Can you be liable for third-party copyright infringements if you offer password-free free internet access? New case referred to CJEU!

Smart idea?
Via Katfriend and copyright aficionado Tom Ohta (Bristows) comes the news that a new depressing exciting case has just been referred to everybody's favourite court, ie the Court of Justice of the European Union (CJEU). 

It is Case C-484/14 McFadden, a reference for a preliminary ruling from CJEU-loving Member State Germany, seeking clarification as regards the liability of internet service providers (ISPs) for third-party copyright infringements.

While sadly no particular details are (yet) provided on the Curia website (with the sole exception that the application was lodged on 3 November last), more information is available via invariably helpful EU Law Radar, which explains what is at stake here:

"If a person offers [free] non-password-protected access to the Internet [this is what apparently Mr McFadden deliberately did, so that everybody could connect to his shop's WLAN], and an unknown user passes a piece of copyright-infringing music over that Internet connection [this is what happened four years ago], then can the person offering the Internet access be absolved of legal liability on the basis that he is but a ‘mere conduit’ under [Article 12 of] the EU’s ‘E-Commerce’ Directive 2000/31/EC [read in light of Recital 42 in the preamble to this very directive]?"

One the main issues is whether Mr McFadden (1) could be actually considered an ISP and, if so (2) could be protected by the Directive’s ‘safe harbors’ (just to borrow from the language of the US Digital Millennium Copyright Act). 

The main obstacle in this respect may be that the internet connection he provided was free, while Recital 17 in the preamble to the ECommerce Directive states that the notion of information society services "covers any service normally provided for remuneration". 

This Kat notes however that Recital 18 in the preamble to this very directive clarifies that “information society services … in so far as they represent an economic activity, extend to services which are not remunerated by those who receive them”. The CJEU has recently clarified the meaning of Recital 18 in its judgment in Case C-291/13 Papasavvas, a case concerning online defamation which the Court decided on 11 September last. There, the CJEU held that information society services extend, in so far as they represent an economic activity, to services ‘which are not remunerated by those who receive them [but are for instance remunerated by income generated by advertisement, as it was the case there], such as those offering on-line information or commercial communications’. That interpretation corresponds to that of the concept of ‘services’ within the meaning of Article 57 TFEU, which also does not require the service to be paid for by those for whom it is performed.

This Kat understands that one of the reasons why Mr McFadden provided password-free free internet access was indeed to drive traffic to his website. So, if ads were displayed there, this might be useful to argue that he got some remuneration from those, and therefore he could be considered an ISP ...  

Coming and going when you please?
Perhaps time to change the rules ...
Anyway, the unofficial translation of the questions referred by Landgericht München I has been also provided by EU Law Radar:

1. When read together with Article 2(a) of the E-Commerce Directive and Article 1(2) of Directive 98/34/EC as amended by Directive 98/48/EC, is the phrase ‘normally provided for remuneration’ in Article 12(1) of the E-Commerce Directive to be interpreted as meaning that the national court must determine whether the person who claims to be a service provider normally provides the service for remuneration; or does it mean that suppliers in the market normally provide this service or comparable ones for remuneration; or that the majority of this or comparable services are offered for a fee?

2. Is the phrase ‘the provision of access to a communication network’ in Article 12(1)(a) of the E-Commerce Directive to be interpreted as meaning that to conform with the Directive that it is significant that the connection is successful when access to a communications network (for example, the Internet) is provided?

3. When Article 2(b) of the E-Commerce Directive refers to ‘provider’, and is read together with Article 12(1)(a), then does the latter provision cover the situation where the information society service actually being provided is a publicly available WLAN, or is for example some other form of promotion or advertising also required?

4. When Article 12(1)(a) of the E-Commerce Directive states a ‘service provider is not liable for the information transmitted’, is this to be interpreted as excluding any claims for injunctive relief, damages, and the recovery of warning costs and court fees, incurred in relation to the copyright infringement concerned, against the access provider or in any event in respect of the initial copyright infringement?

