• barsoap
    link
    fedilink
    arrow-up
    2
    ·
    5 months ago

    The second operation, carried out by the internet access providers at Hadopi’s request, consists, inter alia, of matching the IP address with the civil identity data of its holder.

    Which just opens more questions: How long are ISPs allowed/required to store customer IPs, and then what happens if I have an open wifi: Can they just assume that I did it or declare me responsible anyway, that is, is it possible for a private individual to enjoy ISP privileges?

    • wizzim@infosec.pub
      link
      fedilink
      arrow-up
      2
      ·
      5 months ago

      Yes if I remember the Hadopi correctly, your are responsible for securing your access point and liable for any use made out of it.

      Le décret sur la négligence caractérisée a été publié au JO le 26 juin. Il instaure l’obligation de sécuriser sa connexion, sans en préciser les moyens, sous peine d’une amende salée et d’une coupure Internet en cas de délit de téléchargement illégal.

    • Kissaki@beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      5 months ago

      If you read more of the ruling, the ruling allows EU nations to impose requirements on ISPs. So the storage duration would be up to national law. (Which of course one may call into question bring before court on whether they are too long.)


      The question of whether you are liable as a provider of open access is an independent question. Yes, it becomes more relevant if you as a provider can’t bet on anonymity anymore. But it’s independent.

      Looking at DE Wikipedia, looks like previous EU court rulings were dismissing being held accountable, but there’s still one open. German law freed it in 2018. No mention of EU specifically in this article, so maybe it’s national concern - at least until the EU court makes a ruling.