Chapter 3: A Legal Investigation of Copyright: Graduated Response
With the advent of digital came the advent of online piracy. For consumers, the ability to reproduce and share files led to a proliferation of high-quality copies with no degradation; from a scratchy home taping of a radio song to a full-quality digital file, the difference which digital made to piracy was indescribable. The development of online sharing systems such as Napster allowed consumers to share and exchange music at no cost, and astonishingly fast, with little concern (or wilful ignorance) for the ethical or legal status of their actions.1 The reproduction and sharing of files exploded in popularity not long after this – some experts estimated that online copyright infringement resulted in losses of hundreds of billions of dollars per year globally.2 The UK government’s Online Copyright Infringement Tracker suggested slightly more modest figures, stating that 62% of those surveyed had accessed content online, and estimating that 18% of UK internet users had infringed copyright during the three-month period of observation.3 While these figures are debatable, there is still no doubt that online copyright infringement has had an effect on both creators’ businesses and consumers’ expectations. For consumers, the ease of piracy and the lack of penalties in the beginning meant that it was an attractive and easy way to obtain digital content, and they did not necessarily think that it was unacceptable.4 Thus, a need arose for methods of deterring and redirecting copyright pirates, in order to ensure that creative content was obtained legitimately. In the beginning, this focused more on the deterrent than the redirection aspects of copyright enforcement, but evolved over the course of the following years. This chapter discusses the rise and metamorphosis of Graduated Response (GR) systems through the use of several different examples around the
1 Tom Lamont, ‘Napster: The Day Music Was Set Free’ (The Guardian, 24 February 2013) <> accessed 15 December 2015.
2 See, for example, Center for Strategic and Innovation Studies, ‘Net Losses: Estimating the Global Cost of Cybercrime’ (2014) 12 < cybercrime2.pdf> accessed 20 January 2016, which puts annual losses from counterfeiting and piracy at US$638 billion.
3 Kantar Media Monitoring, ‘Online Copyright Infringement Tracker Wave 5’ (2015) < c_290715.pdf> accessed 15 December 2015. The issue with these figures, of course, is that it assumes that in the absence of illegal downloading, consumers would and could pay for the same content. This is a simplistic view, at best.
4 Måns Svensson and Stefan Larsson, ‘Intellectual property law in Europe: Illegal file sharing and the role of social norms’ (2012) 14(7) New Media and Society 1147.
world. Generally speaking, a GR system uses a series of escalating measures to deter consumers from copyright infringement. Although the earliest systems envisaged penalties such as fines and eventual termination of internet subscriptions, over the course of their lifespan, GR systems have evolved to become more about education than penalisation.
Graduated Response systems have been adopted in several different jurisdictions (France, the US, New Zealand, Taiwan, South Korea, Ireland, Canada, Australia) as well as being envisaged in others (including the UK). Also known as ‘3 strikes’ systems, these systems, while different in practice, all share the idea that copyright infringers should be subject to a system of increasing penalties for repeated copyright infringement. The original ‘3 strikes’ title is taken, presumably, from the game of baseball, via the California penal system,5 but while France uses three strikes, other countries’ number of strikes varies.
GR systems are a brainchild of the 21st century, with one of the earliest adopted being France’s Hadopi6 law, administered by the organisation of the same name, which was established in 2009. In the six years following Hadopi’s introduction, the idea spread around the world, especially the Anglophone world, with several more GR systems being introduced before the end of 2015.
This chapter considers France’s Hadopi, followed by New Zealand’s GR system.7 It then discusses Canada’s notice and notice system. The chapter then turns to voluntary response systems in the form of the US Copyright Alert System and Ireland’s Eircom and UPC GR systems. The discussion touches upon the Australian voluntary system due to come into existence in 2015 and finally considers the GR system envisaged for the UK in the 2010 Digital Economy Act and the subsequent VCAP/Creative Content UK initiative.
One particular point to note is that the majority of GR systems are focused on peer-to-peer (P2P) download models. These systems have been in existence since before the turn of the millennium, with Napster being one of the first examples of P2P,8 through various other models
5 California’s penal laws enforce stricter penalties on a third offence. Ahmed A White, ‘The Juridical Structure Of Habitual Offender Laws And The Jurisprudence Of Authoritarian Social Control’ (2006) 37(3) The University of Toledo Law Review 705.
6 Haute autorité pour la diffusion des œuvres et la protection des droits sur internet.
7 While Taiwan and South Korea also have legislative graduated response systems, the author elected to use New Zealand and France as legislative case studies for ease of language, time, and space constraints. 8 Lamont (n 1).
to the currently popular BitTorrent model. They function by downloading files from a peer network of computers connected through the internet. P2P downloading is not illegal per se. It is only when the files downloaded are subject to copyright that they violate the rights of the content owner. Thus, it is important to note that not all P2P clients are torrent clients – indeed, Skype and the BBC iPlayer use P2P systems. At present, a significant proportion9 of infringing downloads are conducting using the BitTorrent protocol of P2P downloading, commonly known as torrenting.10 BitTorrent protocols allow a user to create a small descriptor file distributed through normal means (email, discussion forum, or torrent aggregator sites, such as The Pirate Bay). The original user then makes the full file available through a BitTorrent node, creating a ‘seed’. The descriptor file will connect a second user to this node. Each secondary user, who ‘leeches’ the file can then in turn ‘seed’ it, reducing the load on the original computer and allowing faster downloading. This collective sharing is known as a ‘swarm’. Speed and ease are also increased by the fact that the files are broken into ‘pieces’, which are then downloaded (usually non-sequentially) and rearranged by the second user’s BitTorrent client (examples of BitTorrent clients include – confusingly – BitTorrent, Vuze and μTorrent). Theoretically, a user could ‘seed’ an original file once and have unlimited downloads thereafter, with only one download being made from their own terminal. This leads to difficulties in identifying those who are uploading infringing files in the first place – the existence of a swarm means that anyone who downloads a torrent can potentially redistribute it an unlimited number of times, and in fact some do. The existence of the swarm, combined with files being downloaded in pieces, means that users can download from many different other users, and equally can seed to many other downloaders. P2P networks can be monitored, on behalf of GR schemes, by private companies, which was what the French system did, using Trident Media Guide.11 While the exact operation of such monitoring systems were not public knowledge, attempts were made to discern what proportion of torrented content was monitored. In 2012, one study found that for popular content a user could be monitored within three hours of joining a swarm.12
9 Kantar Media Monitoring (n 3); 21. 26% of infringers used P2P services, with 17% using μTorrent, the most popular torrent client – this has remained consistent since wave 1 of this research.
10 Johan Pouwelse and others, ‘The Bittorrent P2P File-Sharing System: Measurements and Analysis’ in Miguel Castro and Robbert van Renesse (eds) Peer to Peer Systems IV (Springer 2005).
11 Lawrence Latif, ‘French ISPs will be flooded by IP address information requests’ (The Inquirer, 22 September 2010) < information-requests> accessed 15 December 2015.
12 Tom Chothia and others, ‘The Unbearable Lightness of Monitoring: Direct Monitoring in BitTorrent’ in Angelos D Keromytis and Roberto di Pietro (eds) Security and Privacy in Communication Networks (Springer 2013).
This is contrasted against direct download, file locker or one click hosting sites, which are another method of downloading. In this method, users upload a file to a file hosting site, and then populate the link from there. A second user who has the link can then download the file in its entirety from this location, via the link. Direct download is slower than torrenting, as files are downloaded from a single location, but it is less dangerous for the downloader – they are not then making themselves a secondary uploader of the file. Population methods of the link are similar to those of torrent descriptor files, via email, message boards, or dedicated link aggregation sites.
Most GR systems focus on P2P downloading, but other systems, including notice and takedown, which is discussed in the following chapter, also target one click hosting sites.
In France the Hadopi law13 of June 2009 created one of the first GR systems. The law, administered by an organisation of the same name, took effect in late 2009. Shortly after its introduction to the French Senate, in October 2008, the bill was made a matter of urgency under article 45 of the French constitution, meaning that it could only be read once in each House. Its introduction process was then shortened to a mere eight months. In June 2009, after passing through both Houses with some amendments, the Constitutional Council declared the main part of the bill unconstitutional.14 Even still, a revised version was approved in October 2009, retaining the majority of the original bill’s structure. The passage of the bill took only a single year from introduction to approval, including revisions.
The Hadopi law created a government agency to enforce the provisions of the law. It, confusingly, is also called Hadopi. Hadopi (the agency) superseded the mandate of the previous ARMT,15 while maintaining most of its mandates. The agency was vested with the power to police internet users. While the name and nature of Hadopi suggest that it was responsible for technological measures applicable to all creative content, in actuality it applied only to audio-
13 loi no 2009-669 du 12 juin 2009 favorisant la diffusion et la protection de la création sur internet (France).
14 Patrick Roger and Jean-Baptiste Chastand, ‘Hadopi: le Conseil constitutionnel censure la riposte graduée’ (Le Monde, 10 June 2009) (French) < riposte-graduee_1205290_651865.html> accessed 22 December 2015; Nicola Lucchi, ‘Access to Network Services and Protection of Constitutional Rights: Recognizing the Essential Role of Internet Access for the Freedom of Expression’ (2007) 19 Cardozo Journal of International and Competition Law 645.
15 Autorité de Régulation des Mésures Techniques. 90
visual content.16 That is to say, Hadopi had no authority with regard to online content infringement if it concerned books, games, software, or other creative content.
