08/11/16

IP infringements by a 3rd-party user of a WIFI network: who is liable?

Access to a WIFI network is provided in virtually all public areas. So, from time to time, a user of a WIFI network may commit an infringement of an intellectual property right of a third party.

An example of this is when a user of a WIFI network shares films or music via the network without the permission of the copyright holders.

Since, in most cases, it is pretty much impossible to identify the person committing the breach, copyright holders attempt to hold the provider of the WIFI network liable for these infringements in order to obtain compensation.

Can the provider of a publicly-accessible WIFI network be held liable for infringements committed by third parties via this network?


1.    This question was put to the Court of Justice

The European Court of Justice pronounced concerning this question on 15 September 2016.

The manager of a German company had set up a wireless local network that is accessible anonymously and free of charge in the vicinity of his company. The network was not secure and was also intended to advertise his company.

In September 2010, a user of this network illegally made music available to the public, whereupon Sony Music served the manager with formal notice to respect the rights linked to this music.

The manager then brought legal proceedings in a German court, in order to obtain negative clearance, namely in order to have the court judge that he had committed no infringement. Sony Music instituted a counter claim in which it requested the court to hold the company manager directly liable for an infringement of its rights to the illegally-distributed music and to compel the manager to cease distributing it. In subsidiary order, Sony Music requested that the manager be held indirectly liable, because he operated an unsecured network, and thereby made it possible for third parties to commit infringements.

In response, the German court asked the Court of Justice a few prejudicial questions concerning the interpretation of Article 12 of the Directive on Electronic Commerce (Directive 2000/31/EC).
 


2.    What does the Directive on Electronic Commerce say?

Indeed, Article 12 of the Directive on Electronic Commerce provides exemption from liability if the service of the information society functions as a “mere conduit”.

On the basis of Article 12 of the Directive on Electronic Commerce, the service provider is not liable for the information transmitted via the network, on condition that:
(i)    the provider does not initiate the transmission,
(ii)   the provider does not select the receiver of the transmission, and
(iii) the provider does not select or modify the information contained in the transmission.


3.    The argument of the Court of Justice

3.1 Does providing a WIFI network free of charge fall under the application of the Directive?

The first question the Court of Justice had to answer was whether providing a WIFI network free of charge is regarded as an information society service, and therefore falls under the application of the Directive.

The Court responded that providing a service of an economic nature free of charge does not rule out application of the Directive. If a WIFI network is offered in order to advertise the company’s activities, this can constitute an information society service in the sense of the Directive.

The Court also confirmed that merely providing access to a communication network is regarded as a mere conduit in the sense of Article 12 of the Directive on Electronic Commerce. According to the Court, providing access to a WIFI network is a technical, automatic and passive process, so the provider of the network can invoke exemption from liability.

However, this exemption from liability does not mean that a provider offering a WIFI network is not obliged to take a few measures to protect the rights of third parties.

3.2   What kind of measures can be imposed on a provider of a WIFI network?

The Court then pronounced concerning the type of measures that may be imposed on a provider of a network.

Here the Court straight away notes that the provider of the network cannot be required to monitor the information passing through. The Court also regards a general blocking of the internet connection as excessive.

On the other hand, the Court does regard securing the WIFI network with a password to be a reasonable measure, which entails users being obliged to reveal their identity in exchange for the password. In the Court’s view, this provides sufficient deterrent and protects the intellectual property rights of others.


4. Conclusion

If you provide a free WIFI network within your company for employees, clients, or persons in the surroundings, in principle, you are not liable for infringements of intellectual property rights committed by third parties. Moreover, a court cannot oblige you to monitor or block traffic passing via your network.

If infringements are committed via the network, a court can oblige you to secure your network using a password, which will mean users of your network are unable to surf anonymously.

This, of course, begs the question whether this measure is actually effective. Making access to a WIFI network dependent on revealing identity, does not mean that the provider of a WIFI network is obliged to check the identity of the user.

Moreover, once the identity of the users in question is requested, there is a question of processing personal information, and you are required to respect the General Data Protection Regulation of 14 April 2016.

If you decide to request the identity of users of your WIFI network, you would be well-advised to render access to a WIFI network subject to acceptance of general terms and conditions of use, and a privacy policy.

dotted_texture