Skip to main content

Free Wi-Fi (still) roams free

Amy Lambert
Another day, another (likely) win for internet intermediaries. In yet another show-down between rights-holders and internet intermediaries, the AG has issued an opinion confirming that a provider of free, public Wi-Fi is not liable for copyright infringements committed by users of that Wi-Fi. Furthermore, while a court may still order an injunction against such a provider to prevent further infringements, that injunction may not include an obligation to monitor the Wi-Fi or password-protect it. While this is a victory for free Wi-Fi lovers across Europe, it highlights the legal (and practical) difficulty of enforcing IP in a digital age.


On 16 March, the Advocate General (AG) handed down his long awaited opinion on the case of Tobias Mc Fadden v Sony Music Entertainment Germany GmbH in the CJEU. In yet another show-down between rights-holders and internet intermediaries, the CJEU was asked to consider:

  • whether businesses that provide free and unsecured Wi-Fi to the public can be held liable for copyright infringements committed by users of that Wi-Fi; and
  • if such businesses cannot be held liable for such infringements, whether rights-holders can still ask the courts to grant an injunction against those businesses to stop the Wi-Fi being used for infringing purposes.

In summary, the AG's opinion seems to suggest another win is on the horizon for the internet intermediaries.


Toby McFadden owned a shop in Germany, specialising in lighting and sound systems. Like many shop owners, McFadden offered free, unprotected Wi-Fi to his customers (as well as his neighbours and anyone who happened to pass by). McFadden offered free Wi-Fi to help increase awareness of his shop and drive visitors to his website. Unfortunately for McFadden, an unknown person used his free Wi-Fi connection to upload and share an infringing song on an online file-sharing platform. McFadden was subsequently sued by Sony Music on the basis that he was liable for the copyright infringement. McFadden denied any liability for the infringement, relying on the mere conduit defence set out in Article 12 of the E-Commerce Directive.

Mere conduit defence

EU Member States, like many other jurisdictions,[1] operate a "safe harbour" regime for internet intermediaries. The European regime, contained in the E-Commerce Directive, requires EU Member States to ensure that their national laws provide intermediaries with immunity from all liability for transmitting, hosting or caching unlawful third party content. The European regime covers not only copyright infringement, but also trademark infringement, defamation and any other type of liability related to third party content.

The regime applies to providers of "information society services", which are defined as services "normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of the services".[2]

The specific defence relied on by McFadden, known as the "mere conduit" defence, requires that three conditions are met:

  • the provider must not have initiated the transmission;
  • the provider must not have selected the recipient of the transmission; and
  • the provider must not have selected or modified the information contained in the transmission.

The Regional Court of Munich was satisfied that the above three conditions were met in McFadden's case but was uncertain about whether McFadden was really a "provider" of an "information society service" for the purposes of Article 12 of the Directive.

Does McFadden fall within the scope of Article 12?

As mentioned above, an "information society service" is "normally provided for remuneration". The first question for the CJEU was whether McFadden could be considered to be a provider of an information society service when the Wi-Fi was provided for free.  

In the AG's opinion, McFadden could be considered as a provider of an "information society service". The Wi-Fi was provided in the course of McFadden's business and was therefore provided in an economic context. According to the AG, it did not matter that McFadden was not remunerated for the service or that it was ancillary to his principal economic activity. The free Wi-Fi was a form of marketing designed to attract customers and was therefore of an economic nature.

To fall within the scope of Article 12, McFadden also needed to have "provided" the information society service. The CJEU's concern here was whether McFadden had actually "provided" such a service, since he had simply made his Wi-Fi available to the public and had not specifically held himself out as a service provider.

In the AG's opinion, the term "provide" simply requires the activity in question to enable the public to have access to a network and to take place in an economic context. It is not necessary for the person in question to hold himself out to the public as a service provider or that he should expressly promote his activity to potential customers.

In light of the above, the AG determined that McFadden was a "provider" of an "information society service" and so did fall within the scope of the protection offered by Article 12.

Could Sony still obtain an injunction against McFadden?

The AG found that, while Article 12(1) rendered McFadden not liable for the copyright infringement, an injunction could still be obtained against him in order to prevent further infringement. The AG pointed to Article 12(3) of the E-Commerce Directive which clearly states that the limitation of liability in Article 12(1) did not, in turn, affect the possibility of bringing an action against a provider aimed at preventing further infringement.

The AG noted that such an injunction would need to be specific, proportionate and easy to implement. Interestingly, the AG found that such an injunction could not extend to an obligation to monitor the Wi-Fi services, nor could it compel a free Wi-Fi provider to password protect their internet access or terminate their internet connection.

However, the AG did make it clear that McFadden could be held liable for a penalty of up to EUR 250,000 (which could be converted to a custodial sentence) if he failed to comply with a granted injunction.

Take-away thoughts

The AG's opinion strikes a sensible balance between a number of conflicting rights. While rights-holders may be disappointed to discover that they are unable to transfer liability for third party infringement to providers of free Wi-Fi services (particularly in relation to cases such as this, where rights-holders are unable to identify the infringing party and are therefore prevented from enforcing their rights), the AG has taken a pragmatic position and has identified that extending liability would have a disproportionate impact on freedom of expression and freedom to conduct business.

It is not disputed that rights-holders have a fundamental right to ensure that their intellectual property is protected and that legal action can be taken against those individuals who infringe that right. However, there are concerns that stringent restrictions or requirements placed upon free Wi-Fi providers to protect those rights could have far wider consequences. It could result in a reduction in competition for the provision of internet access, and this in turn could mean higher costs for both consumers and businesses. Furthermore, it could hinder the development of technologies which rely on decentralised Wi-Fi, such as delivery drones.

This notwithstanding, the AG opinion does seem to hold little value for rights-holders. Despite retaining the ability to enforce an injunction against free Wi-Fi providers in the event of third party copyright, rights-holders may consider that the benefit of an injunction may be limited and disproportionate to the cost of obtaining one, particularly when rights-holders take into account the usual viral impact of copyright infringements. Once the cat is out of the bag (and the copyright material released), it will typically spread quickly and will be replicated across the internet. A costly injunction against an individual provider of free Wi-Fi may be an ineffectual tool to turn the tide.

Arguably, the key take-home message from this opinion is that the coffee-drinking public should heave a sigh of relief: free Wi-Fi is here to stay. Latte, anyone?

 Article written by Kate Batchelor and Amy Lambert

[1] See, for example, the Digital Millennium Copyright Act 1998 in the US, which provides immunity for internet intermediaries, provided that they did not have actual or constructive knowledge of the copyright infringement and took swift action to remove or disable access to the infringing content.

[2] See Article 1, point 2 of Directive 98/48/EC amending Directive 98/34/EC.

Sign up to our email digest

Click to subscribe or manage your email preferences.