Transatlantic Antitrust and IPR Developments, Newsletter Issue No. 6/2017 (December 19, 2017)

Contributors:
Gabriel M. Lentner, Giuseppe Colangelo,
Katharina Erler, Kletia Noti, Maria E. Sturm,
Marie-Andrée Weiss, Martin Miernicki,
Nicole Daniel, Paul Opitz

 

Editor-in-chief: Juha Vesala

 

Contents     

Antitrust

United States

Update on the Apple and Qualcomm Proceedings

European Union

European  Commission Communication on Standard Essential Patents

Intellectual property

United States

Is Embedding a Tweet on a Web Site Copyright Infringement?

Update on the Two Apple and Samsung Patent Cases

Another IP-related International Investment Arbitration Looming

European Union

Remote Recording, Cloud Services, and Private Copying: ECJ Rules on Services by Third Parties

European Commission Presents Comprehensive Soft Law Measures to Ensure that Intellectual Property Rights are Well Protected, Including Issuing Guidance on the Enforcement Directive

EGC Denies Xiaomi, Inc., EU Trade Mark Registration for “Mi Pad”

European Patent Office Adopts Study on Patents and Publishes First Edition of the Unitary Patent Guide

Other developments

European Union

CJEU’s General Advocate Bot: Administrators of Facebook Fan Pages May Be Held Responsible for the Data Processing Carried out by Facebook

EU-U.S. Privacy Shield – One Year Review

About the contributors

Gabriel M. Lentner is a Postdoctoral Fellow for European and International Business Law at the Danube University Krems. He holds a Ph.D. in International Law and is a Lecturer in Law at the University of Vienna School of Law. Gabriel received a diploma with highest distinction in European Studies from the University of Vienna in 2010 and a diploma in Law & Logic from Harvard Law School and the European University Institute in Florence in 2013. His main research interests lie in international investment and EU Law as well as public international law. As a TTLF Fellow, his current research focuses on the protection of intellectual property rights through international investment agreements.

Giuseppe Colangelo is a Jean Monnet Professor of European Innovation Policy. He is also an Associate Professor of Law and Economics at University of Basilicata, and an Adjunct Professor of Markets, Regulation and Law, and of Legal Issues in Marketing at LUISS Guido Carli in Rome, Italy. He graduated in Law from LUISS Guido Carli, earned an LL.M. in Competition Law and Economics at the Erasmus University of Rotterdam, and a Ph.D. in Law and Economics at LUISS Guido Carli. His primary research interests are related to innovation policy, intellectual property, competition policy, market regulation, and economic analysis of law. Giuseppe has been a TTLF Fellow since August 2017.

Katharina Erler is a Research and Teaching Fellow at the Research Centre for Consumer Law, University of Bayreuth, Germany. She is a PhD candidate supervised by Professor Martin Schmidt-Kessel (Chair for German and European Consumer Law, Private Law and Comparative Law, Bayreuth) and member of the University of Bayreuth’s Graduate School. Her main research interests lie in analyzing contractual relations and the interplay of intellectual property and contract law within the digital economy and its business models. In 2015, she passed her First State Examination (J.D. equivalent). Katharina studied law at the University of Bayreuth, specializing in international law, European law, and international private law. As a student assistant, she worked for the German Society of Comparative Law, Freiburg. Her present research concentrates on: “Implied Warranties for Digital Products? The Interplay of Intellectual Property and Sales Law and of Federal/Union Law and State Law in the EU and US”. Katharina became a TTLF Fellow in 2017.

Kletia Noti is an associate with Grimaldi Studio Legale, Brussels, where she joined the EU Law, Competition and Regulatory Department in 2015. Prior to this, she practiced EU Competition Law in the Brussels offices of Clifford Chance LLP and she was an associate at Cleary, Gottlieb, Steen and Hamilton LLP. Kletia also worked for several years as an academic assistant in charge of the European Law and Economic Analysis (ELEA) program at the Department of Law and Economics of the College in Europe, Bruges, where she taught tutorials in EU Competition Law and researched on the intersection of intellectual property and antitrust law. Kletia holds an LLM from Columbia University School of Law and a Masters and Bachelor’s degree summa cum laude from Bocconi University in Milan. During her studies at Bocconi University, Kletia was an exchange student at the University of California, Los Angeles, on a scholarship granted from Bocconi University. She has also been a visiting student at Harvard University. Kletia’s community involvement encompasses her current role as an EU policy monitor at the IP Transactions & Licencing Committee at the Intellectual Property Section of the American Bar Association. Prior to this, she was a member of the editorial board of World Competition: Law and Economics Review. Her previous work experience includes internships at the European Commission’s DG Competition and at Clifford Chance and Studio Legale Monti in Milan.

Maria E. Sturm manages an LL.M. program in European and International Business Law at the University of Vienna School of Law. The program has two main emphases: EU business law and IP law. She teaches freedom of establishment and services, as well as academic writing. Maria graduated from the Ludwig-Maximilians University of Munich in 2006 with a specialization in European Law. She received an LL.M. degree with distinction in 2009, and a Ph.D. degree with distinction in 2016, both from the University of Vienna. Her research focuses are European and Technology law, especially in comparison to U.S. law. In her doctoral thesis she compared different approaches to corporate governance in the U.S. and the EU. Before her academic career in Vienna, she was admitted to the bar in Munich, Germany.

Martin Miernicki is a Research and Teaching Fellow at the Institute of Business Law at the University of Vienna. He received his doctorate from the University of Vienna in 2017. Furthermore, Martin holds a bachelor’s degree in Romance Studies with a concentration in Spanish as well as bachelor’s degree in Earth Sciences, both received from the University of Vienna in 2013 and 2017, respectively. He also earned a Technology Law Certificate in the course of his legal studies.  As a student he worked at the University of Vienna’s Center for Legal Informatics and participated in an exchange program at Santa Clara School of Law in California, where he studied U.S. intellectual property law and international law. His research interests include business law, technology law and antitrust law with a focus on the European and international dimension. He has been a TTLF Fellow since December 2015.

Nicole Daniel is an associate with DLA Piper Weiss Tessbach Attorneys at Law, Vienna, where she joined the Litigation & Regulatory Department in 2010. In 2015, she completed her Ph.D. with distinction at the University of Vienna School of Law. Nicole wrote her doctoral thesis on the treatment of regulated networks in EU and U.S. antitrust law. She was awarded the Jean Monnet Prize for European Law 2016 for her doctoral thesis. Nicole earned her LL.B. degree from King’s College London in Law and German Law in 2009. As part of her bachelor’s degree, she spent an Erasmus year abroad at Humboldt University in Berlin in 2007-2008. Nicole also enrolled a number of antitrust related courses as part of her LL.M. degree in Competition Law at King’s College London in 2010. In 2008, she obtained a Mediator Certificate on Alternative Dispute Resolution at the International Summer School organized by Tulane Law School, New Orleans, and Humboldt University, Berlin. Her previous work experience included internships in a bank and several law firms in Vienna, Berlin and London. Nicole became a TTLF Fellow in October 2012.

Paul Opitz is a PhD candidate at the Free University of Berlin, supervised by Professor Dr. Ruth Janal (Chair for German Private Law, Intellectual Property Law, International Private Law, Law of Information and Comparative Law). His main research interests lie in technology law and comparative law, focusing on the field of robotics. After his law studies at the Ernst-Moritz-Arndt University of Greifswald, the Free University of Berlin, and a semester abroad at the University of Miami School of Law in Florida, Paul passed the First State Examination (J.D. equivalent) in 2016. During his studies in Berlin he specialized in intellectual property law, competition law, and tax law. His present research focuses on the civil liability for users of autonomous robotic machines. Paul became a TTLF Fellow in 2017.

 

Antitrust

United States

Update on the Apple and Qualcomm Proceedings

By Nicole Daniel

Introduction

The proceedings between Apple and Qualcomm began in January 2017 in the U.S. District Court in San Diego when Apple filed suit against Qualcomm over its allegedly abusive licensing practices with its wireless patents. Qualcomm then filed unfair competition law counterclaims. This case is being overseen by U.S. District Judge Gonzalo Curiel.

Apple then sued Qualcomm for similar violations in the UK, China, Japan, and Taiwan.

In July 2017 Qualcomm filed patent claims against Apple also in the U.S. District Court in San Diego. This case is being overseen by U.S. District Judge Dana M. Sabraw. At the same time Qualcomm filed a complaint with the U.S. International Trade Commission accusing the Apple iPhone of infringing five Qualcomm patents.

 

District Court Case I

In November 2017, Judge Curiel issued a split decision in the first patent and antitrust case between Apple and Qualcomm.

Apple has been seeking a declarative judgment that it had not infringed the nine Qualcomm patents at issue and asked the court to decide on a fair and reasonable licensing rate. Judge Curiel denied those claims, holding instead that no detailed infringement analysis as to the Additional Patents-in-Suit had been conducted.

Judge Curiel further held that Qualcomm had not adequately pleaded claims against Apple based on California’s Unfair Competition Law. These allegations stemmed from Apple’s decision to use both Qualcomm and Intel chips in its iPhone. Before, Apple exclusively used Qualcomm’s chips in earlier versions of the iPhone.

In a hearing in October 2017 the lawyers for Qualcomm claimed that Apple executives threatened to end their business relationship if Qualcomm publicly claimed that its own chipsets were superior to Intel’s. In his order judge Curiel held that Qualcomm had not adequately pleaded the specific facts indicating its own reliance on an alleged omission or misrepresentation by Apple.  Accordingly, Qualcomm lacked standing under Unfair Competition Law.

