The New Legal Burden of “Hong Kong” Internet Users

Have you ever kept a log to record your computer’s IP every time when you fire up your Internet Explorer? Or, do you know how your ISPs’ DHCP allocate you an IP? If you think this is too technical for you, even though for an advance internet user, you are exposing yourself to the risk of possible legal action(s) raised by big record companies one day.

I read last week’s Sunday Morning Post and found a computer illiterate parent, Mr. Yeung, is facing such legal threat because IFPI is asking his “compensation” of their losses because of possible download or “partly” downloads of illegal music(s) from the Internet by his children. I think last week’s legal action means: Hong Kong internet users have to prepare to bear all responsibilities of anyone who used his/her continuously changing IP(s).

I think it is difficult for Mr. Yeung to defense the legal action, not only he is an computer illiterate person or low income father, but also he don’t know whether his computer is using a particular IP on a particular period of time, by someone when the “digital detectives” of IFPI found this IP downloaded copy right protected music(s).

Let me forecast Mr. Yeung’s fate in this case: He has no defense because he did not kept a log as I mentioned above and he think his children did downloaded something and therefore he has to accept his IP committed a “Crime” and his lost this proceeding without the help of a lawyer. However, the record companies may be “good” enough only to ask him to make a public announcement to apologize for his children’s actions and they will make use of this case to spread through the media to show this is a “big triumph” they win against Hong Kong digital pirates.

It’s the beginning of a “Dark Age” for some the internet users, since the benchmark ruling on Jan 26, 2006, Hong Kong again becomes the “First” in the whole world to force the ISPs to release the personal identity of the Internet users. The said judgment is highly welcomed by the music record and film making companies, law makers and most of the public media.

No ethical internet users would agree unlawful downloads; they accept and follow all fair and reasonable laws. However, this ruling provides a wide opened channel for those wealthy and resources rich organizations, such as: IFPI to raise “civil” actions against internet users if they claim that they have found those users (or “digital pirates”, in their words) downloaded intellectual properties from the Internet. As a Hong Kong residence and intensive Internet users, I fill a bit uncomfortable on this “political right” event and would like to share some of my view to the general public.

• As a result of the ruling, all internet users are requires to secure their IPs. If not, any one of the following cases (I guess the legal practitioners can spell out more) may make you to stand in front of the court.
  
  
• The parents would be sued, if they are the registered user of the Interest service, and their children downloaded something from the Internet, like Mr. Yeung’s case. To prevent such thing happen, parents are responsible for the day to day acts of their children. They have to equip with sufficient internet knowledge to control their kids or they have to ask some network professional to set up network equipment to control their usage.
  
  In an extreme case, if kids of a friend of mine downloaded some music during a friendship gathering at my house, I might to be sued. (So, never allows your friends kids or anyone that can’t trust, including your wife, to use your internet)
  
  
• All companies require doing all kinds of pre-cautions as a defense, (It is costly and may not be possible – BT is difficult to block even by firewall) or otherwise they have to responsible for the consequence of the acts performed by their employees. Sometime, you cannot find out who is actually committed the crime because it’s already one or two passed when you received a letter from the plaintiff. As a simple deduction, you may have to acknowledge all faults because you don’t know who used your IP to commit the “Crime”.
  
  
• As the price of wireless router drops a lot and because of its easiness of use, most of the home users installed one in their home. However, network security professionals already indicated that this is a big honey for script-kiddy. Anyone can access lots of “free” wireless connections anywhere by the helps of some tools, such as Network Stumbler. Hence, we have to educate all home users (ie including my office’s driver and tea lady) to set up at least WEP at his/her home to prevent one day being prosecuted as a cyber thief.
  
  
• Because of these rulings, all ISPs require to keep a reasonable history of access logs in order to meet the frequent “abuses” from the plaintiffs. I wonder who is going to pay the additional administrative costs (the ISPs? the intellectual property owners? Or the normal Internet users?)
  
  
• In a funny case, if my machine is being scanned and afterwards my machines was hacked. Can I apply to the court to ask the ISPs to release the privacy information of their users whose IPs is recorded on my firewall logs? Based on this information or so called evidences, if I am rich enough, can I raise series legal actions against those IP users?
  
  
• We are now talking about civil actions from well managed enterprises or organizations against common people, like Mr. Yeung.
  
  It’s totally different situation from a criminal case, which demands the prosecutors to provide complete and inarguable evidences to proof, in front of the court, that the defendant had committed the Crime. Hence, the law enforcement requires collecting all kinds of digital evidences, including seizing the defendant’s computer; carry out digital forensics procedures to find out evidences from the hard disk to proof the download. Furthermore, they have to proof the tie or link from the IP to the computer then to the defendant (or the “criminal”) at a particular time.
  
  I wonder what kind of evidences that the plaintiff is going to provide to the court to proof the defendant has done something to infringe their intellectual rights in these civil cases. Would the court accept weaker evidences to arrive the judgment which is favorable to the intellectual property owners? What happens if the plaintiffs mistakenly sue an innocent? For example, the ISP mistakenly provides the link from an IP to a user or the “digital detectives” recorded an incorrect IP from their screen capture from an investigation.
  
  Here I would like to quote similarity. Sometime I drive in Hong Kong Island, I really hate the driving habit of some of the Island’s bus drivers and it is not difficult to find that they sometimes cross 3-4 lanes within 30-50m with a short notice. A taxi driver told me that they would avoid having accident with buses because the bus companies are well equipped to handle traffic disputes and they have an internal legal department and they have lots of experience so that they could have better chances to win the dispute. Well, it is a bit unfair, but we have to accept it because bus is a public transport.
  
  

I think it is difficult to balance in between the freedom, social responsibilities and the interest of a particular group in the society. Only thing I could do is to inform or provide helps to all of my friends and colleagues (especially the driver and the tea lady) to configure their wireless routers or ask them to buy a firewall to secure their IPs. They have to keep a proper firewall logs as a proper defense in case they are being sued.