YNOT EUROPE – Broadcaster and internet service provider Sky said Wednesday it no longer will provide personal information about its users to anti-piracy law firm ACS:Law. The much-maligned London firm is under the gun from privacy advocates and the legal system after allowing suspected file-sharer’s information — including credit card numbers, names and addresses — to leak onto the web last week.

ACS:Law made a controversial name for itself by suing tens of thousands suspected file-sharers on behalf of clients. The firm awaits a hearing before a professional tribunal that has been asked to determine whether ACS:Law’s tactics, which some have called “bullying,” are abusive. The firm blamed the data leak on a distributed denial-of-service attack perpetrated by members of the 4chan online activist group, though technical experts have postulated the error occurred in-house during a server backup operation.

ACS:Law was able to collect personal details about suspected file-sharers by presenting court orders demanding the information from Sky and other ISPs. A Sky spokesman said the company will ignore future court orders until ACS:Law can guarantee no additional security breaches will occur.

“Following recent events, we have suspended all cooperation with ACS:Law with immediate effect,” the spokesman said in a statement released Wednesday. “This suspension will remain in place until ACS:Law demonstrates adequate measures to protect the security of personal information. We continue to be very concerned at the apparent loss of data held by ACS:Law and by the actions of those who have sought to publicize the identities of individual customers.

“Like other broadband providers, Sky can be required to disclose information about customers whose accounts are alleged to have been used for illegal downloading,” the statement continued. “We support the principle that copyright material should be protected, and we cooperate with court orders requiring disclosure. Because the security of customer information is also a high priority, we only ever disclose such data in encrypted form. In addition, we have an agreement with ACS:Law that requires data to be stored and used safely and securely.”

TalkTalk, another ISP, also issued a statement on Wednesday, saying essentially “We told you so.” TalkTalk steadfastly has refused to hand over users’ details to ACS:Law, despite court orders.

The ACS:Law leak was “a stark reminder of the dangers of giving out customer details to third parties in trying to combat file-sharing,” according to TalkTalk. “While we do not condone illegal file-sharing, we have consistently argued for better ways of combating copyright theft. Handing over customer details to law firms to seek “compensation’ based on accusations from rights-holders is not the answer.

“Tracking down illegal file-sharers is complex, and the current approach isn’t working,” TalkTalk’s statement continued. “The first problem is around detection: If you can only see what’s being downloaded at each connection, how do you know which of the several users has actually infringed copyright?

“Secondly, we’ve demonstrated before how it’s possible for connections to be hacked by serial file-sharers. Again, this can result in false accusations being made against subscribers and is the key reason why we’ve refused to hand over our customers’ details to ACS:Law or any other law firm working in this way.”