Per today's ruling, injunctions against European ISPs requiring them to apply filtering tools that monitor traffic to prevent copyright infringement officially violate EU law. The Scarlet decision puts a major stick in the wheel of wholesale copyright holders fighting against file sharing activities. With the expected implementation of the ACTA in mind, this ruling by the European Court of Justice (ECJ) will likely affect both prospective copyright legislation in Europe and offensive strategies of rights holders in their operations against intermediaries.
A summary of the facts and the holding is available here. In a nutshell, a Belgium company (SABAM), described as “a management company which represents authors, composers and editors of musical works in authorising the use of their copyright-protected works by third parties”, demanded that a certain ISP (Scarlet) monitored all passing-through communications, identify copyright infringements in music and video files and intercept on-the-fly unauthorized exchange of copyrighted data over file sharing protocols.
The ECJ ruled today that imposing such a duty on ISPs could not be reconciled with several principles of EU law. The filtering system in question was supposed to have several components that, taken together, make a powerful control mechanism:
1. It would indiscriminately monitor all traffic that passes through the ISP communication infrastructure.
2. It would apply indiscriminately to all end-users.
3. It would serves as a preventive measure, other than enforcement after an infringement has taken place.
4. The ISP must bear the entire costs of implementing the system.
5. For an unlimited period of time.
Given these features of the system, the Court had good reasons to make sure it will never see the light of day, at least not via injunctions coercing ISPs to install such filters for the sake of preventing copyright infringement. And so it did.
One key norm is section 15(1) of the E-Commerce Directive (2000/31/EC) that explicitly prohibits imposing “a general obligation on providers … to monitor the information which they transmit or store, nor a general obligation actively to seek facts or circumstances indicating unlawful activity.”
This prohibition, which concerns a general ISP monitoring duty, does not mean that the option of issuing injunctions (also as a preventive measure) becomes unavailable. In fact, the Information Society Directive (2001/29/EC) and the Enforcement Directive (2004/48/EC) set out the circumstances under which such preventive measures per national law might pass muster. Accordingly, preventive measures must be (1) fair (2) proportionate and (3) they must not be excessively costly.
The Court concluded that, reading all the relevant Directives together, a general monitoring obligation concerning the entire ISP traffic cannot survive. The fairness and proportionality parameters require balancing preventive measures against fundamental rights of both ISPs (to conducts a business) and users (to receive or impart information).
Finally, blocking communication suspected as infringing, without allowing application of copyright exceptions or determining a public domain status of a given work, would overly undermine the freedom of information tenet.
In addition, since the system would involve analyzing personal data of end-users, also privacy considerations weighted against the filtering system copyright holders sought to impose.
The absurdly broad demands of rights holders in this case made its easy on the court to quickly brush them away. At least in theory, however, courts might still issue less restrictive injunctions against ISPs, for instance, when the filter is not applied to all traffic of data, when rights holders agree to share the costs, or when the filter is activated for a limited period of time. In other words, the facts make this ruling easily distinguishable from other instances of monitoring and filtering.
One last observation: The binding part of the decision seems to be targeting the scope of injections courts may issue under existing laws, not necessarily new legislation. At the same time, the strong reference the Court makes to constitutional norms would make it difficult for both national and European legislatures to turn a blind eye to the role freedom of information now plays within the ongoing process of forming legal frameworks for cyberspace.
I wonder what the ECJ (with its demonstrated sensitivity here to fairness, proportionality and freedom of information) would have to say about something akin of the SOPA, especially on its section concerning ISPs liability.