5. Is Article 12(1)(a) of the E-Commerce Directive, when read together with Article 12(3) to be interpreted as meaning that Member States cannot allow a national court from issuing an injunction in proceedings brought against the access provider, whereby the access provider must desist from enabling third parties access via a specific Internet connection to a specific copyright-protected work made electronically available on demand on file-sharing sites?

Surely looking for some inspiration
for his new password
6. Is Article 12(1)(a) of the E-Commerce Directive to be interpreted as meaning that in the circumstances of present case, Article 14(1)(b) applies mutatis mutandis to an injunction?

7. Is Article 12(1)(a) of the E-Commerce Directive when read together with Article 2(b) to be interpreted as meaning that the claims against a service provider are exhausted where a service provider is any natural or legal person who provides an information society service?

8. If the answer to Question 7 is in the negative, then which additional criteria can be required of a service provider when interpreting Article 2(b) of the E-Commerce Directive?

9(a). Taking into account the protection of fundamental legal right of intellectual property, which derives from the right to property (Art 17(2) EU Charter) and the provisions in Directives 2001/29/EC on the harmonisation of certain aspects of copyright and related rights in the information society […], and Directive 2004/48/EC on the enforcement of intellectual property rights […], and taking into account freedom of expression and the freedom to conduct a business in Article 16 of the EU Charter; is Article 12(1)(a) of the E-Commerce Directive to be interpreted as meaning that this does not preclude a decision by the national court in the main proceedings, if that decision makes the access provider liable for costs, and prohibits him from allowing third parties access via a specific internet connection to a specific copyright-protected work or parts thereof, via internet file-sharing sites made electronically available on demand, leaves the access provider free to adopt whichever technical measures in order to comply with this order?

9(b). Does this also apply when the access provider can only really comply with the injunction if he shuts down the internet connection or uses password protection or checks every ongoing communication to see whether that particular copyright-protected work is illicitly exchanged once again, and that this is clear from the start, and does not become apparent only for the first time in the context of enforcement proceedings or sentencing proceedings?

A while ago in a very similar [if not the same altogether?] case a German court ruled that “Private users are obligated to check whether their wireless connection is adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation”. 

This Kat is by no means an expert in German copyright law, but: even if someone like Mr McFadden did not qualify for safe harbor protection under the German equivalent of the ECommerce Directive because he could not be considered an ISP, wouldn't a conclusion of this kind result, to say the least, in transforming secondary infringement into some sort of strict liability regime?

We’ll see what the CJEU says. Certainly, if the CJEU ruled that someone who offers password-free free internet connection may be in principle liable for third-party copyright infringements, this would have far-reaching implications. The most immediate one might be having to forget your free, password-free Starbucks Wi-Fi connection ...
Can you be liable for third-party copyright infringements if you offer password-free free internet access? New case referred to CJEU! Can you be liable for third-party copyright infringements if you offer password-free free internet access? New case referred to CJEU! Reviewed by Eleonora Rosati on Wednesday, November 26, 2014 Rating: 5


  1. My view is that any reasonable reading of the e-commerce directive results in mere conduit status for providers of free wifi in a commercial context (eg a cafe like Starbucks). There's a long line of cases in the more general "Services" context that makes it clear that remuneration doesn't have to be provided for the recipient of the service. Papasavvas is just icing on the cake on that point.

    And it seems to me that there's no other basis for finding that open wifi isn't capable of benefiting from "mere conduit" protection.

    The reality is that, if it were not so, lots of socially and commercially useful things could not happen with little benefit to copyright owners. Operators of wifi aren't in a position (generally speaking) to keep track of packets passing over their network or port assignments on their NAT gateway, so it is hard to see what they could do that would actually help.

  2. If the reasoning that anyone with an router is liable as an end user for all downstream connections is followed, it would kill voluntary or community organisations, as well as small, independent businesses, that provide free wifi to their patrons. Guest Wifi will also become a thing of the past.