Hadopi employed a three strikes policy through monitoring P2P downloads. On receipt of a complaint from a copyright holder or representative, Hadopi would send an email to the offending internet subscriber stating that there has been a complaint, but not the substance of the claim nor the identity of the complainant. The subscriber’s ISP was then required to monitor the internet connection in question. The subscriber was also invited to install a filter on their internet connection. In the six months following this, if a repeat offence was noted by the copyright holder, their representatives, the ISP, or Hadopi, then a certified letter would be sent to the subscriber with content similar to the email. In the event that, in the 12 months following receipt of the letter, the offender failed to comply and there were accusations of repeat offences by the copyright holder, a representative, Hadopi, or the ISP, then the ISP would be required to prepare an investigation and a report recommending whether or not the subscriber’s internet access should be suspended. The file would then be forwarded to prosecutors, with a judge making the final decision on a fine (up to €1500) or suspension (up to one year) or both.17 The subscriber would be blacklisted, meaning that other ISPs were prohibited from providing service to them. This suspension would not interrupt billing, and the subscriber was still liable for any and all charges or costs arising from the suspension. It was possible to appeal the length (but not the existence) of the blocking of internet access in court, with the burden of proof falling on the appellant.18 Action under the Hadopi law would not preclude separate action under the French code of intellectual property.19
Hadopi, until 2013, issued a large number of first emails, substantially fewer second letters, and recorded only one suspension of internet access, coupled with a fine of €60020 in the four years of its operation. Over a million emails were sent, along with 99,000 letters, resulting in only
16 loi no 2009-669 du 12 juin 2009 (n 13).
17 Eric Pfanner, ‘France approves wide crackdown on net piracy’ (The New York Times, 22 October 2009) <> accessed 15 December 2015.
18 Sylvain Dejean, Thierry Pénard and Raphaël Suire, ‘Une première évaluation des effets de la loi Hadopi sur les pratiques des Internautes français’ (2010) (French) <> accessed 22 December 2015.
19 Code de la propriété intellectuelle, arts L331-1 and L335-2.
20 Marc Rees, ‘Hadopi : 600 € d’amende et quinze jours de suspension pour un abonné’ (NextInpact, 12 June 2013) (French) < suspension-pour-abonne.htm> accessed 22 December 2015; ZDNet, ‘Hadopi : première suspension de connexion Internet infligée à un internaute’ (ZDNet, 12 June 2013) (French) < internaute-39791358.htm> accessed 22 December 2015.
cases being examined for prosecution.21 Of those cases, four actually went to trial, resulting in two fines and the aforementioned suspension.22 Interestingly, both fines mentioned were issued not for the offence of actual content infringement, but for the lesser offence of failing to secure one’s internet connection – this was punishable at the time by a suspension of up to one month and a fine of up to €1,500. The suspension, incidentally, was never enacted, due to the abrogation of the powers a few days after the judgement.23
In 2012, Hadopi released a report stating that they had cut piracy by almost 50% since the introduction of the law.24 This overwhelmingly positive report was derided25 as ‘massaging’ the numbers to make them look better. French newspaper Le Figaro pointed out26 that while there had been a decline in P2P downloads since the first warning notices issued by Hadopi, there was also a similar increase in streaming. Equally, correlation between the introduction of Hadopi and a decline in P2P activity did not necessarily indicate causation. However, Hadopi was also defended in some areas. The defence raised was that Hadopi was not necessarily a copyright infringement prosecutor, but also an education and awareness mechanism. Thus, a lack of second or third warnings could be seen as a positive effect, rather than a negative one.
The good news is that HADOPI appears to be succeeding as an education program rather than as a punitive one. In 2011, HADOPI reports that fully 96% of people who received a first warning message did not receive a second one; this number stayed about the same in 2012. In addition, the percentage of people who received second notices but not third ones rose from 90% to 98%
21 Ben Challis, ‘Hadopi “failure” a warning for the UK?’ (The 1709 Blog, 8 August 2012) <> accessed 22 December 2015; Boris Manenti, ‘Aurélie Filippetti: “Je vais réduire les crédits de l’Hadopi”’ (O, 1 August 2012) (French) < reduire-les-credits-de-l-hadopi.html> accessed 22 December 2015.
22 Valéry Marchive, ‘Three years and millions of euros later, Hadopi has its first conviction. Now what?’ (ZDNet, 30 October 2012) < its-first-conviction-now-what-7000006612/> accessed 22 December 2015.
23 Stephen Shankland, ‘French three-strikes law no longer suspends Net access’ (CNet.com, 10 July 2013) <> accessed 15 December 2015.
24 Hadopi, ‘Hadopi, 1 an 1⁄2 après son lancement’ (2012) (French) <hadopi.fr/sites/default/files/page/pdf/note17.pdf> accessed 22 December 2015.
25 See Monica Horten, ‘Hadopi – has it massaged the numbers?’ (IPTegrity.com, 30 March 2012) <> accessed 22 December 2015.
26 Benjamin Ferran, ‘Le bilan contrasté de l’action de l’Hadopi’ (Le Figaro, 28 March 2012) (French) < contrastee-de-l-action-de-l-hadopi.php> accessed 22 December 2015.
from 2011 to 2012. (The legal steps that could lead to fines or suspensions begin after the third notice.) To buttress this data, HADOPI has published results from four independent research reports that note significant decreases in illegal downloading in 2011.27
Despite the positive reports published by Hadopi showing a significant decrease in piracy, the agency was not as successful as one might have hoped. In July 2013 the French Ministry of Culture effectively took the teeth away from the Hadopi consumer initiative by removing the provision of ‘the additional misdemeanour punishable by suspension of access to a communication service’.28 This is the provision under which the only suspension was issued – failure to secure an internet connection. Hadopi still retained an automated system of fines, up to €1,500 in the case of gross negligence and the ability to suspend access in the case of the greater offence of content infringement, but the press release which announced these changes specifically stated that suspension was no longer seen as an appropriate remedy.29 The Hadopi agency’s powers were transferred to the CSA.30 This was in accordance with the recommendations of the Lescure report, a report published by Pierre Lescure and delivered to the French Government on the Cultural Exception in France, which found that Hadopi had not achieved its aims, as traffic was being redirected to other avenues of infringement, rather than to legitimate sources.31
Following on from that, even the assertions that Hadopi was effective as an educational and deterrent organisation were called into question. In their paper on Hadopi,32 Arnold and others suggested that the Hadopi law had no deterrent effect on the behaviour of pirates. Their comprehensive paper highlighted that Hadopi monitored only P2P downloads, and not direct
27 Bill Rosenblatt, ‘The Future of HADOPI’ (Copyright and Technology, 26 October 2012) <> accessed 22 December 2015.
28 Décret no 2013-596 du 8 juillet 2013 supprimant la peine contraventionnelle complémentaire de suspension de l’accès à un service de communication au public en ligne et relatif aux modalités de transmission des informations prévue à l’article L 331-21 du code de la propriété intellectuelle.
29 Minister for Culture and Communication (France), ‘Publication du décret supprimant la peine complémentaire de la suspension d’accès à Internet’ (Press Release, 9 July 2013) (French) < supprimant-la-peine-complementaire-de-la-suspension-d-acces-a-Internet> accessed 22 December 2015.
30 Conseil Supérieur de l’Audiovisuel [Audio-visual Council].
31 Pierre Lescure, ‘Mission “Acte II de l’exception culturelle” Contribution aux politiques culturelles à l’ère numérique’ (2013).
32 Michael A Arnold and others, ‘Graduated Response Policy and the Behavior of Digital Pirates: Evidence from the French Three-Strike (Hadopi) Law’ (2014) SSRN <> accessed 22 December 2015.
download or digital lockers, although it noted also that many consumers were not aware of this.33 Thus, those with the required technical knowledge (and it is a fairly low standard) could easily have avoided the monitored channels and thus detection. While the report is almost entirely theoretical, given the low number of warnings issued by Hadopi, it did make use of surveys of 2,000 French users to test their theoretical model, with results in which they could be relatively confident. Arnold and others also disagreed with the assertions made by Danaher and others34 that the implementation of the Hadopi law resulted in increases on iTunes of 22.5% and 25% in song sales and album sales, respectively. They attribute this increase in iTunes revenues to awareness campaigns launched around the time of the passing of the Hadopi law, and not the deterrent effect of the law itself.
The removal of the internet cut-off provision from the possible penalties which Hadopi may implement, combined with the fact that the agency’s authority was passed over to the CSA mean that it is not difficult to see from where a lack of confidence in the effectiveness of the Hadopi law may stem. The provisions still stand; P2P downloads are monitored, with letters and penalties still being issued, but this author finds it difficult to view an agency which in four years only imposed ultimate sanctions on one person as particularly effective. This, combined with the fact that it is difficult to find information on this particular case, or even the fact that disconnection and a fine were actually imposed, means that this author is not convinced that Hadopi (either the agency or the law) was the success that it was originally touted to be. Rather, with the focus of the French government moving toward commercial piracy rather than individual infringers,35 Hadopi seems to have faded into the background as a failed experiment.
Regardless of opinion on its educational value, it is clear that Hadopi, as an enforcement mechanism, was not as effective as might have been hoped. It is certainly worth considering whether or not Hadopi’s failure may serve as a bad omen for the possible implementation of a UK GR scheme. Nevertheless, there is something positive to take from the example of Hadopi – the positive effect of the educational program launched at the same time as the deterrent three strikes system was hailed as effective, and certainly worth noting. Furthermore, the Hadopi agency continues to conduct research into infringement, such as through its Research, Studies
33 ibid 14.
