Jane Crossley y Fernando Morgado - De fantasmas y demonios.pdf
10726.2011 - Crossley
Transcript of 10726.2011 - Crossley
-
8/3/2019 10726.2011 - Crossley
1/35
SOLICITORS DISCIPLINARY TRIBUNAL
IN THE MATTER OF THE SOLICITORS ACT 1974 Case No. 10726-2011
BETWEEN:
SOLICITORS REGULATION AUTHORITY Applicant
and
ANDREW JONATHAN CROSSLEY Respondent
______________________________________________
Before:
Mr J N Barnecutt (in the chair)
Mr R Nicholas
Mrs L McMahon-Hathway
Date of Hearing: 16th January 2012
______________________________________________
Appearances
Peter Steel, Solicitor, Capsticks Solicitors LLP, 1 St Georges Road, Wimbledon, London
SW19 4DR for the Applicant.
The Respondent appeared in person
______________________________________________
JUDGMENT
______________________________________________
-
8/3/2019 10726.2011 - Crossley
2/35
2
Allegations
1. The allegations against the Respondent were that:-
Contained in a Rule 5 Statement dated 11 March 2011
1.1 In breach of Rule 1.03 of the Solicitors Code of Conduct 2007 ("the SCC") allowed
his independence to be compromised;
1.2 In breach of Rule 1.04 of the SCC the Respondent acted contrary to the best interests
of his clients;
1.3 In breach of Rule 1.06 of the SCC, the Respondent acted in a way that was likely to
diminish the trust of the public places in him or in the legal profession;
1.4 In breach of Rule 2.04(1) of the SCC, the Respondent entered into arrangements to
receive contingency fees for work done in prosecuting or defending contentiousproceedings before the Courts of England and Wales except as permitted by statute or
the common law;
1.5 In breach of Rule 3.01 of the SCC, the Respondent acted where there was a conflict of
interest in circumstances not permitted under the Rules, in particular because there
was a conflict or significant risk that the Respondent's interests were in conflict with
those of his clients and;
1.6 In breach of Rule 10.01 of the SCC, the Respondent used his position as a solicitor to
take or attempt to take unfair advantage of other persons, being recipients of letters of
claim either for his own benefit or the benefit of his clients;
1.7 [Withdrawn]
Contained in a Rule 7 Statement dated 3 November 2011
1.8 In breach of Rule 1.06 and 5.01 (1) (g) of the Solicitors Code of Conduct 2007 (the
SCC) he failed to take adequate steps to ensure that appropriate technical and
organisational safeguards were in place at his firm to protect against the accidental
loss of personal data and documents.
Documents
2. The Tribunal reviewed all the documents submitted by the Applicant and the
Respondent which included:
Applicant:
Application dated 11 March 2011; Rule 5 Statement dated 11 March 2011 and Exhibit PS1; Rule 7 Statement dated 3 November 2011 and Exhibit PS2; Statement of IMR dated 20 July 2011; Statement of GC dated 18 June 2011;
-
8/3/2019 10726.2011 - Crossley
3/35
3
Statement of APS dated 30 June 2011; Statement of CES dated 1 August 2011; Supplemental bundle including expert report from Primary Key Associates Ltd dated
30 August 2011;
Applicants written opening submissions; Statement of Costs dated 12 January 2012.Respondent:
Respondents trial bundle; Respondents statements and testimonials bundle; Respondents opening synopsis; Letters to DF dated 8 October 2010, 11 November 2010 and 22 November 2010.Preliminary Matter 1
3. Mr Steel, on behalf of the Applicant, made an application under Rule 11 (6) of the
Solicitors (Disciplinary Proceedings) Rules 2007 to withdraw allegation 1.7 against
the Respondent with the consent of the Tribunal. He told the Tribunal that in light of
further evidence that had been supplied by the Respondent, the Applicant accepted
that the letters describing the Respondents client MCAT as a copyright protection
society and as the exclusive territorial licensee of rights granted by the copyright
owner, although misleading, were not deliberately so and could not fairly be described
as a breach of the Code.
4. In addition, Mr Steel told the Tribunal that it had become clear from documents that
were not in the Applicants possession at the time that the Rule 5 Statement wasdrafted that the Respondents client MCAT did not intend to bring further claims and
MCATs new campaign of letter writing using a company known as G Ltd had been
abandoned. This meant that the information contained within the Respondents
witness statement dated 24 January 2011 had been accurate as he understood it at the
time. The Applicant had felt it right to withdraw the allegation against the
Respondent as soon as the further evidence had become available.
5. The Tribunal consented to the withdrawal of allegation 1.7 against the Respondent.
Preliminary Matter 2
6. The Tribunal was told by Mr Steel that the Respondent had now made admissions in
relation to all of the remaining allegations save for allegation 1.8 which remained to
be determined by the Tribunal. This had been confirmed by the Respondent in his
opening synopsis.
Factual Background
7. The Respondent was born on 7 September 1963 and admitted as a solicitor in 1991.
His name remained on the Roll of Solicitors. From February 2006, he practised on his
own account under the style of ACS:Law ("the firm"). The firm subsequently closed
in or about February 2011.
-
8/3/2019 10726.2011 - Crossley
4/35
4
Allegations 1.1-1.6
8. In or around 11 May 2009, the Applicant became aware from articles appearing on
the internet that the firm was acting in a number of proposed claims against members
of the public who were accused of having breached copyright by unlawfully sharing
copyrighted material in the form of either music, films or video games via theinternet. The Applicant had been investigating the conduct of another firm of
solicitors ("Firm A") arising out of essentially the same activities.
9. The Applicant commenced an investigation at the firm on 11 June 2009 which
resulted in the preparation of a Casework Investigations and Operations Report dated
6 May 2010. ("the Report).
P2P File Sharing
10. When an individual decided that he or she wished to access or obtain a computer
game, film or such other material, he or she could acquire the item by purchasing itfrom a retail outlet, or by legally downloading it on the internet or by accessing the
item illegally through a file sharing website, also known as a Peer to Peer (P2P)
website.
11. At all material times there were two main P2P websites which were EMule (or
EDonkey) and BitTorrent.
IP Addresses and Tracking Illegal File Sharing
12. Whenever an individual gained access to the internet from a computer, he or she
would do so via an internet protocol (IP) address. An IP address was usually a 12
digit number and IP addresses were "dynamic" and changed from time to time.
13. If an individual, a household, houses or blocks of flats had computers in them with
wireless access to the internet, it was possible for persons who were not the holders of
a particular IP address to gain access to the internet through the IP address of a
particular individual and to use such access to upload material. It was also possible
for a malicious third party to assume control of an individual's computer using a
"Trojan virus".
14. Between 2006 and 2009 Firm A had developed and pursued a scheme for recoveringcompensation on behalf of copyright holders whose copyright works had been shared
in breach of copyright via the internet. The process involved the obtaining of a
Norwich Pharmacal order from the Court requiring an Internet Service Provider
("ISP") to divulge the name and address of a person whose IP address appeared to
have been used for the downloading of a computer game or other material subject to
copyright, in breach of copyright, and/or the uploading of such a game or other
material on to a P2P website.
Transfer of the claims to ACS: Law
15. Firm A transferred the work relating to four of its clients to the Respondent under anAgreement dated 3 April 2009. The Agreement stated amongst other things:-
-
8/3/2019 10726.2011 - Crossley
5/35
-
8/3/2019 10726.2011 - Crossley
6/35
6
MCAT; and YP
These six clients were referred to as the clients by the Applicant.
17. The Respondent used four companies to provide material to him from the monitoring
of internet addresses. The four companies were L AG (L), DS GmbH (D), NG3
S (NG) and E. These companies accessed P2P sites and, acting as fictitious users
(or peers), pretended that they wished to access copyrighted material. The companies
used their software to make connections with individuals who indicated that they had
data (or part of it) available to be downloaded onto the companies computers. The
companies would then register the download and compare it with the original material
in order to see whether it was copyrighted. The company L provided the Respondent
with the data of alleged infringers in relation to the clients T, RP and T2. The
company D provided the Respondent with data of alleged infringers relating to the
client DP, the company NG provided the data about alleged infringers relating to theclient MCAT and the company E provided the data in respect of potential claims by
the client YP.
