The Pirate Bay and Inducement in EU Copyright – AG’s Opinion in C-610/15 Stichting Brein

The Pirate Bay is an online index of torrents which the users can access to search and obtain files downloadable through BitTorrent clients. The operators were subject to criminal and civil proceedings in Sweden in 2009 and the site remains controversial and blocked in some jurisdictions.

The case concerns a Dutch foundation for the protection of intellectual property rights – Stichting Brein – and two main Dutch Internet providers. Stichting Brein applied to courts under Article 8(3) of Directive 2001/29 asking them to order the two ISP providers to block access to The Pirate Bay, arguing that The Pirate Bay website is used primarily for large-scale copyright infringement.

In November 2015 the Dutch Hoge Raad referred the following question to the CJEU:

Is there a communication to the public within the meaning of Article 3(1) of the Copyright Directive 1 by the operator of a website, if no protected works are available on that website, but a system exist … by means of which metadata on protected works which is present on the users’ computers is indexed and categorised for users, so that the users can trace and upload and download the protected works on the basis thereof?

If the answer to Question (1) is negative:

Do Article 8(3) of the Copyright Directive and Article 11 of the Enforcement Directive 2 offer any scope for obtaining an injunction against an intermediary as referred to in those provisions, if that intermediary facilitates the infringing acts of third parties in the way referred to in Question 1?


The Hoge Raad is essentially asking about liability of operators of P2P indexing sites for copyright infringements ensuing from the use of these sites. Although a casual reader might first think of the limitation of liability for intermediaries which both the EU and US laws provide, the case concerns not providers as intermediaries but providers as primary infringers. In other words, the question is not about whether the ISPs can be insulated from liability for somebody else’s actions1 but whether the site indexing these torrents itself is participating in the infringement.

In the United States, the Supreme Court addressed this issue in the well-publicised 2005 MGM v Grokster case, where it ruled that a service which induces infringement cannot shield itself from copyright infringement claims2. A service which does have substantial non-infringing uses and does not induce, however, could. European law is not unison on the substantive aspects of inducement or indirect infringement (with various Member States’s law applying somewhat different standards) but it is on the ability to use generic injunctive relief. Such relief is allowed under Article 8 of the Copyright Directive and Section 4 of the Copyright Enforcement Directive. In the 2010 Scarlet Extended and Sabam cases, though, the CJEU ruled that generic indiscriminate filtering injunctions were not allowed under EU law but did not exclude targeted filtering.3

The Stichting Brein case is interesting for two related yet different reasons. The first question referred is asking if the operators (The Pirate Bay) themselves are the originators of the infringement. In other words, this question is not whether the operator could avail itself of the E-Commerce Directive ISP liability insulation but whether the operator is one of the perpetrators. In order to answer that, the Court has to look into whether the operator (indexer) is making the works available or not (Article 3 of the Copyright Directive). The second question asks if, in the case where they are not perpetrators, an injunction could still be made against them ordering them to block the content which the indexer makes available. The first question is, therefore, essentially about The Pirate Bay while the second targets the ISPs.

In answering the first question, the AG Szpunar emphasises that operators of The Pirate Bay are merely indexing the content and not actually putting it online for downloading4. On the other hand, it is equally clear that the works would either be unavailable or very difficult to obtain had it not been for The Pirate Bay’s intermediation.5 For that role to be fulfilled, the operator must have actual knowledge of the infringement.6 In light of that, the AG answers the first question as follows:

The answer to the first question referred for a preliminary ruling should therefore be that the fact that the operator of a website makes it possible, by indexing them and providing a search engine, to find files containing works protected by copyright which are offered for sharing on a peer-to-peer network, constitutes a communication to the public within the meaning of Article 3(1) of Directive 2001/29, if that operator is aware of the fact that a work is made available on the network without the consent of the copyright holders and does not take action in order to make access to that work impossible.

This result is neither surprising nor inconsistent with the Court’s previous case law nor with what has hitherto been said in courts in the EU7 or in the United States. In fact, using different legal concepts and a somewhat different language, AG Szpunar reached the result which is, in substance, in line with the US Supreme Court’s MGM Grokster decision.