 

 

District Court Case II

In the district court patent case, Apple filed counterclaims arguing that Qualcomm infringed patents relating to enabling extended battery life in a smartphone or other mobiles devises by supplying power only when needed. This technology serves to maximize battery life.

Apple further argued that it created the smartphone as its own product category in 2007 when it introduced the iPhone. Qualcomm merely developed basic telephone technology which is now dated.

Qualcomm, on the other hand, argued that the success of the iPhone is due to its technology as Qualcomm has developed high-speed wireless connectivity over decades.

The discussion of who essentially invented the smartphone is of importance since under U.S. President Trump the term “innovator” has become very significant. On 10 November 2017 Makan Delrahim, the new chief of the Department of Justice’s antitrust division, made a policy speech and stated that the government aims to rebalance the scales in antitrust enforcement away from implementers who incorporate the inventions of others into their own products. There will be more emphasis on the innovators’ rights so as to protect their patent-holder rights in cases concerning patents essential to technology standards.

 

 

Further Cases filed and the Case at the US International Trade Commission

In November 2017, Qualcomm filed three new district court patent cases against Apple as well as one new complaint for the case pending before the U.S. International Trade Commission. In sum, Qualcomm accuses Apple of infringing 16 non-standard essential patents for technology implemented outside the wireless modern chip.

Despite this litigation, Qualcomm has so far remained a key supplier of chips to Apple.

 

European Union

European  Commission Communication on Standard Essential Patents

By Giuseppe Colangelo

On November 29, 2017, the European  Commission released the much-awaited Communication on standard essential patents (SEPs) licensing [“Setting out the EU approach to Standard Essential Patents”, COM(2017) 712 final].

The Communication comes in the wake of the UK judgement Unwired Planet v. Huawei,[1] recently delivered by Mr. Justice Birss and analyzed in our previous newsletter. As highlighted by the UK decision, after the judgment in Huawei/ZTE (Case C-170/13), in which the European Court of Justice identified the steps which SEPs owners and users must follow in negotiating a FRAND royalty, there are still several unresolved questions. Notably, the different approaches adopted by Germany and the UK have spurred the Communication to set out “key principles that foster a balanced, smooth and predictable framework for SEPs”.

The key principles reflect two stated objectives: incentivizing the development and inclusion of top technologies in standards by providing fair and adequate returns, and ensuring fair access to standardized technologies to promote wide dissemination.

First, the Commission takes the view that the quality and accessibility of information recorded in standard development organizations (SDOs) database should be improved. Therefore, the Commission calls on SDOs to ensure that their databases comply with basic quality standards, and to transform the current declaration system into a tool providing more up-to-date and precise information on SEPs. Moreover, the Commission stated that declared SEPs should be scrutinized to assess their essentiality for a standard, and will launch a pilot project for SEPs in selected technologies in which an appropriate scrutiny mechanism will be introduced.

Second, the Commission sets out certain general principles for FRAND licensing terms, stating that it is necessary and beneficial to establish a first set of key signposts on the FRAND concept, so as to provide for a more stable licensing environment, guide parties in their negotiations, and reduce costly litigation. In this regard, provided that the parties are best placed to arrive at a common understanding of what are fair licensing conditions and fair rates, the Commission states that:

  1. there is no one-size-fit-all solution on what FRAND is: what can be considered fair and reasonable can differ from sector to sector and over time;
  2. determining a FRAND value should require taking into account the present value add of the patented technology: that value should be irrespective of the market success of the product which is unrelated to the value of the patented technology;
  3. to avoid royalty stacking, parties must take into account whether the aggregate rate for the standard is reasonable;
  4. the nondiscrimination element of FRAND indicates that rightholders cannot discriminate between implementers that are ‘similarly situated’ (see Unwired Planet);
  5. for products with a global circulation, SEP licenses granted on a worldwide basis may contribute to a more efficient approach and therefore can be compatible with FRAND (see Unwired Planet).

A third part of the Communication is devoted to providing guidance in order to achieve a balanced and predictable enforcement environment. With regards to the availability of injunctive relief, the FRAND process requires both parties to negotiate in good faith, including responding in a timely manner. The willingness of the parties to submit to binding third-party FRAND determination – should the (counter-)offer be found not to be FRAND – is an indication of a FRAND behavior. Furthermore, in terms of the timeliness of the counter-offer, no general benchmark can be established, as case-specific elements play a role. Nonetheless, there is a probable trade-off between the time considered reasonable for responding to the offer and the detail and quality of the information provided in the SEP holder’s initial offer.

Even if injunctive relief can be sought against parties acting in bad faith (i.e. parties unwilling to take up a license on FRAND terms), courts are bound by Article 3(2) of the IPR Enforcement Directive, and notably the requirement to ensure that injunctive relief is effective, proportionate, and dissuasive.

Finally, the Commission states that patent assertion entities should be subject to the same rules as any other SEP holder.

 


Intellectual property

United States

Is Embedding a Tweet on a Web Site Copyright Infringement?

By Marie-Andrée Weiss

A 5-page copyright infringement complaint filed last April in the Southern District of New York (SDNY) is being closely watched by copyright practitioners, as it may lead the court to rule on whether a Twitter post incorporating a copyrighted photograph, without permission of the author, is copyright infringement. The case is Goldman v. Breitbart News Network LLC et al., 1:17-cv-03144.

In the summer of 2016, Justin Goldman took a picture of the Boston Patriots quarterback, Tom Brady, walking in the streets in the Hamptons, in New York, with members of the basketball team the Boston Celtics. The picture was of interest as it could be implied from it that Tom Brady was helping the Celtics to acquire star player Kevin Durant.

The picture was published by several Twitter users on the microblogging site, and these tweets were then embedded in the body of articles about Tom Brady’s trip to the Hamptons published by Defendants including Yahoo!, Time, the New England Sports Network, Breitbart and others.

Justin Goldman registered his work with the Copyright Office and filed a copyright infringement suit against the platforms which had reproduced his photograph. Defendants moved to dismiss, claiming that the use was not infringing because it was merely embedding, and also because it was fair use. Judge Katherine B. Forrest denied the motion to dismiss on August 17, 2017, because whether embedding a tweet is equivalent to in-line linking could not be determined at this stage of the procedure.

Defendants, minus Breitbart, then filed a motion for partial summary judgment on 5 October 2017. Plaintiff moved to oppose it on 6 November 2017.

 

The Exclusive Right to Display a Work

Section 106(5) of the Copyright Act gives the copyright owner the exclusive right “to display the copyrighted work publicly.” Section 101 of the Copyright Act defines displaying a work as “to show a copy of it, either directly or by means of a film, slide, television image, or any other device or process or, in the case of a motion picture or other audiovisual work, to show individual images nonsequentially.” Plaintiff argues that “embedding” is one of the processes mentioned in Section 106(5).

 

Is Embedding a Tweet Just Like In-Line Linking?

Defendants claimed that incorporating an image in a tweet is not different from ‘in-line linking,’ which the Ninth Circuit found to be non-infringing in Perfect 10, Inc., v. Amazon.com, Inc.. In this case, the issue was whether the thumbnail versions of copyrighted images featured by Google on its image search result pages were infringing.

The Ninth Circuit had defined “in-line linking” in Perfect 10 as the “process by which the webpage directs a user’s browser to incorporate content from different computers into a single window”. In this case, Google had provided HTML instructions directing a user’s browser to access a third-party website, but did not store the images on its servers. This was found not to be infringing, as Google did not store the images as it not have a have a copy of the protected photographs, and thus did not display then, since to “display” a work under Section 101 of the Copyright Act requires to show a copy of it. This reasoning is known as the “Server Test”.

Plaintiff distinguished the facts in our case from Perfect 10, claiming that his photograph was shown in full size, that it was not “framed” and that it was featured prominently on Defendant’s websites. He argued that the thumbnails in Perfect 10 were low-resolution pictures which users had to click in order to access the full photos, whereas an embedded tweet allows the user to see the full high-resolution image without further maneuvers.

Defendants argued instead that, similarly to the Perfect 10 facts, tweets were embedded using code which directed user’s browsers to retrieve the Tom Brady picture from Twitter’s servers, and the picture was indeed framed, with a light gray box. They had, as publishers, merely provided an in-line link to the picture already published by the Twitter users, and this was not direct copyright infringement. They argued that the embedded tweets were not stored on, hosted by or transmitted from servers owned or controlled by them.

 

Meanwhile, in the European Union…

Defendants argued that an embedded tweet functions as a hyperlink, since clicking on it brings the user to the Twitter site. This case is somewhat similar to the European Court of Justice (ECJ) GS Media (see here for our comment) and Swensson cases. In Swensson, the ECJ had found that posting a hyperlink to protected works which had been made freely available to the public is not a communication to the public within the meaning of article 3(1) of the InfoSoc Directive, which gives authors the exclusive right of public communication of their works. Recital 23 of the Directive specifies that this right covers “any… transmission or retransmission of a work to the public by wire or wireless means, including broadcasting.” The ECJ reasoned that providing a hyperlink is not a communication to a new public and is thus not infringing.

In GS Media, the ECJ found that posting hyperlinks to protected works, which had been made available to the public, but without the consent of the right holder, is not a communication to the public within the meaning of article 3(1) of the InfoSoc Directive either. However, if the links were posted by a person who knew or could have reasonably known that the works had been illegally published online, or if they were posted for profit, then posting these hyperlinks are a new communication to the public and thus infringing.

