HomepageCommercial LawPrivate LawPublic Law & Human RightsCriminal LawEU & International LawCareers


Have Irlen Syndrome, or need different contrast? Click the button below for options.

Background Colours


Enter you email address below to subscribe to free customisable article notifications.

Alternatively, click the button below for our various RSS Feeds (available journal wide, or per section).

Online Pirates, prepare to be boarded! Right after we borrow a ship…

About The Author

Chris Bridges (Executive Editor)

Chris is an IT and Data Protection solicitor at a top 20 full service firm and the founder of Keep Calm Talk Law. He also contributes to Computers and Law and other sector specific publications.

[Read More]

Under the Digital Economy Act 2010 (DEA), provisions were made for the imposition of certain obligations on internet service providers (ISPs) in relation to online copyright infringement (synonymous with involvement in online piracy). However, due to a continuous stream of difficulties in the implementation of these provisions, none of them are yet in force, and are unlikely to be anytime soon. Copyright holders may therefore feel somewhat in limbo; both the previous and current governments have attempted to combat online piracy, but have failed to deliver any tangible results.

However, not all is lost (supposedly). The government have been working on a voluntary program that, they hope, would prove an equally adequate solution to that provided by the DEA. This voluntary programme, known as the Voluntary Copyright Alert Programme (VCAP), hopes to be up and running later this year, according to Edward Vaizey, the Parliamentary Under-Secretary of State for Culture, Media and Sport. To assess whether this voluntary programme could be a viable alternative to the compulsory arrangements under the DEA, we must first look at what the DEA hopes to achieve.

Digital Economy Act 2010

The DEA will place a number of new obligations on ISPs in relation to the policing of copyright infringement by their customers. These obligations are to be governed and regulated by Ofcom, the UK’s telecommunications regulator, via a bespoke code for the purpose. The current draft of this code would see these obligations apply to all ISPs that provide over 400,000 fixed line broadband services, which would encompass most ‘household’ names within the industry. These providers include BT, O2 (fixed line services only), TalkTalk, Sky, Everything Everywhere and Virgin Media. Notably, all ‘wireless’ providers, including providers of WiFi and mobile coverage would not be expected to comply with the obligations due to a disproportionate cost in implementing the needed systems, as subscribers would be harder to identify due to technological limitations. Additionally, it is believed mobile networks are generally not widely used for download of material due to bandwidth and speed limitations.

There are two principal obligations within the DEA. The first would require ISPs to notify their customers of suspected copyright breaches using their account (whether it was them, or someone they allowed to use their connection), which would be based on reports made by copyright holders. Such a report would have to:

  1. State that there appears to have been an infringement of the owner's copyright;
  2. Includes a description of the apparent infringement;
  3. Include evidence of the apparent infringement that shows the subscriber's IP address and the time at which the evidence was gathered;
  4. Be sent to the internet service provider within the period of 1 month beginning with the day on which the evidence was gathered; and
  5. Comply with any other requirement of the initial obligations code [that provided by Ofcom].

This, in its own right, does not seem particular onerous to the ISP, nor does it appear particularly unfair to the consumer. It acknowledges that often consumers are unaware that they are accessing illegal material, and may stop if notified, and that often consumers are unaware that someone else is doing so on their line.

The second obligation requires the ISP to add the customer to a ‘copyright infringement list’ after three such notifications have been sent to the customer, which copyright holders could access once a month for the purpose of suing persistent copyright infringers (it would be up to the copyright holder to decide which customers on the list are ‘worth’ suing).

Again, on a basic level this does not seem onerous. The list, you might think, would not cost much to administer, and the customer can hardly complain. If after receiving three warning notifications they persist with their illicit behaviour, and have not successfully disputed any such behaviour, they would, and should be, fair game. Thieves, in the more literal sense, would not be given three strikes before being brought to justice, so cyber thieves get off rather lightly.

So why then, did Ofcom receive what can only be described as a barrage of criticism from ISPs in response to their consultation? Needless to say, I cannot possibly consider every criticism contained within the most recent 103-page consultation response, but I can highlight two key criticisms.

  1. An Arbitrary Threshold – Many ISPs felt the 400,000-customer threshold was arbitrary as there is no direct correlation between customer numbers and the chance of infringement. Furthermore, a 400,000 limit would simply deter serial copyright infringers from the big networks in favour of un-regulated small ISPs, thereby damaging large providers’ businesses. These criticisms have been largely rebutted by the question of utility. The current threshold would cover 93.5% of the market, lowering this to 50,000 would only increase the market share by 2.3%, at great cost.
  2. Funding – The intention is for the cost of the scheme to be shared by ISPs and copyright holders. There is no surprise that there has been substantial disagreement over this. This is what has caused substantial delay. As it stands ISPs are responsible for 25% of the cost, and copyright holders 75%. This may change, and the requisite amendments of the shared costs order is what is causing the significant delay in implementation. There is some concern that forcing the ISPs to pay 25% of the cost is essentially levying a tax (as opposed to forcing the copyright holders, who are paying for a service that makes enforcement much easier).

