Another Bad EU Ruling: WiFi Providers Can Be Forced To Require Passwords If Copyright Holders Demand It
from the really-now? dept
For quite some time now, we've been following an odd case through the German and then EU court system, concerning whether or not the operator of an open WiFi system should be liable for copyright infringement that occurs over that access point. Back in 2010, a German court first said that if you don't secure your WiFi, you can get fined. This was very problematic -- especially for those of us who believe in open WiFi. The EU Court of Justice agreed to hear the case and the Advocate General recommended a good ruling: that WiFi operators are not liable and also that they shouldn't be forced to password protect their access points.The ruling, unfortunately, says that WiFi operators can be compelled to password protect their networks. It's not all bad, in that the headline story is that WiFi operators, on their own, are not liable for actions done on the network, but that's completely undermined by the requirement to password protect it if a copyright holder asks them to.
In today’s judgment, the Court holds, first of all, that making a Wi-Fi network available to the general public free of charge in order to draw the attention of potential customers to the goods and services of a shop constitutes an ‘information society service’ under the directive.The details here are especially troubling. As legal experts are noting, this ruling basically says that the times when an injunction can be ordered for password protection, the reason is for the sake of identifying users:
Next, the Court confirms that, where the above three conditions are satisfied, a service provider such as Mr Mc Fadden, who providers access to a communication network, may not be held liable. Consequently, the copyright holder is not entitled to claim compensation on the ground that the network was used by third parties to infringe its rights. Since such a claim cannot be successful, the copyright holder is also precluded from claiming the reimbursement of the costs of giving formal notice or court costs incurred in relation to that claim.
However, the directive does not preclude the copyright holder from seeking before a national authority or court to have such a service provider ordered to end, or prevent, any infringement of copyright committed by its customers.
Lastly, the Court holds that an injunction ordering the internet connection to be secured by means of a password is capable of ensuring a balance between, on the one hand, the intellectual property rights of rightholders and, on the other hand, the freedom to conduct a business of access providers and the freedom of information of the network users. The Court notes, in particular, that such a measure is capable of deterring network users from infringing intellectual property rights.
In McFadden the CJEU appears to have decided that password protection would be effective only if the user is required to provide identity details to the service provider so that the user cannot act anonymously.Now that should raise some very serious concerns about anonymity and privacy -- things that we thought the EU supported. Instead, the CJEU basically seems to be saying you have a right to anonymity in connecting to the internet up until the point a major copyright holder doesn't like it any more, and they can now force WiFi operators to lock up their WiFi and/or demand identification to use it. Yikes.
This also punches a HUGE hole in the previous day's announcement by the EU Commission that there would be open WiFi across Europe. Under this new CJEU ruling, that may no longer be possible. It's fairly incredible how, between the European Court of Justice and the EU Commission, they seem so oddly confused about copyright and related issues that they seem to be messing absolutely everything up in just a few short weeks.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cjeu, copyright, eu court of justice, injunctions, liability, mcfadden, open wifi, passwords, wifi
Reader Comments
Subscribe: RSS
View by: Time | Thread
Courts orders ISP to produce unicorns
How do you prevent someone from doing something illegal. No one has managed that in the history of the world!
How can you even TELL if your customers are infringing copyright? Only the copyright holder can tell that.
[ link to this | view in chronology ]
Re: Courts orders ISP to produce unicorns
Eh. Nope. Even the copymorons seem to be confused and we have pretty recent examples.
But the ISPs and the people could get clever: we will do so if there is a central copyright registry that lists each and every legit content and provide clear fair use guidelines because there is no way we can evaluate the copyright status of any unencrypted data flow as things are now.
Of course, encrypted connections, tunnels, proxies may render any password pretty useless. And regular pirates already use them anyway.
[ link to this | view in chronology ]
Re: Courts orders ISP to produce unicorns
[ link to this | view in chronology ]
Re: Courts orders ISP to produce unicorns
[ link to this | view in chronology ]
SSID: EU_WI-FI
PASSWORD: FUCKYOUMAFIAA
Done.
And it will still be anonymous even while protected with a password. Unless there is some specific order to provide individual passwords per user.
[ link to this | view in chronology ]
Re:
> In McFadden the CJEU appears to have decided that password protection would be effective only if the user is required to provide identity details to the service provider so that the user cannot act anonymously.
