The Italian case considered took place between 2006 and 2008 and involved the recording company “Peppermint Jam Records GmBH” and the ISP “Wind Telecomunicazioni Spa.”⁹

Peppermint is a German recording company that holds the rights to musical works of different artists. With the collaboration of a Swiss company (called Logistep), Peppermint ascertained that musical works of which it owned the rights were illegally shared through peer-to-peer networks. Logistep traced users sharing those musical works and registered their IP addresses.

Peppermint then sued Wind on the basis of a specific intellectual property enforcement tool (art. 156bis of Italian copyright statute, L. 22.4.1941, n. 633), which was implemented in Italy due to the European Directive called “IPR Enforcement.”¹⁰ According to this provision, if a party gives serious elements from which it can be inferred that its claims are sound, that party can ask the judge to order the counterparty to give information for the identification of the individuals involved in the production and distribution of the goods or services that constitute a violation of the copyright. Through art. 156bis, Peppermint asked the Tribunal of Rome to order Wind to disclose its customers’ identification data associated with the IP numbers suspected of illegal file sharing collected by Logistep.

The illegality of file sharing is linked to arts. 171, 171ter, and 171quater of the Italian law on copyright.¹¹ Art. 171, letter a-bis) imposes a fine from 50 to 2,050 euros for making a copyrighted work completely or partially available to the public, by uploading the work on a telecommunication network, without having the right to do so, regardless of the aim and of the method used.¹²

Art. 171ter, co. 2, letter a-bis) punishes the infringer with imprisonment from 1 to 4 years and with a fine between 2,500 and 15,500 euros. The punishable conduct consists in communicating a complete or partial copyrighted work to the public, through its introduction into telecommunication networks, using whichever kind of connection. This conduct shall be made in violation of the right to communicate to the public (art. 16 of the Italian copyright law) and with profit-making aims.¹³

Lastly, art. 174bis prescribes that parallel to the criminal punishment, those who violate art. 171, co. 1, letter abis) are also subject to a fine.

The long controversy between Peppermint and Wind gave rise to more than one injunction.¹⁴ In the first ones, the Tribunal of Rome ordered the ISP to disclose users’ data.¹⁵ One of the injunctions stated that the collection of IP addresses made by Logistep was “reliable, acceptable and above all licit, given that a person who uses a file-sharing program shows, by this activity alone, the will to accept that her IP address can be known by all the other users using the same program.”¹⁶ This would have been a sort of noncodified exception to the principle of a data subject’s consent to art. 23 of the Italian “Codice in materia di protezione dei dati personali,” also called “Privacy Code” (d.lgs. 30.6.2003, n. 196).¹⁷

According to the Tribunal, another applicable exception was the one introduced by art. 24, co. 1, letter f) of the Code, which provides that consent is not required when data are necessary “to judicially enforce or defend a right.”¹⁸

The decision taken by the Tribunal of Rome was followed in other orders by the same Tribunal until 2007,¹⁹ when the scenario started to change. Let us take as an example the order of July 16, 2007.²⁰

A very important difference between this decision and the previous ones is the presence of the Privacy Authority (so-called Garante per la protezione dei dati personali) in the controversy. In fact, although it had been notified by the Tribunal already in the first lawsuit, the Authority spontaneously intervened only in the lawsuit ending with the order of July 16, 2007. Its intervention in support of the protection of users’ personal information undoubtedly affected the decisions of the Tribunal of Rome.²¹

Indeed, the Authority observed that the collection of data made by Logistep had been done infringing arts. 37 and 13 of the Privacy Code. Art. 37, letter d) provides that the collection of data has to be communicated to the Authority when its purpose is to monitor electronic communication services. Art. 13 requires prior information to and specific consent by the data subject to whom the collected data refer. Furthermore, differently from what the Tribunal of Rome had stated, art. 24, co. 1, letter f) had to be interpreted as an exception applicable in the controversy and not to acts predestined to a possible subsequent trial.²²

Another fundamental point stressed by the Authority is that users’ privacy and the confidentiality of their communications are fundamental values in the Italian legal system, protected by arts. 2 and 15 of the Constitution. Therefore, only other fundamental values of the same degree can constrict them. Moreover, such constriction can be determined only after an effective balancing judgment, which in the specific case the judge had not made.²³