34 Brett Danaher and others, ‘The Effect of Graduated Response Anti-Piracy Laws on Music Sales: Evidence from an Event Study in France’ (2012) SSRN <> accessed 22 December 2015.
35 Minister for Culture and Communication (n 29).
and Monitoring Department,36 which makes its works available online on the Hadopi website.37 Certain works are also available translated into English,38 including their 2013 paper ‘Access to Works on the Internet’39, which considered the financial implications of copyright infringement, and may have been instrumental in the French shift towards focusing on commercial piracy.
The New Zealand GR system was implemented in 2011, two years after the French system, via the passage of an Act40 amending the Copyright Act 1994, and implementing provisions for a monitoring and GR system. It was also accompanied by a set of Regulations detailing the operation of the system.41 In many ways, the New Zealand GR system is similar to the French system. It monitors P2P downloading,42 and allows three strikes before ultimate penalties are imposed.43 While the legislation dictated originally that disconnection was a possibility, this was challenged and amended so that suspension of service could only be applied for until a date set by the Order in Council, made by the Minister for Justice.44 The New Zealand GR system also makes use of notice periods – users cannot receive two warnings within the ‘quarantine period’ (35 days),45 perhaps under the assumption that the copyright infringer may not be the internet service subscriber, and thus it may take them some time to locate the copyright infringer and require them to cease their activities. One difference between the French and New Zealand
36 Département Recherche, Etudes et Veille.
37 Hadopi, ‘Actualités [News]’ (Hadopi.fr) (French) <> accessed 22 December 2015.
38 Hadopi, ‘Resources’ (Hadopi.fr) <> accessed 22 December 2015.
39 Hadopi, ‘Access to Works on the Internet’ (2013) <> accessed 22 December 2015.
40 Copyright (Infringing File Sharing) Amendment Act 2011 (NZ).
41 Copyright (Infringing File Sharing) Regulations 2011 SI 2011/252 (NZ).
42 ‘File sharing is where—(a) material is uploaded via, or downloaded from, the Internet using an application or network that enables the simultaneous sharing of material between multiple users; and(b) uploading and downloading may, but need not, occur at the same time’ Copyright Act 1994 (NZ) (as amended) s 122A(1).
43 The notices are defined as a detection notice, a warning notice, and an enforcement notice. Copyright Act 1994 (NZ) (as amended) ss 122D-F.
44 Emily Agnew, ‘Controversial Copyright (infringing file sharing) Amendment Bill passed into law’ (James & Wells, 14 April 2011) < infringing-file-sharing-amendment-bill-passed-into> accessed 22 December 2015; While this provision could be amended under the general review of the NZ Copyright Act originally due in 2013, review was suspended pending the conclusion of the TPP. Office of the Minister for Commerce, ‘Delayed Review of the Copyright Act 1994’ (2013) < property/copyright/documents-and-images/cabinet-paper-delayed-review-copyright-act-1994.pdf> accessed 22 December 2012.
45 Copyright Act 1994 (NZ) (as amended) s 122A(1).
systems is that where the French law refers to Internet Service Providers (ISPs), the New Zealand laws refer instead to Internet Protocol Address Providers (IPAPs), which are defined as follows:
a person that operates a business that, other than as an incidental feature of its main business activities,—
(a) offers the transmission, routing, and providing of connections for digital online communications, between or among points specified by a user, of material of the user’s choosing; and
(b) allocates IP addresses46 to its account holders; and
(c) charges its account holders for its services; and
(d) is not primarily operated to cater for transient users47
This ‘is intended to exclude universities, libraries, and businesses that provide Internet access to their members or employees, but are not in the nature of a traditional ISP.’48
Rebecca Giblin, in her paper ‘On The (New) New Zealand Graduated Response Law (And Why It’s Unlikely To Achieve Its Aims)’49 pointed out several of the issues facing the New Zealand scheme. These are not unfamiliar issues – the monitoring of P2P downloads only does not necessarily reduce piracy, merely moving it to other channels;50 the expiry of warnings means that users need only refrain from piracy until such time as their slate is wiped clean, so to speak, and then may continue as before;51 and finally, the non-static nature of Internet Protocol (IP) addresses makes it difficult to ascertain whether infringing activities have been perpetrated by the same person.52 Furthermore, dynamic IP addresses – IP addresses which are assigned as they are needed, meaning that an address may be used by multiple people consecutively, and also that a single person may have several IP addresses within a relatively short space of time – mean
46 Internet Protocol (IP) addresses are a numerical identifier given to devices connected to a network and using the Internet Protocol for communication.
47 Copyright Act 1994 (NZ) s 122A(1).
48 Copyright (Infringing File Sharing) Amendment Bill 2010 No 119-1 (NZ), Explanatory note, General policy statement, 4.
49 Rebecca Giblin, ‘On the (New) New Zealand Graduated Response Law (and Why It’s Unlikely to Achieve Its Aims)’ (2012) 62(4) Telecommunications Journal of Australia 54.1.
50 ibid 54.6
51 ibid 54.6; this was highlighted in the Irish Eircom GR system, where a customer was issued a notice which did not correspond to his activities – rather, he had been assigned the same IP address at a different date. This resulted in a High Court case considering whether an IP address fell under data protection laws, EMI Records (Ireland) Ltd and others v Eircom Ltd  IEHC 108.
52 Giblin (n 49), 54.5
that it is difficult to detect multiple infringements from the same person, meaning that issuing strikes is more difficult than at first thought. The paper did state that the implementation of IPv6 (a different internet protocol – version 6: at that date version 4 was in use – which could lead to individuals having permanent IP addresses) may put an end to this last problem, but that there was as yet no concrete date for when the switch to IPv6 would be complete. Even in 2015, as America ran out of IPv4 addresses to assign, the switch to IPv6 was not yet complete.53
These difficulties are loopholes which individual users may utilise to exploit the weaknesses of the NZ GR system. The paper also pointed out a further loophole contained within the regulations, specifically regulation 4(6):
[a]n IPAP may ignore, for the purposes of its obligations under section 122C of the Act, any IP addresses identified in a rights owner notice that are not IP addresses that the IPAP allocates, or allocated at the relevant time, and the IPAP is not required (despite section 122T(2)(a) of the Act) to retain any information relating to those IP addresses.54
There is a possibility that users could have IP addresses which were not issued by their internet service providers (it is possible to allocate IP addresses directly to organisations or individuals, such as in the Asia Pacific region, where IP addresses are issued by the APNIC organisation55). In a scenario such as this, the ISP avoids all liability, as they effectively fall outside the scope of the GR scheme.
The New Zealand GR system is not without its difficulties. Similarly to Hadopi, it seems to be a system which would only stop the casual pirate, as there are multiple ways for enthusiastic or determined copyright infringers to work around the system without incurring any penalties. Combined with the absence of disconnection as a penalty, New Zealand’s GR system rather lacks teeth.
Despite this, it certainly seems to have had some effect, given that there were seventeen private piracy judgements issued by the Copyright Tribunal in 2013, with fines imposed ranging from
53 James Walker, ‘North America has now run out of IPv4 Internet addresses’ (Digital Journal, 2 July 2015) < addresses/article/437297#hv15558> accessed 22 December 2015.
54 Copyright (Infringing File Sharing) Regulations 2011 (NZ) Reg 4(6).
55 APNIC <> accessed 22 December 2015. 97
NZ$ 255.97 to NZ$ 914.35.56 The facts of these seventeen judgements, however, show that the majority of those cases which reached tribunal stage were being considered for downloading fewer than ten songs – generally not even a full album.57 This certainly does not seem like the sort of determined pirate who poses an immense threat to film, TV, and music studios. The number of decisions declined sharply over time, with only four in 2014,58 and a single decision in the first six months of 2015.59 Furthermore, while the Act does not preclude publishers, the focus is certainly interpreted as being on the film and music industries. This author is currently unconvinced of the effectiveness of the New Zealand GR system. A lack of studies pointing out an increase in legitimate content consumption and purchase only, together with a lack of educational and redirection intiatives, serves to further support this viewpoint: that the NZ GR system is of dubious effect.
In Canada, a legislatively backed GR system takes a slightly different stance – their system is known as notice and notice. 2012 was a year of change for Canadian copyright. The Canadian government published their Copyright Modernization Act,60 an Act amending the Copyright Act of Canada, which was shortly followed by no fewer than five Supreme Court decisions61 on a single day relating to copyright.
The Copyright Modernization Act had eight stated aims, one of which was to
56 Ministry of Justice, ‘2013 decisions’ (Copyright Tribunal) <> accessed 22 December 2015.
57 The eighteenth Tribunal case was between Copyright Licensing Limited and the Universities of New Zealand. Given its different provenance, it will be disregarded for the purposes of this chapter’s discussion.
58 Ministry of Justice, ‘2014 decisions’ (Copyright Tribunal) <> accessed 22 December 2015.
59 Ministry of Justice, ‘2015 Decisions’ (Copyright Tribunal) <> accessed 1 July 2015.
60 Copyright Modernization Act SC 2012 c 20 (Canada).
61 The date was July 12, 2012. Entertainment Software Association v Society of Composers, Authors and Music Publishers of Canada – 2012 SCC 34; Rogers Communications Inc v Society of Composers, Authors and Music Publishers of Canada – 2012 SCC 35; Society of Composers, Authors and Music Publishers of Canada v Bell Canada – 2012 SCC 36; Alberta (Education) v Canadian Copyright Licensing Agency (Access Copyright) – 2012 SCC 37; Re:Sound v Motion Picture Theatre Associations of Canada – 2012 SCC 38; Michel Geist, ‘The Copyright Pentalogy: How the Supreme Court of Canada Shook the Foundations of Canadian Copyright Law (University of Ottawa Press 2013).
clarify Internet service providers’ liability and make the enabling of online copyright infringement itself an infringement of copyright;62
The Act implemented this through the creation of a ‘notice and notice’ GR system.63 This system differs slightly from those discussed above in that it does not place an onus on the ISP to apply mitigating measures to the subscriber, merely to pass on information. While it would seem from the title that ‘notice and notice’ would fit more snugly in the next chapter, which discusses notice and takedown, the distinction is that notices are sent from the ISP to the downloader, similar to GR systems, whereas with notice and takedown, the notice is sent to the uploader.
