If somebody provides free WiFi without demanding that the users enter a password, does that make them legally liable for any copyright infringement by the users of that WiFi? That is a question raised in Case C-484/14 McFadden, which was referred to the Court of Justice of the European Union (CJEU) by Germany.
Per the wonderful IPKat blog, the legalities revolve around whether the person providing the internet access is a ‘mere conduit’ per Article 12 of Europe’s Ecommerce Directive. In short, if the person giving away WiFi access is consider to be akin to an ISP, they are not responsible for how others use (or abuse) that service. But if they are more like the end user than an ISP, then the provider of free WiFi could be forced to pay compensation when their internet connection is used to infringe copyright.
This issue is relevant to anyone who ever wandered into a Starbucks and fired up their laptop to do some work over the internet. Making the WiFi provider liable would effectively make passwords mandatory, causing inconvenience to customers and staff, and thus discouraging small businesses from providing WiFi. This would also have a knock-on impact for comms firms, not only because of the lost WiFi traffic, but also because it might lead to increased load on other mobile data networks in congested urban areas.
In response to this case, a group of worthy internet organizations including the Electronic Frontier Foundation (EFF), Mozilla, the Open Rights Group (ORG), and the Wireless Innovation Alliance (WIA) have written an open letter to the CJEU. It begs Europe’s top court to reverse a 2010 decision by Germany’s Federal Supreme Court that held the private operator of a wireless network is obliged to use password protection in order to prevent abuse by third parties.
Here are some key arguments from the letter.
Broadband access remains far from universal. Substantial portions of the population have neither home broadband nor mobile data subscriptions, either because it is unaffordable or the necessary infrastructure does not exist in their locality… Parallel to this, it is obvious that economic growth is increasingly synonymous with access to communications networks: to coordinate collaboration with colleagues, access clients, carry out purchases, or conduct remote maintenance. The Internet contributes around €500 billion to Europe’s economy every year. Since around 10% of Internet access comes via open wireless, their prohibition would constitute an impediment to tens of billions of euros’ worth of economic activity… These challenges have impelled hundreds of municipalities all over Europe to launch free local wireless networks providing access to the underserved in town and city centres.
During 2012 (sic) earthquake in northern Italy, local authorities requested the general public to remove passwords from their private WiFi networks in order to allow the widest possible emergency access to communications networks. Similarly when in 2007, the 40-year old bridge in Minneapolis collapsed into the river, WiFi played an important role in managing the response and recovery efforts… The first 72 hours following a natural disaster are critical. This window of time is when emergency responders are most able to save lives. Communication in this period is essential to facilitate the flow of information between governments, individuals, communities and humanitarian organizations. A significant fraction of cellular and wireline networks fail at these crucial times. Only open networks provide a practical and robust way of sharing whatever links continue to function in a disaster area.
All wireless networks, whether open or closed, use the electromagnetic spectrum to communicate information. The spectrum is a scarce resource… If use of the unlicensed part of the spectrum will be restricted by mandatory password-locking in the name of the intellectual property enforcement, many great benefits of the “spectrum commons” will be lost…. Technologies using [unlicensed spectrum] including open WiFi, are often both competing and complementing licensed spectrum based technologies… Some carriers such as RepublicWireless… offer subscription plans, where public WiFi is a primary channel for the phone calls, and cellular technology only serves as a back-up in its absence. If password-locking becomes the rule, access to such wireless networks would generally require entering a password, which would make automated switching of customer calls between cellular networks and WiFi impossible…
Companies like Facebook and Google are already experimenting with balloon or drone-carried WiFi antennas, which could deliver the Internet access (sic) even to most remote or underdeveloped areas. Mandatory password lock-up prohibits open variants of these innovations, and correspondingly undermines their social and economic benefits.
You can read the open letter here.
Though the passion of the letter writers is obvious, I doubt it will influence the court. As Dickens wrote, ‘the law is a ass’, and the German court may have correctly interpreted a bad law. As I noted when discussing a current challenge to European data protection law, the EU’s rule-makers have repeatedly passed laws that seek to anticipate technological trends but are unworkable in practice.
My sympathies are with the letter writers. Password locking is an excessive response to copyright infringement. It stems from a worldview that treats people and communication as an evil to be controlled. Communication is healthy, good for both the economy and the wellbeing of its citizens. If European laws demand everybody ask their waitress for a password, before accessing the café WiFi, then the law is a ass, and needs to be changed.