tag:blogger.com,1999:blog-3993498847203183398.post5199061790323803173..comments2024-03-28T09:19:27.451+00:00Comments on RevK<sup>®</sup>'s ramblings: Day in courtRevKhttp://www.blogger.com/profile/12369263214193333422noreply@blogger.comBlogger83125tag:blogger.com,1999:blog-3993498847203183398.post-20474599743062254392015-09-11T13:46:54.401+01:002015-09-11T13:46:54.401+01:00Looks like this ploy to get money has well and tru...Looks like this ploy to get money has well and truly dried up. Good scam while it lasted but I suspect e-mailers have wised up to the fact that there are no quantifiable damagesAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-80994644261031757022015-05-14T20:33:07.105+01:002015-05-14T20:33:07.105+01:00FYI, clicking an unsubscribe button in most cases ...FYI, clicking an unsubscribe button in most cases covertly places files on your PC. These themselves seem to be an invasion of your privacy under the Human Rights Act. Vidal Hall vs Google found that browser generated files of this type were private/personal data. <br /><br />Maybe the HRA/privacy law and the DPA provide more useful ways to make a claim and be paid. <br /><br />Re PECRs, clearly the law is an ass. Or else the law was cynically written by our rulers so that it would not interrupt spammers going about their business. <br /><br />Does anyone know if punitive damages can be claimed in a county court or only in a higher court? Spam is an example of conduct that clearly calls for punitive damages. Dhttps://www.blogger.com/profile/06472119771650643883noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-59809904526171185662015-04-20T14:06:20.725+01:002015-04-20T14:06:20.725+01:00Not a good result but in the Small Claims Courts r...Not a good result but in the Small Claims Courts results can be mixed.<br /><br />The notes that Neil made refer to a "list of cases which found in favour of a<br />claimant under Regulation 30 for a breach of Regulation 22", are you prepared to make this list available? It may help others though I'm aware it didn't help you in this case.ContextSwitchhttps://www.blogger.com/profile/02055385944215236099noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-35139501397484208782015-04-19T23:54:15.114+01:002015-04-19T23:54:15.114+01:00Pretty much the same outcome as mine then. "N...Pretty much the same outcome as mine then. "No quantifiable damages" :-(Deannahttps://www.blogger.com/profile/00039168200475889026noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-8546867297433804302015-04-17T17:26:15.536+01:002015-04-17T17:26:15.536+01:00> I would suspect there is no way that anyone ...> I would suspect there is no way that anyone can justify or calculate damages of £100 for deleting an email in front of a Judge<br /><br />Why not? My justification is that it is estimated that a coder loses 15-30 minutes of productivity each time they are interrupted, and I can cite a software developer who is also a well known published author to back up this claim. That automatically gets me an estimate of 0.5*hourly_rate*number_of_emails.<br /><br />Beyond that, there is the cost of mistakes that are introduced into my work due to the distraction: this is harder to quantify.<br /><br />There is also the cost of losing important emails due to having to run spam filters - this argument is probably much thinner since the damages resulting from having to running spam filters would presumably be spread across all spammers, not just the one you're fighting.<br /><br />I think it's important to understand that the small claims process is intended for recovering losses, not to impose punitive fines on law breakers or to make a profit. I see the damages that I've listed above as legitimate losses and whilst a judge may estimate them differently to me, I would be interested to know the reasons why a judge would not consider them at all.<br /><br />> The courts are ruling against the latest claims which backs up this point?<br /><br />My reading of RevK's case was that he didn't really try to back up his claim of damages - it seems to me that the court ruled against him because he presented no evidence of damages, not because there were actually none. It is likely that people will learn from these cases and gain an understanding of how to present legitimate losses in a way the judge can understand and therefore uphold.Steve Hillhttps://www.blogger.com/profile/09798286430189689578noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-86697857083974514632015-04-17T16:33:08.362+01:002015-04-17T16:33:08.362+01:00As a way to make money I can see that that followi...As a way to make money I can see that that following RevK’s guidance may work but just making up damages will not fool any judge? <br /><br />Neil Brown reported<br /><br />Had the claimant “suffered damage”?<br />The judge read aloud the first words of Regulation 30 — “A person who suffers damage…” and stated that she could not see that the claimant had suffered any damage, and that the claimant had not put forward any case on this point.