Limited liability for free Wi-Fi access (Case C-484/14, Mc Fadden v Sony Music)

By Justin Jütte

The civil liability of intermediary service providers remains a hotly debated topic in EU law, especially in relation to infringement of intellectual property rights (IPRs). Whereas the Information Society Directive (Directive 2001/29/EC), as well the IP Enforcement Directive (2004/48/EC) provide that owners of IPRs can, in principle, request injunctions against intermediaries, the E-Commerce Directive (Directive 2000/31/EC) exempts certain intermediaries from indirect liability under certain, well defined circumstances. The present case raises questions as to the scope and interpretation of Article 12 of the E-Commerce Directive, in particular with regard to fundamental rights. Concretely, the referring court in Tobias Mc Fadden v Sony Music Entertainment Germany GmbH asks under which circumstances and to what extent operators of publicly accessible Wi-Fi networks can be held liable for infringements of works protected by copyright, and what type of injunctions can be ordered against such operators.

The facts

On 16 March 2016 Advocate General (AG) Szpunar delivered his Opinion in Tobias Mc Fadden v Sony Music Entertainment Germany GmbH. The applicant, Mr Mc Fadden, runs a store for lighting and sound systems and offers his customers free access to a Wi-Fi network. Sony Music is the owner of the rights to a musical work, which was offered for download through the network owned by Mr Mc Fadden. Sony Music served the applicant with a formal notice of the infringement. Arguing he did not exercise control over the network, and that he did not commit an infringement in relation to the musical work, Mr Mc Fadden sought negative declaration from the Munich Regional Court. Sony Music opposed this action with a counterclaim, seeking an injunction and damages. When Mr Mc Fadden failed to appear in front of the court, the Munich Regional Court dismissed his application and upheld Sony Music’s counterclaim. The Court granted an injunction against Mr Mc Fadden and ordered him to pay damages and the costs of the formal notice due to a direct infringement. Mc Fadden appealed against the default judgment by claiming that he could not be held liable under Article 12(1) of the E-Commerce Directive as implemented into national law. The German Court referred a total of nine questions to the CJEU, stating also that it considers holding the applicant liable, not for a direct but an indirect infringement copyright, as Mr Mc Fadden made a network connection available to the public without securing it.


The questions

The first set of questions (1-3) seeks to clarify whether the operator of a free Wi-Fi network, who operates the network only as an ancillary activity to its main business, falls within the scope of the liability exemption of Article 12 of the E-Commerce Directive. The second set of questions (4-8) inquires about the exact scope of the exemption. The final question (9) concerns the limits of possible injunctions. The AG helpfully grouped the nine questions of the Munich Court into three categories, which significantly facilitates the understanding of the relevant problems.

The scope of Article 12 of the E-Commerce Directive

Article 12 exempts the provider of an information society service (ISS) “that consists of the transmission in a communication network of information (…) or the provision of access to a communication network” from civil liability for the transmission of information if the provider (a) does not initiate the transfer, (b) does not select the receiver of the information, and (c) does not select or modify the information contained in the transmission. The first question in this context is therefore whether the applicant is a provider of an ISS. The E-Commerce Directive defines an ISS in Article 2(a) by reference to Article 1(2) of the Technical Standards Directive (Directive 98/34/EC), now replaced by Article 1(b) Directive 2015/1535/EU, as “any service normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of services”.

In his opinion, AG Szpunar found no reason not to qualify a free Wi-Fi network offered in the context of an economic activity as a service of an economic nature that is “normally provided for remuneration” (paras 36-50). Although Mr Mc Fadden’s primary economic activity is the sale of lighting and sound equipment, complimentary free access for customers and the general public can form part of his economic activities. It is, according to the AG, not necessary that the service is rendered for direct remuneration. It suffices that, as the applicant argued, that the network is used to attract customers, to be considered as being offered as part of an economic activity (paras 44-47).

