The BBC has discovered documents that detail a so-called graduated response program for detecting illegal downloads done by customers of major UK ISPs and sending alert messages to them.  The program is called the Voluntary Copyright Alert Programme (Vcap).  It was negotiated between the UK’s four major ISPs (BT, Sky, Virgin Media, and TalkTalk) and trade associations for the music and film industries, and it is expected to launch sometime next year.

Vcap is a much watered-down version of measures defined in the Digital Economy Act of 2012, in that it calls only for repeated “educational” messages to be sent to ISP subscribers and for no punitive measures such as suspension or termination of their accounts.

In general, graduated response programs work like this: copyright owners engage network monitoring firms to monitor ISPs’ networks for infringing behavior.  Monitoring firms use a range of technologies, including fingerprinting to automatically recognize content that users are downloading.  If they find evidence of illegal behavior, they report it to a central authority, which passes the information to the relevant ISP, typically including the IP address of the user’s device.  The ISP determines the identity of the targeted subscriber and takes some action, which depends on the details of the program.

In some cases (as in France and South Korea), the central authority is empowered to force the ISP to take punitive action; in other cases (as in the United States’ Copyright Alert System (CAS) as well as Vcap), ISPs take action voluntarily.

Assuming that Vcap launches on schedule, we could soon have data points about the effectiveness of various types of programs for monitoring ISP subscribers’ illegal downloading behaviors.  The most important question to answer is whether truly punitive measures really make a difference in deterring online copyright infringement, or whether purely “educational” measures are enough to do the job. Currently there are graduated response programs in South Korea, New Zealand, Taiwan, and France that have punitive components, as well as one in Ireland (with Eircom, the country’s largest ISP) that is considered non-punitive.

Is America’s CAS punitive or educational?  That’s a good question.  CAS has been called a “six strikes” system (as opposed to other countries’ “three strikes”), because it defines six levels of alerts that ISPs must generate, although ISPs are intended to take “mitigation measures” against their subscribers starting at the fifth “strike.”  What are these mitigation measures?  It’s largely unclear.  The CAS’s rules are ambiguous and leave quite a bit of wiggle room for each participating ISP to define its own actions.

Instead, you have to look at the policies of each of the five ISPs to find details about any punitive measures they may take — information that is often ambiguous or nonexistent.  For example:

• AT&T: its online documentation contains no specifics at all about mitigation measures.
• Cablevision (Optimum Online): its policy is ambiguous, stating that it “may temporarily suspend your Internet access for a set period of time, or until you contact Optimum.”  Other language in Cablevision’s policy suggests that the temporary suspension period is 24 hours.
• Comcast (Xfinity): Comcast’s written policy is also ambiguous, saying only that it will continue to post alert messages until the subscriber “resolve[s] the matter” and that it will never terminate an account.
• Time Warner Cable: also ambiguous but suggesting nothing on the order of suspension or termination, or bandwidth throttling.  It states that “The range of actions may include redirection to a landing page for a period or until you contact Time Warner Cable.”
• Verizon: Verizon’s policy is the only one with much specificity.  On the fifth alert, Verizon throttles the user’s Internet speed to 256kbps — equivalent to a bottom-of-the-line residential DSL connection in the US — for a period of two days after a 14-day advance warning.  At the sixth alert, it throttles bandwidth for three days.

In other words, the so-called mitigation measures are not very punitive at all, not even at their worst — at least not compared to these penalties in other countries:

• France: up to ISP account suspension for up to one year and fines of up to €1500 (US $2000), although the fate of the HADOPI system in France is currently under legal review.
• New Zealand: account suspension of up to six months and fines of up to NZ $15,000 (US $13,000).
• South Korea: account suspension of up to six months.
• Taiwan: suspension or termination of accounts, although the fate of Taiwan’s graduated response program is also in doubt.

[Major hat tip to Thomas Dillon’s graduatedresponse.org blog for much of this information.]

In contrast, Vcap will be restricted to sending out four alerts that must be “educational” and “promot[e] an increase in awareness” of copyright issues.  Vcap is intended to run for three years, after which it will be re-evaluated — and if judged to be ineffective, possibly replaced with something that more closely resembles the original, stricter provisions in the Digital Economy Act.  By 2018, the UK should also have plenty of data to draw on from other countries’ graduated response regimes about any relationship between punitive measures and reduced infringements.