Sections 41.25 and 41.26 of the Copyright Act,64 as inserted by the Copyright Modernization Act, created this notice and notice system, which came into effect in January 2015.65 Copyright owners may notify ISPs of a claimed infringement,66 and the ISP is then required to send that infringement notice on to the internet subscriber67 who is infringing. If they fail to do so, they may be required to pay statutory damages to the claimant of ‘not less than C$5,000 and not more than C$10,000.’68 A copyright owner is entitled to injunctive relief against the ISP.69 The consumer who receives the notice must be informed that their internet connection was used to infringe on copyright, and given the date, time, location, and identification of the copyright material that was infringed.
Notice and notice is not a true graduated response system, in the sense discussed both supra and infra, as it does not carry with it penalties or escalating notices. Further, ISPs act as mere intermediaries to pass on notices from rights holders. However, it is worth noting in this section that the system does bear some similarities to other GR systems. ISPs are required to retain information on subscribers sent a notice for six or twelve months – this is in order to facilitate a disclosure order by the court, should the rights holder choose to take action against the subscriber. If this does occur, the subscriber may be liable for a penalty of up to C$5,000. This penalty is the maximum regardless of the number of infringements.
62 Copyright Modernization Act 2012 (Canada), Summary, b).
63 Copyright Act RSC 1985 c C-42 (as Amended) (Canada) ss 41.25-41.26.
64 ibid ss 41.25-41.26.
65 Office of Consumer Affairs, ‘Notice and Notice Regime: Quick Facts’ (Industry Canada) <> accessed 22 December 2015. 66 Copyright Act (n 63) s 41.25(a).
67 ibid s 41.26(1).
68 ibid s 41.26(3).
69 ibid s 41.27.
The Canadian notice and notice system has been subject to some abuse by rights holders, notably CEG-TEK and RightsCorp, American copyright enforcement companies which have been sending notices to Canadian internet users. Although the legislation set out the minimum standards which must be contained in a copyright notice – that is to say, the particulars of the offence, the claimant’s name and address, and the copyright claim which the claimant holds over the work,70 there is nothing to state that other information may not be contained in the notice. Thus, agencies may send notices which contain not only the information required by law, but also a demand for a financial settlement. There is also no provision for ISPs to refuse to pass on notices which are deliberately misleading about Canadian copyright law, as some of these notices are, stating that consumers may be liable for fines of up to $150,000 per infringement.71 In actuality, the liability for non-commercial infringement is capped at C$5,000, regardless of the number of infringing downloads. Consumers who then respond to these claim give their details to agencies, leading to a tidy financial reward without the need for tiresome litigation.72 Although the government department Industry Canada made it clear that there is no obligation to pay these settlement demands,73 and the governmental pages explaining the notice and notice system do not mention settlement fees,74 there was undoubtedly still a proportion of internet users who, struck by the fear of a legal notice, would settle immediately, rather than risk the possibility of massive fines.
Despite the implementation of the Copyright Modernization Act, and its attendant notice and notice system, the International Intellectual Property Alliance75 had not seen fit to remove
70 ibid s 41.25(2)(a).
71 Michael Geist, ‘Rightscorp and BMG Exploiting Copyright Notice-and-Notice System: Citing False Legal Information in Payment Demands’ (Michael Geist, 8 January 2015) < false-legal-information-payment-demands/> accessed 22 December 2015.
72 Michael Geist, ‘The Copyright Notice Flood: What to Consider If You Receive a Copyright Infringement Notification’ (Michael Geist, 13 April 2015) < copyright-notice-flood-what-to-consider-if-you-receive-a-copyright-infringement-notification/> accessed 22 December 2015.
73 Megan Haynes, ‘Canadians have “no obligation” to US piracy firm’ (Toronto Metro, 22 April 2015) <> accessed 22 December 2015.
74 Government of Canada, ‘Notice and Notice Regime’ (2014) < en.do?nid=858069> accessed 22 December 2015.
75 The International Intellectual Property Alliance (IIPA), somewhat of a misnomer, represents US copyright-based industries. It works to improve international protection and enforcement of copyright materials. Members of the IIPA include Association of American Publishers, BSA | The Software Alliance, Entertainment Software Association, Independent Film & Television Alliance, Motion Picture Association of America, National Music Publishers’ Association, and Recording Industry Association of America; See International Intellectual Property Alliance, ‘About’ (IIPA.com) <> accessed 22 December 2015.
Canada from its Watch List76 for its submission77 to the United States Trade Representative in preparation for the 2014 Special 301 Report.78 Given that Canada is home to several of the world’s largest torrent sites79 despite the provisions of the 2012 Act, this was not a particularly surprising recommendation. Further, in 2015, despite the implementation of the notice and notice system and accession to the WIPO Internet Treaties, Canada remained on the Watch List.80
Nonetheless, the notice and notice system, according to CEG-TEK, was vastly effective in its fledgling months – it stated in May of 2015 that the ISP Bell Canada had seen a 69.6% decrease in infringements, with smaller decreases also being reported by other ISPs.81 While part of this may be due to the (unfounded) fear of massive settlement demands, there is also a likelihood that even notices which fall within the legislative frameworks and have a purely informational and educational purpose may also be responsible for the fall in piracy. The notice and notice system in Canada was, at first glance, a highly effective system in its first months of operation.
Moving on from legislation-mandated GR schemes, voluntary GR schemes, such as those in place in the United States and Ireland certainly deserve consideration. These schemes are characterised by the fact that they are private agreements between rights holders and ISPs. The first two cases discussed here arose as a result of litigation (the US CAS and Irish Eircom system), while the third was the result of a judicial order (the Irish UPC system). The fourth, Australian,
76 The Special 301 Report categorises countries into three lists – Priority Foreign Countries, Priority Watch List, and Watch List. Canada was on the Watch List in 2013. In 2012 and 2011, it was on the Priority Watch List.
77 International Intellectual Property Alliance, ‘2014 Special 301 Report’ (2014).
78 The Special 301 Report is an annual review of intellectual property protection and market access led by the United States Trade Representative. It is so-called because it is mandated by s 301 of the Trade Act 1974.
79 IIPA (n 77) 103 ‘Canada is still the home to some of the world’s most popular Internet sites dedicated to piracy, including torrentz.eu and kickass.to, which garnered rankings of third and second place, respectively, on one of the most widely accessed listings of the world’s most popular illicit BitTorrent sites […]’ Rankings taken from ‘Ernesto’, ‘Top 10 Most Popular Torrent Sites of 2014’ (TorrentFreak, January 4, 2014) <> accessed 13 October 2015. The same sites were also in the 2015 list of most popular sites, although there was a change of location for Kickass. ‘Ernesto’, ‘Top 10 Most Popular Torrent Sites of 2015’ (TorrentFreak, January 4, 2015) <> accessed 13 October 2015.
80 US Trade Representative, ‘2015 Special 301 Report’ (2015), 66-7.
81 ‘Ernesto’ ‘“Six Strikes” anti-piracy scheme is a sham, filmmakers say’ (TorrentFreak, 13 May 2015) <> accessed 22 December 2015; PR Newswire, ‘Six Strikes And You’re (Not Even Close To) Out; Internet Security Task Force Calls for End of Copyright Alert System’ (PR Newswire, 12 May 2015) < security-task-force-calls-for-end-of-copyright-alert-system-300082007.html> accessed 22 December 2015.
system was developed in order to avoid being subject to a legislative system. The rationale for the shift away from legislation-mandated GR systems is advantageous for ISPs, as they do not need to seek public input into the development of the systems, although they can if they wish (as was the case with the Australian code) and a voluntary agreement to implement a GR system can offset the need for a legislative system to be implemented. Further, as ISPs move away from mere conduits, especially in the US, they needed to develop a system which protects them from action as a cooperating entity. Thus, the development of a voluntary GR system is preferable in multiple ways.82
The US Copyright Alert System (CAS) is a voluntary agreement between participating ISPs83 and rights holders84 such as the Motion Picture Association of America and the Recording Industry Association of America. The scheme was a long time in development, with negotiations reportedly going on for up to three years before the framework was established in 2011.85 Multiple delays followed until implementation was finally achieved in February of 2013.86 The system was, and indeed still is, a ‘six-strike’ system. The framework for the CAS is contained within a Memorandum of Understanding (MoU) between the participating ISPs and rights holders, which has been published in its entirety on the website of the Centre for Copyright Information (CCI), the organisation which administrates the CAS.87 The CAS is limited to only P2P file sharing, mirroring Hadopi and the NZ system.88 The MoU sets out in detail the process by which ISPs will send notices to suspected infringers. The penalties are not as severe as in legislative-backed schemes, ranging from in-browser alerts through mandatory education courses to bandwidth throttling – that is to say, limiting the speed of the customer’s internet
82 Annemarie Bridy, ‘Graduated Response and the Turn to Private Ordering in Online Copyright Enforcement’ (2010) 89 Oregon Law Review 81; Annemarie Bridy, ‘Graduated Response American Style: “Six Strikes” Measured Against Five Norms’ (2012) 23 Fordham Intellectual Property Media and Entertainment Law Journal 1; Mary LaFrance, ‘Graduated Response by Industry Compact: Piercing the Black Box’ (2012) 30 Cardozo Arts and Entertainment Law Journal 165.
