Our previous coverage of media harassment in Great Britain focused on a prickly billionaire’s aggressive use libel laws. This time, British police have seized a Web server of indymedia.org.uk because they failed to disclose personal information on a reader who posted a comment on the left-leaning media site.
The progression is a little complicated: Earlier this month, a particularly nasty group of animal rights activists were convicted of, among other things, falsifying child sexual abuse claims against customers of a biotech lab the activists had targeted. Indymedia covered the trial, and down in the comments section of one of the stories, a reader posted the home address of the judge handing out sentences.
Indymedia’s version of the story says they promptly removed the comment, but police wanted more: personal information on the user who left the comment. Indymedia says it does not log the IP addresses (the originating location of requests to see Web pages) of its users, meaning they had no data to turn over. Unsatisfied with that answer, Kent Police sent an officer over to Indymedia’s hosting company, UK Grid, and demanded the server.
In June 2008, the EU has recently issued a Directive on Privacy and Electronic Communications an order that all Internet servers log IP addresses, creating a digital trail back to every person who requests to see a page hosted in Europe. The directive, which must be implemented locally by EU members, met immediate resistance from privacy advocates, despite including some measures to mandate other privacy protections.
As in a similar case in the United States, the hosting company was intimidated into ignoring their customer’s rights. In this case, that means turning over the server without requesting a written warrant — according to Indymedia, the only paperwork in the transaction was this receipt for the hardware.
At the moment, it appears that the Kent Police are sifting through user data on a server that hosted Indymedia, as well as half dozen other left-leaning activist sites, without troubling to get a search warrant. And if those sites are complying with the EU’s data retention laws, those servers are full of interesting data on Internet users worldwide.
— Jonathan Eyler-Werve