compensatory damages. Some of the factors mentioned at the end of the provision are not provided for in art. 13.1 Directive 2004/48. These factors should not be adopted in European law since they are not appropriate to measure the damage. “The value of the infringed good or service, measured by the market price, [or] the suggested retail price”, as indicated in art. 9.1 ACTA, does not reflect the economic loss suffered by the right holder. Furthermore, according to art. 9.4 ACTA pre-established damages or presumption based damages (especially reasonable royalties) may only be ordered as an alternative to the damages referred to in art. 9.1 (compensatory damages) and art. 9.2 (infringer's profits). In the absence of a clear rule on the alternative application of art. 9.1 or art. 9.2, it may be argued that compensatory damages and infringer's profits may be ordered cumulatively which is not explicitly stated in art. 13 Directive 2004/48. This would raise the amount of damages for the infringement of intellectual property.
3. Other Remedies: for corrective measures, art. 10 ACTA shifts the focus from “disposal outside the channels of commerce” to outright destruction (“except in exceptional circumstances”), while art. 10 Directive 2004/48 provide several options, destruction only being one of them. Also, it may be asked why the caveat of proportionality which exists in art. 10.3 Directive 2004/48 is omitted. In particular, the interests of non-infringing third parties may need to be protected (e.g. property rights in the infringing goods which may have been acquired by a bona fide consumer; property of third parties in the materials/implements used to create the infringing goods). It is true that art. 6.3 ACTA provides for a general requirement of proportionality, but the same holds true for art. 3 Directive 2004/48, and still there is a specific reference to proportionality in the specific provision on corrective measures.
4. Provisional Measures: art. 12 ACTA does not make specific reference to the procedural guarantees for the defendant laid down in Directive 2004/48 (arts. 9.4, 9.5 Directive 2004/48). This is unfortunate, as the European Court of Justice has stressed the importance of these provisions “to ensure that a balance is maintained between the competing rights and obligations of the right holder and of the defendant”.65 Both the Luxembourg and the Strasbourg66 courts have repeatedly held that the right to be heard occupies an eminent position in the organisation and conduct of a fair legal process. While the specific rules concerning the right to be heard may vary according to the urgency of the matter (and thus allow the adoption of provisional measures inaudita altera parte as provided for in art. 12.2 ACTA), “any restriction on the exercise of that right must be duly justified and surrounded by procedural guarantees ensuring that persons concerned by such proceedings actually have the opportunity to challenge the measures adopted in urgency”.67 It is not easy to understand why ACTA provides for provisional measures inaudita altera parte, but does not at the same time take up the procedural guarantees which have been introduced in Directive 2004/48 and which are necessary to ensure that persons concerned by such proceedings have a later opportunity to challenge these measures.
5. Definition: ACTA's provision on the scope of the border measures section contains an ambiguity giving rise to potential misuse. Whereas art. 2.1(a) Border Measures Regulation 1383/2003/EC (BMR) specifically narrows the scope of application of border measures for trademark infringements to "counterfeit goods" only, art. 13 ACTA instead allows border measures in the case of "intellectual property rights" in general and thus applies to all kinds of trademark infringements. IP rights are defined in art. 5 (h) ACTA as all categories of IP covered by TRIPS. This suggests an interpretation of art. 13 ACTA that includes not only cases of counterfeiting, but also all other forms of trademark infringements based on mere similarity of signs, risk of confusion and even the protection for well-known trademarks against dilution. This is not only a clear extension of the EU acquis, but presents a particular problem for international trade in generic medicines which could be seized based on allegations of 'ordinary' trademark infringements. For all these reasons, art. 13 ACTA requires rewording or, at least, a narrow interpretation and implementation. As art. 13 ACTA allows Contracting Parties to exclude certain forms of IP infringements as long as this does not amount to 'unjustifiable discrimination', public health grounds can justify the exclusion of ordinary trademark infringements from the scope of border measures. This would also ensure that ACTA parties live up to their general obligation in art. 6.1 ACTA not to create barriers to legitimate trade.
