In a highly anticipated ruling, on 15 January 2015, the CJEU held in a preliminary reference made to it in Ryanair Limited v PR Aviation BVthat databases which are not protected under Directive 96/9 on the legal protection of databases (the Database Directive), either by database copyright or the sui generis right, are not subject to the limits that the Database Directive sets on contractual terms governing the use of databases.
In practice, this means that owners of databases which are not protected under the Database Directive can instead rely on contractual terms as an effective and enforceable means of preventing and taking action against screen scrapers, provided that those terms are drawn to the user’s attention and subject to compliance with any applicable national laws.
The case concerned Article 15 of the Database Directive, which provides:
“Any contractual provision contrary to Article 6(1) and 8 shall be null and void.”
- Article 6(1) sets out the lawful uses of a database protected by database copyright.
- Article 8 sets out the lawful uses of a database protected by the sui generis right.
The parties to this action were Ryanair and PR Aviation. Ryanair offered low cost flights to consumers. PR Aviation operated a website which could search the flight data of various low cost airline companies such as Ryanair, compare prices and allow consumers to book a flight in return for the payment of a commission.
PR Aviation obtained the flight data by automated means from Ryanair’s website, which was also accessible to consumers. Use of Ryanair’s website required that the customer accepted the website’s terms and conditions by ticking a box to that effect. The relevant terms were:
- Ryanair was the exclusive seller of Ryanair flights;
- use of Ryanair’s website was permitted only for certain defined private and non-commercial purposes; and
- use of automated systems or software to extract data from the Ryanair website for commercial purposes was prohibited.
Ryanair commenced legal proceedings against PR Aviation in the Netherlands for infringement of its database copyright and sui generis right in the flight data under the Database Directive (implemented into the national laws of the Netherlands) and acting contrary to the terms and conditions of use of its website.
There were a number of appeals and cross-appeals by the parties. In the Dutch Supreme Court, the Court upheld the decision of the Dutch Court of Appeal that the flight data available on Ryanair’s website was not protected by database copyright or the sui generis right. However, the Dutch Supreme Court referred a question to the CJEU on whether the limits on contractual freedoms set out in Article 15 of the Database Directive apply to databases which are not protected by database copyright or the sui generis right.
The CJEU recalled that the Database Directive set out to achieve a balance between the rights of the owner of a database and the rights of lawful users of a database. In that context, Articles 6(1), 8 and 15 set out certain rights of lawful users and, in effect, certain limitations to the rights of owners of databases that were protected by database copyright and/or the sui generis right.
With this background in mind, the CJEU held that where a data set fell within the general definition of a 'database' under Article 1(2) of the Database Directive, but the database did not qualify for protection as database copyright and/or the sui generis right, the provisions governing database copyright and the sui generis right would not apply to that database.
It followed that the provisions on lawful use set out in Articles 6(1) and 8 and the limits to contractual freedoms set out in Article 15 which expressly referred to Articles 6(1) and 8 would not apply to such databases.
Accordingly the author of such a database was free to lay down contractual provisions on use of the database of its choosing, subject to compliance with any applicable national laws.
This is a very positive decision for database owners such as Ryanair.
As in this case, it is often difficult to prove that the requirements for protection by database copyright and thesui generis right are satisfied. Following this decision, database owners now have an added layer of protection in that they are able to rely on contractual terms prohibiting screen scraping as an effective and enforceable means of preventing and/or taking action against users who copy, extract or re-utilise their data without a licence, in circumstances where these databases are not otherwise protected under the Database Directive. This is provided that the terms and conditions are properly brought to a user’s attention (and ideally accepted, for example by ticking a box to that effect) and subject to compliance with any applicable national laws.
Users of databases will need to take extra care before harnessing the data available from databases to avoid being in breach of contract. The terms and conditions of use of databases must be carefully reviewed and licences sought where appropriate.
More interestingly, the decision appears to suggest that an owner of a database which is not protected under the Database Directive will potentially be in a stronger position than an owner whose database is protected under the Database Directive.
It remains to be seen how the decision will be applied by the European Member State national courts.