Virgin Media's lawyers have seen off a group of IP trolls who were trying to force the British ISP to hand over the personal details of people downloading allegedly copyrighted smut flicks.
Mircom International Content Management & Consulting and Golden Eye International both tried to force Virgin to hand over the details of customers who, the two claimed, were "unlawfully" downloading what Mr Recorder Douglas Campbell QC described as "pornographic films".
"This information is to be requested by the Applicants in batches of 'no more than 5,000 IP addresses per fortnight'," wrote the judge in his judgment, adding that Mircom and Golden Eye wanted to send "no more than 500 letters per week" to alleged copyright infringers.
To its credit, Virgin told the court that Mircom and Golden Eye "are companies whose entire business consists of obtaining disclosure orders of this kind, making threats of infringement and offering to settle for a fixed fee" – something neither firm disputed.
Back in 2012, Golden Eye pulled exactly the same trick but the courts agreed with the company and ordered O2 to hand over names, addresses and IP addresses of alleged infringers to Ben Dover Productions. This time round, however, the High Court told them to poke it.
From the thousands of IP addresses it obtained in 2012, Golden Eye sent letters to just 749 people, of whom 76 'fessed up, with a further 15 paying them off and settling out of court without accepting liability. Nobody was actually dragged into court that time.
As for the inevitable impact of the GDPR, barrister Robin Hopkins of 11 King's Bench Walk chambers in London was rather surprised by the judge's take on it. Writing on his firm's blog, Panopticon, he said: "The Court found that the GDPR had no bearing on its analysis. Its reasoning, however, was highly suspect, in my humble view."
He added: "The Court concluded that, once they received those IP addresses (which they proposed to use to contact the underlying individuals and demand money), the applicants would not be 'controllers' of that data. Some submissions were made along the lines that 'to be a controller, you have to be registered with the ICO'. More substantively, the Court's conclusion was that the applicants would be mere 'recipients', which is a term defined under Article 4(9) GDPR... that conclusion (and the whole analysis behind it) is plainly wrong. 'Controllers' and 'recipients' are not mutually exclusive categories."
Virgin acknowledged the judgment when The Register asked it to comment. ®