Thursday, September 15th, 2016 (1:47 pm) - Score 2,052

The European Court of Justice (CJEU) has today ruled that operators of free (no password required) public WiFi hotspots cannot be held liable for copyright infringements (Internet piracy) committed by users on their networks, but there’s a password-attached catch.

Public (open) WiFi hotspots can be found all over the place, such as inside airports, cafes, libraries and even homes, but the long-running “McFadden case” in Germany had threatened to make such services more difficult to operate. However today’s outcome does still add a challenge over the need for password protection.

Tobias Mc Fadden originally operated a business selling and renting lighting and sound systems near Munich, in which he also offered a WiFi network accessible to the public. In 2010, a musical work was “unlawfully offered for downloading” via that Internet connection by a user of the service and the copyright holder, Sony, decided to pursue the operator.

Sony reasoned that Tobias Mc Fadden, the operator of said network, should accept “indirect liability” on the grounds that his Wi-Fi service had NOT been made secure. Sony obviously had no hope of finding the responsible user because, like many such hotspots, they didn’t leave any valid identifiable information.

The case eventually ended up before the CJEU and earlier this year the Court’s Advocate General (Szpunar) issued a non-binding opinion on the case, which stated that the “operator of a shop, hotel or bar who offers a Wi-Fi network free of charge to the public is not liable for copyright infringements committed by users of that network” (here).

Today the CJEU’s formal ruling has upheld that position and rejected Sony’s claim. The Court also appears to vindicate the right to privacy of communications, by precluding ISPs from undertaking general surveillance of user activities on their network in search of copyright-infringing content. Naturally the association of EU and UK ISPs (EuroISPA) is pleased.

Malcolm Hutty, EuroISPA’s Intermediary Liability Chair, said: “Today’s CJEU ruling further strengthens the consensus that copyright enforcement measures must be assessed in context of competing fundamental rights and the social good.”

However EuroISPA notes that the ruling still foresees the potential of injunctions obliging public WiFi operators to password protect their networks and obtain user identification before network access.

In this regard, EuroISPA says it is essential that national courts follow the finely-balanced reasoning of the CJEU, and order such injunctive relief only in those instances where there is demonstrable and serious risk of repeat infringements.

Mind you it’s worth considering that even password protecting such networks is not in itself a solution because it’s still very easy to simply enter fake details.