Could ECJ case law on hyperlinks inspire U.S. courts to revisit Perfect 10?


 

Update on the Two Apple and Samsung Patent Cases

By Nicole Daniel

Introduction

In October and November 2017 significant developments occurred in the two Apple-Samsung patent cases.

The first concerns litigation between Apple and Samsung that started in 2011 and went to trial in 2012. In October 2017, a retrial was ordered.

A second case between Apple and Samsung was filed in 2012 and went to trial in 2014. In November 2017, the Supreme Court declined to hear Samsung’s appeal—thereby effectively ending the case.

Judge Lucy Koh, a District Judge in the Northern District of California, oversaw both cases.

 

The first Apple and Samsung case

In an order issued on 22 October 2017, Judge Koh ordered a new trial. This will be the second retrial. A damages retrial took place in November 2013.

This order for retrial comes more than five years after a federal jury ordered Samsung to pay $1.05 billion to Apple for patent infringement regarding the design and software of the iPhone. This sum was reduced to $929.8 million in the damages retrial. In the new trial, the jury will have to reconsider approximately $399 million in damages for design patents. Accordingly, the new trial has the potential to reduce the original damages by nearly 40%.

The decision for the new trial was triggered by a December 2016 Supreme Court decision in this case which held that an “article of manufacture” need not just be the whole product, but could also refer to the specific patented elements of the final product. The damages however, were set considering the infringement of the product as a whole and not of certain parts only.

Judge Koh also set out a four-factor test for the jury to use to determine what the “article of manufacture” in the present case is:

  1. What is the “scope of design claimed in the plaintiff’s patent”
  2. What is the “relative prominence of the design within the product as a whole”
  3. Whether the patented design elements are “conceptually distinct” from the whole phone
  4. Whether the patented components could be sold separately from the whole iPhone itself

By setting out this test Judge Koh rejected the tests proposed by Apple and Samsung respectively. Judge Koh determined that Samsung’s proposed test was too restrictive whereas Apple’s proposed test was too broad. Judge Koh adopted the test as argued by the Solicitor General in Supreme Court in 2016.

This second retrial will be significant for the development of design patent law as the definition of “article of manufacture” will be central and this is only the second time a federal judge will weigh in on this definition since the 2016 Supreme Court decision.

The second retrial will start on 14 May 2018 and Judge Koh has said that she will adopt an aggressive schedule leading up to the retrial.

Judge Koh further granted Samsung’s request for time for limited new evidence discovery since the law is currently being developed and it would be more prejudicial for Samsung if it was denied discovery.

She also imposed strict time limits on Apple’s and Samsung’s demands and even though the parties proposed a six-day trial she decided that five days would have to suffice. Judge Koh further rejected Samsung’s request to vacate the partial judgment for $548 million she entered in 2015.

 

The second Apple and Samsung case

On 6 November 2017 the Supreme Court decided not to hear Samsung’s appeal against a $120 million decision in favor of Apple. The Court of Appeal for the Federal Circuit had preserved the original verdict by the jury.

The Supreme Court followed the US Solicitor General’s recommendation to deny the petition for certiorari.

Only some smaller items are left before the case is fully resolved; these regard ongoing royalties to be paid by Samsung and will be decided on by the trial court in San Jose, California.

The original decision for the $119.6 million verdict in favor of Apple was handed down in May 2014 by a federal jury. The Court of Appeal for the Federal Circuit in early 2016 overturned the jury’s verdict. However, then the Court of Appeal for the Federal Circuit met en banc and reversed the three-judge panel. The en banc panel affirmed the lower court decision in an 8-3 decision that denied Samsung’s request for a judgment as a matter of law. Samsung had argued that the three Apple patents that the jury found infringed by Samsung were either not infringed or invalid. This was a rather controversial decision.

Samsung then asked the Supreme Court to decide whether the Court of Appeal for the Federal Circuit had erred in interpreting the four-factor test set out by the Supreme Court in the 2006 decision in eBay v. MercExchange, which states the conditions for when a court may issue an injunction against an infringer of a patent. Samsung argued that there had to be proof that the patented features directly drove demand for the product in question. The Solicitor General argued that no such proof was necessary.

Samsung also argued that the decision Court of Appeal for the Federal Circuit harmed competition and innovation, and that it conflicted with other Supreme Court precedent on patent law. Furthermore, the obviousness of patent claims was treated by the Court of Appeal for the Federal Circuit entirely as a factual rather than a legal question.

Finally, according to Samsung, the Court of Appeal for the Federal Circuit erred in stating that it only needed to consider one out of the three elements of a patent claim.


 

Another IP-related International Investment Arbitration Looming

By Gabriel M. Lentner

As reported by IAReporter, the pharmaceutical company Pfizer served a notice of dispute under the US-Ecuador Bilateral Investment Treaty involving a patent dispute between Pfizer and Argentine generics producer Acromax.

Pfizer holds a patent, obtained in 1999 from the Institute of Intellectual Property of Ecuador, for “the preparation of sildenafil”. Sildenafil is a medication treating erectile dysfunction (better known under the brand name Viagra).

The dispute arises out of several court rulings involving the Argentine-owned pharmaceutical laboratory Acromax, which produced and marketed sildenafil, against which Pfizer pursued claims in defense of its intellectual property rights. Several court rulings dealt with this issue. In the latest ruling, the Ecuadorian Constitutional Court heard an appeal and issued a ruling upholding Acromax’s rights to seek damages against Pfizer.

What Pfizer is allegedly asking is an intervention similar to an international investment tribunal’s issuing of interim measures, such as in the case of Chevron v Ecuador II, which required Ecuador to stop domestic proceedings against the company in the cases related to the dispute.

Should the dispute be brought before an arbitral tribunal, it will be another interesting case dealing with IP-related issues in international investment law.

 

European Union

Remote Recording, Cloud Services, and Private Copying: ECJ Rules on Services by Third Parties

By Martin Miernicki

On 29 November 2017, the ECJ gave its opinion in VCAST v. RTI (C-265/16). The court ruled on the compatibility of an online service (offered by VCAST) – which provides users with cloud storage space for free-to-air terrestrial programs of TV organizations – with Directive 2001/29/EC (the so-called Copyright Directive), and in particular with its article 5(2)(b) (the so-called private copying exception). Upon the selection of the user, the service autonomously picks up the television signal and records the indicated content in the “cloud”.

 

Background & questions referred

The case involved questions relating to the private copying exception as well as the concept of the communication to the public, contained in article 3 of the Copyright Directive. The ECJ has repeatedly given its opinion on both matters. Relevant case law includes Padawan v. SGAE (C-467/08), ACI Adam v. Stichting de Thuiskopie (C-435/12), and Copydan Båndkopi v. Nokia Danmark (C-463/12) (on the private copying exception), as well as ITV Broadcasting v. TVCatchup (C-607/11), Reha Training v. GEMA (C-117/15), and AKM v. Zürs.net (C-138/16) (on the communication to the public). In essence, the referring (Italian) court asked the ECJ whether an online cloud service as described above was compatible with the Copyright Directive.

 

The decision of the court

The ECJ reached the same result as proposed by Advocate General (AG) Szpunar in his opinion and held VCAST’s cloud service is incompatible with EU law. First of all, the court recalled its case law and stated that natural persons can benefit from the private copying exception also in situations where the copying services are provided by a third party (para 35). However, in the opinion of the court, the service at issue did not merely assist users in making lawful reproductions but also, by picking up the television signals, provided access to the protected content (para 38). For this reason, the services in question also qualified as a communication to the public within the meaning of article 3 of the Copyright Directive. Since this act required the consent of the rightholders, the provision of the services at issue infringed their exclusive rights and was hence not permissible under EU law.

 

What does the judgment mean?

The judgement gave the court the opportunity to reconfirm and clarify its opinion on two recurring issues of the more recent copyright case law: First, the lawfulness of the source of the reproduction which is made under the private copying exception; second, the concept of the communication to the public. With regard to the former, the ECJ held that the private copying exception cannot be invoked where the third party provides access to the protected content (para 37). In principle, this is in line with the prior case law of the court. With regard to the latter, the court referred to the principles established in ITV Broadcasting, holding that acts of communication to the public – different than the original transmission – carried out under specific technical conditions using different means of transmissions are subject to the right holder’s consent (para 48). In such circumstances, the new public criterion is irrelevant (para 50). Obviously, the principles established in AKM were, as indicated by the AG, not relevant for the court (para 52-56 of the AG’s opinion).

In this light, providers of online services will have to assess whether they merely enable natural persons to obtain private copies or whether they also provide access to protected content. As illustrated by the court’s decision, this requires a delineation of the different exclusive rights involved. In this context, it is noticeable that the answer given to the national court appears to be broader than might be expected from the grounds of the judgement. The ECJ stated that cloud services as described above conflict with the Copyright Directive where the provider “actively [involves] itself in the recording, without the right holder’s consent”. Apparently, one way to be “actively involved” in the recording is to communicate the work to the public, thereby providing access to the copyrighted content. However, other ways are also conceivable. For instance, it is unlikely that the private copying exception applies to cases where the service provider takes the initiative to make reproductions, or defines its object and modalities (para 25 of the AG’s opinion). It will be up to the court to shed further light on such questions in future cases.