6. No EU acquis on criminal measures: within the EU legal framework there are currently no provisions on criminal enforcement of intellectual property rights. ACTA, therefore, is by nature outside the EU law and would require additional legislation on the EU level.
7. Scope: art. 23.1 ACTA provides for a broad definition of ‘commercial scale’ covering all acts carried out on a commercial scale including at least those carried out as commercial activities for direct or indirect economic or commercial advantage. By contrast, in its Position of 25 April 2007, the European Parliament (EP) expressly excluded acts “carried out by private users for personal and not-for-profit purposes”.68 The EP also declared that “the fair use of a protected work, including such use by reproduction in copies or audio or by any other means, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship or research, does not constitute a criminal offence”. ACTA does not reaffirm these safeguards for private users and for limitations and exceptions.
8. Parallel imports: art. 23.2 ACTA prescribes criminal procedures and penalties on the wilful importation and domestic use on a commercial scale of goods infringing trademark rights. The vague language of the article could seem to cover importation and domestic use of products which, although lawfully marketed in the exporting country, have not been authorized in the importing country. Such interpretation would hinder parallel imports in the EU. The EP in art. 1 of its Position suggested that parallel imports should be specifically excluded from the scope of criminal offences. Such exclusion is not reflected in ACTA.
9. Cinematographic works: while according to art. 23.3 ACTA criminal measures for the unauthorized copying of cinematographic works are merely optional, ACTA prompts Contracting Parties to criminalize such an action without the commercial scale assessment and without any assessment of the intention of the defendant. Again, this disregards the exception in relation to fair use and copying for private and not-forprofit purposes repeatedly stressed by the EP.
10. Safeguards: while strengthening criminal enforcement measures, ACTA at the same time does not provide any of the safeguards needed to ensure the balance of interests between parties and guarantee a due process. In comparison, art. 7 of the EP Position of 25 April 2007 required the prohibition of the misuse of criminal procedures and sanctions, especially when they are employed for the enforcement of the requirements of civil law. Such guarantees, for instance, would be of particular importance in ex officio proceedings allowed under art. 26 ACTA. Also, art. 8 of the EP Position required that the rights of infringers are duly protected and guaranteed. Meanwhile, art. 25 ACTA authorizes judicial national authorities to issue seizure, forfeiture and destruction orders. However, it does not guarantee the infringer’s right to be heard in these procedures.
II. INTERNATIONAL LAW
As recognized and welcomed by both the European Commission and the European Parliament, ACTA introduces enforcement standards higher than those existing under current international law. However, certain ACTA provisions do not ensure a balance between the interests of different parties, since they either eliminate safeguards existing under international law or, after strengthening enforcement measures, fail to introduce corresponding safeguarding measures.
Most issues discussed above in relation to EU law are also of concern at the level of international law and go beyond TRIPS. The following points are pertinent only for the international law level. The list contains the most important provisions where the balance of interest is lacking and is meant to be illustrative and non- exhaustive:
11. Right of information: art. 11 ACTA strengthens the right of information as already found in art. 47 TRIPS. First, under ACTA it becomes compulsory (voluntary under art. 47 TRIPS). Second, the list of information that might be requested is expanded and the right may be directed both against infringers or alleged infringers (only against infringers under art. 47 TRIPS). Meanwhile, the proportionality requirement, as available under art. 47 TRIPS (and art. 8.1 EU Directive 2004/48), has been eliminated. Also, ACTA contains no effective provision against misuse of acquired information (e.g. comparable to art. 8.3(c) EU Directive 2004/48).
12. Scope: while TRIPS requires border measures only against the importation of counterfeit trademark goods or pirated copyright goods, ACTA parties have to provide border enforcement against imports and exports of goods infringing any IP right covered in TRIPS – except patent rights and test data which are excluded by virtue of fn. 6 ACTA. However, these exemptions as such do not offer sufficient safeguards for the international trade in generic drugs. Extending border measures to goods suspected of ‘ordinary’ trademark infringement can create barriers to global trade – in particular if applied to generics in transit. ACTA parties hence must take their general obligation, under Article 6.1, “to avoid the creation of barriers to legitimate trade” seriously and establish systems which safeguard international trade and public health.
