EU to investigate Virgin Media surveillance

The European Commission is to investigate Virgin Media’s decision to use piracy detection software, following a complaint by Privacy International.

The ISP plans to trial Detica‘s CView software to identify illegal traffic across 40 percent of its network. But because the software uses deep packet inspection, it is able to identify IP addresses – although the company says the software strips this out – as well as actual file names.

“Under the Privacy and Electronic Communications (EC Directive) Regulations (PECR) and the Regulation of Investigatory Powers Act (RIPA) as well as the European ePrivacy Directive, interception and processing of communications requires either explicit informed consent from all parties or a warrant,” says Privacy International.

“It should be noted that there is no exemption in the regulations for the purpose of detecting illicit copyright infringement – and indeed in such cases where interception is being used for law enforcement, a warrant is required.

The issue has come up once before in 2007, when Phorm trialled similar deep packet inspection technology for the purpose of behavioural advertising.

Says Nicholas Bohm, General Counsel to the Foundation for Information Policy Research, “If the Detica system checks the files passing through the network against a database provided by rights holders (or does this via checksums or hashes), then it seems to run into exactly the same objections as the Phorm system, namely infringements of RIPA and PECR unless the necessary consents or authorisations are obtained.”

The trial has been put on hold while the complaint is investigated.