61 Reforms to C-61, Day 41: ISP Notice and Notice – Mandatory Data Retention

One of Bill C-61's few good points is the notice-and-notice approach for Internet Service Provider liability. The notice and notice system involves a notification from a copyright holder – often involving movies, software or music – claiming that a subscriber has made available or downloaded content without authorization.  The ISP forwards the notification to the subscriber but takes no other action – it does not pass along the subscriber's personal information, remove the content from its system, or cancel the subscriber's service.  It falls to the subscriber to act and experience indicates that many remove the infringing content (if indeed it is infringing) voluntarily.  If ISPs comply this approach, they qualify for a statutory safe harbour such that they will not face monetary damages (though they may be ordered to remove content).  Failure to comply with the approach can bring liability of up to $10,000 in statutory damages.

This is the same approach that was proposed in Bill C-60 and that has been used on an informal basis in Canada for several years with groups like the Business Software Alliance acknowledging its effectiveness. The rationale for sticking with notice-and-notice rather than the U.S.-style notice-and-takedown becomes even more compelling in light of the U.S. experience.  Studies have demonstrated that notice-and-takedown is flawed, open to abuse, and may lead to improper claims of infringement.  While there may be pressure from the U.S. and lobby groups to move toward notice-and-takedown, the experience to-date provides plenty of reasons why that would be a mistake.

While the overall approach is a good one, there is some room for improvement.  First, as pointed out in the policy position on C-61 adopted by the British Columbia Civil Liberties Association, the approach creates new data retention requirements with no judicial oversight.  In order to qualify for the statutory safe harbour ISPs are required to retain customer data for six months from the time they receive the complaint (they retain for up to a year if the complainant launches a legal action).  While there is a need to retain some data for this system to work, six months is a long period of time — shorter periods and some form of oversight should be considered.


  1. Use Third Party Servers
    Roger’s makes it a big selling point of their high speed is to download video. This would put a rather large hole in their campaign, as well as reasons to go with them.

    There is a simple workaround, I already buy my Usenet from an out of country provider (because my ISP caps the rate to dial-up speeds) and also have the option of an encrypted link… ISP can’t snoop, ISP has no retention of what isn’t theirs and ISP has no clue what I’m downloading.


    Although an out of country Usenet may be ideal for you, some canadians can hardly afford the internet they have.

    Myself I have received several frivolous letters suggesting I made available a PSP game to which I had neither downloaded/uploaded or even seen. The issuer of these ‘toilet paper’ notices was some rep for the ESA. Each notice made threats towards my isp to give all my personal information to the copyright holders as well as end my service completly! I was given no opportunity to argue these claims but thankfully they were just as I stated: frivolous. How many other canadians will have these bogus claims held against them for extended periods of up to 6 months?

  3. Gregg
    You talk as if all video online are pirated copyrighted stuff.

    There is ton of free videos online to watch. There is tons of movies you can buy online. So.. moot? I wouldn’t say so.

  4. To Above…
    I guess you have forgotten some of the Professor’s articles.

    Say a movie house has *legal* movies to d/l in the US.. even Canada. It will run into one of these obsticles:

    [ link ]
    [ link ]
    [ link ]
    [ link ]
    [ link ]

    Making it in some way, even illegal to buy these movies online.

  5. @ Mistakes
    I pay ~ $30 year for my Usenet, with plenty of bandwidth for several dozen HD movies… shop around lest you get ripped off bigtime!

  6. @greg

    canadians shouldn’t have to seek alternative means for downloading when most already pay more than necessary for internet usage. Privacy should be a given. Paying to hide your privacy is pathetic and just goes to show how lazy ppl are when it comes to fighting back for consumer rights. Times are changing though, Power to the bloggers!

  7. To Above
    Indeed, indeed, I agree 100%!

    I’m just interjecting circumventions while it’s still legal to do so 😉

  8. not Indiana Gregg, fortunately
    Fortunately, you are not Indiana Gregg!

    Indiana Gregg does not seem to know what Usenet is!

  9. @Gregg
    I’m not talking about your favorite hollywood movie or your latest episode of Lost. I’m talking about amateur content and such.

    All the links you provided were related to downloading THEN timeshifting/formatshifting. Who said it was MANDATORY to do those?

    With usenet, you’re just trying to justify piracy. Not help with the copyright fight.

  10. YA
    A) pass law makes ISP immune to legal issues arrising form a users actions.

    SIMPLE saves YOU and ME money and shoves the threats the riaa/mpaa have made up there collective butts.

    This then paves the way to net neutrality.
    Allows for no excuses of rogers and bell to traffic shape.
    REMOVES corporate control from little bald men into hands of people.

  11. Data
    Data retention with no judicial oversight…Nice.
    Maybe phone records ceased via court order can help catch a criminal, but computer data is not so simple.

    As mentioned above, bits can be encrypted through a network and on a hard drive. But even so, just because there’s a file named with some Internet address attached to it doesn’t prove much of anything.

    Sure, physical evidence on a computer could be damning, but exchanging bits and pieces of files that have a name appearing to be someone’s property should be kept under regulatory measures.

    Again, finding and seizing DVDs, CDs, etc. is a noble and common law enforcement practice; bootleggers/counterfeiters. However, policing bits and bytes in cyberspace is for the most part a waste of time.