The copyright implications of a publicly curated online archive of Oireachtas debates

Former Legal Deposit Office, Paris; image via Wikipedia
Former Legal Deposit office,
Rue Vivienne, Paris
via Wikipedia (element)
From a twitter thread by Philip Boucher-Hayes last week, I learned that Ken Foxe had reported in the Irish Mail on Sunday that nearly ten years of video footage of Oireachtas debates and hearings had been taken offline. A spokesperson for the Houses of the Oireachtas said that the videos were removed because they had little traffic and were in an obsolete format. However, after an outcry online, the footage was restored, though with limited functionality. To overcome first the takedown, and then the limitations, various concerned netizens – including, I understand, Gerard Cunningham, Emerald De Leeuw, Elaine Edwards, and Sterling Plisken – have begun work on a publicly curated online archive of Oireachtas debates and hearings.

This is not the first time that civil society has had to step up when public functions have stepped back (see the story of the demise and return of KildareStreet.com, with various backups here and here). So, I think that a publicly curated online archive of Oireachtas debates is a fantastic idea, and I hope it prospers. It also provides a context in which I can discuss an important issue relating to Oireachtas copyright and digital deposit.

First, the Oireachtas holds copyright in the broadcast material. Chapter 19 of Part II of the Copyright and Related Rights Act, 2000 [CRRA] (that is, sections 191 to 195 CRRA (also here and here)) provides for Government and Oireachtas copyright. In particular, section 193(2)(b) CRRA (also here)
provides that the Oireachtas holds copyright in “any sound recording, film, live broadcast or live cable programme of the proceedings of either House of the Oireachtas”. So, the starting point of the copyright analysis has to be that the Oireachtas could therefore in principle rely on this copyright to restrict the reproduction of the Oireachtas broadcasts, or making them available online.

Second, there is, however, an exception which might permit at least some of the work of a publicly curated online archive of Oireachtas debates and hearings. Section 71(1) CRRA (also here) provides

The copyright in a work is not infringed by anything done for the purposes of parliamentary or judicial proceedings or for the purpose of reporting those proceedings.

The question, therefore, is whether a publicly curated online archive of Oireachtas debates and hearings is reproduced and made available for the purposes of “reporting” Oireachtas proceedings within section 71 CRRA. There is a comprehensive discussion of the issue by Simon McGarr on his Tuppenceworth.ie blog. I think that the argument that the archive would be a report for the purposes of section 71 CRRA could go a very long way towards permitting the production of a publicly curated online archive of Oireachtas debates and hearings. However, there must be limits to what constitutes a “report”. And it may be that the archive exceeds them, at least in some respects.

Third, if section 71 CRRA isn’t enough, then a current reform process might provide another exception to permit the production of a publicly curated online archive of Oireachtas debates and hearings. (more…)

Compensation for breach of the proposed ePrivacy Regulation [Ongoing updates]

Last updated: 9 October 2017

Compensation and ePrivacy (via edri)Parallel to my interest in compensation for breach of the General Data Protection Regulation [GDPR; Regulation (EU) 2016/679], I am also interested in the question of compensation for breach of the proposed ePrivacy Regulation (hereafter: pePR; see, eg, the EU Commission’s proposal for a Regulation on Privacy and Electronic Communications).

Article 22 of the Commission’s proposal provides:

Any end-user of electronic communications services who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right to receive compensation from the infringer for the damage suffered, unless the infringer proves that it is not in any way responsible for the event giving rise to the damage in accordance with Article 82 of Regulation (EU) 2016/679.

The emphasised words appear in exactly the same form in Article 82(1) GDPR. The remainder of Article 82 provides circumstances where an infringer is not responsible for the event giving rise to the damage and thus not liable for breach of the GDPR, and those circumstances apply mutatis to an infringer who would not be liable for breach of the pePR. This is not surprising: Article 22 of the pePR appears in a list of Articles (from 18 to 24) in which the supervision and enforcement of the pePR, and remedies for its breach, are integrated with those provided by the GDPR. The effect of Article 22 is to provide for compensation for breach of the pePR on the same basis as compensation is available for breach of the GDPR.

(more…)

It’s time to abolish juries in defamation cases

The Jury, by John Morgan, via WikipediaLibel cases in England and Wales are “better off without juries”, according to Sir Mark Warby, the High Court judge with responsibility for the Media and Communications List of the Queen’s Bench Division. As reported yesterday in the Brief, the legal newsletter of The Times, he was speaking on Tuesday at the London conference of the Media Law Resource Centre, an American organisation. He said that he “does not regret the passing of the jury at all”, and he pointed out (pdf) that there are many advantages to the “virtual abolition” of juries in defamation cases:

It has removed the territorial disputes that quite often used to arise, over whether a given issue is within the province of the judge, or that of the jury. In addition, this reform has all but eliminated the practice of arguing the same point to different threshold standards on different occasions. It is now possible for many more cases to reach a final resolution more economically by early judicial decisions on key issues of fact, or mixed issues of law and fact.

