The growing tension between copyright and personal data protection on an online environment: The position of Internet Service Providers according to the European Court of Justice

The growing tension between copyright and personal data protection on an online environment: The position of Internet Service Providers according to the European Court of Justice

Marianna Rantou [1]

Cite as: Rantou, M. I, ‘The growing tension between copyright and personal data protection on an online environment: The position of Internet Service Providers according to the European Court of Justice’, European Journal for Law and Technology, Vol. 3, No. 2, 2012

Abstract

Online piracy is one of the most interesting, complex and topical issues relating to copyright today. It is engaging because it appeals to academics as much as it does to the general public, and it is as crucial for the governments as it is for the stakeholders involved. Moreover, from a legal perspective, it presents a multitude of interesting aspects to explore. This paper focuses on the specific issue of the tension between enforcement of intellectual property (IP) rights and personal data protection on the internet. More specifically, the position of Internet Service Providers (ISPs) in the battle against online piracy is examined, by reviewing the current status of ISPs and attempting an evaluation of the latest developments on the subject.

Although online piracy is a global issue, the present analysis is limited within the European Union, reviewing the policies adopted by the EU institutions and bodies, discussing existing and proposed measures adopted by the Member States and focusing specifically on two cases brought before the European Court of Justice, namely the Promusicae (C-157/06) and Scarlet (C-70-10) cases.

1. Introduction – The issue of online piracy [2]

Despite being a relatively recent invention, the internet can be characterised as an unprecedented phenomenon, which dominates every possible aspect of peoples’ everyday lives. As the European Parliament observes, freedom is one of the fundamental principles on which the Internet is based ‘due to its global, open and participatory nature’ [3]. Internet users as well as ISPs are dedicated to defending this well established online freedom by focusing on two main aspects, which are as praised as they are criticised: anonymity and unhindered flow of information.

The aforementioned features, combined with the multi-purpose nature and the constantly evolving state of online services in general, have made it considerably easier for illegal activities to take place in an online environment. The Commission observes in a recent Report that this situation has led internet users, who, under different circumstances, would behave as law-abiding citizens, ‘to commit massive infringements of copyright and related rights in the form of illegal up-loading and disseminating protected content’ [4]. It rightly concludes that ‘consumers increasingly expect to be able to watch anything, anywhere, any time and via any one of a number of devices (TV, personal computer, games console, mobile media device)’ [5]. According to a recent Report by the International Federation of the Phonographic Industry (IFPI) nearly one in four active internet users in Europe visits unlicensed sites monthly [6]. It is an incontestable fact that today the internet is swarming with illicit copies of copyright works. Rightholders and representatives of the creative industries have repeatedly underlined the hugely negative impact that online piracy has had on the creative industries, especially on the music and film industries, stressing in particular the decrease of sales and the loss of revenue that artists and producers suffer because of that fact. [7] [8]

Copyright holders have tried with little success to fight online piracy since the early days, when the first P2P networks emerged on the Internet. They soon, however, accepted the fact that due to the massive amount of users that were engaged in illegal activities, it was ineffective to pursue litigation since it was costly, time-consuming and, in the end, futile. Every trial won against an individual or platform provider was merely a Pyrrhic victory: while the cases were still pending before the courts, new ways of disseminating copyright material proved to be even more effective than the previous ones. Inevitably, the next step was to go against the internet service providers (ISPs) [9] . Litigation in that case proved to be even harder, since ISPs enjoy quasi immunity from online liability, as will be analysed below.

Only recently rightholders seem to have realised that a more systematic, strategic approach, which favours legislative and administrative solutions instead of litigation, is needed. This approach, however, is not without problems. The position of Internet Service Providers is extremely delicate: On the one hand, being the de facto intermediaries between users and rightholders, they seem to be in an ideal position to regulate the flow of information that circulates through their systems and therefore they should be able to monitor and block potential illegal activities. On the other hand, ISPs argue ferociously that it is not possible to monitor and filter their services. The UK Internet Service Providers Association points out that ISPs ‘are no more able to inspect and filter every single packet passing across their network than the Post Office is able to open every envelope’ [10]. Apart from the obvious technical difficulties in that respect, the active involvement of ISPs in the battle against online piracy presents interesting legal issues in relation to fundamental rights, such as the right of privacy of communications, the right of protection of personal data and freedom of information. The tug-of-war between these fundamental rights will be on the centre of the present analysis.

1.1 Terminology issues

Before proceeding to the main analysis, a number of clarifications should be made regarding the terminology used here. Firstly the term ‘ISPs’ refers, in the present discussion, only to natural or legal persons who provide the facilities for access to the internet [11]. Therefore the term ISPs refers to providers that ‘akin to a telecommunications company, offer their users access to the internet using a data transmission technology such as dial-up, SL, cable modem or dedicated high-speed interconnects’ [12]. Secondly, the term ‘peer to peer networks’ needs to be explained and its scope defined. Peer to peer file-sharing is, in general, an application that ‘allows one computer on the Internet to search for and access files on the hard drives of other computers that are connected to the Internet’ and then proceed to copy specific files from one computer to another. [13] This procedure can take place directly from one computer to another, or through a mediating server via the internet. The first popular online P2P file-sharing network, Napster, emerged in 1999; since then, new and improved versions of this online platform have emerged [14]. Although there are substantial differences in the modus operandi of the different platforms, it is not within the scope of this paper to analyse their differences. In the present analysis, the terms ‘online copyright infringement’ and ‘online piracy’ refer indiscriminately to all kinds of illegal exchange of files on the internet.

2. The EU legal framework

Legislative initiatives usually denote an effort by the legislature to keep up with social changes and to regulate newly established unlawful behaviours. This observation is even more relevant when discussing legislative initiatives concerning the information technology (IT) field and the internet, since it is common knowledge that online infringers are always one step ahead of rightowners and legislators [15]. While IT aficionados invent new ways to disseminate protected material illegally over the internet, non-IT experts who by definition cannot follow technical developments and are unable to fully comprehend technological breakthroughs, are called to regulate on those issues. The result is inevitably a largely ineffective legal framework, which usually contains vague provisions, most likely to be outdated by the time of their publication. The relevant European Directives are not an exception to the above-mentioned rule.

The EU legislation relating to online services and intellectual property rights was introduced during the 2000s as a response to the international measures that were adopted by the World Trade Organisation (WTO) and the World Intellectual Property Organisation (WIPO) in the 1990s. [16] [17] In these agreements issues regarding liability for online copyright infringements were only addressed indirectly, since the phenomenon of exchanging copyrighted material on the Internet was still in its infancy. The legal framework regarding online piracy in the EU represented an effort to balance the rights and obligations that had already been imposed by international instruments, with the new challenges presented by the advancement of technology during the 2000s. EU legislation on the issue of online enforcement of IP rights has been described as ‘rather fragmented, because it is comprised of several Directives, which deal with different subjects, making the interaction between them not necessarily obvious’ [18].

2.1 The legal framework regarding Intellectual Property rights

There are three relevant EU Directives relating to intellectual property rights (and more specifically to copyright and related rights): TheE-Commerce Directive (2000/31/EC) [19], theInformation Society (InfoSoc) Directive (2001/29/EC) [20], and the Enforcement Directive (2004/48/EC) [21]. In 2000 the E-Commerce Directive introduced the basic legal framework for online services, regulating in particular the electronic commerce in the internal market. The provisions relating to the transparency and information requirements for ISPs and the limitations of liability of intermediary service providers are of particular interest to the present analysis and shall be discussed in further detail below.

The Information Society Directive (2001/29/EC), which was adopted a year later, provides a general legal background for copyright and related rights in the information society. It refers to the illegal dissemination of culture, noting that ‘a fair balance of rights and interests between the different categories of rightholders, as well as between the different categories of rightholders and users of protected subject-matter’ must be safeguarded when implementing the Directive. [22] [23]

Introduced three years later, the Enforcement Directive (2004/48/EC) aimed to harmonise ‘the minimum means available to rightholders and public authorities for fighting infringements of intellectual property rights’ [24]. Although it was not designed with online infringements exclusively in mind, it nevertheless contains important references to online activities [25]. It should be noted, however, that even before the Directive’s adoption there was serious criticism regarding its effectiveness, criticism which still persists today. [26]

With specific regard to ISPs, the Directive refers to intermediaries ‘whose services are being used by a third party to infringe the right holder’s industrial property right’, leaving a broad discretion to Member States to determine when and how an injunction can be issued against an intermediary, be it an online service provider or other [27]. Another important aspect of the Enforcement Directive is its relation to EU privacy legislation, since the effective enforcement of rights can involve the disclosure of personal information on the infringer. The Preamble to the Directive declares that its provisions should not affect the substantial EU law relating to the protection of personal data [28].

2.2 Provisions relating to Internet Service Providers – ‘Safe Harbours’

As already discussed, the E-Commerce Directive contains the key provisions regarding liability of Internet Service Providers at European level. Articles 12-15 of the Directive constitute the so-called ‘safe harbour’ provisions, echoing the equivalent provisions on intermediary liability of the US Digital Millennium Copyright Act [29]. Article 12 introduces the mere conduit defence, providing that an intermediary service provider holds no liability for the content transmitted or accessed by its costumers, if certain conditions are met. [30] Article 13 of the Directive refers to caching, providing that automatic, intermediate and temporary storage of illegal material by the intermediaries under certain conditions does not entail liability for the service provider. [31]

Although the ‘mere conduit’ and ‘caching’ defences are of great importance regarding intermediary liability in general, the single most important provision concerning the liability of ISPs is, arguably, article 15(a) of the Directive [32]. It introduces the so-called ‘no general monitoring obligation’, which could be viewed as the cornerstone of the limited liability regime of internet intermediaries, since it prohibits any large scale action to be taken by ISPs. It should be made clear, however, that this article does not prevent national public authorities from imposing a relevant obligation in a specific, clearly defined individual case.

These provisions seem to reflect the generally accepted, at least at the time, notion that intermediaries can not be held liable for actions committed by their subscribers without the providers’ active participation and that monitoring the whole of the subscribers’ activity would be practically unfeasible. In the Report on the application of the Directive (published in 2003), the Commission itself recognised that general monitoring would be impossible in practical terms and would result in disproportionate burdens on intermediaries and higher costs of access to basic services for users [33]. It is interesting to add that, as early as 2003, the Commission stressed in this Report the importance of voluntary cooperation of ISPs with national authorities as well as with other stakeholders [34].

