Is the operator of a streaming platform liable for copyright infringement if users of its service use a VPN to access content that in principle would not be accessible from a certain territory, given geo-blocking restrictions implemented by the platform operator?
This is the key issue at the centre of C-423/21 Grand Production, a referral for a preliminary ruling from Austria. As it will be elaborated further in what follows, it is also a question of great importance for online copyright, including having regard to Article 17 of the DSM Directive [Katposts here].
This morning, Advocate General (AG) Szpunar issued his Opinion [not yet available in English], advising the CJEU to rule that, in such a situation, the platform operator would not be liable. Liability would however subsist should the platform operator:
- Fail to implement geo-blocking restrictions and thus make content available in territories for which it has not secured a licence from concerned rightholders, or
- Implement geo-blocks that are intentionally ineffective.
Let’s see more in detail what the case is about and how the AG reasoned.
The background proceedings related to a dispute between Grand Production, a Serbian company that produces entertainment TV programs that are broadcast in Serbia by a local broadcaster, and GO4YU, another Serbian company that manages an internet streaming platform accessible from Serbia and beyond.
GO4YU was granted a licence for making Grand Production’s content available in Serbia and Montenegro, but not outside of those territories. As a result of the limited licence, GO4YU geo-blocked Grand Production’s content outside of those countries. Some GO4YU users, however, used VPN to access Grand Production’s content in circumvention of the geo-block.
According to Grand Production, GO4YU would be aware of all this. Furthermore, it also made Grand Production’s content available in Austria without having a licence for that.
Further to a series of applications for interim injunctions, the matter reached the Austrian Supreme Court. This decided to stay the proceedings and ask the CJEU to clarify how the concept of communication to the public in Article 3(1) of the InfoSoc Directive should be intended in relation to a situation like that at issue in the national proceedings.
The AG Opinion
In today’s Opinion, AG Szpunar noted at the outset that the internet is, by its very nature, borderless. Legally, however, “the situation is different” [all English translations from the Italian version of the Opinion are mine, not the Court’s] because of the territorial nature of rights and laws. This gives rise to a “fundamental contradiction between the transborder and global nature of the internet, on the one hand, and the rights and obligations that are territorially limited and derive from various activities undertaken through the internet, on the other hand”.
How to reconcile all this then?
According to the AG, it is either by territorializing the internet through geo-blocking or by broadening the jurisdiction of authorities so to regulate activities carried out on the internet on a global scale. This case, he stated, is precisely about this.
Is a platform operator directly performing an act of communication to the public if users of its platforms use a VPN?
The AG tackled the issue of liability of a platform operator when users circumvent the geo-block that it has implemented to access content that is unlicensed in that territory by considering:
(a) whether the right of communication to the public finds application; and, if so
(b) who is responsible for the resulting act of communication to the public.
... meets effective territorial restriction
Insofar as (a) is concerned, the AG noted that there is little doubt that the activity at issue qualifies as an act of communication to the public. He also considered that the fact that the original TV broadcast is directed at a non-EU country (Serbia) does not mean that the online retransmission thereof does not qualify for the application of EU copyright law (specifically: the copyright law of the concerned Member State, e.g., Austria), if the protected content is accessible from the EU. Ultimately, the AG concluded that the operator of a streaming platform like the one at issue in the background proceedings would be liable under Article 3(1) of the InfoSoc Directive if the communication at hand was performed without the rightholder’s consent.
Turning to (b) and the question of liability as arising from the use of a VPN, AG Szpunar recalled that in Svensson [Katposts here], the CJEU indicated the circumvention of technical measures restricting access to protected content would qualify as an act of communication to the public (a new public). This approach was substantially reiterated in VOB [Katpost here] and VG Bild-Kunst [Katposts here].
According to the AG, the same approach could be adopted in the present case:
- If the rightholder (or their licensee) has implemented a geo-block, their acts of communication are only aimed at those who access the protected content from the territory chosen by the rightholder. So, if users of the streaming platform can only access the protected content from the countries for which there is a licence (that is: Serbia and Montenegro), the platform operator will not perform an act of communication to a new public.
- If users circumvent the block through a VPN, it is them – not the platform operator – that perform an act of communication to the public, because it is them who make protected content available to a public other than the one considered by the rightholder (or their licensee).
In conclusion: unless GO4YU “intentionally applied an ineffective geo-block to allow users outside the territory in respect of which it is authorized to communicate the programs produced by Grand Production to the public to access such programs” (para 44), any resulting liability would be the users’.
Is promotion of and work with a platform an act of communication to the public if there is no influence on the content made available through the platform or technical protection measures applied therein?
The AG then moved on to the situation of someone who promotes a platform, concludes agreements with and provides supports to customers but has no saying on the content made available through that platform or the technological protection measures implemented therein. Do these people communicate to the public?
The answer, according to the AG, can be inferred from existing CJEU case law, including his very Opinion in Stim and SAMI [IPKat here], and is in the negative. What is needed is an indispensable intervention on the side of the user and a direct link between their role and the resulting availability of protected content.
No such intervention would be performed by those who undertake such activities as described by the referring court. Nevertheless, liability could still subsist on an accessory basis. This, noted the AG, is an area for which no EU harmonization has occurred though.
Jurisdiction of national courts for interim injunctions in online copyright infringement cases
Last but not least, the AG considered the question concerning the jurisdiction of national courts insofar as interim injunctions are concerned. Can a national court prohibit a communication to the public from taking place in territories other than those where that court is located? In other words: can an Austrian court prohibit a communication to the public outside of Austria, and even on a world-wide scale?
The AG was unsure whether such a question could be even regarded as admissible by the CJEU, since it would relate to the interpretation of national – not EU – law.
As stated, this is a referral of grand importance (not only because (it has to be said) of the widespread use of VPN services).
First, it can give the CJEU an opportunity to clarify questions of applicable law in cross-border copyright disputes with non-EU elements. Insofar as trade marks and the database right are concerned, the CJEU has so far adopted a targeting approach. Let’s see what the CJEU makes of the AG’s proposed interpretation (accessibility criterion) when it delivers its judgment.
Secondly, and most importantly, it will allow the CJEU to clarify further whether and to what extent a platform operator can be held directly liable in connection with users’ own (infringing) activities. If the CJEU follows the approach indicated by AG Szpunar, that will not mean that rightholders would not be able to go after streaming platforms in the event that users used VPN services. The key issue would be the quality of the geo-block implemented by the concerned platform and whether the platform has “intentionally applied an ineffective” one. If we were to translate this test into Article 17-language, it would be an assessment of the efforts made by the concerned platform operator so that they could be regarded as best, in light of what could be expected from a diligent economic operator of the same kind.
And, yes, the resulting CJEU ruling will be rendered in relation to Article 3 of the InfoSoc Directive, but I expect it to have substantial relevance to Article 17 of the DSM Directive too. If anything, that will be also because of the patchwork of national transposition approaches to Article 17: it is expected that geo-blocking of content will be a solution that most online content-sharing service providers (OCSSPs) would need to adopt. Would an OCSSP be liable if users of their services circumvented the blocks to access content that was unavailable in, say, Italy (a Member State that has opted for an ex ante blocking regime) but accessible in Germany (a Member State that has gone for an ex post blocking approach)? The answer will depend on what the CJEU says in the resulting judgment in Grand Production. Stay tuned then!
[Originally published on The IPKat on 20 October 2022]