No more “Stoererhaftung”?

What was for a long time associated with high liability risks and warning letters from lawyers, will now be made easier by the German government: Free wifi-hotspots.  The German government has decided to modify the so called “Stoererhaftung” – the liability of the operator of a wifi-hotspot for any infringements of law committed through the hotspot. However, even though rumor still has it a few days after the presentation of the draft for the new German Teleservices Act, this does not mean that operators of wifi-hotspots now will not be liable for whatever happens through their hotspot. To speak of a complete abolition of “Stoererhaftung” is a bit too much, at least at the moment.

Continue reading

Patrick Breyer v Federal Republic of Germany: Dynamic IP addresses = Personal Data? And Is German Data Protection Law too Restrictive?

Today, Attorney General Campos Sánchez-Bordona has delivered his Opinion in the Patrick Breyer v Federal Republic of Germany case before the ECJ (C-582/14; you can find the Opinion here in just about any language except English)).

We recall: The Bundesgerichshof (the highest court in Germany for all civil and criminal matters) submitted to the ECJ the following two questions:

“Must Article 2(a) of Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data 1  — the Data Protection Directive — be interpreted as meaning that an Internet Protocol address (IP address) which a service provider stores when his website is accessed already constitutes personal data for the service provider if a third party (an access provider) has the additional knowledge required in order to identify the data subject?”

“Does Article 7(f) of the Data Protection Directive preclude a provision in national law under which a service provider may collect and use a user’s personal data without his consent only to the extent necessary in order to facilitate, and charge for, the specific use of the telemedium by the user concerned, and under which the purpose of ensuring the general operability of the telemedium cannot justify use of the data beyond the end of the particular use of the telemedium?”

Continue reading

“Hyperlink does Not Constitute a Copyright Infringement”

Article 3 (1) of Directive 2001/29/EC on the “harmonisation of certain aspects of copyright and related rights in the information society” legally communicating copyrighted works to the public depends on the copyright holders authorization.

Continue reading

Facebook and the abuse of market power or the German Federal Cartel Office as data protection authority

The German Federal Cartel Office (Bundeskartellamt) has started preliminary proceedings against Facebook in early March, trying to find out if Facebook was misusing its market power to enforce abusive terms and conditions because of alleged data protection law violations. What sounds just like what antitrust authorities do, may in fact have a huge impact on Facebook and how it is behaving against its users.

Continue reading

German Regional Court: Consent necessary when implementing the Facebook Like-Button

On 9th March 2016, the Regional Court of Dusseldorf issued its ruling (pdf, German) in a proceeding between the consumer protection association of North Rhine-Westphalia and the company Fashion ID which concerned data protection issues surrounding the Facebook Like-Button.

The company had the well-known social plugin included on its website and informed website visitors about the plugin in its privacy policy, which was accessible via a link. In the privacy policy, the company informed that personal might be transmitted to Facebook and also provided a link to the privacy policy of Facebook. Below I will briefly discuss some aspects of the judgment. Continue reading

Open Source Software, License Compliance and the OpenChain Working Group

So you set up an open source license compliance program in your company. You educate your employees and you make sure you know how they handle open source software. But what about the software, which is supplied to you? Do you know how your supplier handles open source software? Can you trust that they know what they are doing when it comes to open source license compliance? Continue reading

Private use of the internet and the rights of the employer

Employers may collect browser data of their employees without their approval, if (1) there is reasonable suspicion that the employee uses his (business) computer and/or the office internet improperly and (2) there is no other means to prove this improper use than the collection of browser data (LAG Berlin-Brandenburg, Urt. v. 14.01.2016 – 5 Sa 657/15).

Continue reading

MFM fee recommendations and the license analogy method

Rightholders are entitled to damages when their photographs are used by third parties who have not been granted the necessary rights of use. Under German copyright law, damages are calculated according to the so-called license analogy method. This method assumes a fictitious license agreement upon reasonable conditions between the rightholder and the infringer. The rightholder then receives monetary compensation amounting to the royalties the parties would have reasonably agreed on. Continue reading

ECJ-decision: International jurisdiction in case of copyright infringement on a website

By judgment of 22 January 2015 (C-441/13), the European Court of Justice (ECJ) decided on the interpretation of Art. 5 para 3 of Regulation 44/2001 (Brussels I) on international jurisdiction of courts in a copyright infringement case. According to the ECJ, in case of an alleged infringement of copyrights and rights related to copyright by placing of protected photographs online on a website, the court is competent in the district where this website is accessible in its territorial jurisdiction. But this national court has jurisdiction only to rule on the damage caused in the European Member State within which the court is situated.
Continue reading

