As a great percentage of copyright offenses nowadays occur in the cyberspace, digital footprints as evidence play an ever more important role in the prosecution of copyright offenses and bring new issues before the court. Many issues relate to the question: "how do we link the digital footprints to the defendant?" and this question may become quite onerous in the real world, as shown by a judgment rendered by the IP Court last month on a copyright infringement dispute. Prosecutors of the New Taipei District Prosecutors Office v. Chen, 108 Xing-Zhi-Shang-Yi 24, IP Court (June 2019).

The case started with a regular web patrol by a major Taiwanese film production studio, which led to a finding that one of the studio's film works was unauthorizedly shared by means of the peer-to-peer software "BitTorrent" (or "BT" in short) on a social platform called "sugobbs.com" based offshore. As a usual practice, the film studio reported the crime to the police and requested for an investigation. While the studio was only able to collect the infringers' Internet protocol (IP) addresses recorded on BT's log open to all its users, the police managed to identify the locations and registrants of the IP addresses. Hence, these registrants, mostly individuals, were charged of copyright offenses of infringing the public transmission right as well as the reproduction right in the film, since a digital file downloaded with BT software is automatically offered (as a "seed") for download by other BT users.

While not a few identified IP address registrants reached settlements with the studio, one registrant chose to act otherwise. He pled not guilty and argued that just because his IP address was used to infringe a copyrighted work did not prove he was the infringer. Someone else must have piggybacked on his IP address to commit the crime, he asserted, adding that "all friends visiting my home have my WiFi password." On top of that, he denied holding a membership of the social platform, and asserted he was working at office when the download was completed.

The prosecutor contended:

This (the "it-was-someone-else argument") is the defendant's one-sided assertion; the defendant failed to produce any evidence to prove the truthfulness of this claim. It is common knowledge that, to log into another person's private network, be it a wired or wireless one, it is necessary to obtain that person's account number and password. Even a public network may require a password to log in, let alone a general home network. Whether the network uses a modem provided by the Internet service provider (IPS) or a wireless router purchased by the user, there are encryption protocols and firewalls protecting the account and password when they are transmitted to the modem or router, and these protections are difficult to break.

Further, when employing the BT software, one must first open a certain communication port in the firewall to let the BT connect to the Internet and (then make other settings to) let the BT packets pass through (the firewall). These procedures are difficult for lay neighbors or passers-by to complete, not to mention using BT to download popular (video) files is time-consuming. It is hence doubtful that neighbors or roadside WiFi squatters, even if able to "steal" the Wi-Fi, would have the time and patience to download the files by piggybacking on the defendant's bandwidth.

Yet both the district court and the IP Court sided with the defendant, holding that the prosecutor did not meet the burden of proving the defendant was guilty beyond reasonable doubt. Particularly, the IP Court indicated:

The defendant is protected by the presumption of innocence and has the right to silence. While it is possible that he does know who among his relatives and friends downloaded the film, it is unreasonably harsh to request him to disclose that person's name. Even if the defendant is to be held responsible for managing the IP address he rents, this fact alone is insufficient for us to attribute the criminal liability to him.

Moreover, neither the prosecutor nor the police officer in charge had performed a warranted search to seize the defendant's computer equipment or mobile devices in order to inspect whether the disputed file was retained or had been once saved therein.

More, the IP Court added, as the complainant's attorney testified in the first-instance trial, he did not verify whether the defendant was a member of the problematic social platform before filing the complaint, even though only a member could upload a downloadable link at the social platform.

However, the difficulty faced by the prosecutors seems to be that even if they had had evidence suggesting the defendant held a membership of the social platform, most likely the evidence would have been just another digital footprint, which might still have been neutralized by the "it-was-someone-else" argument, i.e. someone else had "stolen" the defendant's IP address to first create the membership and then commit the BT download and transmission.

Although the IP Court's decision implies that a warranted search and seizure of a defendant's dwelling and computer/cell phone might bring forth useful evidence corroborating a charge based on digital footprints like IP addresses, this should not be interpreted as a signal that a search warrant will be henceforth issued on a lenient standard when it comes to illegal film downloading and transmission, because these offenses are not deemed to be serious crimes. In fact, under the Copyright Law and Code of Criminal Procedures, there is no more appellate level above the IP Court for such cases.

It is not legally feasible either for the prosecutors or the police to apply for a warrant to access the communication records or the relevant personal data, let alone intercept the communication of an accused person of such offenses, because the floor of the punishable sentence terms of such offenses do not reach the threshold set by the Communication Security and Surveillance Act.

Given the above obstacles, it is possible that the "it-was-someone-else" argument will eventually proliferate to become a "standard" and even effective retort against copyright infringement charges based primarily on results of IP address hunting. In fact, the case reported here is the second one in the past seven months where this argument helped an accused BT infringer get acquitted all the way through to the IP Court. The first one is: Prosecutors of the Taichung District Prosecutors Office v. Jian, 107 Xing-Zhi-Shang-Yi 59, IP Court (November 2018). How film studios (and perhaps software companies as well) will cope with this challenge and/or adjust their enforcement tactics calls for the local IP community's continued attention.

On a final note, how did the police discover the IP address registrants' identity, given the barrier posed by the Communication Security and Surveillance Act?—in fact, the defendant in the reported case moved the court to exclude these private data from the trial, but to no avail. The answer is: instead of applying for an access warrant, the police simply visited the telecom company in possession of the needed data and inquired about its willingness to disclose the same voluntarily, since this approach, according to the still dominant view among IP Court judges, is not unlawful. As the IP Court indicated in the reported decision, so long as no exertion of coercion or other misconduct is found on the police's side, the private data about an IP address registrant voluntarily disclosed by a telecom company would not be excluded from a criminal proceeding at the IP Court. However, this view has yet a chance to get reviewed by the Supreme Court, because the IP Court's decisions for the copyright cases in which this private data issue occurs are not appealable.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.