18. On 13 May 2009, the Respondent wrote to the Applicant to confirm that;
He had taken over and issued 1,700 Letters of Claim on behalf of RP,T and T2;
He was also retained by DP and would be issuing a further 5,200Letters of Claim;
His firm would be making new applications to Court for orders fordisclosure of IP address owner details in respect of further identified
alleged copyright infringements;
The firm would not be assuming conduct of the files where there wereongoing legal actions;
The firm had "received the computer management systems operated bythe clients to enable us to properly and adequately manage this work
and the accounting system that was created specifically for this workhas also been passed to my firm; and
The firm had inherited staff from Firm A under the TUPE Regulations.The ACS: Law Process
19. The system operated by the firm was similar to that operated by Firm A between 2006
and 1 May 2009. The Respondent entered into agreements with the clients whereby
he would share the sums recovered by writing letters of claim to alleged infringers in
varying percentages with them and with the monitoring companies.
-
8/3/2019 10726.2011 - Crossley
7/35
7
20. The firm would obtain a Norwich Pharmacal Order to require ISP's to disclose to the
firm the name and address of customers who had been allocated the IP addresses that
the monitoring companies L/D/NG/E had identified as used in the P2P file sharing.
21. Once in possession of the names and addresses of alleged infringers, the firm would
prepare and send Letters of Claim. The documentation and evidence provided to analleged infringer Mrs B consisted of:-
A Letter of Claim dated 8 June 2009 demanding that Mrs B paycompensation of 500;
A statement report detailing, amongst other things, the name of the ISPand the IP address;
A copy of the relevant section of a spreadsheet sent to the ISP inrelation to Mrs B's IP address and the spreadsheet received in return;
A document requiring Mrs B to give an undertaking; A payment form.
22. During an investigation visit to the firm on 11 June 2009, the Respondent confirmed
that while, for the first two months of operation, he and his staff had relied on the
expertise and business model prepared by Firm A, he had made stylistic changes to
some of the letters that Firm A had prepared, amending them, for instance, to remove
the reference to an administration fee of 10 where alleged infringers offered to pay
by instalments.
The Clients
RP
23. The client RP claimed that it owned the copyright in a computer game called "TW.
The client had previously instructed Firm A. In common with the other clients, RP
had received the following correspondence from the firm at the outset of the retainer:
A letter entitled "File Sharing An Overview" A retainer letter for non- contentious work A retainer letter for contentious work incorporating a collective
conditional fee agreement ("CCFA")
The only exception to this was the client DP who did not apparently receive the letter
entitled "File Sharing - An Overview".
24. During an inspection visit on 11 June 2009, the Respondent confirmed that the letters
sent to the original four clients (RP, T, DP and T2) had been prepared by Firm A. The
retainer letters for the firm's new clients (MCAT and YP) had been prepared by TT
-
8/3/2019 10726.2011 - Crossley
8/35
8
who was a paralegal in the firm. The letters sent to each of the clients were
effectively the same.
The File Sharing-An Overview letter
25. The letter entitled "File Sharing - An Overview" described the procedure for obtainingnames and addresses from ISPs and for sending Letters of Claim under the heading
"Non- Contentious Work". The letter stated that a Court Order was required to compel
the ISPs to disclose the names and addresses of alleged infringers. The obtaining of
the Norwich Pharmacal Order was described as contentious work which would be
covered by the "Contentious Retainer".
26. The letter also set out that monies collected from infringers would be shared out in
accordance with the "revenue sharing agreement". The clients would be invoiced for
the firm's professional fees equivalent to the share of the proceeds due to the firm
under the revenue sharing agreement. The letter also explained the various types of
contentious work involved in the proceedings, which were described further in thecontentious retainer letter.
The non-contentious retainer letter
27. The non-contentious retainer letter for RP (as for the other Clients) described the non-
contentious work required for the scheme. This included:
Analysing the intellectual property rights in the copyrighted works andconfirming the ownership of those rights;
Obtaining an expert's report from forensic IT experts to identify theISP and IP addresses for each uploader;
Preparing a letter to each ISP to request involuntary disclosure of theidentity of each uploader in question; and
Preparation of a Letter of Claim to each uploader identified togetherwith contractual undertakings. The letter specifically excluded the
work necessary to obtain a Norwich Pharmacal Order and the issuing
of court proceedings against any uploader.
28. The letter also indicated that the firm would receive a percentage of the net
recoveries, defined as:
the amount of damages and costs claimed in each Letter of Claim (see
below) and recovered from each uploader to whom a letter of claim is sent,
less:
1. applicable disbursements... including a court fee (currently 70) in respect
of the Norwich Pharmacal application obtained against all ISPs (in other
words only one court order should be necessary in respect of one batch or
"phase" of data sent to us by your company on any one occasion);
-
8/3/2019 10726.2011 - Crossley
9/35
9
2. each ISPs reasonable administrative and legal costs of complying with the
Norwich Pharmacal Order...
RP would be required to pay a one-off payment for set-up costs of 2,500. The firm
would account to its client for net recoveries quarterly by phase of data (ie. any one
data drop by L ("Phase")) to commence after a minimum of 10,000 of NetRecoveries is available for distribution.
29. In addition, the letter also agreed the amount of costs and damages that would be
claimed in the Letter of Claim to each infringer. In the RP letter, 600 was to be
claimed in respect of films or games and 500 in respect of a musical work. The letter
indicated that the "business model" adopted by the firm would only be effective if a
minimum number of 2,500 unique IP addresses were obtained and it reserved the right
of the firm not to issue Letters of Claim if the number of unique IP addresses obtained
was beneath that figure.
30. The letter also contained an agreement by RP that a minimum of 5 and up to 100 testcases per annum could be brought in the form of taking proceedings against alleged
infringers. It stated:
"This should have the effect of substantially increasing the recovery rate of
payment in any Phase and is therefore an important part of the process".
31. The letter set out the share of the net recoveries between each of the parties. In the
case of RP, the client was to receive 25% of the net recoveries, the firm was to receive
42% and the monitoring firm was to receive 33%. The letter also referred to the
preparation of Letters of Claim and the bringing of test cases.
32. During an interview with the IO on 16 February 2010, the Respondent was asked to
comment as to whether his non-contentious retainer letter which referred to fees being
paid as a percentage of the "net recoveries" was compliant with section 58 of the
Courts and Legal Services Act 1990. This section referred to Conditional Fee
Agreements (CFAs) and stated that a CFA was an Agreement with a person
providing advocacy or litigation services which provides for his fees and expenses or
any part of them to be payable only in specified circumstances. Section 119 of the
same Act referred to litigation services as any services which it would be
reasonable to expect a person who is exercising or contemplating exercising a right to
conduct litigation in relation to any proceedings or contemplated proceedings toprovide. The Respondent indicated that he did not consider that the non-contentious
retainer letters were unenforceable CFAs as the costs/damages figure was a
"compromise" that his clients were willing to accept in order to settle the claim.
33. In a letter to the Applicant dated 11 August 2009, the Respondent stated:
"Our client's offer of compromise is not a precise calculation (although the ISP
charges have been calculated quite precisely, based on the administrative and
legal costs levied upon us by the ISP in question). We are of the firm opinion
that damages and costs are likely to be much greater than the sum offered in
the compromise if the matter proceeds to court and our client succeeds in its
claim. It is nevertheless the sum that our client has instructed us to settle itsclaim early in order to avoid legal proceedings".
-
8/3/2019 10726.2011 - Crossley
10/35
10
34. The Respondent's letter explained that the figure claimed against each uploader in the
Letter of Claim included a combination of factors, namely damages, out-of-pocket
expenses and legal costs including damages for claims for the lost sales of the client's
copyrighted work. The letter confirmed the amount of damages related to the
uploading of the work and making it available to "potentially thousands of people".
The contentious work retainer letter
35. The contentious retainer letter which was signed by RP on 1 May 2009 contained the
following features which were common to the contentious retainer letters sent to all
the clients:
obtaining a disclosure order from the court to compel ISPs to releasethe names and addresses;
challenging any order for costs made against ISPs; commencing proceedings against file sharers, including the issuing of
proceedings in an amount determined by the Respondent;
preparing applications for and obtaining default judgments; drafting and filing defences to any counterclaims made by Defendants; drafting and filing consent orders to withdraw the claim; attending court on applications for summary judgments; preparing for and attending hearings in relation to an enquiry as to
damages;
preparing papers for enforcement of damages and/or costs includinginstructing a bailiff;
In rare cases, preparing for and attending a trial. We do not presentlyanticipate (but cannot guarantee) that more than 1- 2 cases would go to
trial in a sample of about 100 test cases, so the risk is low" and
appealing any decision made by the court against the Claimant arisingfrom the claim made against an infringer.