13. Safeguards: ACTA eliminates the following safeguards available under TRIPS. First, art. 56 TRIPS contains a mandatory requirement that customs must have “authority to order the applicant to pay the importer, the consignee and the owner of the goods appropriate compensation for any injury caused to them through the wrongful detention of goods”. ACTA, however, has no directly equivalent provision for compensation in cases of wrongful detentions. Further, art. 18 ACTA widens the options for right holders to provide securities, while it does not include the (mandatory) option for the goods owner/importer to provide a security under art. 53.2 TRIPS. Instead, it contains a limited allowance for the latter to provide securities to obtain possession of the goods “in exceptional circumstances” (art. 18, 4th sentence ACTA). Finally, art. 55 TRIPS contains mandatory limits to the duration of the initial detention of goods suspected of infringement within which proceedings leading to a decision on the merits of the case have to be initiated or the goods released. Again, ACTA does not contain an equivalent rule – art. 19 ACTA merely demands the initiation of infringement proceedings “within a reasonable period”.
14. Definition of “commercial scale”: art. 23 ACTA defines acts carried out on a “commercial scale” as “commercial activities for direct or indirect economic or commercial advantage”. It is doubtful if this is compatible with a more flexible market/product-based interpretation of commercial scale adopted by the WTO Panel, which refers to “counterfeiting or piracy carried on at the magnitude or extent of typical or usual commercial activity with respect to a given product in a given market”.69
15. Technological measures: arts. 27.5-6 ACTA require stronger protection of technological measures than set under art. 11 WIPO Copyright Treaty and art. 18 WIPO Performances and Phonograms Treaty (no similar provisions exist in TRIPS). In particular, ACTA provides a broad definition of technological measures (no definition under WIPO Treaties), it prohibits both acts of circumvention as well as preparatory acts, and covers technological measures having dual (both legal and illegal) functions. Although art. 27.8 ACTA allows preservation of exceptions and limitations, it does not provide any mechanisms to ensure their exercise and enforcement.
16. Disclosure of subscribers’ data: art. 27.4 ACTA regulates disclosure of subscriber´s data and is broader than the (non-mandatory) right of information under art. 47 TRIPS. Most importantly, whereas ACTA poses a duty to disclose subscribers’ data both on infringing and non-infringing intermediaries, art. 47 TRIPS refers only to an infringer. Also, ACTA mentions that fundamental principles “such as freedom of expression, fair process, and privacy” shall be preserved. However, it does not provide more specific provisions on how these rights should be effectively ensured (compare with detail provisions on privacy in EU Directives 95/46/EC, 2002/58/EC, and 2006/24/EC).
Taking above into account,
the Signatories of the Opinion invite the European institutions, in particular the European Parliament, and the national legislators and governments,
to carefully consider the above mentioned points and, as long as significant deviations from the EU acquis or serious concerns on fundamental rights, data protection, and a fair balance of interests are not properly addressed, to withhold consent.
For further information and to sign the Opinion see http://www.iri.uni-hannover.de/acta-1668.html.
- o – O – o -
1 The full final text of ACTA is attached as Attachment 1 to this Opinion.
2 Summary of Key Issues Under Discussion, Fact Sheet issued by the U.S. Trade Representative, November 2009, at: http://www.ustr.gov/about-us/press-office/fact-sheets/2009/november/acta-summary-key-elements-under-discussion.
3 For a useful general overview (on which we draw), see: http://en.wikipedia.org/wiki/Anti-Counterfeiting_Trade_Agreement, notes omitted, last accessed on 30 August 2011. For more detail, see the full Wikipedia entry and the notes to that entry, the second EP study (footnote 17, below), and, e.g., Matěj Myška, ACTA: Evil Inside?, at: http://www.law.mmu.ac.uk/wp-content/uploads/2011/04/ACTA-EVIL-INSIDE.pdf, and the further references in that paper.
4 European Parliament, DG for External Policies of the Union, Information and Communication Technologies and Human Rights, EXPO/B/DROI/2009/24, PE 410.207, June 2010, pp. 60 – 61, available from the EP studies website: http://www.europarl.europa.eu/activities/committees/studies.do?language=EN (type in PE 410.207). This is the first EP study on ACTA: see footnote 17, below, on the second one.
