EU's High Court to Issue Ruling on German Wi-Fi Rules

Keep up with the latest developments and legal issues in the telecommunications and emerging technology sectors, with exclusive access to a comprehensive collection of telecommunications law news,...

By Michael Scaturro

Feb. 12 — The European Court of Justice (ECJ) is hearing a case that will decide whether German laws that force cafes, airports, restaurants like Starbucks, and individual providers to password-protect their Wi-Fi hotspots are in accordance with the European Commission's e-Commerce directive.

The case made its way to the EU's highest court after Tobias McFadden, a member of the German Pirate Party, sued Sony Music Entertainment Germany GmbH after Sony sought compensation from McFadden because someone used his open Wi-Fi hotspot to download music illegally. McFadden alleged that German courts are misreading the e-Commerce directive and that individuals or businesses which provide open Wi-Fi hotspots should not be held responsible for any abuses that third parties on their networks might cause.

The ECJ's ruling, expected soon, could have an impact on anyone in Germany willing to provide a Wi-Fi network to the public, from private people, to small cafes, to malls, to airports, and hotspot providers. But in practice, the ECJ's decision will have its main impact in Germany — which has tended to propose stricter laws on the use of Wi-Fi hotspots than other EU countries, ones that hold individuals and businesses accountable for illegal activity that takes place through their open Wi-Fi connections. These laws, opponents say, have resulted in Germany lagging behind the rest of the world in Wi-Fi hotspots.

Internet access providers are shielded from liability because, through contracts and identifying information, they generally know who their users are, and thus who should be liable for illegal activity on their networks. Smaller entities that offer Wi-Fi hotspots don't have that protection, because their users are usually anonymous.

“DSL, cable, and other access providers are in the privileged position of not having to be responsible for activities on the network,” McFadden told Bloomberg BNA. “That puts them at an unfair advantage over individuals, restaurants, airports, cities, and other entities that want to offer Wi-Fi.”

McFadden hopes his case will bring greater clarity to the definition of “when someone becomes an access provider.”

“We brought this case because we thought it was unfair that providers like Deutsche Telekom are not responsible for illegal downloading on their networks, but small providers like I were,” McFadden said. “The Munich court which originally heard the case also saw that there is a problem with German law. Our goal is to understand where the line is.”

Martin Munz, a partner at White & Case LLP in Hamburg, said the ECJ needs to bring clarity to the manner in which Germany has interpreted the EU's e-Commerce directive. He said the court will evaluate McFadden's assertion that Article 12 of the directive — which says that a party that transmits data isn't liable for the illegal use of its network — shields owners of open Wi-Fi hotspots from liability. It will also weigh in on an issue that the German courts which referred the case to the ECJ couldn't answer: whether Article 12 trumps other legal concepts in Germany dating back to the 19th century which hold people accountable when their property is used to cause a disturbance to others.

“The German courts aren't saying that offering Wi-Fi exposes people to liability per se,” Munz told Bloomberg BNA. “But the courts did say that Wi-Fi providers are required to stop offering services that impinge on third-party rights when made aware of the infringements, and that's not a good idea either.”

The ECJ has adjudicated similar EU directives in the past, usually by ruling that “member states can't go beyond the law as it is written in the directive.”

Munz cited a recent ECJ ruling relating to data and Spain as an example. In that case – in which the Spanish government sought to block the transfer of Spanish citizens' data outside of Spain – the ECJ ruled that there's nothing in the EU's data protection directive that should allow Spain to ban citizens' data from being transferred outside the country.

In the Wi-Fi case, Munz expects the ECJ to issue an opinion on the conclusiveness of the directive.

“And I expect that the court comes to the opinion that it is conclusive so that the German courts cannot invoke other theories of law for making the 'provider' liable,” Munz told Bloomberg BNA.

Too Few Wi-Fi Spots

As a result of Germany's strict Wi-Fi laws, the development of Wi-Fi hotspots has been slow compared to other EU member states or the U.S., Munz said.

“In Europe, we are lagging behind concerning the number of open Wi-Fi hotspots per capita,” Patrick Breyer, a German privacy advocate, told Bloomberg BNA. “This is a direct result of a series of rules that hold that providers could be held liable. Wi-Fi spots were initially open, but courts ruled that spots had to be password protected to protect from liability.”

Breyer said the German government is proposing legislation that would actually make the situation worse. Under the proposed rules, he said, Wi-Fi providers could only be free from liability if data and passwords on their networks are encrypted and if users were forced to messages warning against infringing usage before logging on.

Munz of White & Case, for his part, said the rules could stop towns, shopping malls, airports, and other public entities from offering free Wi-Fi.

The liability rules might also lead to extensive data collection on the part of providers, who seek to minimize risk but might inadvertently find themselves running afoul of data protection rules.

For Tobias McFadden, the case is about bringing Germany in line with other countries that have less strict laws against infringing uses.

“Wi-Fi is important,” he said. “People in this country, from students to refugees, are paying higher prices for data in Germany than anywhere else in the EU as a result of these rules on Wi-Fi.”

The ECJ's ruling is expected in the coming weeks.

To contact the reporter on this story: Michael Scaturro in Brussels at

To contact the editor responsible for this story: Keith Perine in Washington at

For More Information

Request for a preliminary ruling from the Landgericht Mnchen I (Germany) lodged on 3 November 2014 — Tobias Mc Fadden v Sony Music Entertainment Germany GmbH available at

Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (’Directive on electronic commerce’) available at

Request Tech & Telecom on Bloomberg Law