Royal Courts of Justice
Strand, London, WC2A 2LL
Before :
MR JUSTICE KENNETH PARKER
Between :
THE QUEEN
(on the Application of)
(1) BRITISH TELECOMMUNICATIONS PLC (2) TALKTALK TELECOM GROUP PLC | Claimants |
- and - | |
THE SECRETARY OF STATE FOR BUSINESS, INNOVATION AND SKILLS | Defendant |
- and - | |
(1) BPI (BRITISH RECORDED MUSIC INDUSTRY) LIMITED (2) BRITISH VIDEO ASSOCIATION LIMITED (3) BROADCASTING ENTERTAINMENT CINEMATOGRAPH AND THEATRE UNION (4) EQUITY (5) FILM DISTRIBUTORS’ ASSOCIATION LIMITED (6) FOOTBALL ASSOCIATION PREMIER LEAGUE LIMITED (7) MOTION PICTURE ASSOCIATION INC (8) THE MUSICIANS’ UNION (9) PRODUCERS ALLIANCE FOR CINEMA AND TELEVISION LIMITED (10) UNITE | Interested Parties |
- and - | |
(1) OPEN RIGHTS GROUP (2) ARTICLE 19 and CONSUMER FOCUS | Interveners |
Antony White QC and Kieron Beal (instructed by BT Legal and Talk Talk Legal) for The Claimants
James Eadie QC, Robert Palmer and Alan Bates (instructed by The Treasury Solicitor) for The Defendant
Pushpinder Saini QC and James Strachan (instructed by Wiggin LLP) for The Interested Parties
Hearing dates: 23, 24, 25 and 28 March 2011
Judgment
Mr Justice Kenneth Parker :
Introduction
This is an application for judicial review in which it is claimed that the online infringement of copyright provisions (“the contested provisions”) of the Digital Economy Act 2010 (“the DEA 2010”) and the Copyright (Initial Obligations) (Sharing of Costs) Order 2011, currently laid before Parliament (“the draft Costs Order”) are incompatible with a number of provisions of EU law. Permission was granted by Wyn Williams J on 10 November 2010.
The First Claimant, British Telecommunications Plc (“BT”), is a public limited company incorporated under the laws of England and Wales. The Second Claimant, TalkTalk Telecom Group Plc (“TTG”), is also a public limited company incorporated in England. Each carries on business in the supply of telecommunications services and equipment to both businesses and residential customers. Both BT and TTG are also internet service providers (“ISPs”).
The Defendant (“the Secretary of State”) is the Government minister designated with responsibility for the Department for Business, Innovation and Skills (“DBIS”).
There are ten Interested Parties. These are organisations and associations concerned with the protection of copyright in works belonging to their members whom they represent. They also include unions whose members are employed in the creative industries, and their employers. There are also two interveners, Consumer Focus (“CF”) and Article 19. CF is the National Consumer Council in England and Wales, with statutory duties to represent the interests of consumers and to advise the Government and regulators on consumer matters. Article 19, the Global Campaign for Free Expression, a charity registered in the UK, is an international human rights organisation concerned with protecting and promoting the right to freedom of expression.
The Claimants advance five grounds of challenge in respect of the contested provisions. They contend that:
The provisions constitute a technical regulation and/or a rule on services within the meaning of the Technical Standards Directive (Directive 98/34/EC of the European Parliament and of the Council of 22 June 1998 laying down a procedure for the provision of information in the field of technical standards and regulations, OJ [1998] L No 204, as amended by Directive 98/48/EC of the European Parliament and of the Council of 20 July 1998, OJ [1998] L No 217). The provisions, it is said, should have been notified to the EU Commission in draft, but were not. The provisions are accordingly unenforceable.
They are incompatible with certain provisions of the Electronic Commerce Directive (“the E-Commerce Directive”) (Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market, OJ 2000 L No 178).
They are incompatible with certain provisions of the Privacy and Electronic Communications Directive (“the PEC Directive”) (Directive 2002/58/EC of the European Parliament and of the Council concerning the processing of personal data and the protection of privacy in the electronic communications sector, OJ [2002] L No 201).
They are disproportionate in their impact on ISPs, consumers, business subscribers and public intermediaries. The requirement for the legislation to be proportionate in its impact on ISPs, businesses and consumers is said to be derived from a number of sources, including Articles 7, 8, 11 and 52 of the Charter of Fundamental Rights and/or general principles of EU law, pursuant to Article 6 TEU and the Human Rights Act 1998 and Articles 8 and/or 10 of the European Convention on Human Rights.
They infringe the Authorisation Directive (Directive 2002/20/EC of the European Parliament and of the Council on the authorisation of electronic communications networks and services OJ [2002] L No 108, as amended by European Parliament and EC Council Directive 2009/140, OJ [2009] L 337).
The Claimants also seek to challenge the draft Costs Order on each of grounds 2 to 5 above (the Order having been notified in draft to the EU Commission, ground 1 was not applicable).
Factual Background
The framework within which ISPs operate
The Claimants operate within a framework of measures known as the “telecoms package”. This includes five European Directives which set out the major provisions governing the “telecoms package”. These were introduced by the EU to harmonise the cross-border provision of telecommunications services within the internal market.
The Office of Communications Act 2002 and the Communications Act 2003 (“CA 2003”) led to a major re-organisation of telecommunications markets in the United Kingdom, under the regulatory control of Ofcom. The regulation at both an EU and a national level has been designed to promote competition between telecommunications providers and protect consumer interests, while ensuring that a universal service is available for the majority of telecommunications services (access to landline telephony, mobile phone telephony and internet access).
The Claimants each provide an “information society service” (as defined in the E-Commerce Directive: see paragraph 96 below). For the relevant purposes of these proceedings, they do so as mere “conduit” ISPs. As such each ISP gives access to an electronic communications network to its own subscribers. A conduit is not allowed to interfere with traffic. In that capacity, it has neither knowledge of, nor control over, the information which is transmitted by subscribers. Its actions are merely “technical, automatic and passive”: see Joined Cases C-236/08 to C-238/08 Google France SARL v Louis Vuitton Malletier SA [2010] ECR 1-0000, ECJ, at [110], [113] and [114].
Background to the relevant legislation
Memorandum of Understanding
Software developers have created file-sharing software enabling an internet user on one computer to access files and material stored on another user’s computer where the second user is also connected to the internet (peer-to-peer or “P2P” software). P2P services enable an internet user to search for files being offered by other users who are connected to the same and sometimes other P2P services, and to request and receive copies of these files on his or her computer, and make these files available for further distribution to other users of P2P services over the internet, transmitting exact copies of files from his or her computer to another user’s computer. Individuals who make available and communicate files using P2P services store these files in directories on their computers that they open to other internet users to view and access. In this way a copyright work such as a sound recording or film can be stored in the form of a digital file in the shared directory, and that file can be made publicly available to vast numbers of other P2P users who are able to search for the file and, on request, transfer copies of that file over the internet to others. At any time there may be hundreds of thousands of individuals accessing a P2P service, many of them doing so unlawfully by infringing copyright in the relevant work.
Music is a popular target of P2P file sharing. The arrival of MP3 software in the late 1990s enabled the conversion of digitally recorded (or remastered) music into highly compressed computer files. As a matter of history it appears that Napster Inc, in the United States, was the first to exploit the opportunities for music sharing opened up by P2P technology, but the early means that it employed exposed it to a successful claim for copyright infringement and led to its demise, without deterring more sophisticated successors. It should be stressed that P2P software may be used for legitimate purposes, such as sharing photographs between family and friends and transferring digital media files between a desk top and a lap top computer owned by the same individual or family.
In order to combat the increase in unlawful file-sharing, BT, TTG and other ISPs were encouraged by the Government to enter into a Memorandum of Understanding (“MOU”) with the BPI (British Recorded Music Industry) Limited (“BPI”) and other rights owners in July 2008. ISPs undertook to work together with other signatories in an experimental trial in which internet service customers were informed if their accounts were being used to share copyright material unlawfully and were advised how to address such infringements. The Claimants participated in such a trial for three months.
The MOU was intended to improve communication and cooperation between relevant industries to promote education of consumers. A combined Principle 2 and Principle 3 Working Group was set up under the MOU to report on commercial solutions to the problem of copyright infringement. The MOU three-month trial period expired in January 2009. BT also filed a response to the consultation process undertaken by the Secretary of State.
The ISPs which took part in the MOU were not obliged to inform rights holders of the fact that notification letters had been sent. The notifications sent to subscribers were primarily educative and further notifications to the same customer did not escalate in tone or make threats or warnings. The notifications also made it clear that they were being sent as part of a trial, not because of a statutory requirement on ISPs. BT informally raised concerns about the lawfulness of data processing and retention with the Information Commissioner’s Office at the time of the MOU. These legal concerns were shared by other ISPs.
Furthermore, the MOU Principle 5 Group (one of the inter-industry groups established under the MOU to explore the options for controlling unlawful P2P file-sharing) examined not only technical measures but also legal measures that might be adopted by rights holders, including legal action by rights holders against individuals. This Group’s work was not complete when in February 2009 the Government indicated that, in the light of the Digital Britain Interim Report, it was proposing to adopt a legislative solution to the problem.
Digital Britain: The Interim Report
In January 2009, the Department for Culture, Media and Sport (“DCMS”) and the Department for Business, Enterprise and Regulatory Reform (“DBERR”), now known as the Department for Business, Innovation and Skills (“DBIS”), published a paper entitled Digital Britain: Interim Report (Cm 7548).The paper proposed the enactment of legislation which would require ISPs to notify alleged infringers of copyright that their conduct was unlawful (upon the provision of certain evidence by rights holders); and to collect “anonymised” information on repeat infringers which could be made available to rights holders upon production of a Court order.
The Government White Paper
In June 2009, the Government published its White Paper on Digital Britain, entitled Digital Britain: Final Report (Cm 7650).This set out Government proposals designed to put the United Kingdom at the forefront of “the global move towards a digital knowledge economy.” The Government in particular set out to tackle unlawful P2P file sharing.
The White Paper followed the Interim Report. ISPs would be required to notify subscribers of infringements identified by copyright holders and to maintain “anonymised” lists of repeats offenders (the identity of whom could be made subject to a request for disclosure by the copyright holders by Court order). Obligations would be placed on ISPs to notify subscribers of their alleged unlawful conduct, and to collect information on repeat infringers.
The White Paper also raised the possibility of further legislative measures being adopted if the “initial obligations” did not produce the desired reduction in unlawful file-sharing. The envisaged measures included:
The blocking of access to websites, internet protocol (“IP”) addresses or to a uniform resource locator (or URL, which is the global address of individual web pages, documents and other resources on the worldwide web);
Protocol blocking (preventing certain internet protocols from accessing the internet which can prevent certain internet services being used by a computer);
Port blocking (preventing certain ports from accessing the internet, with the same aim as protocol blocking);
Bandwidth capping (which reduces the speed at which files might be downloaded);
Volume capping (restricting the amount of data that may be downloaded over a period of time);
Bandwidth shaping (limiting the speed of a subscriber’s access to selected protocols or services);
Content identification and filtering.
On 25 August 2009, the Government issued a statement in the course of the consultation. The statement set out a significant change in the Government’s proposals in respect of technical obligations that might be imposed. The Secretary of State would be able to introduce technical obligations at any time, including the disconnection of a subscriber’s internet access. The statement also indicated that individual parties would be responsible for bearing their own costs of compliance with the initial obligations, save that the operating costs of sending notifications would be split 50:50 between ISPs and rights holders. Previously it had been intended that Ofcom should determine this matter in the Code. The Claimants responded to the consultation, and I believe that it is fair to say that, in principle, they supported a system of notifying subscribers of copyright infringement.
The passage of the Digital Economy Bill
The Government published its response to the consultation in November 2009.It announced that legislation to tackle online copyright infringement would be introduced in the Digital Economy Bill. The Government stated that the Bill would introduce two “straightforward obligations”, whose detailed practical implementation would be left to be developed in an industry approved Code (or in default by Ofcom). The costs proposals previously advanced were changed to a proposed “flat fee” system, by which rights owners paid an ISP a flat fee for processing each of its “copyright infringement reports” (“CIRs”).
On 16 November 2009, the Government published the Digital Economy Bill. It was introduced in the House of Lords on 19 November 2009.
Paragraph 34 of the Explanatory Notes accompanying the Digital Economy Bill stated that:
“The provision inserts new sections 124A to 124M in the Communications Act 2003 (“the 2003 Act”), which impose obligations on internet service providers (“ISPs”) to:
• Notify their subscribers if the internet protocol (“IP”) addresses associated with them are reported by copyright owners as being used to infringe copyright; and
• Keep track of the number of reports about each subscriber, and compile, on an anonymous basis, a list of some or all of those who are reported on. After obtaining a court order to obtain personal details, copyright owners will be able to take action against those included in the list.”
Paragraph 35 of the Notes explained that these obligations would be underpinned by a code approved by Ofcom or, if no industry code was put forward for approval, a code made by Ofcom. The Notes stated that the Code would “set out in detail how the obligations must be met.”
Furthermore, paragraph 36 observed that the structure of the Bill was such that if the initial obligations imposed did not achieve the objective of reducing unlawful file-sharing to a satisfactory extent, then additional “technical obligations” could be imposed on ISPs. These would require ISPs to limit internet access by certain subscribers, for example through bandwidth capping or shaping, or through temporary suspension in certain circumstances.