5 Idem, pp. 62 – 63, emphasis added.
6 We are again drawing in particular on the useful overviews in Wikipedia and in Myška, o.c. (footnote 3, above). For extensive information, documentation and detailed criticisms, see the numerous documents relating to ACTA on the EDRi website: http://www.edri.org/search/node/ACTA.
7 Myška, o.c. (footnote 3, above), p. 6.
8 For further detail, see the sub-section headed “EU Academic Assessment”, below.
9 Eddan Katz & Gwen Hinze, The Impact of the Anti-Counterfeiting Trade Agreement on the Knowledge Economy: The Accountability of the Office of the U.S. Trade Representative for the Creation of IP Enforcement Norms Through Executive Trade Agreements, Yale Journal Of International Law Online, [Vol. 35: 24], 2009, at p. 34: http://www.yjil.org/docs/pub/o-35-katz-hinze-ACTA-on-knowledge-economy.pdf.
10 Idem, pp. 32 – 33. On the threat to collaborative activity, see the LABtoLAB Expression of Concern regarding the ACTA-Agreement, attached to this Opinion as Attachment 2.
11 Note that the question of the effect of ACTA on access to medicines is the subject of a separate study, and is therefore not further explored here.
12 Myška, o.c. (footnote 3, above), p. 8.
13 Privatised online enforcement series: A. Abandonment of the rule of law, EDRi-gram Number 9.6, 23 March 2011, at: http://www.edri.org/edrigram/number9.6/abandonment-rule-of-law. ACTA is one of the items included in this list, but is omitted here as the other examples are here shown as the context for ACTA.
14 Council of Europe Commissioner for Human Rights, “Issue Paper” on Social Media & Human Rights, September 2011, to be made available shortly at: http://www.coe.int/t/commissioner/Activities/IPList_en.asp.
15 Opinion of European Academics on Anti-Counterfeiting Trade Agreement, 20 January 2011, available from:http://www.iri.uni-hannover.de/tl_files/pdf/ACTA_opinion_110211_DH2.pdf.
16 Available from: http://trade.ec.europa.eu/doclib/docs/2011/february/tradoc_147497.pdf. But see also the critical notes on this meeting at: http://acta.ffii.org/wordpress/?p=390. We are leaving out the references to the impact of ACTA on generic medicines, as that is being dealt with in the separate study, commissioned by the Greens/EFA, already mentioned.
17 European Parliament, DG for External Policies of the Union, The Anti-Counterfeiting Trade Agreement (ACTA): An Assessment, EXPO/B/INTA/FWC/2009-01/Lot7/12, PE 433.859, June 2011. The study itself says that it is available from: http://www.europarl.europa.eu/activities/committees/studies.do?language=EN (like the study mentioned in footnote 4, above) – but in fact it had not yet been released there at the time of writing this Opinion (August 2011). However, the study can also be obtained from the website of La Quadrature du Net: http://www.laquadrature.net/files/INTA%20-%20ACTA%20assessment.pdf.
18 Above, pp. 3 – 5 and footnote 4.
19 Consolidated Text: Anti-Counterfeiting Trade Agreement Informal Predecisional Draft 1 July 2010, http://www.laquadrature.net/files/ACTA_consolidatedtext_EUrestricted130710.pdf [footnote 228 in the report].
20 Articles 27.2 and 27.4 ACTA. [footnote 229 in the report].
21 See for example EU Directives 95/46/EC, 2002/58/EC, and 2006/24/EC, dealing with privacy; Article 8, Convention for the Protection of Human Rights and Fundamental Freedoms as amended by Protocols No. 11 and No. 14. [footnote 230 in the report].
22 We are again leaving that matter of Access to Medicines as such aside here, because this is dealt with in the separate study for the Greens/EFA, already mentioned.
23 The study also wrongly says that this article-by-article analysis is contained in Chapter 5, but in fact the –groups-of-articles review is contained in Chapter 4, section 2. Chapter 5 contains an “Overall Economic and Commercial Assessment” of ACTA.