The second question is, in essence, about obtaining a blocking injunction through Article 8(3) of the Copyright Directive of a service which does not communicate to the public. Since the AG suggests an affirmative answer to the first question (i.e. that The Pirate Bay is an infringer), the available injunctions are somewhat wider and there would no need to use Article 8(3), which is specifically targeting ISPs.8 The CJEU had already said in UPC Telekabel Wien that Article 8(3) allows injunctions againstinfringing operators where the order “does not specify the measures which [the] access provider must take and when that access provider can avoid incurring coercive penalties for breach of that injunction by showing that it has taken all reasonable measures”. In the AG’s opinion, however, this only covers the infringing operators which The Pirate Bay may, at this stage, not be. Article 8(3) presupposes a link between subject of the injunction and a direct copyright infringement.9 In addition to that, it is also necessary that such an injunction does not violate fundamental rights.10 Crucially, however, if the infringement is only indirect, it falls under national law, since indirect copyright infringements have not been harmonised at EU level. The AG, therefore, leaves the matter to national courts, suggesting that Article 8(3) allows injunctions

against an intermediary ordering it to block access for its users to an indexing site of a peer-to-peer network, if the operator of that site can, under national law, be held liable for copyright infringements committed by users of that network, provided that measure is proportionate to the significance and seriousness of the copyright infringements committed, which is a matter for the national court to determine.

This part of the Opinion is also not particularly controversial since it has long been clear not only that injunctive relief in national law is available but also what the outer EU boundaries of such relief might be. The only change that this Opinion brings, should it be adopted, is to clarify the limits of Article 8(3) in cases where it is not expressly clear that the indexing website is itself infringing.

Overall, the case brings the EU law one step closer to the American position and provides extra clarity for what has long already been the practice in national courts. After this case, it becomes clear that indexing services, such as The Pirate Bay, might very well be considered to be primary infringers, just as the Swedish court originally held in 2009.

  1. Nor about whether the users posted illegal torrent links – presumably they had.
  2. Grokster had marketed itself openly as the successor of the recently shut down Napster service.
  3. See UPC Telekabel Wien CJEU case here.
  4. Paragraph 51 of the Opinion.
  5. Paragraph 50.
  6. Paragraph 52.
  7. For Swedish case see
  8. He is answering the question, anyway, on the assumption that the Court might not agree with him on the first question.
  9. Paragraph 64.
  10. Paragraphs 71-83.

The New ePrivacy Regulation – Complex and Obscure Rules

In December 2016, a proposal for the new ePrivacy Directive was leaked. The final proposal was published on January 10, 2017 (text and impact assessment, Commission’s summary) The important document, which has an impact on a wide range of issues (cookies, spam, advertising and metadata, for example) is already causing the Internet to resonate with comments (see here, here, here and here).

The original 2002 Directive (see consolidated version) has always been a peculiar instrument. It is technically part of the 2009 telecommunications package (see the proposed 2016 reform), and therefore also part of the carrier layer of regulation1. On the other hand, it always also had an impact on the content of the Internet, since it regulated spam and cookies, and general security of electronic data. In addition to that, the ePrivacy Directive is a bolt-on instrument to the 1995 Data Protection Directive, which is the main instrument regulating privacy of individuals on the net (itself reformed with the proposal for a General Data Protection Regulation – GDPR). The 2002 Directive was meant to complement the 1995 Directive and “refresh” it for the digital age and the 2017 Regulation continues this connection with the GDPR.

The Proposal does not fundamentally change the setup provided in the ePrivacy Directive but brings in a number of significant changes, somewhat increasing privacy protection.

The basic rule is confidentiality of communications (Article 5). This rule is then subject to various modifications and exceptions scattered trhoughout the Regulation. Article 10 requires privacy-by-design for software, meaning that new software ought to default to increased privacy settings upon installation.

In terms of the type of instrument used, the Directive becomes a Regulation, thus reducing the manoeuvring space that Member States might have (for transposition problems with the existing Directive and inconsistencies in Member States’ implementation, see here).