Paragraph 48 gave the following explanation of the content of the obligation found in Clause 5:
“ISPs will have to keep a record of the number of CIRs linked to each subscriber along with a record of which copyright owner sent the report. Under section 124B of the 2003 Act, inserted by clause 5, an ISP may be required to provide a copyright owner with relevant parts of those records on request (“copyright infringement lists”), but in an anonymised form so as to ensure compliance with data protection legislation.”
Paragraphs 51 and 52 of the Explanatory Notes stated that the obligations in the proposed Act would not take formal effect until a Code was published. The Code would deal with the “points of detail.” The Government’s stated intention (at paragraph 55) was for the obligations imposed by the Bill to fall on all ISPs except those who were demonstrated to have a very low level of online infringement.
The contents of the “initial obligations code” were addressed in Clause 8 of the Bill and paragraph 59 of the Explanatory Notes. A proposed section 124E of the CA 2003 would set out what the Code must contain in terms of a minimum set of obligations to be imposed on ISPs. The stated reason for setting the fuller details down in the Code was that the specific obligations and procedures would be detailed and were likely to have to be adapted over time.
The Government’s Impact Assessments
The Bill was the subject of a regulatory Impact Assessment issued in November 2009. It was updated in March 2010 following some amendments to the Bill during its passage through the House of Lords. The then Financial Secretary to the Treasury (Stephen Timms MP) said of the Impact Assessment:
“I have read the Impact Assessment and I am satisfied that (a) it represents a fair and reasonable view of the expected costs, benefits and impact of the policy, and (b) that the benefits justify the costs.”
The Impact Assessment set out estimated costs of compliance and anticipated benefits. The Secretary of State assumed that 70 per cent of infringers would stop downloading illegally following receipt of a notification letter from an ISP. The figures behind this assumption were derived from the Digital Entertainment Survey, conducted by representatives of the rights holders.
The DEA 2010 received Royal Assent on 8 April 2010. Pursuant to sections 47(1) and (2) DEA 2010, sections 124A and 124B of the CA 2003 came into force on 8 June 2010. Sections 124C to 124E, 124M and 124N came into force on 8 April 2010. The other relevant provisions came into force on 8 June 2010.
The Draft Costs Statutory Instrument
Section 15 DEA 2010 introduced a new section 124M of the CA 2003, empowering the Secretary of State by statutory instrument to make an Order addressing the question of costs-sharing or costs allocation arising from costs incurred in complying with the initial obligations or any technical obligation. The Secretary of State has exercised that power in drawing up the draft Costs Order. That measure was notified to the EU Commission pursuant to the Technical Standards Directive.
ISPs, rights holders and Ofcom were incurring costs in anticipation of meeting the obligations contained in the DEA 2010 and participating in discussions on the draft Initial Obligations Code. Ofcom also sent to BT a draft Notice under section 135 of the CA 2003 requesting the provision of information.
A consultation was conducted by the Secretary of State and Ofcom concerning the proposed allocation of the costs of implementation of the DEA 2010 between rights holders and ISPs.
The Government also conducted a specific impact assessment of the draft Costs Order. The Impact Assessment at page 7 stated:
“The intention of the Order is to specify the allocation of costs arising from the primary legislation in the Act which places obligations on ISPs when informed by copyright owners through copyright infringement reports to identify and inform subscribers of their illegal behaviour and to maintain record keeping systems.”
The Government also acknowledged that it had to notify the draft Costs Order governing “costs sharing” to the Commission as a draft technical regulation under the Technical Standards Directive. It was notified to the EU Commission on 22 September 2010. The Commission has responded to the notified measure, raising concerns about its compatibility with the Authorisation Directive.
The draft Costs Order was laid before Parliament on 21 January 2011. It is subject to the affirmative resolution procedure. The Costs Sharing Order 2011 is expected to enter into force in due course, subject to the correction of a drafting error identified by the House of Lords and House of Commons Joint Committee on Statutory Instruments.
The Prospect of Pan-European Action
The Commission on 22 December 2010 published a Report on the Application of Directive 2004/48/EC on the enforcement of intellectual property rights. The Report stated:
“The analysis of the implementation of the Directive in the Member States shows that the Directive lays a solid foundation for enforcing intellectual property right in the internal market, but that certain clarification may be needed to avoid any ambiguities and adapt the Directive to the new challenges posed in particular by today’s digital environment.”
The Commission considered that a number of areas deserved further attention, including the
“use of provisional and precautionary measures such as injunctions, [and] procedures to gather and preserve evidence (including the relationship between the right of information and the protection of privacy).”
The Commission indicated that it was beginning work on impact assessment and was encouraging responses to proposed measures.
Many of the ISPs operating in the UK are wholly or partly owned by ISPs established in other Member States. The question of unlawful file-sharing is an EU wide issue. In October 2009 the Commission commenced its own consultation about the consequences of “de-materialisation of online content.” The “Reflection Paper” issued by the Commission at the same time observed that “the nature of the challenges and problems presented by cross-border provision of creative content by the internet” suggested that “responses to most of these challenges will have to be joint European ones, instead of being the result of separate or even contradictory national initiatives.”
The Contested Provisions
The Initial Obligations Provisions
The first ground of challenge, in particular, turns, in my view, upon the legal effect of the contested provisions. It is, therefore, necessary to examine these provisions in some detail.
Sections 3-7 of the DEA 2010 insert sections 124A-124E into the CA 2003. Materially:
Section 124A(2) permits a copyright owner to make a copyright infringement report (“CIR”) to an ISP “if a code in force under section 124C or 124D (‘an initial obligations code’) allows the owner to do so.”
Section 124A(4) creates an obligation on an ISP to notify the subscriber of such a report “if the initial obligations code requires the provider to do so.”
An obligation on an ISP to provide a copyright owner with a copyright infringement list on its request arises under section 124B(1) “if … an initial obligations code requires the internet service provider to provide it.”
Any such copyright infringement list will relate to each “relevant subscriber” – a term which is defined by reference to the threshold which will in due course be set by the initial obligations code: see section 124B(3).
Those obligations are referred to as the “initial obligations”: section 124C(1). Each of them is dependent for their content, as well as for their effect, on the making of an initial obligations code under sections 124C or 124D.
Section 124D requires an initial obligations code to be made by Ofcom within the period prescribed by the Secretary of State (currently by 31 March 2011), if such a code has not previously been made by others and approved by Ofcom under section 124C. But by either route the maker of the Code will design and set the particulars of the initial obligations. Thus:
Section 124C(3) to (5) provides as follows:
“(3) The provision that may be contained in a code and approved under this section includes provision that –
(a) specifies conditions that must be met for rights and obligations under the copyright infringement provisions or the code to apply in a particular case;
(b) requires copyright owners or internet service providers to provide any information or assistance that is reasonably required to determine whether a condition under paragraph (a) is met.
(4) The provision mentioned in subsection (3)(a) may, in particular, specify that a right or obligation does not apply in relation to a copyright owner unless the owner has made arrangements with an internet service provider regarding –
(a) the number of copyright infringement reports that the owner may make to the provider within a particular period; and
(b) payment in advance of a contribution towards meeting costs incurred by the provider.
(5) The provision mentioned in subsection (3)(a) may also, in particular, provide that –
(a) except as provided by the code, rights and obligations do not apply in relation to an internet service provider unless the number of copyright infringement reports the provider receives within a particular period reaches a threshold set in the code; and
(b) if the threshold is reached, rights or obligations apply with effect from the date when it is reached or from a later time.”
Further, where a Code is made by Ofcom under section 124D, section 124D(2) provides that in addition to any of the things mentioned in section 124C(3)-(5), the Code may also make various provisions as to jurisdiction and enforcement of the initial obligations, as well as (under section 124D(5)(h)) “make other provision for the purpose of regulating the initial obligations”.
There are certain criteria that any initial obligations code must fulfil: section 123C(6) and 124D(6). They are set out in section 124E.
Section 124E(1)(a) requires the Code to include provision about the means of obtaining the standard of evidence that must be included in a CIR, and as to its required form. The DEA 2010 does not otherwise define the circumstances in which a copyright owner will be allowed to make a CIR. That is left open by sections 124C(3)-(5).
Sections 124E(1)(b) and 124E(3)-(4) require the Code to make provision specifying the requirements as to the means by which the ISP identifies the subscriber who is the subject of a CIR, which of the reports the provider must notify the subscriber of, and requirements as to the form, contents and means of the notification; they also place an upper limit of 12 months on the period which may elapse between the date of receipt of a CIR and of its being taken into account for the purposes of the notification. The DEA 2010 does not otherwise define what any of those requirements should be, or otherwise prescribe the circumstances in which an ISP will be required to notify the subscriber of the report. It does not prevent Ofcom from setting a lower limit than 12 months on the period which may elapse between the date of receipt of a CIR and of its being taken into account.
Section 124E does not prescribe the circumstances in which the ISP will be required to provide a copyright infringement list in accordance with section 124B(1)(b): that is left to be determined by the Code.
Sections 124E(1)(c) and 124E(5)-(6) require the Code to set a threshold for determining who a “relevant subscriber” is, but that threshold may “be set by reference to any matter”; they also set an upper limit of 12 months on the age of CIRs to be taken into account, but again do not prevent the introduction of a lower limit.
The remaining provisions of section 124E operate in a similar way as regards the initial obligations:
Sections 124E(1)(d) and (e) require that the Code makes provision about how ISPs are to keep information about subscribers and limits the time for which they may keep that information. They do not specify what provision or for what period of time.
Sections 124E(1)(f) and 124M require provision to be made about contributions towards meeting costs, but do not specify what that provision should be.
Sections 124E(1)(g) and 124E(7)-(8) require provision to be made that Ofcom has the function of administering and enforcing the Code, and that there are “adequate arrangements” for it to obtain information and recover its costs for so doing. They do not specify what provision should be made by the Code.
Sections 124E(1)(i), (j), (k) and (l) respectively provide that the Code must be objectively justifiable, non-discriminatory, proportionate and transparent.
The Technical Obligations Provisions
The DEA 2010 does not provide for any obligation for technical obligations to be brought into effect: see section 124H(1). If and when they are brought into effect, their precise content would be informed by the annual progress reports which Ofcom must produce under section 124F, as well as the product of any consultation with ISPs and others undertaken under section 124G(5)(a), and would take into account Ofcom’s assessment of whether or not any particular technical obligation should be imposed on ISPs.
The actual technical obligations to which ISPs might be subject are not provided for by the DEA 2010. The definition of a “technical measure” provided by section 124G(3) is indicative, not exhaustive: a variety of alternatives is set out, the last of which reads “limits the service to the subscriber in another way”. The “relevant subscribers” against whom technical measures may be required to be taken are in turn defined by criteria which are not yet set: see sections 124G(4) and 124B(3). Sections 124I-J do not prescribe the contents of the technical obligations. It is expressly provided by section 124I(3) that a code may do any of the things mentioned in section 124C(3)-(5) or sections 124D(5)(a)-(g), and may also make other provision for the purpose of regulating the technical obligations.
The Appeals Provisions
The obligations that the Code must contain in relation to subscriber appeals are set out in sections 124E(1)(h) and 124K(2)-(8) in respect of the initial obligations, and sections 124J(1)(b) and 124K(2)-(11) in respect of the technical obligations.
It should be noted, in particular, that:
The scope of the appeal provisions’ practical application is not yet fixed: no subscriber appeal can be made until (at the earliest) a subscriber has been notified by an ISP of a CIR under section 124A.
Although there is a prescribed appeal mechanism in respect of any technical measures, such measures have not yet been proposed and adopted (see above).
The appeal provisions depend upon the initial obligation provisions and the technical obligation provisions. The appeal provisions can have no legal effect until the relevant underlying provisions have been defined and brought into effect.
Section 124G(6) places an obligation on ISPs and copyright owners to give Ofcom any assistance that it reasonably requires for the purposes of complying with any direction made under section 124G. But those directions may only be given by Ofcom, and concern the preparatory steps which Ofcom might be required to take in advance of the introduction of a technical obligations code, such as the need to assess whether technical obligations should be imposed on ISPs, to prepare for those obligations, including by consulting ISPs and assessing the likely efficacy of a technical measure and to report to the Secretary of State.
Section 124L applies sections 94 to 96 of the CA 2003 in relation to a contravention of an initial obligation or a technical obligation, or a contravention of an obligation under section 124G(6), allowing Ofcom to impose a penalty on an ISP or copyright owner in respect of such contraventions. Those compliance provisions are dependent upon such obligations having come into effect as a result of the making of an initial obligations code or technical obligations code.
Section 17 of the DEA 2010 empowers the Secretary of State to make provision by regulations in respect of blocking injunctions. Section 17 does not prescribe the circumstances in which the regulations would allow an injunction to be applied for or granted by the court, beyond the reference to the court needing to be satisfied that there was a “substantial amount of material” being obtained in infringement of copyright from a particular location, in section 17(4).
The First Ground of Challenge: Breach of The Technical Standards Directive
The Relevant Provisions of the Amended Technical Standards Directive (TSD)
Article 1(2) defines “service” as
“Any Information Society service, that is to say, any service normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of services.”
Article 1(5) TSD defines “rule on services” as a
“requirement of a general nature relating to the taking-up and pursuit of service activities within the meaning of point 2, in particular provisions concerning the service provider, the services and the recipient of services, excluding any rules which are not specifically aimed at the services defined in that point.”
