In the 21st century, literally every social, business, political, and cultural aspect of life is mediated by online space. This means that behind every everyday activity stands an online platform - a website, a blog, an Internet mobile application, and so on. The Bulgarian social reality shows that offenses / crimes aimed at copying, using, reproducing, distributing, hacking, breaking the integrity and functioning of online works are a practice that is completely neglected, legally unsettled, and therefore devoid of any clearly structured legislative sanction, therefore prevention. It is correct to note that there are some legal norms in the Bulgarian legislation which concern the commented subject, but they are in different material laws and provide for separate abstract hypotheses that do not communicate with each other and thus remain some "mutilated" legal constructions without real practical significance.
All of this naturally leads to the total unproductiveness and almost zero efficiency in the work of specialized prevention bodies in the face of, for example, in the computer crime sector of so called “GDBOP”, due in particular to the lack of an adequate legal framework from a substantive point of view and respectively the lack of powers from a procedural point of view. This article aims to precisely identify these problems and to define what has been achieved so far internationally to justify the real need for such a legislative initiative in Bulgaria, which is justified not only in the present but also especially in the future, given the obvious all-round digitization of public life. Here I would like to point out the fact that the legal focus on online space and its problems has been placed in Western Europe and the US in the mid-1990s, i.e. the Bulgarian legislation is late for nearly 20 years to place emphasis on lawmaking in this sphere. I would like to mention that when in 2009 at a intellectual property conference, I started to speak on the subject of this article, I was greeted with silence and misunderstanding by a strictly professional audience that made me feel like a "stranger in my own." Unfortunately, there is no feedback between the online industry and lawyers, intellectual property specialists, which leads to a lack of communication and an option for a meeting of opinions, concepts and views to identify the specific problems to be solved. That is why, up to this day, I continue to insist that an "Intellectual Property Law on the Internet" must exist in the Bulgarian legislation, taking into account the balanced interests of users and rights holders, and in this context, the different options to the positive legal behavior of the different legal entities and a corresponding sanction in respect of offenses and crimes directed against copyright works and various technical and software platforms, object of intellectual property based on the Internet.
1.Legislative practice in the United States. On October 12, 1998 with anonymous voting was passed by the US Senate the The Digital Millennium Copyright Act (DMCA. President Bill Clinton signed this law on October 28, 1998; it amends Title 17 of the US Copyright Code regarding the limits of Copyright law, by limiting the liability of online copyright service providers when their users have disobeyed copyrights.
The DMCA, in its paragraph 1201, criminalizes the production and distribution of technologies, devices or services designed to circumvent the measures (commonly known as digital rights management or DRM) that control access to the objects of copyrights. DMCA also criminalizes acts aimed at circumventing technical access control, regardless of whether such a purposeful conduct has led to the actual infringement of copyright or not. As the copying of a work may be subject to so-called "free use", on one hand the DMCA does not prohibit technological measures that prevent copying. On the other hand, since fair doctrine of free use is not protected from an act of unauthorized access to a work, the act that is aiming to circumvent a technical measure of access is forbidden. In this context, devices or services that fall into one of the following three categories are prohibited:
- which are primarily designed or produced to circumvent;
- that have limited commercial aim or are used by another to circumvent; or
- which are offered for use in circumventing.
The ban on devices for circumvention of technical mean does not require manufacturers of consumer electronics, telecommunications or computing technics to develop their own products to meet any specific technological means.
The abovementioned prohibition of circumvention of paragraph 1201 is limited by six DMCA exceptions, which are clearly worded as follows:
- The prohibition does not apply to non-commercial purposes of libraries, archives and educational institutions. The prohibition of circumvention of access control measures is subject to an exception allowing non-profit libraries, archives and educational institutions to abide by it only for the purposes of goodwill embodied in their desire to obtain authorized access to the work.
- "Reverse Engineering”. This exception allows circumvention and the development of technological means for such circumvention by a person lawfully entitled to use a copy of a computer program for the sole purpose of identifying and analyzing program elements required to achieve interoperability with other programs to the extent that copyright law permits such actions.
- Encryption studies. The exception for encryption studies allows circumvention of access control measures as well as the development of technological means to do so to identify gaps and weaknesses of encryption technologies.
- Protection of Minors. This exception allows the court to apply the prohibition on a component or part of it, in terms of the need to input it in a technology that does not allow access of minors to material on the Internet.
- Privacy. This exception allows circumvention of the technological measure or work that it protects if it leads to the possibility of collecting or distributing personal identifying information about the online activity of an individual.
- Security testing. This exception allows circumvention of access control measures as well as the development of technological means for such circumvention for the purpose of testing the security of a computer, computer system or computer network with the permission of its owner or operator.