2.3 The legal framework regarding Personal Data protection

The EU legislature has been fairly cautious when introducing personal data legislation, taking into account the dictum that ‘security matters on the Internet can be divided into three areas: the availability of data, the confidentiality of data, and security of handling’ [35]. The Processing of Personal Data Directive (95/46/EC) aimed to establish a balance between the free flow of personal data and the pressing privacy considerations within the European Union. [36] In order to achieve this balance, it set strict limits on collecting and using personal data, while at the same time it introduced independent national authorities which would be responsible for the protection of the data.

The second relevant EU Directive relating to personal data is the E-Privacy Directive (2002/58/EC) [37], which concerns the processing of personal data in telecommunication services in the digital age. It is closely related to the 94/46/EC Directive, expanding and redefining its scope. In addition, it introduces important provisions regarding providers of electronic communications services, establishing that service providers must protect the security of their services by safeguarding personal data.

Of particular interest for the debate on the battle against illegal file-sharing is article 15 (1) of the Directive, which refers to derogations on the provisions related to the confidentiality of communications and processing of traffic data ‘when such restriction constitutes a necessary, appropriate and proportionate measure within a democratic society’ in order to safeguard specific interests [38]. This constitutes an important provision because, as will be further illustrated in the context of the Promusicae case below, it may be used as the basis for introducing monitoring and filtering procedures for the prevention of copyright infringements. In addition, the two Directives set up an independent EU Advisory Body on Data Protection and Privacy, the so-called ‘Article 29 Data Protection Working Party’, whose main objective is to ensure the uniform application of the data protection Directives throughout the Member States and to advise the European Commission by delivering Opinions on relevant matters [39] [40].

As already mentioned, copyright protection on the internet is closely related to privacy legislation. Although the copyright Directives should not, according to their Preambles, affect data protection, the relationship of the five aforementioned Directives to each other is much more complicated. [41]The collision between copyright and personal data protection is certainly not desired, but seems to be inevitable in the present circumstances, since enforcing IP rights online can only be efficient if some form of regulation of online traffic takes place; infringements can only be detected through some form of monitoring, and illegal material can only be removed by third parties through some form of filtering or blocking. Rightholders are undoubtedly tempted to be somehow involved in controlling the dissemination of illegal copies of their works over the internet. The general public, however, is extremely weary of further (over)regulation of the Internet, especially since there is a general impression that the EU is ‘obsessed’ with online regulation, as Kelleher and Murray noted more than 10 years ago [42] [43].

2.4 Personal data and IP addresses

One of the most controversial issues in the relationship between online enforcement of Intellectual Property rights and personal data protection is whether IP addresses constitute personal data. [44] The IP address is considered to be the personal trace of an individual in the online world and therefore an infringer can only be identified on the internet through his/her IP address. [45] If an IP address is held to be personal data, then restrictions and limitations shall be imposed when processing it. According to a recent study prepared for the European Commission, IP addresses in Europe are generally considered by national authorities and courts to be personal data. [46] In addition, according to the same study, IP addresses are generally considered to be traffic data, which means that further limitations and restrictions apply in their handling. The Article 29 Working Party had already pointed to the same conclusions in previous opinions, by adopting a broad interpretation of the concept of personal data in relation to IP addresses, a view shared also by the European Data Protection Supervisor [47] [48]. Finally, according to Advocate General Kokott, temporarily assigned IP addresses constitute traffic data according to the definition of the E-Privacy Directive [49] [50].

3. Existing and proposed measures to battle online copyright infringement

Under the persistent pressure of rightholders, in recent years Member States have taken initiatives to introduce measures aimed at combating illicit file-sharing. Not surprisingly, the policies adopted at national level reflect the fragmented legislation at EU level; having the same Directives’ provisions as guidance, different Member States have introduced different measures, with varied levels of scrutiny and effectiveness.

France led the way by introducing the ‘three-strike legislation’, which provides for the setting up of an independent administrative authority, responsible for alerting copyright infringers about their illegal activity. [51] [52] After two warnings, through this ‘graduated response’ approach, the HADOPI can refer repeat infringers to the courts, where the available sanctions include fines or temporary suspension of internet access for up to 12 months. The striking feature of HADOPI is that it has the power to demand from ISPs to identify the infringers within their networks, therefore actively involving the up to now ‘neutral’ intermediaries in the battle against copyright infringement.

The UK has adopted a similar, yet less strict approach; introduced in April 2010, the Digital Economy Act, provides that copyright owners can identify and report accounts through IP addresses. ISPs are also involved in this procedure, since they are invited to match IP addresses with specific subscribers and subsequently notify the subscribers that they have been identified, while, at the same time, keeping records of the infringements. It is important to underline that this procedure operates on an anonymous basis. This legislation was challenged before UK national courts, but a recent judgment [53] held that the provisions of the Digital Economy Act are compatible with EU legislation.

In Belgium, the option of implementing a monitoring, filtering and blocking technology was proposed by the Belgian collecting society SABAM. Although the national court of First Instance was in favour of the proposed measure, the case was eventually brought before the European Court of Justice, as will be discussed below. Filtering and blocking technologies seem appealing to several European countries, causing the Council of Europe to adopt a Recommendation on the sensible use of internet filters [54].

Equally interesting developments have occurred in most of the other EU Member States, most notably in Sweden, with the infamous Pirate Bay saga and the introduction of new legislation and in Spain, where illegal file-sharing presents one of the highest percentages in Europe and rightholders have attempted to identify and stop infringers on the basis of the national legislation now in force. [55] [56] [57] The disparities that exist in Member States’ legislation help to further illustrate the need for a more systematic approach of the EU, by adopting a unified policy at Union level.

4. The position of EU authorities

4.1 EU Commission

The European Commission is the executive body of the EU, drafting proposals for legislation, implementing EU policies and monitoring their correct application. [58] It is constantly active through its various Directorate-Generals, reviewing the applicable legislation and engaging in dialogue with the interested parties. It also publishes reports evaluating the application of the Directives adopted. Reports on the application of the Directives discussed above have been already published by the Commission and include several points worth exploring. [59] More specifically, in the 2003 Report on the application of the E-Commerce Directive the Commission describes the exoneration regime established by articles 12-15 as ‘indispensable’ since it allows e-commerce to develop without obstacles. The Commission did note however that national legislation on the issue appeared to be fragmented. [60]

The most recent development by the Commission on the issue of online piracy is the 2010 Report referring to the application of Directive 2004/48/EC [61]. This was followed by the publication of a Synthesis of the comments on the Report, which were submitted by interested parties [62]. In this Report the Commission ‘arguably hints at a need to relax data/privacy protections’ [63], only to find itself before a defiant resistance from the majority of the participating stakeholders who ferociously argued for net neutrality, respect of privacy and freedom of speech. It is worth noting that, according to data collected by the Commission, about 60 % of the respondents commented on issues related to intermediaries and injunctions, while 50 % of the participants took a position on the issue of the contest between copyright protection and privacy legislation, further illustrating the gravity of the matter. Finally, in March 2011 the Commission published a Report dedicated exclusively to the issue of illegal up- and downloading [64]. The nature of the document was merely consultative and did not offer noteworthy contributions; its very existence, however, proves that the issue of illegal file-sharing is high on the agenda of the EU.

4.2 European Parliament

The European Parliament exercises a legislative function along with the Council of the EU. [65] Along with legally binding documents, the Parliament adopts a number of non-binding texts, mainly Resolutions on various matters. The effectiveness of the provisions of these Resolutions is, at best, questionable; they are however important because they help illustrate the views of the Parliament on specific issues, establish its position and clarify the policies it has adopted.

The cultural industries in general and the protection of intellectual property in particular are issues that have been extensively discussed by Parliament over recent years. In a 2008 Resolution the Parliament urged the Commission to involve ISPs in the discussions regarding digital piracy, but it underlined that criminalising users who are not seeking to make a profit as well as suspending internet access are not the designated solutions on the matter. [66] In 2009 the Parliament addressed a Recommendation to the Council, focusing specifically on security and fundamental right issues on the internet [67]. In this Recommendation it discussed the relation between IP and privacy legislation, noting that citizens’ fundamental rights should be respected especially when new technologies present threats to their privacy by maintaining the ‘right balance’. More recently the Parliament adopted a slightly more aggressive approach, suggesting to the Commission that the possibility to initiate proceedings against infringers of IP rights should be included in European legislation and that the application of Directive 2004/48/EC should be more strict and effective in general. [68] It is interesting to note that the only solutions proposed by the Parliament itself are either of an awareness-raising nature (through campaigning, dialogue with stakeholders and non-legislative measures), or refer to the promotion of legitimate exchange of material online; in other words, until now, Parliament has avoided making a bold statement regarding measures that should be taken in order to combat illegal file-sharing online.

4.3 Council of the EU

The Council of the European Union [69] is part of the European legislature and one of its main tasks is to adopt legislative acts. Furthermore, the Council is responsible for coordinating the policies implemented by the European Union. As well as constituting the main legislative body (in conjunction with the European Parliament) responsible for the adoption of the Copyright and Personal Data Directives mentioned above, the Council of the EU has adopted a number of non-legislative acts and communications relating specifically to the issues of illegal file-sharing, data protection on the internet and net neutrality. In these communications the Council, also, expresses a general concern on the increasing lawlessness of the online environment, stressing the need to strike a balance between the conflicting interests of the parties involved. As early as 2000, with reference to the Information Society Directive, the Council had noted that this Directive was based on the principle of striking the right balance between the interests of copyright holders and the interests of Internet service providers and consumers, by taking into account the possibilities offered by new technologies in particular [70].

In a subsequent Report regarding creative content in the digital environment, the Council made reference to the ECJ Promusicae case (analysed below), focusing again on the need to ensure a fair balance between the various fundamental rights (personal data protection, freedom of expression and information, protection of intellectual property) [71]. In a more recent Communication regarding net neutrality, the Council stressed once more the need to preserve the open and neutral character of the Internet, it constituting a main ‘policy objective’, addressing at the same time issues related to P2P traffic [72].

4.4 European Data Protection Supervisor

Although the European Data Protection Supervisor is not one of the main legislative or administrative bodies of the EU, its position on the issue of online piracy should nevertheless be taken into account because of the very nature of the office. [73] One of the EDPS’ designated tasks is to consult the Commission, the Parliament and the Council on data protection issues, while he/she also has the right to intervene in cases involving personal data before the ECJ [74]. In addition, the EDPS’ tasks include monitoring new technologies that might affect data protection within the EU.