For the purposes of that definition
“a rule shall be considered to be specifically aimed at Information Society Services where, having regard to its statement of reasons and its operative part, the specific aim and objective of all or some of its individual provisions is to regulate such services in an explicit and targeted manner.”
and
“a rule shall not be considered to be specifically aimed at Information Society Services if it affects such services only in an implicit or incidental manner.”
Article 1(11) TSD defines “technical regulations” as
“technical specifications and other requirements or rules on services, including the relevant administrative provisions, the observance of which is compulsory, de jure or de facto, in the case of marketing, provision of service, establishment of a service operator or use in a Member State or major part thereof…”
Article 1(12) TSD defines “draft technical regulation” as
“the text of technical specification or other requirement or of a rule on services, including administrative provisions, formulated with the aim of enacting it or of ultimately having it enacted as a technical regulation, the text being at a stage of preparation at which substantial amendments can still be made.”
Article 8(1) TSD requires Member States to communicate to the Commission “any draft technical regulation” along with a statement of the grounds which make the enactment of such a technical regulation necessary, where these have not already been made clear in the draft. It also provides that, where appropriate, Member States must also communicate
“the text of the basic legislative or regulatory provisions principally and directly concerned, should knowledge of such text be necessary to assess the implications of the draft technical regulation.”
Article 9(1) provides for a standstill period of three months from the date of receipt by the Commission of the notification of a draft rule on services.
By Article 9(2), that period may be extended to four months in the event that the Commission or another Member State delivers a detailed opinion, within the three month period, to the effect that the draft rule on services notified may create obstacles to the free movement of services or to the freedom of establishment of service operators within the internal market. The Member State concerned must then report to the Commission on the action it proposes to take on such detailed opinions. The Commission must then comment on that reaction.
Alternatively, by Article 9(4), that period may be extended to twelve months in the event that the Commission announces its finding that the draft technical regulation concerns a matter which is covered by a proposal for a directive, regulation or decision which has been presented to the Council.
The Purpose of the Notification Requirement
The main purposes of the notification requirement emerge from the terms of Article 9 itself: it is to allow the Commission and other Member States to propose any amendments which might remove or reduce any restrictions which a rule on services might create on the free movement of services or the freedom of establishment, and to serve the interests of transparency and legal certainty by ensuring that there is an opportunity for Member States to take into account the potential introduction of forthcoming EU legislation which covers some or all of the same ground that the national measure is designed to address. (See Case C-42/07 Liga Portuguesa de Futebol Profissional v Departamento de Jogos [2009] ECR 1-7633, by Advocate General Bot at [53] and [168]-[178]).
Those purposes are reinforced by the recitals to the original TSD 98/34/EC (which concerned only technical requirements related to products rather than services), which provided:
“(2) Whereas the internal market comprises an area without internal frontiers in which the free movement of goods, persons, services and capital is ensured; whereas, therefore, the prohibition of quantitative restrictions on the movement of goods and of measures having equivalent effect is one of the basic principles of the community;
(3) Whereas in order to promote the smooth functioning of the internal market, as much transparency as possible should be ensured as regards national initiatives for the establishment of technical standards or regulations;
(4) Whereas barriers to trade resulting from technical regulations relating to products may be allowed only where they are necessary in order to meet essential requirements and have an objective in the public interest of which they constitute the main guarantee;
(5) Whereas it is essential for the Commission to have the necessary information at its disposal before the adoption of technical provisions; whereas, consequently, the Member States which are required to facilitate the achievement of its task pursuant to Article 5 of the Treaty must notify it of their projects in the field of technical regulations;
(6) Whereas all the Member States must also be informed of the technical regulations contemplated by any one Member State;
(7) Whereas the aim of the internal market is to create an environment that is conducive to the competitiveness of undertakings; whereas increased provision of information is one way of helping undertakings to make more of the advantages inherent in this market; whereas it is therefore necessary to enable economic operators to give their assessment of the impact of the national technical regulations proposed by other Member States, by providing for the regular publication of the titles of notified drafts and by means of the provisions relating to the confidentiality of such drafts;
(8) Whereas it is appropriate, in the interests of legal certainty, that Member States publicly announce that a national technical regulation has been adopted in accordance with the formalities laid down in this Directive;
(9) Whereas, as far as technical regulations for products are concerned, the measures designed to ensure the proper functioning or the continued development of the market include greater transparency of national intentions and a broadening of the criteria and conditions for assessing the potential effect of the proposed regulations on the market;
(10) Whereas it is therefore necessary to assess all the requirements laid down in respect of a product and to take account of developments in national practices for the regulation of products;
…
(13) Whereas the Commission and the Member States must also be allowed sufficient time in which to propose amendments to a contemplated measure, in order to remove or reduce any barriers which it might create to the free movement of goods;
(14) Whereas the Member State concerned must take account of these amendments when formulating the definitive text of the measure envisaged.”
Directive 98/48/EC, which amended the TSD to embrace rules on services, also provided in its recitals:
“(1) Whereas, in order to promote the smooth functioning of the internal market, as much transparency as possible should be ensured as regards the future national rules and regulations applying to Information Society services, by amending Directive 98/34/EC;
…
(8) Whereas, without coordination at Community level, this foreseeable regulatory activity at national level might give rise to restrictions on the free movement of services and the freedom of establishment, leading in turn to a refragmentation of the internal market, over-regulation and regulatory inconsistencies;
(9) Whereas, in order to ensure real and effective protection of the general-interest objectives involved in the development of the Information Society, there is a need for a coordinated approach at Community level when questions relating to activities with such highly transnational connotations as those of the new services are dealt with;
…
(12) Whereas it is therefore necessary to preserve the smooth functioning of the internal market and to avert the risks of refragmentation by providing for a procedure for the provision of information, the holding of consultations, and administrative cooperation in respect of new draft rules and regulations; whereas such a procedure will help, inter alia, to ensure that the Treaty, in particular Articles 52 and 59 thereof, is effectively applied and, where necessary, to detect any need to protect the general interest at Community level; whereas, moreover, the improved application of the Treaty made possible by such an information procedure will have the effect of reducing the need for Community rules to what is strictly necessary and proportional in the light of the internal market and the protection of general-interest objectives; whereas, lastly, such a procedure will enable businesses to exploit the advantages of the internal market more effectively;”
It is common ground that, if a technical regulation within Article 1(11) TSD is not duly notified, it is unenforceable at national level: see Case C-194/94 CIA Security International [1996] ECR I-2201, at [44] and [45].
The Relevant Case Law
In Case C-317/92 Commission v Federal Republic of Germany [1994] ECR-1-2039 the Court of Justice held that a legislative measure of the German Federal Minister of Health, requiring sterile medical instruments to be labelled with specific expiry dates, should have been notified under the TSD as it then stood and before relevant amendment. The Court stated at [25]:
“… The German regulation in question constitutes a new technical specification within the meaning of Article 1, cited above, since non-reusable sterile medical instruments may henceforth be marketed or used in Germany only if certain obligations are fulfilled the application of which was formerly confined to the labelling of medicinal products. The application, to given products, of a rule which previously only affected other products, constitutes, with regard to the former, a new regulation and must therefore be notified in accordance with the directive.”
The primary German legislation provided that the packaging of medical products had to show the expiry date by reference only to two stipulated days of the year; and it appears that the Federal Minister for Health was specifically empowered to extend, by regulation, this requirement to other medicinal products stricto sensu and also to other products that under German law were regarded as medicinal. The primary German legislation had been duly notified to the Commission. The German government, therefore, argued that such notification of the enabling provisions “covered” the specific regulation extending the contested requirement to products which were not medicines under Community Law. The Court rejected that argument at [26]:
“… that enabling measure, taken as such, does not require to be notified on the basis of Article 8 [of the TSD as it then stood] aforesaid since it does not constitute a new specification. The situation is different as regards the implementation of that measure, which does constitute a new specification which must be notified.”
It seems to me that the Court of Justice was not saying that the provisions generally of the primary German legislation did not in principle require notification. The Court was simply saying that the enabling provision, standing alone, was not notifiable because, unless and until the Federal Minister exercised his power to extend the scope of the contested requirement, the enabling provision imposed no relevant obligation or liability upon individuals or undertakings.
The second case is Case C-194/94 CIA Security International SA v Signalson SA and Securitel SPRL [1996] ECR I-2201, (“CIA”). Under Article 12 of Belgian legislation of April 1990:
“The alarm systems and networks … and their components may be marketed or in any event made available to users only after prior approval has been granted under a procedure to be laid down by royal decree.”
In May 1991 a decree was adopted on the basis of Article 12, which prohibited the marketing in Belgium of the relevant products if they had not been approved by a special committee, such approval to be given only if the products satisfied specified criteria. Neither Article 12 nor the decree was notified to the Commission in accordance with the TSD as it then stood. As regards the 1991 decree the Court of Justice had no hesitation in concluding that it was a technical regulation:
“… it contains detailed rules defining, in particular, the conditions concerning the quality tests and function tests which must be fulfilled in order for an alarm system or network to be approved and marketed in Belgium…” at [26].
However, there was a real contest between the parties as to whether Article 12 of the 1990 law was a technical regulation. It is common ground in the present claim that the Court’s resolution of that contest is central to the first ground of challenge, and I, therefore, set out in full the Court’s discussion of the issue:
“27. As regards Article 12 of the 1990 Law, it is to be recalled that it provides that the products in question may be marketed only after having been previously approved according to a procedure to be laid down by royal decree, which was laid down by the 1991 Decree.
28. According to the Commission and CIA Security, Article 12 of the 1990 Law constitutes a technical regulation within the meaning of the Directive 83/189 whilst Signalson, the United Kingdom and the Belgian Government, in their written observations, submit that this article is merely a framework law not comprising any technical regulation within the meaning of Directive 83/189.
29. A rule is classified as a technical regulation for the purposes of Directive 83/189 if it has legal effects of its own. If, under domestic law, the rule merely serves as a basis for enabling administrative regulations containing rules binding on interested parties to be adopted, so that by itself it has no legal effect for individuals, the rule does not constitute a technical regulation within the meaning of the directive (see the judgment in Case C-317/92 Commission v Germany [1994] ECR I-2039, paragraph 26). It should be recalled here that, according to the first subparagraph of Article 8(1) of Directive 83/189, the Member States must communicate, at the same time as the draft technical regulation, the enabling instrument on the basis of which it was adopted, should knowledge of such text be necessary to assess the implications of the draft technical regulation.
30. However, a rule must be classified as a technical regulation within the meaning of Directive 83/189 if, as the Belgian Government submitted at the hearing, it requires the undertakings concerned to apply for prior approval of their equipment, even if the administrative rules envisaged have not been adopted.
31. The reply to be given to the third and fourth questions must therefore be that a rule such as Article 4 of the 1990 Law does not constitute a technical regulation within the meaning of Directive 83/189 whereas provisions such as those contained in the 1991 Decree do constitute technical regulations and that classification of a rule such as Article 12 of the 1990 Law depends on the legal effects which it has under domestic law.”
Mr White QC, who appeared for the Claimants and made his submissions (both written and oral) with great force and admirable clarity, contended that in the passages cited above the Court of Justice was drawing a distinction between, on the one hand, mere enabling provisions (such as were considered in Commission v Germany: see paragraph 64 above) and a substantive legal requirement, such as that in Article 12 of the Belgian law. The latter would be a technical regulation. On that view, it did not matter whether the legal requirement, when enacted and/or brought into force, had binding effect, or whether the binding effect of the requirement was rather made contingent upon the incidence of some subsequent event (such as, for example, a commencement measure or another measure that might give greater content or substance to the requirement). Only an enabling measure of the kind found in Commission v Germany was ruled out as a technical regulation.
Mr Eadie QC, to whose lucid submissions I am also indebted, contended that this is an incorrect reading of CIA. I accept his submission on this point. In my judgment, the true test that emerges from the cited passages is whether the measure in question “by itself” has “legal effect for individuals”; and that, therefore, for a measure to have legal effect by itself it must be binding and be sufficiently precise and specific so as to be enforceable against an affected individual. In CIA the requirement in Article 12 of the Belgian law to apply for approval for the relevant product was unambiguous and self-contained. However, there was uncertainty, simply from a perusal of the text of the Belgian law, whether the requirement in Article 12 had legal effect, or whether the legal effect of Article 12 was contingent upon the subsequent enactment of implementing measures of a kind adopted in the 1991 decree. (In the latter event there might well of course have been transitional provisions to enable existing products to continue to be marketed pending a decision under the new controls). If the legal effect was made contingent, the measure was not a technical regulation. Although the Belgian Government submitted (apparently by way of concession) that the undertakings concerned were bound to apply for prior approval even before the adoption of the 1991 decree, the Court of Justice quite properly considered that the correct interpretation of Article 12 was a matter for the Belgian courts, not the executive, and so for that reason left the disposition of the issue arising under that Article to be decided by the national court. It seems to me plain that if, and only if, the Belgian court did in the event agree with the interpretation put forward by the Belgian government, namely, that the effect of the requirement under Article 12 was not contingent upon the enactment of the 1991 decree, the measure in question was a technical regulation.
