The ECJ on access provider liability for copyright infringement by third parties

On 15 September 2016, the European Court of Justice (ECJ) issued a decision on a reference for a preliminary ruling by the Munich Regional Court I (case C-484/14) concerning the interpretation of Article 12(1) of the e-commerce Directive 2000/31/CE. The Article provides that Member States must ensure that providers of services consisting of the transmission of information provided by a customer or in the provision of access to a communication network (so-called mere conduit activities) are not liable for information transmitted by third parties through their network, on condition that such providers do not initiate the transmission, do not select the receiver of the latter and do not select or modify the information transmitted.

The main proceedings case was between a seller providing a wireless local area network to the public free of charge in order to draw the attention of potential customers, and Sony Music Entertainment Germany GmbH (Sony), holder of copyright on a musical work unlawfully made available to the public on the Internet by third parties through the network at issue. Sony claimed that the access provider was liable for the infringement of the musical work copyright – as allegedly stated in earlier German case law – for having failed to secure the network from which its rights were infringed by third parties. Thus, it asked for the payment of damages arising from the infringement at issue, an injunction against such infringement and the reimbursement of the costs incurred up to that point. Conversely, the provider claimed not to be in any case liable for the alleged infringement, since he met the abovementioned conditions under Article 12(1).

The Regional Court competent to settle the dispute at issue submitted to the ECJ, inter alia, the following questions: a) whether Article 12(1) precludes the person affected by a copyright infringement from claiming an injunction, damages and the payment of the cost incurred against the provider of the network through which infringement was committed; and b) whether that provision precludes an injunction that, if considered admissible in reply to question a), requires the access providers to prevent the commission of similar infringements by third parties to a particular copyright-protected work through their own networks, leaving them free to determine what specific technical measures to take in order to comply with that injunction. These measures according to the Regional Court may only be of three kinds: the termination of the Internet connection, the password-protecting of the latter, or the examination of all the communications passing through it.

With regard to the first issue, the European Judges stated that, if all the conditions under Article 12(1) are met, “the copyright holder is, in any event, precluded from claiming compensation from that service provider on the ground that the connection to that network was used by third parties to infringe its rights”, since it cannot find any provider liability. However, the possibility exists for the infringed copyright holder to claim for an injunction against the provider from the continuation of the infringement committed by third parties, since Article 12(3) expressly provides that the courts of the Member States may require the provider to terminate or prevent copyright infringement. As a further consequence, the ECJ stated, the possibility of seeking reimbursement for costs is to be denied when the latter have been incurred for the purposes of a claim for damages and it is admissible when these relate to a claim for an injunction.

Secondly, the ECJ noted that the e-commerce Directive admits the possibility of an injunction “leaving the access provider (free) to determine the specific measures to be taken in order to achieve the result sought”, providing that the measures chosen by the latter are “capable of striking a fair balance between, first, the fundamental right to protection of intellectual property and, second, the right to freedom to conduct the business of a provider supplying the (said) service (…) and the right to freedom of information of the recipients of that service”.

In this regard, the ECJ pointed out that, among the measures indicated by the Judge of the main proceedings, only the password-protecting of the Internet connection provided by the provider is capable of striking a fair balance among the right at issue. The latter, in fact: a) “does not damage the essence of the right to freedom to conduct its business of a communication network access provider”, since it is limited to adjusting one of the technical options in exercising its activity and, thus, its freedom; b) “does not appear to be capable of affecting the possibility made available to internet users using the services of that provider to access information lawfully”; and, finally, c) “may dissuade the users of that connection from infringing copyright or related rights” because these “are required to reveal their identity in order to obtain the required password and may not therefore act anonymously”. On the contrary, such capability must be excluded with regard to the examination by the provider of all the communications passing through its network, being it expressly prohibited under Article 15(19) of the e-commerce Directive, as well as the termination of the Internet connection offered by the provider, given that this solution would entirely compromise its right to the freedom to conduct its business.