ISPs and File-exchangers’ IDs: Promusicae v Telefonica

January 31, 2008

The following details are taken from the judgment of the court. The full judgment can be accessed here.

Promusicae is a non-profit-making organisation of producers and publishers of musical and audiovisual recordings. By letter of 28 November 2005 it made an application to the Juzgado de lo Mercantil No 5 de Madrid (Commercial Court No 5, Madrid) for preliminary measures against Telefónica, a commercial company whose activities include the provision of internet access services.

Promusicae asked for Telefónica to be ordered to disclose the identities and physical addresses of certain persons whom it provided with internet access services, whose IP address and date and time of connection were known. According to Promusicae, those persons used the KaZaA file exchange program (peer-to-peer or P2P) and provided access in shared files of personal computers to phonograms in which the members of Promusicae held the exploitation rights.

Promusicae claimed before the national court that the users of KaZaA were engaging in unfair competition and infringing intellectual property rights. It therefore sought disclosure of the above information in order to be able to bring civil proceedings against the persons concerned.

By order of 21 December 2005 the Juzgado de lo Mercantil No 5 de Madrid ordered the preliminary measures requested by Promusicae.

Telefónica appealed against that order, contending that under the LSSI the communication of the data sought by Promusicae is authorised only in a criminal investigation or for the purpose of safeguarding public security and national defence, not in civil proceedings or as a preliminary measure relating to civil proceedings. Promusicae submitted for its part that Article 12 of the LSSI must be interpreted in accordance with various provisions of Directives 2000/31, 2001/29 and 2004/48 and with Articles 17(2) and 47 of the Charter, provisions which do not allow Member States to limit solely to the purposes expressly mentioned in that law the obligation to communicate the data in question.

In those circumstances the Juzgado de lo Mercantil No 5 de Madrid decided to stay the proceedings and refered the following question to the Court for a preliminary ruling:
Does Community law, specifically Articles 15(2) and 18 of Directive [2000/31], Article 8(1) and (2) of Directive [2001/29], Article 8 of Directive [2004/48] and Articles 17(2) and 47 of the Charter … permit Member States to limit to the context of a criminal investigation or to safeguard public security and national defence, thus excluding civil proceedings, the duty of operators of electronic communications networks and services, providers of access to telecommunications networks and providers of data storage services to retain and make available connection and traffic data generated by the communications established during the supply of an information society service?

According to the ECJ, the answer to the national court’s question must be that Directives 2000/31, 2001/29, 2004/48 and 2002/58 do not require the Member States to lay down, in a situation such as that in the main proceedings, an obligation to communicate personal data in order to ensure effective protection of copyright in the context of civil proceedings. However, Community law requires that, when transposing those directives, the Member States take care to rely on an interpretation of them which allows a fair balance to be struck between the various fundamental rights protected by the Community legal order. Further, when implementing the measures transposing those directives, the authorities and courts of the Member States must not only interpret their national law in a manner consistent with those directives but also make sure that they do not rely on an interpretation of them which would be in conflict with those fundamental rights or with the other general principles of Community law, such as the principle of proportionality.



The reluctance of the ECJ to dictate the choice between the rights of IP owners and the data protection rights of the ISP’s customers has been generally applauded, notwithstanding the uncertainty that its stance has created. Everybody loves proportionality. In the UK, with the ‘leaked’ proposal for ISP policing of file-exchangers’ behaviour, and of course in France, it seems certain that the exercise of discretion will be in favour of the IP rights holders. But, in grappling with the rock and the hard place, the ECJ does seem to have overlooked one fundamental principle: though the term has become outdated, it is supposed to be a common market. Is it so hard to imagine that those with the capacity to choose an ISP provider, might choose to carry out file-exchanging activities through an ISP governed by a state which exercises its discretion not to legislate so as to require the IDs of file exchangers to be revealed? Will this be a level playing field for ISPs?