Germany

Court of Justice of the European Union: Judgment on the case Tobias Mc. Fadden v. Sony Music Entertainment GmbH

IRIS 2016-9:1/2

Sophie Valais

European Audiovisual Observatory

On 15 September 2016, the Court of Justice of the European Union (CJEU) delivered its judgment in Tobias Mc Fadden v. Sony Music Entertainment Germany GmbH, concerning the application of the intermediary liability regime under the E-Commerce Directive 2000/31/EC (ECD) to the operator of a shop which offers access to a Wi-Fi network free of charge to the public in relation to copyright infringements committed by users of that network.

Mr. Tobias Mc Fadden runs a shop selling and leasing lighting and sound systems, in which he offers access to a Wi-Fi network to the general public free of charge in order to draw the attention of potential customers to his business. In 2010, a musical work was unlawfully offered for downloading via that Wi-Fi network. Sony Music, the holder of the rights over the phonogram, gave Mr. Mc Fadden formal notice concerning the infringement of its rights. Mr. Mc Fadden brought before the referring court an action for a negative declaration (negative Feststellungsklage). Sony Music brought a counterclaim, seeking an injunction and damages. By judgment of 16 January 2014, the referring court dismissed Mr Mc Fadden’s application and upheld the counterclaim. Mr Mc Fadden appealed against the judgment on the ground that he is exempt from liability under German law transposing Article 12(1) ECD. In the appeal, Sony Music asked the Court to uphold the default judgment and, in the alternative, to issue an injunction and order Mr Mc Fadden to pay damages and the costs of the formal notice on the ground of his indirect liability (Störerhaftung). The Landgericht München I (Regional Court, Munich) before which the proceeding was brought, takes the view that Mr Mc Fadden was not directly liable, but is minded to reach a finding of indirect liability (Störerhaftung) on the ground that his Wi-Fi network had not been made secure. However, the German court had some doubts as to whether the ECD precludes such indirect liability and decided to refer a series of questions to the Court of Justice.

As a reminder, the ECD exempts intermediate providers of mere conduit services from liability for unlawful acts committed by a third party with respect to the information transmitted, under three cumulative conditions: (i) the provider of the mere conduit service must not have initiated the transmission; (ii) it must not have selected the recipient of the transmission; and (iii) it must have neither selected nor modified the information contained in the transmission.

In its judgment, the CJEU first held that making a Wi-Fi network available to the general public free of charge in order to draw the attention of potential customers to the goods and services of a shop constitutes an ‘information society service’ under the directive. The Court then confirms that where the above three conditions are satisfied, a service provider such as Mr Mc Fadden,who provides access to a communication network, may not be held liable. Consequently, the copyright holder is not entitled to claim compensation nor reimbursement of costs on the ground that the network was used by third parties to infringe its rights. However, the directive does not preclude the copyright holder from seeking, before a national authority or court, to have such a service provider ordered to end, or prevent, any infringement of copyright committed by its customers. Finally, the Court holds that an injunction ordering the Internet connection to be secured by means of a password is capable of ensuring a balance between, on the one hand, the intellectual property rights of rightholders and, on the other hand, the freedom to conduct a business of access providers and the freedom of information of the network users. The Court notes that such a measure is capable of deterring network users from infringing intellectual property rights. However, in order to ensure that deterrent effect, users should be required to reveal their identity before obtaining the required password, so as to be prevented from acting anonymously. According to the Court, the directive expressly precludes the adoption of a measure to monitor information transmitted via a given network and to terminate the Internet connection completely without considering the adoption of measures less restrictive of the connection provider’s freedom to conduct a business.