In my view, this interpretation of CIA is reinforced by the observations of Advocate General Elmer at [45] of his Opinion:
“The Law and the 1991 Decree introduced a type approval procedure for alarm systems and networks. Article 12 of the Law laid down, as stated, the actual requirement of prior approval of alarm systems and networks. At the hearing the Belgian government explained that even without the 1991 Decree Article 12 of the Law would not be without legal effect. The provision is thus not merely an enabling provision (see the situation in Case C-317/92 Commission v Germany [1994] ECR I-203, para 26), but is on the contrary a significant substantive regulation. Article 8 of the directive can hardly, in my view, be interpreted to the effect that such a general requirement concerning prior approval should be exempted from the obligation to inform the Commission, inasmuch as it can stand alone. Irrespective of its general character, such a requirement concerns the product's properties. Furthermore, its enforcement would per se create great uncertainty on the part of traders and thus give rise to not insignificant obstacles to trade. A provision such as that contained in Article 12 of the Law must therefore, in my view, be regarded per se as a technical regulation which must be notified.”
In other words, Article 12 of the Belgian law “standing alone” had legal effect and such effect represented a real impediment to cross border trade. That legal effect and real impediment was in no way contingent upon the enactment of the later decree.
In my view, if Mr White’s interpretation of CIA were correct, there would have been no point in the Court of Justice leaving the ultimate issue to be determined by the Belgian courts. It was plain from a simple perusal of the text of Article 12 of the Belgian law that that Article was not a mere enabling provision: it constituted, as the Advocate General in terms observed, a substantive requirement. If that was the relevant contrast, no further input was needed, either from the Belgian government or the Belgian courts. However, that was not the relevant contrast. It was necessary to determine whether the substantive requirement had legal effect even before the enactment of the 1991 decree, a question of interpretation of national law that only the national judge could properly answer.
The practical result of CIA was that, even if the Belgian government had furnished to the Commission a draft of the 1991 implementing decree, that by itself would not have saved Article 12 if, but only if, the requirement of that Article standing alone and in the absence of any implementing measure was legally enforceable against individuals.
The third authority is Sapod Audi v Eco–Emballages SA [2002] ECR I-5031, ECJ Case C-159/00. In that case a French law required that producers were required to “identify” certain packaging, and the relevant issue was whether an obligation to “identify” a product or its packaging was, for the purposes of the TSD as it then stood, a “specification … which lays down the characteristics required of a product” (emphasis added). Taken literally, an obligation to identify something (such as pointing out one’s luggage to a customs officer) is not coterminous with an obligation to mark something (such as putting a label on one’s luggage). On that linguistic footing, the French law did not literally fall within the definition (see judgment of the Court at [30]). However, such a literal interpretation of the French law bordered on the unreal in circumstances where in fact identification could be achieved only by marking. As Advocate General Jacobs observed at [36] of his Opinion:
“At the hearing it was accepted by all of those present that in order to comply [with the French law] producers must affix some form of distinguishing mark to the packaging in which they market household goods … [The French law] thus requires products to be identified, but does not insist on the use of a particular mark or symbol.”
The Court of Justice decided that, despite the common accord of those present at the oral hearing, the correct interpretation of national law was strictly for the national court [31], and then continued:
“32. Consequently, the Court must also consider the possibility that, in the light of all the factual and legal evidence before the national court, that court will reach the conclusion that the second paragraph of Article 4 of Decree No 92-377 must be interpreted as imposing on producers an obligation to mark or label the packaging, although not specifying what sign must be affixed.
33. In such an event, it would have to be held that that provision is in fact a technical specification within the meaning of Directive 83/189 and, consequently, that, since the obligation is imposed by decree in the case of marketing of packaged products throughout the national territory, that provision constitutes a technical regulation.
34. In that case, even though the detailed rules regarding the marking or the labelling remained to be defined, marking or labelling would, in itself, be compulsory, also for imported products (see, in particular, Case C-13/96Bic Benelux [1997] ECR I-1753, paragraph 23). In addition, having regard to the aim of Directive 83/189, namely the protection of free movement of goods by means of preventive control (see, in particular, Case C-194/94CIA Security International [1996] ECR I-2201, paragraphs 40 and 48), such a control, implemented in accordance with the procedure prescribed by that directive, would be both appropriate and possible.”
It seems to me that Sapod, for present purposes, therefore, does no more than emphasise that whether a particular measure is a technical regulation may depend upon the correct interpretation of national law: in CIA the national judge had to decide whether the measure, on its true meaning, had “legal effect”; in Sapod whetherthe measure in fact imposed a legal obligation to put some form of distinguishing mark on the physical product or packaging.
Claimants’ Submissions on the First Ground
Mr White submitted that the “initial obligations provisions”, in particular, (see paragraphs 39-43 above) were technical regulations within the meaning of Article 1(11) of the TSD, in accordance with the case law of the Court of Justice in respect of the TSD as it stood at the relevant time.
He contended, first, that the inherent nature of the initial obligations fell squarely within the description of “rule on services” in Article 1(5), such a rule being expressly made by Article 1(11) a technical regulation. That proposition is not disputed. Secondly, he said that the initial obligations cannot sensibly be regarded as mere enabling legislation of a kind considered at one point in Commission v Germany (see paragraph 64 above). That also was not contested. Thirdly, he argued that the initial obligations were of themselves sufficiently precise and specific so as to be enforceable against individuals, and, therefore, had the “legal effect” described by the Court of Justice in CIA. It was irrelevant that the initial obligations were not yet binding on ISPs (because no Code had yet been promulgated and brought into effect); and it was irrelevant that what he characterised as the “detail” of the initial obligations had not yet been developed by the anticipated Code. In any event, a Code was mandated by the DEA 2010 (see paragraphs 41 and 42 above) and, therefore, the ultimate binding effect of the initial obligations was a foregone conclusion.
He argued that the foregoing analysis rested upon the best interpretation of EU law, essentially for three reasons. First, it most effectively promoted the objectives of Article 9 TSD (see paragraphs 57-59 above) and legal certainty. The Commission and interested Member States would, at the earliest opportunity, be able to comment on the initial obligations from the perspective of Community law, and to propose amendments which they believed would better advance the aims, and reflect the principles, of that law. If, close to enactment, a draft Bill containing the initial obligations had been furnished to the Commission and Member States, the United Kingdom, through its appropriate institutions, could have sought, in the light of any proposals received from the Commission and/or Member States, to amend the Bill before enactment into the DEA. Economic operators, including ISPs, would also have learnt at an early stage what, if any, comments on the Bill had been made at the EU level, and what, if any, action the UK intended to take in the light of such comments.
Secondly, he argued that his interpretation was more in accord with Article 1(12) TSD. The initial obligations having been enacted and brought into force, the only “draft technical regulation” that could be notified under the TSD was a draft of the Code, because that was the only text that was still “at a stage of preparation at which substantial amendments can be made”. However, the Code would largely, if not wholly, reflect the primary provisions of the DEA, and, if substantial amendments needed to be made following the procedure in Article 9 TSD, those primary provisions, as well as provisions in the Code, would in all probability also need amendment, a scenario not contemplated by Article 1(12) TSD.
Thirdly, he argued that any other interpretation would create anomalies. For example, if an obligation had no “legal effect” simply because its effect was made contingent upon some later event, then the duty to notify could be put off so long as that event, such as a statutory commencement order, was not imminent. He also pointed to an alleged inconsistency in the Defendant’s position: why notify the draft Costs Order at this stage when, apparently on the Defendant’s case, the Order would have no “legal effect” until the Code had been promulgated and brought into force?
First Ground: Discussion
In my judgment, the fundamental difficulty with Mr White’s analysis is that, on their proper interpretation (which, as the Court of Justice has stressed on at least two occasions: see paragraphs 74 and 77 above, is a matter for the national court), the initial obligations enacted by the DEA and brought into force are not yet legally enforceable against any individual, including ISPs such as the Claimants; and, therefore, they do not have the “legal effect” described in the Court’s case law. They are not legally enforceable for two distinct, but related, reasons. First, the incidence of the initial obligations on ISPs is made expressly contingent upon the promulgation and enactment of the Code. Without the Code, the initial obligations simply beat the air in legal terms. Secondly, the initial obligations are not yet sufficiently particularised as to be enforceable: the actual content of the obligations is to be spelled out in the Code.
As to the first point, I have already set out the relevant provisions at some length and need not repeat them. I put forward by way of example Section 124A(2) which permits a copyright owner to make a CIR to the ISP “if a code in force under section 124C or 124D … allows the owner to do so”. In my view, the Parliamentary meaning could not be clearer: unless and until a code is in force the ISP is not liable to receive a copyright infringement report under the DEA and an ISP is not obliged to take any action in respect of any such report pursuant to the DEA. Copyright owners may send copyright infringement reports, but they have no consequences under the DEA unless and until a code is in force.
As to the second point, although section 124E sets out the criteria which the Code must fulfil, it is the code itself which will define the substantive content of the initial obligations. For example, the Code will specify the circumstances in which a copyright owner will be allowed to make a CIR, the means by which evidence must be obtained and the standard of proof which is required. The Code will also specify the circumstances in which an ISP will be required to provide a copyright infringement list to a copyright owner and determine the number of CIRs that must be made in respect of a subscriber before he becomes a “relevant subscriber”. Importantly, although sections 124E(1)(f)-(g), 124E(7)-(8) and 124M require provision to be made about contributions towards meeting costs, they do not specify what that provision should be. That is left to the Costs Order, which will take effect when the Code itself takes effect.
In my view, none of the points made by Mr White undermines this conclusion. It is contentious whether the Commission or other Member States would have been better placed to comment upon the initial obligations if the United Kingdom had adopted the course which he argues it was legally obliged to adopt. Mr Eadie argued strongly that, in the absence of a draft Code, the Commission and other Member States would have been left in the dark about significant parts of the content of the initial obligations, and either would not have been able to comment in a sufficiently informed and constructive manner, or would have been tempted to make assumptions that turned out to be unfounded: in short, a premature, pointless, time wasting and resource absorbing exercise. In my view, this particular debate cannot be satisfactorily resolved either way, and cannot, therefore, be decisive or significantly influential on the resolution of the relevant legal issue.
Nor do I apprehend any particular difficulty under Article 1(12) TSD with the foregoing interpretation. It is common ground that the Code is to be notified in draft, and the Code may, therefore, be substantially amended before enactment as Article 1(12) provides. It is the Code that in strict legal terms will constitute the technical regulation. However, it is plain that the DEA itself must be provided to the Commission and other Member States so that they can properly set the Code in its full legislative context. If the Code required such fundamental amendment that the provisions of the DEA itself required amendment, such amendment could be effected, if necessary, under the relevant provisions of the European Communities Act 1972. The essential point is that it is the enactment of the Code which gives legal life and real content to the initial obligations; and the text of the Code will be furnished under Article 1(12) at a time when substantial amendments to the Code can still be made before the Code is enacted and takes legal effect. The purpose of Article 1(12) is to prevent technical regulations from being enacted and being enforceable against individuals before the Commission and other Member States have had an opportunity to comment upon the proposed regulation. For the reasons stated, that purpose is not defeated or impeded in this case by notification of the code rather than a draft Bill containing the initial obligations: until the code is enacted and comes into effect there is simply no relevant legally enforceable obligation on individuals.
As to Mr White’s third point, each situation will have to be assessed on its own particular facts. It may well be that once enacted a measure could be a technical regulation if all that was lacking was a simple provision to bring the measure into force. In such a case, in contrast to the present one, it would be difficult to see how the commencement provision, having no substantial content, could be a technical regulation, and how the measure itself, having been enacted, was still “in draft” for the purposes of Article 1(12). In such circumstances the correct course would probably be to notify the measure before it was enacted, and so “in draft”, even if it was not intended to bring the measure immediately into force.
Mr White had one final point. In May 2010 Ofcom sent a draft notice to BT and other ISPs requiring the provision of information. The notice was headed “Digital Economy Act – Initial Obligations Code: [Draft] Notice requiring the provision of specified information under Section 135 of the Communications Act 2003”. The first two paragraphs of the notice read:
“This is a [draft] notice under Section 135 of the Communications Act 2003 (“the Act”) addressed to BT Group plc, whose registered company number is 4190816 and any subsidiary or holding company, or any subsidiary of that holding company, all as defined in section 1159 of the Companies Act 2006.
This notice requires you to provide the information set out below, in the manner and form specified, for the purposes of enabling Ofcom to carry out its functions in relation to the making of a code under section 124D of the Act to regulate the obligations of internet service providers under sections 124A and 124B of the Act.”
Mr White argued that the obligation to provide information arose under the DEA and that the existence of such an obligation showed that the initial obligations had taken “legal effect”. Mr Eadie submitted that the obligation to provide information did not arise under the DEA, the implication being that Ofcom had misunderstood its powers. I do not believe that either submission is correct, for the following reasons.
Section 135(1) of the DEA provides:
“135 Information required for purposes of chapter 1 functions
(1) Ofcom may require a person falling within subsection (2) to provide them with all such information as they consider necessary for the purpose of carrying out their functions under this Chapter.”
Section 124D obliges Ofcom, in circumstances which have now arisen, to make a code for the purposes of regulating the initial obligations. That obligation is a new regulatory function of Ofcom that arises only by virtue of the DEA, and that function falls squarely within the terms of section 135(1). Accordingly, as a result of the combined effect of section 124D and section 135(1), ISPs and others come under a new liability to provide information, if Ofcom requires, for the purposes of Ofcom’s new function. In my view, Ofcom was entirely correct to make the request (even if in draft) under section 135 and was not mistaken about its powers, as Mr Eadie’s argument implied. Furthermore, I cannot at present see why the new liability imposed on, among others, ISPs, would not itself be a “rule on services” and hence a technical regulation falling within the TSD. Neither party, given the confines of their respective cases, specifically addressed that issue. Nonetheless, the liability referred to is specific and limited: it is to provide information to assist Ofcom to draw up the initial obligations code. It does not in itself make the initial obligations legally enforceable against ISPs, and does not give relevant legal effect to those obligations. It would appear common ground that this new liability was not notified “in draft” under Article 9 TSD, and the inevitable consequence would seem to be that, in the absence of such notification, ISPs and others could not be legally required to provide information under section 135 specifically to assist Ofcom to discharge its new function under section 124D. Whether Ofcom has other compulsory powers that would enable such information to be obtained was not a matter explored before me.
