The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Tuesday, July 08, 2008
I had the chance yesterday to read the decision in Viacom International v. YouTube (previously: Canadian Privacy Law Blog: Judge orders that YouTube hand over viewer records). The request and the order are appalling from a privacy point of view, in my humble opinion.
It appears clear from the decision that Viacom, et al. were ostensibly not looking for information about users of Google Video and YouTube, but this will certainly be the side-effect. In the preliminary motion, Viacom was seeking a number of orders from the court to help it build its billion dollar case for copyright infringement against the video sites. Because the vast majority of the content is uploaded by users, Viacom is going after YouTube on the basis that they assist and encourage the violation of copyright by users and are therefore responsible financially for it. The reason put forward by Viacom for seeking the full user logs was to compare the viewership (aka hits) of allegedly pirated content against viewership of non-pirated materials. If they can show that allegedly pirated content is more popular, the reasoning goes, they can show that YouTube has a financial interest in allowing pirated content on the site.
Google attempted to argue to the Court that handing over the raw logs would be intrusive of privacy for the sites' users. Unfortunately for the users, the Court didn't put much weight in these arguments as it referred to Google's past positions that IP addresses cannot identify individuals:
Defendants argue that the data should not be disclosed because of the users’ privacy concerns, saying that “Plaintiffs would likely be able to determine the viewing and video uploading habits of YouTube’s users based on the user’s login ID and the user’s IP address” (Do Decl. ¶ 16).
But defendants cite no authority barring them from disclosing such information in civil discovery proceedings, and their privacy concerns are speculative. Defendants do not refute that the “login ID is an anonymous pseudonym that users create for themselves when they sign up with YouTube” which without more “cannot identify specific individuals” (Pls.’ Reply 44), and Google has elsewhere stated:We . . . are strong supporters of the idea that data protection laws should apply to any data that could identify you. The reality is though that in most cases, an IP address without additional information cannot.
Google Software Engineer Alma Whitten, Are IP addresses personal?, GOOGLE PUBLIC POLICY BLOG (Feb. 22, 2008), http://googlepublicpolicy.blogspot.com/2008/02/are-ip-addresses-personal.html (Wilkens Decl. Ex. M).
So why does Viacom need the full logs? Because they need to try to determine unique viewership of the content. They need a way to distinguish one viewer from another.
Do they need full IP addresses? I don't think so. While we are talking about terabytes of data, it would be trivial to run all the logs through a software routine that would use a "one way hash" to make each IP address unique while not disclosing the IP address itself.
Why the big deal? While Viacom obtained the information for one purpose (to build its case against YouTube), it may be able to use the information for other purposes. At least in Canada, that would be covered by the implied undertaking rule that would require court permission before using it for any other purpose. But the bigger deal is the chilling effect on viewers. Casual web surfers may know that somewhere their digital footprints are being recorded, but they don't spend a lot of time thinking about it. This case should make internet users think carefully about where they are surfing, what they are viewing and the fact that once personal information is recorded and retained, it will be available for all kinds of secondary uses. Some of these secondary uses, such as litigation or criminal investigations, are beyond their control and there is no opt-out. The Viacom order includes the personal information of innocent viewers who were only viewing public domain or properly licensed content. Those logs include my IP addresses, which includes information about what I've viewed and what my kids have viewed. I'm sure that it includes your IP address too.
What to do? If you are an online service provider, don't create logs. If you create logs, don't keep them. It's that simple. (If you are about to be served with a subpoena, don't delete them. It's too late and you'll be hit with accusations of spoliation.) If you are an internet user, look into Tor.
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.