I am very much not a fan of the European Court of Justice and their whimsical way of making up laws which bear little relation to anything actually legislated.
Last week they were at it again, “banning” open wifi hotspots because they make copyright infringement too easy. The court said that if users need a password, and hotspot owners record their identity, copyright infringement will be reduced.
I am wondering if this time they accidentally got it right.
I’ve written before about the problem with safe harbour laws which protect service providers on the internet by absolving them of any liability for the users of their services.
The intention of this was understandable – why should someone be liable for something they cannot have any knowledge of – like copyright infringement, for example?
But the effect was catastrophic. It led to the absurd fandango of “notice and takedown” whereby copyright owners have to try to police the whole internet and then send notices to service providers to remove content.
The value of this, almost literal, get-out-of-jail-free card is shows in the fact that Google claims, at the time of writing, to have removed 1.79Bn URLs from search in response to these notices. This is a gigantic undertaking yet they still prefer this way of working to anything more sensible which might prevent infringing content appearing in the first place.
The problem with safe harbours for me has always been that they only do half the job. Sure, fine, fair enough, don’t make service providers liable for something they didn’t do (although in other areas of the law – nightclubs for example – service providers have exactly this liability). The liability, in copyright safe harbour regimes, is firmly with the person who did the bad thing in question.
Unfortunately, although service providers can use the law to put their hands out and say “not my fault, guv”, they are usually unable to point to the person whose fault it is – their customer, the person to whom they provided a service and who used it to do something illegal and who is liable in law for their actions. Even if they can, they will frequently make it as difficult as possible to discover.
So the safe harbour, while trying to limit a risk (which, at the time the law was written might have seemed unmanageable – although current technology makes it a simple matter), actually creates a thick shield behind which pretty well anyone can do pretty much any infringing they like, safe in the knowledge that there will, with vanishingly few exceptions, be any consequences at all. In practice the worst outcome will be that the infringing content get removed.
Copyright infringement is thus a zero cost, zero consequence activity on the internet thanks to safe harbour laws.
Many businesses have been founded to take advantage of this loophole and many fortunes have been made – just not by copyright holders who provide the raw materials.
I’ve always thought that safe harbour laws could be hugely improved if, in order to get the legal protection from liability, the service provider needs to have made at least some effort to be able to identify the person who is actually liable – the user. In return for immunity, they would have to be able to lift the anonymity of the alleged wrong-doer. Again, not unprecedented.
And, as far as wifi hotspots are concerned anyway, the CJEU seems to agree.
The court might have come up with a rather clumsy and faffy way of doing it but this is a change which, if applied more broadly to the copyright safe harbour, would go a very long way to re-balancing the internet and restoring creativity to its proper place near the top of the internet value chain.
So I find myself in the unaccustomed position of agreeing with the CJEU on one of their copyright rulings. It won’t last.