Can operators of free Wi-Fi networks really be held accountable for the actions of the users of their network? Broadly not, according to a recent ruling.
The latest in a string of interesting rulings by the Court of Justice of the European Union (CJEU) should provide some comfort to 'service providers' when it comes to their responsibility to prevent infringement of Intellectual Property Rights.
The case in question, McFadden v Sony, concerned a shop, owned by Mr McFadden, which operated an anonymous Wireless Local Access Network (WLAN) free of charge in the vicinity of its premises.
The WLAN was intentionally not password protected, in the hope of persuading customers of nearby businesses to come to the shop.
On around the 4 September 2010, the network was used to make a musical work available to the public, free of charge, without the consent of the rights holder, Sony Music.
Mr McFadden asserted that he did not commit the infringement, but that it was possible that someone using the WLAN did.
Sony pursued Mr McFadden for damages on the direct ground of his infringement, an injunction against the infringement and for reimbursement of its costs.
Mr McFadden argued that he was a 'mere conduit' in the infringement (a defence provided for under EU legislation).
The court found that WLAN providers can rely on this defence and are therefore not responsible for infringements of their users, providing that they:
- do not initiate the transmission of the infringing data;
- do not select the receiver of the transmission; and
- do not select or modify the information contained in the transmission.
However, the court went on to say that this cannot mean that a party is not allowed to seek an injunction against a WLAN provider, to ensure that 'continuing infringement' is prevented. It also stated that the rights holder is not barred from claiming the reimbursement of the costs of giving formal notice and court costs incurred in seeking or enforcing the judgment.
What does it mean?
This decision shows that the CJEU is trying to strike a balance between the interests of the owners of IP and the rights and freedoms of others. It is not surprising that operators are not to be held liable for infringements made by their users, but the court clearly did not want to leave right holders with no recourse.
The positive for WLAN operators is that there is now clarity, namely that they are not, per se, liable for the actions of users of their network. However, this doesn't mean that they are totally 'off the hook' as they can still be asked to prevent further infringements, and possibly surprisingly, may be liable for the costs of being asked to do so.
The CJEU gives operators a way out though, stating that 'a measure consisting in password-protecting an internet connection may dissuade the users of that connection from infringing copyright or related rights, provided that those users are required to reveal their identity in order to obtain the required password and may not therefore act anonymously', hinting that an operator might not be found liable if they password protect their networks.
It seems prudent therefore for WLAN operators to have a comprehensive policy for use, a requirement for registration and/or password protected access to their networks.