In England and Wales, section 11 of the Defamation Act 2013 provides that defamation actions are to be tried without a jury unless the court orders otherwise. It is interesting to see the judge in charge of the relevant list welcome this development so warmly; and it is a reform I think that Irish law could with profit adopt, not only for the reasons of efficiency which Sir Mark provides, but also because it could contribute to the reduction of high damages awards. It is a matter I have already recommended (pdf) to the review of the Defamation Act 2009 (also here) currently being conducted by the Department of Justice. Indeed, as the submission (pdf) from the Department of Communications, Climate Action and the Environment to that process observed:

Among the most pressing difficulties … with defamation action jury trials are:
• The unpredictability of juries;
• The high level of damages that they may award;
• The length of the trial period creating an increased costs in jury trials; and
• The complexity of the law in relation to a jury trial.

The level of damages in defamation cases remains a concern to the media sector and to stakeholders. A trial by jury increases legal costs and lengthens the time of each case.

That submission recommended that the lead in England and Wales be followed, as did the Department of Journalism (pdf) in the School of Media, Dublin Institute of Technology, the Business Journalists’ Association(pdf), Google (pdf), MGN (pdf), NewsBrands Ireland (pdf), and Ronan Daly Jermyn (pdf).

The submission (pdf) from Independent News and Media pointed out that jury trial in defamation cases “is also out of line with other civil law cases where juries are not used”, and recommended their abolition, without any reference to the power of the court to decide otherwise. Local Ireland (the promotional brand of the Regional Newspapers and Printers Association of Ireland) made a similar submission (pdf), as did Kieran Fitzpatrick (pdf), and the Public Relations Institute of Ireland (pdf).

The Irish Times recommended (pdf) the abolition of juries in defamation cases, if not generally, then at a minimum in the determination of damages, as did Michael Williams (pdf) and the Press Council (pdf).

On the other hand, Johnsons Solicitors (pdf) firmly recommended that the presumption in favour of a jury trial should be retained in High Court cases; and other solicitors who responded to the Law Society’s call for comments also recommended (pdf) that juries be retained, as they are best placed to assess impact and also act as a deterrent to the more extreme excesses of the media.

If the jury is to be retained, then the Bar Council (pdf), the Joint Oireachtas Committee on Justice and Equality (pdf), McCann Fitzgerald (pdf), the National Union of Journalists (pdf), RTE (pdf), and William Fry (pdf), all recommended that, having regard to the decision of the Court of Appeal in Higgins v Irish Aviation Authority [2016] IECA 322 (04 November 2016), the jury should not be included in the offer of amends procedure in sections 22 and 23 of the 2009 Act (also here and here).

So, many views have been submitted to the Department, with the usual suspects making the usual arguments: media organisations and their lawyers arguing against juries, with plaintiffs’ lawyers arguing in favour. What’s most striking to me, though, is that the more disinterested observers also argue for the abolition of juries in defamation cases. And their views are reinforced by Warby J’s comments. On balance, therefore, I think that it’s time to abolish juries in defamation cases; (here’s how); and I hope that the current review will do just that.

The UK’s Data Protection Bill 2017: repeals and compensation – updated

UK Data Protection image, via UK gov websiteIn the UK, the Department of Digital, Culture, Media and Sport (DCMS) has today published the Data Protection Bill 2017, to incorporate the General Data Protection Regulation (GDPR) and to implement the Police and Criminal Justice Authorities Directive (PCJAD) (respectively: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC; and Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA; aka the Law Enforcement Directive). The progress of the Bill through Parliament can be tracked here.

In Ireland, when the Department of Justice published the the General Scheme of the Data Protection Bill 2017 (scheme (pdf)), I expressed two concerns, both of which are equally applicable to the UK Bill. (more…)

Compensation for breach of the General Data Protection Regulation

I have just posted a paper on SSRN entitled “Compensation for breach of the General Data Protection Regulation”; this is the abstract:

Article 82(1) of the General Data Protection Regulation (GDPR) provides that any “person who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right to receive compensation from the controller or processor for the damage suffered”. As a consequence, compliance with the GDPR is ensured through a mutually reinforcing combination of public and private enforcement that blends public fines with private damages.

