Guest column: Why France's three strikes rule is unworkable

Graham Cluley
Graham Cluley: three strikes rule is "draconian"

TechRadar is delighted to welcome Graham Cluley, Senior Technology Consultant at Sophos, as regular guest columnist.

Sacre bleu! News broke last week that France is set to introduce rules which could mean people are accused of internet piracy, and thrown off the internet, without their guilt having been proven in a court of law.

According to media reports, French internet users found to be downloading copyrighted music and films without paying for them would get three warnings before having their connection cut for up to a year.

Until now, action against illegal file-sharing has been a matter for the French courts, so to say this is somewhat of a 'controversial' ruling is spot on.

While there's no doubt that something needs to be done to combat internet piracy, a 'three-strikes and you're out' rule just seems a tad draconian to me.

The UK Government suggested a similar crackdown in February last year when it unveiled a Green Paper proposing to give Internet Service Providers (ISPs) 'cut off' powers against the estimated six million UK users accessing pirated material every year.

This type of ruling is likely to cause major headaches for ISPs and Wi-Fi users alike - customers who are about to be cut off from the net could claim that other people have been illegally piggybacking on their internet connection, for instance.

Identifying the culprit

It's no secret that Wi-Fi theft is a big problem. Back in 2007 Sophos polled 560 computer users and found that a whopping 54 percent had stolen Wi-Fi internet access in the past - if those sorts of figures were around two years ago, imagine the scale of the situation now.

The bottom line is: people who illegally download material that they haven't paid for aren't going to have any qualms about using someone else's internet connection. This not only means there are likely to be innocent victims, but it also gives the real pirates a plausible defence.

And what if the alleged illegal downloads are made by staff in the workplace? Will the entire company be disconnected from the net? Such a move would have serious ramifications for such a Web 2.0 dependent business world.

But some workers do abuse corporate bandwidth to download copyrighted materials (rather than using their own home connections), so this is one of the reasons why firms should be using application control solutions to block the use of file-sharing clients in the office.

Combating the threat

To combat the problem of hijacked internet connections, computer users - whether at work or at home - must make sure they set up their wireless networks with security in mind, ensuring that strong encryption is in place to prevent neighbours and passers-by from illegally using their connection.

While there's no 100 percent solution to piracy, following simple advice like this can help innocent users protect themselves both from this risk, and that of hackers eavesdropping on communications and stealing information that can be used for identity theft.

As for France, the internet piracy bill still has to make its way through Senate approval this week.

It's hotly tipped to sail through the final vote and straight into play, but I'm sure that French computer users, ISPs and EU citizens will still be waiting with baited breath as to the future of their online habits.


Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his other blog on the Sophos website you can find him on Twitter at @gcluley.