24 The words in square brackets have been added by us: the study here merely uses the word “of”, but this would appear to be a typing error, with some words having been inadvertently deleted.
25 Opinion of the European Data Protection Supervisor on the current negotiations by the European Union of an Anti-Counterfeiting Trade Agreement (ACTA) of 5 June 2010 (2010/C 147/01), OJ C-147/1ff., available from:http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:C:2010:147:0001:0013:EN:PDF.
26 The Information And Communication Technologies And Human Rights study, and the EU academics, also referred to the right of access to health care and generic medicines, but as already explained, we do not deal with that issue.
27 Directive 2002/21/EC of the European Parliament and of the Council of 7 March 2002 on a common regulatory framework for electronic communications networks and services (Framework Directive), OJ L-108/33ff.
28 Directive 2009/140/EC of the European Parliament and of the Council of 25 November 2009 amending Directives 2002/21/EC on a common regulatory framework for electronic communications networks and services, 2002/19/EC on access to, and interconnection of, electronic communications networks and associated facilities, and 2002/20/EC on the authorisation of electronic communications networks and services, OJ L-337/37ff.
29 Article 1 – Protection of property
Every natural or legal person is entitled to the peaceful enjoyment of his possessions. No one shall be deprived of his possessions except in the public interest and subject to the conditions provided for by law and by the general principles of international law.
The preceding provisions shall not, however, in any way impair the right of a State to enforce such laws as it deems necessary to control the use of property in accordance with the general interest or to secure the payment of taxes or other contributions or penalties.
Note in particular the reference to the right of each State to enforce “such laws as it [subjectively] deems necessary” - which is much less strict than the objectively-phrased requirements in the “typical” Convention articles (especially Article 8 – 11 ECHR) that any interference with any fundamental right enshrined in the Convention must be (objectively) “necessary” to serve some higher purpose. However, as noted in the text, in practice the approach to Article 1 FP is close to the approach to the “typical” rights, albeit with some nuances.
30 See Marckx v. Belgium, ECtHR Judgment of 13 June 1979, para. 63.
31 Sporrong and Lönnroth v Sweden, ECtHR Judgment of 23 September 1982, para. 61. For a fuller discussion of the case-law on Article 1 FP, see Harris, O’Boyle et al., Law of the European Convention on Human Rights, 2nd Ed., Oxford, 2009, Chapter 18 (pp. 655 – 696) and the Council of Europe Human Rights Handbook on Article 6 ECHR, 2nd Ed. by Aida Grgiæ, Zvonimir Mataga, Matija Longar and Ana Vilfan, available from:http://www.coehelp.org/course/view.php?id=54 (scroll to number 10 and choose a language).
32 On Article 10 ECHR, see Harris, O’Boyle et al., o.c. (footnote 31, above), , Chapter 11 (pp. 443 – 514) and the Council of Europe Human Rights Handbook on Article 10 ECHR, by Monica Macovei, again available from:http://www.coehelp.org/course/view.php?id=54 (scroll to number 8 and choose a language).
33 Note that in the International Covenant on Civil and Political Rights (the UN sister-document to the COE’s ECHR and the EU’s CFR), the right to hold opinions is a separate right that, in ordinary times, may not be subjected to any restrictions at all: see Article 19(1) & (2) ICCPR.
34 Cf., again, Article 19 ICCPR, which in its second paragraph says that freedom of expression includes “freedom to seek, receive and impart information and ideas of all kinds, regardless of frontiers, either orally, in writing or in print, in the form of art, or through any other media of [one’s] choice.” It is accepted that the omission of the words “to seek” from the ECHR was not intended to create any difference in this respect with the ICCPR, as is indeed confirmed by the case-law noted in footnote 37, below.
35 Report of the UN Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, Frank La Rue, Human Rights Council, Seventeenth session, 16 May 2011, A/HRC/17/27, at:http://daccess-dds-ny.un.org/doc/UNDOC/GEN/G11/132/01/PDF/G1113201.pdf?OpenElement. See in particular paras. 53 – 59.