After the introduction, the second part of this article compares and contrasts Article 82(1) GDPR with compensation provisions in other EU Regulations and Directives and with the caselaw of the CJEU on those provisions, and compares and contrasts the English version of Article 82(1) GDPR with the versions of that Article in the other official languages of the EU, and concludes that at least 5 of the versions of Article 82(1) GDPR are unnecessarily ambiguous, though the CJEU (eventually, if and when it is asked) is likely to afford it a consistent broad interpretation. However, the safest course of action at this stage is to provide expressly for a claim for compensation in national law. The third part of this article compares and contrasts the compensation provisions in the Irish government’s General Scheme of the Data Protection Bill 2017 with existing legislation and case-law in Ireland and the UK, and with incorporating legislation and Bills in other EU Member States, and concludes that the Heads of the Scheme do not give full effect to Article 82(1) GDPR. Amendments to the Scheme are therefore proposed.

To ensure that any person who has suffered such damage has an effective remedy pursuant to Article 47 CFR, Member States will have to provide, pursuant to Article 19 TEU, remedies sufficient to ensure effective legal protection in the fields of privacy and data protection. In particular, they will have to provide expressly for a claim for compensation, incorporating Article 82(1) GDPR into national law. Claims for compensation are an important part of the enforcement architecture of the GDPR. Private enforcement will help to discourage infringements of the rights of data subjects; it will make a significant contribution to the protection of privacy and data protection rights in the European Union; and it will help to ensure that the great promise of the GDPR is fully realised.

As I was working on this paper, I published several posts on this blog (here | here | here) including discussions of the literal meaning of Article 82(1) GDPR in each of the EU’s 24 official languages and the current status of GDPR incorporation in the EU’s 28 Member States. Thanks to everyone who has engaged with these posts – the analysis in my paper has improved immeasurably. All comments on the current version gratefully received.

What is the current status of GDPR incorporation in the EU’s 28 Member States? [Ongoing updates]

Last updated: 17 October 2017

GDPR incorporationHaving looked, in my previous post, at what Article 82(1) of the General Data Protection Regulation says and means in each of the EU’s 24 official languages, I’m interested in this post in the related question of the current status of incorporation* of the GDPR in each of the EU’s 28 Member States. I am interested in particular in whether provision has been made in any incorporating* legislation or draft for an express claim for compensation or damages to give effect to Article 82 GDPR. The list below is the current state of play so far as I have been able to find out. I would be grateful if you correct any errors and help me fill in the blanks – via the comments below, via email, or via the contact page on this blog – I would very grateful indeed.

It seems that incorporations* in various jurisdictions are taking differing positions on Article 82 GDPR. On the one hand, such express claims are included in legislation in Austria, in draft Bills in Hungary, the Netherlands, Poland, Romania, Slovakia, Spain, and the UK, and in a report in Sweden. On the other, no such express claims appear in legislation in Germany and France, in draft Bills in Belgium, Latvia, Lithuania, Luxembourg, and Slovenia, or in reports in Denmark, Estonia, and Finland. The Czech Republic considers that the existing compensation provisions cover Article 82 GDPR. Somewhere in the middle comes Ireland.

(more…)

What is the literal meaning of Article 82(1) GDPR in each of the EU’s 24 official languages?

GDPRI’m trying to work out what Article 82(1) of the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC) says and means in each of the 24 official languages of the EU institutions, and I’d be very grateful for your help. In English, Article 82(1) GDPR provides

Any person who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right to receive compensation from the controller or processor for the damage suffered.

As I have said before on this blog (here, here, here), I think that this formulation is rather odd. It does not provide, in the present tense, that a person whose rights have been infringed “has” the right to receive compensation. Instead, it provides, in a much more congtingent fashion, that a plaintiff “shall have” such a right, which seems to imply that there is something more to be done in national law before plaintiffs actually have the claim. Although the language seems contingent, it does not replicate any of the usual strictures in a Directive, that Member States shall “provide” or “ensure” or “introduce” or “lay down” measures to achieve an outcome, such as a claim for compensation. Even so, the formulation in Article 82(1) GDPR still seems to envisage some national law mechanism in ensuring that a plaintiff “shall” have a claim to compensation. I’m interested in whether the text of Article 82(1) GDPR in other official languages uses a version of the present tense, or whether the formulation is as contingent as it seems to be in English. I have, therefore, set out below the text of that Article in each of the 24 official languages; I have highlighted the words that seem to me to be most relevant to that question; and I have provided a first attempt at a translation of those words. What I need now is a literal translation of these provisions by a native speakers, irrespective of what the EU Commission’s official translation or Google Translate might say. In particular, I need confirmation whether I have identified the relevant words, and translated them accurately. I’m not particularly interested in the various synonyms for damages (compensation, indemnification, reparation, and so on) so much as in the accompanying verbs, and in particular in whether those verbs are clearly in the present tense or whether they are more contingent. I know what Google Translate’s crowd-sourced machine-translation says, indeed it was one of the sources I used to zero in on what seem to me to be the relevant words in the various languages, but that is as far as I am prepared to go with it, as its translations will be very heavily influenced by the EU’s official translations. Instead, as I say, I am in need of human judgment as to the appropriate literal translations of the various texts of Article 82(1) GDPR.