Apart from contributing to the process of the proposed revision of the E-Privacy Directive by prompting the legislature towards strengthening the protection of individuals’ privacy and stressing that any amendments in the provisions relating to processing of traffic data for security reasons should be introduced very prudently, the EDPS contributed with very useful insights to the issue of online piracy in two recent Opinions [75] [76]. In his Opinion on the negotiations on the Anti-Counterfeiting Trade Agreement, the EDPS made reference to the notion of ‘right balance’ between demands for the protection of intellectual property rights and the privacy and data protection of individuals, while expressing his doubts on the ‘three-strikes’ internet disconnection policies analysed above, characterising them as ‘highly invasive in the individuals’ private sphere’ [77]. Moreover, he clearly opposed any measure that would entail generalised monitoring of the internet and underlined that it would be preferable if these measures would be carried out by law enforcement authorities. In his opinion, monitoring procedures would affect all users indiscriminately, whether they were infringing or not, while the collection of IP addresses in itself constitutes an interference with the individuals’ right to private life. The EDPS’ contribution notably includes propositions for alternative, less intrusive measures that could be adopted as a response to illicit file-sharing, such as the targeted monitoring of individuals, who are involved in ‘non-trivial’ copyright infringement on a commercial scale, and educating and informing the public on the issue of online piracy.

The Supervisor also expressed his disagreement on a possible amendment of Directive 2004/48/EC, specifically stressing the importance of preserving the safeguards of article 8 of the Directive and underlined that measures involving blanket monitoring of internet users should be avoided at any cost. The EDPS’ views might not be of binding nature; however his contributions help shape the overall EU policies and his observations should be taken into account both by the EU legislature and by the judiciary.

5. The position of the European Court of Justice

Although it cannot be denied that the principal European Union policy-makers are the Parliament, the Council of the EU and the Commission, one cannot help but observe that the European Court of Justice has played a key role in forming EU policies throughout the course of the European integration process. [78] By adopting a decision-making approach that can be characterised as a ‘hybrid between the common law and statutory interpretation’, through its case-law the ECJ has succeeded in influencing both the constitutional and substantial law of the European Union to an utmost degree [79] [80]. Although it may be too risky to talk about ‘judicial policymaking’, it is nevertheless safe to state that by means of its case-law the ECJ has become a quasi political actor within the EU. [81] European legislation is not only what the legislature adopts, but also what the ECJ chooses to interpret and apply, therefore no policy introduced by the legislative bodies can be fully evaluated before its scope has been defined by the ECJ.

With particular regard to the field of Intellectual Property and personal data protection, secondary legislation (such as the Directives analysed in section 2) and non-legislative initiatives (as the ones examined under (4) above), combined with the relevant Treaty provisions, have established a legal framework that provides the necessary guidelines under which Member States and individuals should operate. [82] However, as established above, the scope of these provisions is not entirely clear. On paper, enforcement of intellectual property rights was not meant to affect privacy legislation; service providers were not meant to be burdened with general obligations; and in case of a clash between the two fundamental rights of property and privacy, one right was not meant to generally take precedence over the other. Reality has proved that, in their generality, the abovementioned rules constitute more a wish-list rather than an effective manual against copyright infringements. The challenging, albeit necessary, task of defining the scope of the provisions relating to online copyright infringements is left to the shoulders of the ECJ. In order to achieve that, the Court has to identify and interpret the objectives of the policy makers and, by doing so, set out a policy of its own.

Two cases brought before the ECJ are of interest to the present discussion, both of them preliminary references. The first is case C-275/06, Productores de Música de España v Telefónica de España SAU (henceforth ‘Promusicae’) which was brought before the Court in 2006 and the ECJ delivered its judgment in 2008. The second case is C-70/10 Scarlet Extended SA v Société Belge des auteurs, compositeurs et éditeurs (SABAM) (henceforth ‘Scarlet’). The Court’s judgment on Scarlet was published on the 24th of November 2011.

5.1 Overview of the Promusicae case

Promusicae is of fundamental importance to the present discussion, since it was the first case brought before the ECJ to examine the relationship between copyright protection and data protection [83]. The case was referred to the Court of Justice by a Spanish Court and concerned proceedings between Promusicae, a non-profit-making organisation representing rightholders, andTelefónica, a commercial company involved in the provision of internet access services. [84] In the facts of the case, several internet users, subscribers of Telefónica, were allegedly involved in online infringing activities; more specifically they were found to be using the peer-to-peer Kazaa platform to illegally download copyright works, the exploitation rights of which were held by members of Promusicae. Promusicae asked the Court for Telefónica to be ordered to disclose the identities and physical addresses of these persons, in order to be able to bring civil proceedings against them. The Spanish Court of First Instance ordered the preliminary measures requested by Promusicae, but Telefónica appealed against the order, arguing that the relevant national legislation provided that the disclosure of personal data sought by Promusicae was authorised only in cases of criminal investigations and not in civil cases. The Court of Appeal decided to stay proceedings and refer the case to the European Court of Justice. The question that essentially arose from this reference was whether Community (now EU) law requires Member States to introduce an obligation to information society service providers to communicate connection and traffic data in the context of civil proceedings [85].

To reach its conclusion, the ECJ followed three clearly defined steps [86]. The first step was to answer the question whether the E-Privacy Directive (2002/58/EC) prohibits the Member States from introducing an obligation to communicate personal data to the rightholders in order to enable them to bring civil proceedings against alleged infringers. The answer to that question was that, according to the ECJ, Directives 2002/58/EC and 95/46/EC can be read as allowing Member States to lay down an obligation to disclose personal data in the context of these proceedings. The Court did note, though, that the two Directives do not explicitly oblige Member States to create such a requirement. In the course of reviewing the relevant EU privacy legislation, the ECJ briefly analysed the scope of article 15 (1) of the E-Privacy Directive; this broader approach means that according to the ECJ personal data protection provisions could be restricted in the light of rights and freedoms of other individuals (i.e. the copyright holders) [87].

Since the provision of such an obligation was found not to be precluded by the relevant privacy legislation, the second step was to determine whether the three copyright Directives (2000/31/EC, 2001/29/EC and 2004/48/EC) expressly demanded from the Member States to lay down an obligation to communicate personal data in the context of civil proceedings, in order to ensure effective protection of copyright. The ECJ stated that copyright protection cannot affect the provisions relating to personal data protection. It moreover found that the wording of the relevant copyright legislation did not suggest that an obligation to communicate personal data was required to be introduced by Member States.

The third and final step in the Court’s reasoning was to ascertain whether there are any other Community rules (for example articles 17 and 47 of the Charter) that might require a different reading of these Directives. In answering that question, the ECJ found itself posing a new question which is wider both in scope and in depth: in paragraph 65 of the judgment, the Court realised that the issue before it essentially denotes the need ‘to reconcile the requirements of the protection of different fundamental rights, namely the right to respect for private life on the one hand and the rights to protection of property and to an effective remedy on the other’. The Court found that mechanisms that ensure this balance are included in the E-Privacy Directive and the Copyright Directives, as well as in national legislation.

The Court then went on to conclude, rather ambiguously, that Community law ‘does not require’ the Member States to introduce an obligation to communicate personal data in order to ensure effective protection of copyright in the context of civil proceedings. It also added that when transposing the relevant intellectual property and privacy EU legislation, Member States should seek to adopt an interpretation of the Directives which will allow a ‘fair balance’ to be struck between the various fundamental rights protected by the Community legal order. Finally, it noted than when implementing the measures transposing the abovementioned Directives, the national authorities and courts should adopt an interpretation that would not be in conflict with those rights or other fundamental principles of Community law, for instance the principle of proportionality.

5.2 Commentary on the Promusicae judgment

The judgment on the Promusicae case is of crucial importance in this discussion, because it forced the EU judiciary to reveal its position on the key issues regarding online piracy. The ECJ clarified what constitutes ‘communication’ and ‘traffic data’, it shed light on the position of ISPs and it established the notion of ‘fair balance’. On the other hand, it should be observed that most of the noteworthy arguments and points of the Court can be deduced from the judgment’s reasoning, whereas the operative part fails to offer a useful contribution to the matter.

At the time, the Court’s ruling was widely viewed as a defeat for rightholders, leaving representatives of ISPs and internet users satisfied. [88] If anything, the Court had showed reluctance to impose obligations of a general nature to ISPs, therefore supporters of net neutrality and stricter privacy legislation had legitimate reasons to feel optimistic. However, a more moderate approach seems preferable when reviewing the case in retrospect, a view that was voiced only by few at the time [89]. The interpretation of EU law adopted by the Court in Promusicae was, in essence, the result of a compromise: the ECJ acknowledged that the IP regime is not an isolated end in itself, but one protected interest among others [90]. It also tried to take into account the competing arguments of ISPs, rightowners and users. The result was a very cautiously worded judgment in which the ECJ refused to resolve the Gordian knot by avoiding a straightforward reply to the question posed. As noted by one commentator, the EU judiciary left an ‘open door’ to Member States to choose whether or not to introduce an obligation for disclosure of personal data. [91]Rather than laying down a positive requirement that should be followed by Member States, the judgment itself merely clarified that no such obligation is required by the relevant European legislation.

Nevertheless, for all its ambiguity and lack of legal determination in its operative part, the judgment in Promusicae had a large impact in the legal world. The main contribution of Promusicae was the establishment of a considerable discretion for national authorities when dealing with the issue of online copyright infringement. This discretion, which can be viewed both as a weapon for national authorities and as a defence mechanism for the public, should be present in three different stages. Firstly, Member States are free to choose whether to legislate on the issue or not. This can be viewed as a nod from the ECJ to national legislature and the competent authorities to introduce the necessary technical measures under certain conditions, in order to regulate the issue. These conditions are none other than the EU Directives, which neither prohibit nor force the Member States to take action, but are rather viewed as general guidelines of good conduct. In this first step, the EU Directives constitute a guarantee for the interests of the general public.

Secondly, Member States enjoy discretion when transposing the relevant Directives in their national legal order. According to the judgment’s wording, Member States should ‘take care to rely on an interpretation of the Directives which allows a fair balance to be struck between the various fundamental rights protected by the Community legal order’ [92]. In the context of the present proceedings, striking the right balance means avoiding a collision between copyright protection and other fundamental rights. The only way to achieve this is to prevent copyright infringement, without interference by unauthorised third parties in the processing of personal data of the alleged infringers. It is a delicate task, which cannot be executed without the necessary technical knowledge and a bona fide cooperation between ISPs and the national public authorities. In this second step, it is the intervention of the national authorities that safeguards the users’ rights to privacy and prohibits ISPs from becoming the ‘internet’s police’ [93].