Each of the exceptions has its own set of conditions for its applicability as it obviously affects legal relationships of considerable public interest that usually guarantee constitutional rights of the citizens. An interesting fact is that such an in-depth discussion of such six legal issues in the online environment has not even been led in the Bulgarian society up to the present moment. These issues are defined precisely, clearly and comprehensively legally in the DMCA, and are protecting the public interest despite the prohibition of the law, i.e. here is not aimed only penalization restriction but also strict observance of the rights and interests of the citizens. I am saying this because the imposition of such a type of legislation in Bulgaria in the future will initially call precisely for this debate – to the extent to which the rights and interests of every Bulgarian will be protected and to the extent of which these legal norms will not constitute entry into its personal legal sphere. Such a debate has arisen around ACTA, and the benefits of it have never been explained, and the "arguments" against, distributed in the public, were absolutely illegal, unprofessional and politically populist. Obviously appropriate and thoughtful legal constructions are already present in the world practice, and this type of worries should be ignored in order to be able to adopt adequate legislation in Bulgaria that responds to the e-life of each of us in the 21st century.
Interest is also paragraph 1202 of the DMCA, which creates a duty of protection and integrity with respect to the copyright management information (CMI), which is developed in two subparagraphs, the first of which deals with false CMI and the second with the removal or replacement of the CMI. Article 1 of this rule makes the rule that it is forbidden to provide or distribute false "information about copyright management" if it is done with the intention of inducing, enabling, facilitating or concealing copyright infringements. The second paragraph prohibits also the deliberate removal or modification of “information on copyrights management” without permission, as well as the distribution of the CMI or copies of works, knowing that the CMI has been removed or modified without permission. The responsibility under Paragraph 2 requires the infringement to be conducted with knowledge of legal and technical remedies, with reasonable grounds to believe that all this will cause, enable, facilitate or conceal copyright infringements.
Paragraph 3 of paragraph 1202 defines "information on copyrights management" as identifying information about the work, the author, the copyright owner and, in some cases, the contractor, writer or producer of the work as well as the terms and conditions of use. Information on users of works is explicitly excluded.
Remedies for legal protection provided in the DMCA.
Any legal entity affected by a civil law infringement of intellectual property within the meaning of paragraphs 1201 or 1202 may bring a civil action in the US federal court. The law gives courts the power to award a number of non-pecuniary and pecuniary benefits similar to those covered by the US Copyright Act (which means that both laws are narrowly refined and legally ticked), including the presumed damages. The Court has the right of discretion to reduce or return damages in the case of 'offenses of innocent' where the offender proves he did not know and there is no reason to believe that his / her legal acts constitute an infringement. Special protection is given to nonprofit libraries, archives and educational institutions that have the right to complete remission of damages under these circumstances.
In addition, I would like to point out that the DMCA assumes that the deliberate violation of paragraph 1201 or 1202 for the purposes of commercial advantage or financial gain is a crime. According to paragraph 1204 of the Act, in these cases sanctions vary to a fine of $ 500,000 or up to five years imprisonment for a first offense and a $ 1.0 million fine or up to 10 years imprisonment for subsequent crimes. Non-commercial libraries, archives and educational institutions are completely exempt from this kind of criminal liability.
The major DMCA innovation in the field of copyright is the exemption from direct and indirect liability of ISPs and other intermediaries.
This legal framework for the discharge of suppliers was copied by the European Union through Directive 2000/31 / EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, on the internal market (Directive on electronic commerce), Directive 2001/29 / EC of the European Parliament and of the Council of 22 May 2001 on the harmonization of certain aspects of copyright and related rights in the information society . In general, art. 512 (a) of the DMCA limits the liability of service providers in cases where the provider merely acts as a data conductor or transfers digital information from one network point to another at the request of a third party. This limitation applies to transmission, routing, or provision of information links as well as to intermediate and transient copies that are made automatically during network operation. To qualify for this restriction, the service provider's activity must meet the following conditions:
- A person other than the provider must initiate transmission.
- Transmission, routing, provisioning, or copying must be done by an automated technical process, without the choice of specific authoring material by the service provider.
- The service provider should not identify the recipients of the material.
- All intermediate copies should not normally be available to any legal entity other than the intended recipients and should not be retained for longer than is reasonably necessary.
- The authoring material must be submitted without changing its contents.
Article 512 (c) limits the liability of service providers for copyright materials in violation of websites (or other information storages) hosted on their systems. In order for limitation rules to be admissible, the following conditions must be fulfilled:
- The provider should not know about the illegal activities as described below.
- If the vendor has the right and the ability to control the illegal activities, he must not accept a financial benefit that is directly related to the source of the improper activities.
- When a notice for violation of copyrights is received, the provider must take certain measures to expedite or block access to the material.
Limiting responsibility for system caching. Article 512 (b) of the DMCA limits the responsibility of service providers for the retention of copies for a limited period of time ("caching") from material that has been made available online by a person other than the supplier and hen it was transmitted to a subscriber. The service provider is marked on the material so that transmitting the cached copy rather than retrieving material from the original source in the network can accomplish subsequent searches for the same material.