The literal meaning of the precise wording may very well matter a very great deal in assessing whether Article 82(1) is sufficiently clear, precise and unambiguous to be horizontally directly effective. The contingent nature of the English text may not be, leading to potential problems which I have begun to explore here. Other texts may differ. For example, the French text of Article 82(1) GDPR (a le droit d’obtenir … reparation = has the right to obtain … compensation) is more likely to support a conclusion of horizontal direct effect, and the German text (hat Anspruch auf Schadenersatz = has a claim for compensation is entitled to compensation) is even more likely to do so, because they are both in the present tense (a, hat) rather than in more contingent terms. Indeed, of the 24 official languages of the EU institutions, if the assessments and translations below are correct, the text of the claim for compensation in Article 82(1) GDPR seems to be in the present tense in 19 of them: 12 are like the French text (the plaintiff “has the right to [receive/obtain] compensation”: Czech, Danish, Dutch, French, Finnish, Italian, Latvian, Lithuanian, Polish, Portuguese, Romanian, Slovenian); 4 have a similar formulation 5 are like the German text (the plaintiff “is entitled to compensation”: Bulgarian, Estonian, German, Greek, Hungarian), and 3 are like the German text 2 others have a similar formulation (the plaintiff “has [a claim for/the right to] compensation”: Croatian, German, Slovak). Only 5 seem to have a contingent text like the English (the plaintiff “shall have the right to [receive] compensation”: English, Maltese, Spanish, Swedish; the plaintiff “shall be entitled to compensation”: Irish).

Moreover, of the three EEA countries, Norway has begun the process of incorporating the GDPR. The literal English translation of the Norwegian text is “shall be entitled to receive compensation”, which is a sixth example of a contingent “shall”.

All help in confirming whether this is an accurate assessment or not – via the comments below, or better via the contact page on this blog – will be very gratefully appreciated indeed. [Note: as you can see, this paragraph has been updated to reflect a consensus on the German text which is different from my own initial assessment; this is exactly why I’m grateful for all help].

(more…)

Orders against social networks to identify anonymous posters of defamatory content (Muwema v Facebook part 3)

Uganda Facebook Ireland 2Fred Muwema is a prominent lawyer in Uganda, who claimed that various Facebook pages in the name of Tom Voltaire Okwalinga, or TVO, defamed him. In Muwema v Facebook Ireland Ltd [(No 1)] [2016] IEHC 519 (23 August 2016), Binchy J declined to grant injunctions requiring Facebook either to remove the posts from the account or to prevent the material in them from being re-posted, and I considered these holdings in one of my earlier posts on the case (also here). However, Binchy J did grant an order requiring Facebook to identify TVO, and I considered this aspect of the case in another of my earlier posts on the case (also here). This was not a difficult issue, as the defendant had consented to the order. However, before the order could be perfected, the defendant sought the leave of the Court to introduce new evidence with a view to opposing the making of the order. In Muwema v Facebook Ireland Ltd (No 2) [2017] IEHC 69 (08 February 2017), Binchy J allowed the new evidence to be introduced; and, having considered it, he declined to make the order after all. It is to that aspect of the case that this post is directed.

Jack Gilbert, Lead Litigation Counsel for Facebook, explained that Facebook generally takes a neutral position on applications to identify people behind pages or profiles on their network. However, he said that, when his office was informed of Binchy J’s proposed order, he was informed by his colleagues that TVO is a political activist who has been marked for arrest by the Ugandan Government. He also said that the position was complicated by the fact that the URLs provided by the plaintiff were for a fake or copycat profile of the more established TVO profile. He said that he was informed by his colleague, Ebele Okobi, Facebook’s head of public policy for Africa, that if the identities of the people behind the real and fake TVO profiles (if they are in fact different) were revealed, they may be at risk of arrest and subsequent persecution, and their lives, bodily integrity and liberty would be placed in jeopardy. Moreover, the US Department of State Human Rights Report for Uganda cites examples to unlawful killings and torture, and other abuses of detainees and suspects.

Binchy J considered In re McInerney Homes Ltd [2011] IEHC 25 (10 January 2011) (Clarke J) (affd [2011] IESC 31 (22 July 2011) [61]-[62] (O’Donnell J)); and, notwithstanding that much of the defendant’s new evidence was hearsay, he allowed the defendant’s application to adduce it. (more…)