36. The letter also included the CCFA, which in the case of RP set out the firm's hourly
rate at Schedule 1 and at Schedule 2 explained:
"The pursuit of claims for infringement of copyright against file sharers is a
novel innovation in litigation and is not established in the English Courts."
The success fee was expressed in the agreement to be:
-
8/3/2019 10726.2011 - Crossley
11/35
11
"eighty percent (80%) of the Basic Charges, should the matter be successfully
concluded without the need for a final trial. If the matter is not concluded
more than 3 months prior to the final trial, then the Success Fee shall
thereafter be one hundred per cent (100%).
For the client YP, the letter expressed the success fee as 75% of the Basic Charges if
the matter was concluded without the need for a trial.
37. As at 28 April 2010, the Respondent reported that he had recovered and paid out the
following amounts on behalf of RP:-
Name of Client Money
Recovered
Paid to Client Paid to Monitoring
Company
Paid to Firm
RP 34,866.90 3,519.16 4,645.28 7,628.20
T
38. The client T was said to be the copyright holder for a computer game called "DP 3D.
The retainer letters were signed by the client on the 1 May 2009. The non-contentious
retainer letter for T set out the share of the net recoveries between the parties as 25%
to T, 42% to the firm and 33% to the monitoring company. The costs and damages
agreed with T were 600 for films and games and 500 for music.
39. As at 28 April 2010, the amounts recovered and paid out on behalf of T were as
follows:-
Name of Client Money
Recovered
Paid to Client Paid to Monitoring
Company
Paid to Firm
T 68,127.47 10,880.48 10,881.48 23,551.18
T2
40. The client T2 was said to be the copyright holder for the game called "C of J. The
client care and retainer letters appeared to have been signed by the client on or about 5May 2009. The non-contentious retainer letter set out the share of the net recoveries
between each of the parties as 33% to T2, 42% to the firm and 25% to the monitoring
company. The amount of costs and damages that were to be claimed was agreed at
600 for films and games and 500 for music files.
41. As at 28 April 2010, the amounts recovered and paid out on behalf of each of the
clients was as follows:-
Name of Client Money
Recovered
Paid to Client Paid to Monitoring
Company
Paid to Firm
T 22,474.85 795.93 590.00 2,228.43
-
8/3/2019 10726.2011 - Crossley
12/35
12
DP
42. The client DP claimed that it had acquired a number of "rights owners" whose
products had been violated by file sharing systems. The work involved included films,
music and pornography. On or about 4 May 2009, DP entered into a retainer with thefirm as recorded in letters dated 1 May 2009. The share of the net recoveries for each
of the parties was 50% to DP, 37.5% to the firm and 12.5% to the monitoring
company. The non-contentious retainer letter in fact expressed the share due to the
firm as 50% of the net recovery of which 12.5% would be paid to DP. The amount of
costs and damages claimed on behalf of DP was agreed in the sum of 700 for films
and games and 500 for music files.
43. As at 28 April 2010, the amounts recovered and paid on behalf of DP were as
follows:-
Name of Client Money
Recovered
Paid to Client Paid to Monitoring
Company
Paid to Firm
D 346,607.90 151,625.86 45,060.21 131,048.38
MCAT
44. The company MCAT was owned and operated by an existing client of the Respondent
named LB. The Respondent explained to the Applicant during interview on 16
February 2010 that he had approached Mr B to propose a scheme whereby copyright
owners that Mr B knew could avail themselves of the Respondent's business model in
seeking compensation in copyright claims. The Respondent explained to the
Applicant that Mr B in effect signed up copyright owners and his firm MCAT would
then pursue alleged infringers on their behalf and distribute proceeds to the copyright
holders thereafter.
45. The retainer letters with MCAT were dated 1 August 2009. The agreed split of the net
recoveries between the parties was 35% to MCAT, 52.5% to the firm and 12.5% to
the monitoring company. The amount of costs and damages that it was agreed should
be claimed was 400 for films and the same amount for music files.
46. During interview on 16 February 2010, the Respondent was asked how he arrived at
this figure for costs and damages. He responded:
"It is under instructions from the client. There was again a lot of thought gone
into that and in fact we have actually sent I think what is 100 or so letters out
so far. We have got actually about 2500 letters. We have been instructed to
reduce the amount to it was 540 and we have been instructed to 495. I
think there are two reasons for that. This is on the client's instruction".
47. The Respondent also stated:
" the client wants to bring the figure below 500 because he believes there
is a psychological barrier at 500 that prevents people from paying so he is
-
8/3/2019 10726.2011 - Crossley
13/35
13
trying to optimise revenue on settlement on the basis that it can get below
500 and it's his prerogative to agree to whatever he wants to agree".
YP
48. The various retainer letters and CFA were dated 16 October 2009 and the clientsigned his agreement to the non-contentious and contentious retainers on or about 9
November 2009. The non-contentious retainer letter indicated the split of the net
recoveries between each of the parties would be 40% to YP, 45% to the firm and 15%
to the monitoring company. The non-contentious retainer letter agreed the amount of
costs and damages to be claimed on behalf of YP as 400 for films and 350 for
music files. As at 30 June 2010, the firm had paid YP, AE and MR 29,718.86 as
damages as a result of the letters of claim issued on the clients behalf.
Public concerns and conduct
49. The letters of claim sent by the firm produced a reaction from a number of recipients.As at 9 August 2010, the Applicant had received a total of 511 complaints about the
Respondent and his firm from individuals who had received a letter of claim alleging
breach of copyright. The consumer organisation Which? forwarded a number of
complaints to the Applicant. The complaints in general denied the allegation of
uploading the copyrighted material.
50. From figures provided by the Respondent, as at 30 June 2010, the recoveries made by
the Respondent in his firm as a result of the letter writing on behalf of his clients
were:
(1) 20,323 letters were sent out;
(2) The firm made a total recovery of 936,570.72 out of which the Respondent's
firm received 341,078.92 and
(3) Out of the total number of claims there were 1457 alleged infringers who had
agreed to pay costs or damages in full and 518 infringers who had agreed to
pay costs and/or damages in part.
51. On 5 January 2011, the Respondent notified the Applicant that he was no longer
producing such letters but he was continuing to act in a number of court actionsagainst alleged copyright infringers.
Advice of Counsel
52. Firm A had obtained an opinion from Counsel A M dated 30 June 2008. A copy of
this opinion had been provided to the Respondent as he himself sent it to the
Applicant under cover of a letter dated 11 August 2009. Counsel had provided the
following advice:
(1) that L might be guilty of an offence under the Computer Misuse Act 1990;
-
8/3/2019 10726.2011 - Crossley
14/35
14
(2) that the mere use by a third party of an unsecured wireless router could not fix
the holder of the IP address with liability for copyright infringement;
(3) that an alternative claim against the IP address holder in negligence was
"extremely poor to hopeless, saving cases where, exceptionally, a Defendant
admits letting someone else use his computer/internet access in circumstanceswhere it is obvious or very likely that he will use it to infringe. However
likely a scenario is that?"
53. The Respondent suggested in his documents entitled "Response to letter of report by
SRA dated 28 May 2010" that he did not accept what he called the "wireless defence".
He stated:
"The wireless defence is no longer acceptable and cases are no longer
dropped for this reason. Every submission is considered, triaged and actioned
upon, including dropping cases where necessary. Case law has developed that
places the holder of an internet connection under a greater personalresponsibility than a year ago"
Examples of claims against particular individuals
Mr F
54. In a letter dated 8 June 2009, the Respondent made a claim for breach of copyright on
behalf of his client DP against Mr F relating to alleged unlawful uploading of the film
YHTG. The Respondent sent a pack of materials with the letter dated 8 June 2009
namely:
(1) Statement report;
(2) Extract from a spreadsheet sent to Mr F's ISP;
(3) Extract from a spreadsheet received back from British Telecommunications
plc;
(4) A document entitled "Undertakings";
(5) Payment forms.
The letter referred to a copy of an order made by Chief Master Weingarten dated 12
November 2008 which it was said could be found on the Respondent's website.
55. The Letter of Claim stated:
"Based on the evidence supplied to us, your internet connection has been used
to make the Work available on P2P network (s) in infringement of our client's
copyright and in breach of Sections 16 and 20 of the Act1
1 The Copyright Designs and Patents Act 1998
. Where our client's
Work has been copied onto the hard drive of the personal (or office) computer
used to make the Work available on P2P networks, there will also have been a
breach of the provisions of Sections 16 (1)(a) and 17 of the Act. Our client's
-
8/3/2019 10726.2011 - Crossley
15/35
15
evidence shows you are responsible for committing one or more of these
infringements, either directly or by your authorising (inadvertently or
otherwise) third parties to do the same".