Finally, on this ground, Mr White realistically acknowledged that if he could not show that the initial obligations were technical regulations then he had little chance of showing that the other contested provisions were such regulations. That must be correct. There is no present obligation to bring any technical obligations under the DEA into effect (see paragraphs 45 and 46 above). The appeals provisions are dependent upon the initial obligations coming into effect, as are the provisions allowing Ofcom to impose penalties on ISPs (see paragraphs 47-50 above). Similarly, section 17 does no more at this stage than enable the Secretary of State to make provision by regulations for blocking injunctions (see paragraph 51 above). None of these provisions, therefore, presently has relevant legal effect for individuals.
The Second Ground: Breach of the e-Commerce Directive (“ECD”)
It is alleged that the contested provisions infringe certain Articles of the ECD. Certain propositions are common ground.
The provision of ISP services (by way of access to the internet or an email communication service) constitute the provision of information society services under the ECD (see recitals (17) and (18) and Articles 2(a) and (b) of the ECD).
Under Article 3(2) of the ECD, Member States may not, for reasons falling within “the co-ordinated field”, restrict the freedom to provide information society services from another Member State. Article 1 sets out the objective and scope of the ECD. The objective is the free movement of, among other things, ISP services. Under Article 3(1) the services provided by an ISP established in a Member State are intended to be regulated by the Member State of establishment (the “country of origin” principle). The Explanatory Memorandum to the Commission’s Initial Proposal stated that Article 3(2):
“prohibits in principle all forms of restriction to the freedom to provide Information Society services, i.e. any actions on the part of a Member State liable to hamper or otherwise make the free provision of services less attractive. However, possible exemptions from the principle are provided for in Article 22(2) and (3) [later moved into Article 3 of the ECD].”
It is contended that the contested provisions of the DEA infringe, in particular, Articles 12, 15 and 3(2) of the ECD, and I shall consider each of these Articles in turn.
Article 12
Article 12 ECD provides as follows:
“1. Where an information society service is provided that consists of the transmission in a communication network of information provided by a recipient of the service, or the provision of access to a communication network, Member States shall ensure that the service provider is not liable for the information transmitted, on condition that the provider:
(a) does not initiate the transmission;
(b) does not select the receiver of the transmission; and
(c) does not select or modify the information contained in the transmission.
2. The acts of transmission and of provision of access referred to in paragraph 1 include the automatic, intermediate and transient storage of the information transmitted in so far as this takes place for the sole purpose of carrying out the transmission in the communication network, and provided that the information is not stored for any period longer than is reasonably necessary for the transmission.
3. This Article shall not affect the possibility for a court or administrative authority, in accordance with Member States’ legal systems, of requiring the service provider to terminate or prevent an infringement.”
I was referred in some detail to the legislative history of Article 12 (and of Article 15 which is within the same general terrain), including the Press Release publishing details of the Commission’s proposal for what became the ECD, the Explanatory Memorandum to the proposal, and proceedings in the European Parliament. I need not rehearse that material, for the fundamental point that Mr White extracted from it was that, in the words of the European Commission, Article 12 “struck a careful balance between the different interests involved in order to stimulate cooperation between different parties thereby reducing the risk of illegal activity on-line”. The different interests involved plainly include at least the interest of the copyright owner, wishing to achieve maximum protection for the copyright product, and to secure the most effective remedies for copyright infringement; and the interest of the ISP, wishing to realise the most efficient transmission of information, with minimal responsibility for its actual content. The tension between these interests is obvious and palpable.
Mr White invited the Court to infer from the point that he had extracted from the legislative material that the immunity conferred on mere conduit ISPs by Article 12 (and by Article 15) was a very wide one, and that the precise language of these Articles could and should be stretched beyond its natural and ordinary meaning to achieve the assumed legislative purpose. However, I draw a different conclusion from the material. It seems to me that if the Community legislator, as in this instance, has chosen specific language to give effect to a careful balancing of competing interests, the judge must be especially cautious before departing from the plain meaning of the text. To depart from that meaning creates the obvious risk of promoting the interest of one economic sector to the detriment of the other interested sector, and hence of seriously upsetting the balance between competing interests that the legislator has carefully struck. It was for this very reason that the Commission rejected certain amendments to its legislative proposal that the European Parliament put forward which would have affected the balance struck by the text of Article 12.
It seems to me, particularly in the light of that legislative history, that liability “for the information transmitted” is a carefully delineated and limited concept. As regards copyright material, this language is broadly contemplating a scenario in which a person other than the ISP has unlawfully placed the material in the public domain or has unlawfully downloaded such material, and a question then arises whether the ISP, putatively a mere conduit for the transmission of the information, also incurs a legal liability in respect of the infringement. That liability could take the form of a fine (in criminal or regulatory proceedings) or damages or other compensation payable to the copyright owner, or some form of injunctive relief. The liability could be joint and several with the other person, or it could simply be a default liability if the other person could not be found, or was not worth pursuing, or was insolvent. This reflects an age old problem, where owners of intellectual property rights have sought effective remedies against those that they perceive to have facilitated the infringement of those rights, although at the time these other persons may well have had no knowledge that any specific infringement was taking place. In the United Kingdom liability under the Copyright, Designs and Patents Act 1988 turns on whether the intermediary has “authorised”, that is, “sanctioned, countenanced or approved” (Evans v Hulton [1924] 131 LT 534) the infringement. In the leading case, the supply of machines capable of use by buyers for copying copyright works was not an “authorisation” where the supplier had no control over the use of the machine, which was capable of legitimate use: CBS Songs Ltd v Amstrad Consumer Electronics Plc [1988] 1 AC 1013.
It also seems to me that this interpretation is perfectly consistent with Article 12(3). In the scenario just described it is conceivable that the copyright owner might in certain cases be able to draw the attention of the ISP to the fact of a present infringement, or to the likelihood of a specific infringement occurring in the future, and to invite the ISP to terminate or prevent such an infringement. In these circumstances, if the ISP was liable to terminate or prevent the present or future infringement, a real question could arise as to whether the ISP was being made liable “for the information transmitted”, or was rather simply coming under an obligation to use its technical facilities to terminate or prevent an infringement, in respect of the information transmitted, committed by another person. The “careful balance” struck by the Community legislator settles that issue, and removes all uncertainty, by allowing Member States to authorise the courts or competent administrative authority to order the ISP to terminate or prevent the infringement, so long as the ISP is not made liable (by way of fine or compensation) in respect of the infringement itself.
On this reading of Article 12 it would also appear that the jurisdiction of the High Court arising from Norwich Pharmacal v Customs and Excise Commissioners [1974] AC 133 (“Norwich Pharmacal”) (see now CPR 31.18) is entirely consistent with EU law. If the relevant conditions are satisfied, the Court may order an ISP, which has been no more than a mere conduit in the unlawful transmission of copyright material, to disclose the identity of the infringing subscriber to the copyright owner. Again the ISP is made liable under the terms of the court order, not in respect of the subscriber’s infringement of copyright, but to take steps that are intended to facilitate the copyright owner in asserting his rights against the infringing party. This is a liability that arises because of the nature of the information (copyright material) that the ISP has transmitted. On a broad interpretation of Article 12 it seems to me that Norwich Pharmacal orders would run the risk of violating that Article, as such orders place burdens on ISPs even if a Claimant copyright owner in such proceedings is ordinarily required to pay a blameless ISP’s expenses in providing the identity of an infringing subscriber (see CPR 31.18).
The reading is also consistent with the implementation of Article 12 in UK law. Regulation 17(1) of the Electronic Commerce (EC Directive) Regulations 2002 provides:
“Where an information society service is provided which consists of the transmission in a communication network of information provided by a recipient of the service or the provision of access to a communication network, the service provider (if he otherwise would) shall not be liable for damages or for any other pecuniary remedy or for any criminal sanction as a result of that transmission where the service provider—
(a) did not initiate the transmission;
(b) did not select the receiver of the transmission; and
(c) did not select or modify the information contained in the transmission.”
Mr White, in support of this ground of challenge, relied upon certain liabilities of ISPs under the DEA: for example, their potential exposure to financial penalties in the event of failure to comply with their obligations under section 124L; their liability to bear 25 per cent of Ofcom’s regulatory costs, and any appeal costs under section 124M and the Costs Order; and the fact that ISPs will incur expense in complying with the provisions of any Initial Obligations Code or Technical Obligations Code.
However, penalties may be imposed under section 124L only as a sanction for a breach of an initial obligation, for example, by a failure to notify a subscriber of a CIR, or to provide a copyright owner with a Copyright Infringement List (“CIL”), or for a breach of a technical obligation (a failure to take a technical measure against a relevant subscriber), or for a failure to give Ofcom any assistance that they reasonably require for the purposes of complying with any direction by the Secretary of State. These liabilities arise as a result of the specific scheme established by the DEA, of which the core obligations, so far as concern ISPs, are that ISPs are obliged to receive CIRs from copyright owners and to communicate such CIRs to their subscribers, and to compile CILs for onward transmission to copyright owners. These core obligations do not constitute any liability “for the information transmitted”, that is, in respect of the underlying infringement of copyright that has given rise to CIRs and CILs, as explained earlier. Without the underlying infringement, there would be no CIR or CIL: but the legal test is not whether a liability has arisen because there was an initial infringement of copyright; the liability must arise in respect of that underlying infringement, so that the liability is for the information transmitted. The liabilities or costs referred to by Mr White are wholly dependent upon the regulatory regime under the DEA and are essentially parasitic on the core obligations of the ISPs. In that sense they are one stage removed from the core obligations and do not, any more than those obligations, constitute any liability “for the information transmitted”. The same analysis applies to costs and/or compensation arising from subscriber appeals. The liability to pay such costs and/or compensation arises in essence from the failure of an ISP to discharge its core obligations under the DEA. Nor does any eventual requirement to take technical measures impose a liability “for the information transmitted”: such a requirement is an element in a regulatory procedure designed to put appropriate controls on those subscribers who, despite other measures, have persisted in copyright infringements.
Mr White frankly accepted that the foregoing obligations and costs could fall within Article 12 only if the crucial words of that Article meant “an economic or other burden falling on an ISP that would not have so fallen if there had not been a transmission of information in breach of copyright, etc.”, or other language to that effect. However, for the reasons already given, I am not able to extract such an extended meaning from the language of Article 12 without doing violence to that language and thereby upsetting the careful balance represented by the text. I should perhaps add that in this context Mr White laid stress on Article 12(3). He argued that what he called “primary” and “secondary” infringers would not benefit from the immunity conferred by Article 12(1), because such infringers, being necessarily closely involved with the infringement, could not be regarded as “mere conduits” under Article 12. Therefore the immunity must cover some class beyond primary and secondary infringers, and must in turn extend to the liabilities of ISPs under the DEA. However, in my judgment, the premise of that argument is very dubious. It seems to me that it is quite conceivable that under some systems of copyright law a transmitter, who was a mere conduit and who had in fact not perpetrated or “authorised” the copyright infringement, might be made liable, as a matter of policy, for the infringement as if he had so perpetrated or authorised it. The EU embraces many Member States and, in the absence of a provision such as Article 12, it seems to me very possible that one or more might choose a legislative solution to the tension between copyright owners and ISPs that more markedly advanced the interests of the creative industries. Article 12(1) would then serve a very valuable purpose of precluding the imposition of such extended liability on those who were mere conduits. In any event, even if Article 12 was aimed at persons other than primary and secondary infringers, in Mr White’s sense, that would still be a long way from showing that the immunity conferred by Article 12 was as extensive as that required for Mr White to succeed in this claim. Finally, in my view, as already explained, Article 12(3) is perfectly intelligible on a natural reading of Article 12(1).
Breach of Article 15 ECD
Article 15 provides:
“1. Member States shall not impose a general obligation on providers, when providing the services covered by Articles 12, 13 and 14, to monitor the information which they transmit or store, nor a general obligation actively to seek facts or circumstances indicating illegal activity.
2. Member States may establish obligations for information society service providers promptly to inform the competent public authorities of alleged illegal activities undertaken or information provided by recipients of their service or obligations to communicate to the competent authorities, at their request, information enabling the identification of recipients of their service with whom they have storage agreements.”
Under the DEA a copyright owner will file a CIR with an ISP. The CIR must contain the name of the copyright owner who made the report; a description of the apparent infringement; and evidence of the apparent infringement that shows the subscriber’s IP address and the time at which the evidence was gathered. The ISP must then link the IP address with the details of a particular subscriber to whom the IP address was allocated at the material time. The ISP must notify the subscriber that it has received a CIR, informing the subscriber of the nature of the copyrighted work infringed and the time and date of the infringement. The ISP must maintain a database of individual subscribers linking the subscriber with CIRs received from copyright owners. Any CIL reported to a copyright owner will not specifically identify the subscriber, but the system can only be effective if the ISP maintains records linking CIRs to particular identified subscribers. Mr White submits that the DEA, therefore, requires ISPs to “monitor” the information which they transmit, in breach of Article 15(1) ECD.
