Some interesting points I’ve not heard anyone mention about the New Zealand Copyright Amendment (IANAL, YMMV, …).
The submission format
92D Requirements for notice of infringement
A notice referred to in section 92C(3) must—
(a) contain the information prescribed by regulations made under this Act; and
(b) be signed by the copyright owner or the copyright owner’s duly authorised agent.
– 2D Requirements for notice of infringement
I’m unaware of any regulations made under this act so far, so currently you can’t create a notice of infringement that is prescribed by any regulations… yet.
The Submission format II
Although there hasn’t been any discussion about the submission format yet, it concerns me that you obviously need enough information to uniquely identify the copyright infringer (either the person, or the account). If an ISP’s business model involves putting customers behind a NAPT box, then a timestamp and IP address is not sufficient to uniquely identify the user, you at least need a timestamp, and the 5 tuple used. This is particularly concerning given that we are rapidly running out of IPv4 addresses, and one of the suggested solutions is to place as many customers as possible behind a Service Provider NAT box. Since connections through a NAPT box are far more ephemeral than IP address allocation, timestamps must be more precise, and more accurate. Which customer an IP is assigned to is usually stored along with the rest of the accounting information in RADIUS and generally is recorded by an ISP for essentially free. Having to record every connection through a NAPT box would incur a serious overhead, and data management problem for an ISP. Also, how long should an ISP hold onto this information so that it can process these notice of infringements before it can discard it?
You can only disconnect people.
92A Internet service provider must have policy for terminating accounts of repeat infringers
(1) An Internet service provider must adopt and reasonably implement a policy that provides for termination, in appropriate circumstances, of the account with that Internet service provider of a repeat infringer.
(2) In subsection (1), repeat infringer means a person who repeatedly infringes the copyright in a work by using 1 or more of the Internet services of the Internet service provider to do a restricted act without the consent of the copyright owner.
– 92A Internet service provider must have policy for terminating accounts of repeat infringers
This leads me to some interesting questions: If Alice is a member of an organisation, and the organisation has an account, and Alice infringes peoples copyright repeatedly, then the account that Alice is using is the organisations, but the account is not Alice’s. Is the organisation (perhaps Alice’s place of work) considered an ISP? In the more obvious case if Bob sits at an Internet Cafe and infringes peoples copyright then can the Internet Cafe’s account get shutdown? If the Internet Cafe buys it’s bandwidth from LittleIspInc, can LittleIspInc’s account get shutdown by their upstream? What should happen if UpstreamInc receives a notice for Bob’s infringement? Obviously it should pass it to LittleIspInc and LittleIspInc should pass it on to the Internet Cafe, who should terminate Bob’s account. In this case, Bob probably doesn’t even have an account at all. Are Internet Cafes going to require ID so they can check people against previously banned lists?
If LittleIspInc gets a series of notifications from UpstreamInc, should LittleIspInc be cut off, even though it’s multiple different downstream customers of LittleIspInc that have been infringing? Should the Internet Cafe get cut off if it has multiple different customers infringe? What if the Internet Cafe places everyone behind NAPT, and the infringement notices aren’t specific enough to identify an individual person?
Fake notice of infringments
While I’m not a lawyer, I’m sure there are laws already about sending fake infringement notices. So anyone who’s doing this maliciously is likely to get themselves into trouble.
False Positives
Ok, this one I have seen people talk about at length. There is no incentive for people sending notice of infringements to make sure they aren’t generating false positives. If people are too abusive they will probably end up running into trouble, but as long as they put in a reasonable effort, it seems to me that they are likely to get away with it.
I’ve seen people sent takedown notices for Open Office because some automated tool decided it was actually Microsoft Office (At the time, an unintended compliment I’m sure). I have seen people asked to take their photo’s down, because someone /else/ had permission to use the photo and was believed incorrectly to be the copyright holder.
Under this law, you appear to have no right of reply, no way to state your case and point out that you are innocent. ISP’s don’t appear to have the right to make judgement as to the quality of the notice of infringement (not that the ISP’s want this responsibility).
What’s an ISP?
I can’t find anywhere a definition of what is considered an ISP. Does it include anyone providing IPv4/IPv6 connections? If I run a public IPv4 network that doesn’t connect with the Internet, am I an ISP? If I run a public packet switched network (such as X.25), am I an ISP? Is a disconnected UUCP graph considered an ISP? Is a FidoNet BBS considered an ISP given that you can send FidoNet files and emails around (even tho noone in a FidoNet network need be connected to “The Internet”?). Is the phone system an Internet, given that I can dial anyone and send them data via a modem? Can I call Telecom and get them to disconnect an account for infringing my copyright?
In Summary
I don’t like this law. It seems to have too many problems. It appears that it could force ISP’s to use real world IPv4 addresses where their use is unwarranted, and impractical thus hastening the depletion of the IPv4 address pool. I am not a lawyer, I’m trying to interpret this the best I can without any formal law training, but I do know something about the technology from the ISP point of view.