83 AT&T, Cablevision, Time Warner, Verizon, and Comcast.
84 MPAA members Walt Disney Studios Motion Pictures, Paramount Pictures, Sony Pictures Entertainment, Twentieth Century Fox Film Corporation, Universal Studios, and Warner Brothers Entertainment, IFTA, RIAA members Universal Music Group, Warner Music Group, Sony Music Entertainment, and EMI Music, and A2IM.
85 Bridy, GR American Style (n 82).
86 Jill Lesser, ‘Copyright Alert System Set to Begin’ (Center for Copyright Information, 25 February 2013) <> accessed 22 December 2015.
87 Memorandum of Understanding, (Center for Copyright Information, 6 July 2011) < Understanding.pdf> accessed 15 December 2015 (MoU).
88 MoU (n 87) Preamble 1.
connection.89 There is no requirement for ISPs to suspend internet access. The CAS also makes use of quarantine periods,90 but they are substantially less generous than the New Zealand scheme, at only seven days between notices.91 The expiry date of notices is longer at twelve months,92 compared to New Zealand’s nine months.93 Of course, while the system is not backed by legislation, it is important to note that subscribers to a particular ISP’s service are bound by the law of contracts to abide by the CAS, as it is included in the terms and conditions of the service contract for the relevant ISP.
Early reports from the Center for Copyright Information, the organisation which administrates the CAS, confirmed that ‘each ISP has been processing notices and generating Alerts and the few consumers who had elected to challenge their Alerts had been able to file those challenges with the American Arbitration Association’.94 It was not until May 2014 that the CAS published a report on the first phase of the scheme.95 This report stated that the CAS had sent out more than 1.3 million alerts,96 with only 3% proceeding to final mitigation stages.97 However, roughly 30% of warnings were for a second or subsequent stage, showing a high proportion of repeat offenders.98 It offered a breakdown of the levels of alerts sent, from educational to acknowledgement to mitigation stages, their review process, and the outcomes of those cases which were reviewed.99 The review was optimistic about the possibility of ‘mov[ing] the needle’ of consumer behaviour away from content infringement to legitimate consumption methods.100 This is perhaps not backed up by other research,101 such as the statement of no decline of traffic to the Pirate Bay from the US.102 It is still interesting to note that most alerts did not proceed to
89 MoU (n 87) s 4(G).
90 They are referred to in the MoU (n 87) s 4(G) as ‘grace periods’.
91 MoU (n 87) s 4(G).
92 MoU (n 87) s 4(G)(v).
93 Copyright (Infringing File Sharing) Amendment Act 2011 (NZ) s 122D(3).
94 Jill Lesser, ‘Early Reports: CAS Moving Forward’ (Center for Copyright Information) <> accessed 22 December 2015.
95 Center for Copyright Information ‘The Copyright Alert System: Phase One and Beyond’ (2014).
96 ibid 4.
97 ibid 2.
99 ibid 8-11.
100 ibid 12.
101 ‘Ernesto’ ‘“Six Strikes” boosts demand for torrent VPNs and proxies’ (TorrentFreak, 11 March 2013) <> accessed 22 December 2015.
102 ‘Ernesto’, ‘Six-Strikes fails to halt US Pirate Bay growth’ (TorrentFreak, 3 September 2013) <> accessed 22 December 2015.
the final stages – but whether this is due to increased proxy103 and VPN104 use, thus changing the IP address of the computer and making it harder to detect, or decreased piracy is a difficult question to answer.
The CAS is notable in that it specifically aims to educate subscribers from the first steps – while the aim of Hadopi may have been to warn and deter consumers from infringing, the CAS specifically aims to educate users away from copyright infringement.105 This is similar to the report about Hadopi which suggested that a decrease in infringement may have been attributable to the educational campaigns which accompanied the GR system.106 In this context, a 70% drop-off between first and second stages can be seen as very positive. Nonetheless, the system is still subject to criticism. In May of 2015, the Internet Security Task Force, a coalition of small business holders, derided the effectiveness of a six strikes system and instead pointed to Canada’s notice and notice system as more effective in tackling piracy.107
Until 2015, the Irish voluntary GR system was unique in that the scheme was administered by a single ISP, Eircom, the country’s largest ISP with 50% of market share in 2010. 108 It arose as a result of litigation109 between Eircom and several record industry companies in 2009, seeking the blocking of illegal downloads by the installation of filtering technology. The case eventually settled out of court with an agreement to implement a private ‘three strikes’ scheme. Somewhat frustratingly, the precise terms of this particular agreement are confidential, but a relatively accurate idea of the operation of the system can be gleaned from the statement published by
103 A proxy is an intermediary service which disguises where a request is coming from. Thus, a web proxy will disguise where a site request is coming from, and circumvent a block.
104 A VPN (Virtual Private Network) is a method of connecting to a private network via the internet. Users connect to the VPN, which then connects to the internet, and can appear to be coming from a different place. Thus, a user connected to a VPN located in a non-US territory would not appear to be accessing monitored sites, as their IP address would indicate the location of the VPN, not the remotely connected device.
105 MoU (n 87) Preamble 1.
106 Hadopi (n 24).
107 PR Newswire (n 81).
108 Eircom rebranded in 2015 as Eir. For the purposes of clarity, this section continues to refer to Eircom, as this was the name of the ISP at the time of the litigation, and implementation of the GR system. Eircom, ‘Introducing Eir: the changing face of Ireland’s largest telecommunications company’ (Press Release, 16 September 2015); Comreg, ‘Quarterly Key Data Report, Q1 2010’ (2010), 39.
109 EMI v Eircom (n 51) -.
Eircom on their website in 2010 and a decision of the Irish High Court considering whether the settlement complied with relevant data protection legislation. 110
For five years, the Eircom scheme was the only GR system in operation in Ireland, and thus avoiding it was relatively easy – simply requiring consumers to change to a different broadband provider. In 2015, however, three of the four companies involved in the original Eircom GR case successfully obtained an order111 for a different GR system to be put in place with the country’s second largest ISP, UPC Media.112 This system differs from the Eircom system, and will be discussed infra.
The Eircom scheme operates in a manner similar to the three systems already discussed. Record companies are responsible for detecting infringing content. When it appears to be an IP address linked to Eircom, they notify Eircom, who will pass the allegation on to the subscriber.113 It is a four strikes system, with a fourteen-day114 quarantine period, falling between that of New Zealand and the US. The third strike, after a review of the evidence, will result in suspension of the customer’s internet access for seven days.115 A fourth strike will lead to twelve months’ suspension.116 Subscription fees are waived or refunded during these suspension periods.117 The ability to suspend or terminate access is granted by virtue of a clause in Eircom’s standard form subscriber contract.118 The High Court indicated that there is an appeals process in which the subscriber may engage,119 but this is not mentioned on the outline of the protocols on Eircom’s own website, thus there was little clarity on how this would operate. The website merely stated that ‘[E]ircom will consider all customer appeals on a case by case basis.’120
110 Eircom, ‘Statement on Illegal File Sharing’, Eircom (Press Release, 8 December 2010); EMI v Eircom (n 51).
111 Sony Music Entertainment (Ireland) Limited and others v UPC Communications Ireland Limited (No 1)  IEHC 317; Sony Music Entertainment (Irl) Ltd and others v UPC Communications Irl Ltd (No 2)  IEHC 386.
112 UPC rebranded as Virgin Media in late 2015. For the purposes of clarity, the company will continue to be referred to as UPC, similar to Eir/Eircom: Virgin Media Ireland, ‘Virgin Media appoints Tony Hanway CEO of Ireland operations’ (Press Release, 16 October 2015).
113 EMI v Eircom (n 51), 9.
114 EMI v Eircom (n 51), 13.
115 Eircom, Statement on Illegal File Sharing (n 110).
117 Eircom, ‘Legal Music’ (Eir.ie, 2012) <> accessed 22 December 2015, q 8.
118 EMI v Eircom (n 51) 14.
119 ibid 13.
120 Eircom, Legal Music (n 117) q 12.
Given that this agreement arose as a result of litigation solely against Eircom by EMI, Sony, Universal, and Warner Music, this limited its scope. Although the companies attempted to force similar obligations on other ISPs, Charleton J ruled in 2010 that there was no legal obligation for other ISPs to implement their own similar GR systems.121 Furthermore, Eircom would not deal with any allegations of infringement from rights holders other than the parties to the original litigation.122 The scheme saw some controversy in that it was subject to a review by the Data Protection Commissioner within six months of its implementation due to an improperly sent notification, and Eircom was ordered to cease the system.123 Mr Justice Peter Charleton overturned an order issued by the Commissioner requiring Eircom to cease disconnecting customers,124 and Charleton J’s decision was upheld by the Supreme Court.125
Given the confidential nature of the original settlement, Eircom did not publicly make statistics available on the number of users affected by the scheme. According to the notes of a meeting between EMI Chief Executive Willie Kavanagh and Minister of State for Research and Innovation Seán Sherlock in December 2011, Eircom had issued almost 30,000 letters. Furthermore at that time, ‘100 customers had reached the fourth stage of losing their access for one week and 12 customers are at the stage where they will be permanently cut off by Eircom.’126
An Eircom report was issued in 2014 entitled ‘Gradated Response – Music Industry Update’ which gave some figures for disconnections and warning letters. Although the report itself is not available, or cannot be accessed by the author, some salient figures were included in the first case which established a GR system for UPC,127 in 2015.