  3. Interesting case. I cannot imagine the CJEU would rule against people or business providing free internet access, this would cause a lot of trouble. It could even harm revenue of business who provide free wifi to their customers.

  4. Doesn't Starbucks filter by protocol? Did you try to use BitTorrent via Starbucks Wireless?

  5. While the consequence of applying the law is being painted with a parade of horribles, I am reminded of the words of Judge Jacob, (paraphrasing): I am not here to write the law, but rather to apply the law. If you do not like the outcome, talk to those that write the law and have them change it.

  6. This would have provided the perfect opportunity for the CJEU to break the internet, if only they hadn't already broken it in Case C‑131/12 Google Spain SL v González.

  7. Jacob, however, misses the point, that judges neither simply apply the law nor write the law. They interpret the law. In doing so it is permissible to apply a principle that one intepretation could not plausibly have been what the legislator intended in view of clear negative and/or undesirable consequences, absurdities or incompatibility with other laws or principles. Jacob cannot simply reduce his role and that of other judges to mindless robots, applying unambiguous rules to well-established fact-patterns, turning the handle and delivering a judgment. Legislatures are normally slow to deliberate and react, whereas judicial intepretation must be fast and confined to the facts of the case, for efficient justice.

    As another judge (I forget who) misaphorised: "Interpret in haste, repeal at leisure..."

  8. I love how Anonymous at 08:38 is so "in haste" to disregard the wisdom of such a wise judge.

    One wonders the latitude given to the meaning of "interpretation" and the lack of respect for what the different entities that comprise the legal process might also flow from such cavalier understanding of the dynamics involved in multi-branch law writing.

    Some law is just not meant for common law treatment (judge-made law). Patent law is expressly one of those types of law.

  9. Anonymous at 08:38 is now wondering what patent law has to do with the subject of the original article. Copyright, which is the subject of the original article, is very much an area where judge-made law prevails - witness all the discussion about what is a "public", what entails "making available", and the like. And the CJEU, for all its civil law traditions, makes law like the best of 'em, however thinly disguised as "interpretation".

  10. Above, we see exchanges between two anonymous contributers. One is erudite, the other not. If I am not mistaken, the latter is obsessively active on the Dennis Crouch patent law blog. Hence his reference above to patent law.

    He has long had a lively bee under his bonnet, about the "separation of powers" and the proper division of responsibilities for the three branches of Government set up under the Constitution of the USA. He sees mischief where none exists, because he wants to provoke an argument

    I believe he's the one who, having imperfectly remembered something he particularly liked,in something reported on the Patently-O blog as having been uttered by Robin Jacob, reported it above, in his own words.

    I think we should rely only on the exact words that Robin uttered, and not put any weight on anon's paraphrase of them.

  11. MaxDrei, in his usual fashion, is daftly off.

    Perhaps he can supply Robin Jacob's words and render reason as to why the paraphrase is off, instead of merely claiming so...?

  12. You are, of course, all aware that normally provided for remuneration refers to the service and not the provider.It does not matter whether or not the provider is following an economic activity. If the service in question is one that is normally provided for remuneration.That means that as far as the internet is concerned, this analysis would make you at home a service provider of wi-fi and at risk of losing your exemption from liability for what your kids do.


All comments must be moderated by a member of the IPKat team before they appear on the blog. Comments will not be allowed if the contravene the IPKat policy that readers' comments should not be obscene or defamatory; they should not consist of ad hominem attacks on members of the blog team or other comment-posters and they should make a constructive contribution to the discussion of the post on which they purport to comment.

It is also the IPKat policy that comments should not be made completely anonymously, and users should use a consistent name or pseudonym (which should not itself be defamatory or obscene, or that of another real person), either in the "identity" field, or at the beginning of the comment. Current practice is to, however, allow a limited number of comments that contravene this policy, provided that the comment has a high degree of relevance and the comment chain does not become too difficult to follow.

Learn more here:

Powered by Blogger.