So far, September has been a busy month in Luxembourg. On 8 September 2016, the Court of Justice of the European Union (CJEU) handed down a ground-breaking judgment on hyperlinking (Case Ref.: C-160/15 – GS Media, see our earlier post). On 15 September 2016, this equally important verdict followed (Case Ref.: C-484/14 – McFadden). The judges had to decide upon the liability of an access provider who offered his customers a free Wi-Fi connection in his shop. A customer had used the connection to illegally upload and share copyright-protected content. The shop owner referred to and defended himself with the liability privilege available for access providers under European law. It was now for the CJEU to rule whether such defense was actually available.
The case was originally referred to the CJEU by the Regional Court of Munich. The German judges are required to decide on a lawsuit brought against a shop owner called Tobias McFadden by the plaintiff, Sony Music Entertainment Germany. Mr. McFadden, whilst running a business for sale and renting out lighting and sound systems, offered his customers a free Wi-Fi connection at his premises. In September 2010, one of his customers unlawfully uploaded a copyright work via Mr. McFadden´s Wi-Fi. Shortly after this, Sony being the rightful owner of the content sued the shop owner seeking injunctive relief and damages.
Mr. McFadden argued that the liability privilege for access providers set out in Sec. 8 of the German Tele Media Act freed him from any responsibility regarding his customers’ actions. This privilege derives from Article 12(1) of the E-Commerce Directive 2001/31. However, the Munich court did not seem prepared to follow this argument and considered an indirect liability on the basis of a breach of duty of care – the so-called “Störerhaftung“. In order to clarify several questions involving the interpretation and application of Article 12(1) of the E-Commerce Directive, the court submitted in total nine questions to the CJEU.
Advocate General Maciej Szpunar expressed his views first in his opinion dated 16 March 2016. Mr. Szpunar basically argued that the operator of a free Wi-Fi is not liable to pay the right holder any kind of compensation for users’ misconduct due to the liability privilege. However, operators may be obliged to stop actual infringement and to prevent future infringement of the same kind when becoming aware of the misconduct. The Advocate General did not vote in favor of an obligation to secure the Wi-Fi access by way of a password (see our blog post).
The CJEU’s views differ to some extent from those expressed by the Advocate General. Initially, the judges state that the operator of a business offering a free Wi-Fi connection to its customers falls under the term “information society service“. The CJEU places no importance on the Wi-Fi access being provided free of charge. Rather, it focuses on the Wi-Fi access promoting the sale of goods or the supply of services, as was the case in Mr. McFadden’s shop.
The judges continue that in order to enjoy the liability privilege pursuant to Art. 12(1) of the E-Commerce Directive, one needs to fulfil three criteria; the provider of the mere conduit service:
(1) must not have initiated the transmission,
(2) must not have selected the recipient of the transmission, and
(3) must neither have selected nor modified the information contained in the transmission.
If those conditions are fulfilled, the privilege applies. In consequence, the access provider is to be deemed an intermediary not being liable for compensation or any other costs related to the copyright infringement.
However, the privilege does not prevent right holders from seeking injunctive relief before national courts and from demanding the termination or the prevention of an infringement of copyright. According to the judges, and in contrast to the Advocate General, an injunction can be secured by means of requiring the access provider to password protect the Wi-Fi connection. This is seen as a way of balancing, (1) the interests of the right holder, (2) the access provider’s freedom to conduct his business, and (3) the Internet user’s freedom to information. In its reasoning, the CJEU explicitly recognizes the relevance of users being required to reveal his/her identity before going online via a free Wi-Fi. This may be achieved through a password login taking away the anonymity from the user.
The two other measures suggested by the Munich court – i.e. an obligation to examine all communications passing through an Internet connection and/or to terminate the entire connection – are dismissed by the CJEU. According to the Luxembourg judges, a general obligation to monitor all transmitted information would not ensure a fair balance between the conflicting fundamental rights.
The conflicting interests regarding the access to free Wi-Fi are highlighted by this case. In a recent speech the President of the European Commission, Jean-Claude Juncker, emphasized the importance of such free Internet access. Julia Reda, parliamentarian at the European Parliament, already criticized the CJEU’s current decision as jeopardizing the Commission’s goals. Passwords are argued to impede a “barrier-free” Internet. However, what may not be neglected is the fact that the anonymity of the Internet is part of the reason why copyright is not respected in the digital world as it is in the analogue world.
After all, requiring a password is not the end of free Wi-Fi. Passwords are amongst the means to generate protection for right holders. Also, the access provider may gain additional legal security by implementing a free login routine. Of course, a password may not prevent copyright infringement to 100%. However, there are certainly Internet users that reconsider their actions when being required to login via a password. Respecting the right holders’ position is part of the balancing of interests underlying a fair market place also in the digital world.