In other words, the average home or small business WiFi access point won't work. You'll need one connected to a server with a user database. A massive investment of money and time.
The point is to outlaw open WiFi without admitting that they're outlawing open WiFi. That's a pretty goddamned dishonest "Court of Justice" there.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
PASSWORD:1234
[ link to this | view in chronology ]
Copyright trumps all other rights
[ link to this | view in chronology ]
Re: Copyright trumps all other rights
[ link to this | view in chronology ]
Re: Copyright trumps all other rights
[ link to this | view in chronology ]
Re-read the article
It's worse than that... MUCH worse. It reads to me that they are actually going to require UNIQUE user id's and passwords for wifi access so the copyright overlords can use that to prosecute people.
That's a huge pain in the arse to keep track of and maintain. What small business is buy the required hardware for that or have the time to setup manual username/passwords on standard routers?
[ link to this | view in chronology ]
Re: Re-read the article
Of course, none of that changes the fact that this is an incredibly stupid and dangerous ruling.
[ link to this | view in chronology ]
Re: Re: Re-read the article
[ link to this | view in chronology ]
Re: Re: Re: Re-read the article
[ link to this | view in chronology ]
Re: Re: Re: Re: Re-read the article
Again, assuming prior knowledge. Most won't know what they actually need to buy in order to both meet their business requirements and meet the new legal standards. So, they'll be paying out a few hundred just for someone to advise on what they need to buy. Then, you might well be buying more than one, so you'd need to know how to connect them, etc. It might get expensive, and that's even without considering the potential revenue impact of customers having to work out a new way to connect and ongoing support costs. Or, of course, them buying the wrong thing and therefore remaining non-compliant.
"(not sure if prices vary much over there, but shouldn't be far off)"
Depends on the routers/APs you're looking at, but they will definitely be higher on exchange rates and sales taxes alone. I can look if you have examples, but you might also need to bear in mind that different regulations mean the same models won't necessarily be available in the local market. Plus, if there's legal liability and/or a genuine business need for wifi to be available to customers, you probably don't want to be buying whatever's cheapest off the shelf.
"That wouldn't be an undue burden"
I still disagree. I think that if you look at it from the POV of someone who is completely clueless with technology, but needs wifi for their business, it becomes a large burden quite quickly. Or, again, they might install it poorly and remain vulnerable to legal action.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re-read the article
Ultimately, objecting to this regulation because of the burden it would cause is a red herring. I mean, what if they provide a grant and a team of government qualified contractors to every business that wants to offer wifi. Or, more likely, subsidize business ISPs to provide compliant equipment, as most of the businesses offering wifi (at least the ones with no technical staff) are probably using whatever equipment their ISP provided. Suddenly the burden argument is gone, and the rest gets a hand waving. This should be objected to because of the horrible precedents it sets regarding privacy, not because it might cause businesses to spend some money.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re-read the article
Yes, and for something like wifi which is usually not related to the core of that a small business actually does, complying with these is a burden. At present, there are few regulations placed on the end business - those that are borne by the manufacturer or service provider. Placing extra regulations increases the burden, and these types of regulation would increase them exponentially on many businesses.
Is this really so hard for you to understand?
"No one is going to have to close up shop because they can't afford to comply. "
No, but a lot of people will stop offering wifi at all, even if that means a loss of overall revenue. Others will be at risk because they were unable to comply correctly, for whatever reason. And yes, the guy who has a little bit of knowledge and configures his own off-the-shelf purchase is probably most at risk because he may end up non-compliant when he believes he's set things up properly. Years of support for such people in my early career have taught me that the people who think they know what they're doing on their own are the ones doing a botch job that doesn't meet requirements.
"Suddenly the burden argument is gone"
No, it still there, it's just been shifted to another party. A party that is perhaps able to meet the requirements with lower costs and greater expertise, and perhaps turn that into increased business for themselves. But, it still exists.
"This should be objected to because of the horrible precedents it sets regarding privacy, not because it might cause businesses to spend some money"
Why not both? For the record, I'm not objecting to the ruling because of costs to the small businesses. I was merely correcting your false statement that it's not a burden for many of those businesses.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re-read the article
Exactly so, most businesses lack the resources to do this right. You need look no further than the so-called Internet of Things, and see how well that's working out.
