|Mr Justice Gerard Hogan, |
who delivered the Court of Appeal judgment
What (if any) steps may a court require internet service providers (ISPs) to take to assist copyright holders to identify customers who use the network provided by these providers to access the internet for the purpose of illegally downloading or uploading copyright material? What kind of jurisdiction does Article 8(3) of the InfoSoc Directive, as implemented into the laws of Member States, confer upon national courts?
These are the very questions that the the Irish Court of Appeal (Hogan J) addressed in an interesting judgment issued at the end of July, further to the appeal brought by UPC against the 2015 judgment of Cregan J in the High Court. There, Cregan J had ordered this ISP to implement a form of graduated response system (GRS) within its network for the benefit of - amongst others - Sony Music.
Apparently, the type of GRS order issued by the High Court was the first of its kind within the EU.
What is GRS?
As explained by Hogan J, "the term GRS is not a term of art, but it refers to types of steps which an ISP may be required to take against copyright infringers, ranging from warning letters at one end of the spectrum to orders blocking access to particular websites at the other."
The GRS in this case
In the particular case at hand, the High Court had ordered UPC to send each relevant subscriber a cease-and-desist letter upon receipt of notification of the first and second copyright infringement notifications received from relevant rightholders.
On receipt of the third copyright infringement notice, UPC would then be required to send the relevant rightsholders a notification that the particular subscriber had been the subject of three such notifications.
The rightsholders would then be entitled to apply to court for an order terminating the subscriber’s internet broadband service.
Not only did the High Court impose a monthly limit of 2,500 notifications and exclude business users from the GRS, but also mandated upon rightholders to pay 20% of any capital expenditure incurred by UPC (with a cap of €940,000 on each such expenditure).
Finally, while the order could potentially last indefinitely, the High Court provided that it would be reviewed within in five years from the date of its perfection.
|GRS explained: |
(1) User engaging
in copyright-infringing activities
Hogan J noted how the appeal concerned, specifically, the jurisdiction of the High Court to grant GRS injunctions of the kind described above and, more generally, "issues of enormous importance so far as the effective protection of copyright is concerned."
After highlighting the changes brought about by technological evolution and resulting challenges for the music industry, Hogan J noted how over time seeking remedies against ISPs has been also prompted by the ineffectiveness of remedies against primary infringers. Paraphrasing the content of Recital 59 in the preamble to the InfoSoc Directive, the judge observed that ISPs, "after all, are the entities who are far better placed than anyone to identify the customers who have used their services for infringing activities. It is they alone who can match the internal protocol addresses of consumers with infringing activities or take steps to block access to websites who specialise in copyright infringement activities."
This said, the judge deemed it necessary to address the rights and remedies available to rightholders under Irish and EU laws, respectively.
The position under national law: has implementation of Article 8(3) of the InfoSoc Directive changed the law?
With particular regard to the former, the judge undertook an analysis of relevant authorities by noting that a number of basic juristic realities are to be considered, including that ISPs are non-infringing entities. In this respect the question becomes whether Article 8(3) of the InfoSoc Directive as transposed into Irish law by s40(5A) of the Copyright and Related Rights Act (CRRA) has changed the general principle that Irish courts have no jurisdiction to grant an injunction against a defendant who has committed no cognisable legal wrong or where such a wrong is not threatened.
This question was also prompted by awareness that (as noted by Cregan J in his first instance judgment), prior to the insertion of the new s40(5A) CRRA in 2012, Irish courts had not been able to provide effective remedies to ensure an adequate protection of copyright in the online environment. Indeed, in his 2010 judgment in EMI Records, Charleton J had concluded that Irish courts lacked jurisdiction to order non-infringing ISPs to take action against customers who used their services for the purposes of copyright infringement. In this respect, Charleton J had found that, because of the absence of any legal power for the “blocking, diverting or interrupting of internet communications intent on breaching copyright”, Ireland was not “yet fully in compliance with its obligations under European law.”
|(2) The innocent ISP|
Following this decision, relevant rightholders commenced proceedings against the Irish State for failure to give effect to the requirements of Article 8(3) of the InfoSoc Directive [this is known as Francovich or state liability principle: in relation to the UK, I suggested this as possibility in case the Court of Appeal had reversed the decision of Arnold J in Cartier and denied the availability of blocking injunctions in trade mark cases: see here], but before the litigation could be resolved the Irish Government adopted s40(5A) CRRA.
The position under EU law
Hogan J turned to considering relevant case law of the Court of Justice of the European Union (CJEU) in relation to Article 8(3) of the InfoSoc Directive [in particular, Scarlet, Netlog, and Telekabel] and the third sentence in Article 11 of the Enforcement Directive [L'Oréal].
He noted how "it is ... hard to avoid the conclusion that the drafting of both Article 8(3) of the 2001 Directive and the third sentence of Article 11 of the 2004 Directive left a good deal to be desired". Indeed, "[i]f the language of Article 8(3) ... is taken at face value, then, at least so far as Ireland is concerned, Article 8(3) changed nothing since copyright holders were always in a position to apply for injunctions against ISPs." [the problem, as EMI Records demonstrates, was however obtaining an injunction against non-infringing ISPs]
However, a face value interpretation does not appear correct: in fact, "it is ... clear from a series of decisions of the Court of Justice that Article 8(3) of the 2001 Directive (and the companion provisions of Article 11 of the 2004 Directive) have, in fact, changed the law, by mandating the creation of a new form of injunction directed against non-infringing parties which finds no real counterpart in our [read: Irish] system of civil procedure. Again, the essential question in the present case is the extent to which Article 8(3) of the 2001 Directive has effected such a change."