The benefit of this practice is that it reduces the traffic requirements to the service provider and reduces the waiting time for subsequent searches for the same information. On the other hand, this leads to the provision of up-to-date information to subscribers, which gives website operators information about the number of searches for a particular material on the website, thus calculating the advertising revenue.
2.European legislative practice. The legal framework in the European Union on the subject is fully covered by Directive 2004/48 / EC of the European Parliament and of the Council of 29 April 2004 on the enforcement of intellectual property rights or the so-called 'IPRED Directive' (or “IPR Enforcement Directive "). The Directive states that the inconsistencies between the legal systems of the Member States with regard to the means of enforcing intellectual property rights are detrimental to the proper functioning of the internal market and it is therefore impossible to ensure that intellectual property rights enjoy equivalent protection in The Community. This situation does not encourage free movement within the internal market nor creates a favorable environment for fair competition.
These differences lead to a lag in the legal framework of national substantive law on intellectual property and the fragmentation of the internal market in this respect. All this results in a loss of confidence among the business community towards the internal market, followed by a reduction in investment in innovation and inventions. Intellectual property infringements have been increasingly linked to organized crime, with no real response on the ground mainly online. This reason leads to the conclusion that the widespread use of the Internet has led to the rapid spread of piracy products around the world. Directive 2004/48 / EC therefore recognizes that the effective exercise of substantive intellectual property rights by means of concrete actions at Community level should be ensured, for example approximation of Member States' legislation in this field is an essential prerequisite for the proper functioning of the internal market.
According to Article 20 of Directive 2004/48 / EC, its provisions had to be implemented in all Member States of the European Union at the latest three years after 29 April 2006. Each Member State had to submit a report to the European Commission on the implementation of this Directive. On the base of these reports, the Commission should’ve prepared a report on the application of the Directive with an assessment of the efficacy of the means taken, including an assessment of its impact on the upgrading and development of the information society. This report was then to be transmitted to the European Parliament, the Council and the Economic and Social Committee. Proposals for amendments to Directive 2004/48 / EC should also be applied, if necessary, in the light of developments in the Community legal order. However, a number of countries, including Bulgaria, have not yet done the necessary legislative steps to implement it in their domestic legislation. The impression is that Directive 2004/48 / EC is implemented in the legislation of some of the most dynamically developing economies in Western Europe. It was introduced in UK legislation as well as in Dutch law (introduced on 1 May 2007). The Directive was then adopted in France on 27 June 2008 and the Swedish Parliament voted to be implemented on 26 February 2009, and it entered into force on the last mentioned territory on 1 April 2009.
3.Legal framework in England. In 2010, The UK Parliament adopted the Digital Economy Act 2010. This law defines the legislative framework concerning the intellectual property of the content of the electronic media, including copyright infringement online, the domains, as well as the copyright content of the local radio stations and video games. Lord Mandelson proposed the law for consideration in the English Parliament on 20 November 2009 and its final version come into force on 8 April 2010.
Some of the basic provisions of the Digital Economy Act set up a system of notifications to Internet subscribers who downloaded content by peer-to-peer technology. The legal aim pursued is to present the appropriate evidence that copyright holders can use in a legal action against subscribers who repeatedly violate copyright laws with respect to a particular online work. These provisions also provide for "technical measures" whereby the lawful penalty will be applied directly through a subscriber's Internet service provider.
On the other hand, the Digital Economy Act creates an obligation for ISPs to maintain a list of subscribers who are recruiters with respect to copyright infringement. The list should include those subscribers who have reached a predefined threshold in terms of the number of online admissible violations to which a threshold their personal data remains anonymous and lawfully protected. However, after passing this threshold, copyright holders may request that relevant subscribers be identified in order to take presumed legal action to engage in tort, delict and criminal liability, on the basis of which the right holders can obtain a court order to obtain the personal data of a subscriber from ISPs.
What other legislative measures are foreseen in the Digital Economy Act for an established online intellectual property infringement:
- limitation of the speed of the connection to broadband Internet access;
- limitation of the access to certain online material and shutting down the service;
- disconnection of the subscriber for a certain amount of time.
- blocking a website based on a claim by copyright holders once it is proven that it offers "a significant amount of copyrighted material that is or is likely to be infringed" or when the site "facilitates" such behavior.
On the basis of the so-adopted Digital Economy Act, changes are made in the English Law on Copyright, Designs and Patents Act to increase the penalty for criminal liability for copyright infringement to a maximum of £ 50,000.