(Full disclosure: there was also extensive criticism from both user groups and copyright holders, but not to the same extent as to that from ISPs. Furthermore, it is the criticism and uncooperative nature of the ISPs that is holding up the enforcement of the DEA.)

Voluntary Copyright Alert Programme

If you are presently thinking, “how on earth will a voluntary programme work where a compulsory programme is failing”, you are not the only one. This really does seem like the government are trying to take on a pirate, without a ship to chase him.

No doubt such a system would operate slightly differently to reflect its voluntary nature, and I suspect rights holders would bare most of the cost to encourage otherwise uncooperative ISPs (unfortunately, it is very difficult to find any information on it, which certainly does not do wonders for confidence). John Whittingdale MP, Chair of the Commons’ Culture, Media and Sport Committee believes that “the recent development of a voluntary agreement is in many ways preferable”. Of course, this would be indisputable if it were not for the fact that a voluntary system seems somewhat idyllic, but he did qualify his comment by saying that the DEA would be there as a fall-back. (See Hansard Thursday 13th February 2014).

To me, this seems somewhat like wasted breath. A key concern of ISPs was that illegal downloaders would simply switch to an ISP that does not take part in such a scheme. This is equally true for a voluntary scheme, if not more so. Where is the motivation for taking part, when ISPs are reluctant to take part in a statutory scheme? At least with a statutory scheme, the ISP can tell their customers they had no choice in the matter.

When the DEA is (relatively) close to implementation, and has had such great effort put into getting it into this position, it seems rather short sighted to abandon it for a lesser option.

Perhaps I am being too critical. I can certainly see the merits in a voluntary system. Ideas of corporations working together are all very nice. In practice however, these are large moneymaking machines. If the scheme damaged its profits more than the perceived increase in reputation, they could just cut the cord.

Despite this, similar schemes have worked elsewhere, most notably in the USA where a similar “Copyright Alert System” (CAP) has been implemented. Not only has it been implemented, it has also had a fairly good uptake by ISPs, with many large networks including AT&T, Cablevision, Time Warner, Verizon and Comcast signing up.

However, there is a catch. The CAP is to a house cat as the DEA is to a lion. A few direct comparisons:




Number of Warnings



What happens when your strikes have expired?

Varies between providers. Some ‘throttle’ your internet speed (vastly reduce it). Some will simply redirect you to education pages and encourage you to take an online tutorial on copyright infringement. After this, nothing happens unless the rights holder pursues a legal claim.


ISPs will not share information with rights holders for prosecution purposes by default.


Rights holders may only obtain identifying information via court order or subpoena.

Added to the ISP’s copyright infringement list, made available to rights holders once per month by right, without any court order or further steps.


 This could lead to civil proceedings against you, or in serious cases the rights holder could work with the police and CPS to prosecute you criminally.


Applicable sources of illegal material

Files downloaded over peer-to-peer BitTorrent networks only.

Internet wide (however BitTorrents are the easiest to monitor due to their open nature. Anyone can see the IP addresses of other downloaders with a few clicks).


As you can see, there is little comparison between the measures under the DEA in the UK, and the CAP in the USA. No wonder ISPs have signed up to the CAP, as it is likely to be seen as a minor deterrent that will not affect their profitability by any great margin.

If a voluntary scheme were to come into play in the UK, I imagine it would be as equally weak as the CAP. Many concessions would need to be made to encourage ISPs to sign up. Whilst the CAP may discourage some light-hearted downloaders (and those that do not know what they are doing is illegal), veteran copyright infringers will see little threat in a few pop-ups informing you “you have been naughty, please stop”.

I reiterate the point, that to take a step back to this sort of scheme would be foolish, especially when a much stronger scheme is just around the corner (if of course you believe it really is after four years of delays!).

Furthermore, whilst statistics vary greatly from source to source, an overwhelming majority suggest the largest demographic group committing online piracy are teenagers and young adults (for instance this source suggest 70% of persons in the US aged 18 to 29 download illegally. Many other sources can be found by simply searching for ‘online piracy demographics’). Is this demographic group likely to fully understand the implications of what they are doing? They should, but how many will? Persons aged younger than this are even less likely to understand. Under the DEA, notifications are sent to the bill payer, who will likely take exception to the prospect of being prosecuted due to their children’s or housemates actions, bringing a hasty end to any illegal activity.

Other Issues

I have largely focussed on the current setbacks to the DEA, and the inadequacies of a voluntary scheme. However, this fails to take into account a number of other criticisms of these schemes. Therefore, I shall try to do them justice with a few short words.