After these orders, some others with the same content followed.²⁴

It is worth mentioning another (last) decision, taken on March 17, 2008, since it considered a judgment by the European Court of Justice.²⁵ The case “Productores de Música de España (Promusicae) v. Telefónica de España SAU” is a European decision concerning a request for preliminary ruling by the Juzgado de lo Mercantil n. 5 of Madrid. Promusicae, a nonprofit organization acting on behalf of its associated musical authors, asked a Spanish ISP—Telefónica—some data to identify final users suspected of illegally sharing musical works, the rights to which belonged to Promusicae’s associates. The controversy was very close to the Italian ones here summarized. Based on Spanish legislation of European derivation, the Juzgado could not give prevalence to one of the conflicting rights and therefore requested the intervention of the Court of Justice. The question was whether EU law permitted member states to limit the duty of ISPs to retain and make available connection and traffic data for the purposes of criminal investigations or to safeguard public security and national defense, thereby excluding civil proceedings. The decision stated that European Directives do not obligate member states to provide a legal obligation to communicate personal data in order to ensure effective protection of copyright in civil proceedings in situations like those here described.²⁶ The Court further stated that when transposing European directives, member states have to rely on an interpretation of European laws that allows a fair balance among the various fundamental rights protected by the Community legal order.

Moreover, in implementing the measures transposing the directives, authorities and courts must interpret their national law in a way consistent with those directives. In the meantime, they must make sure that they do not rely on an interpretation of the directives that would conflict with the mentioned fundamental rights or with other general principles of Community law, among which is the principle of proportionality.²⁷

In its decision, the EJC referred to copyright as a fundamental right, since it is considered as a right of property, and consequently as a general principle of Community law. However, the Court itself stressed that the protection of privacy and of private life is a fundamental right as well.²⁸ The decision faces the “need to reconcile the requirements of the protection of different fundamental rights, namely the right to respect private life on one hand and the rights to protection of property […] on the other.”²⁹ The Court, which considered the mechanisms to allow this reconcilement to be found in European Directives, clearly claimed that copyright has to be balanced against other rights.

From the wording of this decision, it can be clearly inferred that copyright is not an absolute right. The ECJ proclaimed that a fair balance needs to be struck between the numerous fundamental rights protected by Community law.³⁰

The US decisions on copyright enforcement against Internet users are numerous. In order to give a complete picture of the situation, I shall illustrate two controversies in which two different mechanisms were applied.

I shall first briefly sketch the regulation of file sharing.

In the US, file sharing of copyrighted material through peer-to-peer networks seems to be sanctioned by multiple provisions, none of which however explicitly refers to file sharing. Indeed, the 1978 Copyright Act has been frequently modified since its enactment³¹ as a response to the increasing need for copyright protection due to the diffusion of technological innovations. Many different bills have been proposed to punish file sharing, but no single one has become law yet.³² Despite the absence of a specific punitive provision, there are very few doubts on the illegality of file sharing of copyrighted materials. File sharing can be considered an act of copying, therefore infringing the author’s right of reproduction. Indeed, despite the existence of limitations and exceptions to copyright, under current interpretations, file sharing does not fit into them.³³

The first case to be analyzed originated from the refusal of an ISP (Verizon) to comply with the subpoena requested by the Recording Industry Association of America (RIAA), the trade organization that represents recording industry distributors in the United States.³⁴

Through a subpoena duces tecum, a court, upon request of a party, orders a third person to produce documents or other tangible forms of evidence³⁵. In the US legal system, a special form of subpoena exists for the enforcement of copyright, provided by § 512(h)³⁶, according to which “a copyright owner or a person authorized to act on the owner’s behalf may request the clerk of any United States district court to issue a subpoena to a service provider for identification of an alleged infringer in accordance with [17 USC § 512]”³⁷.

The RIAA meant to use this tool to obtain users’ identities associable to the collected IP addresses suspected of illegal file sharing of musical contents.

The District Court for the District of Columbia stated that Verizon had to comply with the RIAA’s request. Verizon appealed this decision, and the Court of Appeal reversed it. Among the reasons for the appeal, Verizon considered the contrast between § 512(h) of the Copyright Act and the First Amendment of the Constitution, protecting freedom of expression and therefore also anonymity. The subpoena was quashed for other reasons, and more specifically because of a restrictive interpretation of the hypothesis in which the subpoena tool was applicable. Nevertheless, what has to be stressed is the exception mentioned, made by Verizon with regard to anonymity of users, which can be somehow considered a form of privacy. In its defense, Verizon argued that the DMCA subpoena violated users’ First Amendment rights by uncovering their anonymity, given that courts have recognized that the First Amendment also covers expression on the Internet³⁸.

