The court also said, however, that there is nothing in European law that prevents “the possibility for the Member States of laying down an obligation to disclose personal data in the context of civil proceedings,” leaving the door open for EU member nations to amend their laws to require telecoms and ISPs to disclose personal data of suspected copyright violators.
The case before the court involved an action brought by Promusicae, a Spanish nonprofit organization consisting of producers and publishers of music and film.
In 2005, Promusicae made an application to a Spanish court asking the court to force the ISP Telefonica to disclose the identities and physical addresses of Telefonia customers who, according to Promusicae, had used the Kazaa file-sharing program to provide access to music files to which members of Promusicae held the rights.
The Spanish court entered an order against Telefonica, who then appealed the order, arguing that under Spain’s Law of Information Society Services and Electronic Commerce (LSSI) that the “communication of the data sought by Promusicae is authorized only in a criminal investigation or for the purpose of safeguarding public security and national defense, not in civil proceedings or as a preliminary measure relating to civil proceedings.”
The Spanish court then turned to Europe’s high court to settle the matter, seeking guidance as to whether EU law permits Member States to “limit to the context of a criminal investigation or to safeguard public security and national defense, thus excluding civil proceedings.”
In its ruling Tuesday, the high court observed that there are exceptions to the privacy protections afforded under EU law, but “none of these exceptions appears to relate to situations that call for the bringing of civil proceedings.”
“[The exceptions] concern, first, national security, defense and public security, which constitute activities of the State or of State authorities unrelated to the fields of activity of individuals, and second, the prosecution of criminal offenses,” the court stated in its ruling.
The court stated that Promusicae’s action raised “the question of the need to reconcile the requirements of the protection of different fundamental rights, namely the right to respect for private life on the one hand and the rights to protection of property and to an effective remedy on the other.”
In a statement issued in reaction to the court’s ruling, the International Federation of the Phonographic Industry (IFPI) hailed the decision, despite the fact that there will be no disclosure of the user data sought by Promusicae as a result.
“While the Court states that EU Member States are not obliged to provide for disclosure of data in civil proceedings, the judgment does clearly oblige them to strike a balance,” IFPI stated. “In our view, this should ensure that copyright holders must have the ability to obtain the information they need to enforce their rights and obtain effective remedies.”
John Kennedy, chairman and CEO of IFPI, asserted that the court’s ruling indicated that the courts are now acknowledging the need for new legislation to combat content piracy.
“Copyright theft on the Internet is the single biggest obstacle to the growth of the music business today,” Kennedy said. “The European court has confirmed the need to have effective tools to tackle piracy. The judgment means that music rights owners can still take actions to enforce their civil rights, and it has sent out a clear signal that Member States have to get the right balance between privacy and enforcement of intellectual property rights and that intellectual property rights can neither be ignored nor neglected.”