However, such an operator may be required to password-protect the network in order to bring an end to, or prevent, such infringements. (See Case C-484/14.)
The Court decided on a number of important issues at its 15 September ruling, which dealt with a lawsuit from Sony Music Entertainment GmbH against the shop owner. For instance, it noted that the free public Wi-Fi service provided by the shop owner is considered information society service under EU law.
It is an important clarification due to two main reasons. First of all, specific EU law should be applied in this case. Second, despite the fact that the Wi-Fi network could be accessed free of charge (while most services under EU law should be provided for remuneration in order to be considered information society services), the Court decided that the advertising of goods and services through the network was equal to other kinds of remuneration.
Tobias McFadden’s shop sells and leases lighting and sound systems in Munich. In order to draw more attention to his services, he also provides free public Wi-Fi. In 2010 that particular Wi-Fi connection was used to download music illegally (in the words of the Court, "a musical work was made available on the internet free of charge to the general public without the consent of the right holders").
Sony Music Entertainment Germany GmbH then sued McFadden for copyright infringement. Even though Sony stated that McFadden did not infringe the law himself, the company claimed that the shop owner is indirectly liable, as he did not secure the Wi-Fi network.
Since the situation concerned EU law (in particular article 12(1) of the Directive on Electronic Commerce), the Landgericht (Regional Court of Munich) asked the ECJ to clarify the situation.
The court of the first instance and the appellate court were mainly concerned with the question of direct and indirect liability of the shop owner. The court of appeal finally stayed the proceedings and asked the ECJ to clarify the situation through the preliminary ruling procedure.
National judges of the member states of the EU can (and in some cases must) invoke the preliminary ruling procedure at the ECJ. It enables national courts to consult the ECJ on the interpretation or validity of European law.
The member states of the EU are obliged to follow the rulings of the ECJ. Such co-operation between the ECJ and national judges creates legal certainty as EU law is applied consistently throughout Europe.
European Union law
According to EU law, in order for a service provider (McFadden’s network) to be exempt from liability (in legal terms, fall under the definition of the activity of 'mere conduit'), it must entail only technical, automatic and passive processes for the transmission of information. That was exactly the case in the current situation, since McFadden’s network only provided the means to reach information and did not promote it or interfere in any way.
The Court compared internet service providers with internet website hosts in terms of content control (the judgement, §63). It ruled that, unlike a website host, a service provider, like McFadden, has no control over the information that has been transmitted; therefore the provider is "not in a position to take action to remove certain information or disable access to it."
Most importantly, according to the Court, service providers cannot be held liable for information transmitted to them if three conditions are met – (1) such providers do not initiate a transmission, (2) they do not select the receiver of transmission and (3) they do not select or modify the information contained in the transmission. Meeting these conditions also means that a copyright holder (Sony in this case) cannot claim compensation from the service provider which was used for activities infringing copyright law. Moreover, the copyright holder cannot claim the reimbursement of the costs of giving formal notice or court costs incurred (the judgement, §73-75).
However, the judgement cannot be considered as protecting service providers only. The law does not preclude the injured party (Sony) from asking the Court to stop the continuation of the infringement and the payment of the costs incurred from a network provider whose services were used in that infringement.
Such claims have to be made for the purposes of obtaining, or following the granting of injunctive relief by a national authority or court to prevent that service provider from allowing the infringement to continue (the judgement, §79). Simply put, a copyright holder can ask a national authority or a court to order the network provider to stop the infringement.
The Court also stressed the need to protect two different human rights at stake – protection of intellectual property and the right to information and free access to it. In order to find the right balance between these fundamental rights, the Landgericht considered three options that could possibly be used to stop a copyright infringement – (1) examining all communications passing through an internet connection, (2) terminating that connection or (3) password-protecting it.
The option of monitoring of all information transmitted was excluded by the Court as it goes against the general obligation on network providers not to monitor the information transmitted. Terminating the internet connection completely was also not possible. According to the Court, it would cause a serious infringement of the freedom to conduct a business of a person who pursues an economic activity, and would not strike a fair balance between the different rights at stake.
Notably, password-protecting an internet connection is possible (the judgement, §90). The Court stated that it "does not damage the essence of the right to conduct business in so far as the measure is limited to marginally adjusting one of the technical options." As long as such a measure does not block access to any internet site, it does not appear to be capable of infringing the right of access to information.
A measure consisting of password-protecting an internet connection may dissuade the users from infringing copyright or related rights, provided that those users are required to reveal their identity in order to obtain the required password and may not therefore act anonymously. Consequently, a measure intended to secure an internet connection by means of a password must be considered to be necessary in order to ensure the effective protection of the fundamental right to protection of intellectual property (the judgement, §96, 99).
The first impression of the case is mostly associated with the fact that this judgement has created uncertainty about users’ anonymity. There is a chance that there will be no more free and anonymous Wi-Fi access in bars, cafes, or hotels within the EU, since users can now be asked to hand over their identity details first.
Basically, the ECJ could be understood as stating that one has a right to anonymity in connecting to the internet up until the point a major copyright holder objects to it.
Taking into account previous ECJ jurisprudence, the Court appears to have decided that password protection would be effective only if the user is required to provide identity details so that he or she cannot act anonymously. That could possibly interfere with the user's right to privacy – a fundamental right that the McFadden judgment does not mention, or take into account in balancing the relevant fundamental rights. For that reason, further debate on the judgement is expected.
Notably, a day before the ruling came out, EU Commission President Jean-Claude Juncker promised free wireless internet access all over Europe by 2020. The case might also interfere with these plans in the future.