It appeared from this report that 4,508 first letters had been sent out as at 20th May, 2014; 1,138 second letters had been sent out; 257 third letters had
121 EMI Records (Ireland) Ltd and others v UPC Communications Ireland Ltd  IEHC 377.
122 Rebecca Giblin, ‘Evaluating Graduated Response’ (2014) 37 Columbia Journal of Law and the Arts 147, 173.
123 Mary Carolan, ‘Firms to continue “three strikes” rule against illegal music downloaders’ (The Irish Times, 3 July 2013) < rule-against-illegal-music-downloaders-1.1451820> accessed 22 December 2015.
124 EMI Records (Ireland) v The Data Protection Commissioner  IEHC 264, .
125 EMI Records (Ireland) v The Data Protection Commissioner  IESC 34.
126 Éamonn Laird, ‘Note of Minister Sherlock’s meeting with the Irish Recorded Music Association on Monday 5th December 2011’ (Scribd, Dec 7, 2011) <> accessed 22 December 2015.
127 Sony v UPC (No 1) (n 111) 57.
been sent out; 140 customers had been suspended; 49 had been reconnected and that so far no final letters of termination had been sent.128
The Eircom GR system, in its first years of operation, seemed to function relatively well in that it did not come up against any great obstacles, but equally it did not impose a huge number of sanctions. It is worth noting that in order to avoid the penalties associated with the system, customers needed only to change ISP, given that other ISPs had not been required to implement their own three strikes systems.129 The waiving of subscription fees for internet suspension periods130 created a situation where the consequences of a disconnection were minimal, other than perhaps the hassle of obtaining an alternative broadband or internet connection for the twelve months of disconnection even if the fourth step had been reached.
This changed somewhat in 2015, when, as mentioned, an order from the High Court imposed a requirement for a GR system on UPC, the second largest ISP in Ireland.131 This system, however, worked differently to the Eircom system. Similar to the Canadian notice and notice scheme, the onus for final action was on the rights holder, not the ISP. Thus, while the first steps are the same for Eircom and UPC, whereby a rights holder will ask the ISP to send notices to the subscriber who held the infringing IP address, UPC is not expected to take the mitigating actions in later steps. It is expected to send the first two ‘cease and desist’ notices.132 Following this, when UPC is asked to send a third notice to a subscriber, it will disclose the fact that this was a third notice to the rights holder.133 The rights holder may then seek a Norwich Pharmacal injunction to disclose the details of the infringing subscriber, and use those details to seek further action against the infringer. This may include termination of their internet subscription, and UPC would not be permitted to oppose this action.134 The order was made under the Copyright and Related Rights Act, 2000 (as amended).135 This second version of an Irish GR system places fewer obligations on the ISP, as it will not be required to disconnect subscribers upon receipt of a certain number of notices, but instead to wait for further action from the rights holder. The GR system applies only to fixed broadband (therefore not mobile broadband) and
129 EMI v UPC (n 121).
130 Eircom, Legal Music (n 117) q 8.
131 As of Q2 2015, UPC had 29.0% of total broadband subscriptions, to Eircom’s 35.3%. Comreg, ‘Quarterly Key Data Report Data as of Q2 2015’ (2015).
132 Sony v UPC (No 1) (n 111) 198.
135 Copyright and Related Rights Act 2000 (as amended) (Ireland) s 40(5a). This particular power to grant injunctions is discussed in Chapter 4 – it was implemented as part of the ‘Irish SOPA’ regulations.
will not apply to business (or presumably university/public/library) connections. The first judgement was given in March of 2015,136 but adjourned to give the parties time to prepare a submission on how the order would be implemented.137 The second judgement, in May of the same year,138 affirmed that the order would proceed as outlined in the original judgement. It is set for review after five years.139 Given that the order was not confidential, unlike the Eircom agreement, it will hopefully have more information available on numbers of cease and desist notices sent, and orders made, leading to a clearer analysis of the efficacy of the second Irish GR system.
The fact that both Irish GR systems were implemented in response to litigation means that warnings or cease and desist notices are only issued on certain content. A consumer could, for example, download the entire Disney back catalogue without any warnings or penalties from this system, as Disney was not party to the original litigation. Neither were a host of film, TV, music, publishing, or other creative companies, thus limiting the scope of both systems. The UPC system is more limited in application than Eircom, as EMI was a party to Eircom, but not UPC. While it is worth noting that the appellants in both scenarios are all large and influential companies with a wide variety of creative content, for the technologically-savvy or intelligent pirate, it is as simple as noting which studio has produced the film, show or song that they might wish to obtain, and selecting their download method accordingly – direct download or cyberlocker for those owned by EMI, Warner, Universal or Sony, and P2P for all others. Such limitations, while they may occasionally be irritating, are certainly not enough to deter the average determined teenager. The implementation of the second GR system, on the UPC network, however, makes it more difficult to avoid being subject to some form of GR entirely. UPC and Eircom together held a 64% market share of the Irish fixed broadband market in 2015.140 The increased availability of GR, however, does not necessarily correlate to increased effectiveness, and neither Irish GR system focuses on educating consumers as to how and where to obtain legal content.
136 Sony v UPC (No 1) (n 111).
137 Irish Times, ‘UPC ordered to take action against illegal downloaders’ (The Irish Times, 27 March 2015) < against-illegal-downloaders-1.2156346> accessed 20 November 2015.
138 Sony v UPC (No 2) (n 111).
139 ibid 24.
140 As previously mentioned, Eircom had 35.3% of total broadband subscriptions, and UPC 29.0%, making a total 64.3% market share. Comreg (n 131).
Ireland is unique not only in having two simultaneously operating GR systems, but also through their method of implementation (UPC is the only judicially-ordered GR system). Despite this innovative and different approaches to GR, it is still lacking the same crucial component that the NZ system is also – a concurrent educational campaign pointing consumers to legitimate content consumption.
Although Australia has had perhaps a different approach to copyright enforcement to other territory discussed here (especially with regard to ISP liability), when it comes to GR, they are similar to both the US and the UK. After a letter from the Minister for Communications requesting such a code,141 in February 2015, a group of Australian ISPs released a draft code of practice142 establishing a voluntary GR system.143 Similar in practice to the UK and US systems, it suggested three stages – education, warning, and final, with a list of final warning customers maintained and available to rights holders on request144 and a notice validity of 12 months – if a user did not progress from first to third notice within twelve months, they would revert to a null stage, and may begin again.145 Customers could appeal their position on the list on payment of a fee, which was refundable in the event of success. The Code was subject to comment until March 2015, and received some criticism, including that it would incite consumers to breach copyright twice a year with no penalties,146 or that the fee to appeal was a ‘fine by stealth’.147 Nonetheless, it progressed, with a final version submitted to the Australian Communications
141 Malcolm Turnbull, ‘Collaboration to Tackle Online Copyright Infringement’ (Press Release, 10 December 2014).
142 Communications Alliance, ‘Industry Code C653:2015 Copyright Notice Scheme, Public Comment Version-20/2/15’ < 2015.pdf> accessed 22 December 2015 (Draft Code).
143 Turnbull (n 141): The letter stated that such a code must be submitted to the Australian Communications and Media Authority by April 8, 2015. Failure to do so would have resulted in the Australian Government implementing its own code.
144 Adrian Storrier, ‘Graduated response in Australia: what does the draft code of practice say?’ (The IPKat, 21 February 2015) < what.html> accessed 22 December 2015.
145 Draft Code (n 142) s 3.6.2(f).
146 Simon Sharwood, ‘Australian ISPs agree to three-strikes-plus-court-order anti-piracy plan’ (The Register, 20 February 2015) < acy_plan/> accessed 22 December 2015.
147 ACCAN, ‘Copyright notice scheme must respect consumer protections’ (Press Release, 20 February 2015) < respect-consumer-protections> accessed 22 December 2015.
and Media Authority (ACMA) in April 2015.148 It will apply to ISPs with more than 1,000 home broadband subscribers.149 The scheme will apply only to fixed home broadband lines, not mobile internet or public internet connections, such as cafes or bars,150 and rights holders must be certified and verified before notices will be sent.151 The 12 month notice validity was retained.152 Those customers who reach the final notice stage will be placed on a list, which is available to rights holders. Although it contains no identifying information, there is a possibility to seek a judicial order to reveal the information, similar to the Canadian and Irish UPC schemes.153 The requirement to pay a fee for appeal was removed, except in the case of an excessive number of challenges.154 The Code included a provision for independent assessment eighteen months after commencement.155 As of September 1 2015, the projected start date of the scheme, no response from ACMA on whether or not it would register the code or not was available.156
Finally, to home territory, the UK. The first incarnation of a British GR system was envisaged by the Digital Economy Act 2010 (DEA).157 This Act set out a framework for a GR system which was a variation on those seen before it. The DEA also created an obligation for the IPO to monitor infringement in the UK as part of the system. The Hargreaves Review recommended that this monitoring begin before the implementation of the GR system; by 2015 it was on its fifth wave. The first waves were funded by Ofcom, and supported by the IPO. The fifth wave, in 2015, marked the first time the IPO commissioned the research itself, from Kantar Media.158 In July 2015 the IPO publicised its report on the content infringement and online content consumption behaviour of UK internet users aged 12+, which provided a variety of information about the demographics and behaviour of online content consumption, both legal and illegal. For books,
148 Communications Alliance, ‘Industry Code C653:2015 Copyright Notice Scheme’ < Industry-Code-FINAL.pdf> accessed 22 December 2015 (Final Code).