And from a customers standpoint this is a whole load of stupid. As a customer am I really going to need Id's and passwords for a) the local Starbucks, b) the train station, c) my local library, d) the city library, e) my supermarket cafe...... z) my parents house?
And who's going to verify these id's? Hows that going to work? The whole thing is stupid.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re-read the article
"z) my parents house"
I believe that the rules would only apply to businesses. If not, most ISPs supply routers with passwords pre-loaded, so in theory they'd already be compliant unless I've misunderstood to ruling.
[ link to this | view in chronology ]
https://youtu.be/rX7wtNOkuHo
[ link to this | view in chronology ]
[ link to this | view in chronology ]
How to achieve full compliance, in one step:
There. The network is now password-protected.
[ link to this | view in chronology ]
Re: How to achieve full compliance, in one step:
[ link to this | view in chronology ]
You cannot even get PCI hardware anymore.
[ link to this | view in chronology ]
Bye Bye Free WiFi
Wait a minute. Why, that sounds almost like
SOCIALISM AT WORK!
Imagine that, and we thought Hitler had it wrong all these years, when in fact, the courts just ruled, he was VISIONARY!
(Then again, American Government seems to think stoking race wars like Charles Manson recommended back in 1969 is a great idea to drive racial equality, too - go figure)
[ link to this | view in chronology ]
Re: Bye Bye Free WiFi
[ link to this | view in chronology ]
Re: Re: Bye Bye Free WiFi
Here's your sign (it says 'Troll' on it, since you don't read a lot, obviously)
[ link to this | view in chronology ]
Re: Re: Re: Bye Bye Free WiFi
[ link to this | view in chronology ]
Re: Bye Bye Free WiFi
[ link to this | view in chronology ]
No anonymity, no privacy!
OTOH, the citizens DON'T KNOW what they want. Any government will confirm this "truth."
[ link to this | view in chronology ]
Re: No anonymity, no privacy!
Let me ask the government if this is 'true-and-correct'.
[ link to this | view in chronology ]
It won't be long now before this starts to ricochet. Poing poing.
Copyrights unrequited need for total supremacy. Cunts, for short.
Taking over teh internets like shootin' frogs in a barrel. Them frogs keep croakin'. Don't they? Yeeup.
[ link to this | view in chronology ]
WHY WIFI
.
Please!... no emails!
[ link to this | view in chronology ]
have you not yet realised that, like everywhere else in the world, the entertainment industries are the most important thing on the planet and that every court, every government are doing whatever is in their power to fuck the public while handing the world and most importantly, the Internet, over to the industries so they have the complete control they have been after for 20 years? every step they take gets closer to the goal and with prison terms of 10 years on the cards, it's better to rob a bank and buy the disks. if caught, the sentence is at least less!! and dont forget, you and i are paying for everything these shit asshole industries get and still want, not a dime from them!!
[ link to this | view in chronology ]
I'm going to bet no one ever thought a cartoon mouse would be the bargaining chip being used to implement a frog-in-boiling-pot, death-by-a-thousand-cuts surveillance state apparatus.
The gall of these people is astounding. But even more so is the ignorance and cognitive dissonance of the mass populace in falling for what they're selling, because the "face" of "copyright infringement" is that of a spoiled teenager or college student living in mom's basement collecting welfare while jerking off to bootleg anime films.
Not to mention the public considers movie stars the saints of its civic religion of celebrity worship. They will gladly sign over their freedoms to sic a SWAT team on said millennial punk, who apparently thinks he can just steal from the church coffers without doing his required penance for giving Kanye and Britney a sad.
The term "red herring" might as well be a communist insult applied to "pirates" as far as some people are concerned. Not to go all Godwin like the previous guy did, but "first they came for the downloaders" does, in fact, apply here.
[ link to this | view in chronology ]
The people they are claiming they are trying to prevent from having anonymous WIFI are already 3 steps ahead of them. This is just an excuse to track the average Joe's WIFI use... more useless data....
It's like the answer to them not finding the needle in the haystack is to add more hay.
[ link to this | view in chronology ]
The people they are claiming they are trying to prevent from having anonymous WIFI are already 3 steps ahead of them. This is just an excuse to track the average Joe's WIFI use... more useless data....
It's like the answer to them not finding the needle in the haystack is to add more hay.
[ link to this | view in chronology ]