<br /><br />The fact that the email is or is not sent to an individual subscriber is irrelevant, the question will always remain where there damages or not. Sue Denim may have completed out-of-court for £100 damages but I would suspect there is no way that anyone can justify or calculate damages of £100 for deleting an email in front of a Judge. So the threat of taking a spammer to court seems to be off the table, but the bluff seems to still work. <br /><br />The courts are ruling against the latest claims which backs up this point?<br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-14575396044587078522015-04-17T13:28:30.818+01:002015-04-17T13:28:30.818+01:00If you asked Adrian, I suspect that when he finish...If you asked Adrian, I suspect that when he finishes laughing, he'd say No ;)Alexis Threlfallhttps://www.blogger.com/profile/11792447399167532389noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-46443914323733284802015-04-17T13:20:54.654+01:002015-04-17T13:20:54.654+01:00That makes for an interesting tactic Sue - I like ...That makes for an interesting tactic Sue - I like that.<br /><br />It also occurs to me that I should do a DPA for one of the more troublesome data sources, who are holding inaccurate information and keep parroting this data back to other spammers who have used it. I can then get them to delete it and potentially sue them for DPA breaches if they continue to hand it out.Alexis Threlfallhttps://www.blogger.com/profile/11792447399167532389noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-14311482294282251552015-04-17T13:05:28.631+01:002015-04-17T13:05:28.631+01:00I notice it talks about a "competent data pro...I notice it talks about a "competent data protection authority" - do we have one of those? :)Steve Hillhttps://www.blogger.com/profile/09798286430189689578noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-80407237334919504512015-04-17T12:17:29.642+01:002015-04-17T12:17:29.642+01:00> Do you have a link you can cite for the upcom...> Do you have a link you can cite for the upcoming changes?<br /><br />It's a horrible document to link to, I'm afraid, but take a look at the Parliament's proposed Art. 10a here:<br /><br />http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+TA+P7-TA-2014-0212+0+DOC+XML+V0//EN<br /><br />(I note that it does now say "generally", which was not the case in the original draft: Article 11(4) of: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex:52012PC0011)<br /><br />See also the ICO's "implications" document, at the bottom of page 15, but, again, this will have been working on an older iteration of the draft:<br /><br />https://ico.org.uk/media/about-the-ico/documents/1042341/implications-european-commissions-proposal-general-data-protection-regulation-for-business.pdf<br />Anonymoushttps://www.blogger.com/profile/18427000118752159232noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-47860691091606854292015-04-17T11:42:53.565+01:002015-04-17T11:42:53.565+01:00Oh thats interesting (SAR charges disappearing). ...Oh thats interesting (SAR charges disappearing). It's always been a point of annoyance for me that someone can be abusing *my* data for free, and yet I have to pay them to find out what data they (possibly unlawfully) hold and what they're doing with it. Do you have a link you can cite for the upcoming changes?<br /><br />I did have someone argue that they should be required to pay me no more than £10 for spam since that's the limit placed on them for what they can charge for SARs.. I didn't quite see the relevance of that point. :)Steve Hillhttps://www.blogger.com/profile/09798286430189689578noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-47846327179971213192015-04-17T10:36:28.837+01:002015-04-17T10:36:28.837+01:00Neil, thanks for your thoughts. It seems to me (IA...Neil, thanks for your thoughts. It seems to me (IANAL) that I should spend some time establishing the facts before issuing a NBA. The damages will be the anticipated costs of returning my data to the position in which the law says it should be.<br /><br />Alex, I included this text on a DPA SAR this week. No reply yet:<br /><br />"You are entitled to charge a fee of up to £10 for processing this Subject Access Request. This request has arisen owing to a breach of s22 Privacy and Electronic Regulations 2003 where a marketing email was sent to that email address without my informed consent. s30 PECR entitles me to claim damage. Therefore, in the circumstances, I suggest that you should process this SAR without charging a fee."<br /><br />RevK, thanks for publishing your NBA which several of your readers have re-used, including myself. My first was send in January and completed out-of-court for £100 damages yesterday. Several more will be going out next week.<br />Sue Denimhttps://www.blogger.com/profile/07859981300171450606noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-63366802212032445852015-04-17T10:11:45.842+01:002015-04-17T10:11:45.842+01:00That doesn't sound unreasonable :) (Incoming r...That doesn't sound unreasonable :) (Incoming regulation is due to remove the right for a data controller to charge for exercising the right of access, so it might be a short-lived approach.)