 

European Commission Presents Comprehensive Soft Law Measures to Ensure that Intellectual Property Rights are Well Protected, Including Issuing Guidance on the Enforcement Directive

By Kletia Noti

Introduction

On November 29, 2017, the European Commission (“Commission”) adopted a comprehensive package of measures aimed at further improving the application and enforcement of intellectual property rights (IPRs) within the EU Member States, in the EU and internationally (hereinafter, “IPRs enforcement package”)[2]. The measures encompass several soft law instruments in the form of Communications, accompanied by staff working documents and reports[3].

The IPRs enforcement package is the last in a series of efforts undertaken by the Commission over the last few years to enhance enforcement of IPRs and ensure that these rights are well-protected in the online environment. In its July 2014 communication[4], the Commission laid down an Action Plan proposing ten specific actions marking a shift in its policy approach towards new enforcement tools to fight IPR infringements. Instead of focusing on penalizing users for IPRs infringements, the Commission announced that it would seek to foster better enforcement of IPRs through the “follow the money” approach, aimed at depriving commercial-scale infringers of their revenue flows. The Commission also expressed the view that non-legislative measures (including cooperation between stakeholders) should be encouraged. In its Digital Single Market[5] and the Single Market[6] communications, the Commission announced its commitment towards improving IPR enforcement in light of the digital developments[7]. In the May 2017 Mid-Term Review on the implementation of the Digital Single Market Strategy[8], the Commission indicated that it was finalizing its evaluation of the current legal framework for the enforcement of all IPRs, including copyright[9]. Against this background, the IPRs enforcement package constitutes a culmination of the Commission’s efforts on this front.

 

The IPR package: an overview

Communication COM (2017) 707[10] describes the different measures adopted as part of the broader package and provides the framework for the Commission’s proposed actions on IPRs enforcement. First, it sets out measures aimed at further improving the judicial enforcement of IPRs in the EU. These measures encompass guidance on the application of the Enforcement Directive (contained in a separate Communication, also adopted as part of the package[11]); awareness raising and improving cooperation with national judges (whose specialization in IPR-related matters is encouraged); increasing transparency of EU Member States’ judgments on IPRs enforcement, as well as fostering the development of alternative dispute resolution mechanisms to solve IPR disputes. Second, the Communication prescribes actions to support industry-led initiatives to fight IP infringements, including self-regulatory initiatives (such as voluntary agreements between rights-holders and intermediaries) and steps to better protect supply chains against counterfeiting. A Staff Working Document on self-regulation measures to fight the sale of counterfeited products accompanies the Communication[12]. In addition, the Commission announces that a new MoU aimed at withholding advertising on IP infringing websites is being developed by stakeholders. At the same time, it encourages stakeholders to further cooperate through voluntary agreements. It also encourages the industry to further promote due diligence in supply chains, explore the potential of new technologies (e.g. blockchain) and encourage the further inclusion of IP protection in accreditation processes. Third, the Communication also lays down initiatives to strengthen the administrative authorities’ capacity to enforce IPRs. Fourth, in this Communication the Commission announces its support for measures to strengthen efforts to fight IP infringements at a global scale, including through the promotion of best practices and stepping up co-operation with third countries.

In addition to the above measures, in its IPRs enforcement package, the Commission also issued its long-awaited guidance on the EU approach to Standard Essential Patents (SEPs)[13].

 

The Commission’s Guidance on the Enforcement Directive

The Commission’s Guidance on the Enforcement Directive (hereinafter, “Guidance”) follows its public consultation launched in 2015, as well as its evaluation of the Enforcement Directive carried out in 2016 in the context of its steps to further improve the application and enforcement of IPRs, as announced in the Single Market Strategy and Digital Single Market Strategy communications.   While the evaluation found the Enforcement Directive to be fit for purpose, the consulted stakeholders asked for more clarity as to how its provisions should be applied.

First, the purpose and scope of the Guidance will be briefly highlighted. Subsequently, the article will zoom into the Commission’s clarifications on injunctions which national courts can adopt on the basis of Articles 9 and 11 of the Enforcement Directive.

A piece of EU legislation of minimum harmonization, adopted more than a decade ago, the Enforcement Directive has led to diverging interpretations of its provisions across the EU Member States, many of which prompted national courts to refer questions to the Court of Justice in preliminary rulings. The Commission considers this to be due to several reasons, not the least of which the different procedural frameworks across Member States. Such divergence may reduce legal predictability for the stakeholders involved. Against this background, the Guidance aims at clarifying certain aspects of the Enforcement Directive, so as to ensure a more consistent and effective interpretation and application of its provisions by competent judicial authorities and other parties involved in the enforcement of IPRs.

The Commission acknowledges that, in all cases where the Enforcement Directive provisions interpreted and applied and where various conflicting fundamental rights protected in the EU’s legal order are at stake, a fair balance must be struck between these rights, in light of the principle of proportionality[14]. Its clarifications encompass several aspects of the Directive, including its scope, the rules on evidence, damages, reimbursement of legal costs, the right for rights-holders to obtain information on the infringers enshrined under Article 8, and the right to provisional and precautionary measures and injunctions under Section 4 of the Directive. Additionally, it seeks to clarify what “fair and equitable” measures and remedies means, as laid down under Article 3(1) of the Directive[15].

In particular, the Enforcement Directive requires EU Member States to make certain measures available to rights-holders, including the ability to apply for an (interlocutory or permanent) injunction to prevent an imminent infringement, or to prohibit the continuation of the alleged infringement (see Article 9(1)(a) for interlocutory injunctions and Article 11 for permanent injunctions), subject to the requirements set out under Article 3[16].

While the interpretation of these provisions under EU law has led to a rich body of case law of the Court of Justice of the European Union (CJEU), uncertainties as to the scope of injunctions issued by national judges remain[17]. In order to provide guidance to national courts and parties involved in IPRs disputes, the Commission tackles the following aspects:

  • Liability and injunctions. The Commission clarifies that, under EU law, liability for an alleged infringement and the possibility for the competent judicial authorities to issue injunctions are two separate questions. According to the Commission, the possibility to issue an injunction on the basis of Article 9(1)(a) and Article 11 of the Enforcement Directive does not depend on the intermediaries’ liability for the alleged infringement. Therefore, the competent judicial authorities cannot compel plaintiffs to prove that the intermediary is liable (even indirectly) as a condition for an injunction to be granted.

To this end, the Commission references the CJEU’s case law, both applicable to the online and offline world. In the landmark L’Oréal v eBay judgment[18], which among others concerned the interpretation of Article 11 of the Enforcement Directive, the CJEU (in Grand Chambers) held inter alia that “the third sentence of Article 11 of Directive 2004/48, according to which the Member States must ensure ‘that rights-holders are in a position to apply for an injunction against intermediaries whose services are used by a third party to infringe an intellectual property right …’ (…) involves determining whether that provision requires the Member States to ensure that the operator of an online marketplace may, regardless of any liability of its own in relation to the facts at issue, be ordered to take, in addition to measures aimed at bringing to an end infringements of intellectual property rights brought about by users of its services, measures aimed at preventing further infringements of that kind”[19]. In addition, the Commission also references the more recent Tommy Hilfiger judgment[20]. This latter judgment interestingly did not concern online intermediaries, but rather the imposition of an injunction on Delta Center, a physical marketplace, which the CJEU considered as caught by the scope of Article 11 of the Enforcement Directive.

  • Notion of “intermediary” caught by the scope of Articles 9(1)(a) and 11 of the Enforcement Directive. Both these provisions refer to “any intermediary whose services are used by a third party to infringe intellectual property rights”. However, the Commission recalls that the notion of “intermediary” is not further clarified in the Enforcement Directive. Against this background, the Commission draws attention to the CJEU’s UPC Telekabel[21] and Tommy Hilfiger[22] judgments: importantly, the Commission notes that in Tommy Hilfiger the CJEU clarified the notion of “intermediary” in the sense of UPC Telekabel. In UPC Telekabel the CJEU considered that the notion of “intermediary” whose services are used by a third party to infringe copyrights under Directive 2001/29[23] also encompasses those internet service providers which do not have a specific relationship with the person infringing the copyright and the related rights. In Tommy Hilfiger the CJEU declared that an intermediary in the sense of the Enforcement Directive need not have a specific relationship, such as a contractual link, with the IPR infringing party. The Commission also reiterates that “the application of Articles 9(1)(a) and 11 of the Enforcement Directive spans across different sectors and includes both online and offline services.” Importantly, the Commission considers that the case law of the CJEU acknowledging that several categories, such as internet service providers (“ISPs”), social networking platforms, online marketplaces and physical marketplaces should be seen as “intermediaries” for the purposes of the Enforcement Directive is merely illustrative but not exhaustive. Therefore, the notion of “intermediary” is flexible and capable of being interpreted on a case by case basis.

In addition, the Commission[24] considers that when the intermediary is so distant from the (alleged) infringement he cannot reasonably be expected to contribute to the enforcement of IPRs and its involvement in such enforcement would be “disproportionate” and “unnecessarily burdensome”[25]. However, the Commission does not further clarify what an involvement “so distant or immaterial to the alleged infringement.” is. What does this mean concretely and—where is the line drawn between “distant” and “close involvement”? Does this mean that the rights-holders can ask intermediaries “close to the infringement” to bear the burden of ensuring the effective enforcement of IPRs and under which criteria? This is likely to lead to additional preliminary references before the CJEU, since it is likely judges in various EU Member States may interpret this notion differently.

