The Court of Justice of the European Union ("CJEU") has this morning handed down its judgment in Football Dataco v. Sportradar Case C-173/11. In a narrow ruling, the Court has held that where a company in Member State A unlawfully acquires data from a protected database and sends that data to a person located in Member State B, it may be sued in Member State B, provided that it intended to target the data to members of the public in Member State B.
The Court of Appeal had asked the CJEU, in effect, whether the company could also be sued in the Member State in which the unlawful database content was hosted. The CJEU declined to answer that question fully, saying only that the Member State hosting the database would not have exclusive jurisdiction to hear the case.
Football Dataco maintains a database of statistics about football matches. They claim that the database is protected by the sui generis database right provided for under Directive 96/9/EC (the "Database Directive"), and alleged that Sportradar, a German company which also provides statistics about football matches, had unlawfully used its statistics in betting services targeted at members of the UK public. Sportradar said that its data had been generated independently and, when sued in the UK, challenged the jurisdiction of the courts of England and Wales.
Although the High Court found that it had jurisdiction over Sportradar in relation to claims that it shared joint liability with its UK customers, it declined jurisdiction in relation to Football Dataco's claims for direct infringement. Football Dataco appealed the point to the Court of Appeal, who in turn sought guidance from the CJEU.
The Court of Appeal asked first whether the sending of data taken from a database protected by the sui generis database right under the Database Directive was an act of extraction or re-utilisation. Second, it asked which of three mutually exclusive scenarios accurately described which courts could take jurisdiction in the proceedings before it. Was it:
- Only the courts of Member State A, where the database server was located;
- Only the courts of Member State B, where the recipient of the data was located; or
- The courts of both Member State A and Member State B (in which case the courts first seised would have the better claim to jurisdiction)?
The Advocate General, who gives a non-binding advisory opinion to the CJEU on how it should rule, took the view that the sending of data amounted to a re-utilisation, and that it took place in both Member State A and Member State B. In his view, both Member States would have been competent to take jurisdiction to hear the case.
The CJEU this morning agreed with the Advocate General that the sending of data in the manner described by the reference constituted a re-utilisation of the data and as such was subject to the database owner's authorisation.
The Court also agreed that such re-utilisation takes place in Member State B, i.e. where the recipient of the data is located, but added that this would only be the case where there is evidence that the Defendant intended to target members of the public in that Member State. In other words, mere accessibility of the data within a Member State would be an insufficient basis for the courts of that Member State to assume jurisdiction. This part of the ruling is consistent with the Court's rulings earlier this year in Wintersteiger v. Products 4U, Case 523/10 and in Titus Donner, Case C-5/11, where similar legislation was at issue.
Whether it agrees with the Advocate General on the status of the courts of Member State A, however, remains to be seen as the CJEU elected not to answer that part of the reference. Since the Court of Appeal had only sought guidance from the CJEU in order to establish its own jurisdiction to hear the case, being Member State B in the questions, it was not strictly necessary for the CJEU to address whether Member State A would also have jurisdiction. It therefore avoided doing so and, beyond saying that Member State A would not have exclusive jurisdiction in these circumstances, provided no further guidance on the point.
Although the judgment deals with the essentials of the reference from the UK Court of Appeal, it represents a missed opportunity for the CJEU to bring further clarity and certainty to the complex issue of jurisdiction in online disputes. Indeed, because the CJEU has repeatedly said that the Internet requires special consideration in disputes over jurisdiction, and given the similarity of the database legislation to legislation governing aspects of copyright, this case could have been a valuable aid to e-tailers, to software developers using online distribution methods, and to website developers and other online content providers. Unfortunately for the e-commerce industry, the important question of whether the Member State in which a server is located automatically has jurisdiction in database, and certain copyright, infringement claims, continues to go unanswered.
The case is Football Dataco v. Sportradar Case C-173/11. The Court's judgment can be read in full here.