The Commission’s Explanatory Memorandum (see paragraph 100 above) explained Article 15 as follows:
“This Article establishes that no general obligation should be imposed on providers to screen or to actively monitor third party content. This general rule does not affect the possibility of a court or law enforcement agency requesting a service provider to monitor, for instance, a specific site during a given period of time, in order to prevent or fighting (sic) specific illegal activity.”
That explanation is reflected in recital (47) to the ECD which states:
“Member states are prevented from imposing a monitoring obligation on service providers only with respect to obligations of a general nature; this does not concern monitoring obligations in a specific case and, in particular, does not affect orders by national authorities in accordance with national legislation.”
In case C-236/08 Google France v Louis Vuitton Advocate General Maduro observed in his Opinion:
“142. To my mind, the aim of [the ECD] is to create a free and open public domain on the internet. It seeks to do so by limiting the liability of those which transmit or store information, under its Articles 12 to 14, to instances where they were aware of an illegality.
143. Key to that aim is Article 15 of [the EC], which prevents Member States from imposing on information society service providers an obligation to monitor the information carried or hosted or actively to verify its legality. I construe Article 15 of that directive not merely as imposing a negative obligation on Member States, but as the very expression of the principle that service providers which seek to benefit from a liability exemption should remain neutral as regards the information they carry or host.”
In my judgment, there is nothing in this further material which would tend to suggest that “monitor” (or in French, “surveiller”) has other than its ordinary and natural meaning, that is, to inspect or examine some phenomenon. In the context of information society services, that means inspecting or examining the information that is being, or has been, transmitted, with a view to checking whether the information may lawfully be transmitted, or whether the transmission complies or complied with some other norm regulating the nature of information that may be transmitted. A “general” obligation refers to a systematic arrangement whereby the putative “monitor” is inspecting or examining information randomly, or by reference to particular classes of information or subscribers, and is not focusing on a specific instance that has for apparently good reason been brought to its attention.
The DEA does not require ISPs to monitor information in the above sense. The DEA may impose general obligations on ISPs, but these obligations cannot accurately be called “monitoring”. Nothing in the DEA requires ISPs to inspect or examine the information transmitted for any purpose, including the purpose mentioned earlier concerning the legality of the information transmitted. Copyright owners may well monitor information that is being transmitted, to check whether there is an apparent copyright infringement, but they are not ISPs and they are under no duty by virtue of the DEA to carry out any “monitoring”.
For present purposes, the role of the ISP under the DEA is essentially passive. It receives reports from those who have, in the relevant sense, “monitored” information that has been transmitted. It is the copyright owners who must show (according to substantive criteria and standards of evidence to be set out in the Code) that the information transmitted infringed the owners’ rights. The ISP has itself no general obligation to inspect or examine the information to see whether the transmission might infringe, or has infringed, the rights of any copyright owner. When the ISP sends a CIR to a subscriber, it is not “monitoring” any information. It is simply reporting to the subscriber that, according to information received from another person, the subscriber has infringed the rights of a copyright owner. Similarly, when the ISP sends a CIL to a copyright owner, it is not “monitoring” any information. It is simply reporting to the copyright owner that, according to information held by the ISP, a particular subscriber, identified through the IP address or addresses, has infringed the owner’s rights on a number of occasions (to be specified in the code). The fact that the ISP may by that stage know what kind of information the relevant subscriber is prone to download in breach of the copyright owner’s rights (it may, for example, be lawful pornography) does not, in my view, convert the ISP’s activity into one of “monitoring” that information. The knowledge acquired is no more than a by-product of the different non-monitoring role that I have set out above.
Mr White relied strongly on the Opinion dated 22 February 2010 of the European Data Protection Supervisor (“EDPS”) who, in describing “three strikes Internet disconnection policies” stated that they entailed “generalised monitoring of Internet users’ activities” (see paragraphs 16, 17 and also 21 and 22). In my view, this Opinion adds nothing. It is clear from the context that the EDPS was describing “monitoring” by copyright holders of internet usage with a view to discovering copyright infringement. He was not stating that ISPs under such arrangements were “monitoring” the information transmitted through their services; he was not offering a legal interpretation of Article 15 of the ECD (which would in any event appear to be outside his remit); and he was not saying that anything done by ISPs under the arrangements in question would constitute “monitoring” under that Article.
Mr White also argued that the DEA imposed on ISPs “a general obligation to seek facts or circumstances indicating illegal activity”, contrary to the second part of Article 15(1) ECD. However, it is the copyright owner who actively seeks such facts and circumstances and reports them to the ISP. The ISP itself has no such active role, either when it communicates a CIR to a subscriber or reports a CIL to a copyright owner: the CIR is already the work product of another person who has conducted an active investigation, and the CIL is simply a compilation of such reports in respect of a relevant subscriber. In the present context, the essential function of the ISP is not to investigate facts or circumstances, but to identify the wrongdoer. If a police officer observes a motor car passing through a red light, and asks an official at the vehicle licensing authority to disclose the name and address of the registered keeper (and presumed driver) of the car, that official, in responding, would not actively be “seeking facts or circumstances indicating illegal activity”. She would be doing no more than identifying, in response to a specific request, the person who, according to the investigation already completed by the police officer, had infringed the traffic code.
Breach of Article 3 ECD
Mr Beal (who took responsibility for this part of the claim) submitted that the contested provisions infringed Article 3 ECD. Article 3 provides:
“1. Each Member State shall ensure that the information society services provided by a service provider established on its territory comply with the national provisions applicable in the Member State in question which fall within the coordinated field.
2. Member States may not, for reasons falling within the coordinated field, restrict the freedom to provide information society services from another Member State.
3. Paragraphs 1 and 2 shall not apply to the fields referred to in the Annex.
4. Member States may take measures to derogate from paragraph 2 in respect of a given information society service if the following conditions are fulfilled:
(a) the measures shall be:
(i) necessary for one of the following reasons:- public policy, in particular the prevention, investigation, detection and prosecution of criminal offences, including the protection of minors and the fight against any incitement to hatred on grounds of race, sex, religion or nationality, and violations of human dignity concerning individual persons, - the protection of public health, - public security, including the safeguarding of national security and defence,- the protection of consumers, including investors;
(ii) taken against a given information society service which prejudices the objectives referred to in point (i) or which presents a serious and grave risk of prejudice to those objectives;
(iii) proportionate to those objectives;
(b) before taking the measures in question and without prejudice to court proceedings, including preliminary proceedings and acts carried out in the framework of a criminal investigation, the Member State has:
- asked the Member State referred to in paragraph 1 to take measures and the latter did not take such measures, or they were inadequate,
- notified the Commission and the Member State referred to in paragraph 1 of its intention to take such measures.
5. Member States may, in the case of urgency, derogate from the conditions stipulated in paragraph 4(b). Where this is the case, the measures shall be notified in the shortest possible time to the Commission and to the Member State referred to in paragraph 1, indicating the reasons for which the Member State considers that there is urgency.
6. Without prejudice to the Member State's possibility of proceeding with the measures in question, the Commission shall examine the compatibility of the notified measures with Community law in the shortest possible time; where it comes to the conclusion that the measure is incompatible with Community law, the Commission shall ask the Member State in question to refrain from taking any proposed measures or urgently to put an end to the measures in question.”
For reasons already explained, it is common ground that the contested provisions “restrict the freedom to provide information society services from another Member State”. It is plain that the DEA, if applied to undertakings in other Member States, would impose a significant economic burden on them, and would, following the well established case law of the Court of Justice, be a “restriction” on their ability to provide the relevant services from outside the UK.
However, the main issue in this context is whether the contested provisions in any event fall “within the coordinated field” under Article 3(2), or are taken out of that field by Article 3(3) and the annex to the ECD which disapplies Article 3(1) and 3(2) in relation to, among other things:
“Copyright, neighbouring rights, rights referred to in Directive 87/54/EEC and Directive 96/9/EC as well as industrial property rights.” (emphasis added)
The Commission’s Explanatory Memorandum (see paragraph 100 above) explains the reason for this particular form of derogation:
“The country of origin principle, as envisaged in this Directive, requires certain derogations in the specific cases cited in Annex 11 [as it then stood]. Indeed, certain specific areas cannot benefit from the country of origin principle because in these fields:
- it is impossible to apply the principle of mutual recognition as set out in the case law of the Court of Justice concerning the principles of freedom of movement enshrined in the Treaty, or
- it is an area where mutual recognition cannot be achieved and there is insufficient harmonisation to guarantee an equivalent level of protection between Member States,
- there are provisions laid down by existing Directives which are clearly incompatible with Article 3 because they explicitly require supervision in the country of destination.”
Mr Eadie, therefore, submits that the matter could not be clearer. Article 3(3) and the Annex removes “copyright” from the scope of Article 3(1), for the good reason that it is a case falling within either the first or second indent cited above. The contested provisions concern copyright, and the UK, therefore, remains free to impose those provisions on ISPs established elsewhere in the EU and supplying the relevant services in the UK.
Mr Beal contends that the matter is not so straightforward. He points, in particular, to recital (5) of the ECD:
“It is important that the proposed directive on the harmonisation of certain aspects of copyright and related rights in the information society and this Directive come into force within a similar time scale with a view to establishing a clear framework of rules relevant to the issue of liability of intermediaries for copyright and relating rights infringements at Community level.”
He noted that Article 8 of Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society (“the Copyright Directive”) did deal with “sanctions and remedies”, and provided, in particular, in Article 8(3):
“Member states shall ensure that rightholders are in a position to apply for an injunction against intermediaries whose services are used by a third party to infringe a copyright or related right.”
In short, and on the footing of these provisions, Mr Beal submitted that copyright has now been harmonised (by the Copyright Directive), the rationale for the derogation in Article 3(3) ECD, in so far as it relates to copyright, has fallen away, and Member States may take measures, falling within Article 3(1), relating to copyright, only if such measures are unequivocally and specifically authorised by the Copyright Directive. The contested provisions are not so authorised and they cannot, therefore, be invoked against ISPs established in other Member States.
In my view, the logical elegance of Mr Beal’s submission faces serious practical difficulties. First, the central premise is that, through the Copyright Directive, the law of copyright has now been entirely or at least sufficiently harmonised so that within the EU the exclusion found in the Annex to the ECD in relation to copyright has simply vanished, no longer buttressed by an extant rationale. But all references to the Copyright Directive, including its very title, speak of harmonising “certain aspects” of copyright law, indicating that complete harmonisation lies somewhere in the future. Whether or not the degree of harmonisation achieved at any point is sufficient to undermine the rationale for exclusion in the current text of the ECD for copyright would, in my view, require a fine exercise of legislative judgment, and is not a matter appropriate for judicial adjudication. I was referred to no authority that harmonisation in this field is complete (and my own researches simply confirm that the view of learned commentators is that it remains partial), or that harmonisation had advanced to such an extent that the rationale for the relevant exclusion could no longer be supported.
Furthermore, it seems to me that Mr Beal’s interpretation would create intolerable legal uncertainty in a system of law (namely EU law) where the principle of legal certainty has been accorded great weight. It must be remembered that the relevant exclusion remains in the legislative text of the ECD: the Community legislation did not remove that exclusion, either at the time that the Copyright Directive came into force (in May 2001), or at the time by which Member States had to implement the Copyright Directive (22 December 2001), or at any subsequent time. In my judgment, if the Community legislator had wished to abrogate the relevant exclusion, it would, in the interests of legal certainty, expressly have removed the exclusion by an appropriate amendment of the ECD, and would not have left the matter in the air, susceptible to competing and conflicting interpretation.
Finally, on Mr Beal’s approach, the relevant exclusion would have had a relatively short shelf-life: after 17 January 2002 (the implementation date for the ECD) Member States could have retained provisions on copyright that otherwise fell within Article 3(1), relying on the relevant exclusion. However, by 22 December 2002 (that is, less than a year later) such provisions could no longer be invoked against ISPs established in other Member States unless, following Mr Beal’s argument, the Copyright Directive expressly authorised them. Short shelf lives generally need prominent signposting. If such a result had been intended, an express provision in the Copyright Directive abolishing the relevant exclusion, with an appropriate explanatory recital, could have been expected, with the proverbial red hand pointing at it.
I accept Mr Beal’s submission only to this extent. After the date for implementing the Copyright Directive had been reached, Member States could no longer lawfully maintain provisions in national copyright law (broadly interpreted) that conflicted with the provisions of the Directive. However, the contested provisions do not so conflict. In particular, Article 8(3), cited above, does no more than impose an obligation on Member States to secure the minimum protection there referred to. It does not preclude a Member State from introducing additional measures that it believes are reasonably required to facilitate rightsholders in exercising effective remedies against persistent copyright infringers.
In any event, Mr Eadie submitted, the initial obligations do not yet have legal effect, and there is nothing in the DEA that would preclude the Code from disapplying the initial obligations in the case of ISPs established in other Member States. The Code is to be notified to the Commission and other Member States, and the Commission, in particular, could raise any concerns about the application of Article 3(1) ECD and the scope of the exemption for copyright. No doubt the Commission would wish to assure itself that the relevant provisions fairly fell within the province of copyright, that they did not conceal other restrictions unrelated to copyright, that they were reasonably proportionate to the aim of copyright protection, and that they did not discriminate against ISPs in other Member States. If, as Mr Beal submitted, Article 3(1) did prohibit the UK from applying the contested provisions to ISPs established in other Member States, the UK law in its final form would need to reflect that position, and no complaint could legitimately be made that the scope of the initial obligations had been limited so as to comply with EU law. The Secretary of State could extend Regulation 4(3) of the Electronic Commerce (EC Directive) Regulations for that purpose, if need be. I accept Mr Eadie’s submission on this point. Even if, contrary to my earlier finding, the exemption for copyright did not apply, and Article 3(1) would otherwise prohibit the application of the contested provisions to ISPs in other Member States, it cannot be determined at this stage, before the Code has been promulgated and brought into force, and before the initial obligations have achieved legal effect, that the contested provisions would inevitably infringe EU law.
