In a reference originating in Estonia the CJEU has held that the exemptions from liability in the eCommerce Directive (2000/31) in respect of ‘mere conduit’, ‘caching’ and ‘hosting’ may, in principle, be relied on by an online rental and registration service for IP addresses which allowed the anonymous use of internet domain names.
Background to the case
SNB-REACT, an international anti-counterfeiting organisation, brought proceedings against a Mr Mehta in Estonia who ran an online rental and registration service for IP addresses. Mr Mehta owned IP addresses which, SNB-REACT alleged, corresponded to domain names which infringed trade marks owned by its members and were linked to websites selling counterfeit goods. At first instance the claim was dismissed on the basis, among other things, that Mr Mehta was entitled to rely on the safe harbours in the eCommerce Directive. SNB-REACT appealed, and the Estonian Court of Appeal referred to the CJEU the question whether these safe harbours could apply to a service of the kind provided by Mr Mehta, which the court described as “an IP address rental and registration service allowing domain names to be used anonymously”. In answering this question the Court addressed two key conditions for the application of the safe harbours.
Was the service an “information society service”?
The safe harbours are only available to services which qualify as information society services. These are services provided at a distance, by means of electronic equipment for the processing and storage of data at the individual request of the recipient of the services, and normally in return for remuneration. The Court emphasised that, based on previous case law, the concept of an information society service includes, in particular, services which contribute to facilitating relations between persons engaged in online sales activities and their customers.
Was the service of a “merely technical, automatic and passive nature”?
In order to qualify for the safe harbours the service must be “of a merely technical, automatic and passive nature”. Referring to previous case law and to the Recitals to the Directive, the Court explained that the service provider must neither have knowledge of nor control over the information which is transmitted or stored by its users; the limitations would not apply, for example, if the service provider played an active role in allowing users to optimise their online sales activity.
Applying these conditions to Mr Mehta’s service
The CJEU did not have enough evidence to allow it to comment specifically on whether the service in this case qualified – these were questions of fact which the referring (Estonian) court would have to consider. However, the CJEU made it clear that in principle the type of service run by Mr Mehta, which allowed the anonymous use of internet domain names, could qualify.
Importance of the case
The case provides a useful reminder of the conditions which apply to these safe harbours, which allow internet service providers (ISPs) to avoid liability for infringing content in their systems in defined circumstances. In relying on these exemptions it is important to remember that they apply only where the service is neutral. It must be limited to the technical process of operating and giving access to a communication network; as soon as the service provider starts thinking about ancillary services and “frills” it will need to weigh up the risk of falling outside the safe harbour.
The case: Coöperatieve Vereiniging SNB-REACT U.A. v Deepak Mehta C-521/17