56. The letter included an "offer to settle" whereby Mr F was to pay compensation of
500 and sign a written undertaking promising not to upload, download, makeavailable or otherwise share the Work or permit others to do so using his or any other
internet connection and to delete any copies of the work resident on his computer's
hard drive or saved to disk. The letter described how the settlement figure was
established but did not show any figures.
57. The letter included a section entitled "Next Steps - Payment and Undertakings" which
set out the means by which Mr F could settle the claim. After this section was a
paragraph entitled "Next Steps - Commencing Proceedings" which stated that if
neither the payment nor written undertakings were received within the specified time
period of 21 days then:
"we are instructed to commence proceedings against you, subject to
receiving any submissions you may wish to make to us. If it becomes
necessary to issue proceedings against you, our client will be seeking as a
minimum from you an interim payment on account of damages and will
request the Court to determine the level of total damages and costs which may
be awarded against you and which will reflect the increased costs of taking
proceedings, together with damages that fully reflect our client's loss".
58. The letter indicated that it:
" complies with the Code of Practice for Pre-Action Conduct in Intellectual
Property Disputes (January 2004), a copy of which is available on our
website".
The next section of the letter contained a recommendation that legal advice should be
sought and stated that:
" any response from you (must) be in writing".
59. The letter of claim enclosed a document entitled "Notes on Evidence" which included
a section entitled "Forensic Computer Analyst's Report" which stated amongst otherthings:
"Because of data protection law, the ISP will normally require us to apply to
the Court for a so-called Norwich Pharmacal (or disclosure) order. Full
evidence of the nature of our claim against you is provided to the Court, which
is then invited to order your ISP to disclose your contact details. This enables
us to write to you. On the dates set out in the Letter of Claim, such an order
was made against your ISP, pursuant to which your ISP provided your name
and address some weeks later and we were then able to write to you".
The court had not been provided with details of the claim against Mr F or anyone else.
The court had been provided with evidence that there had been an infringement ofcopyright and that the ISP would know the identity of the person whose IP address
-
8/3/2019 10726.2011 - Crossley
16/35
16
had been identified by the monitoring company in relation to the infringement (the
monitoring company in Mr F's case being D).
60. In section 3 of the Notes of Evidence under the heading "Evidence of Copyright
Infringement", the Respondent stated:
"It is irrelevant for the purposes of our client's evidence how the Work came to
be resident on the computer connected to the IP address in question at the time
of upload and/or making it available on a P2P network. Prior to making the
Work available on P2P networks, it may have been copied from a CD or DVD
ROM (or other medium) or indeed downloaded from either a bone fide
website or obtained through file-sharing on a P2P website, either by you or a
third party using your internet connection. What our client's evidence shows is
that the Work was made available from an internet connection registered to
your name on a certain date and time".
61. Mr F responded in a recorded delivery letter dated 25 June 2009 to the effect that hishousehold contained a number of computer users, none of whom had any knowledge
of the alleged claim. He sent a copy of the letter from the Respondent together with
his reply to the Office for the Supervision of Solicitors under cover of a letter dated
29 June 2009 in which he commented:
As you will see the letter is most frightening, threatening and intimidating
and on first perusing this I thought it was a scam".
62. Mr F received a further letter from the Respondent dated 2 September 2009. The
letter stated amongst other things:
(a) "To date, we have received neither payment nor any response from
you".
(b) " unless we receive payment from you Within seven days from
the date of receipt by you of this letter in compromise of our client's
claim in the sum originally requested, you are at real and immediate
risk of proceedings being issued against you without further reference
or recourse to you".
(c) "You will recollect that the initial compromise claimed was 500.00. Ifit becomes necessary to issue proceedings against you, we shall be
applying for judgment and shall seek an award of damages in an
amount to be determined by the Court, together with an order for an
immediate interim payment of 1,000.00".
63. Mr F responded by recorded delivery post on 7 September 2009 and pointed out that
he had replied to the first letter and that in that earlier letter had denied " all
knowledge of your accusations". He stated that if the Respondent continued to harass
him he would take action under the Protection from Harassment Act 1997.
64. The Respondent wrote again on 9 October 2009 stating:
-
8/3/2019 10726.2011 - Crossley
17/35
17
"To date, we have received neither a satisfactory response, payment, nor an
adequate explanation as to why you are not liable for the acts of copyright
infringement alleged against you The open offer of compromise made in
our original letter to you is hereby withdrawn. We have instructions from our
clients to pursue this matter against you further".
The letter enclosed a Part 36 Notice offering to settle the claim against Mr F in the
sum of 600.00.
65. Mr F responded by recorded delivery letter on 21 October 2009 confirming that he
had no knowledge of the allegations and stating that any further letters would be
forwarded to his solicitors.
Mrs B
66. In a letter dated 8 June 2009, the Respondent made a claim for breach of copyright
against Mrs B on behalf of his client DP relating to alleged unlawful uploading of avideo entitled E-RL. The Respondent enclosed or provided internet links to a pack
of materials similar to those sent to Mr F. In most respects the claim against Mrs B
was similar to that against Mr F. Mrs B's ISP was Tiscali UK Ltd and she was asked
to pay 500.02 as compensation to DP including the ISP costs.
67. Mrs B replied in a letter dated 11 June 2009 in which she stated that:
(a) she and her husband vehemently denied the allegation;
(b) they had never downloaded films of any description, pornographic or
otherwise and would not know how to do so;
(c) they were shocked and offended by the bullying and threatening manner in
which the allegation was being pursued; and
(d) she sought the withdrawal of the allegation and apology for the distress caused
within 10 days;
68. The Respondent replied by letter dated 29 June 2009 in which he stated:
"It is unfortunate that you feel that the letter was written in that tone; it was
certainly not intended to have that effect. However, we are issuing a Letter of
Claim to people holding an internet connection where our client's data supplier
has captured information indicating an alleged infringement of copyright.Consequently, it is necessary to write a letter in a certain way outlining not
only the detail of the work identified, but also the possible consequences and
ultimate actions that could be taken in the event that the matter was to proceed
to litigation
In the circumstances, the matter must be regarded as still live, our enquiries
are continuing and you will be hearing from our file sharing team separately.
On this basis, I do not think an apology would be an appropriate response. It is
to be regretted that you have suffered any distress from the receipt of our
letter, but I am merely acting on instructions following the receipt of specific
data that relates to your IP address".
-
8/3/2019 10726.2011 - Crossley
18/35
18
69. Mrs B received a letter from the Respondent which was dated 2 September 2009 and
which was in the same terms as the letter to Mr F which was also dated 2 September
2009. It threatened proceedings against her in default of payment of the sum
originally requested within 7 days and stated that in the event of such proceedings, an
immediate interim payment of 1,000 would be sought from her.
70. Mrs B replied on 14 September 2009 stating:
(a) the Respondent's letter of 2 September 2009 was inaccurate as she had replied;
(b) she noted that the Respondent had provided no evidence that she was
personally responsible for the alleged infringement or had authorised anyone
else to do so;
(c) she denied any breach of the relevant parts of the Copyright, Designs and
Patents Act 1988 as she had never possessed the work in question, had never
distributed it or authorised anyone else to distribute it;
(d) she asserted that it was impossible to link an IP address to a particular person
or computer without further detailed analysis, which required a level of
expertise she did not possess;
(e) she asserted that she could not be held liable for infringement occurring via
her internet connection without her knowledge or permission.
71. The Respondent wrote again to Mrs B on 28 September 2009 and stated:
" We note the response you have given matches a template response that is
available on the internet. With this in mind we are disinclined to accept at face
value what you have said, as it is simply a generic response.
The open offer of compromise made in our original letter to you is hereby
withdrawn. We have instructions from our client to pursue this matter against
you further.
In absence of anything meaningful to consider from you, our client's stance
will remain unaltered"
The letter enclosed a Part 36 Notice offering to settle the claim for the sum of
600.00.