  • Scope of injunctions. In the context of the balancing of rights and interests which underpins how the scope of injunctions can be interpreted, the Commission reiterates the importance of the principle of proportionality, one of the primary law principles of the European Union[26]. It also recalls the respect for Art. 3 of the Enforcement Directive, as well as fundamental rights by national courts. When it comes to proportionality, the Commission considers that judges ought not to issue injunctions which require measures that go beyond what is appropriate and necessary in light of the facts and circumstances of the case at hand to prevent an imminent infringement or to prohibit the continuation of an infringement. Recalling the limitations to the scope of injunctions[27] that the CJEU gave in UPC Telekabel[28], the Commission frames them in the following fashion: “the CJEU also clarified that[29] the competent judicial authorities may decide not to explicitly describe the specific measures which the provider must take to achieve the result sought. However, the CJEU also made it clear that in such cases a number of conditions are to be respected, notably that the measures do not go beyond what is reasonable, respect the principle of legal certainty, compliance with the fundamental rights of the parties concerned including the internet users’ freedom of information, strict targeting of the measures and a possibility for the competent judicial authorities to verify that these conditions have been complied with, notably through a possibility for the internet users concerned to assert their rights once those measures are known”[30].

Importantly, the Commission considers that the measures ordered via an injunction need not lead to a complete cessation of the IPR infringements[31], as long as they make the infringing acts difficult or seriously discourage them[32]. However, the intermediary should not be required to bear “unbearable sacrifices”[33].

Against the above background, two observations are necessary: first, the Commission clarified that the limitations to the scope of injunctions that the CJEU laid down in UPC Telekabel, a case concerning copyright, apply also to other IPRs. Second, the Commission reiterates that injunctions should respect Article 15 of the E-Commerce Directive[34], laying out a ban on general monitoring and any such broad injunction violating such provision, according to the Commission, would concomitantly infringe Article 3 of the Directive[35]. However, the Commission recalls that the E-Commerce Directive at Recital 47 allows for specific monitoring obligations and Recital 48 adds that this Directive does not affect the possibility for Member States to require the service providers concerned to apply reasonable duties of care in order to detect and prevent certain types of illegal activities[36]. In the light of this, according to the Commission “where appropriate and within the limits of the abovementioned provisions,[37] certain due diligence obligations may be imposed e.g. on providers of online hosting services with a view to preventing the upload of IPR infringing content identified by rights-holders and in cooperation with them”.

Can an injunction ordering the prevention of future infringements be a possible example of “due diligence” obligations? What is the scope of these obligations in the light of the limitations that the Commission recalls? Recent doctrine interprets the Tommy Hilfiger ruling as confined to allowing only the extent of specific injunctions to prevent future infringements to measures which contribute to avoiding new infringements of the same nature by the same market trader[38].

At the same time, while as an example of such obligations, the Commission refers to Article 13 of the Commission’s proposed Copyright Directive, some authors, in response to questions asked by various EU Member States in the context of the Commission’s proposal, consider that the current drafting of this proposed article itself may raise concerns in terms of compliance with EU law[39].

 

 

EGC Denies Xiaomi, Inc., EU Trade Mark Registration for “Mi Pad”

By Paul Opitz

The Third Chamber of the General Court of the European Union (EGC) ruled on 5 December 2017 that the Chinese smartphone maker Xiaomi, Inc., may not register the EU word mark MI PAD for its tablet computers, since it is likely to be confused with Apple’s iPad. (Xiaomi, Inc., v. European Union Intellectual Property Office, Case T-893/16)

 

Procedural background

In April 2014, Xiaomi, Inc., (Xiaomi) filed an application for registration of an EU trade mark with the European Union Intellectual Property Office (EUIPO) to register the word sign MI PAD. Registration was sought for Classes 9 and 38 of the Nice Agreement concerning the International Classification of Goods and Services, which correspond to the descriptions of inter alia portable and handheld electronic devices and telecommunication access services.

In August 2014, Apple Inc., (Apple) filed a notice of opposition to registration of the mark in respect of all the goods and services in the applied classes. The opposition was based on Apple´s earlier EU word mark IPAD, which was filed in January 2010 and registered in April 2013, covering goods and services in the same classes. The relative grounds relied on in the opposition were those of identity with, or similarity to an earlier trademark, currently set out in Article 8 (1) (b) of Regulation 2017/1001. This opposition was upheld by the Opposition Division in December 2015, which rejected Xiaomi´s application.

Thereafter, Xiaomi filed an appeal with EUIPO against the Opposition Division´s decision, which was again dismissed in September 2016 on the grounds that the marks MI PAD and IPAD were highly visually and phonetically similar and could lead to a confusion of the relevant public. This decision by the EUIPO was now contested by Xiaomi.

 

Decision of the General Court

First, the Court established some background on the scope of decisions concerning the relative ground of similarity. According to settled case law, the risk that the public may believe that goods come from the same undertaking or economically-linked undertakings constitutes a likelihood of confusion. Also, this likelihood must be assessed globally and taking into account all factors relevant to the case (Laboratorios RTB v OHIM – Giorgio Beverly Hills, Case T-162/01). For the application of Article 8 (1) (b) of Regulation 2017/1001, a likelihood of confusion presupposes both that the marks are identical or similar and that the goods which they cover are identical or similar (Commercy v OHIM – easyGroup IP Licensing, Case T-316/07).

 

The relevant public

The Court referred to the decision of the Board of Appeal and emphasized that the goods in question are aimed at both the general public and professional consumers with specific knowledge. Regarding the relevant public´s level of attention, the Court elaborates that although the purchase price of some goods covered by the mark are relatively high, most electronics aimed at the general public are, nowadays, relatively inexpensive and have short lifespans. Therefore, they do not require any particular technical knowledge and leave the level of attention between average and high. Secondly, the Court upheld the Board of Appeal’s finding that the relevant territory is the European Union as a whole.

 

Comparison of the signs

At first, the Court notes that a global assessment of the likelihood of confusion must be based on the overall impression of the signs, including the visual, phonetic, and conceptual similarity. In the case at issue, the comparison of the marks must be carried out by considering each mark as a whole, since there are no dominant elements. The Court holds that the marks are visually highly similar, since the earlier trade mark IPAD is entirely reproduced in the mark MI PAD. Moreover, they coincide as to the letter sequence “ipad” and differ only as to the presence of the letter “m” at the beginning. Phonetically, the marks are also highly similar, referring to the pronunciation of their common syllable “pad” and of the vowel “I”. The latter will be likely be pronounced as the first person singular possessive pronoun “my” in English and thereby similar to the “I” in Apple’s iPad. The Court clarifies that even minor differences in pronunciation due to the letter “m” are not capable to offset the overall similarities. Conceptually, the English-speaking part of the EU understands the common element “pad” as a tablet or tablet computer, which makes it only weakly distinctive and sufficient for a finding of similarity (Xentral v OHIM – Pages jaunes, Case T-134/06).

 

The likelihood of confusion

For determining the likelihood of confusion, the interdependences between the similarity of the marks and that of the goods covered must be examined. The court states that the visual and phonetic differences resulting from the presence of the additional letter “m” are not able to rule out a likelihood of confusion as a result of the overall similarities. Neither are the conceptual differences resulting from the prefixes “mi” and “I” sufficient to remove this likelihood created by the common element “pad”. Taking into account that the goods in question are identical, the conceptual similarities overweigh the discrepancies.

In conclusion, the Court could not exclude the possibility that the public might believe that both tablets come from the same undertaking or economically-linked undertakings. Hence, the Court rejected and dismissed the applicant’s plea in law.


 

European Patent Office Adopts Study on Patents and Publishes First Edition of the Unitary Patent Guide

By Kletia Noti

On November 14, 2017, the European Patent Office (“EPO”) published a study titled “Patents, trade and foreign direct investment in the European Union” (hereinafter, “Study”). Inter alia, the Study assesses “the impact of the European patent system on the circulation of technologies through trade and foreign direct investment in the EU single market. The Study opines that the current patent system in Europe could bring increased benefits if further harmonization were accomplished. Under the current patent system, fragmentation post-grant gives rise to limitations which may hinder cross-border trade and investment in IP- and technology-intensive industries. According to the Study, the Unitary Patent will remove many of these limitations.

The Study follows the EPO publication, on 18 August 2017, of the first edition of the Unitary Patent Guide (hereinafter, “Guide”)[40]. The Guide aims to provide companies, inventors and their representatives with an outline of the procedure involved in obtaining a Unitary Patent from the EPO, once the EPO has granted a European patent on the basis of the provisions laid down in the European Patent Convention (“EPC”)[41]. In particular, the Guide addresses the mechanisms to obtain and renew a Unitary Patent, the information which will be rendered available about the already granted Unitary Patents, who can act before the EPO with regard to a Unitary Patent and how to record changes of ownership and licenses.

In addition to the classic routes to obtain a patent in the EU (i.e. the national route; the European patent), a Unitary Patent can be sought as a result of the Unitary Patent reform[42]. The Unitary Patent will make it possible to get patent protection in up to 26 EU Member States by submitting a single request to the EPO, making the procedure simpler and more cost effective for applicants. More specifically, the Unitary Patent is a “European patent with unitary effect”, which means a European patent granted by the European Patent Office under the rules and procedures of the European Patent Convention (EPC).