The scope of the Regulation is wider than that of the Directive and matches GDPR. Article 3 of the Proposal specifies that it applies “in connection with the provision of electronic communications services” in the EU, irrespective of whether they are processed in the Union or not. In addition to this, it applies to all services located out of the EU but targeting end-user in the EU. This is consistent with the extended scope of application of GDPR.

The Regulation prohibits collection of metadata but contains a full page of exceptions. It does not directly address the high-profile problem of state-mandated ‘snooping’ (for that, see C-203/15 Tele2).

In terms of cookies, the Directive (Article 5(3)) had drawn a lot of criticism in respect of its demand that clear prior consent be given for all ‘cookies’ stored on the machine. In practice, this resulted in annoying popups alerting the users of ‘cookies’. The info was mostly ignored and the Proposal now has what the Commission calls a more sensible approach (Article 8) but what is, in effect, a markedly more complicated one. The article has two basic rules, with six basic exceptions and other modifying rules elsewhere in the text. In addition to that, Article 9(2) says that “consent may be expressed by using the appropriate technical settings of a software application”. This means that a software setting (e.g. in a browser) ought to be interpreted as consent or lack thereof.

Article 16 reinforces the rule that unsolicited communication could only be received by those who have given their consent (opt-in). The article applies to any “services, i.e. email, SMS, instant messaging, etc, a change compared to Article 13 of the ePrivacy Directive which only applied to electronic mail.

While it is true that the Regulation is a result of the REFIT simplification process, the end product is anything but simple. This is for four reasons. First, the Regulation must be read in conjunction with GDPR, itself a lengthy and complex instrument. Frequent cross-references do not make things easier and neither does the obsure technical language. Second, the Regulation is still standing with one foot in the carrier and the other in the content world, each of which is subject to different rules. Third, the interplay of various issues it regulates (data, metadata, different types of consent, lots of exceptions) makes interpreting it a difficult task even for experts. Fourth, the lack of clarity on fundamental issues (metadata collection is prohibited – except when it is allowed, cookies may or may not require consent, metadata should not be collected – unless one of the broad exceptions exist, unsolicited communication is banned but the reality of advertising is not taken into consideration…)

In view of this author, the new Regulation will intensify the problems, not eliminate them.

  1. Content vs carrier: the laws applying to the carrier layer regulate the networks and telecommunications services (cables, wires, spectrum, etc). The laws applying to the content layer regulate the content that flows on these wires (media rules, e-commerce, copyright, etc.)

CJEU Confirms – No General Data Retention Allowed

On 21 December 2016, an important decision came from the Court of Justice of the European Union (CJEU). In joined cases, C-203/15 Tele2 Sverige AB v Post-och telestyrelsen and C-698/15 Secretary of State for the Home Department v Tom Watson and Others, (full case and press release) the court ruled against general data retention while allowing it in specific and controlled conditions. It said:

EU law precludes a general and indiscriminate retention of traffic data and location data, but it is open to Members States to make provision, as a preventive measure, for targeted retention of that data solely for the purpose of fighting serious crime, provided that such retention is, with respect to the categories of data to be retained, the means of communication affected, the persons concerned and the chosen duration of retention, limited to what is strictly necessary. Access of the national authorities to the retained data must be subject to conditions, including prior review by an independent authority and the data being retained within the EU.

The present judgment is a continuation of a saga that goes back to September 11, 2001. In the wake of the attacks on the United States, the governments on both sides of the Atlantic introduced measures to combat the perceived threat of terror. Among these measures were the EU 2006 Data Retention Directive. The directive required storing of telecommunications data for a period between 6 and 24 months. The data stored was ‘metadata’, i.e. information on what was accessed on the Internet or what telephone numbers have been dialled and when, not the actual copies of information.

In joined cases C-293/12 and C-594/12 Press and Information Digital Rights Ireland and Seitlinger and Others (press release available here), the Court declared the Directive to be invalid, saying that it

entails a wide-ranging and particularly serious interference with the fundamental rights to respect for private life and to the protection of personal data, without that interference being limited to what is strictly necessary

The main argument for invalidation was that the Directive was not compatible with the European Convention on Human Rights (ECHR). The result was only that the 2006 Directive had been made invalid, but nothing specific was said about whether Member States’ data retention laws are incompatible with other EU laws.