Finally, national authorities and courts enjoy discretion when implementing measures for transposing the relevant Directives. According to the ECJ, courts and authorities should respect the principle of proportionality when interpreting their national legislation. The proportionality test is the final protection mechanism safeguarding the interests of users and ISPs; a national measure against illegal file-sharing cannot be adopted if it is not reasonable, necessary and in keeping with the aim pursued [94].

Promusicae ’s legacy is therefore twofold: it indirectly reaffirmed that processing personal data will always be handled with a high level of scrutiny by the courts and it also established a national discretion when dealing with online enforcement of intellectual property rights. The question was how this discretion was to be used by national authorities in the battle against online piracy, since communication of personal data was practically excluded as a route of defence for rightholders. The answer to that question is essentially what the Belgian Court of Appeal is seeking to find via its preliminary reference in the Scarlet case.

5.3 Overview of the Scarlet Case

The discussion in Promusicae focused on the issue of identifying and disclosing personal details of alleged infringers of copyright. It referred to measures taken after the infringing act was committed and dealt with a manifested conflict between copyright and privacy protection. The next case that was brought before the ECJ concerning unlawful online copyright infringement was case C-70/10. In the facts of the case, the Belgian collecting societySABAM had applied before the Belgian national Court of First Instance for interim relief against Scarlet Extended SA [95], an ISP. The collecting society sought, firstly, a declaration that its copyright was infringed by Scarlet’s users and secondly an order requiring Scarlet to bring such infringements to an end. The Court of First Instance found that such copyright infringements had indeed taken place by several subscribers of Scarlet who were engaged in illicit file-sharing online through P2P networks [96]. Scarlet was ordered, by a separate judgment, to bring those copyright infringements to an end, by installing a system for filtering and blocking electronic communications [97].

The judgment of the Belgian Court caused considerable turmoil in the EU, as it was viewed as a blow on the ISP exoneration regime which was established by articles 12-15 of the E-Commerce Directive. The fact that a national court had ruled in favour of filtering and blocking systems, alarmed both the general public and academic circles as it was viewed as ‘the start of a trend towards a greater responsibility being put on intermediaries to act as the gatekeepers for Internet’ [98]. Scarlet appealed the controversial judgment before the Cour d’appel de Bruxelles which decided to refer a question to the ECJ.

The question referred was whether EU law permits Member States to authorise a national Court to ‘order an Internet Service Provider to introduce, for all its customers, in abstracto and as a preventative measure, exclusively at the cost of that ISP and for an unlimited period, a system of filtering all electronic communications, both incoming and outgoing, passing via its services, in particular those involving the use of P2P software’, in order to identify illicit file-sharing on its network and subsequently block the exchange of the infringing material. In addition, if such a measure was to be adopted, the Belgian court sought to know whether the national court should apply the principle of proportionality when deciding on the filtering system’s requirements [99].

As a preliminary point, it should be observed that there are several issues that distinguish the Scarlet from the Promusicae case, even though their legal and general background is similar, as illustrated by the fact that the referring Court included Directives 2000/31/EC, 2001/29/EC, 2004/48/EC, 95/46/EC and 2002/58/EC in its reference. [100] Firstly, in the present case the question is whether it is possible to impose a general, long-lasting obligation to an ISP, whereas in Promusicae the issue arose in the course of specific civil proceedings and was limited to these proceedings only. Secondly, the privacy issues in Scarlet do not relate to the communication of data regarding specific identified individuals (the subject in Promusicae), but to the monitoring and handling of data of an unspecified amount of users, albeit in an anonymous way. Thirdly, the question here relates to preventative rather than corrective measures that would be adopted a posteriori. Fourthly, in the present case the conflict between the two sets of rights (property rights versus privacy rights) has not occurred at the time when the measure is proposed; the very reason rightholders are proposing the implementation of the filtering and blocking mechanism is to prevent illegal file-sharing, and there-by prevent the two rights to collide altogether, thus avoiding a situation similar to Promusicae.

On April 14th, 2011 Advocate General Pedro Cruz Villalón delivered his Opinion on the case, fuelling once more the debate on online piracy in the EU. [101] The AG was of the opinion that European law precludes a national court from ordering an ISP to install a filtering and blocking mechanism, because such an order would in principle infringe fundamental rights. Apart from his conclusion, which was hailed by ISPs, users and academics as a declaration in favour of fundamental rights of privacy [102], many interesting points are raised throughout his lengthy Opinion. Firstly, the AG criticised the modus operandi of the mechanism proposed, especially stressing its lack of safeguards; according to the Opinion, the filtering system would be applied on a ‘systematic, universal, permanent and perpetual basis’ [103], while no provision was made for the persons affected by the blocking procedure to challenge it or object to it. Moreover, according to AG Cruz Villalón, an order of the Belgian Court requesting such a mechanism to be implemented would constitute a ‘new, general obligation’ which could be extended in the future on a permanent basis to all internet service providers. This would mean that ‘the legal and economic responsibility for combating illegal downloading of pirated works from the internet would largely be delegated to the ISPs’ [104]. This is an observation of great importance because it reinforces the Court’s pre-existing position regarding the involvement of ISPs in fighting illegal file-sharing.

The ECJ not only did it agree in its judgment with the Advocate General’s observations, but it also introduced an even more user- and ISP- friendly reading of the existing legislation. [105] The Court detected, firstly, a breach of the ‘no general monitoring’ principle, mentioned above [106]. The content and nature of this principle had previously been clarified by the Court itself in the recent L’Oreal case, where the ECJ had declared that, according to article 15 of Directive 2000/31/EC ‘the measures required of the online service provider cannot consist in an active monitoring of all the data of each of its customers in order to prevent any future infringement of intellectual property rights via that provider’s website’ [107]. The Court’s bold, straightforward position against a possible ‘general monitoring’ obligation in these two judgments constitutes an important step towards the correct reading of article 15 of the E-Commerce Directive.

Secondly, the Court noted, quite interestingly, that the fact that Intellectual Property rights enjoy protection under the Charter of Fundamental Rights of the European Union (article 17 para. 2 of the Charter) does not necessarily mean that these rights should be considered as ‘inviolable’. According to the Court, IP rights should always be balanced against the protection of other fundamental rights [108]. The notion of ‘fair balance’ between the protection of copyright and the protection of fundamental rights of individuals who are affected by such measures was once again put forward by the Court [109], albeit in much more specific terms, as will be further analysed below.

In the present case the Court found that the proposed filtering system was violating both the rights of ISPs, since it would obstruct their freedom to conduct a business (article 16 of the Charter), and the rights of internet users; more specifically, the Court found that the implementation of such a filtering and blocking mechanism would ‘infringe the fundamental rights of that ISP’s customers, namely their right to protection of their personal data and their freedom to receive or impart information, which are rights safeguarded by Articles 8 and 11 of the Charter respectively’ [110].

5.4 Commentary on the Scarlet case

Both the Advocate General and the judges seem well aware of the ‘particularly delicate’ issue that is at stake in Scarlet, recognising that online copyright infringement is an ‘extremely sensitive domain’ where the Union’s and the Member States’ responsibilities have not yet been clarified [111]. The AG proceeded very cautiously in his reasoning by employing fundamental principles of EU law, such as the principles of legality, necessity and proportionality, while the Court gave a ruling of admirable clarity, despite the complexity and controversy that surrounds the issue. [112], The Court’s ruling addresses the most important aspects of copyright protection on the internet, such as the continuing importance of the neutrality principle of article 15 of the E-Commerce Directive, and proved once more the high level of scrutiny applied by the EU judiciary when dealing with issues relating to personal data protection.

One of the most important aspects of the judgment in Scarlet is that the Court finally clarified the notion of ‘fair balance’, by comparing four different sets of rights; intellectual property rights, freedom to conduct business, personal data protection, and freedom of information were all balanced against each other in order to reach a concrete conclusion. The clear, unambiguous statement that ‘IP rights are not inviolable’ [113], in conjunction with the balancing of copyright against the freedom to conduct business and the freedom of information, constitute two new, extremely important arguments in favour of ISPs and internet users, which had not been properly argued in previous cases. On the other hand, balancing copyright against personal data protection was already dealt with in Promusicae, and the judgment in Scarlet simply reiterates previous case law.

Regarding the issue of ISP liability, the Court plainly rejected the argument that a more strict liability regime should be introduced by adopting a new interpretation of the safe-harbour principles of the E-Commerce Directive. This argument has been consistently put forward by rightholders [114], who insist that this regime is outdated and essentially prevents them from effectively protecting their rights on the internet. Given the reluctance of the ECJ to impose general obligations on the ISPs, as demonstrated in the Promusicae judgment, the Court’s conclusions in Scarlet and its unreserved support of the current interpretation of article 15 of the 2000/31/EC Directive can be read as a confirmation that the position of the EU judiciary is that the neutrality principle should stay untouched.

As regards the way the European Court handles issues concerning protection of personal data and fundamental rights in general, the following observations should be made. Although the Court and the Advocate Generals have repeatedly stated that personal data protection does not take precedence over copyright protection, it is evident that the ECJ is very reluctant to impose restrictions on privacy rights when challenged to rule on issues that include weighing of conflicting interests; usually the Court chooses an interpretation of the law that offers the maximum possible protection to individuals, or adopts a reading that ensures that the scope of the relevant Directives’ provisions remains as wide as possible [115]. In the present case, even though the filtering and blocking procedures would affect individuals strictly on an anonymous basis and the proposed mechanisms would not directly involve communication of personal data, the Court, following the Advocate General’s reasoning, considered that the mere fact of processing IP addresses for the purposes of filtering affects the right to data protection. At the same time, the judgment in Scarlet can be viewed as the logical next step after the Court’s judgment in Promusicae: the Court in Promusicae essentially refused to recognise an obligation imposed by EU legislation to communicate personal data, even though it began its reasoning by adopting an ‘anti-privacy’ interpretation of article 15 of the E-Privacy Directive [116]. Given these two observations, it is not surprising that the AG’s Opinion in Scarlet was characterised as ‘a strong position in favour of fundamental rights’ [117], while the Court’s judgment was hailed by users as ‘a win for fundamental rights and Internet freedoms’ [118].