149 Final Code (n 148) s 3.2.1(a).
150 ibid s 1.3.3. 151 ibid s 3.3.1. 152 ibid s 3.6.5. 153 ibid s 3.12.7. 154 ibid s 3.10.3. 155 ibid s 1.6.
156 Rohan Pearce, ‘Should the copyright notice scheme be scrapped?’ (ComputerWorld, 8 September 2015) <> accessed 22 December 2015.
157 Digital Economy Act 2010 (DEA).
158 IPO, ‘UK consumers give boost to legal downloading and streaming for TV, films and music’ (Press Release, 22 July 2015).
it is interesting to note that 89% of those consuming content online did so 100% legally.159 Also of note is that 40% of those surveyed registered a lack of confidence in whether or not the content they were consuming online was legal.160 This uncertainty, which is in line with previous waves of the same research, may have been a prompt for the educational aspects of some GR systems.
As the GR system set out in the DEA has not yet come into effect, obviously its effects cannot be analysed. That is not a problem exclusive to the UK – other GR systems appear shrouded in mystery, meaning that it is difficult to assess how well any of them are operating. The framework set out in the DEA envisages a tiered scheme with two types of obligations: initial obligations and technical obligations. The initial obligations would require ISPs to pass notification to their subscribers of allegations of infringement made by rights holders, and also to maintain anonymised infringement lists. Rights holders may then seek a court order to disclose the details of infringers who have reached a threshold number of infringement reports relating to their copyright content. These obligations would be in accordance with the DEA and the procedures set out therein, as well as the ‘Initial Obligations Code’ (IOC), one of two secondary pieces of legislation designed to accompany the DEA.161 The UK system does not place the onus for sanctions on the ISPs, similar to the Canadian, Australian and Irish UPC scenarios. It would require that ISPs assist rights holders in identifying repeat infringers and policing their customers and users.
A first and second infringement report would require the ISP to send a notification to the user that they may be placed on a copyright infringement list. If a third report was made within 12 months, the ISP would have to notify the account holder of both the allegation and the fact that they had been placed on the aforementioned list. The notification would also explain that the
159 Kantar Media Monitoring (n 3) 19.
160 ibid 44.
161 The second piece of secondary legislation is a Costs Order. The IOC dictates in detail the way the scheme will operate, where the Costs Order lays out the allocation of the scheme’s costs. Ofcom was charged with formulating both of these. However, after a draft in 2010 (Ofcom, ‘Online Infringement of Copyright and the Digital Economy Act 2010 Draft Initial Obligations Code’ (2010) < infringement/summary/condoc.pdf> accessed 22 December 2015) which led to a draft SI (The Online Infringement of Copyright (Initial Obligations) (Sharing of Costs) Order 2011) being found partially unlawful after judicial review (British Telecommunications Plc and another, R (on the application of) v The Secretary of State for Business, Innovation and Skills  EWHC 1021 (Admin) (20 April 2011)), and a 2012 Costs Order (Ofcom, ‘Notice of Ofcom’s proposal to make by order a code for regulating the initial obligations’ (2012) < notice/summary/notice.pdf> accessed 22 December 2015) never making it as far as Parliament, the DEA has been interminably delayed.
user’s details were anonymised, but copyright holders may request a Norwich Pharmacal order to release the details, and then may be able to bring legal action against them. The UK system would also makes use of quarantine periods, this time a minimum of twenty days.162 There would also be an appeals procedure, as mandated by the Act, which would allow appeals on the grounds of the allegedly infringing act not being an infringement of copyright, or the IP address not relating to the subscriber at the time of the infringement.163
The UK system also differs from the schemes mentioned above in that it is not exclusively restricted to P2P downloading,164 although it is likely that this would be the focus. Furthermore, it would not be restricted to a particular type of copyright content (Hadopi, for example, related only to audio-visual content, and the Irish system only to content owned by the companies involved in the original litigation), but rather would restrict those who may enter the scheme to copyright owners who have ‘made an estimate of the number of copyright infringement reports [they] will make to a qualifying internet service provider in that notification period’,165 and provided it to Ofcom and ISPs as set out in the IOC. These differences, especially with regard to download type, could be crucial.
However, it also suffers from some of the same weaknesses as the previous schemes. The scheme allows for at least a 20-day grace period,166 and notices would expire 12 months after they were issued.167 This means that entrepreneurial pirates could limit the duration or timing of their copyright infringing activities in order to avoid being on the receiving end of notices or penalties. The disclosure order is unlike the other legislative systems in New Zealand and France, but this is the same provision as the Irish, Australian, and Canadian schemes and is not onerous. In fact, the Irish order would be identical, as it comes from English precedent, the Norwich Pharmacal order.168
A final issue, although certainly the most pressing, is that interminable delays have beset the scheme since the Act received royal assent in 2010. The Act first required two supplementary
162 Ofcom, ‘Notice of Ofcom’s proposal to make by order a code for regulating the initial obligations’ (n 161), Annex 3 ss 12, 13.
163 DEA (n 157) s 13(3).
164 Giblin (n 122) 167.
165 Ofcom ‘Notice of Ofcom’s proposal to make by order a code for regulating the initial obligations’ (n 161) 18.
166 ibid Annex 3 ss 12, 13.
167 ibid 3.
168 So-called because such an order was first issued in Norwich Pharmacal Co and others v Customs and Excise Commissioners  AC 133.
pieces of legislation169 to be formulated by communications regulator Ofcom. Ofcom placed draft versions of these documents, the IOC and the Costs Order, before the government by early 2011,170 but they were delayed by two ISPs seeking judicial review.171 Revised versions of the IOC172 and Costs Order173 were released in June 2012, with the expectation that they would be put before the UK Parliament by the end of 2012, but they were withdrawn.174 This may be attributable to the controversies regarding the distribution of costs, which were the subject of the judicial review in 2011.175 Opinion in 2013 suggested that DEA letters would not be operational until 2016,176 six years after the Act received royal assent. This date has been pushed further and further back, and in the meantime, a voluntary scheme has arisen.
Early 2014 saw the leaking of information about a Voluntary Copyright Alert Programme (VCAP)177 to the press. This was formally announced in July 2015 as Creative Content UK (CCUK).178 This voluntary scheme between ISPs and industry bodies179 is a two-pronged
169 Communications Act 2003, ss 124D; 124E; 124M.
170 See Draft Statutory Instrument: The Online Infringement of Copyright (Initial Obligations) (Sharing of Costs) Order 2011 (n 161); Ofcom, ‘Online Infringement of Copyright and the Digital Economy Act 2010’ (2010) (n 161).
171 British Telecommunications Plc v Secretary of State for Culture, Olympics, Media and Sport  EWCA Civ 232.
172 Ofcom ‘Notice of Ofcom’s proposal to make by order a code for regulating the initial obligations’ (n 161).
173 Ofcom, ‘Implementation of the Online Infringement of Copyright (Initial Obligations) (Sharing of Costs) Order 2012’ (2012) <> accessed 22 December 2015.
174 Peter Bradwell, ‘Even more delays to the Digital Economy Act’ (Open Rights Group, 4 February 2013) <> accessed 22 December 2015.
175 R (BT) v SoS BIS (n 161).
176 James Firth, ‘Sources: No Digital Economy Act Copyright Warning Letters until 2016 at the Earliest’ (Slightly Right of Centre, 30 May 2013) < act.html?m=1> accessed 22 December 2015.
177 Darren Meale, ‘BPI, MPA and ISPs go VCAP against P2P while DEA is still MIA’ (The IPKat, 16 May 2014) <> accessed 22 December 2015; Ben Challis, ‘ISPs and content industries close to voluntary three strike scheme in the UK’ (The 1709 Blog, 13 May 2014) < industries-close-to.html> accessed 22 December 2015; Dave Lee, ‘Deal to combat piracy in UK with “alerts” is imminent’ (BBC News, 9 May 2014) <> accessed 22 December 2015.
178 BPI, ‘UK Creative Industries and ISPs partner in major new initiative to promote legal online entertainment’ (Press Release, 19 July 2014).
179 Participants at announcement included the Motion Picture Association (MPA), the BPI (British Recorded Music Industry), the four main internet service providers: BT, Sky Broadband, TalkTalk, and Virgin Media, the BBC, Equity, the Film Distributors’ Association, ITV, the Independent Film & Television Alliance (IFTA), the Musicians’ Union, Pact the Premier League, the Publishers Association and UK Music: BPI (n 178).
approach to increasing legitimate content consumption and decreasing online piracy. The first prong is an educational wave designed to increase awareness of legitimate content consumption methods, part-funded by government.180 The second is a series of browser alerts, similar to that of the US CAS.181 The announcement, which was made in July of 2014, stated that the browser alert system would begin ‘at a later date’ with the educational campaign in Spring 2015. It was not until July 2015 that the announcement was made that PR firm Weber Shandwick would lead this educational campaign.182 There was no mention at the time of the browser alert system, but it can be assumed that it is still in the works – other firms are involved in advertising, and media planning. In October 2015 the educational prong launched a 40-second TV spot,183 demonstrating the dangers of online piracy and directing consumers to a website184 which would help them find legitimate content. It is worth noting that the advert spanned the spectrum of creative content – music, film, TV, books, and games are all represented in the 40 seconds.185
Even before the CCUK browser alter scheme came into effect, it was subject to criticism.186 It appears that once again, only P2P networks will be monitored, a weakness common to all the active GR systems discussed, and unlike the DEA. Further, one can assume that the DEA’s long- awaited implementation will, at the very least, depend on the effectiveness of the CCUK campaign,187 and may never reach fruition. Certainly the CCUK campaign is not universally well-
180 HM Government, ‘New education programme launched to combat online piracy’ (Press Release, 19 July 2014).
181 RT, ‘UK internet firms to adopt new “anti-piracy” strategy’ (RT, 22 July 2014) <> accessed 22 December 2015.
182 Natalie Mortimer, ‘Creative Content UK appoints Weber Shandwick to deliver education campaign’ (The Drum, 15 July 2015) < weber-shandwick-deliver-education-campaign> accessed 22 December 2015; Mark Jackson, ‘UK ISPs and Rights Holders to Begin Anti-Piracy Campaign’ (ISPreview, 15 July 2015) < piracy-campaign.html> accessed 22 December 2015.