Following the invalidation of the 2006 Directive, a number of Member States retained laws that operated, essentially, on the basis of the Directive. In Sweden, the law required operators of electronic communications services to retain traffic and location data while laws in the UK required data retention for periods up to 12 months. The two joined cases referred to here relate to Swedish and UK laws, respectively.

Since the directive which provided a basis for data retention had been made invalid, the fallback provision is Article 15 of the ePrivacy Directive, which allows for rules of the 1995 Data Protection Directive to be derogated from when required by “national security (i.e. State security), defence, public security, and the prevention, investigation, detection and prosecution of criminal offences”. The question referred to CJEU by the Swedish court asks, essentially, whether general data retention obligation (i.e. an obligation to retain all data, without a specific purpose of threat) is compatible with Article 15 and with Articles 7 and 8 and Article 52(1) of the Charter of Fundamental Rights. If the answer is no, the second question asks whether retention may be, nevertheless, permitted in certain specific cases (“targeted retention”). The UK court’s reference is conceptually slightly different. It is asking if the 2014 Digital Rights Ireland judgment (invalidating the 2006 Directive) also introduces “mandatory requirements of EU law applicable to a Member State’s domestic regime governing access to data retained in accordance with national legislation, in order to comply with Articles 7 and 8 of the Charter.”

The Court ruled that Article 15 of the ePrivacy Directive, read in light of Article 7, 8 and 11 of the Charter, precludes

general and indiscriminate retention of all traffic and location data of all subscribers and registered users relating to all means of electronic communication.

Ruling on where and how such retention may still be legal, it said that this is so

where the objective pursued by that access, in the context of fighting crime, is not restricted solely to fighting serious crime, where access is not subject to prior review by a court or an independent administrative authority, and where there is no requirement that the data concerned should be retained within the European Union.

In other words, general data retention is illegal, specific data retention is allowed in cases where serious crime fighting requires so, where there is judicial oversight and where such data is not transferred out of the EU.

The main position of the Court is that, absent specific legislation on data retention, the provisions of the ePrivacy Directive must be interpreted narrowly. In analysing the case, the Court pointed out that the conditions of Article 15 of the ePrivacy Directive are exhaustive. Any derogations from the rules protecting privacy must apply only in so far as is strictly necessary. Only the objective of fighting serious crime justifies derogations from general data protection requirements and then only with proper court oversight. Since general data retention does not contain a proper link between data retained and a threat to public security, such retention does not satisfy the conditions. The Court does not preclude data retention in general but allows targeted retention under the conditions discussed.

There is no doubt that the most important point that the CJEU is making is that proper judicial oversight is needed in all cases where government proposes to undermine basic constitutional rights and EU-based privacy rules. As such, the decision is not surprising and is a continuation of the arguments put forward in the Digital Rights case. The decision will have significant impact on the just-adopted UK 2016 Investigatory Powers Bill, which has been heavily criticised.

EU Consumer Summit 2016 – to What Extent is EU Consumer Law in Need of Reform?

The EU prides itself on having robust consumer laws. This is a result of decades-long development and a intelligent but gradual changes in policy direction. The legislation is comprehensive, covering a range of consumer situations and is slowly drifting towards full harmonisation. The key laws in this area are the 2011 EU Consumer Rights Directive, the 2005 Unfair Commercial Practices Directive and the 1993 Directive on Unfair Terms in Consumer Contracts. Both the 2011 CRD and the 2005 UCP directives are full harmonisation instruments.

Contrary to many other areas of EU, cyberlaw which are currently subject to comprehensive reviews (in particular privacy, copyright and telecommunications), consumer law is not in need of fundamental reform, a sentiment which the EU officials repeat often. The 2016 EU Consumer summit takes place in the sign of the EU’s REFIT program, which is an initiative to make EU laws simpler and less costly. As part of the REFIT, the Commission is conducting a “Fitness check”, which is a comprehensive policy evaluation aimed at making sure that legislation is fit for purpose. The result will not be the scrapping of present laws but their gradual adjustment. The 2016 Fitness check of EU consumer laws will be complete by May 2017.