Mr L
72. In a letter dated 15 April 2010, the Respondent made a claim for breach of copyright
against Mr L on behalf of his client MCAT relating to alleged unlawful uploading of
two videos entitled FBGF5 and FBGF6. With the letter of 15 April 2010, the
Respondent sent a pack of materials and/or references to such materials similar to
those sent to Mr F. In most respects the claim against Mr L was similar to that against
Mr F. In Mr L's case the offer was to pay compensation of 1,200 and to sign a
written undertaking promising not to upload, download, make available or otherwise
-
8/3/2019 10726.2011 - Crossley
19/35
19
share the Work or permit others to do so using his or any other internet connection
and to delete any copies of the work resident on his computer's hard drive or saved.
73. The letter of claim sent to Mr L had been amended to indicate that the Respondent's
firm could be contacted by e-mail or by telephone. Mr L tried to telephone the firm
on 19 April 2010 and found that that there was a recorded message requesting a letterand stating that the firm did not deal with submissions over the telephone.
74. The letter of claim addressed to Mr L did not provide any details of the funding
arrangements with MCAT. Mr L responded by way of a letter dated 19 April 2010 in
which he denied liability for the claim and stated:
(a) that he denied all the allegations;
(b) that the letter had failed to mention that Section 97 (1) of the Copyright
Designs and Patent Act 1988 provided a defence if the Defendant did not
know and had no reason to believe that copyright subsisted in the Work and itwas therefore wrong to suggest that even inadvertent downloading of
copyrighted material was a breach of the Act;
(c) that he required details of how the 1,200 claimed was calculated;
(d) that he required confirmation as to whether the Respondent was instructed
under a conditional fee agreement and if so its date; and
(e) that he was a retired Circuit Judge and regarded the allegation and Letter of
Claim as defamatory
75. On 20 April 2010, Mr L wrote to the Respondent at the address of the firm indicating,
amongst other things, that he would offer the Respondent facilities for an inspection
of the hard drive of his computer by an independent forensic computer expert to be
agreed and to be limited to the allegation made and to the alleged "hit" on 22
November 2009 at 15.51.17 hours and on the basis that the Respondent's client was to
pay the costs of the inspection to be costs in the case in the proposed proceedings.
76. Mr L subsequently wrote chasing letters to the Respondent at the firm's address on 17
June, 25 August and 12 October 2010 but did not receive any response.
77. The Respondent provided an information pack to his own employees on or about 1
June 2009. In the pack, the Respondent recognised that recipients of letters might be
" upset and/or concerned with the infringement being alleged". The notes in the
pack entitled Questions and Answers to Telephone Calls contained the following
passage:
nor do we need to prove the exact identity of the individual who
committed the infringing act. We maintain that an internet account holder is
responsible for his internet connection and therefore liable for any infringing
activity occurring on it. In some cases you will find that the account holder is a
parent of a child who has committed the act, or a person sharing a house or flatwith others who has the internet registered in their name. Some cases will
-
8/3/2019 10726.2011 - Crossley
20/35
20
involve individuals who have not properly (or at all) secured their wireless
networks and thus allowed (either deliberately or negligently) a person or
persons known or unknown to commit the infringement. Again, we believe
that these people remain responsible for the infringements that we have
evidence of.
78. During an interview with the Applicant on 16 February 2010 and in his
correspondence about the matter, the Respondent denied that he had committed any
breaches of duty or that he or his firm were treating those who had not themselves
uploaded materials, but whose IP addresses appeared to have been so used, as being
strictly liable for alleged copyright breaches.
Allegation 1.8
79. On 27 September 2010, the Respondent wrote by e-mail to the Information
Commissioner's Office ("the ICO") informing it:
that I have been the subject of a serious criminal attack against my website
and email host. For reasons that are still unclear, my web-host was subject of
(sic) an orchestrated and sophisticated attack by a pro-piracy group. As a
result of this attack, I regret to inform you that a batch of e-mails received into
and sent from my email account has been exposed from our web-host
company and then leaked onto the internet I can confirm that my own
server, internal systems and documentation held by me were not attacked or
compromised in any way. It was only emails between May and August this
year and was as a result of the severe attack and breakdown of my hosting
companys security. This company is called DF, who I had a contractual
relationship with at all material times.
80. A file containing all the e-mails from the accounts of the firm was made publicly
available on the internet. The e-mails contained personal and sensitive personal data
relating to at least 6,000 individuals. The ICO conducted an investigation which
culminated in a decision to issue a Monetary Penalty Notice ("the Notice") to the
Respondent under Sections 55A and 55B of the Data Protection Act 1998. The Notice
was dated 9 May 2011.
81. The Notice described how the firm managed its data, which included data about those
subject to claims for alleged infringement of copyright. Some of the correspondencefrom those individuals and other material held by the Respondent relating to the
claims contained data concerning their sexual life, health or financial status.
82. The Notice described how the Respondent had a contract with its web-host (DF) for
internet and e-mail services which was described as a "home" web-hosting package at
a cost of 5.99 per month. The Notice observed:
It is clear that this package was not intended for significant business use.
Further, the "shared server" package provided by the web-host did not appear
to provide any guarantees to the data controller [the Respondent] in relation to
the security of the personal data
-
8/3/2019 10726.2011 - Crossley
21/35
21
83. The Notice referred to a report commissioned by the Respondent entitled "Business
Systems Review" dated 11 October 2010 and which considered the firm's IT systems
and processes. The Notice concluded that the Respondent had failed to take
appropriate technical and organisational measures against the accidental loss of
personal data in breach of the Seventh Data Protection Principle, paragraphs 11 and
12 at Part II of Schedule 1 to the Data Protection Act 1998. The contravention was, inthe view of the ICO, of a kind likely to cause substantial damage or substantial
distress, given the nature of the personal and sensitive data held about individuals'
financial and personal circumstances. The Notice indicated that were it not for the
Respondent's representations about his limited means, a penalty of 200,000 would
have been imposed.
84. On 23 May 2011, the Applicant wrote to the Respondent seeking his explanation of
the matters raised by the ICO report. The Respondent replied in a letter dated 23 June
2011 and suggested that the investigation and the fine imposed by the ICO against
him and his firm were " flawed and erroneous" and that he was appealing the
decision. He stated that the unauthorised disclosure of data held by his firm occurredas a result of reasons that were out of his control. He further asserted that his
representations to the ICO achieved a reduction of the "fine" from 200,000 to 800
and that this reduction was not " solely because of my financial predicament". The
security breach itself had been as a result of what the Respondent described as a "
criminal attack by cyber terrorists" and that "No data held by my firm was
disseminated, lost, destroyed, leaked or otherwise mismanaged by me, my firm or any
employee.
85. After the cyber attack on his business, the Respondent commissioned an unnamed
independent business systems analyst to review his IT systems. The business analyst
stated that:
The cyber attack launched against ACS Law was directed at your External
Services ONLY and given the strength of the attack and the group responsible,
it is unlikely that even the largest corporate IT, or even possibly a government
agency, could have survived it without losing some data.
Sadly, this is something that could happen to any business and small
businesses are very vulnerable as your business IT is the same model most
used. I would say that an attack of this nature on the small business is unusual
and is essentially easy pickings for this type of cyber terrorist.
86. The analyst had described the existing network environment at the firm as follows:
Therefore beyond a simple networking infrastructure, which allows "access
to all and everything", the data provided and shared was without security or
the use of encryption. This business environment, which includes the date of
providers and manipulators, was vulnerable to attack at any part of the process
of exchange.
The analyst had also commented:
-
8/3/2019 10726.2011 - Crossley
22/35
22
Until October 4 2010, ACS Law had operated as an open IT environment to
the extent that, except for password protection on desktop computers and
email and business related applications, no consideration has been given to
any other aspects of protection. Essentially all employees had open access to
all data and the receipt and transmission of emails and data was handled, in
almost all cases, with no protection such as encryption.
87. The analyst had also reported that:
the information I have is that on, or around, the 24th September, emails
were removed from the DF cPanel email service during a denial of service
(DOS) attack by parties unhappy with your business activities. These emails
included a lot of personal and internal emails, as well as spreadsheets of data
provided to ACS law by its suppliers and passed on, through the email system
you had in place, to one of your remote workers with further manipulation.
88. The analyst had also referred to the terms and conditions of DF, the Respondentsformer web-hosting company. Under the heading Limitation of Liability it stated
that:
You agree that DF will not be responsible for any losses that may occur
where Services are accessed by third parties through illegal or otherwise
unauthorised means, including but not limited to, situations where data is
accessed through the exploitation of security gaps, weaknesses or flaws
(whether known or unknown to DF at the time) which may exist in the
Services or in DF's equipment used to provide the Services.
The review dated 11 October 2010 made over 20 recommendations, including the
installation of a firewall and access control.