<br /><br />> as much as you shoot us down in flames<br /><br />Hopefully I don't come across as too much of an a**e — and, of course, I may be wrong on any number of points!Anonymoushttps://www.blogger.com/profile/18427000118752159232noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-44722093604238456462015-04-17T09:33:50.991+01:002015-04-17T09:33:50.991+01:00I wonder also, if you sent them a DPA request, whi...I wonder also, if you sent them a DPA request, which they charged you for, if you could include that DPA request in the damages which you then sue them for? Does that seem reasonable Neil? (Really appreciate your views on this thread - as much as you shoot us down in flames, your answers really are useful!)Alexis Threlfallhttps://www.blogger.com/profile/11792447399167532389noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-44339347702712856362015-04-17T08:03:51.167+01:002015-04-17T08:03:51.167+01:00> Is this a reasonable approach for damages? (N...> Is this a reasonable approach for damages? (Neil?)<br /><br />It sounds reasonable (and non-contrived) to me, but I wouldn't be the judge in any case you ended up bringing!Anonymoushttps://www.blogger.com/profile/18427000118752159232noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-85011775964402255402015-04-17T00:08:39.369+01:002015-04-17T00:08:39.369+01:00Is this a reasonable approach for damages? (Neil?)...Is this a reasonable approach for damages? (Neil?)<br /><br />I get very little spam from proper companies. If I receive a spam email, that means the sender has my email address and possibly other personal data.<br /><br />The ICO advise against replying or clicking links in spam if there are any doubts about the sender because this can confirm the email address is live.<br />https://ico.org.uk/for-the-public/online/spam-emails/<br /><br />If I simply delete the spam without taking action then there is a strong likelihood that more will come from the same route and that the sender may sell my personal details. They have, after all, acquired and/or are using my personal details without my consent. If they send more spam and/or sell my details then the resulting increase in spam will amplify the costs in dealing with it.<br /><br />If it's likely that the sender has acquired my details from another party then offences may have taken place per Data Protection Act. I need to identify that other party in order to put a stop to their unlawful trade in my personal details.<br /><br />Therefore the most appropriate, and cheapest, course of action is for me to identify the sender then contact them to ask them (a) to demonstrate why they believe they have my informed consent, (b) for a copy of the data they hold about me (DPA Subject Access Request) and (c) what third party (if any) supplied the data to them.<br /><br />It is all information which the company must possess in order to fulfil their DPA and PECR responsibilities and the ICO's expect that companies must be able to provide it.<br /><br />Therefore the sender should send the necessary information and I can act upon it to opt-out and/or correct my details as necessary.<br /><br />The more I have to communicate with the sender, the greater the costs.<br /><br />The "damages" are my costs, including time, from inspecting the email through to managing to opt-out and/or correct my details. <br /><br /><br /><br /><br /><br /><br />Sue Denimhttps://www.blogger.com/profile/07859981300171450606noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-16084731027803564742015-04-16T18:34:18.610+01:002015-04-16T18:34:18.610+01:00> I was, however, sure, distribution was covere...> I was, however, sure, distribution was covered<br /><br />That largely depends on what is meant by "distribution". There is no prohibition on "distribution" in itself, but there are related, potentially relevant, restrictions depending on exactly what one is doing.Anonymoushttps://www.blogger.com/profile/18427000118752159232noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-63335341264886630142015-04-16T18:32:29.388+01:002015-04-16T18:32:29.388+01:00And, in case there was any doubt, I'm being a ...And, in case there was any doubt, I'm being a berk. Having finally reached for a textbook, s50C: an express right to "copy" software as necesssary for lawful use, which Ian Lloyd comments as meaning that "a basic use right will now be implied [but] difficulties may arise."Anonymoushttps://www.blogger.com/profile/18427000118752159232noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-35212385438447326182015-04-16T18:31:22.151+01:002015-04-16T18:31:22.151+01:00Ha! That was my rather hasty search. I was, howeve...Ha! That was my rather hasty search. I was, however, sure, distribution was covered, but maybe it is not