Verizon’s statements on anonymity can be considered a defense of privacy as well. Anonymity is in fact a tool to preserve or conceal someone’s privacy, and at the same time, the former can enjoy some protection as a component of the latter³⁹: they can somehow be seen as complementary to one other.

Given the unsuccessful results obtained through the DMCA subpoena, the RIAA chose another typical trial tool: the so-called ex parte discovery. In this kind of process, one of the parties is not notified of the existence of the process itself; hence, it is not present or represented.

The RIAA started a number of lawsuits against “John Doe”⁴⁰. An “ex parte” order would permit the RIAA to obtain “immediate discovery,” which is an authorization to issue a subpoena to the ISPs as third parties, requesting them to supply the information on their clients⁴¹.

As an example, let us take the decision Arista Records, LLC v. Does 1-16 ⁴². Again, the ISP objected that the First Amendment was violated, even though the District Court held that sharing files through peer-to-peer technologies could not be considered an “expression” for the purposes of the First Amendment. Moreover, the Court observed that there was a scarce expectation of privacy⁴³: users who share files through peer-to-peer networks accept that their personal data can be spread through the same networks⁴⁴.

The most interesting part of the decision is the application of a specific test in order to understand which of the conflicting rights—meaning, privacy/copyright—should prevail⁴⁵.

The factors considered are the following:

This test was followed in the majority of the decisions here illustrated and resulted, in most of the cases, in a victory for copyright enforcement.

As we will see, a similar test is applied also in the Canadian decisions, while it does not exist in the Italian context, even though, in the case of interpretation of art. 156bis as a precautionary measure, the requirements of fumus boni iuris and periculum in mora must be evaluated⁴⁶.

There are very few Canadian decisions relating to the enforcement of file sharing against final users. The case here considered is BMG v. Does ⁴⁷, the first and most important decision of this kind in the Canadian legal system. The case is a copy of the US ones, promoted by the Canadian Recording Industry Association (CRIA), the Canadian correspondent of the RIAA.

In Canadian copyright law, there is no tool such as the subpoena provided by §512(h) of the U.S.C. or art. 156bis of Italian law on copyright. Hence, CRIA used the tool of the John Doe processes since the beginning, following rules 233 and 238 of the Federal Court Rules. These rules, concerning the discovery phase, aim at revealing the existence of documents and at obtaining the subsequent showing of the same documents by people who are not part of the lawsuit.

In BMG v. Does, five different ISPs were involved: four of them refused to comply with the requests of plaintiffs, arguing that the privacy of users/clients had been violated. These arguments were based on the applicability to the case of the Personal Information Protection and Electronic Documents Act (PIPEDA) of 2001.

Unlike what happens in the US and in Italy, when the Canadian decisions were taken, there was no legislative provision from which one could infer with certainty that file-sharing activities were illegal. The CRIA argued that users infringed authors’ exclusive rights: Sections 18 and 27 of the Canadian Copyright Act protecting reproduction and distribution of copyrighted works⁴⁸. Nevertheless, in this case, the Court stated that “downloading a song for personal use does not amount to infringement in the light of Section 80(1) of the Copyright Act” providing an exception to copyright for personal use⁴⁹.

This interpretation, as well as the absence of specific provisions punishing file sharing, was an effect (also) of the late implementation of World Intellectual Property Organization Treaties by the Canadian government⁵⁰. These international agreements introduced a new right for the copyright holder: the exclusive right to make available, which can be seen as a way to stop file sharing and other similar activities⁵¹.

In the Canadian case, as happened in the US ones, in order to decide which right had to prevail, the court applied a test made of five steps:

The judge stated that since file sharing could not be univocally considered illicit, and privacy was “of utmost importance to Canadian society”⁵³, the interest of privacy protection had to prevail⁵⁴.

The CRIA appealed⁵⁵. In the opening words of the Federal Court of Appeal’s decisions, the “case illustrate[d] the tension existing between the privacy rights of those who use the Internet and those whose rights may be infringed or abused by anonymous Internet users”⁵⁶.

The Court of Appeal specified that, although the lower court erred in judging file sharing as legal, CRIA’s request had to be rejected, even only for the time passed between the collection of IP addresses and the request for users’ identification⁵⁷.

Even if only briefly illustrated, the selected case law shows the conflict springing from the introduction of a new technology (i.e., file sharing) in the existing legal scenario. Indeed, looking closer, both rights (privacy and copyright) seem to sprout exactly from the introduction of a technological innovation, whether revolutionary or not⁵⁸.