The second question in this context seeks to clarify whether the term “provided” in Article 12 of the E-Commerce Directive means that the operator of the service must actively seek out customers or whether a simple “enabling” would suffice.

With reference to the CJEU’s judgment in UPC Telekabel Wien, the AG argued that providing access to a network is sufficient, and that a direct contractual relationship between the user of the service and its provider is not necessary (paras 51-56).

The scope of liability under Article 12 of the E-Commerce Directive

Having found that the Article 12 of the Directive does in principle apply, the AG went on to define the specific content of the provision in light of the second set of questions. These questions deal with three particular issues: whether damages for copyright infringement can be claimed from an ISS, whether an injunction can be ordered against a “mere conduit” intermediary, and whether an ISS can be held liable for non-compliancy with such an injunction. Sony Music had not only requested an injunction, but also requested damages and the recovery of costs for the formal notice and court costs. Article 12 shields ISSs from liability for copyright infringements and resulting damages from such infringements, as well as other costs related to such infringements. Accordingly, damages and other costs related to such damages cannot be claimed from an ISS (paras. 73-80). Liability for an ISS can only arise if a particular obligation imposed by Article 12(3) has been breached (paras 81-87). The situation is however different for injunctions and costs related to injunctions. Article 8(3) of the Information Society Directive and Article 11 of the IP Enforcement Directive allow for injunctions against an ISS. To that effect Article 12(3) of the E-Commerce Directive excludes injunctions from the liability exemption of Article 12(1). Accordingly, pursuant to the AG, an injunction can be ordered even when an ISS complies with the conditions of that provision, and in order to safeguard the efficiency of injunctions, an ISS can incur liability for non-compliance with an injunction (paras 88-91).

Additional limitations to the exemption under Article 12 of the E-Commerce Directive

Subsequently the AG tackled the question whether the wide scope of Article 12 could be limited by applying, by analogy, an additional requirement of Article 14(1)(b) of the Directive, which requires a hosting provider to remove or disable access to information infringing copyrights. Whereas Article 12 exempts the liability for “mere conduit”, Article 14 relates to hosting providers, e.g. providers that offer to store content on their servers and websites, such as YouTube and Instagram, which can also be exempted from liability, albeit under different conditions. As Articles 12 and 14 of the E-Commerce Directive relate to different and distinct categories of activities, AG Szpunar rejected the application by analogy of any and all of the requirements of Article 14, which would have increased the burden of “mere conduit” ISSs (paras 93-104).

The scope of injunctions under Article 12 of E-Commerce Directive

AG Szpunar dedicated the remainder of his opinion to the final question of the referring court in Munich. The latter court asked whether Article 12(1) precludes a national court from ordering a general, non-specific injunction that requires an ISS prevent third parties infringing certain rights by disabling access to a network. In addition, the German court asked whether a specific injunction, by which an ISS is ordered to terminate its Internet connection, to protect it by password, or to examine all passing communications would comply with the provisions of Article 12(1) in the event that it is clear that the ISS can easily implement such injunction.

First, the AG examined the limits on injunctions inherent in the provision of the E-Commerce Directive. The outer limits are defined by Article 12(3), which requires that injunctions must have the aim of terminating or preventing infringements, but according to Article 15(1), cannot require an ISS to monitor all information passing through its network. The limits to injunctions are further contained in the principles and fundamental rights of EU law, including the right to freedom of expression and information and the freedom to conduct a business. These rights must be balanced with the right to intellectual property under Article 17(2) of the EU Charter of Fundamental Rights (paras 111-112). The indicators for a fair balance between these rights, according to the AG, are contained in the provisions of Directives themselves, as well as in the relevant provisions of national law. It is then the task of the national courts to interpret their national laws in accordance with the EU Directives and fundamental rights. In doing this, the measures adopted must be effective, proportionate and dissuasive, must be aimed at bringing a specific infringement to an end or preventing a specific infringement without imposing a general obligation to monitor, and the measure must achieve a fair balance between the relevant fundamental rights (para. 115).

