Making cracked computer programs available to a members’ network over the internet infringes copyright

05 March 2007

Josefine Jonsson, Henrik Nilsson

On 22 November 2006 the Court of Appeal for Southern Norrland convicted a 27-year-old man, who during 2000 and 2001 was active as a “data cracker”, for infringing the Swedish Act on Copyright in Literary and Artistic Works (1960:729). The defendant was a member of the international Warez group, Drink or Die (“DOD”), known for unlawfully copying, modifying and distributing computer programs to Warez-participants over the internet.

The defendant had downloaded computer programs from the DOD group’s “drop-box” server to his own computer. He had then removed the security codes by creating patch-files, so called “cracks”. Other members of the Warez network were given the patch files to test that they worked with the computer program located on the defendant’s computer. The computer programs, the patch-files and an information file, containing a brief description of the software and installation instructions for the patch file, were then uploaded to “leech” servers, which were accessible to members of DOD and other Warez groups. The defendant was identified and arrested in October 2001, as a result of an investigation by the American Customs Authority of approximately ten different Warez groups.

Under Section 53 of the Act on Copyright in Literary and Artistic Works (“Copyright Act”), it is prohibited to commit acts which infringe the copyright enjoyed in the work, i.e. to exploit the work by making copies of it or by making it available to the public, be it in the original or an altered manner, in translation or adaptation, in another or literary or artistic form. Under Section 12 of the same Act, there is no right to make copies of computer programs even for private use. However, if a right to use the computer program has been acquired, according to Sections 26 g and h the Copyright Act copies can be made in order to use the program for its intended purpose, to make back-up copies, to observe, test and study the principles behind various details of the program, and to reproduce or translate the code of the program in order to obtain interoperability with other software.

After being arrested, the defendant cooperated with the police and admitted to cracking security codes of over 100 computer programs.

The case was tried in the first instance by the District Court of Sundsvall in January 2005. The District Court found that the defendant had not infringed the Copyright Act, neither on the ground of making copies of the computer programs nor on the ground of making the programs available to the public. Regarding the copying of the software, the District Court held that the computer programs were lawful demo or shareware versions which the defendant had used to observe, test and study the ideas of the programs. Regarding the distribution of the software, there was no clear evidence as to the extent of the group of people which could access the “leech” servers holding the cracked computer programs. The District Court estimated that approximately 50-100 members of the Warez groups were able to obtain the cracked computer programs, given that access had required both an approved IP address and special password. The Court found that taking into account the limited distribution, the programs should not be deemed to have been made available to the public in violation of the Copyright Act.

The Prosecution Authority appealed the verdict. When the case was tried by the Court of Appeal for Southern Norrland in November 2006, the District Court’s ruling was overturned. The Court of Appeal held that the defendant had infringed the computer programs by making unlawful copies, both through integrating patch files into the computer programs, thereby unlawfully altering them, and through downloading the computer programs from DOD servers to his computer.

More importantly, the Court of Appeal answered the question as to whether the defendant had made the computer programs available to the public in distributing them within the DOD network. The Court held that the leech servers could be accessed by at least 100 persons mainly belonging to Warez groups. Such groups were loosely connected, with members scattered all over the world, and generally the members only knew each other by the user name they used online. Also, membership of the computer network was in flux, as new members joined and old members left. Based on this, the Court of Appeal found that the group of people which could access the leech servers fulfilled the criterion as the “public” in the meaning of the Copyright Act. The defendant was therefore convicted for making the computer programs available to the public together with other members of the DOD.

The Court of Appeal gave the defendant a suspended sentence. This was a reduced penalty as the criminal proceedings had taken almost six years and the defendant had cooperated with the police.

The Court of Appeal’s judgment is interesting as it provides an example of what constitutes “the public” when the Copyright Act is applied to an online environment. It should, however, be noted that the present case concerns the application of the old version of the Copyright Act. On 1 July 2005 the Copyright Act was amended in order to implement the Information Society directive. The amendments clarify that works can also be made available by being “communicated to the public” by fixed or wireless means from a place other than where the public can access the work, and by communications which occur in such a way that members of the public may access the work from a place and at time individually chosen by them. Because of the amendment, it is possible that the courts’ view of the “public” will change in cases of online or wireless transmissions. The abovementioned case should therefore be applied with caution to copyright infringements which have occurred after 1 July 2005.