Establishments that provide Wi-Fi may be forced to secure it with a password
A recent judgment by the Court of Justice of the European Union has held that although the owner of a Wi-Fi network through which contents that infringe copyright are shared is not liable for such actions, it can be required to “password-protect” the internet connection in order to verify the identity of the persons that use it.
Accessing the internet through a Wi-Fi network has become a supplementary but essential service that is both demanded and also highly valued by customers. It is a key service in the hotel industry and, as such, is offered by all hotel categories. However, up until now there had been no control over the use that customers made of this Internet access service, which may at times infringe copyright, such as the illegal download of a film, for example.
In its recent judgment of September 15, 2016, which related to just such a case, Court of Justice of the European Union (CJEU) has vaguely determined the liability of a Wi-Fi network owner due to the use made by users.
Mr. Tobias McFadden runs a lighting store in Germany, in which he installed a Wi-Fi network, accessible to all users, in order to attract more customers.
The network was used by an unknown user to download a musical work unlawfully, infringing the intellectual property rights of the producer of the song. On discovering what had occurred, the producer formally required the network owner to prevent such conduct and brought a legal proceeding that led to several questions being submitted to the CJEU for a preliminary ruling.
The Court’s arguments
Wi-Fi network owners which offer access to such networks are information society service providers.
The court firstly determined that Mr. McFadden, as an information society service provider, is covered by the exemption from liability in force in the EU for such providers in respect of the information transmitted via his network. His position as such is irrespective of whether the service (Internet access through an open wifi network) is provided without receiving direct remuneration, because it was considered that the service was provided for the purposes of advertising the products sold by McFadden in his store and that the cost was implicitly incorporated in the price of those products.
In order to benefit from this exemption, the transmission of the information by the provider must be of a technical, automatic and passive nature and he must have no control over it.
The owner of the infringed copyright may request that a competent body order the protection of the Wi-Fi network by means of a password.
The court addressed how to ensure the protection of the copyright that is being infringed by using an open Wi-Fi network, while at the same time striking a fair balance with the right of freedom to conduct a business of the service provider and the right to information of users of the network. It ruled out the possibility of the network operator examining the information transmitted and verifying the identity of the possible infringers, as well as that of cutting off the connection, because it is not a proportionate measure.
However, a competent court may, at the request of the copyright holder, order the service provider to put balanced measures in place to avoid the infringement, for example, by “password-protecting” the network with users being required to reveal their identity in order to obtain the password.
Therefore, the copyright holder may not require a Wi-Fi network access provider, for example a hotel, to pay damages for the infringement of its rights by a third party who uses the connection offered. However, it may ask a competent court or tribunal to order the password-protection of the network, in order to prevent the infringement continuing.
In short, it is not just security reasons that make it advisable to always protect a Wi-Fi network by offering a password to recipients of the service.
Garrigues Intellectual Property Department