The Fitness check covers the following directives:

• Directive 2005/29/EC, Unfair Commercial Practices Directive

• Directive 1999/44/EC, Sales and Guarantees Directive

• Directive 93/13/EEC, Unfair Contract Terms Directive

• Directive 98/6/EC, Price Indication Directive

• Directive 2006/114/EC, Misleading and Comparative Advertising Directive

• Directive 2009/22/EC, Injunctions Directive

During the summit’s opening session, some key points have been put forward:

  • First, three areas which the Commission itself believes action ought to be taken in are: the 1) simplification of consumer requirements, 2) commercial practices and contract terms and3) effectiveness of the injunctions procedure.
  • Second, consumer protection as a policy goal ought to be at least as important as increased growth or competitiveness (Evelyne Gebhardt, MEP).
  • Third, there is a belief that, because consumers are usually not familiar with their rights, these may as well be scrapped. Instead, better education and increased enforcement ought to lead to better understanding among consumers and more trust (Evelyne Gebhardt, MEP).
  • Fourth, the biggest weakness in the present framework are problems with enforcement and compliance. Improving EU laws, therefore, does not mean more laws but better enforcement of present laws (Monique Goyens, BEUC).
  • Fifth, small and medium enterprises have not influenced the creation of the EU consumer acquis in the 90s and ought to play a more prominent role (Luc Hendrickx, UEAPME).

The workshops on the three issues presented reported as follows:

  • The first workshop concluded that 2011 Consumer Rights Directive is adequate and full harmonisation of information requirements should be maintained. Improvements can be made by avoiding duplication of information, better enforcement of existing rules, and better presentation of information. Transparency of information requirement for platforms should be improved, plain language used and less technical info provided. Price indication also needs to be improved.
  • The second workshop looked at UCP Unfair Contract Terms directives and concluded that there is support for an EU-wide black-list backed by principles, as is presently the case, but also indicated a need for improvement in a number of areas. Among others, this included a need for harmonised civil remedies, better enforcement, and streamlined information requirements. The workshop also recommended extension of UCP Directive to B2B transactions, which would particularly benefit SME enterprises.
  • The third group looked at the effectiveness of the injunctions procedure. It concluded that national varieties of the injunction procedure are working well. On the other hand, improvements could be made in reducing costs and clearer minimum standards.

Overall, someone following the debate would conclude not only that EU consumer acquis is not in need of a thorough reform but could also hear very specific suggestions about how it could be fine-tuned. This author agrees but cannot escape the impression that some of the important dilemmas have not been addressed.

First, to what extent is data protection legislation not just a complement to consumer laws but their replacement? The significantly stricter data protection rules might achieve what poorly enforced consumer protection rules do not. Second, little was said about alternatives and soft law. While enforcement of consumer law is a long-term problem, the issue is also about alternatives to solutions which do not work. Since we know that legally mandating the display to consumers of the endless terms-of-use which they do not read does not work, what alternative solutions might we find? We need to learn from the industry examples that work and this requires field research and cooperation. Finally, the EU paradigm of “weaker consumer” has put the EU at the forefront of consumer protection in the 80s and the 90s but that paradigm may no longer be adequate for the Internet-of-Things data-driven economy of this decade and the next. What is, therefore, needed is not fine-tuning but a complete rethinking of both that paradigm and how consumers are treated in non-consumer branches of EU law.

The 2016 EU Copyright Reform – A Summary

The Commission published today (14 September 2016) its long-awaited copyright reform. The proposal, which is followed by a communication, consists in a:

  • proposed Directive on Copyright in the Digital Single Market,
  • proposed Regulation on copyright in online broadcasting,
  • two proposals (a directive and a regulation) affecting disabled users

The reform also contains an impact assessment documentand a document on the evaluation of the 1993 Satellite and Cable Directive.

