The Court of Justice of the European Union has found that the operator of an open WiFi network can not be held liable for infringements carried out by his users. The case involved Pirate Party member Tobias McFadden who was accused by Sony of enabling music piracy.

Countless individuals and businesses around Europe operate open WiFi networks, but what happens when those networks are used by third parties to infringe intellectual property rights?

Pirate Party member Tobias McFadden runs a lighting and sound system shop in Germany and as part of his customer service and marketing efforts, he’s been operating an open WiFi network. Six years ago, this policy landed him in trouble with a major recording label.

In 2010, McFadden received a claim from music company Sony who alleged that his open WiFi had been used to offer one of their albums online without permission.

Sony demanded a range of measures from McFadden, including preventing future infringement by password protecting the WiFi network, blocking file-sharing ports, and logging/blocking users sharing copyrighted content.

Sony also wanted to hold McFadden liable for third party infringement, which led to the case being referred to the European Court of Justice. Yesterday the court handed down its judgment and its largely good news for the Pirate Party member.

[T]he Court holds, first of all, that making a Wi-Fi network available to the general public free of charge in order to draw the attention of potential customers to the goods and services of a shop constitutes an ‘information society service’ under the directive on [electronic commerce],” the decision reads.

The Court further notes that in order for such ‘mere conduit’ services to be exempt from third party liability, three cumulative conditions must be met:

– The provider must not have initiated the transmission

– It must not have selected the recipient of the transmission

– It must neither have selected nor modified the information contained in the transmission.

“[T]he Court confirms that, where the above three conditions are satisfied, a service provider such as Mr McFadden, who provides access to a communication network, may not be held liable,” the judgment reads.

“Consequently, the copyright holder is not entitled to claim compensation on the ground that the network was used by third parties to infringe its rights. Since such a claim cannot be successful, the copyright holder is also precluded from claiming the reimbursement of the costs of giving formal notice or court costs incurred in relation to that claim.”

However, the decision did not go entirely McFadden’s way. In an effort to strike a balance between protecting a service provider from third party liability and the rights of IP owners, the Court ruled that providers can be required to end infringement.

“[T]he directive does not preclude the copyright holder from seeking before a national authority or court to have such a service provider ordered to end, or prevent, any infringement of copyright committed by its customers,” the Court found.

One such measure could include the obtaining of an injunction which would force an operator to password-protect his open WiFi network in order to deter infringement.

“In that regard, the Court nevertheless underlines that, in order to ensure that deterrent effect, it is necessary to require users to reveal their identity to be prevented from acting anonymously before obtaining the required password,” the ruling adds.

On a more positive note, the Court rejected the notion of monitoring networks for infringement or taking more aggressive actions where unnecessary.

“[T]he directive expressly rules out the adoption of a measure to monitor information transmitted via a given network. Similarly, a measure consisting in terminating the internet connection completely without considering the adoption of measures less restrictive of the connection provider’s freedom to conduct a business would not be capable of reconciling the abovementioned conflicting rights,” the Court concludes.

Commenting on the decision, Marietje Schaake MEP says the ruling could complicate plans for more open access to WiFi.

“This may lead to a lot of unnecessary red tape for every small business that currently offers free Wi-Fi. [President of the European Commission] Juncker’s plan to offer free WiFi in European Cities also just became a bit more complicated after this ruling,” Schaake notes.

“On a more fundamental level we must remain vigilant that copyright enforcement does not become a Trojan horse for ending online anonymity.”