Swedish ISPs vow to erase users' traffic data

Having apparently been scared off illegal file sharing in large numbers by a new Swedish law that went into effect April 1, pirates in that country now have a new safe harbor to escape law enforcement.

Three Swedish Internet service providers, among them Tele2, one of the country's three major broadband operators, have stated that they will erase traffic data to protect their customers' privacy.

"It's a strong wish from our customers, so we decided not to store information on customers' IP numbers anymore," Niclas Palmstierna, CEO of Tele2, told Swedish national news agency TT Tuesday morning.

The information is crucial in investigating piracy. When surveying the Internet to spot computers involved in uploading or downloading copyright-protected material, it's easy to capture these computers' IP data. But to identify the person using the computer, it's necessary to ask for the ISP, as IP numbers normally are assigned dynamically by the provider.

The new so-called IPRED law in Sweden, based on an EU directive, gives copyright owners the right to ask for customers' identity from ISPs, if a court agrees.

Strong indications showed that total Internet traffic in Sweden decreased by 30 percent to 50 percent the day the law took effect, and traffic still remains low, as indicated by traffic exchanged between ISPs in major Swedish network exchange Netnod.

Tele2's decision to erase traffic data follows a similar decision by ISPs All Tele and Bahnhof.

The move in itself is not against the law. On the contrary, European law on electronic communication (PDF) demands that ISPs only store traffic data for a limited time period to handle billing, inter-operator traffic, and security issues. The law then requires them to erase that data as soon as possible.

Copyright owners are upset nonetheless. "It's astonishing that someone who claims to be a serious communication operator wants to assist in crime, which is implied by what (ISPs) are doing" when they erase data, lawyer Peter Danowsky told the Swedish daily newspaper SvD.

Danowsky represented the International Federation of the Phonographic Industry in the high-profile Pirate Bay case. Four men were sentenced to prison for assisting in making 33 copyright-protected files available over the Internet. (The IFPI represented a number of record labels in the litigation.)

"Major portions of the Internet traffic derive from illegal file sharing, which makes it an important revenue source for the ISPs," Danowsky added.

The downturn in Swedish Internet traffic results in lowered costs for ISPs, while revenues remain the same as prescription fees are flat rate. But long-term revenues are at stake, as demand for high bandwidth could decrease.

Other major ISPs in Sweden declare they will not follow Tele2's decision. They say they need traffic data to handle security issues. But data will be stored only for a few weeks.

Telia Sonera, the country's largest ISP, tells SvD that it stores data for "a short period," whereas another major ISP, Norwegian Telenor, says it stores data for a maximum of three weeks. So copyright owners that want traffic data must turn to a court very quickly after securing evidence on illegal file sharing if they want a chance to get at the identity behind an IP number.

According to Swedish police, the operators' move to erase traffic data will also make other cybercrime investigations more difficult, Swedish national news agency TT reports.

Meanwhile, the first case under the new IPRED law drags on. Five audio book publishers have turned to the law to get at the identity behind an IP number allegedly used for illegal file sharing, but the ISP Ephone refuses to hand over the information, declaring that the evidence is too weak.

The court now says the material from the parties is extensive and that it largely will be up to the parties to decide how long the court's decision will take, according to the daily SvD.