The proposals, some of which have been leaked, have already been widely criticised (see our own post, also see here, here and here). The essence can be summarised as follows:

A new neighbouring right for news publishers has been created. In essence, any use of news produced by news sites that is not otherwise covered by exceptions would need to be cleared. Although the preamble 33 does say that the new right “does not extend to acts of hyperlinking which do not constitute communication to the public” the Proposal does not define when a hyperlink (and the potential accompanying snippet of news) is a communication to the public. The present case law (see my post on the new GS Media case here) is not sufficiently clear on that point either. At present it is possible to interpret it to mean that linking to a legally available copyrighted news article is not a new communication to the public. On the other hand, the language used in the GS Media case, as well as the fact that GS Media has been decided before the Proposal was made public, lead us to believe that hyperlinking og a Google News or Twitter-type site, with the news snippet being displayed, will be an act of communication to the public. This is hugely detrimental to the development of a free, democratic and efficient Internet. In addition to that, disastrous experience from Spain and Germany, prove without doubt, that such ideas are counterproductive.

Content-filtering of user-generated content has also been proposed in Article 13. The proposal applies to “information society service providers storing and giving access to large amounts of works and other subject-matter uploaded by their users ”. The proposal here demands that information society service providers enter into licensing agreements with rightholders and introduce adequate content recognition technologies. The idea is that licensing agreements and filtering need to be introduced where information society service providers do not benefit from the hosting exception from Article 14 of the E-Commerce Directive (Recital 38 of the Proposal). This might signify that the intention is not to force licensing and filtering in all cases where material is hosted but only where ISSs are performing an act of “communication to the public” or, in other words, where they are not playing an “active role” and, at the same time, do not qualify for the safe harbor of Article 14. It is not explained in the Proposal what these situations might comprise since typical user-generated sites do qualify for Article 14 safe-harbor. Moreover, Article 15 of the E-Commerce Directive says that Internet Service Providers are under no obligation to actively monitor content on the Internet. In addition to that, the CJEU SABAM case (interpreting the E-Commerce, the Copyright and the Copyright Enforcement Directives) says that filtering cannot be indiscriminatory. Contrary to both of these, the proposal demands that ISP

prevent the availability on their services of works or other subject-matter identified by rightholders through the cooperation with the service providers. Those measures, such as the use of effective content recognition technologies, shall be appropriate and proportionate.  

The proposed Article, in its present form, is both incoherent and contrary to the existing EU law (on why it may have serious consequences for the “communication to the public” see here). There is no reason whatsoever why the Commission should set out to change the regime which has functioned relatively well. Copyright violations which are properly notified to the user-generated sites in the present regime are already covered in the E-Commerce Directive. In addition to that, EU directives as well as CJEU cases accept the ability to use national restraining injunctions. It makes no sense to demand the introduction of expensive content recognition technologies which only large companies can properly pay for and implement.

The third part of the proposal relates to cross-border online broadcasting. The general idea here is to establish a regime where broadcasters (in ancillary online services which are broadcast simultaneously with terrestrial transmissions) only need to clear the rights in the state where the broadcaster is established. This does not apply to video-on-demand, though, which is still under the general system of clearances.

Overall, the proposed changes seem mostly incoherent and do not address the reforms which are really needed (copyright exceptions, technical measures of protection, collective rights management…)

The 2016 EU Telecommunications Reform – A Summary

On September 14, the EU unveiled proposals for its new telecommunications reform. In the coming weeks we will provide a more detailed comment on some aspects of these proposals but here is a quick summary of what it contains and what it does:

  1. The last big telecoms reform took place in 2009 (the consolidated version can be found here). The latest attempt to make changes to this took place in 2015 with the so-called “Connected Continent” regulation which really only did two things: clarified the rules on net neutrality and introduced a system for gradually getting rid of the roaming charges.
  2. The Commission is dealing with relatively serious problems: lack of investment, fierce competition between the incumbents and the disruptive OTTs, large discrepancies in Internet (both broadband and mobile) availability, penetration and use between the poorer and more developed parts of the EU, convergence between content and carrier…
  3. The new plan sets as its goals the access to extremely high gigabit connectivity to all socio-economic drivers, download speeds of at least 100Mbit for households and uninterrupted 5G coverage for all urban areas.
  4. The first link in enabling the huge investments which are needed for this is the proposed European Electronic Communications Code (EECC Directive). The Directive is horizontal recasting of the already existing Framework, Access, Authorisation and Universal Services directives (their 2009 versions). This means that these four directives will, from the date of adoption, cease to exists and be subsumed under one unified Directive. After the 2002 and 2009 reforms, this would create the third big EU telecoms reform. In order to understand the changes in the proposal, one needs to be somewhat familiar with the operation of the previous regime. Overall, the rules are simplified:

The Code will apply market regulation only where end-user interest requires it and where commercial arrangements between operators do not deliver competitive outcomes. The new Code substantially reduces regulation where rival operators co-invest in very high-capacity networks and makes it easier for smaller players to be part of investment projects, thanks to the pooling of costs, the overcoming of scale barriers, etc. New rules make the investment case more predictable for “first movers” who take the risk to invest in those networks in less profitable areas, such as rural areas.

Additionally, the proposal increases consumer protection and makes better use of radio frequencies.

  1. The Commission also presented an action plan for 5G deployment. The plan presents a calendar for coordinated EU 5G launch in 2020.
  2. The WiFi4EU initiative aims at helping European communities offer free Wi-Fi access points to all.
  3. The role of both national agencies and BEREC had been reinforced in the EECC proposal and a new proposed BEREC regulation.

It is, at present, difficult to say how deep the reform goes or what its impact might be. Keep an eye on this space.

Hyperlinking and CJEU: a comment on the GS Media decision

The Copyright Directive, which in Article 3 protects the rightholder’s right of communication to the public, is silent on whether hyperlinking constitutes such a right. This has given the Court of Justice ample opportunity to clarify the situation.

In Svensson, the Court dealt with an aggregator website providing links to newspaper articles located on another site. The articles were provided free of charge on the original site but the rightholders argued that the aggregating site profited from them in their own right without paying proper compensation. The Court took the position that

the provision on a website of clickable links to works freely available on another website does not constitute an ‘act of communication to the public’

It did emphasise, however, that hyperlinking to works protected by paywalls and similar restrictions would constitute communication to the public since a ‘new public’ to which the work is communicated would exist in this case. The case, although bringing clarity to the issue of linking to an already published and available copyrighted work, left open the question of very prevalent hyperlinking to works that are both protected and published without the author’s consent.

The Court had an opportunity to decide this issue in BestWater, which was about linking through a frame on a website to some illegally posted YouTube videos. The Court concluded that

The mere fact that a protected work, freely available on an internet site, is inserted into another internet site by means of a link using the ‘framing’ technique cannot be classified as ‘communication to the public’ since the work at issue is not transmitted to a new public or communicated a specific technical method different from that of the original communication.

Here, just like in Svensson, the Court did not address the issue of whether the poster’s good faith or financial gain played any role.

This changed in GS Media case, which was decided on September 8, 2016. The case involved the GeenStijl website, which is relatively widely read in the Netherlands. An article had been posted on the site which contained a hyperlink to photos hosted on the third party website (Filefactory). The photographer granted exclusive authorisation to use the photos to Sanoma company and they took action against both Filefactory (which removed them) and Geenstijl. The case, thus, involved hyperlinking to material under protection to which the right holder did not grant authorisation. The photos under consideration were, at the point when the case commenced, not available otherwise.

The Court recognises in paragraph 45 the freedom of information role which the hyperlinks play:

      In that regard, it should be noted that the internet is in fact of particular importance to freedom of expression and of information, safeguarded by Article 11 of the Charter, and that hyperlinks contribute to its sound operation as well as to the exchange of opinions and information in that network characterised by the availability of immense amounts of information.

It further remarks that it may be difficult for a user to ascertain whether the material hosted elsewhere, to which they linked, is illegally posted or not. On the other hand, when hyperlinking is not carried out for profit, it is essential that the poster does not know and cannot reasonably know, that that work had been published on the internet without the consent of the copyright holder. A communication to the public will, therefore, always exist where the poster has been notified (presumably by the rightholder) of the protected nature of the work but they decide to link to it anyway (paragraph 49) as well as where the link allows protective restrictions to be circumvented (paragraph 50).