With its judgment in Scarlet, the European Court of Justice took a clear position in favour of the free flow of information on the internet. It should be borne in mind, however, that balancing rights is an ad hoc process that always applies to the facts of the specific case that is brought before the Court. The measure imposed by the national court in the present case (a system for filtering all electronic communications passing via the ISP’s services, which would apply indiscriminately to all its customers, in a preventive way, exclusively at the ISP’s expense and for an unlimited period) was excessively burdensome, therefore allowing the ECJ to deliver a judgment in favour of users and ISPs. Taking into consideration the fact that the protection of IP rights remains one of the most controversial issues within the EU, one cannot rule out the possibility of a future turn in the Court’s case law, especially if the Court is asked to rule on measures more compatible with the principle of proportionality. [119]

6. Conclusions

Copyright infringement on the internet is an issue that can be found very high on the agenda of governments and legislators, because it affects a vast amount of individuals –be it everyday people involved in illicit file-sharing or the rightholders and representatives of the creative industries who demand that their works be protected from unauthorised copying. The effectiveness of the existing legal framework is questionable and copyright holders feel unprotected on the internet leading them to seek ways to enforce their rights that can be contrary to privacy legislation. Moreover, copyright holders and representatives of the creative industries seek to involve internet service providers in the battle against online piracy because they believe that the latter’s position allows them to oversee traffic on their networks.

The European Union has adopted a series of legally binding and non-binding texts in order to clarify its position on the subject and urge Member States to regulate the issue by maintaining a balance between copyright protection and other fundamental rights. Although a plethora of legal documents has been produced by the EU, the Union’s position on the subject is yet to be clarified. The European Court of Justice is therefore called to act as a regulator of online piracy, by ruling on issues that are brought before it and at the same time giving an enlightening interpretation of the existing legal framework.

After analysing the only two relevant cases brought before the ECJ, one can deduce that the Court is reluctant to impose obligations on intermediaries of online services and to restrict the freedom of internet users. It seems that the European Court tries to avoid the title of the ‘over-regulator’ of the internet by adopting a rather ‘privacy friendly’ approach. The Court seemed, however, reluctant to make a bold statement in favour of the users, adopting ambiguous terms such as the notion of ‘fair balance’ and leaving it to the Member States to regulate the issue (Promusicae). The Court’s judgment in Scarlet takes the matter one step further, by clarifying what constitutes ‘fair balance’ and by reaffirming that the EU judiciary is in favour of solutions that would not impede the exercise of peoples’ fundamental rights. The Court’s task remains delicate; it is obliged to keep ensuring that the balance between conflicting interests is maintained. Up to now its ‘balanced approach’ has been leading to solutions in favour of users and intermediaries. Rightholders keep pressing for a more ‘copyright friendly’ approach, while at the same time lobbying to persuade governments to introduce measures, which will ensure that their rights are protected within the limits designated by the EU legislature and the Court’s judgments.

For all the balanced and cautious approach of the European Court of Justice on the issue, illegal file-sharing continues to thrive and the ECJ has yet to propose (or accept) an effective mechanism to stop infringers. It is now the Court’s task to prove that it is possible to combine balance and effectiveness. A most difficult task indeed.

Bibliography

Books

D. Chalmers, G. Davies and G. Monti, European Union Law: Cases and Materials (2nd Ed. Cambridge University Press, 2010)

P. Craig, G. de Burca, EU Law: Text, Cases and Materials (4th Ed. Oxford University Press, 2008)

D. Kelleher, K. Murray, IT Law in the European Union (Sweet & Maxwell, 1999)

L.C. Lee, J. Scott Davidson, Intellectual Property for the Internet (Wiley Law Publications, 1997)

M. Partington, Introduction to the English Legal System (2nd Ed. Oxford University Press, 2003)

J.A.L. Sterling, World Copyright Law (Sweet and Maxwell, 2008)

Journal Articles

P. Akester, ‘The new challenges of striking the right balance between copyright protection and access to knowledge, information and culture’ E.I.P.R. 2010, 32(8), 372-381

B. Allgrove, I. Walden, ‘Turning the tide on Intermediary Liability?’ (2007) Comps & Law 18 (3), 10-11

P.A. Baistrocchi. ‘Liability of intermediary service providers in the EU Directive on Electronic Commerce’ (2002), Santa Clara Computer & High Tech. L. J. (19) 1, 1

W. Cornish, J. Drexl, R. Hilty, A.Kur, ‘Procedures and Remedies for enforcing IPRs: the European Commission’s Proposed Directive’ (2003) E.I.P.R. 25(10) 447-449

F. Coudert, E.Werkers ‘In the aftermath of the Promusicae case: How to strike the balance?’ I.J.L. & I.T. 2010, 18(1), 50-71

F. Coudert, ‘Advocate General of the ECJ issues opinion in the Sabam/Scarlet case’ on the time.lex blog, available at http://www.timelex.eu/nl/blog/p/detail/ advocate-general-of-the-european-court-of-justice-issues-opinion-on-filtering-and-blocking-of-electronic-communications

D. Doobay ‘A case of Scarlet fever for the ECJ following Belgian referral?’, Ashtrust publications, Communications newsletter, April 2010, retrieved from http://www.ashurst.com/publication-item.aspx?id_Content=5133

P. Eeckhout, ‘The European Court of Justice and the Legislature’ Y.E.L. 1998, 18, 1-28

L. Hetherington, ‘Peer-to-peer file-sharing – ISPs and disclosure of user identities’ Ent. L.R. 2008, 19(4), 81-82

M. Horten, ‘’The Telecoms Package’’ and the copyright amendments –a European legal framework to stop downloading, and monitor the internet’, retrieved from http://www.iptegrity.com/pdf/monica.horten.telecom.package. copyright.enforcement.091108.pdf

K. Kariyawasam, ‘AFACT claim against Australian ISP iiNet: internet copyright infringement and service providers (case comment)’ E.I.P.R. 2011, 33(5), 310-323

C. Kuner, ‘Data Protection and Rights Protection on the Internet: The Promusicae Judgment of the European Court of Justice’ E.I.P.R. 2008, 30(5), 199-202

S. Liebowitz, ‘File-sharing: Creative destruction or just plain destruction?’ (2006) Center for the Analysis of Property Rights Working Paper No. 04-03, retrieved from http://www.utdallas.edu/~liebowit/emba/cd.pdf

M. Manner, T. Siniketo, U. Polland ‘The Pirate Bay ruling - when the fun and games end’ Ent. L.R. 2009, 20(6), 197-205

B. McMahon, ‘Imposing an obligation to monitor on Information Society service providers’ C.T.L.R. 2011, 17(4), 93-96

P. S. Morris ‘Pirates of the Internet, at Intellectual Property’s End with Torrents and challenges for choice of law’, I.J.L. & I.T. 2009, 17(3), 282-303

A. Peukert, ‘Intellectual Property as an end in itself?’ E.I.P.R. 2011, 33(2), 67-71

H. Rasmussen, ‘On law and policy in the European Court of Justice: a comparative study in judicial policymaking’ J. Com. Mar. St. 1987, 26(1), 92-93

T. Tridimas, ‘The Court of Justice and Judicial Activism’ E.L. Rev. 1996, 21(3), 199-210

W. Wei, ‘ISP indirect copyright liability: conflicts of rights on the internet’ C.T.L.R. 2009, 15(8), 181-185

M. Weston, ‘ISP: Internet Service Provider or internet service police?’ (2011) I. P.M. Jun, 12

Cases

European Court of Justice, case C-274/06 Productores de Musica de Espana v Telefonica de Espana SAU, Judgment of the Court (Grand Chamber) of 29 January 2008 [2008] E.C.R. I-00271

European Court of Justice, case C-70/10 Scarlet Extended SA v Société belge des auteurs, compositeurs et éditeurs (SABAM) [judgment not yet published in the E.C.R]

European Court of Justice, case C-101/01 Lindqvist, Judgment of the Court of 6 November 2003 [2003] E.C.R. I-12971

European Court of Justice, case C-301/06 Ireland v Parliament and Council, Judgment of the Court (Grand Chamber) of 10 February 2009 [2009] E.C.R. I-00593

European Court of Justice, case C-553/07 College van burgemeester en wethouders van Rotterdam v M.E.E. Rijkeboer, Judgment of the Court (Third Chamber) of 7 May 2009 [2009] E.C.R. I-03889

BMG Music v. Gonzalez , 430 F.3d 888 (7th Cir. 2005) [US]

A&M Records, Inc. v. Napster, Inc. , 239 F.3d 1004 (Ninth Circuit, 2001) [US]

MGM Studios, Inc. v. Grokster , 125 S. Ct. 2764, 2005 [US]

Public Prosecutor v Neij [Pirate Bay], case n° B 4041-09, TR Sweden (2009) [Sweden]

Roadshow Films Pty Ltdv iiNet Ltd (No. 3) [2010], FCA 24 (Fed Ct (Aus)) [Australia]

R. (on the application of British Telecommunications Plc) v Secretary of State for Business, Innovation and Skills [2011] EWHC 1021 (Admin); (2011) 108(18) L.S.G. 18 (QBD (Admin)) [UK]

Legislation

International

Agreement on Trade-Related Aspects of Intellectual Property Rights, Marrakesh 1994 (TRIPS Agreement)

WIPO Copyright Treaty (WCT), Geneva 1996

WIPO Performances and Phonographs Treaty (WPPT), Geneva 1996

European Union

Treaty on European Union and Treaty on the Functioning of the European Union (OJ C 83 of 30.3.2010)

Charter of the Fundamental Rights of the European Union (OJ C 83 of 30.3.2010)

Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (‘E-Commerce Directive’) OJ L 178, 17.7.2000, p. 1–16

Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society, and Recital 4 of Directive 2004/48/EC of the European Parliament and of the Council of 29 April 2004 on the Enforcement of Intellectual Property Rights (‘InfoSoc Directive’) OJ L 167, 22.6.2001, p. 10–19

Directive 2004/48/EC of the European Parliament and of the Council of 29 April 2004 on the Enforcement of Intellectual Property Rights (‘Enforcement Directive’) OJ L 157, 30.4.2004, p. 45–86

Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data OJ L 281, 23.11.1995, p. 31–50

Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (‘E-Privacy Directive’) OJ L 201, 31.7.2002, p. 37–47

Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data OJ L 8, 12.1.2001, p. 1–22

National

US Digital Millennium Copyright Act (DMCA) [United States of America]

Ley 2/2011, de 4 de marzo, de Economía Sostenible (BOE du 5 mars 2011, p. 25033) [Spain]

Loi n° 2009-669, du 12 juin 2009, favorisant la diffusion et la protection de la création sur Internet, JORF n°135 du 13 juin 2009, p. 9666 [France]

Other material

Report from the Commission to the European Parliament, the Council and the European Economic and Social Committee on the application of Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the internal market, COM/2003/0702 final

Report from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on the Application of Directive 2004/48/EC of the European Parliament and the Council of 29 April 2004 on the enforcement of intellectual property rights, SEC(2010) 1589final