now.RevKhttps://www.blogger.com/profile/12369263214193333422noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-7057700344234088752015-04-16T18:28:24.863+01:002015-04-16T18:28:24.863+01:00Fortunately, the 1956 Act to which you link was ab...Fortunately, the 1956 Act to which you link was abolished in 1988!Anonymoushttps://www.blogger.com/profile/18427000118752159232noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-84726408456745785592015-04-16T18:26:00.772+01:002015-04-16T18:26:00.772+01:00http://www.legislation.gov.uk/ukpga/1956/74/sectio...http://www.legislation.gov.uk/ukpga/1956/74/section/5/enacted#text%3DdistributionRevKhttps://www.blogger.com/profile/12369263214193333422noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-52939461587747334092015-04-16T18:25:11.603+01:002015-04-16T18:25:11.603+01:005(4)?5(4)?Anonymoushttps://www.blogger.com/profile/18427000118752159232noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-35815420631966608842015-04-16T18:24:05.124+01:002015-04-16T18:24:05.124+01:00CDPA 5(4) covers distribution.CDPA 5(4) covers distribution.RevKhttps://www.blogger.com/profile/12369263214193333422noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-69928348627134625262015-04-16T18:22:05.034+01:002015-04-16T18:22:05.034+01:00I see what you are getting at in terms of the GPL ...I see what you are getting at in terms of the GPL / EULA distinction. I can promise that I am not trying to being obtuse (that can happen perfectly well enough without me trying...) :) I tend to get a bit nervous when people try to distinguish between a licence they might like (GPL) and a licence that they might not like (a EULA) by arguing that different rules apply, as my sense is that this just makes everything harder for everyone!<br /><br />> distributing copyrighted works requires some kind of licence<br /><br />It depends on what is meant by "distribution" here: "distribution" is not an act restricted by copyright. Me giving you a CD which I bought from a retail shop in Europe does not require a licence, for example, whereas me burning a copy of a copyright work to CD and giving you that CD would.<br /><br />> For example, there is nothing in law that says you aren't allowed to reverse engineer some software<br /><br />Hmmm... My feeling is that reverse engineering does entail the performance of restricted acts, else s50BA would not be necessary. The "right to reverse engineer" in the UK is more a "right to observe, study and test", and it is limited to the situation in which the user does this while performing an act which s/he is entitled to do. But a user with no licence to run the software in the first place cannot avail themselves of the right to observe etc., since the right is tied to a lawful use.<br /><br />(A term trying to curtail this right would, in the UK, be void: s296A)<br /><br />> there is no absolute requirement for you to agree to the licence<br /><br />Perhaps a nitpicky legal point, but there is never a need to agree to a licence: a licence is just a permission to do something which is otherwise prohibited, and is simply "there". It might be absolute, or it might be conditional, but its power comes not from consensual agreement but rather from permitting you to do something which would otherwise be prohibited.<br /><br />> because the licence doesn't grant you any rights that you didn't already have. Therefore you can't make the implicit "so this person must have agreed" reasoning.<br /><br />Agreed, but only because of the assumption cover your post, which is that running software is not an act restricted by copyright. I'm siding with "oh yes it is" for the moment :)<br /><br />> So does this mean that I am infringing copyright since I never agreed to the licence?<br /><br />No, as a licence does not require agreement. And, as long as you are doing what was contemplated by the licensor, you are probably fine.<br /><br />> When I put a CD in a modern CD player, it will buffer the data stream into RAM as it plays - am I infringing copyright by playing a CD? Why is running a software different?<br /><br />My understanding is that playing a CD is not treated as copying, but that running software is. It might suck. It might not be the desirable answer, but my understanding is that that is the legal position in the UK. (I want to point at s28A as the difference between music/ sound recording and a computer program in terms of treatment of temporary copies, since computer programs are clearly excluded, but memory tells me that there is something else at play here, but I can't recall quite what.)Anonymoushttps://www.blogger.com/profile/18427000118752159232noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-16044817182573948092015-04-16T18:18:32.654+01:002015-04-16T18:18:32.654+01:00Thank you for responding Neil. I did think it prob...Thank you for responding Neil. I did think it probably had a fatal flaw :)<br /><br />I guess it comes down to geeks thinking that the law is like RFC's! (just follow the recipe) <br />Not so!Anonymoushttps://www.blogger.com/profile/15717592062414307952noreply@blogger.com