At the pre-grant phase, the procedure will follow the same steps as those for European patents granted by the EPO under the rules of the EPC.  If the criteria set out under the EPC are met, the EPO grants a European patent. Once the European patent is granted, the patent proprietor will be able to request unitary effect, thereby obtaining a Unitary Patent which provides uniform patent protection in up to 26 EU Member States[43].  Namely, what distinguishes the European patent from the Unitary Patent is that, after the grant, the proprietor may ask the EPO for unitary effect to be attributed for the territory of the participating EU Member States in which the Agreement on a Unified Patent Court (hereinafter, “UPCA”) [44], an international treaty, has taken effect at the date of registration[45].

Against the above background, the Unitary Patent will thus cover the territories of those participating EU Member States in which the UPCA has taken effect at the date of registration of unitary effect by the EPO. The EPO clarifies that, as it is likely that the ratification will occur successively, there will be different generations of Unitary Patents with different territorial coverage. This means that, although 26 EU Member States are currently participating in the Unitary Patent scheme, Unitary Patents registered at the outset will not cover all 26 of their territories, because some of them have not yet ratified the UPCA[46].

On November 20, 2017, the President of the Council of the EU published a summary of the situation in the 25 Member States which have signed the Unified Patent Court Agreement (UPCA) concerning both their ratification of the UPCA and their consent to be bound by its Protocol on Provisional Application (PPA)[47].

While France has already ratified the UPCA and has expressed consent to be bound by the PPA, the UK and Germany have not done so yet.

In particular, what the impact of Brexit on the Unitary Patent project would be is still unclear[48]. On December 4, 2017, the UK House of Commons formally approved the draft Unified Patent Court (Immunities and Privileges) Order 2017[49]. The House of Lords Grand Committee also met on December 6, 2017 to consider this draft Order. The approval of such an Order by the House of Lords and its subsequent approval (along with the corresponding Scottish Order) by the Privy Council are the final steps in the UK’s ratification process that need to be completed before the UK can formally ratify the UPC Agreement[50].

Earlier in 2017, a constitutional complaint[51] was lodged with the Federal Constitutional Court in Germany. The complaint is currently pending and, if upheld, is expected to likely cause delay to the German ratification of the UPCA and Germany consenting to be bound by the PPA[52].

 

Other developments

European Union

CJEU’s General Advocate Bot: Administrators of Facebook Fan Pages May Be Held Responsible for the Data Processing Carried out by Facebook

By Katharina Erler

The opinion of Advocate General Bot delivered on 24 October 2017 and issued in relation to case C-210/16 of the Court of Justice of the European Union (CJEU) suggests that administrators of fan pages on the Facebook social network may as controllers under Article 2(d) of the EU Data Protection Directive (95/46/EC) be held responsible for the data processing carried out by Facebook and for the cookies which Facebook installed for that purpose. In particular, the administrator should be regarded as being, along with Facebook Inc. and Facebook Ireland itself, a controller of the personal data that is carried out for the purpose of compiling viewing statistics for that fan page. Furthermore, Advocate General Bot rejected Facebook’s assertion that its EU data processing activities fall solely under the jurisdiction of the Irish Data Protection Commissioner. The related case is Unabhängiges Landeszentrum für Datenschutz v. Wirtschaftsakademie, C-210/16.

Facebook fan pages are user accounts that may be set up by individuals as well as businesses. Administrators may use their fan page to present themselves or their businesses for commercial purposes. Facebook also offers the administrators the opportunity to obtain viewing statistics containing information on the characteristics and habits of the visitors of their fan page. These statistics are compiled by Facebook, which collects data of the visitors via cookies, and then personalized by the fan page administrator using selection criteria. This may help administrators to better craft the communications on their fan pages. To compile these statistics Facebook stores at least one cookie containing a unique ID number, active for two years, on the hard disk of every fan page visitor.

A German company “Wirtschaftsakademie Schleswig-Holstein GmbH”, which provides education and training services via a fan page hosted on the website of the social network Facebook was ordered on  November 3, 2011 by a German regional data-protection authority “Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein” to deactivate its fan page. This decision was based on the fact that neither the “Wirtschaftsakademie” as administrator nor Facebook had informed visitors of the fan page that Facebook was collecting and processing their personal data.

After it challenged this order and the data-protection authority again dismissed that objection, the “Wirtschaftsakademie” brought an action before a regional German Administrative Court. It ruled on October 9, 2013, that the administrator of a fan page is not a “controller” within the meaning of the German data protection act and therefore cannot be addressee of an order to deactivate the fan page under § 38(5) of the German data protection act (“BDSG”). The Higher Administrative Court, however, dismissed an appeal of the data-protection authority holding that the prohibition of the data processing was unlawful. According to its ruling this was, because prohibition of data processing under this provision is only possible if it is the only way to end the infringement. Facebook was in that position to end the processing of data, and therefore the “Wirtschaftsakademie” was not a “controller” of data processing under § 38(5) of the German data protection act.

In the appeal proceedings, the German Federal Administrative Court, however, confirmed that ruling by considering that the administrator of a fan page is not a data controller within the meaning of neither § 38(5) of the German data protection act not the Article 2(d) of EU-Directive 95/46/EC. Hence, the Court referred several questions to the CJEU, which – questions (1) and (2) – as a core issue concern the question, whether a body, which is non-controller under Article 2(d) of EU-Directive 95/46/EC may be also the addressee of orders of the supervisory bodies.

It is worth mentioning that in order to rule on the lawfulness of the order in question, the referring courts also asked – in its questions (3) and (4) – about the distribution of powers among the supervisory bodies in cases where a parent company has several establishments throughout the EU. Finally – questions (5) and (6) concern questions regarding the necessary network to coordinate and align the decisions of the supervisory bodies in order to avoid different legal appraisal.

 

Legal context

Article 2(d) of EU Data Protection Directive 95/46/EC provides that a ‘controller’ is the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by national or Community laws or regulations, the controller or the specific criteria for his nomination may be designated by national or Community law;

Article 17(2) of the EU Data Protection Directive 95/46/EC states that the Member States shall provide that the controller must, where processing is carried out on his behalf, choose a processor providing sufficient guarantees in respect of the technical security measures and organizational measures governing the processing to be carried out, and must ensure compliance with those measures.

Article 24 of the EU Data Protection Directive 95/46/EC states that the Member States shall adopt suitable measures to ensure the full implementation of the provisions of this Directive and shall in particular lay down the sanctions to be imposed in case of infringement of the provisions adopted pursuant to this Directive.

Article 28(3) of EU Data Protection Directive 95/46/EC stipulates that each authority shall in particular be endowed with: investigative powers, such as powers of access to data forming the subject-matter of processing operations and powers to collect all the information necessary for the performance of its supervisory duties; effective powers of intervention, such as, for example, that of delivering opinions before processing operations are carried out, in accordance with Article 20, and ensuring appropriate publication of such opinions, of ordering the blocking, erasure or destruction of data, of imposing a temporary or definitive ban on processing, of warning or admonishing the controller, or that of referring the matter to national parliaments or other political institutions; and the power to engage in legal proceedings where the national provisions adopted pursuant to this Directive have been violated or to bring these violations to the attention of the judicial authorities. Decisions by the supervisory authority which give rise to complaints may be appealed through the courts.

 

Advocate Bot’s assessment of the questions referred to the CJEU

First, Advocate Bot emphasizes that the referred questions do not touch upon the material matter whether the processing of personal data in the case at hand is contrary to the rules of EU-Directive 95/46/EC.

Under the assumption that the administrator of a fan page is not a controller under Article 2(d) of EU-Directive 95/46/EC, the German Federal Administrative Court especially stresses the question whether Article 2(d) may be interpreted as definitively and exhaustively defining the liability for data protection violations or whether scope remains for responsibility for a body with is no controller within the meaning of this article. This leads to the central question, which is pointed out by General Advocate Bot, whether supervisory bodies are permitted by Article 17(2), 24 and Article 28(3) of Directive 95/46/EC to exercise their powers of interventions against such non-controller.

Advocate General Bot, however, considers the underlying premise to be incorrect and clearly emphasizes that, in his opinion, the administrator of a Facebook fan page must be regarded as jointly responsible for the phase of data processing which consists in the collecting by Facebook of personal data. By referring to CJEU’s Google Spain judgment C-131/12 of 13 May 2014, Advocate General Bot, as a starting point, stresses the importance and fundamental role of the controller under the EU Data Protection Directive and its responsibility to ensure the effectiveness of Directive 95/46/EC and its full protection of data subjects. Therefore, and in view of the history of CJEU’s case law, the concept of the “controller” must be given a broad definition. As the “controller” is the person that decides why and how personal data will be processed, this concept leads to responsibility where there is actually influence.

According to Bot, it is, as the designer of the data processing in question, Facebook Inc. alongside Facebook Ireland, which principally decides on the purposes of this data processing as it, especially, developed the economic model containing on one hand the publication of personalized advertisement and on the other hand the compilation of statistics for fan page administrators. Additionally, because Facebook Ireland has been designated by Facebook Inc. as being responsible for the processing of personal data within the European Union and because some or all of the personal data of Facebook’s users who reside in the European Union is transferred to servers belonging to Facebook Inc. that are located in the United States, Facebook Inc. alongside Facebook Ireland are responsible for data processing.

But at this point Bot additionally emphasized that Article 2(d) of Directive 95/46/EC expressly provides the possibility of shared responsibility and that it is also necessary to add to the responsibility of Facebook Inc. alongside Facebook Ireland the responsibility of the fan page administrator. Although Bot recognized that a fan page administrator is first and foremost user of Facebook, he stresses that this does not preclude those administrators from being responsible for the phase of data processing. In his view determination of the “controller” under Article 2(d) means any influence in law or in fact over the purposes and means of data processing, and not carrying out of the data processing itself.