The Third Ground: Breach of the Data Protection Directive (“DPD”) and of the Privacy and Electronic Communications Directive (“PECD”)
It is first necessary to set out the applicable provisions of the DPD and of the Data Protection Act 1998, which implements the DPD in the United Kingdom, and of the PECD.
The Data Protection Directive
Article 2(a) of the DPD defines “personal data” to mean
“any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.”
Article 2(b) of the DPD defines “processing of personal data” (“processing”) to mean
“any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.”
Article 2(d) of the DPD defines “controller” as
“The natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by national or Community laws or regulations, the controller or the specific criteria for his nomination may be designated by national or Community law.”
Article 3(2) of the DPD provides that the Directive shall not apply to the processing of personal data by a natural person in the course of a purely personal or household activity.
Article 7 of the DPD directs Member States to provide that personal data may be processed only in certain specified circumstances, one of which, under Article 7(c), is where
“processing is necessary for compliance with a legal obligation to which the controller is subject.”
Another circumstance, under Article 7(e), is where
“processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or in a third party to whom the data are disclosed,”
and Article 7(f) refers to
“processing that is necessary for the purposes of the legitimate interests pursued by the controller or by the third party or parties to whom the data are disclosed, except where such interests are overridden by the interests for fundamental rights and freedoms of the data subject which require protection under Article 1(1).”
Article 8(1) of the DPD erects a further hurdle in the case of special categories of data, in that it directs Member States to
“prohibit the processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and the processing of data concerning health or sex life.”
Article 8(2) provides a number of exceptions to that prohibition, which include at Article 8(2)(e) where
“the processing relates to data which are manifestly made public by the data subject or is necessary for the establishment, exercise or defence of legal claims.”
Article 8(4) allows Member States, “subject to the provision of suitable safeguards”, and “for reasons of substantial public interest”, to lay down exemptions in addition to those laid down in Article 8(2), and provided that such derogations are notified to the Commission in accordance with Article 8(6).
The DPD was implemented in the United Kingdom by the Data Protection Act 1998 (“DPA 1998”).
Section 1(1) DPA 1998 defines “personal data” to mean
“data which relate to a living individual who can be identified –
(1) from those data, or
(2) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller, …”
Definitions of “data subject” and “data processing” are also provided by section 1(1) DPA 1998; they do not materially differ from those in Article 2 of the DPD.
Section 1(4) DPA 1998 provides that
“Where personal data are processed only for purposes for which they are required by or under any enactment to be processed, the person on whom the obligation to process the data is imposed by or under that enactment is for the purposes of this Act the data controller.”
Section 2 DPA 1998 defines “sensitive personal data” to mean personal data consisting of
“information as to
(1) the racial or ethnic origin of the data subject,
(2) his political opinions,
(3) his religious beliefs or other beliefs of a similar nature,
(4) whether he is a member of a trade union… ,
(5) his physical or mental health or condition,
(6) his sexual life, …”
The first of those principles is that
“Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless –
(1) at least one of the conditions in Schedule 2 is met, and
(2) in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met.”
The conditions set out in Schedule 2 include at paragraph 3 that
“The processing is necessary for compliance with any legal obligation to which the data controller is subject, other than an obligation imposed by contract.”
The conditions set out in Schedule 2 also include at paragraph 5 that
“The processing is necessary –
(1) for the administration of justice,
(aa) for the exercise of any functions of either House of Parliament,
(2) for the exercise of any functions conferred on any person by or under any enactment,
(3) for the exercise of any functions of the Crown, a Minister of the Crown or a government department, or
(4) for the exercise of any other functions of a public nature exercised in the public interest by any person.”
The exemptions in respect of sensitive personal data have been implemented in domestic law in Schedule 3 of the DPA 1998. The relevant paragraphs of that Schedule for present purposes are:
“5. The information contained in the personal data has been made public as a result of steps deliberately taken by the data subject.
6. The processing
(a) is necessary for the purpose of, or in connection with, any legal proceedings (including prospective legal proceedings),
(b) is necessary for the purpose of obtaining legal advice; or
(c) is otherwise necessary for the purposes of establishing, exercising or defending legal rights.
10. The personal data are processed in circumstances specified in an order made by the Secretary of State for the purposes of this paragraph.”
An order under paragraph 10 has been made: it is the Data Protection (Processing of Sensitive Personal Data) Order 2000 (SI 2000/417) (“the 2000 Order”).
The Claimants’ Submissions on the Third Ground
It is common ground that sections 124A and 124B, taken with the initial obligations code, are likely to require ISPs to process “personal data” within the meaning of Articles 2(a) and (b) of the DPD. The ISP must link the IP address provided by the copyright owner with an individual subscriber’s name and address, and write to them and compile lists. However, it is also accepted that the ISP is under a legal obligation to notify the subscriber if a CIR is made, and to complete CILs, to the extent that the initial obligations code will provide, and that such operations will be expressly authorised by paragraphs 3 and/or 5 of Schedule 2 to the DPA 1998 in accordance with Article 7(c) and/or 7(e) of the DPD. The focus in this ground, therefore, was more on the position of copyright owners.
Mr White submitted that Article 2 DPD, read in conjunction with Recital (26), gives a definition of “personal data” which is intended to cover all information relating to an identified or identifiable person, either directly or indirectly. To determine whether a person is identifiable, account should be taken of all the means likely reasonably to be used either by the controller or by any other person to identify the said person. A Working Party was set up under Article 29 of the DPD. It is an independent European advisory body on data protection and privacy, and its tasks are set out in Article 30 DPD and Article 15 PECD. In its Opinion 4/2007 (01248/07/EN, WP 136), the Working Party concluded that dynamic IP addresses were personal data:
“Internet access providers and managers of local area networks can, using reasonable means, identify Internet users to whom they have attributed IP addresses as they normally systematically “log” in a file the date, time, duration and dynamic IP address given to the Internet user. The same can be said about Internet Service Providers that keep a logbook on the HTTP server. In these cases there is no doubt about the fact that one can talk about personal data in the sense of Article 2(a) of the [DPD] (page 16).”
A little further on the Working Party considered specifically the position of copyright owners:
“Especially in those cases where the processing of IP addresses is carried out with the purpose of identifying the users of the computer (for instance, by Copyright Holders in order to prosecute computer users for violation of intellectual property rights), the controller anticipates that the “means likely reasonably to be used” to identify the persons will be available e.g. through the courts appealed to (otherwise the collection of the information makes no sense), and therefore the information should be considered as personal data.” (Page 17)
Furthermore, the CIR will identify the nature of the digital material that has been unlawfully copied by a subscriber. The nature of this material may reveal special categories of personal data within Article 8 DPD, relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or relating to health or sex life of an individual, as was recognised in the Opinion of the EDPS (see paragraph 117 above) at [32].
In the written outline submissions the Defendant took issue with these propositions. At the hearing, however, Mr Eadie showed a marked lack of enthusiasm for pursuing the matter. As to “personal data”, the main point advanced in writing was that the purpose of the CIRs/CILs was to identify the subscriber, and the subscriber may not have been the copyright infringer. (It is necessary only to think of internet cafés or wi-fi hotspots in libraries). However, as Mr White submitted, the data nonetheless relates to an identified or identifiable person because the subscriber, who can be identified through the dynamic IP address, is inevitably linked to the data (the particulars of the copyright infringement, including the dynamic IP address) as the person who, in a broad sense, has facilitated the infringement, even if he is not the infringer and could incur no legal liability for the infringement. The same point was made in respect of special data under Article 8, but the answer is the same: an identified or identifiable person (the subscriber) is inevitably linked, through the dynamic IP address, to material that might, for example, tend to show unusual sexual proclivities. It does not seem to me to be sufficient to show that the subscriber might not be the person who putatively has such proclivities, where the relevant link was to the subscriber’s internet access, and the inference would be that he was either a person who has permitted access to someone with such proclivities or has them himself. It was also argued that, even if the subscriber had downloaded such material, it would be unsafe to assume that the subscriber had the characteristics that the downloaded material tended to show. It is true that a particular subscriber might be downloading copyrighted pornographic images for the purposes of scholarly research into the efficacy (or lack thereof) of the Obscene Publications Act 1959, but in the real world the inference, whether or not accurate, would tend to be less favourable.
I shall, therefore, proceed on the basis that the relevant data which would be processed by copyright owners would be personal data and that some of it would be special data.
However, the important issue on this ground of challenge is whether the relevant processing of personal data is permissible.
The Defendant and the Interested Parties rely on Article 8(2)(e) (which relates strictly to special categories of data): the processing is necessary for “the establishment, exercise or defence of legal claims”. That would appear to be the precise purpose of the contested provisions of the DEA: the copyright owner will be able, through the procedures under the DEA, to establish not only that there has been an infringement of copyright but also who is responsible for the infringement.
Mr White argued that the provision applied only if the data controller was sure, at the beginning and throughout the relevant “processing”, that at the end of the processing a legal claim would be brought. However, in my view, the copyright owner might not in a particular case decide to pursue legal proceedings, but that does mean that the action that he took under the DEA was not for the purpose of establishing or exercising such a claim. Mr White’s interpretation would create intolerable legal uncertainty and something of a “Catch 22” situation. The data controller might not know at an early stage in processing the relevant data whether he intended at the end of the process to commence legal proceedings, and the processing could be rendered impermissible if in the event he did not commence such proceedings; and it might be only after the relevant data processing that he could sensibly decide whether it was appropriate to commence proceedings. The data controller might change his mind during the course of processing, and the legal position would be obscure.
Article 8(2)(e), as noted, does not in strict terms apply to processing under Article 7. However, it would be absurd if that particular basis did not apply generally, for it would otherwise mean that processing of data that fell short of special category data was permissible in more restricted circumstances than those applied to special category data. It seems to me that the only sensible interpretation is that the circumstances described in Article 8(2)(e) inevitably fall within Article 7(f) as “processing … necessary for the purposes of the legitimate interests pursued by the controller or by the third party or parties to whom the data are controlled” and necessarily observe the balance required by the proviso to that Article.
The final point made by Mr Eadie under this topic, which seemed to me also to have force, was that if there were any doubt about the application of Article 8(2)(e) to the relevant processing, the United Kingdom could, before the Code came into legal effect, lay down an exemption under Article 8(4), based upon a “substantial public interest”, namely, the better protection of the rights of copyright owners.
Mr White also submitted that the data processed was “traffic data” for the purposes of Article 2 PECD, namely, “data processed for the purpose of the conveyance of a communication on an electronic communications network or for the billing thereof”. The relevant processing did not comply with the criteria under Article 6 PECD, and the derogation under Article 15 did not apply.
Mr Eadie was content to proceed on the footing that the data was “traffic data” and that a derogation for processing was necessary under Article 15(1) which provides so far as is material:
“1. Member States may adopt legislative measures to restrict the scope of the rights and obligations provided for in Article 5, Article 6, Article 8(1), (2), (3) and (4), and Article 9 of this Directive when such restriction constitutes a necessary, appropriate and proportionate measure within a democratic society to safeguard national security (i.e. State security), defence, public security, and the prevention, investigation, detection and prosecution of criminal offences or of unauthorised use of the electronic communication system, as referred to in Article 13(1) of Directive 95/46/EC. To this end, Member States may, inter alia, adopt legislative measures providing for the retention of data for a limited period justified on the grounds laid down in this paragraph. All the measures referred to in this paragraph shall be in accordance with the general principles of Community law, including those referred to in Article 6(1) and (2) of the Treaty on European Union.
1a. Paragraph 1 shall not apply to data specifically required by Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks to be retained for the purposes referred to in Article 1(1) of that Directive.”
The protection of property is not explicitly referred to in Article 15, but the scope of Article 15 was explored in Case C-275/06 Productores de Musica de España (Promusicae) v Telefonica de España SAU, where the Court of Justice stated at [52]:
“It is clear, however, that Article 15(1) of [PECD] ends the list of the above exceptions with an express reference to Article 13(1) of Directive 95/46. That provision also authorises the Member States to adopt legislative measures to restrict the obligation of confidentiality of personal data where that restriction is necessary inter alia for the protection of the rights and freedoms of others. If they do not specify the rights and freedoms concerned, those provisions of Article 15(1) of Directive 2002/58 must be interpreted as expressing the Community legislature’s intention not to exclude from their scope the protection of the right to property or situations in which authors seek to obtain that protection in civil proceedings.”
Mr White submitted that the Court was there holding that the derogation in Article 15(1) was restricted to the context of “protection in civil proceedings”, which would inevitably involve some “judicial oversight”. It is correct that the question asked by the national court related to a context of civil proceedings and that at [70] the Court of Justice answers the referring court’s question (see [41] of the judgment) by stating that the relevant directives “do not require the Member State to lay down … an obligation to communicate personal data in order to ensure effective protection of copyright in the context of civil proceedings”. However, the Court’s ruling, at [53] cited above, plainly goes beyond protection in the context of civil proceedings and includes “the protection of the right to property” within the scope of the “protection of the rights and freedoms of others” under Article 15(1). It is indisputable that the contested provisions are intended to promote the protection of the right to property, namely, copyright, and therefore, fall within Article 15(1) as interpreted by the Court.