Report from the Commission the Council, the European Parliament and the Economic and Social Committee on the application of Directive 2001/29/EC on the harmonisation of certain aspects of copyright and related rights in the information society, SEC (2007) 1556

European Commission, Synthesis Report on the Stakeholders’ Dialogue on Illegal Up- and Downloading 2009 2010, March 2011, Ares(2011)367168

European Commission, Synthesis of the Comments on the Commission Report on the application of Directive 2004/48/EC of the European Parliament and the Council of 29 April 2004 on the Enforcement of Intellectual Property Rights, July 2011, COM/2010/779final

European Data Protection Supervisor Opinion of 10 April 2008 on the Proposal for a Directive amending, among others, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), OJ C 181, 18.07.2008, p. 1

Second Opinion of the European Data Protection Supervisor of 9 January 2009 on the review of Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), OJ C 128, 06.06.2009, p. 28

European Data Protection Supervisor Opinion of 22 February 2010 on the current negotiations by the European Union of an Anti-Counterfeiting Trade Agreement (ACTA) 2010/C 147/01

European Data Protection Supervisor Response of 8 April 2011 to the Commission's Consultation on its Report on the application of Intellectual Property Rights Directive

European Parliament Resolution of 10 April 2008 on cultural industries in Europe (2007/2153(INI))

European Parliament Recommendation of 26 March 2009 to the Council on strengthening security and fundamental freedoms on the Internet (2008/2160(INI))

European Parliament Resolution of 22 September 2010 on enforcement of intellectual property rights in the internal Market (2009/2178(INI))

Report of the Council of the European Union (draft Council conclusions) on the development of legal offers of online cultural and creative content and the prevention and combating of piracy in the digital environment, 1 October 2008, 13605/08. Available from http://register.consilium.europa.eu/pdf/en/08/st13/st13605.en08.pdf

Draft Council Conclusions on Net Neutrality, 15 July 2011, 12950/11. Available from http://register.consilium.europa.eu/pdf/en/11/st12/st12950.en11.pdf

Recommendation CM/Rec(2008)6 of the Committee of Ministers to Member States on measures to promote the respect for freedom of expression and information with regard to internet filters (adopted by the Committee of Ministers on 26 March 2008 at the 1022nd meeting of the Ministers’ Deputies)

Opinion 2/2002 of the Article 29 Working Party on the use of unique identifiers in telecommunication terminal equipments: the example of IPv6, WP58, 30 May 2001

Opinion 2/2007 of the Article 29 Working Party on the concept of personal data, WP 136, 20 June 2007

Study on Online Copyright Enforcement and Data Protection in Selected Member States, prepared by Hunton & Williams for DG Internal Market of the European Commission, November 2009, available at http://ec.europa.eu/internal_market/iprenforcement/docs/study-online-enforcement_en.pdf

Independent technical report ‘An estimate of infringing use on the Internet’, January 2011, commissioned by NBC, produced by Envisional, available on the website of the Motion Picture Association of America (MPAA) http://www.mpaa.org/Resources/8aaaecf5-961e-4eda-8c21-9f4f53e08f19.pdf (accessed July 2011)

Communication of the Department of Professional Employers, AFL-CIO, ‘Intellectual Property Theft: a threat to US workers, industries, and our economy’. Available from http://dpeaflcio.org/pdf/DPE-fs_2010_intellectual_prop.pdf

European Commission Press Release, ‘Commission consults on how best to seize the opportunities for TV and film in the online age’, Brussels 13 July 2011, available from http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/868&format=HTML&aged=0&language=EN&guiLanguage=en

Council of the EU Press Release on the Agreement on Directive on copyrights in the information society, 9 June 2000, 9273/00 (presse 204), available at http://consilium.europa.eu/uedocs/cms_data/docs/pressdata/en/misc/09273.en0-communiqu%C3%A9%20Copyright.doc.html

IFPI Digital Music Report 2011 ‘Music at the touch of a button’. Available at the IFPI website: http://www.ifpi.org/content/library/DMR2011.pdf

Internet Service Providers’ Association EU (EuroISPA), Consultation on the Commission’s Report on the Enforcement of Intellectual Property Rights, March 2011. Available at http://www.euroispa.org/files/1103 _euroispa_contribution_ipred.pdf

Internet Service Providers’ Association UK (ISPA UK), Press release ‘Peer-to-peer’. Available from the ISPA website http://www.ispa.org.uk/press_office/page_62.html

Commission de la protection de la vie privée (Belgian authority), Opinion 44/2001 of the 12th November 2001 (‘Avis d’initiative concernant la compatibilité de la recherche d’infractions au droit d’auteur commises sur Internet avec les dispositions juridiques protégeant les données a caractère personnel et les télécommunications’)

Financial Times article ‘Mixed reaction to EU ruling on copyright’ by N. Tait, January 30, 2008, retrieved from http://www.ft.com/cms/s/0/2278d88c-ced5-11dc-877a-000077b07658.html#axzz1UNMJqrMp

The Times (London) article, ‘Court delivers a blow to record companies on internet piracy’ by M. Herman, January 30, 2008, retrieved from http://business.timesonline.co.uk/tol/business/law/article3273960.ece

Computerworld article ‘European court strikes blow against music industry fishing - and a blow for keeping ISPs out of civil cases’ by J. Kirk, 29 January 2008, retrieved from http://www.computerworld.com/s/article/9059838/European_court_strikes_blow_against_music_industry_fishing

Le Monde article ‘Pas de filtrage d'Internet sans loi préalable, selon l'avocat général de la Cour européenne de justice’, 14.4.2011 (in french), retrieved from http://www.lemonde.fr/technologies/article/2011/04/14/pas-de-filtrage-d-internet-sans-loi-prealable-selon-l-avocat-general-de-la-cour-europeenne-de-justice_1507847_651865.html



[1] Maria Ioanna Rantou, LLM (European/Intellectual Property Law), Queen Mary University of London. Qualified lawyer (Athens Bar Association). The paper is based on material available as at February 15th, 2012

[2] In the present analysis, the term “online piracy” refers to illicit file-sharing of copyrighted musical, cinematographic or audiovisual works on the Internet. Although the term was originally introduced in order to describe unauthorised copying and exchanging of protected material on a commercial scale, it is now accepted as also referring to non-commercial uses of protected material online. For further clarifications regarding terminology, see chapter 1.1 ‘Terminology Issues’

[3] European Parliament Recommendation of 26 March 2009 to the Council on strengthening security and fundamental freedoms on the Internet (2008/2160(INI)), Recital (N) in the Preamble

[4] Report from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on the Application of Directive 2004/48/EC of the European Parliament and the Council of 29 April 2004 on the enforcement of intellectual property rights, SEC(2010) 1589final, p. 5

[5] European Commission Press Release, ‘Commission consults on how best to seize the opportunities for TV and film in the online age’, Brussels 13 July 2011, available at http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/868&format=HTML&aged=0&language=EN&guiLanguage=en (accessed 15 February 2012)

[6] IFPI Digital Music Report 2011 ‘Music at the touch of a button’, p. 14. Report available at the IFPI website: http://www.ifpi.org/content/library/DMR2011.pdf (accessed 15 February 2012)

[7] As regards the music industry, interesting statistics can be found in the 2011 IFPI Digital Music Report ‘Music at the touch of a button’, p. 14. Report available at the IFPI website: http://www.ifpi.org/content/library/DMR2011.pdf (accessed 15 February 2012). According to its data, the decline in the value of the global recorded music industry in the period 2004-10 amounts to 31%. Debut album unit sales in the global top 50 during the period 2003-2010 have fallen up to 77%.

[8] As regards the film industry, revealing statistics on the extent of online piracy can be found in the independent report “Technical report: An Estimate of Infringing Use of the Internet”, January 2011, commissioned by NBC, produced by Envisional. The Report is available at the website of the Motion Picture Association of America (MPAA) http://www.mpaa.org/Resources/8aaaecf5-961e-4eda-8c21-9f4f53e08f19.pdf (accessed 15 February 2012). As for the impact of digital piracy on the creative industries and the rise of unemployment, see Communication of the Department of Professional Employers, AFL-CIO, “Intellectual Property Theft: a threat to US workers, industries, and our economy”. Document available from http://dpeaflcio.org/pdf/DPE-fs_2010_intellectual_prop.pdf (accessed 15 February 2012)

[9] For example Roadshow Films Pty Ltdv iiNet Ltd (No. 3) [2010], FCA 24 (Fed Ct (Aus)) case

[10] Internet Service Providers’ Association UK (ISPA UK), Press release ‘Peer-to-peer’. Available from the ISPA website http://www.ispa.org.uk/press_office/page_62.html (accessed 15 February 2012)

[11] Examples of ISPs in the UK would include BT, Virgin Media, AOL, etc.

[12] K. Kariyawasam, ‘AFACT claim against Australian ISP iiNet: internet copyright infringement and service providers (case comment)’ E.I.P.R. 2011, 33(5), 310-323, p. 310

[13] S. Liebowitz, ‘File-sharing: Creative destruction or just plain destruction?’, (2006) Center for the Analysis of Property Rights Working Paper No. 04-03, retrieved from http://www.utdallas.edu/~liebowit/emba/cd.pdf (accessed 15 February 2012)

[14] Other types of P2P include Kazaa, Limewire, Gnutella or more recently the BitTorrent protocols

[15] P. S. Morris ‘Pirates of the Internet, at Intellectual Property’s End with Torrents and challenges for choice of law’, I.J.L. & I.T. 2009, 17(3), 282-303, p. 283

[16] See Recital 15 in the Preamble of Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society (‘InfoSoc Directive) OJ L 167, 22.6.2001, p. 10–19; Recital 4 in the Preamble of Directive 2004/48/EC of the European Parliament and of the Council of 29 April 2004 on the Enforcement of Intellectual Property Rights(‘Enforcement Directive) OJ L 157, 30.4.2004, p. 45–86

[17] In 1994 the TRIPs Agreement (Agreement on Trade-Related Aspects of Intellectual Property Rights) was adopted followed by the WIPO Copyright and WIPO Performances and Phonograms Treaties in 1996

[18] European Data Protection Supervisor Response of 8 April 2011 to the Commission's Consultation on its Report on the application of Intellectual Property Rights Directive, para. 43

[19] Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce in the Internal Market (‘E-Commerce Directive’) OJ L 178, 17.7.2000, p. 1–16

[20] Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society OJ L 167, 22.6.2001, p. 10–19

[21] Directive 2004/48/EC of the European Parliament and of the Council of 29 April 2004 on the Enforcement of Intellectual Property Rights OJ L 157, 30.4.2004, p. 45–86

[22] “The objective of proper support for the dissemination of culture must not be achieved by sacrificing strict protection of rights or by tolerating illegal forms of distribution of counterfeited or pirated works”, Recital 22 in the Preamble of the 2011/29/EC InfoSoc Directive OJ L 167, 22.6.2001, p. 10–19

[23] Recital 31 in the Preamble of the 2001/29/EC InfoSoc Directive OJ L 167, 22.6.2001, p. 10–19

[24] Report on the application of Directive 2004/48/EC OJ L 157, 30.4.2004, p. 2

[25] See, Recital 2 in the Preamble “the protection of intellectual property should not hamper freedom of expression, the free movement of information, or the protection of personal data, including on the Internet” , Recital 9 “Increasing use of the Internet enables pirated products to be distributed instantly around the globe”.