Advocate General Bot argued that (1) fan page administrators by only having recourse to Facebook for the publication of its information subscribe the principle that visitor’s data will be processed. That data processing would (2) also not occur without the prior decision of the administrator to operate a fan page in the Facebook social network. And (3) by, on the one hand, enabling Facebook to better target the advertisement and, on the other hand, acquiring better insight into the profiles of its visitors the administrator at least participates in the determination of the purposes of data processing. These objectives are according to Advocate General Bot closely related which would support the joint responsibility.

Moreover (4) the administrator has as a decisive influence the power to bring that data processing to an end by closing the page down. Finally, Bot argued that (5) the administrator by defining criteria for the compilation of statistics and using filters is able to influence the specific way in which that data processing tool is used. This classification as a “controller” would also neither be contradicted by imbalances in the relationship of strength nor by any interpretation that is based solely on the terms and conditions of the contract concluded by the fan page administrator and Facebook. With reference to CJEU’s case Google Spain, Bot pointed out that it is not necessary to have complete control over data processing. This result and broad interpretation of “controller” would also serve the purpose of effective data protection and prevents the possibility to evade responsibility by agreeing to terms and conditions of a service provider for the purposes of hosting information on their website.

Furthermore, Advocate General Bot established a parallel with CJEU’s decision Fashion ID, C-40/17, where the manager of a website embeds in its website the Facebook Like Button, which, when activated, transmits personal data to Facebook. As to the question of Fashion ID “controlled” this data processing, Bot holds that there is no fundamental difference between those two cases. Finally, the Advocate General clarified that joint responsibility does not imply equal responsibility. The various parties may be involved in the processing of data to different degrees.

It seems surprising that Advocate General Bot simply rejected the premise of the German Federal Administrative Court, instead bringing to the foreground the question on the interpretation of the “controller” under Article 2(d)—even changing the focus of the referred questions. Furthermore, this broad interpretation and the expansion of the fundamental concept of the “controller” might suggest that, if followed by the CJEU, in the future anyone who has any influence on the data processing, especially by just using a service which is associated with data processing, might be held responsible for infringement of data protection law.

With regard to the question of jurisdiction it is worth mentioning that Advocate General Bot especially emphasized that the processing of data in the case at hand consisted of the collection of personal data by means of cookies installed on the computer of visitors to fanpages and specifically intends to enable Facebook to better target its advertisements. Therefore, in line with CJEU’s decision Google Spain and due to effective and immediate application of national rules on data protection and Advocate General Bot holds that this data processing must regarded as taking place in the context of the activities in which Facebook Germany engages in Germany. The fact that the EU head office of the Facebook Inc. is situated in Ireland does not, according to Bot, therefore, prevent the German data protection authority in any way from taking measures against the “Wirtschaftsakademie”. This, however, may be interpreted differently under the upcoming EU’s General Data Protection Regulation (2016/679), which replaces the existing EU Member State data protection laws based on Directive 95/46/EC when it enters into force on 25 May 2018.


 

EU-U.S. Privacy Shield – One Year Review

By Maria E. Sturm

On 12 July 2016, the European Commission issued its implementing decision pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the EU-U.S. Privacy Shield (Decision 2016/1250).  It became necessary after the ECJ declared the safe harbor policy of the EU Commission concerning the USA invalid in Maximilian Schrems v Data Protection Commission (C – 362/14). The new privacy shield contained several alterations to its predecessor, as well as the commitment to an annual review to asses, if an adequate level of data protection is still ensured. The first annual report has been published on 18 October 2017. It is based on meetings between the EU Commission and all relevant U.S. authorities, as well as on input from several stakeholders (companies, NGOs, data protection authorities of the Member States, etc.).

The review covered all aspects of the privacy shield. Those are formally, its implementation, administration, supervision and enforcement and with regard to its content the commercial aspects, as well as aspects of governmental access to personal data. So far, 2400 companies have been certified under the new privacy shield. This means first, that it is used actively and second, that the review commission had sufficient data to examine, if it works and where there are possibilities for improvement and refinement.

The U.S. authorities have introduced complaint-handling and enforcement mechanisms, as well as procedures to protect individual right, including the Ombudsperson mechanism. Furthermore, the relevant safeguards concerning access to personal data by public authorities, namely Presidential Policy Directive 28 (PPD-28), are still in force. Therefore, the report states, that in general, the United States provide an adequate level of protection as required by the European Court of Justice. However, the Commission still made some recommendations for further improvement:

  1. Companies should not be able to publicly refer to their Privacy Shield certification before the certification is finalized by the Department of Commerce (DoC): some companies referred to their certification after their application, but before the process had been finalized. This discrepancy can lead to wrong public information and can undermine the shield’s credibility.
  2. The DoC should search proactively and regularly for false claims: this refers to companies who initiated, but never completed the certification process, as well as to companies who never applied for a certification but still publicly suggest they comply with the requirements.
  3. The DoC should monitor compliance with the Privacy Shield Principles continuously: this could be done e.g. via compliance review questionnaires and/or annual compliance reports (either self-assessment or outside compliance review). The results could be used as starting point for follow up action, in case particular deficiencies are detected.
  4. DoC and Data Protection Authorities (DPA) should further strengthen awareness rising: in particular, EU citizens should receive information about their rights and how to lodge complaints.
  5. DoC, DPAs and Federal Trade Commission (FTC) should improve their cooperation: more intensive cooperation between all involved authorities on both sides of the Atlantic can help to implement and enforce the Shield.
  6. Protections of PPD-28 should be enshrined in the Foreign Intelligence Surveillance Act: this could ensure stability and continuity with regard to the protections of non-US persons.
  7. Privacy Shield Ombudsperson should be appointed as soon as possible: although the Ombudsperson mechanism already works, the Ombudsperson itself still has not been appointed. This should be done as soon as possible to complete this tool.
  8. Privacy and Civil Liberties Oversight Board (PCLOB) members should be appointed swiftly: here the same argument applies as in point 7. The board itself already started its work, but is not completely manned and therefore not as efficient as it could be.
  9. Reports should be released timely and publicly: the U.S. administration should release publicly the PCLOB’s report on the implementation of PPD-28, due to its relevance. In addition, the U.S. authorities should provide the Commission with comprehensive reports on recent relevant developments.

Furthermore, on behalf of the Commission, a study on automated decision-making will take place to collect further information and assess the relevance of automated decision-making for transfers carried out on the basis of the Privacy Shield.

After just one year, on could not expect everything to work perfectly, but the report gives an optimistic evaluation. Thus, with some further refinement, it seems, that the United States and the EU have found a helpful and viable tool that balances the companies’ and the government’s need for data with the individuals’ right to protect their data from unauthorized access.

[1] [2017] E.W.H.C. 711 (Pat).

[2] Commission Press Release, Intellectual property: Protecting Europe’s know-how and innovation leadership, November 29, 2017.

[3] Communication “A balanced IP enforcement system responding to today’s societal challenges”, COM (2017) 707, accompanied by Staff Working Document SWD (2017) 430 “Overview of the functioning of the Memorandum of Understanding (MoU) on the sale of counterfeit goods via the internet.”, Communication “Guidance on certain aspects of Directive 2004/48/EC of the European Parliament and of the Council on the enforcement of intellectual property rights”, COM (2017) 708 (hereinafter “Guidance on the Enforcement Directive”), accompanied  by  Staff  Working  Document Report on the Evaluation of Directive on the enforcement of intellectual property rights, SWD (2017) 431,  COM(2017) 712 final, Communication “Setting out the EU approach to standard essential patents”.

[4]Commission Communication, COM/2014/0392 final, “Towards a renewed consensus on the enforcement of Intellectual Property Rights: An EU Action Plan”. Also see, for its strategy on improving the fight against IPR infringements in third countries, Commission Communication, “Trade, growth and intellectual property – Strategy for the protection and enforcement of intellectual property rights in third countries”, COM(2014) 389 final, 1 July 2014.

[5]Commission Communication, “A Digital Single Market Strategy for Europe”, COM/2015/0192, May 6, 2015.

[6]Commission Communication, “Upgrading the Single Market:  more opportunities for people and businesses”, COM/2015/0550, October 28, 2015.

[7] Between 2015 and 2016, the Commission ran a public consultation to assess the functioning of Directive 2004/48/EC of the European Parliament and of the Council on the enforcement of intellectual property rights (“Enforcement Directive”).

[8] Commission Communication, COM(2017) 228 final, May 10, 2017.

[9]The Commission also adopted initiatives aimed at updating the legal framework applicable to copyright in order to adapt the existing rules to the Internet technological developments: see Communication “Promoting a fair, efficient and competitive European copyright-based economy in the Digital Single Market”, COM(2016)592, September 14, 2016 and Proposal for a Directive of the European Parliament and of the Council on Copyright in the Digital Single Market of  September 14, 2016 (“proposed Copyright Directive”).

[10] See supra, fn. 2.

[11]See Guidance on the Enforcement Directive, supra, fn. 2.

[12] Staff Working Document SWD (2017) 430 “Overview of the functioning of the Memorandum of Understanding (MoU) on the sale of counterfeit goods via the internet.” On the basis of a set of key performance indicators (KPIs), the Staff Working Document provides an empirical overview on how the MoU, first adopted in 2011 and subsequently updated in 2016, functioned between June 21, 2016 and June 21, 2017. Such indicators show that the MoU is proving effective and has already significantly contributed to curbing online counterfeiting.