36 This much-quoted sentence is from the famous Handyside v. the United Kingdom judgment of 7 December 1976, para. 49.
37 Cf., for instance, the considerations of the Court in Castells v. Spain, ECtHR Judgment of 23 April 1992, para. 43, and the Sunday Times and Guardian cases referred to there.
38 These were the issues at stake in the cases mentioned in the previous footnotes.
39 Foundation for a Free Information Infrastructure e.V. (FFII), Copyright Criminal measures in ACTA, 8 October 2010, updated on 3 January 2011, at: http://acta.ffii.org/wordpress/?p=34.
40 Idem. In the quote as produced here, an apparently accidental repitition of a passage has been omitted.
41 The FFII page in the previous footnote provides a link to a “restricted” (Limité) Commission document with the heading “ANNEX I – Provisions of ACTA that provide value compared to exisiting international standards and in particular WTO/TRIPS”, dated 4 November 2010.
42 See the minutes of the “DG Trade Civil Society Dialogue” (footnote 16, above), at p. 4.
43 In particular, the so-called “three-step test” under the Berne Convention, “is not fit to deal with the issue of which usage should exclusively be controlled by the right-holder and which should not” - Kamiel J Koelman, Fixing the Three-Step Test, in: European Intellectual Property Review (EIPR), 2006/8, pp. 407-412, quote taken from p. 2 of the draft version of thiss article, available from the SSRN website at: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=924174.
44 O.c. (footnote 17, above), p. 57.
45 We will deal with the separate issues of information disclosures, which are covered by paragraph .4, in section 2.4, below; and with the matter of the criminalisation of digital rights management (DRM), addressed in paragraphs .5 and .5, under a separate heading, below.
46 There are actually very serious issues about when supposedly de-identified/statistical data may still allow for the re-identification of individuals. This is a major, growing problem in the digital era, in particular in view of the enormous amounts of personal data that are released onto the Internet, ever-growing computing power, and ever-deeper analyses of disparate data. See; Paul Ohm, Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization, University of Colorado Law Legal Studies Research Paper Series, Working Paper No 09-12, 13 August 2009, http://ssrn.com/abstract=1450006. The issues are summarised in Douwe Korff and Ian Brown, New Challenges to Data Protection—Final Report (20 January 2010), http://ssrn.com/abstract=1636706, paras 120–2. See also Ian Brown, The Limits of Anonymisation, www.pvnets.org/2009/03/the-limits-of-anonymisation, with reference to the work of Arvind Narayanan and Dr Vitaly Shmatikov of the University of Texas at Austin on deanonymisation of data from SNS websites, http://33bits.org/2009/03/19/de-anonymizing-socialnetworks. However, we cannot address that issue further here. We will also not further examine the scope of the exemption in relation to commercially sensitive information in Article 4(1)(c), other than to note that there may be difficult issues of balance here. In particular, in our opinion, the provision should not be used (as it easily could be) to prevent users and consumers, or groups representing them, from gaining an insight into the surveillance and analytical measures taken by the digitial rights industry against alleged or suspected infringers of IP rights.
47 On the other provisions, the following comments must here suffice (although these provisions too could do with closer analysis):
Article 22 provides for extensive exchanges of information, including personal information on individuals suspected of being responsible for or involved in IPR infringements, in the context of border measures.
The chapter on enforcement practices (Chapter III) would appear to be mainly concerned with policy cooperation, exchanges of best practices, etc. – but it contains a reference (in Article 28) to “the collection and analysis of statistical data and other relevant information concerning intellectual property rights infringements”, and references to “internal cooperation” (within each State) and to the establishment of “advisory groups” and the like, which could easily be read as covering intelligence-gathering and –analysis. This reading is reinforced by the stipulation in Article 34 in Chapter IV, on international cooperation, that “each Party shall endeavour to exchange with other Parties [inter alia] information the Party collects under the provisions of Chapter III (Enforcement Practices), including [but not limited to – DK/IB] statistical data and information on best practices.” We will return to this question of international data exchanges separately, below.