89. On 4 August 2011, an authorised officer of the Solicitors Regulation Authority
(SRA) decided to include the matter within the ongoing disciplinary proceedings
against the Respondent.
Witnesses
90. None.
Findings of Fact and Law
91. The Tribunal determined all the allegations to its usual high standard of proof, that is
beyond reasonable doubt.
Allegation 1.1. In breach of Rule 1.03 of the Solicitors Code of Conduct 2007
("the SCC") allowed his independence to be compromised;
Allegation 1.2. In breach of Rule 1.04 of the SCC the Respondent acted contrary
to the best interests of his clients;
-
8/3/2019 10726.2011 - Crossley
23/35
23
Allegation 1.3. In breach of Rule 1.06 of the SCC, the Respondent acted in a way
that was likely to diminish the trust of the public places in him or in the legal
profession;
Allegation 1.4. In breach of Rule 2.04(1) of the SCC, the Respondent entered
into arrangements to receive contingency fees for work done in prosecuting ordefending contentious proceedings before the Courts of England and Wales
except as permitted by statute or the common law;
Allegation 1.5. In breach of Rule 3.01 of the SCC, the Respondent acted where
there was a conflict of interest in circumstances not permitted under the Rules,
in particular because there was a conflict or significant risk that the
Respondent's interests were in conflict with those of his clients;
Allegation 1.6. In breach of Rule 10.01 of the SCC, the Respondent used his
position as a solicitor to take or attempt to take unfair advantage of other
persons, being recipients of letters of claim either for his own benefit or thebenefit of his clients;
91.1 Mr Steel, on behalf of the Applicant referred the Tribunal to his written Opening
Submissions in relation to these allegations. He confirmed that he relied upon these
Submissions in their entirety. The allegations concerned the Respondents conduct in
the pursuit of claims, and making demands for payment, between May 2009 and
January 2011 against over 20,000 individuals whom he alleged to have used P2P
networks to share copyright material belonging to six of his clients in breach of the
Copyright Designs and Patent Act 1988 (CDPA).
91.2 It was the Applicants case that there had been a real risk that the process carried out
by the Respondent would misidentify the account holders to whom the IP addresses
were allocated at the time of the alleged uploading and the Respondent ought to have
taken the risk of misidentification into account when he had written to the alleged
infringers.
91.3 In addition, it was alleged that even if an IP address was correctly identified as the
source of uploading, it did not follow that the person or entity to whom the address
was registered was guilty of breaching copyright. The reasons for this were that:-
(1) The person to whom the IP address was registered might not have been theperson actually uploading copyrighted material. Premises might have had
multiple internet users, or there might have been wireless internet connections
through which others might have accessed the internet, or hackers might have
used the connection;
(2) Further or alternatively, uploading might not have been of the whole or a
substantial part of the copyright work so that no breach of copyright actually
occurred.
91.4 In order for the Respondents clients to establish liability against the recipients of the
Letters of Claim, they needed to prove that the IP address holder had either personallydownloaded or made available the whole or a substantial part of the clients copyright
-
8/3/2019 10726.2011 - Crossley
24/35
24
material or had authorised another to do so in accordance with Sections 16 and 20 of
the CDPA 1988 (emphasis added). The Letters of Claim and subsequent
correspondence were designed to lead the recipient to believe that he or she was liable
for copyright breach, regardless of any personal involvement in the alleged uploading
or breach. Put simply, the Respondent had targeted and pursued IP address holders
whose addresses were provided by the ISPs.
91.5 It was the Applicants case that the Letters of Claim and subsequent correspondence
to the alleged infringers were misleading in a number of respects and were calculated
to pressurise or intimidate the recipients into paying the settlement sum demanded
regardless of whether or not they were liable for the alleged infringement(s). As a
result of the letter writing campaign, the Respondent had received payments from
alleged infringers totalling at least 936,000 and had received for himself at least
341,000.
91.6 The Respondents conduct in connection with the file sharing claims had resulted in:-
(1) A large number of letters of response from recipients of the Letters of Claim,
their legal representatives and/or MPs denying any wrongdoing and describing
the distress and suffering that the Respondents conduct had caused them;
(2) At least thirty individuals making complaints to the consumer magazine
Which?
(3) Widespread criticism on the internet with a number of forums having sections
entirely devoted to the discussion of the Letters of Claim sent by the
Respondent.
(4) In excess of 500 complaints that had been sent directly to the Applicant.
Letters of Claim Generally
91.7 It was the Applicants case that the Respondents duty to act in his clients best
interests in the conduct of the file sharing claims was at all times tempered by his
obligations to third parties. This included the duty set out at Rule 10.01 of the Code
which prevented the Respondent from using his position to take unfair advantage of
anyone, either for his own benefit or for that of his clients.
91.8 The Tribunal was referred to the case of Media C.A.T Limited v Adams and Others
(2011) EWPCC 6 in which HHJ Birss QC had considered the Letters of Claim written
to alleged file sharers by the Respondent and had stated:-
A claimant or potential claimant in a civil case is not required by law to write
a mealy mouthed or apologetic letter to a potential defendant. Robust
correspondence between lawyers and sophisticated parties is part of the legal
process. However, letters which deal with issues of the complexity of the ones
arising in this case need to be considered very carefully if they are addressed
to ordinary members of the public.
-
8/3/2019 10726.2011 - Crossley
25/35
25
91.9 It was the Applicants case that the Letters of Claim sent by the Respondent were
misleading, overbearing and drafted so as to intimidate the recipients into paying the
settlement sum demanded and to provide the requested undertakings regardless of
whether or not they were liable for the alleged infringement and regardless of whether
or not the clients could properly claim the sum demanded.
91.10 The Letters of Claim generally began by identifying which of the clients the
Respondent was acting for and then asserting that the client was a copyright
protection society and exclusive licensee of rights in the work in question. The
Tribunal had been asked to consider the Letter of Claim sent to Mr L on behalf of the
client MCAT by way of example. In the Media C.A.T case, the Judge had indicated
that this was not true of MCAT and it was the Applicants case that neither was this
true of the Respondents other clients. The Judge had stated:-
The claimant Media C.A.T has claimed at various stages to be (i) a copyright
protection society (whose members are the owners of the copyright in the
works), (ii) the exclusive territorial licensee of rights in the work and (iii) torepresent the owners of copyright or exclusive licensees of that copyright. It is
none of those
91.11 It was the Applicants case that the Respondent had failed to reveal to the recipients
of the letters that the monitoring companies would be receiving a large percentage of
any payment and therefore had a financial interest in the claim. In addition, the
Letters of Claim gave the misleading impression that making any part of the copyright
work available, however miniscule, was a breach of Section 20 of CDPA 1988. In the
Letter of Claim to Mr F for example it was stated in the section entitled Evidence:
Our client is in possession of evidence that on the following UK date(s) and
at the following time(s), all or part of the Work was made available from the
named internet protocol (or IP) addresses...
The Respondent was aware that in order to bring a successful claim, his clients
needed to establish that the whole or a substantial part of the copyright work had been
made available, and yet the Letters of Claim made no mention of this. The letters
therefore gave the misleading impression that there was no requirement to establish
that a substantial part of the copyrighted material had been infringed.
91.12 Many of the Letters of Claim stated that the Respondents client had evidence that therecipient had made the copyright available when it did not. By way of example, the
Letter of Claim to Mr L stated in the section entitled Evidence:
Our client is in possession of evidence that on the following UK date(s) and
at the following UK time(s) ... the Work was made available... specifically for
the purpose of being provided to third parties...
and continued:-
...Our client holds you responsible for committing these infringements...
-
8/3/2019 10726.2011 - Crossley
26/35
26
Neither MCAT nor the Respondent had evidence that the Work had been made
available. They had a report from the monitoring company which showed that its
software had captured pieces of the two pornographic videos being made available
from an IP address at a particular second in time.
91.13 The Letters of Claim also gave the misleading impression that a recipient was liablefor a breach of Section 16 and/or 20 of CDPA 1988 if his or her IP address was used
unlawfully by a third party to make a copyright work available in circumstances
where the recipients had not knowingly authorised the infringement. The Tribunal
was referred to the section entitled Unlawful Act and Consequences in the letter to
Mr L by way of example. In addition, the Notes on Evidence which was available
on the firms website and to which the Letters of Claim referred in the Evidence of
Copyright Infringement section, led readers to conclude that they would be strictly
liable for the fact that their IP address had been used for the uploading of a
copyrighted work even in circumstances where they had not authorised the copyright
infringement.