[13] See supra, fn. 2.

[14] See, Enforcement Directive Guidance, Section III, page 11.

[15] Under Article 3(1) of the Enforcement Directive, the measures, procedures and remedies necessary to ensure the enforcement of the intellectual property rights covered by this Directive (…) shall be fair and equitable and shall not be unnecessarily complicated or costly, or entail unreasonable time-limits or unwarranted delays.

[16] See supra, fn. 14. Under Article 3(2), “those measures, procedures and remedies shall also be effective, proportionate and dissuasive and shall be applied in such a manner as to avoid the creation of barriers to legitimate trade and to provide for safeguards against their abuse.”

[17] For a thorough overview, see M.Husovec, Injunctions Against Intermediaries in the European Union, Accountable but not Liable, Cambridge University Press, 2017.

[18] See Judgment of the CJEU (Grand Chamber) of 12 July 2011, C-324/09, L’Oréal SA and Others v eBay International AG and Others, para. 127. In this judgment, the court considered that measures to prevent further infringements can be applied under Article 11 of the Directive.

[19] Id. The Commission also recalls cases C-70/10, Scarlet Extended, para. 31; C-360/10, SABAM, para. 29.

[20] Case C-494/15, Tommy Hilfiger, para. 22. In this case, the Court of Justice recalled para. 127 of the L’Oréal v eBay judgment, reiterating it, and said that the matter was thus “settled case law”. Arguing that the limitations to the scope of the injunction set out by the CJEU in Tommy Hilfiger bind national judges also in granting injunctions to intermediaries in the online world, see M.Husovec, Injunctions Against Intermediaries in the European Union, Accountable but not Liable, Cambridge University Press, 2017, pages 120-121.

[21] C-314/12, UPC Telekabel Wien GmbH v Constantin Film Verleih GmbH and Wega Filmproduktionsgesellschaft mbH, EU:C:2014:192.

[22] Tommy Hilfiger, supra, para. 23: according to the Court, “for an economic operator to fall within the classification of ‘intermediary’ within the meaning of those provisions, it must be established that it provides a service capable of being used by one or more other persons in order to infringe one or more intellectual property rights, but it is not necessary that it maintain a specific relationship with that or those persons”.

[23]Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonization of certain aspects of copyright and related rights in the information society (hereinafter, “Copyright Directive” or “InfoSoc Directive”).

[24] The Commission recalls Recital 59 of the Copyright Directive, which states that without prejudice to any other sanctions and remedies available, rights-holders should have the possibility of applying for an injunction against an intermediary who carries a third party’s infringement of a protected work or other subject-matter in a network. Such possibility is concretely foreseen under Article 8(3) of the Directive.

[25] Accordingly, on the one hand, the involvement of such economic operators, which did not themselves engage in any infringing activity, in the process of IPR enforcement under the Enforcement Directive can be required to ensure that rights-holders are in a position to effectively enforce their rights. On the other hand, there may in a given case be no justification for such involvement where the services provided are so distant or immaterial to the (alleged) infringement that the economic operator in question cannot reasonably be expected to significantly contribute to such effective enforcement, meaning that its involvement would be disproportionate and unnecessarily burdensome.

[26] In the context of measures tackling infringements of IPRs, the principle of proportionality has been codified under Art. 3(2) of the Enforcement Directive.

[27] In that case at stake was a blocking injunction against UPC Telekabel, an internet service provider, taken on the basis of Article 8(3) of the InfoSoc Directive.

[28]C-314/12, UPC Telekabel Wien GmbH v Constantin Film Verleih GmbH and Wega Filmproduktionsgesellschaft mbH, EU:C:2014:192, paras. 52-57.

[29] C-314/12, UPC Telekabel, para. 52-57.

[30] Section IV(3) of the Enforcement Directive Guidance.

[31] C-484/14, Tobias Mc Fadden v Sony Music Entertainment Germany GmbH, EU:C:2016:689, para. 93-95; C-314/12 UPC Telekabel, para. 56 and paras. 58-62.

[32] Id.

[33] C-314/12, UPC Telekabel, para. 53.

[34] Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market, OJ L 178, 17.7.2000, p. 1-16.

[35] The Commission recalls that in the abovementioned Scarlet and Sabam judgments the Court of Justice considered the measures at stake (broad injunctions ordered by a national judge) to be incompatible both with Article 15 of the E-Commerce Directive and Article 3(2) of the Enforcement Directive, when read with in conjunction with the requirement to respect fundamental rights.

[36] The Commission considers that, in certain specific circumstances, dynamic injunctions, which are forward looking and allow for a targeting of URLs when the infringement reoccurs (namely, in the presence of a whac-a-mole effect) can be an effective way to ensure enforcement of IPRs without the plaintiff having to reapply for a separate injunction,.

[37] Namely, Article 15 of the E-Commerce Directive, Article 3of the Enforcement Directive, the case law of the CJEU and fundamental rights as enshrined in the Charter of Fundamental Rights of the European Union.

[38] Husovec, supra, note 14, page 106. Arguing that: “providing policy plug-ins by means of injunctions isn’t a good way forward”, see again Husovec, id, page 18.

[39] See Max Planck Institute for Competition and Innovation contribution  in response  to the questions raised by  the  authorities of  Belgium,  the Czech Republic, Finland, Hungary, Ireland and the Netherlands to the Council Legal Service regarding  Article  13  and  Recital  38  of the  Proposal  for  a  Directive  on Copyright in the Digital Single Market, available at: http://www.ip.mpg.de/fileadmin/ipmpg/content/stellungnahmen/Answers_Article_13_2017_Hilty_Moscon-rev-18_9.pdf. The proposed Copyright Directive is expected to be considered by the JURI committee of the European Parliament in the next few months.

[40] Available at: https://www.epo.org/law-practice/unitary/unitary-patent/unitary-patent-guide.html

[41] https://www.epo.org/law-practice/legal-texts/epc.html

[42] http://europa.eu/rapid/press-release_MEMO-12-970_en.htm?locale=en

[43] Whether the United Kingdom continues to participate in the Unitary Patent and the Unified Patent Court after its withdrawal from the EU will be a political decision for the EU, its remaining Member States and the United Kingdom and may be addressed as part of the exit negotiations. See Guide, Section 15.

[44] In February 2013, 25 EU Member States, i.e. all EU Member States except Spain, Poland and Croatia, signed the Agreement on a Unified Patent Court (UPCA), Date of entry into force unknown (pending notification) or not yet in force, OJ C 175, 20.6.2013, p. 1–40. The UPCA is the third component of the Unitary Patent package. The Unified Patent Court (UPC) is a common court for all the Member States party to the UPCA and therefore, it is part of their judicial system. It has exclusive competence in respect of Unitary Patents as well as in respect of classic European patents validated in one or several of those states. See: https://www.epo.org/law-practice/legal-texts/html/upg/e/uppg_a_v_3.html. In September 2015, Italy joined the Unitary Patent and became the 26th member of the enhanced cooperation on Unitary Patent protection.

[45] The EU regulations establishing the Unitary Patent system (No 1257/2012 and No 1260/2012) entered into force on 20 January 2013, but they will only apply as from the date of entry into force of the UPCA, namely on the first day of the fourth month following the deposit of the 13th instrument of ratification or accession (provided those of the three Member States in which the highest number of European patents had effect in the year preceding the signature of the Agreement, i.e. France, Germany and the United Kingdom, are included). See EPO, When will the Unitary Patent start:  https://www.epo.org/law-practice/unitary/unitary-patent/start.html

[46]See, for a list of the (so far) 14 Member States which have already ratified the UPCA: http://www.consilium.europa.eu/en/documents-publications/treaties-agreements/agreement/?id=2013001# (last accessed 17 December 2017)

[47] Note from Presidency to the Council, Unitary Patent and Unified Patent Court – Information on the State of Play, 20 November 2017.

[48] On December 22, 2017, a note was sent to the UK Government by the UK Law Society which had been contributed to and signed by other IP stakeholder organisations, asking the Government to provide legal certainty regarding the UPC post-Brexit.

[49]See, for an overview: https://publications.parliament.uk/pa/cm201719/cmvote/171204v01.html

[50] M.Richardson, The Lords Consider the UPC: Where is it?, 12 December 2017, available at:  https://ipcopy.wordpress.com/2017/12/12/the-lords-consider-the-upc-where-is-it/

[51]Juve, UPC: Düsseldorfer Rechtsanwalt Stjerna legte Verfassungsbeschwerde ein, September 6, 2009: https://www.juve.de/nachrichten/verfahren/2017/09/upc-duesseldorfer-rechtsanwalt-stjerna-legte-verfassungsbeschwerde-ein

[52] For the PPA to come into effect, 13 signatory states – which have signed the UPCA (and which must include France, UK and Germany) and have ratified the UPCA or informed the depositary that they have received parliamentary approval to ratify the UPCA – must have signed and ratified, accepted or approved the Protocol or declared themselves bound by Article 1 of the Protocol. Therefore, Germany’s consent to the PPA is needed before the provisional application phase can start.

 

Copyright © 2017 contributors. This and the previous issues of the Transatlantic Antitrust and IPR Developments can be accessed via its webpage on the Transatlantic Technology Law Forum website.

Advertisements