48 See the EDPS Opinion, para. 28, with reference to the Article 29 Working Party, Working document on data protection issues related to intellectual property rights (WP 104), adopted on 18 January 2005:
“IP addresses collected to enforce intellectual property rights, i.e. to identify Internet users who are alleged to have infringed intellectual property rights, are personal data insofar as they are used for the enforcement of such rights against a given individual.”
49 See the quote from the EDPS Opinion on p. 16, above, in particular points (i) and (ii).
50 For an overview of the “Third Pillar” arrangements and the databases and data protection rules relating to them, and criticism of the “availability” principle, see the “Issue Paper” on Protecting the Right to Privacy in the Fight Against Terrorism, CommDH/IssuePaper(2008)3 of 4 December 2008 (prepared for the Commissioner by Douwe Korff), available from: http://www.coe.int/t/commissioner/Activities/IPList_en.asp.
51 See Frits Hondius, A Decade of International Data Protection, in Netherlands International Law Review, Vol. XXX (1983), p. 103ff.
52 See Douwe Korff, The [European] Legal Framework, Paper No. 4 in a FIPR study for the UK Information Commissioner on Privacy & Law Enforcement, by Ian Brown & Douwe Korff, 2004, available from:http://www.ico.gov.uk/upload/documents/library/corporate/research_and_reports/legal_framework.pdf.
53 See in particular the COE Committee of Ministers Recommendations and Resolutions in the field of data protection, available from: http://www.coe.int/t/dghl/standardsetting/dataprotection/Legal_instruments_en.asp.
54 See the COE CHR “Issue Paper” referred to in footnote 49, above, for a basic overview. The best analyses of the EU measures in this regard are to be found on the Statewatch “European Monitoring & Documentation Centre on Justice and Home Affairs in the EU”, at: http://www.statewatch.org/semdoc/.
55 This also applies if the data are disclosed initially by an ISP to a court as envisaged by Article 11 ACTA, since that disclosure too would still be in a civil law, and not (yet) in a criminal law context.
56 Council of Europe Commissioner for Human Rights, “Issue Paper” on Social Media & Human Rights (footnote 14, above), p. 31, second bullet-point, second indent.
57 The EDPS here provides a cross-reference to paragraph 28 of his Opinion, which in turn refers to the Article 29 Working Party document mentioned in footnote 47, above, WP104, affirming that IP addresses collected to identify possible IPR infringers ipso facto constitute personal data.
58 For a full discussion of the case-law on Article 6 ECHR, see Harris, O’Boyle et al., o.c. (footnote 31, above), Chapter 6 (pp. 201 – 330) and the Council of Europe Human Rights Handbook on Article 6 ECHR, 2nd Ed. by Nuala Mole and Catharina Harby, available from: http://www.coehelp.org/course/view.php?id=54 (scroll to number 5 and choose a language).
59 See the Report of the UN Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression (footnote 35, above), paras. 53 – 59.
60 X and Y v. the Netherlands, ECtHR judgment of 26 March 1985, para. 24.
61 Vo v. France, ECtHR judgment of 8 July 2004, para. 90.
62 See the Report of the UN Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression (footnote 35, above).
63 Some suggestions are made in the “Issue Paper” by the CoE CHR on Social Media and Human Rights, o.c. (footnote 14, above).
64 eBay Inc v. MercExchange, L.L.C., 547 U.S. 388 (2006).
65 ECJ Case C-89/99,  ECR I-5851 para. 38 seq. – Schieving-Nijstad.
66 ECHR App.-No. 17056/06 para. 78 seq. – Micallef v. Malta.
67 ECJ Case C-341/04,  ECR I-3813 para. 66 – Eurofood.
68 Position of the European Parliament adopted at first reading on 25 April 2007 with a view to the adoption of Directive 2007/.../EC of the European Parliament and of the Council on criminal measures aimed at ensuring the enforcement of intellectual property rights (EP-PE_TC1-COD(2005)0127).
69 China – Measures Affecting the Protection and Enforcement of Intellectual Property Rights (China – IPRs),
WT/DS362/R, 09/0240, 26/01/2009.
Twitter , gracias a @opinguino por el enlace.