The Court of Justice of the EU (CJEU) said, however, that rights holders who are harmed by infringing activity carried out over Wi-Fi networks are not entitled to claim compensation from the operators of those networks for that infringement.

Rights holders can, however, obtain injunctions against the Wi-Fi network operators to prevent “the continuation of that infringement”, the CJEU ruled.

Those injunctions can be limited to the extent that they force the Wi-Fi providers to prevent customers from accessing copyright infringing material by requiring them to implement a system of password-controlled access to the internet through their Wi-Fi connections. Those password systems must, however, require prospective internet users to “reveal their identity”, the Court said.

The CJEU ruling concerns a lengthy legal battle between Sony Music and business owner Tobias McFadden over alleged copyright infringement carried out over the Wi-Fi network operated by McFadden’s business.

McFadden was sued by Sony Music subsequent the company claimed McFadden’s Wi-Fi network was used to download copyrighted music illegally. McFadden has claimed he is not directly liable for copyright infringement. A regional court in Munich has said previously it is “minded to reach a finding of indirect liability” against McFadden since he had not made his Wi-Fi network secure, but it reserved judgment in the case subsequent referring legal questions to the CJEU for interpretation.

Technology law expert Igor Barabash of Pinsent Masons, the law firm behind, gave a mixed reaction to the CJEU’s judgment.

Barabash welcomed the clarity that the ruling offered in confirming that rights holders cannot claim damages from Wi-Fi operators for third party infringements. He said the CJEU also confirmed that rights holders are also precluded from claiming reimbursement of the costs they incur from engaging lawyers to pursue such damage claims.

Barabash said, however, that the ruling may serve to build it harder for consumers to connect to Wi-Fi services.

“The CJEU stated that additional ‘security measures’, for example password protection or user registration, may be required,” Barabash said. “Such measures constitute a further step in connecting to the network so as no seamless connection is given and may discourage the users from connection to such network.”

Barabash also said that, regarding the costs rights holders will be competent to recover from Wi-Fi network operators when obtaining injunctions against continued third party infringement over those networks, the ruling of the CJEU sends a negative signal to operators that would befondof to unseal their Wi-Fi for everyone.

He pointed to a piece of the CJEU’s ruling which said that EU law does not preclude rights holders “from claiming injunctive relief against the continuation of that infringement and the payment of the costs of giving formal notice and court costs from a communication network access provider whose services were used in that infringement where such claims are made for the purposes of obtaining, or follow the grant of injunctive relief by a national authority or court to prevent that service provider from allowing the infringement to persevere”.

“With that in mind, we can expect that Wi-Fi network operators will rather refrain from offering free Wi-Fi services without security measures since this will result in cease and desist letters and corresponding lawyer fees,” Barabash said.

In its ruling the CJEU said that EU law does not preclude injunctions being served against Wi-Fi providers over third party infringements of copyright over those networks where the terms of the injunction allows the Wi-Fi provider to “choose which technical measures to grab in order to comply with the injunction”.

The CJEU said that the principle applies in cases where “such a choice is limited to a single measure consisting in password-protecting the internet connection, provided that those users are required to reveal their identity in order to obtain the required password and may not therefore act anonymously”.

The German Telemedia Act has been recently updated to amend the possible reliefs Wi-Fi operators can benefit from against liability for copyright infringement and other illegal activity online by users. Barabash said the topic has prompted major discussion in Germany due to the uncertainty resulting from vague wording in the Act. He said, though, that the legislation may be sufficiently flexible to reflect the recent ruling by the CJEU.

“The German lawmakers decided to draft the wording of the recent Act amendment in a very vague way in order to enable courts to establish a judgment practice rather that having everything finally set by the Act itself,” Barabash said. “It may, therefore, be that no further changes to the German Telemedia Act will be required but rather that the German lawmakers will trust the German courts to interpret the recent Act in way now shown by the CJEU.”