MHC Tech Law: Are retailers responsible for user activity on their free Wi-Fi?

4 Apr 2016

Mason Hayes & Curran explains how the recent interpretation of the scope of the ‘mere conduit’ defence is welcome news for business owners offering free Wi-Fi, though rights holders will find their legal options limited.

Retailers that, in the course of business, offer free unprotected Wi-Fi should not be held responsible if their customers use the service to infringe copyright.

This is according to the preliminary Opinion of the Advocate General (AG) of the Court of Justice of the European Union (CJEU) in the long-running German case of Tobias McFadden vs Sony Music Entertainment Germany GmbH (C-484/14). In particular, the AG found that retailers offering such Wi-Fi may be able to rely on the ‘mere conduit’ defence against liability. The AG also offered his views on the situations in which a national court could order a retailer to take steps to prevent the infringement.

Questions for the CJEU

McFadden operates a shop in Munich selling light and sound equipment. He was sued by Sony after an unknown person used his shop’s Wi-Fi internet connection to make copyright-protected musical works available for download.

Sony looked for damages and injunctive relief against McFadden. He denied liability and sought to rely on the ‘mere conduit’ defence available to providers of ‘information society services’ under Article 12(1) of the eCommerce Directive (2000/31/EC).

At national level, the German court took the view that McFadden may be indirectly liable for the copyright infringement as his Wi-Fi network was not password secured. However, there was also uncertainty as to whether McFadden qualified as a ‘service provider’ of ‘information society services’ and whether he could rely on the ‘mere conduit’ defence.

The German court asked the CJEU to clarify whether a professional person (such as McFadden), who in the course of business makes a free public Wi-Fi network available, falls within the scope of Article 12 of the Directive, and, if he does, how his liability is limited by that provision.

What constitutes a conduit?

The directive requires EU member states to ensure that their national laws provide internet intermediaries with immunity from liability for transmitting, hosting or caching unlawful third-party content. Under Article 12, EU member states must ensure that providers of “information society services” are not liable for information transmitted by others through their service where they act as a “mere conduit”.

In order to qualify for this exemption, the service provider must not initiate the transmission, select the receiver of the transmission, and select or modify the information contained in the transmission.

Are free Wi-Fi services covered?

The AG noted that the directive’s definition of an ‘information society service’ is a service that is “normally provided for remuneration”. Although McFadden provided Wi-Fi access free of charge, the AG viewed the service as an economic one, even if it was merely secondary to McFadden’s main business. The AG, in considering the definition of a ‘service provider’ under the directive, took the view that it is not necessary for a service provider to promote its activity as such, or to have contracts with its users.

In light of the above, the AG’s view was that the relevant provisions of the directive should be interpreted as applying to a person who, in addition to his principal economic activity, operates a Wi-Fi internet connection that is accessible to the public free of charge.

Can a rights holder obtain an injunction?

According to the AG, the Article 12(1) exemption from liability does not shield a ‘mere conduit’ service provider from injunctions. Further to Article 12(3), ‘mere conduit’ service providers can face injunctions, which require steps to be taken to prevent or end a specific copyright infringement.

Any such injunction must be effective, proportionate and dissuasive; be aimed at ending or preventing a specific infringement and must not entail a general obligation to monitor; and must achieve a fair balance between the relevant fundamental rights (in particular, the freedom of expression and information, the freedom to conduct a business) versus the right to protection of intellectual property under the Charter of Fundamental Rights of the EU.

Appropriateness of measures

It is clear from Article 12(3) that an injunction granted against a ‘mere conduit’ service provider must be aimed at bringing an infringement to an end or preventing a specific infringement. In the current case, the only way of achieving this would be for McFadden to either terminate or password-protect the internet connection, or to inspect all communications passing through it.

The AG examined each of these measures in turn and considered that any requirement for McFadden to terminate or password-protect his Wi-Fi service would be incompatible with the fair balance of competing fundamental rights. In addition, any requirement for McFadden to examine all communications transmitted through his network connection would run contrary to the Article 15(1) prohibition on general obligations to monitor.


The AG’s interpretation of the scope of the ‘mere conduit’ defence is welcome news for business owners using free Wi-Fi to increase consumer footfall. Copyright owners will likely be frustrated with the Opinion as their legal recourse may be limited to an expensive injunction. When granting an injunction, the AG reiterated that national courts must strike a fair balance between IP rights and the fundamental rights of individuals affected by such measures.

Opinions of the AG are not legally binding, but are usually followed by the CJEU. If the Opinion is confirmed by the CJEU, it would provide legal certainty on the system of liability applicable to operators of public Wi-Fi.

Given this, one might expect an expansion of public Wi-Fi access points, which is good news for service providers and users.

The content of this article is provided for information purposes only and does not constitute legal or other advice.

Tech Law is a weekly series brought to you by Irish law firm Mason Hayes & Curran, whose legal tech team advises the world’s top social media organisations and emerging start-ups. Check out for more.

Want stories like this and more direct to your inbox? Sign up for Tech Trends, Silicon Republic’s weekly digest of need-to-know tech news.

Free Wi-Fi image via Shutterstock