183 The Drum, ‘Ad for Creative Content UK’ (YouTube.com, 23 October 2015) accessed 15 December 2015.
184 Get It Right From A Genuine Site <> accessed 15 December 2015.
185 Tony Connelly, ‘Creative Content UK launch new ad campaign highlighting the consequences of illegally downloading content’ (The Drum, 23 October 2015) < highlighting-consequences-illegally> accessed 15 December 2015.
186 Sophie Curtis, ‘Illegal downloading: four strikes and then… nothing’ (The Telegraph, 21 July 2014) <…- nothing.html> accessed 22 December 2015.
187 The leaked VCAP Memorandum of Understanding stated that it would run for three years, so it is not outside the bounds of possibility that CCUK would have a similar assessment period.
received.188 Nonetheless, as the IPO research mentioned earlier showed,189 almost half of consumers are unsure about whether or not the content they are downloading is legal – educational campaigns such as the CCUK campaign can help to eliminate this uncertainty. Further, the CAS and Hadopi both cited educational benefits to their campaign. Thus, the first part of the CCUK initiative may well prove the more crucial in terms of tackling online infringement.
The efficacy of GR systems is difficult to analyse, as the aims are difficult to pinpoint. If the aim of a GR system is solely to reduce P2P downloading, then certainly it would be relatively easy to establish whether or not a system is effective. However, a migration to other forms of copyright infringement, such as downloading via cyberlockers or direct download sites, is presumably not the type of change which would please a copyright owner.
The success of a GR system may perhaps be measured by the number of successful cases resulting in a penalty to an internet user. In the first year of the New Zealand system, then, this would be seventeen tribunal decisions, with a combined monetary value of less than NZ$10,000,190 most of which was costs awarded against the infringing consumers. Certainly for a country with a population of 4.5 million, and creative industries which contribute 2.1% of New Zealand’s GDP,191 this is by comparison a minuscule figure. Similarly, in the first four years of operation of Hadopi, a single internet suspension and four successful prosecutions192 is not exactly a resounding success.
Alternatively, a possible measure of success would be the number of first or second warnings which did not result in further warnings, which would seem to indicate that the copyright infringer had been motivated to obtain their copyright material through legal channels. However, it is difficult, if not impossible, to assess whether an infringer made the decision to
188 Timothy Geigner, ‘Come See How Excited Everyone Is For The Latest UK Educational “Don’t Pirate” Campaign’ (Techdirt, 16 July 2015) < how-excited-everyone-is-latest-uk-educational-dont-pirate-campaign.shtml> accessed 22 December 2015.
189 Kantar Media Monitoring (n 3).
190 The sum of the seventeen tribunal decisions was $8685.84. Arithmetic done by the author. 2013 decisions (n 56).
191 Ministry for Culture and Heritage (NZ), ‘Cultural sector overviews’ (Ministry for Culture and Heritage, 18 October 2013) <> accessed 22 December 2015.
192 Challis, Hadopi Failure (n 21).
obtain the content through other, illegal, channels, through legitimate channels, or merely decided not to obtain such content.
While multiple jurisdictions have implemented GR systems, assessing their efficacy is difficult, and working around them can often be as simple as changing download method, as is the case in France and New Zealand, or changing internet service provider, as would be effective in Ireland and the United States. While the UK GR [DEA] system avoids some of these issues – it applies to most ISPs (although not those that offer 400,000 or fewer broadband-enabled lines),193 and it applies to more than just P2P downloading, it is greatly hampered by the fact that it has yet to be implemented, and does not look likely to achieve implementation for some time to come.
Assessing GR systems which focus on education is even more difficult, as there are no concrete figures of disconnections or fines to be used. The figures released by the US CAS on its first year show that a substantial numbers of alerts were sent, but cannot analyse why or how further alerts were not required – whether through alternative or decreased piracy. Further, the fact that the enforcement prong of the UK’s CCUK campaign had not been launched, even twelve months after its first announcement, presents another issue to overcome. Analysing and evaluating GR is no easy job.
Rebecca Giblin, in her paper Evaluating Graduated Response,194 made an excellent attempt at analysing the effectiveness of GR systems globally by asking three questions of each regime by country:
1. To what extent does graduated response reduce infringement?
2. To what extent does graduated response maximi[s]e authori[s]ed uses?
3. To what extent does graduated response promote learning and culture by encouraging the creation and dissemination of a wide variety of creative materials?195
Her analysis was comprehensive, and it would be pointless to repeat what has already been expertly implemented. Giblin’s conclusions are largely similar to this author’s. There is a dearth
193 Ofcom, ‘Notice of Ofcom’s proposal to make by order a code for regulating the initial obligations’ (n 161) 3.
194 Giblin (n 122).
195 ibid 180.
of evidence to suggest that GR in any way reduces infringement, increases authorised uses, or promotes learning and culture. While there are many advocates of GR, there appears to be little, if any, evidence which supports claims that GR has any real effect on the prevalence of copyright piracy. Copyright theft is certainly a pressing issue for many rights holders, but GR does not seem to be the most effective way to combat this.196 However, the later examples of GR systems, with their greater focus on educational and mitigation efforts, seem to have learned from their predecessors. While the Hadopi and New Zealand examples do not offer encouragement in terms of concrete prosecutions or fines, the movement towards more educational initiatives197 may prove to nudge consumers toward legitimate avenues of content consumption – iTunes and Spotify, Netflix and other subscription streaming services have never been more popular, with users numbering in the millions.198 The Kantar research from the IPO emphasised that consumers have trouble with telling if content is legitimate or not,199 but initiatives such as Get It Right200 and The Content Map201 have been developed to mitigate these difficulties.
A chronological timeline of the development of GR systems paints a picture, however, of an encouraging development and understanding of what is necessary in order to reduce copyright infringement. From the original punitive three strikes systems visible in Hadopi and the New Zealand systems to the more sophisticated educational systems visible in the CAS and CCUK plan, an increased emphasis on education and pointing consumers toward legitimate avenues of content consumption is an encouraging development. As indicated by several research studies, pirates are not all heartless content thieves with no intention of supporting creativity – quite the opposite, in fact. Copyright pirates exist on a bell curve. Content consumers are not divided strictly into the pirates and the honest purchasers – the majority of pirates are both.202
196 See generally Giblin (n 122) 205-208.
197 Such as the CAS in general and the CCUK advert: The Drum (n 183).
198 Spotify had 60 million subscribers as of 2014: Stuart Dredge, ‘Spotify financial results show struggle to make streaming music viable’ (The Guardian, 11 May 2015) < profitable> accessed 16 October 2015; Netflix had 62 million members in mid-2015: Netflix, ‘Netflix to Announce Second-Quarter 2015 Financial Results’ (Press Release, 12 June 2015).
199 Kantar Media Monitoring (n 3) 5.
200 Get It Right From A Genuine Site (n 184).
201 The Content Map is a site which directs consumers to legitimate avenues of content consumption, much like the Get it Right site (n 184). The Content Map <> accessed 15 December 2015.
202 Joe Cox and Alan Collins, ‘Sailing in the same ship? Differences in factors motivating piracy of music and movie content’ (2014) 50 Journal of Behavioral and Experimental Economics 70; Adrian Adermon and Che-Yuan Liang, ‘Piracy and music sales: The effects of an anti-piracy law’ (2014) 105 Journal of Economic Behavior and Organization 90; Hasshi Sudler, ‘Effectiveness of anti-piracy technology: Finding appropriate solutions for evolving online piracy’ (2013) 56 Business Horizons 149.
A 2011 survey in America indicated that 46% of the self-admitted pirates stated that they did so less since the availability of streaming services203 and the 2012 wave of the Ofcom media monitoring found that the most prolific pirates spent three times as much money annually on legitimate content than those who did not pirate at all.204 Thus, improving the availability of digital content through legitimate means and educating would-be pirates as to the consequences of infringement and the avenues through which legitimate content is available may well be an effective strategy for reducing online content infringement.205
203 Joe Karaganis, ‘Copyright Infringement and Enforcement in the US’ (2011) (American Assembly, Columbia University) < Note-Infringement-and-Enforcement-November-2011.pdf> accessed 25 November 2015.
204 Kantar Media Monitoring, ‘OCI Tracker Benchmark Study ‘Deep Dive’ Analysis Report’ (2013) < dive.pdf> accessed 25 November 2015; ‘Andy’, ‘“Worst” File-Sharing Pirates Spend 300% More On Content than “Honest” Consumers’ (TorrentFreak, May 10, 2013) < content-than-honest-consumers-130510/> accessed 25 November 2015.
205 Joe Cox, ‘Online Pirates May Be Willing to Pay – If the Price is Right’ (The Conversation, 13 September 2013) <> accessed 25 November 2015.