District Court of Berlin: Google Germany not responsible for ‘right to be forgotten’-requests

On 21 August 2014, the District Court of Berlin ruled (27 O 293/14, German) that the subsidiary of Google in Germany, Google Germany GmbH, is not responsible for the fulfillment of requests of natural persons under the so called ‘right to be forgotten’, created by the European Court of Justice (ECJ) in its much-noticed judgment in May 2014 (C-131/12). The Berlin court held that only the American company, Google Inc., can be regarded as the ‘data controller’ in the sense of European data protection law because only Google Inc. is the operator of the search engine. As a consequence, legal actions must be brought against Google Inc., not the subsidiary in Hamburg. Natural persons who want a link to third party websites to be removed from the search result list following a search made on the basis of a person’s name would therefore have to sue Google Inc. and not the European subsidiary.
Continue reading

Do XING profiles require a masthead?

This past summer, a decision of the Stuttgart Regional Court became known by the name #XINGGATE. In its decision (LG Stuttgart, decision of June 27, 2014 – file number: 11 O 51/14), the court held XING profiles to be independent telemedia, to which § 5 Telemediengesetz, the German Law on Telemedia (TMG) applies, meaning that personal XING profiles have be equipped with a masthead under German law.

Continue reading

… Until Authorship is Proven

Under German copyright law, injunctive reliefs are subject to the condition of danger of repetition. Such danger is assumed once a copyright infringement occurred, but it is eliminated, if the infringer signs a declaration of discontinuance with a penalty clause (in German “strafbewehrte Unterlassungerklärung”) within the set deadline. The Higher Regional Court of Hamburg (OLG Hamburg, decision of October 16, 2014 – file number: 5 U 39/13) now held that such declaration of discontinuance is insufficient, if it includes a so-called potestative clause, i.e. the declaration is subject to the claimant proving his authorship.

Continue reading

Are Dynamic IP-Addresses “Personal Data” As Defined By the EU Data Protection Directive?

And if so; May they be recorded? – The German Federal Court of Justice (BGH) in its decision dated October 28, 2014, court ref. VI ZR 135/13 referred to the to the European Court of Justice (ECJ) for a preliminary ruling regarding the interpretation of the EU Data Protection Directive concerning the definition of the term “personal data” therein and recording of dynamic IP-addresses. Continue reading

For bloggers and other content sharers: why framing of third party content does not violate third party copyright

The European Court of Justice (ECJ) has stated that framing of content (such as embedding Youtube videos or other content on blogs and other websites via link) does not violate the copyright of the author of the respective content. In particular, such framing is not considered a “making available to the public” according to the European directive on copyright in the Information Society (2001/29/EC) and section 19a of the German Copyright Act (“UrhG”). However, it can be derived from the court ruling that this applies only if the reproduction is not meant for a new audience and does not use a different reproduction technique.

Continue reading

The Title of an App Can Be Protected as a Work Title under German Trademark Law – If it Is Not Merely Descriptive

The Higher Regional Court of Cologne (OLG Köln) held in its decision (court ref. 6 U 205/13) dated September 5, 2014 that the title of a mobile app can enjoy protection against similar titles for similar services. However, the claimant who is the operator of a German weather information website that runs under the domain <wetter.de> and an app with identical content also titled <wetter.de> cannot prohibit the use of the title <wetter DE> or <wetter-de> for a similar weather app by the defendant. Continue reading

Copyright Law: The Author’s Right to be Named

According to the district court of Kassel’s decision of June 6th, 2014 (file number: 410 C 3000/13) authors of copyrighted works can exercise their right to decide if and how they want to be named as author of their works through terms and conditions. Continue reading

Court Decision: Companies Allowed to run Fanpages on Facebook

The Administrative Court of Schleswig (Verwaltungsgericht Schleswig) held today in three parallel decisions that companies that run their own fanpages on Facebook are not responsible for the social network’s data collection and processing under German data protection law. Continue reading

Federal Supreme Court: Can a foreign company use a .de-domain?

In the case laid before the Federal Supreme Court (Bundesgerichtshof; BGH) the court primarily had to decide about the liability of the administrative contact of the domain dlg.de. However, in the obiter dictum, the court also held under which circumstances a foreign company is entitled to use a .de-domain. Continue reading

7th National IT-Summit in Essen

Last week, several German political leaders, members of the federal administration, academics, IT-businessmen and other members of the German society met in Essen for the 7th National IT-Summit. The summit is an invite-only conference being held once a year by the German Federal Ministry of Economics and Technology. It forms the end and new beginning of an ongoing discussion between the members of the six working groups and several sub-working groups to develop a nation-wide (political) IT-strategy for Germany. Continue reading