[26] W. Cornish, J. Drexl, R. Hilty, A.Kur, ‘Procedures and Remedies for enforcing IPRs: the European Commission’s Proposed Directive’ (2003) EIPR, 25(10) 447-449

[27] Recital 23 in the Preamble of the 2004/48/EC Enforcement Directive OJ L 157, 30.4.2004, p. 45–86

[28] Recital 15 in the Preamble of the 2004/48/EC Enforcement Directive OJ L 157, 30.4.2004, p. 45–86

[29] Section 512 of the US Digital Millennium Copyright Act (DMCA), which aims to prevent copyright liability for service providers for passive, automatic actions of intermediaries that are not intended as such to endorse or promote copyright infringement.

[30] Mere conduit: acts of a service provider that involve only the temporary acts of reproduction necessary in transmission, see: J.A.L. Sterling, World Copyright Law (Sweet and Maxwell, 2008) pp. 458-460

[31] Caching: the process by which material is temporarily stored at intervening points between the server site and the accessor, in order to facilitate transmission, see J.A.L. Sterling, World Copyright Law (Sweet and Maxwell, 2008) p. 660

[32] Article 15 (a): “Member States shall not impose a general obligation on providers when providing the services covered by articles 12-14, to monitor the information which they transmit or store, nor a general obligation actively to seek facts or circumstances indicating illegal activity”.

[33] Report from the Commission to the European Parliament, the Council and the European Economic and Social Committee on the application of Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the internal market, COM/2003/0702final, p. 14

[34] Report from the Commission to the European Parliament, the Council and the European Economic and Social Committee on the application of Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the internal market, COM/2003/0702final, p. 16: “Intermediary service providers have, themselves, in cooperation with national authorities as well as with other stakeholders, such as IP rightholders, been active in fighting against illegal activity on the internet, whilst also seeking to ensure a balance between the legitimate interests of users, other interested parties, and the freedom of speech.”

[35] L.C. Lee, J. Scott Davidson, Intellectual Property for the Internet (Wiley Law Publications, 1997) pp. 222-223

[36] Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, OJ L 281, 23.11.1995, p. 31–50

[37] Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (“E-Privacy Directive”) OJ L 201, 31.7.2002, p. 37–47

[38] Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (“E-Privacy Directive”) OJ L 201, 31.7.2002, p. 37–47, article 15 (1)

[39] The Working Party was established by article 29 of the 95/46/EC Directive and its tasks are laid down in Directives 95/46/EC and 2002/58/EC

[40] For further information see the Article 29 Working Party website, under ‘Tasks’ http://ec.europa.eu/justice/policies/privacy/workinggroup/index_en.htm (accessed 15 February 2012)

[41] Opinion of Advocate General Kokott, C-274/06 Productores de Musica de Espana v Telefonica de Espana SAU, delivered on 18 July 2007, paras 42-45

[42] Synthesis of the Comments on the Commission Report on the application of Directive 2004/48/EC of the European Parliament and the Council of 29 April 2004 on the Enforcement of Intellectual Property Rights, COM/2010/779final, July 2011, pp. 4, 6

[43] D. Kelleher, K. Murray, IT Law in the European Union (Sweet & Maxwell, 1999), pp. 284-288

[44] F. Coudert, E.Werkers ‘In the aftermath of the Promusicae case: How to strike the balance?’ I.J.L. & I.T. 2010, 18(1), 50-71, see chapter 3.1

[45] Internet Protocol address: The address (numerical label) of a device attached to an Internet Protocol network. Every IP address that is exposed to the public Internet is unique. In contrast, IP addresses within a local network use the same private addresses. For further definitions, see PC Magazine, http://www.pcmag.com/encyclopedia/ (accessed 15 February 2012)

[46] Study on Online Copyright Enforcement and Data Protection in Selected Member States, prepared by Hunton & Williams for DG Internal Market of the European Commission, November 2009. Study available at the European Commission website http://ec.europa.eu/internal_market/iprenforcement/ docs/study-online-enforcement_en.pdf (accessed 15 February 2012)

[47] Opinion 2/2002 on the use of unique identifiers in telecommunication terminal equipments: the example of IPv6, WP58, 30 May 2001 and Opinion 2/2007 on the concept of personal data, WP 136, 20 June 2007

[48] Opinion of the EDPS of 22 February 2010 on the current negotiations by the European Union of an Anti-Counterfeiting Trade Agreement (ACTA), 2010/C 147/01, paras 25-28

[49] Opinion of Advocate General Kokott, C-274/06 Productores de Musica de Espana v Telefonica de Espana SAU, delivered on 18 July 2007, paras 61-62

[50] Article 2 (b) of the E-Privacy Directive: “‘Traffic data’ means any data processed for the purpose of the conveyance of a communication on an electronic communications network or for the billing thereof”

[51] Loi n° 2009-669, du 12 juin 2009, favorisant la diffusion et la protection de la création sur Internet, JORF n°135 du 13 juin 2009, p. 9666

[52] Haute Autorité pour la Diffusion des Œuvres et la Protection des Droits sur Internet - HADOPI

[53] R. (on the application of British Telecommunications Plc) v Secretary of State for Business, Innovation and Skills [2011] EWHC 1021 (Admin); (2011) 108(18) L.S.G. 18 (QBD (Admin))

[54] Recommendation CM/Rec(2008)6 of the Committee of Ministers to Member States on measures to promote the respect for freedom of expression and information with regard to internet filters (adopted by the Committee of Ministers on 26 March 2008 at the 1022nd meeting of the Ministers’ Deputies. NB. The Council of Europe is an international organisation and not an instrument of the EU. It should not be confused with the Council of the EU, discussed below.

[55] M. Manner, T. Siniketo, U. Polland ‘The Pirate Bay ruling - when the fun and games end’ Ent. L.R. 2009, 20(6), 197-205

[56] ‘Ley Sinde’, Ley 2/2011, de 4 de marzo, de Economía Sostenible (BOE du 5 mars 2011, p. 25033) (Sustainable Economy Act, Act 2/2011 of 4 March 2011)

[57] IFPI Digital Music Report 2011 ‘Music at the touch of a button’, p. 14. Report available at the IFPI website: http://www.ifpi.org/content/library/DMR2011.pdf (accessed 15 February 2012), p. 13

[58] For a general background on the competences of the European Commission, see D. Chalmers, G. Davies and G. Monti, European Union Law: Cases and Materials (2nd Edn Cambridge University Press, 2010) p. 54. For more details on current activity see the Commission’s website: http://ec.europa.eu/

[59] Report on the application of Directive 2004/48/EC, SEC(2010) 1589final, p. 5; Report on the application of Directive 2000/31/EC, COM/2003/0702final, p. 14; Report from the Commission the Council, the European Parliament and the Economic and Social Committee on the application of Directive 2001/29/EC on the harmonisation of certain aspects of copyright and related rights in the information society, SEC (2007) 1556

[60] Report on the application of Directive 2000/31/EC, COM/2003/0702final, p. 14

[61] Report on the application of Directive 2004/48/EC, SEC(2010) 1589final, p. 5

[62] Synthesis of the Comments on the Commission Report on the application of Directive 2004/48/EC of the European Parliament and the Council of 29 April 2004 on the Enforcement of Intellectual Property Rights, COM/2010/779final, July 2011, pp. 4, 6

[63] Comment of the European Data Protection Supervisor, found in the European Data Protection Supervisor Response of 8 April 2011 to the Commission's Consultation on its Report on the application of Intellectual Property Rights Directive, para. 3

[64] Synthesis Report on the Stakeholders’ Dialogue on Illegal Up- and Downloading 2009 2010, European Commission, March 2011 Ares(2011)367168

[65] For a general background on the competences of the European Parliament, see D. Chalmers, G. Davies and G. Monti, European Union Law: Cases and Materials (2nd Edn Cambridge University Press, 2010). p. 81. For further information on the Parliament’s current activity, see the Parliament’s website: http://www.europarl.europa.eu/

[66] European Parliament Resolution of 10 April 2008 on cultural industries in Europe (2007/2153(INI))

[67] European Parliament Recommendation of 26 March 2009 to the Council on strengthening security and fundamental freedoms on the Internet (2008/2160(INI))

[68] European Parliament Resolution of 22 September 2010 on enforcement of intellectual property rights in the internal Market (2009/2178(INI))

[69] For a general background on the competences of the Council of the European Union, see D. Chalmers, G. Davies and G. Monti, European Union Law: Cases and Materials (2nd Edn Cambridge University Press, 2010), p. 67. For further information on the Council’s current activity, see the Council’s website: http://www.consilium.europa.eu/

[70] Council of the EU Press Release on the Agreement on Directive on copyrights in the information society, 9 June 2000, 9273/00 (presse 204), available at http://consilium.europa.eu/uedocs/cms_data/ docs/pressdata/en/misc/09273.en0-communiqu%C3%A9%20Copyright.doc.html (accessed 15 February 2012)

[71] Report of the Council of the European Union (draft Council conclusions) on the development of legal offers of online cultural and creative content and the prevention and combating of piracy in the digital environment, 1 October 2008, 13605/08, available at http://register.consilium.europa.eu/ pdf/en/08/st13/st13605.en08.pdf (accessed 15 February 2012)

[72] Draft Council conclusions on Net Neutrality, 15 July 2011, 12950/11, para. 6e, available at http://register.consilium.europa.eu/pdf/en/11/st12/st12950.en11.pdf (accessed 15 February 2012)

[73] The current European Data Protection Supervisor is P. Hustinx. For further information see the EDPS website http://www.edps.europa.eu/ (accessed 15 February 2012)

[74] The right to intervene is provided for in Article 47 of Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data OJ L 8, 12.1.2001, p. 1–22

[75] Opinion of the EDPS of 10 April 2008 on the Proposal for a Directive amending, among others, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), OJ C 181, 18.07.2008, p. 1; Second opinion of the EDPS of 9 January 2009 on the review of Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), OJ C 128, 06.06.2009, p. 28

[76] Opinion of the EDPS of 22 February 2010 on the current negotiations by the European Union of an Anti-Counterfeiting Trade Agreement (ACTA), 2010/C 147/01; European Data Protection Supervisor Response of 8 April 2011 to the Commission's Consultation on its Report on the application of Intellectual Property Rights Directive

[77] Opinion of the EDPS of 22 February 2010 on the current negotiations by the European Union of an Anti-Counterfeiting Trade Agreement (ACTA), 2010/C 147/01, para. 17

[78] After the adoption of the Lisbon Treaty, the European Court of Justice has been renamed to Court of Justice of the European Union (CJEU). In this paper, the pre-Lisbon term is preserved because the cases were referred to the Court before the entry into force of the Lisbon Treaty.