Second, the AG, in principle, followed the CJEU’s recent ruling in UPC Telekabel Wien where it held that an injunction is in compliance with EU law when it leaves to its addressees the decision which measures to apply in order to bring an infringement to an end. However, he did distinguish the facts of the case at hand, arguing that in a situation where a general injunction would lead to legal uncertainty, a national court could order an injunction that is more specific. This would be necessary in cases in which a general injunction would upset the balance of rights and interests involved (paras 116-124).

Third, the AG addressed the specific injunctions suggested by the German court, namely a termination of the Internet connection and a general obligation to monitor. Without much discussion AG Szpunar discarded the two suggested injunctions, in particular in light of the CJEU’s judgments in Scarlet Extended v SABAM, SABAM v Netlog and UPC Telekabel Wien (paras 125-133).

Finally, AG Szpunar considered whether an injunction that would require an ISS to secure a Wi-Fi network would be compatible with EU law. Such an obligation would, he argued, undermine the business models based on complementary Wi-Fi by making access to a network more burdensome (e.g. by way of mandatory identification). A requirement to retain user data would also be too burdensome and therefore disproportionate for an ISS such as Mr Mc Fadden, whose primary business is not to operate a network service, but to sell light and sound systems. Such an injunction would further come close to the prohibition of general monitoring obligations under Article 15(3) E-Commerce Directive. Lastly, a more secure network would not necessarily prevent infringements of protected works. Simply ordering to secure a Wi-Fi network would therefore not constitute an appropriate injunction: it does not safeguard a fair balance of interests and rights, most notably it interferes with the freedom to conduct a business and the freedom of expression and information, which could be a disadvantage for society at large (paras 134-149).


The notion of an ISS has been hotly debated and since the CJEU’s judgment in UPC Telekabel Wien in 2014 it covers a wide variety of economic actors that enable the free flow of digital information. The extension of the notion to include operators of publicly accessible Wi-Fi networks would further broaden the circle of ISSs. This is, however, under the assumption that the CJEU understands the notion of ISS of Article 12(1) E-Commerce Directive as being congruent with that of intermediary under Article 8(3) Information Society Directive (and Article 9(1) IP Enforcement Directive).

For intermediaries, or providers of ISSs, this means that injunctions can be ordered against them to put an end to infringements of IPRs, or possibly to prevent such infringements. It also means that businesses offering Internet access to its customers, and, under certain conditions, to the public, can profit from the liability exemptions of the E-Commerce Directive, but can be held liable for non-compliance with injunctions ordered against them.

If the CJEU decides to follow the opinion of AG Szpunar, it would, albeit only partially, retreat from its position in UPC Telekabel Wien. There it held that general non-specific injunctions against ISSs can be ordered, while maintaining the limits of injunctions by prohibiting general monitoring and filtering obligations. In this case, the Court permitted an injunction aimed at a certain outcome (blocking access to a particular website), leaving it to the service provider to find appropriate means to achieve that aim. More precise injunctions could, however, be ordered against smaller ISSs, which operate local free or easily accessible Wi-Fi networks. The scope of the injunction might therefore be conditional on the type of ISS, and the court ordering such injunction would have to assess whether appropriate measures do exist.

Whereas the AG Szpunar did, all in all, not provide much guidance on the precise balancing of the freedom of expression, the freedom to conduct a business and the right to intellectual property (see also Deckmyn v Vandersteen, Ashby Donald and Others v France, Nej and Sunde Kolmisoppi v Sweden, Delphi v Estonia), his conclusion supports an outcome that favours the right to information and also the right to privacy, which he however fails to mention explicitly. But by permitting owners of businesses to operate open Wi-Fi networks ancillary to their commercial activities, without requiring them to monitor all communications through their networks, users of such networks can use them to access information without having to fear that their private data are being collected.

It remains to be seen how the Court will rule; a decision against the recommendations of AG Szpunar would definitely be no surprise given the recent track record of AGs in copyright cases.