91.14 It was the Applicants case that the Respondent did not have any evidence as to who
had made the work available. He merely had the IP address through which it was
made available. If the alleged infringer lived with a number of others who also used
the IP address and/or had an unsecured or poorly secured wireless network, then
there were many individuals other than the alleged infringer who could have made
the work available. The Respondent was aware of this, not least because he had
received the advice of Counsel AM which had been given to firm A and which had
addressed this very point.
91.15 The Letters of Claim emphasised the severe financial consequences that recipients
faced if they did not settle the claim and subsequently lost at trial. By way of
example, in the Letter of Claim sent to Mr F, the Respondent had stated:-
Should it be necessary to bring a claim against you for copyright
infringement, the legal costs of those proceedings are likely to be substantial...
This means that should you lose any action our client takes (against you) you
will be liable for our clients costs and vice versa. Costs in an action such as
this can mount to several thousand pounds...
The sum of money claimed is not the amount that would be claimed in the
event that our client commences proceedings against you. Damages and costsare likely to be much greater than this sum...
The Respondent placed a heavy emphasis in the Letters of Claim on the financial risk
that recipients would take by not paying the settlement sum. This, together with the
statements about the strength of the clients evidence was intended to pressurise and
intimidate an alleged infringer into paying the settlement sum demanded regardless of
whether he was liable or liable for damages.
91.16 The Letters of Claim offered the recipient the opportunity to avoid legal action if
they provided two signed undertakings and paid compensation to the Respondents
clients for their losses including a contribution to their costs to date. The amount ofthe compensation demanded was generally in the region of 500 - 600 plus ISP
-
8/3/2019 10726.2011 - Crossley
27/35
27
costs. The settlement sums demanded were not based on any or any genuine
assessment of the damages and costs for which recipients were liable. In interview
with the IO on 16 February 2010, the Respondent had stated:-
...actually I decided to take a more broad brush approach to this now and
simply said our client is prepared to compromise his claim in receipt of 540or 495 whatever the figure is going to be, and thats what it is and we
believe the damages would be more in court, as simple as that. I dont think
we need to quantify how the compromise amount has been arrived at other
than to say its the amount our client is prepared to settle at to avoid a claim.
91.17 It was the Applicants case that the sums were arrived at:-
(1) To make the scheme viable for the Respondent and his clients;
(2) To encourage recipients to settle;
(3) To act as a deterrent to future illegal file sharing; and
(4) Included a sum to cover costs which had been charged by ISPs to carry out
searches for names and addresses other than those to whom Letters of Claim
were sent.
The Respondent had made no or no genuine attempt to ensure that it was properly
arguable that each alleged filesharer was liable for the settlement sum claimed.
91.18 The Letters of Claim failed to provide a breakdown as to how the settlement sum was
reached, despite this being a requirement of the Practice Direction on Pre-Action
Conduct and despite many alleged infringers requesting a proper breakdown of
damages and costs. The Letters of Claim demanded receipt of the settlement sum and
undertakings within 21 days and threatened proceedings if payment and the
undertakings were not received in that time. It was the Applicants case that 21 days
was an extremely short period of time for alleged infringers to digest the large amount
of technical information sent by the Respondent, investigate the allegations, take legal
advice and reach a view as to whether or not to pay the sum and provide the
undertakings demanded.
91.19 The Respondents assertion that he was instructed to commence proceedings was
misleading as he did not, in fact, have instructions from the clients to commenceproceedings in the event that the alleged infringers did not pay the sums or provide
the undertakings demanded. The retainers with DP, RP and T2 specifically excluded
the issue of proceedings.
91.20 The Notes on Evidence referred to in the Letters of Claim had stated that the ISP
would normally require the firm to apply to the Court for a Norwich Pharmacal (or
disclosure) Order and that full evidence of the nature of the claim had been provided
to the Court. It was the Applicants case that this was misleading. The Court had not
been presented with full evidence of the claim against the recipient. Instead, the
Court had been given evidence that an IP address which the ISP stated had been
allocated to the recipient at the relevant time had been used to upload a piece of the
-
8/3/2019 10726.2011 - Crossley
28/35
28
copyright work. The Tribunal were referred to the Media C.A.T case in which the
Judge had stated:-
Lay members of the public will not know the intricacies of the Norwich
Pharmacal jurisdiction. They will not appreciate that the court order is not
based on a finding of infringement at all
91.21 It was suggested by the Applicant that the Letters of Claim and enclosures had been
drafted in a way that was likely to deter recipients from taking independent advice.
Recipients had a very short amount of time to digest the Letters of Claim and
enclosures and seek legal advice. This short timeframe, together with the threat that
costs and damages would increase if the Respondent had to issue proceedings was
likely to cause many recipients to conclude that it would be less expensive to pay the
sum demanded than seek legal advice. In addition the Respondent did not give an
unconditional recommendation that recipients should take legal advice. In the final
section of the Letters of Claim, the Respondent had stated:-
If you are in any doubt about the contents of this letter and its seriousness...
then legal advice should be taken.
In addition, section 8 of the Respondents Notes on Evidence entitled Use of Our
Documentation stated:-
please note that the information and documents contained in this letter are the
copyright of ACS:Law. Any unauthorised use, e.g. posting on websites and
fora will render the persons responsible liable to ACS:Law for copyright
infringement, in addition to any liability which may be owed to our client for
the same. Further action, in addition to that contemplated in this letter, may
result.
This statement was likely to deter recipients from showing the Letters of Claim or
attachments to legal advisers for fear of receiving a further claim for breach of
copyright.
91.22 It was the Applicants case that the Respondents Letters of Claim did not comply
with the provisions of the Civil Procedure Rules (CPR). The Respondent had
incorrectly stated that his Letters of Claim complied with the Code of Practice for Pre-
Action Conduct in Intellectual Property Disputes (January 2004) and the Tribunalwere referred to the letter to Mr L dated 15 April 2010 by way of example. In fact,
there was only a draft Code in place but this had not been adopted by the Court.
Instead, the Practice Direction on Pre-Action Conduct was in force and provided,
amongst other things, that the Letter of Claim should provide an explanation as to
how the amount of any financial loss had been calculated and refer the recipient to the
Practice Direction. The Letters of Claim sent by the Respondent did neither of these
things.
91.23 The Letters of Claim did not even comply with the draft Code of Practice which
stated that the Letters of Claim should give details of any funding arrangements
entered into. The Respondent did not disclose the funding arrangements with any ofhis clients in any of the Letters of Claim. Had the letters done so, the Respondent
-
8/3/2019 10726.2011 - Crossley
29/35
29
would have been obliged to reveal that he was interested in the proceeds of the claim
as he was the recipient of the largest share.
Subsequent Dealings with Alleged Infringers
91.24 It was the Applicants case that many of the subsequent letters that the Respondentsent to alleged infringers were compiled by non admitted staff and were based on
precedents/templates and ignored specific points that had been raised by individuals.
In addition, the letters were said to be misleading and overbearing and calculated to
intimidate the recipients into paying the settlement sum demanded regardless of their
liability. The letters sent to alleged infringers frequently failed to address specific
issues raised by them. For example Mr F had stated:-
I was extremely anxious on receiving this further letter, and I responded to
ACS:Law by way of letter dated 7 September 2009. They completely ignored
my first letter to them.
91.25 Although the Respondents firm had dealt with alleged infringers who telephoned in,
the internal guidance to the Respondents staff demonstrated that there was no real
intention to engage with recipients of letters who disputed the claim against them.
Instead, staff were under instruction to pressure recipients into paying up regardless of
their liability and even in circumstances where they clearly would not be liable. The
internal guidance stated for example:-
Explain in a nice gentle manner to those people whose children may have
done it that they cannot hide, we will find the truth and come after them.
Fee Arrangements
91.26 It was the Applicants case that the Respondent had entered into unlawful and
unenforceable contingency fee arrangements with his clients which provided him with
a significant and in respect of every client save one the largest financial interest in
every claim. The Respondent therefore had a financial interest in persuading as many
alleged infringers as he could to pay the settlement sum demanded with as little
investment of staff time and effort as possible.
