Currently BPI have a three stage approach to stopping this activity:
Step One: Advice/Letter Sent out
At this stage the BPI send out a letter to the suspects. So far Virgin have sent out over 800 letters. These letters can only be be written with the assistance of the ISPs, who will provide information relating to the IP addresses collected.
Step Two: Suspension
If a customer’s account is identified a second time, their account is suspended. The customer is asked to sign a written undertaking stating that their account will not continue to be used illegally, and that they understand that further illegal use of that account may result in the cancellation of their contract. The account remains suspended until the undertaking is returned.
Step Three: Contract Cancellation
If a customer’s account is identified a third time, their contract with the internet service provider is cancelled, in line with the terms and conditions outlined in the contract
At this point the ISPs, along with BPI, will have had some very detailed monitoring of what the individual was uploading when and at what time.
The BPI state they identify the file sharers in the following way: “There is no “spying” under three-step: the evidence collected by the BPI is in fact made available by any uploader to in the normal course of using a p2p network. There is no “policing” by the ISP: it is the BPI, and not the ISP, who collects this evidence. Nor does the process raise “data protection issues”: no personal customer information is collected by the BPI in this process, nor is it requested by the BPI.“
If this is correct then this means that BPI are logging onto networks like E-Mule, Kazza, E-Donkey, etc, and downloading music. They then ID the IP address of the computers providing each song, pass the IP address to the ISP and let them write the letter.
If this is true, the tools provided by sites like BlueTack will help defeat BPI.