Chinese Courts recognize remote forensics in software copyright infringements

In a dispute over infringement of computer software copyright against pirated software, the essential for the lawsuit is to prove that the infringer has installed and used the pirated software in the business operation. However, China has no discovery procedure. Since the software involved in the case is often installed on servers or computers controlled by the infringer and placed in business premises that are not open or accessible to the public, it is very challenging for the right owner to enter the business premises of the infringer and complete the forensics.

In judicial practice, the main method used in software copyright infringement case is filing application to the court, requesting the judge to go to the infringer's premises to preserve the evidence of the equipment and obtain key evidence of infringement.

In the Guidelines for Hearing Infringement of Copyright Cases of the Beijing High People's Court, which came into effect on April 20, 2018, it is mentioned that the method of remote forensics can also be adopted in end-user cases and that the evidence obtained through remote forensic methods shall comply with the provisions of the Civil Procedure Law . The 2021 promulgated Guidelines on Rules of Evidence for Civil Litigation on Intellectual Property of the Beijing High People's Court also reiterates that "in the investigation of evidence collection ...... according to the specific situation, remote forensics can also be adopted". This indicates that the court approves the way of remote evidence collection in software infringement cases.

In current practice, how is remote forensics/remote evidence collection used? Can it help right owners obtain infringement evidence more conveniently?

For specific types of software, it is possible to form infringement evidence admissible by the People's Court through conducting remote forensics in the presence of a notary office. This specific type of software is mainly the software designed to achieve remote access, such as "server-side mail server software" and FTP software (this software allows users to connect their own computers to other servers running the FTP protocol, so that users can easily access the programs and information on the server). Based on the specificity of the above-mentioned software functions, one can remotely detect a web server's installation of such software through a very common computer command - the Telnet command.

Specifically, if a computer connected to the Internet enters a command and a URL, the web server may automatically return a message with the name of the software if it is indeed installed. If the website owner cannot prove that its commercial use of the software is authorized by the rights owner, it may be deemed to have installed pirated software.

However, this Telnet forensic method still has technical limitations, as the feedback information only reflects the name and version number of the software, and cannot show the program code of the software, nor can it be directly used to determine whether the suspected software is the same as or substantially similar to the software requested for protection. At the same time, at the technical level, the owner and controller of the server may also modify the relevant settings of the software through technical means, thus making the feedback information inconsistent with the software actually installed on the server.

Due to the above reasons, different courts' attitudes towards the admissibility of evidence of Telnet command remote forensics are inconsistent.

For example, the Guangdong High People's Court, in dispute case between Shenzhen Lanke Technology Co., Ltd. and LeiRuo Software Company on copyright infringement of computer software, found that the Telnet command remote forensics for FTP software did not have certainty and uniqueness. However, a few years later, the Guangdong High People's Court amended the previous viewpoint in the case of retrial of the dispute of copyright infringement of computer software between Otonm Technology Co., LTD and Shenzhen Guanzhi Industrial Co., LTD. It is pointed out that although there is no certainty and uniqueness between the feedback information after Telnet order detection and the facts to be proved, if there is a high possibility between the feedback information and the facts to be proved, the plaintiff who has the burden of proof should be considered to have completed the burden of proof. Because the defendant could not prove that he had lawfully used the genuine software, the court supported the plaintiff's request that the defendant had infringed on the software copyright.

In recent years, more and more courts have adopted the form of evidence of "remote forensics" by Telnet command. With the continuous development of technology progress and practice, there may be more model cases for remote forensics of pirated software. We will wait and see.