Data Protection Concerns

BT and TalkTalk launched a Judicial Review on the DEA in 2011, alleging the Act infringed EU obligations regarding the protection of consumers’ data. However, this was quickly dismissed. Whilst the concern initially seems valid, further investigation reveals (without going into details), that consumer data is anonymised right up until the point a rights holder decides to pursue legal proceedings.

Can we really argue with the breach of data privacy for law enforcement? It would be like arguing that a bank robber should not have to take his mask off when he is arrested because he did not want police to know who he was. Online pirates are as much thieves as bank robbers, even if the value of what they steal is far less. (Although, on a slight tangent, serial pirates could easily ‘steal’ thousands of pounds worth of material in a matter of hours on a fast broadband connection). On this basis, any alleged infringement, if there is one, is proportionate. There are few alternative solutions; this issue is discussed in some detail on OutLaw, including how some issues relating to data privacy might be solved.

Should All Data Be Free?

Many groups argue all data should be free. I wrote briefly on the subject a number of weeks ago in relation to ‘an Online Bill of Rights’. It is an argument I acknowledge, but quickly dismiss.

I found this proposition rather ludicrous, without the commercialisation of music, software and film, there simply would be little to no investment in these industries. Why should different rules apply to two different mediums of the same product, with one found at your local record store and one found online? Rights holders need to be able to enforce their rights, and the DEA is the first significant step in them being able to do so on a universal basis.

Another SOPA?

You may have heard of the proposed US ‘Stop Online Privacy Act’ which brewed quite a storm worldwide. The act made provisions for the removal of websites from search engines and the complete takedown of internet domains for the posting of links, which could result in an entire organisation's website being taken down due to one suspect link. In reaction, many websites closed their doors, causing an ‘internet blackout’ including Wikipedia and Google. As a result, the progress of the bill was suspended.

It is important to note that the DEA cannot be compared to the SOPA. Actions under the DEA would be isolated to individuals that were persistently infringing copyright, and would not result in the automatic takedown of websites. For this, copyright holders would have to go down the traditional paths of obtaining court orders.

My One Concern

Whilst I am clearly pro-compulsory scheme, and see the DEA as a major step in the right direction for the protection of digital media, I do still have one concern.

I find the criticism from ISPs that the threshold for applicability is too arbitrary to be a serious one. Whilst the arguments against lowering the threshold make sense in financial terms, they leave a gaping hole for serial copyright infringers to climb through. I have no doubt serial infringers will avoid the DEA by changing ISP, thereby reducing their chance of being caught. The discussion of what would be an adequate alternative is however a complex one, but is one that needs careful consideration in the future.

In the meantime, I believe the current proposed scheme will make a significant impact. Whilst serial illegal downloaders may still roam free, the vast majority’s illegal habits will be severely influenced by the scheme. It will stop online piracy from being a crime that people feel that they can easily get away with. The fact they can be detected will quickly become known, and rights holders will finally be able to enforce the rights that they deserve with ease.

For the latest articles straight to your inbox, you can subscribe for free. Alternatively, follow @KeepCalmTalkLaw on Twitter or Like us on Facebook.

Tagged: Commercial Law, Intellectual Property, Privacy Law, Technology

Comment / Show Comments (0)

You May Also Be Interested In...

Living in an Interconnected World – A Legal Conundrum

17th Sep 2015 by Matt Bogdan

Cheesy Porn: A Fetish For Unauthorised Product Placement

9th Sep 2015 by Samuel Cuthbert

The Rihanna Row: Where Fashion Clashes with Privacy

20th Feb 2015 by Jade Rigby

Freedom of Design: Should 'simplicity' be protected?

1st Dec 2013 by Chris Bridges

A Case Study: Are patents a help or hindrance to innovation?

18th Nov 2013 by Chris Bridges

Data Privacy: Due Diligence Due?

13th Nov 2013 by Chris Bridges

Section Pick May

Coronavirus and Contracts: Is Frustration in Play?

Editors' Pick Image

View More


Keep Calm Talk Law: Moving Forward

3rd Sep 2019

Changing of the Guard: Moving Keep Calm Talk Law Forward

12th Aug 2018

An Anniversary or Two: Four Years of Keep Calm Talk Law

11th Nov 2017

Rising from the Ashes: The Return of Keep Calm Talk Law

18th Nov 2016

Two Years On, Keep Calm Talk Law’s Legacy is Expanding

11th Nov 2015


Javascript must be enabled for the Twitter plugin to function. Click below to visit us on Twitter.

Free Email Subscription

Subscribe to Keep Calm Talk Law for email updates, and/or weekly roundups. You can tailor your subscription on activation. Both fields are required.

Your occupation / Career stage is used to tailor your subscription and for readership monitoring.

Uncheck this box if you do not want to receive our monthly newsletter.

By clicking the Subscribe button, you agree to our privacy policy and terms of service. Please ensure you read these in full.

Free Subscription