YouTube ordered to hand over customer logs


3 Jul 2008

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Have you uploaded clips containing copyrighted material to YouTube over the past while? Watch out if it’s from Viacom because yesterday the entertainment company won the right to demand information on all YouTube users from Google through a judge’s ruling.

This order came about as part of Viacom’s US$1bn lawsuit against Google for copyright infringement as a result of content uploaded by YouTube users.

Ironically, the judge made the decision based partially on Google’s definition of acceptable data retention and what is and is not classed as personally identifiable information.

“The IP addresses recorded by every website on the planet without additional information should not be considered personal data, because these websites usually cannot identify the human beings behind these number strings,” said Alma Whitten, software engineer, on Google’s Public Policy blog.

In defence of the US$1bn lawsuit, Google is claiming safe harbour through the Digital Millennium Copyright Act, stating that as long as it takes down copyright material posted by users as soon as the copyright holders notify and request a takedown, it is within its rights.

The Electric Frontier Foundation is not impressed by Viacom’s actions, stating that the court order “erroneously ignores the protections of the federal Video Privacy Protection Act (VPPA) and threatens to expose deeply private information about what videos are watched by YouTube users.”

While the court is ruling that the information is non-identifiable to individuals, the court order states: “For each instance a video is watched, the unique ‘login ID’ of the user who watched it, the time when the user started to watch the video, the internet protocol address other devices connected to the internet use to identify the user’s computer and the identifier for the video” are all required.

Which is not identifiable. Apparently. So you’re safe. Apparently.

By Marie Boran