[79] M. Partington, Introduction to the English Legal System (2nd Edn Oxford University Press, 2003), p. 62

[80] For a more detailed analysis on the impact of the ECJ’s judgments in the EU legal system, see T. Tridimas, ‘The Court of Justice and Judicial Activism’ E.L. Rev. 1996, 21(3), 199-210; P. Eeckhout, ‘The European Court of Justice and the Legislature’ Y.E.L. 1998, 18, 1-28; P. Craig, G. de Burca, EU Law: Text, Cases and Materials (4th Edn Oxford University Press, 2008), pp. 72-76

[81] H. Rasmussen, “On law and policy in the European Court of Justice: a comparative study in judicial policymaking” J. Com. Mar. St. 1987, 26(1), 92-93

[82] Article 17 para 2 of the Charter of Fundamental Rights of the European Union (OJ C 83 of 30.3.2010) provides for the protection of Intellectual property. Article 8 of the Charter refers to the protection of personal data.

[83] C. Kuner, ‘Data Protection and Rights Protection on the Internet: The Promusicae Judgment of the European Court of Justice’ E.I.P.R. 2008, 30(5), 199-202, p. 199

[84] Juzgado de lo Mercantil nº5 de Madrid

[85] European Court of Justice, case C-274/06 Productores de Musica de Espana v Telefonica de Espana SAU, Judgment of 29 January 2008, E.C.R. I-00271 (ECJ (Grand Chamber)), paras 34 and 41

[86] European Court of Justice, case C-274/06 Productores de Musica de Espana v Telefonica de Espana SAU, Judgment of 29 January 2008, E.C.R. I-00271 (ECJ (Grand Chamber)), para. 46

[87] L. Hetherington, ‘Peer-to-peer file-sharing – ISPs and disclosure of user identities’ Ent. L.R. 2008, 19(4), 81-82, p. 81

[88] See The Times (London) article, ‘Court delivers a blow to record companies on internet piracy’ by M. Herman, January 30, 2008, retrieved from http://business.timesonline.co.uk/tol/business/law/ article3273960.ece ; Computerworld article ‘European court strikes blow against music industry fishing - and a blow for keeping ISPs out of civil cases’ by J. Kirk, 29 January 2008, retrieved from http://www.computerworld.com/s/article/9059838/European_court_strikes_blow_against_music_industry_fishing (all websites accessed 15 February 2012)

[89] See different views expressed by stakeholders in the Financial Times article ‘Mixed reaction to EU ruling on copyright’ by N. Tait, January 30, 2008, retrieved from http://www.ft.com/cms/ s/0/2278d88c-ced5-11dc-877a-000077b07658.html#axzz1UNMJqrMp (accessed 15 February 2012)

[90] A. Peukert, ‘Intellectual Property as an end in itself?’ E.I.P.R. 2011, 33(2), 67-71, p. 67

[91] C. Kuner, ‘Data Protection and Rights Protection on the Internet: The Promusicae Judgment of the European Court of Justice’ E.I.P.R. 2008, 30(5), 199-202, p. 201

[92] European Court of Justice, case C-274/06 Productores de Musica de Espana v Telefonica de Espana SAU, Judgment of 29 January 2008, E.C.R. I-00271 (ECJ (Grand Chamber)), para. 71

[93] M. Weston, ‘ISP: Internet Service Provider or internet service police?’ (2011) I. P.M. Jun, 12

[94] The principle of proportionality is one of the fundamental principles of EU law, see article 5 (4) of the Treaty on European Union OJ C 83 of 30.3.2010: “under the principle of proportionality, the content and form of Union action shall not exceed what is necessary to achieve the objectives of the Treaties”

[95] Formerly Tiscali Belgium

[96] For an English translation of the judgment, see http://www.cardozoaelj.net/issues/08/case001.pdf (accessed 15 February 2012)

[97] The so called “Audible Magic” filtering system

[98] B. Allgrove, I. Walden, “Turning the tide on Intermediary Liability?” (2007) Comps & Law 18 (3), 10-11

[99] Reference for a preliminary ruling from the Cour d’appel de Bruxelles (Belgium) lodged on 5 February 2010 — Scarlet Extended SA v Société Belge des auteurs, compositeurs et éditeurs (SABAM), Case C-70/10 OJ C 113 of 01.05.2010, p.20

[100] See paras 4-5 of the Opinion of Advocate General M. Pedro Cruz Villalón, C-70/10, Scarlet Extended SA v Société belge des auteurs, compositeurs et éditeurs (SABAM), delivered in 14 April 2011 (in French) [not yet published, but available on the ECJ website http://curia.europa.eu/]

[101] Opinion of Advocate General M. Pedro Cruz Villalón, C-70/10, Scarlet Extended SA v Société belge des auteurs, compositeurs et éditeurs (SABAM), delivered in 14 April 2011 (in French) [not yet published, but available on the ECJ website http://curia.europa.eu/]

[102] See Le Monde article ‘Pas de filtrage d'Internet sans loi préalable, selon l'avocat général de la Cour européenne de justice’, 14.4.2011 (in french), retrieved from http://www.lemonde.fr/technologies/article/2011/04/14/pas-de-filtrage-d-internet-sans-loi-prealable-selon-l-avocat-general-de-la-cour-europeenne-de-justice_1507847_651865.html ; ‘A case of Scarlet fever for the ECJ following Belgian referral?’, Ashtrust publications, Communications newsletter, April 2010, retrieved from http://www.ashurst.com/publication-item.aspx?id_Content=5133 F. Coudert, ‘Advocate General of the ECJ issues opinion in the Sabam/Scarlet case’ on the time.lex blog, available at http://www.timelex.eu/nl/blog/p/detail/advocate-general-of-the-european-court-of-justice-issues-opinion-on-filtering-and-blocking-of-electronic-communications (all websites accessed 15 February 2012)

[103] Court of Justice of the European Union, Press Release No 37/11 on the Advocate General’s Opinion in case C-70-10, Luxembourg 14 April 2011

[104] Court of Justice of the European Union, Press Release No 37/11 on the Advocate General’s Opinion in case C-70-10, Luxembourg 14 April 2011

[105] European Court of Justice, case C-70/10, Scarlet Extended SA v Société belge des auteurs, compositeurs et éditeurs SCRL (SABAM), Judgment of 24 November 2011, not yet published in the E.C.R.

[106] Article 15 (a) of the E-Commerce Directive

[107] Court of Justice of the European Union, case C-324/09, L’Oreal etc, Judgment of 12 July 2011, not yet published in the E.C.R., para. 138

[108] European Court of Justice, case C-70/10, Scarlet Extended SA v Société belge des auteurs, compositeurs et éditeurs SCRL (SABAM), Judgment of 24 November 2011, not yet published in the E.C.R., paras. 43 and 44

[109] European Court of Justice, case C-70/10, Scarlet Extended SA v Société belge des auteurs, compositeurs et éditeurs SCRL (SABAM), Judgment of 24 November 2011, not yet published in the E.C.R., para 45

[110] European Court of Justice, case C-70/10, Scarlet Extended SA v Société belge des auteurs, compositeurs et éditeurs SCRL (SABAM), Judgment of 24 November 2011, not yet published in the E.C.R., paras 50-52

[111] Opinion of Advocate General M. Pedro Cruz Villalón, C-70/10, Scarlet Extended SA v Société belge des auteurs, compositeurs et éditeurs (SABAM), delivered in 14 April 2011 (in French) [not yet published, but available on the ECJ website http://curia.europa.eu/], paras 111 and 113

[112] See F. Coudert, ‘Advocate General of the ECJ issues opinion in the Sabam/Scarlet case’ on the time.lex blog, available at http://www.timelex.eu/nl/blog/p/detail/advocate-general-of-the-european-court-of-justice-issues-opinion-on-filtering-and-blocking-of-electronic-communications

[113] European Court of Justice, case C-70/10, Scarlet Extended SA v Société belge des auteurs, compositeurs et éditeurs SCRL (SABAM), Judgment of 24 November 2011, not yet published in the E.C.R., para. 43

[114] Synthesis of the Comments on the Commission Report on the application of Directive 2004/48/EC of the European Parliament and the Council of 29 April 2004 on the Enforcement of Intellectual Property Rights, COM/2010/779final, July 2011, pp. 4-5

[115] A series of ECJ cases relating to personal data protection help illustrate this observation: C-101/01 Lindqvist [2003] ECR 1-12971;C-301/06 Ireland v Parliament and Council [2009] E.C.R. I-0059; C-553/07 College van burgemeester en wethouders van Rotterdam v M.E.E. Rijkeboer [2009] E.C.R. I-03889

[116] See the analysis of the Promusicae judgment above

[117] F. Coudert, ‘Advocate General of the ECJ issues opinion in the Sabam/Scarlet case’ on the time.lex blog, available at http://www.timelex.eu/nl/blog/p/detail/advocate-general-of-the-european-court-of-justice-issues-opinion-on-filtering-and-blocking-of-electronic-communications

[118] See article “Scarlet v SABAM: a win for fundamental rights and Internet freedoms”, 30.11.20122, Website Digital Civil Rights in Europe, available at http://www.edri.org/edrigram/number9.23/scarlet-sabam-win-fundamental-rights

[119] On the controversy surrounding the Anti-Counterfeiting Trade Agreement (ACTA) see I. Lowe, ‘ACTA - should EU Member States reject it?’, I.P.M. 2011, Apr, p. 8. Also see The Guardian article ‘ACTA criticised after thousands protest in Europe’, 13.2.2012, available at http://www.guardian.co.uk/technology/2012/feb/13/acta-protests-europe (website accessed 15 February 2012)