Facing a new situation, judges, who cannot avoid making a decision, have to understand which of the two conflicting legal spheres has to prevail. The judge finds herself in need of balancing rights whose prevalence is not predefined by the system. Each of the countries examined lacks a norm indicating clearly which road has to be taken: in all the systems, the two rights seem to have the same rank.

Data protection is usually considered part of the right to privacy, either as an interpretation of it or as a way to protect privacy itself. In each of the three countries examined, both courts and scholars have made efforts to trace back the right to privacy to national constitutions, despite the fact that none of the constitutions explicitly mentions privacy. As for the US, privacy is usually linked to the First, Fourth, Fifth, and Fourteenth Amendments of the Constitution⁵⁹. In the Canadian system, the protection of privacy comes from the Charter of Rights and Freedoms of 1982, and in particular from Sections 7 and 8⁶⁰. In the Italian context, a right to privacy has been retraced to arts. 2, 3, 13, 14, and 15 of the Constitution, as can be read in the famous “Soraya” decision⁶¹. Furthermore, the European Convention on Human Rights (art. 8) and the Charter of Fundamental Rights of the European Union (art. 7) sanction in the same way the need to respect private and family life.

As for copyright, the US system explicitly protects it through Clause 8, Section 8 of article 1 of the Constitution, which includes the so-called copyright clause. As is well known, according to this section, Congress “shall have the power to promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries.” Through this section, Congress acquires the competence to legislate on this subject, and meanwhile, copyright is consecrated as an exclusive right of authors, even though limited in time. In Canada, legislative power on copyright is exclusively given to the Congress as well. This can be inferred from Section 91(23) of the Constitution Act of 1867, nowadays part of the Canadian Constitution. This section considers copyright a constitutionally recognized right, even though the same section does not give a definition. In the Italian context, copyright is traced back to arts. 9 (on the development of culture and scientific and technical research), 21 (freedom of expression), and 33 (freedom of arts and science). It is also connected to arts. 2 and 4, which consider the protected work an activity concurring in the spiritual or material progress of society. Finally, art. 17, co. 2 of the mentioned Charter of Fundamental Rights of the European Union states that “Intellectual property shall be protected.”

Looking at the results of the illustrated cases, it is possible to make the following observation⁶²: in the US, the majority of the cases results in a win for copyright holders; in Canada, even if the sample is very limited, one can say that the protection of information privacy prevailed on copyright. This last statement is true also for the Italian context.

It often happens that the context in which judges work does not allow a clear predetermination of the prevailing interest, and on the contrary, that same context puts the judge in front of provisions that allow a certain degree of discretion. Which parameters should judges follow to determine the prevalence of one or the other right in these situations? And which parameters did in fact judges adopt in the concrete cases?⁶³

There are a number of different mechanisms, which judges follow in their decisions. “Classical” balancing mechanisms concern the techniques used by courts to weigh different rights and interests against each other. These methods, which have been analyzed by many scholars, are applied especially by the highest courts, such as constitutional courts, valuing the compatibility of a given norm vis–à–vis the constitution⁶⁴. Balancing mechanisms appear to be external, meaning that they are objectively observable by reading judicial decisions. The study here proposed looks for a different approach, under the mentioned sociocultural analysis. My idea is to look through judicial decisions and see whether judges are culturally influenced, besides the actual methods of balancing applied. Judges are indeed part of the social structure by which they can be influenced⁶⁵: culture can affect judges⁶⁶.

In my analysis, the concept of “legal culture” plays a pivotal role. Legal culture can approximately be described as a factor (or at least one of the factors) in helping to explain the differences between so-called law in the books and law in action⁶⁷. A straightforward definition of legal culture considers it a cluster of “ideas, values, attitudes, and opinions people in some society hold, with regard to law and the legal system”⁶⁸. The concept of legal culture is not an easy one⁶⁹, and while explaining some mechanisms, it also involves some complications.

Every state seems to have its own culture⁷⁰, even though in the time of globalization it can seem obsolete to talk of cultures enclosed within national borders⁷¹. This is the reason why I believe it is possible to talk, for example, of an “Internet users’ culture” or a “file-sharers’ culture,” which necessarily go beyond national boundaries. To this extent, a person can belong to different cultures at the same time⁷². Despite not being legal cultures, these cultures affect the legal culture of judges, since judges are part of the same social context.

After making these premises, I want to stress that the present analysis does not aim to indicate which methods of interpreting the law are correct. On the contrary, this paper is intended to be a first step towards investigating the interpretation and balancing made by judges, as it will emerge from the next paragraphs.