The other important provisions of the Digital Economy Act provide for the digital broadcasting of terrestrial radio in the United Kingdom; The ways to sell and administer registers for ".uk" extension domains; The regulation of television and radio services via the so-called "online streaming”; Regulating the use of the electromagnetic spectrum; Receiving royalties in connection with electronic publications of authors ("royalties") concerning the online rental of physical books that have been digitized by British libraries.
4.Legislative framework in Sweden. When the "IPRED Act" came into force in Sweden on April 1, 2009, the government believed that this would result in solving between 400 and 800 cases a year on copyright infringement online. However, a recent study of jurisprudence by legal experts on the award of the Swedish Government has shown that there are only eleven pending cases on the subject. According to the data gathered, eight of the eleven cases were administered as court proceedings, and the court judged only four of them. Three of the claims were honored and one was dismissed as unfounded. The three cases mentioned above are appealed at a higher instance.
The Swedish IPRED Act is named in Directive 2004/48 / EC of the European Parliament and of the Council of 29 April 2004 on the enforcement of intellectual property rights. It provides authors with the right to request suspects' IP addresses for illegal file sharing in order to be held responsible for their legal liability.
In May 2009. Mediavision, an independent consulting company, is conducting a survey based on 3,500 polls in Sweden, stating that more than a third of young people aged 15-24 have reduced or suspended traffic to share Files after the introduction of the IPRED Act. The main reason cited by respondents is the risk of detecting an offense and the risk of a more severe punishment. A new investigation by the same company indicates that there has been an increase in illegal file sharing, mostly in the autumn of 2009, based on polls of 1,700 Swedes. A different study, conducted by the Swedish SIFO Market Research Company (SIFO), found that people in Sweden involved in file sharing had declined from 26% in March 2009 to 11% in September 2009 , with 61 percent of those aged 9-19 and 43 percent of 20-34 year olds having started to play music on the Internet through music services such as Spotify 7 days a week.
Two cases of conviction for online offenses are highly discussed in Sweden. The first case is known as the "Solna case". Upon the introduction of the IPRED Act, five publishers for audio books have requested authorization to retrieve information from one of its users from the Internet service provider "Ephone". The user in question was accused of sharing several audio books and movies online. The judgment of the district court in “Solna” case was to disclose personal information about the particular consumer. The court's decision was appealed before the Swedish Court of Appeal, which repealed a previous conviction.
The case study "Swetorrents" was the second widely discussed case. In this case, several Swedish film corporations requested information about a customer of Internet Service Provider TeliaSonera. The decision imposed obliges Teliya Sonera to provide the copyright holders with the necessary information for Internet service clients. In December 2009, Teliya Sonera appealed the court's decision in city of Olson. All decisions in similar cases have been appealed through two subsequent appeals to the Supreme Court of Sweden.
Conclusion. In view of the international legislative framework described, several conclusions should be drawn. Firstly, Directive 2004/48 / EC of the European Parliament and of the Council of 29 April 2004 on the enforcement of intellectual property rights or the so-called 'IPRED Directive' (Enforcement Directive) is not yet Implemented in Bulgarian law. Here, it should note that the directives bind each Member State to the specific legal result to be achieved at national level. The Bulgarian legislator should choose by what means and in what form to achieve the result achieved by Directive 2004/48 / EC, transposed into national law. In my opinion, this must be an explicit law to which the Directive is logical, and as is obviously done in most European laws.
The unresolved legislative issues that should in my opinion to be subject of regulation by a Bulgarian future "IPR" law should, as a minimum, cover at least the following topics:
- an option for the legal establishment of personal data of an intellectual property offender on the Internet in view of the assumption or proven fact that he has repeatedly committed such an act;
- the option of administrative and criminal prosecution, as well as engagement of civil-law tort liability against offenders, respectively offenses, against intellectual property online;
- an option to restrict those people's access to the Internet through appropriate technical measures;
- an option to restrict the access of the persons concerned to a particular material online;
- a sanction leading to exclusion of the subscriber from the Internet for a certain period of time;
- an option to block a website based on a claim by the copyright holders when it is supposed or proven that it offers a significant amount of copyrighted material that is or is likely to be infringed or when the site facilitates such behavior;
- Criminalization of the production and distribution of technologies, devices or services designed to circumvent the measures that control access to copyright sites.
- Proper, legally regulated administration and arbitrage of ".bg" domains. Legislative regulation of a specialized arbitration tribunal on domain disputes;
- the intellectual property legislation distributed by the electronic media;
- Legislation on the use and reproduction of digitized copies of physical works of authorship;
- Legislation on intellectual property on video games, database, computer programs and mobile applications distributed online.
- Legislation on trademarks, designs, patents and other industrial property items distributed online.
- Legislative regulation of a competent specialized public authority which citizens can address regarding online intellectual property violations in order for the abovementioned to be able to impose administrative and criminal liability on offenders and to implement appropriate restrictive technical measures.
Author: Mr. Atanas Kostov – intellectual property lawyer