While Article 8(3) has mandated a substantial change, the EU framework provides some in-built limitations to the scope of any such injunctions against ISPs, notably those contained in Articles 15(1) of the Ecommerce Directive [no general obligation to monitor], 3 of the Enforcement Directive, 8 of the InfoSoc Directive, and 1(3a) of the Framework Directive 2002/12.
|(3) The notifications|
The substantive change brought about by Article 8(3) of the InfoSoc Directive
Having reviewed relevant CJEU decisions, Hogan J concluded that [para 49] Article 8(3) of the InfoSoc Directive "does not simply seek to fill a jurisdictional lacuna in the systems of civil procedure of the Member States by allowing rightholders to apply for an injunction against non-infringing ISPs. This provision is not simply procedural, but it potentially changes the substantive law by requiring Member States to provide their judicial systems with the authority to grant injunctions of this kind, subject only to certain safeguards (such as the prohibition against general monitoring of users contained in Article 15(1) of the Electronic Commerce Directive)."
More specifically [para 52], "Article 8(3) (as transposed by s. 40(5A) of the 2000 Act) certainly changed the substantive law in relation to injunctions so far as this jurisdiction is concerned. While it is true that Article 8(3) did not quite do so in express terms, a series of judgments of the CJEU – ranging from L’Oréal onwards – has clearly confirmed that Article 8(3) has had this effect by requiring national courts in appropriate cases to grant injunctions against non-infringing ISPs. Certainly, by virtue of this Court’s duty of loyal co-operation and the general principle of interpretation conformé reflected judgments such as Case C-106/89 Marleasing S.A., it is necessary for this Court to construe s. 40(5A) of the 2000 Act as having had this effect."
Article 8(3) injunctions as a regulatory order
This said, and having thus crossed the "legal Rubicon of vesting the High Court with a jurisdiction to grant an injunction against a non-infringing ISP" [para 63], "then what follows is really all merely a matter of degree. It could be said that any order made in those circumstances begins to take on the character of a regulatory solution to the problem, precisely because the order is no longer directed to an infringing party and also because the court is no longer applying purely traditional legal principles such as might have been applicable to determine, for examine, whether to grant an injunction or damages against a defendant who in appropriate civil proceedings had been found guilty of copyright infringement."
Compatibility of the injunction actually granted with Article 8(3) of the InfoSoc Directive
Having exhausted the issue of jurisdiction, Hogan J turned to the consideration of whether the injunction granted by the High Court was: (i) necessary; (ii) that the costs involved were not excessive or disproportionate and that the order itself should not be unduly complicated; (iii) that the cost sharing proposals were fair and reasonable; (iv) that the order respected the fundamental rights of the parties affected, including internet users; and (v) that the duration of the proposed injunction and the provisions for review were reasonable.
In upholding the GRS injunction granted by the High Court, Hogan J agreed with the findings of Cregan J, except on two issues, ie: review after five years, and the costs of future applications. With particular regard to the latter, Hogan J did not think that it would be appropriate for the High Court to make anticipatory orders in relation to future proceedings.
|(4) Patience has reached its limits|
This decision is particularly interesting in that it highlights the substantive breadth of Article 8(3) of the InfoSoc Directive: this provision does not merely mandate the availability of injunctions against intermediaries, but it does so independently from a finding of their liability.
This conclusion appears in line with the relevant EU framework, as interpreted by the CJEU. To the judgments reviewed by the Court of Appeal, it is worth adding a mention of the pending reference in Mc Fadden, C-484/14 [the decision on which is expected on 15 September].
This is a reference for a preliminary ruling from the Regional Court, Munich I (Germany), and was made in the context of proceedings between Sony and a person (Tobias Mc Fadden) who operates a business selling and renting lighting and sound systems for various events.
Mc Fadden owns a Wi-Fi connection that is open to anyone to use as it not protected by any password. In 2010 that connection was used by someone other than Mc Fadden to download unlawfully a musical work to which Sony owns the copyright. Following Sony’s formal notice, Mc Fadden sought a negative declaration from the referring court. This dismissed it and upheld Sony’s counterclaim, granting an injunction against Mc Fadden on the ground of his direct liability for the infringement at issue and ordering him to pay damages, the costs of the formal notice, and costs. Mc Fadden appealed that decision, arguing that the provisions of German law transposing Article 12(1) of the ECommerce Directive would shield him from liability for third-party infringements. The Regional Court held the view that Mc Fadden would not be directly liable, but rather indirectly liable according to the German doctrine of Störerhaftung, on the ground that his Wi-Fi network had not been made secure. This court decided nonetheless to stay the proceedings and seek guidance from the CJEU on a number of issues.
In his Opinion [here] on 16 March last, Advocate General (AG) Szpunar held [para 68] that – also further to Recital 45 in the preamble to the Ecommerce Directive – "it is clear from a combined reading of paragraphs 1 and 3 of Article 12 of Directive 2000/31 that the provisions in question limit the liability of an intermediary service provider with respect to the information transmitted, but do not shield him from injunctions.”
While the conclusion of the Irish Court of Appeal and AG Szpunar appears correct from an EU law standpoint, it is not so straightforward within all EU Member States. For instance, in a post by Nedim Malovic this blog reported that a few months ago a Swedish court refused to grant an injunction against an ISP to block access to The Pirate Bay, on grounds that copyright law in Sweden requires that the addressee of an injunction (an ISP in this case) has aided and abetted a third-party infringement in a criminal sense, ie by providing some sort of direct assistance to the primary infringers. According to the Stockholm District Court this would not be the case of an access provider.
All in all, given the different approaches adopted across the EU, more than the substantive value of Article 8(3) of the InfoSoc Directive, in practice what can be seen is - in line with Hogan J - that the drafting of Article 8(3) has left a good deal to be desired ...