It's a Family Affair for Digital Piracy as Court of Justice Rule on Strotzer Case
In a recent European Court of Justice decision, the owner of an internet connection sought to escape liability for copyright infringement allegedly committed via his connection by pointing to family members that also had access. However, interesting questions remain around the appropriate balancing of rights between privacy and copyright.

Background

In October 2018 the European Court of Justice examined whether the owner of an internet connection could escape liability where copyright had been infringed using their connection but where the owner could also point to family members having access to the same connection. The background to the referral concerned litigation between German publisher Bastei Lübbe and a Munich resident Michael Strotzer who was accused of illegally downloading an audio book.

Infringement by a family member with access

Strotzer argued that he had not committed the infringement and that as he had ensured that his internet connection was securely protected, it was very unlikely anyone without the password had access. However, Strotzer also noted that as he lived with his parents who had access (although as far as he was aware they had not committed the infringement) there was the possibility that one of them was responsible. While the Munich court appeared likely to hold Strotzer liable, due to a number of decisions by Germany's Federal Court of Justice, a referral was sent to the European Court of Justice ("the Court").  The Munich Court asked for interpretation on the meaning of the term "effective" as contained in Article 3(2) of the Copyright Directive in a scenario where the owner of a connection can escape infringement liability by simply pointing to a family member who might have had access to the internet connection.

Advocate General Opinion

In June 2018, Advocate General Marcej Szpunar advised the Court that EU law does not require a presumption of liability against the owner of an internet connection for copyright infringements committed via such a connection. However, Szpunar added that if national law provides for such a presumption to "ensure the enforcement of copyright" then national law needs also to provide for an effective counterbalance when it comes to other rights (such as privacy rights). Accordingly Szpunar concluded that certain provisions, such as the right to family and private life under Article 7 of the EU Charter of Fundamental Rights, should not be interpreted in a manner that would deprive copyright owners of protection (which itself is also protected in Article 17(2) of the Charter).

Court of Justice Decision

When the Court delivered its judgment on 18 October 2018, it held that the owner of an internet connection cannot escape liability simply by pointing to another family member who had access to the same connection. In doing so it decided, in light of the InfoSoc Directive's objective of providing for a high level of protection to copyright (as per Recital 9), together with the rules around injunctions from Article 8, that Member States need to provide appropriate measures sanctions and remedies for infringements. To do this the Court pointed to the need for an appropriate balance between copyright protection and fundamental rights (such as private and family life). 

If family members of an owner of an internet connection were to be granted an exemption from infringement, copyright enforcement would be rendered ineffective. The Court ruled that national legislation would be prohibited to the extent it allows an owner of an internet connection used for copyright infringement to escape liability merely by naming a family member who might have had access too.  However, this applies only when the owner has not provided any further details as to when and how the connection was used by the relevant family member. Crucially therefore the decision required a balance between privacy rights and intellectual property rights. 

In effect, the decision also represented a shifting of the onus onto the owner of an internet connection, as the Court of Justice indicated that further reasonable evidence would need to be presented before the appropriate balance could be struck.  Essentially therefore Strotzer could escape liability if he could provide further evidence that one of his parents was responsible for the audio book infringement.

Can Internet Providers be Liable?

The ruling comes at a time where internet providers in the United States, the EU and Ireland are again being directed to utilise graduated response systems ("GRS") to promote anti-piracy (such as 'three strikes') while questions continue to be asked as to whether internet intermediaries should be held liable for what their users upload and download. While previously in 2013 the Irish Government revised the law to hold internet providers accountable to industries reliant on intellectual property, including music and movie companies, the Court held in 2016 that internet providers generally cannot be held liable if a user uses a free connection to unlawfully download copyrighted content.  The Court also qualified this by allowing that copyright holders could seek injunctions and free internet connection services should always require users to reveal their identity. However more recently, the positions set out in the new draft EU Copyright Directive suggest there may be increased liability ahead for providers that are not sufficiently diligent with copyright enforcement.  This would be in line with the Strotzer decision granting copyright a high level of protection notwithstanding the right to private life under Article 7 of the EU Charter of Fundamental Rights.

User Monitoring

At the same time, under the General Data Protection Regulation ("GDPR"), companies need to take care before rolling out any programme involving user monitoring. While previously the 'three strikes' approach with Irish consumers had attracted concerns from the Data Protection Commission (as companies essentially monitor what users are accessing via their connection) the Supreme Court dismissed an appeal on this aspect in July 2013 under the previous data protection law. 

Therefore even with the Court holding that protecting copyright must be balanced with other rights (such as privacy) and a market practice of robust GRS deployment developing, the extent to which user monitoring practices can have a legal basis under the GDPR when used for preventing copyright infringement, remains to be seen.

Contributed by: Alex Towers

 

Twitter

 

Follow us on Twitter @WFIDEA and @WilliamFryLaw

Key Contacts

David Cullen Partner

Leo Moore Partner

John Magee Partner

Related Practice Areas

Related Industry