Paragraph 51 introduces a rebuttable presumption that the person who acts for profit and who hyperlink with the full knowledge of the protected nature of the work. Such persons are allowed to challenge that presumption but, obviously, cannot do so where the illegal nature of the links was precisely the biggest marketing point (as it was in case of GS Media company).

Paragraph 53 states that

Such an interpretation of Article 3(1) of Directive 2001/29 provides the high level of protection for authors sought by that directive. Indeed, under that directive and within the limits set by Article 5(3) thereof, copyright holders may act not only against the initial publication of their work on a website, but also against any person posting for profit a hyperlink to the work illegally published on that website and, under the conditions set out in paragraphs 49 and 50 of the present judgment, against persons having posted such links without pursuing financial gain. In that regard, it should in particular be noted that those rightholders, in all cases, have the possibility of informing such persons of the illegal nature of the publication of their work on the internet and of taking action against them if they refuse to remove that link, and those persons may not rely upon one of the exceptions listed in Article 5(3).

This means that copyright holders are allowed to go after the primary infringer as well as the link poster who knows or ought to have known or who circumvents protective measures. The exceptions of Article 5(3) do not have the capacity to excuse such an infringer. Effectively, this means that a notification triggers a take-down procedure whereby a hitherto bona fide linker loses the good faith.the moment the notification is received.

The final decision is stated thus:

in order to establish whether the fact of posting, on a website, hyperlinks to protected works, which are freely available on another website without the consent of the copyright holder, constitutes a ‘communication to the public’ within the meaning of that provision, it is to be determined whether those links are provided without the pursuit of financial gain by a person who did not know or could not reasonably have known the illegal nature of the publication of those works on that other website or whether, on the contrary, those links are provided for such a purpose, a situation in which that knowledge must be presumed.

What can be inferred from this judgment?

  • first, hyperlinking to a work with the full knowledge of the lack of a rightholder’s consent, or by circumventing any protective mesures, constitutes communication to the public, irrespective of whether hyperlinking is carried out for profit or not.
  • second, knowledge is presumed in cases of those who link for profit but they can rebut this presumption.

So, the two elements, financial gain and knowledge, are combined in such a manner than financial gain increases the burden of proof for the for-profit linker. The not-for-profit linker must still be unaware of the illegal nature and the mere fact that they did not profit financially from hyperlinking does not, in the presence of bad faith, change the situation.

There are two problems with the Court’s approach and both of them have to do with the financial nature of the activity in question.

First, the financial nature of the “for profit” hyperlinking is neither defined nor properly discussed. The term used is not the more common “commercial gain” – which would mean an operation on a larger scale. A private person operating a website which uses some form of advertising could, according to the GS Media court, be judged to be acting “for profit”.

Second, it is not clear why a financial element ought to be part of the decision concerning whether something constitutes communication to the public or not. Whereas it is true that the Court made good faith a central criterion and the pursuit of financial gain is just a clarifying one, it is still true that persons acting without financial gain are in a better position. This is puzzling for works have either been communicated to the public – i.e. new public had been found and this public gained access to the works – or they have not. The financial nature of the poster’s work has nothing to do with the number of people who have gained extra access to the work (although it very well may have to do with the amount of damages which will be awarded in the ensuing tort case).

It seems that potentially problematic hyperlinking covered in EU case law now falls into three categories:

  • the first are hyperlinks to protected material legally available elsewhere (e.g. links to news articles). These links, as per Svensson, are not communication to the public since no new public is gained
  • the second are hyperlinks to material behind protective walls (e.g. paywalls). Linking to these would, as in Svensson, constitute communication to the public.
  • the third, covered in GS Media, are hyperlinks to any other material not available elsewhere (e.g. movies, photos or music) but not involving the act of cracking a protective measure. In this case, the decisive element is the linker’s good faith combined with the financial nature of the case.

It is to be noted, however, that the recent leaked proposal for a Copyright Directive in the Digital Single Market, attempts to create a neighbouring right for news publishers. This grants the right of communication to the public to the news outlets and would potentially severely limit the scope of the first of the three situations outlined above.

Finally, the Court’s insistence on the subjective element as well as its clear warning from paragraph 53 may, in fact, have created a new form of notice-and-takedown procedure for hyperlinks.