91.27 The Applicant asserted that by entering into the non-contentious retainers, the
Respondent had entered into unlawful contingency fee arrangements, in breach ofRule 2.04 (1) of the Code which prohibited contingency fees for work done in
prosecuting or defending contentious proceedings except as permitted by statute or
common law. The Tribunal were reminded that Rule 24 of the Code defined a
contingency fee as any sum (whether fixed, or calculated either as a percentage of
the proceeds or otherwise) payable only in the event of success. The retainers
provided that the Respondent would receive a percentage of the damages and costs
recovered from alleged infringers and so were contingency fee agreements. Payment
of the Respondents fees in respect of the claim was contingent on the alleged file
sharer making the payment.
91.28 The Respondent had claimed that the Applicant was wrong to assert that the retainerswere an unlawful contingency fee arrangement as he contended that the retainers were
-
8/3/2019 10726.2011 - Crossley
30/35
30
for non contentious business. It was the Applicants case that obtaining evidence
from the monitoring companies, preparing, issuing and attending applications for
Norwich Pharmacal applications and writing Letters of Claim was clearly work done
for the purposes of proceedings and therefore fell within the ambit of contentious
business as defined by the Solicitors Act 1974. Furthermore, the Respondent must
have been aware himself that preparing, issuing and attending the hearings ofNorwich Pharmacal applications was contentious business as he had included this
work in his contentious retainers. The retainer for RPs non contentious work
expressly stated that it did not include preparing, issuing and attending hearings for
Norwich Pharmacal applications because that work was covered by the Respondents
contentious retainer. It was suggested that the Respondent was attempting to
engineer contentious business to be non contentious in order to give the appearance
of legitimacy to the large contingent fees that he was charging.
91.29 In summary, it was the Applicants case that due to the Respondents financial interest
in the file sharing claims, he had allowed his independence to be compromised and
had not acted in the best interests of his clients. He had not enquired into the validityof any individual claim and had not consulted his clients when problems had arisen in
the way in which he was conducting claims. He had persisted in the pursuit of claims
in circumstances where it had damaged or was likely to damage the reputation of his
clients and where it was in his personal as opposed to his clients interests that the
claims be maintained.
91.30 The Respondents actions were likely to diminish the trust which the public placed in
him as a solicitor and in the legal profession. It had been incumbent upon him to deal
with unrepresented members of the public in a scrupulously fair way and in particular,
he should have ensured that his Letters of Claim were entirely accurate. Instead, the
letters had been misleading and drafted so as to intimidate lay members of the public
into paying the sum claimed regardless of whether or not they were in fact liable for
the infringement alleged. The Respondents actions had become the subject of
widespread public concern. This could be gauged by reference to the letters from a
number of MPs who had complained on behalf of their constituents as well as the
number of complaints that the Applicant had received about the Respondent. There
had been widespread coverage of the matter in the media and representations had
been made to the Applicant by the consumer organisation Which? The Respondent
had an obvious self interest in recovering revenue from alleged infringers and in those
circumstances there was a conflict of interest between the Respondent and his clients.
91.31 The Tribunal considered that the allegations had been substantiated against the
Respondent and indeed the Respondent had admitted the allegations.
92. Allegation 1.8. In breach of Rule 1.06 and 5.01 (1) (g) of the Solicitors Code of
Conduct 2007 (the SCC) he failed to take adequate steps to ensure that
appropriate technical and organisational safeguards were in place at his firm to
protect against the accidental loss of personal data and documents.
92.1 In addition to referring the Tribunal to his written submissions, Mr Steel stated that it
was clear, even on the basis of the Respondents own expert evidence, that fairly basic
matters had not been dealt with in relation to the safekeeping of documents and assetsentrusted to the firm. Mr Steel maintained that the provisions of Rule 5.01 (1) (g) of
-
8/3/2019 10726.2011 - Crossley
31/35
31
the Code must include documents held electronically and he suggested that the
Respondent had failed to comply with his duty resulting in the loss of sensitive
personal data. In addition, the Respondents failure to take steps to protect the
electronic data held by the firm was also likely to undermine the trust the public
placed in the profession as a whole.
92.2 There was no dispute that documents containing confidential material and/or sensitive
personal data had been leaked following a Distributed Denial of Service (DDOS)
attack on the firms website by an on-line group of activists. Following the DDOS
attack, the Respondent had obtained a report from an unnamed independent business
systems analyst who had been critical with regard to the lack of IT security at the firm
and who had made over twenty recommendations, including basic fundamental
measures required in a business of this sort, such as the installation of a fire wall and
access control. In addition, the ICO had imposed a monetary penalty against the
Respondent for a serious contravention of the Data Protection Act.
92.3 In his submissions to the Tribunal, the Respondent denied that the data leak hadoccurred through any fault of his own or through any one of his employees. He had
conceded in his report to the ICO that there had been some deficiencies but in his
view, these were insufficient to result in the leak of data from his offices.
92.4 The Respondent emphasised to the Tribunal that prior to the data leak, he had always
been very security conscious. He had chosen a secure building and had systems in
place to ensure physical security at the firm as well as the security of electronic data.
He told the Tribunal that the data leak had been the result of a criminal act by cyber
terrorists. He stated that the group concerned had brought down the website of the
Swedish government and interrupted various credit card operations. He had been
another of the groups victims.
92.5 The Respondent explained that there had been a DDOS attack on his web and his mail
hosting ISP who were DF. A backup of emails had been collated in the shared server
allocated to the firm by DF. This had not functioned correctly and upon realising this,
the Respondents office manager had contacted DF and requested that the back up be
deleted and he would then create a separate back up. When the office manager
checked, he could find no sign of the original back up and so believed that it had been
deleted. In fact, an error had been made by DF and the original back up was still in
their system.
92.6 The Respondent stated that he could not have known that the original back up had not
been deleted. There was nothing that he could have done to prevent the data leak,
either in his capacity as a solicitor or as a data controller and he suggested that it
could have happened to anyone. He intended to pursue a claim for negligence against
DF. He did not know that the data had been in his control as he had mistakenly
believed that it had been deleted by DF. There had been no client complaints and
when he had learned of the data leak, he had reacted swiftly and taken all necessary
steps to limit the damage. He told the Tribunal that it was unheard of for any law firm
to be attacked in this way and he believed that he would have survived the attack if
DF had deleted the back up data. He accepted the nature of the strict liability of the
rules governing data under the Data Protection Act. However, he denied theallegation that had been made against him on the basis that the documents and
-
8/3/2019 10726.2011 - Crossley
32/35
32
material that were in his control had remained intact. He expressed deep regret to the
Tribunal that the data leak had occurred but stated that there was nothing that he could
have done to prevent it.
92.7 In answer to a question from the Chair about the alleged inadequacy of the
Respondents IT protection, he denied that his home web hosting package wasunsuitable for business use. He told the Tribunal that the package offered the same
level and extent of security as the business package and stated that the criticism
levelled against him in this regard was misplaced.
92.8 The Tribunal considered that the essential issue was whether the Respondent had
taken the necessary measures to ensure security in the first place. The Respondents
own expert had been critical of the lack of IT security at the firm. The Respondents
failure to put in place a fire wall which was the most basic and obvious security
requirement was evidence of a failure to take the steps necessary to provide adequate
protection against the loss of personal data. This was particularly important given the
specialist and technical area in which the Respondent was working and which washighly likely to provoke such an attack.
92.9 The Respondent practised in the area of IT and should have had the knowledge and
foresight for this kind of attack. The use of a home web hosting package (which
failed in any event) was inappropriate, inadequate and put confidential data at serious
risk. The terms and conditions of his contract with DF were inadequate and failed to
provide appropriate technical and organisational safeguards which unfortunately
resulted in a serious breach of data protection. In all the circumstances the Tribunal
found the allegation substantiated against the Respondent.
Previous Disciplinary Matters
93. There had been a previous disciplinary finding against the Respondent in case number
8654/2002 which was heard on 31 October 2002. It had been ordered that the
Respondent be suspended from practice for an indefinite period to commence on 31
January 2003 but should he regularise his position and file his outstanding annual
accountants report with The Law Society by that date then the sanction imposed
upon him would be that of a reprimand and not a suspension. There had been a
further disciplinary finding against the Respondent in case number 9346-2205 which
had been heard on 2 February 2006. The Respondent had been ordered to pay a fine
of 1,000.
Mitigation
94. The Respondent told the Tribunal that he regretted his failings in relation to the data
leak. He said that he had spent 20,000 to shore up the firm but regrettably this had
been too late. He considered that the leak would have happened anyway but hoped
that the Tribunal would accept his apology. He reminded the Tribunal that he had
conceded liability in relation to the other allegations against him.
95. The Tribunal were referred to a letter from Mr W who had been one of the
Respondents clients. The Respondent sta