As previously reported on Commsrisk, some corporations have been trying to stop businesses giving free WiFi internet access without any password controls. Their concern is money; specifically they focus on the financial implications when the users of the internet service infringe copyright by downloading pirated content. However, they were rightly opposed by a coalition of those firms that give free WiFi to their customers, WiFi technology providers, and internet advocacy groups. And it seems the Court of Justice of the EU (CJEU) will favor free WiFi after one of its lawyers, Advocate General Maciej Szpunar, issued a legal opinion that businesses could not be held liable for what their customers do.
The case considered by AG Szpunar was McFadden C-484/14. This case, like so many others, hinges on when a business should be treated like a comms provider because it provides the capacity for the transmission of communications, but has no relevant interest in what is being communicated. Mr McFadden’s business sells and rents lighting and sound systems near Munich. To encourage customers to use his website he made a WiFi network accessible to the public. A musical work was unlawfully downloaded via that internet connection in 2010, and Sony responded by suing McFadden. The Landgericht München I (Regional Court, Munich I, Germany) judged that McFadden was not the actual party who infringed the copyright, but considered him to have an indirect liability on the ground that his WiFi network had not been made secure.
The press release giving AG Szpunar’s opinion clarifies that McFadden should be treated like a comms provider, even though that is not his main business activity. He is thus exempt from liability for how the provided comms service has been used by customers.
In today’s Opinion, Advocate General Maciej Szpunar takes the view that that limitation of liability also applies to a person such as Mr McFadden who, as an adjunct to his principal economic activity, operates a Wi-Fi network with an Internet connection that is accessible to the public free of charge. In his view, it is not necessary for the person in question to present himself to the public as a service provider or that he should expressly promote his activity to potential customers.
AG Szpunar goes on to clarify that McFadden has no financial obligations with respect to the rightsholders.
The Advocate General goes on to state that that limitation precludes the making of orders against intermediary service providers not only for the payment of damages, but also for the payment of the costs of giving formal notice or other costs relating to copyright infringements committed by third parties.
Whilst McFadden’s liability is limited because he is a mere ‘conduit provider’ of comms services, rightsholders can still bring an injunction in order to stop piracy. Such injunctions must be particular, effective, proportionate, dissuasive, aimed at a specific infringement, and fair to the rights of the conduit provider and their business.
AG Szpunar’s opinion concluded by observing why it would be inappropriate to force all WiFi providers to implement passwords to limit access.
The Advocate General considers that the imposition of an obligation to make access to a Wi-Fi network secure, as a means of protecting copyright on the Internet, would not be consistent with the requirement for a fair balance to be struck between, on the one hand, the protection of the intellectual property rights enjoyed by copyright holders and, on the other, that of the freedom to conduct business enjoyed by providers of the services in question. By restricting access to lawful communications, the measure would also entail a restriction on freedom of expression and information. More generally, any general obligation to make access to a Wi-Fi network secure, as a means of protecting copyright on the Internet, could be a disadvantage for society as a whole and one that could outweigh the potential benefits for rightholders.
An opinion of an Advocate General is not binding; the CJEU still has to reach its judgment. However, the court generally follows the advice of its AGs.
This is a victory for common sense. It would be madness to shut down all open WiFi connections in the EU, or make thousands of businesses implement burdensome password controls, just because of a limited risk to copyright holders that is hard to evaluate in financial terms. If there is a pattern of recurring piracy then an injunction can be used to stop the abuse. Otherwise the rightsholders expect too much; modern societies cannot be expected to shut down free and easy communication just because it may be used by naughty people. As with the EU-US Safe Harbor, an Advocate General working for the CJEU has demonstrated more technological and practical nous than legions of blathering lawyers who work to twist the law to suit their clients. There is a difference between providing a comms service and using a comms service, and the people who provide a comms service should not be turned into convenient targets for anyone and everyone who might not like the way users communicate, or what they communicate.