Mr White at the hearing advanced a new point: some of the “traffic data” was “retained information” under Article 15(1)(a) PECD and, therefore, was not covered by the derogation at all. Mr Eadie showed the purposes of Directive 2006/24/EC (against the background of the London bombings of July 2005) and that the only sensible meaning of Article 15(1)(a) was that the derogation under Article 15 was not required in respect of that material. Mr White did not seek to reply to what would appear to be the obvious purposive interpretation, acknowledging that this belatedly raised point was misconceived.
Ground 4: Breach of the Authorisation Directive (“AD”)
This is an additional ground, for which permission has not yet been given. In the pleadings it has stood as the fifth ground, but it is convenient to deal with it before moving to the last ground of challenge, namely, proportionality.
Article 2(2) of the AD defines “general authorisation” as follows:
“’general authorisation’ means a legal framework established by the Member State ensuring rights for the provision of electronic communications networks or services and laying down sector specific obligations that may apply to all or to specific types of electronic communications networks and services in accordance with this Directive.”
Some assistance in interpreting Article 2(2) is given by recital (18):
“The general authorisation should only contain conditions which are specific to the electronic communications sector. It should not be made subject to conditions which are applicable by virtue of other existing national law which is not specific to the electronic communications sector. Nevertheless, the national regulatory authorities may inform network operators and service providers about other legislation concerning their business, for instance through references on their websites.”
Recital (18) is reflected in Article 6(3) AD:
“The general authorisation shall only contain conditions which are specific for that sector and are set out in Part A of the Annex and shall not duplicate conditions which are applicable to undertakings by virtue of other national legislation.”
It is common ground that the general authorisation scheme for electronic communications networks and services is intended to allow any person who wishes to provide such networks and services to do so in accordance with the publicly available set of conditions. Such schemes replace what was commonly found in national systems of regulation, namely, individual licensing arrangements under which licence conditions could be imposed. The nature of such arrangements, and the conditions imposed by the authorities in Member States, could vary substantially and could create significant barriers to new entrants, particularly new entrants from other Member States. The General Conditions under the AD are conditions which are (i) imposed for the purpose of regulating and/or (ii) directed at regulating the manner in which, or means by which, electronic communications networks and services are to be provided. Article 4 AD specifies the minimum content of the rights enjoyed by an authorised person, including the right (a) to provide electronic communications networks and services; and (b) to have their application for the necessary rights to install facilities considered in accordance with Article 11 of the Framework Directive.
In the United Kingdom Ofcom, as the national regulatory authority, has drawn up “General Conditions of Entitlement” which have been formulated, decided upon and published in accordance with the AD and Part II of the CA 2003.
It is of some importance that Article 10 of the AD creates a specific regime for the enforcement of the conditions of the general authorisation. The regime provides for a range of proportionate penalties for proven breach of any condition, and in certain circumstances a person who has contravened the conditions is liable to be prohibited from providing electronic communications networks and services, and so effectively excluded from the general authorisation. Providers of the relevant networks and services are not of course exempted from having to comply with such of the Member State’s national law requirements as may be relevant to their activities (provided that those requirements accord with EU law), but Member States may not make the general authorisation itself subject to compliance with such requirements of national law. A Member State cannot suspend or terminate a person’s authorisation under the general authorisation for non-compliance with a requirement of national law which is not contained, and should not properly be contained, in the general authorisation. There is, therefore, an important difference between an obligation which has been specified as a condition contained in the general authorisation, and a requirement which has not been so specified and is outwith the general authorisation published by the Member State.
Mr White submitted, first, that the contested provisions fell within the terms of the definition in Article 2(2) AD. It did not matter that those provisions had not found their way into the actual arrangements made by Ofcom to implement the AD (see paragraph 41-42 and 173: the initial obligations code will not be imposed by Ofcom as part of the General Conditions of Entitlement). These provisions ought to have been included in the general authorisation. However, and secondly, if they had been so included, they would have had no legal force because they were not conditions of a kind that are permitted by the general authorisation, as specified in the annex to the AD.
In my view, the first proposition rests upon a false premise, namely, that, as a result of Article 2(2), any “sector specific obligation” must be contained in the conditions of the general authorisation. It is correct that nothing other than a sector specific obligation may be contained in the conditions of the general authorisation. It does not follow that each and every such obligation must be so contained, and there are good reasons why that should not be the case.
First, to insist that each and every sector specific obligation has to be included in the conditions of the general authorisation would create serious tension with the Framework Directive. The AD is subject to Article 1(3) of the Framework Directive, which provides that both the Framework Directive itself, and the “Specific Directives” which are to be read alongside it (including the AD: see Article 2(1)) are “without prejudice to measures taken at Community or national level, in compliance with Community law, to pursue general interest objectives, in particular relating to content regulation and audio-visual policy.”
Recital (6) to the Framework Directive states:
“Audio-visual policy and content regulations are undertaken in pursuit of general interest objectives, such as freedom of expression, media pluralism, impartiality, cultural and linguistic diversity, social inclusion, consumer protection and the protection of minors. The Commission communication “Principles and guidelines for the Community’s audio-visual policy in the digital age”, and the Council’s conclusions of 6 June 2000 welcoming this communication, set out the key actions to be taken by the Community to implement its audio-visual policy.”
The Commission communication to which recital (6) refers recognises copyright protection and the taking of measures against piracy as being a “central element” of the Commission’s audio-visual policy (Commission communication “Principles and guidelines for the Community’s audio-visual policy in the digital age” (COMM (1999 657 final) at point 3.3).
It is readily conceivable that certain national measures falling within the relevant “audio-visual policy and content regulation” might be directed at suppliers of telecommunication services and networks. The contested provisions are one type of such measures. In my view, it would then be distinctly odd that, on the one hand, Article 1(3) of the Framework Directive expressly excluded such measures from the scope of the relevant Directives, including the AD, but, on Mr White’s interpretation of Article 2(2) AD, such measures would have to be specifically included in the conditions of general authorisation under the AD, solely because they were sector specific obligations. In my judgment, this obvious tension, if not inconsistency, between the applicable provisions tells heavily against Mr White’s interpretation.
Secondly, the forced inclusion of provisions of the general law, such as the contested provisions, within the conditions of the general authorisation would have the most serious policy consequences. For example, any aspiring new entrant from another Member State which was contemplating the possibility of seeking to compete in the supply of telecommunications networks or services in the UK would face the prospect of adherence to, and compliance with, provisions of the general law such as the contested provisions as part of the price of entry. In the last resort failure to meet such a putative “condition” of the general authorisation would mean not simply incurring liability under the general law (such as financial penalties under the DEA) but also the forfeiture of the right to supply the relevant services in the UK and the potential loss or diminution in value, of a substantial capital investment in the UK. The potential deterrence to competition and inter-state trade would be obvious. Indeed, if the United Kingdom sought to include provisions of the general law such as the contested provisions within the conditions of the general authorisation, it is not hard to imagine that the Commission would object fiercely, not on the technical ground that the conditions did not fall within the Annex to the AD, but because the very attempt to include general measures of that nature, in this case relating to audio-visual policy and content, within the basic open ticket to carry on the relevant business in the UK, was wholly misconceived in principle. The response that the putative “condition” was properly inserted in the general authorisation because it was “sector specific” would, in my view, receive short shrift, and rightly so.
Thirdly, Mr White is somewhat hoist by his own petard if one compares his interpretation of Article 2(2) AD with the implications of his second ground of challenge. It should be recalled that if his interpretation of Article 3(1) ECD were correct, the Code bringing the initial obligations into legal effect would necessarily have to disapply them to ISPs established in other Member States. (The Defendant accepts that proposition). However, if his interpretation of Article 2(2) AD were correct, no such disapplication would succeed because, perforce, sector specific provisions of the general law, such as the contested provisions would have to be included in the general authorisation, but could not be so included because they did not fall within the subject matters of the Annex. The net result would be that general national measures designed to promote an important objective of public policy, otherwise assumed for the purposes of this argument to be lawful under EU law, could not, by virtue of Article 2(2) AD, be implemented in the UK, even if the implementation was only in respect of UK-established ISPs. It is difficult, if not impossible, to see what sensible policy, either at national or EU level, such an interpretation and result would promote.
In any event, I reject Mr White’s second proposition that the contested provisions, if they were contained in the general authorisation, would not be “restrictions in relation to the transmission of illegal content”. The initial obligations require ISPs to take steps to assist copyright owners in asserting their rights against those who unlawfully download copyright material from the internet, and to curtail such practices. Such a requirement, in my view, in the factual setting in which it arises, “relates” to the transmission of illegal content within paragraph 9 of the Annex to the AD. Mr White’s argument was that the putative restriction would not be “in accordance with the [ECD]”, as stipulated by paragraph 9. Mr White contended that “in accordance with” meant something like “mandated” or “specifically authorised” by the ECD. However, in this context, it seems to me that the reference is principally to section 4 of the ECD, which confers important immunities on ISPs, and that the intention of paragraph 9 is that any condition imposed “in relation to the transmission of illegal content” should not limit or undermine such immunities. For the reasons set out earlier, the contested provisions do not limit or undermine the relevant immunities conferred by the ECD, and they would not, therefore, be inconsistent with paragraph 9 even if, quod non, they formed part of the conditions of the general authorisation.
Ground 4: Breach of Article 12 AD
There is a second ground of attack under the AD, namely, that the Costs Order breaches Article 12 AD and the Annex at A2. That Article provides, so far as is material:
“1. Any administrative charges imposed on undertakings providing a service or a network under the general authorisation or to whom a right of use has been granted shall:
(a) in total, cover only the administrative costs which will be incurred in the management, control and enforcement of the general authorisation scheme and of rights of use and of specific obligations as referred to in Article 6(2), which may include costs for international cooperation, harmonisation and standardisation, market analysis, monitoring compliance and other market control, as well as regulatory work involving preparation and enforcement of secondary legislation and administrative decisions, such as decisions on access and interconnection; and
(b) be imposed upon the individual undertakings in an objective, transparent and proportionate manner which minimises additional administrative costs and attendant charges.
2. Where national regulatory authorities impose administrative charges, they shall publish a yearly overview of their administrative costs and of the total sum of the charges collected. In the light of the difference between the total sum of the charges and the administrative costs, appropriate adjustments shall be made.”
The Annex provides, so far as is material:
“The conditions listed in this Annex provide the maximum list of conditions which may be attached to general authorisations…
….
2. Administrative charges in accordance with Article 12 of the Directive.”
In broad terms, the Costs Order refers to three kinds of cost. First, “qualifying costs” are the costs incurred by Ofcom or the appeals body in carrying out functions under the copyright infringement provisions (as specified in section 124N DEA), including costs incurred by Ofcom under those provisions in appointing the appeals body or in establishing a body corporate to be the appeals body. Such costs would ordinarily be regarded as administrative costs, and any sums charged on ISPs in respect of such costs would ordinarily be regarded as “administrative charges”. ISPs will bear 25 per cent of such costs by way of payment of fees to Ofcom.
Secondly, “relevant costs” are costs which would be reasonably and efficiently incurred by a notional qualifying internet service provider in carrying out its obligations under the copyright infringement provisions. Under paragraph 1(1) of the Schedule to the Costs Order, such costs may (and most likely will) include the costs of, for example, receiving a CIR, matching the IP address to a subscriber on receipt of a CIR, generating and sending a notification of the CIR to the subscriber and compiling and providing CILs to copyright owners. These are the internal operating costs that ISPs will bear in discharging their obligations under the DEA. They are not part of Ofcom’s administrative costs. ISPs could be left to meet these costs for they are the ISPs’ own internal costs. However, the Costs Order provides a mechanism by which ISPs can recover part of the costs incurred from copyright owners. Using relevant cost information, Ofcom will design a model of a notional efficient ISP and calculate the total costs that such an ISP would incur in discharging its obligations under the DEA.
Using that model, Ofcom then calculates an amount that an ISP would have to charge a copyright owner for each CIR in order that the ISP would recover 75 per cent of its total costs of discharging its obligations under the DEA. That is then the amount that the copyright owner must pay (by way of “notification fee”) to the ISP in respect of each CIR. If this system operated correctly, ISPs would, therefore, recover from copyright owners 75 per cent of the costs incurred by ISPs in discharging their obligations. ISPs would be left to bear 25 per cent of their own operating costs in carrying out their functions under the DEA. Of course, a particular ISP may be more or less efficient than the notional ISP in the Ofcom model, and so recover more or less than 75 per cent of its costs. It is also perhaps conceivable that a particular ISP receives more or fewer CIRs than it expected to receive and, therefore, might receive a total amount greater or less than 75 per cent of actual costs (if some of the costs incorporated in the model included overhead costs which might then be over or under-absorbed depending on the real “output” of CIRs). But even the worst case scenario would leave the hopelessly inefficient ISP, which undershot its target number of CIRs by a mile, bearing 100 per cent of its own operating costs of discharging its functions under the DEA, that is, in no worse a position than if there were no mechanism to enable ISPs to recover any part of their own operating costs.
Third, the appeals body may set a “case fee” charged in respect of each subscriber appeal which it receives. The case fee must be based on the costs that the appeal body may incur in handling and determining a subscriber appeal, to the extent that such costs are not recovered by the fees payable to Ofcom in respect of the qualifying costs. The relevant ISP to the appeal will bear 25 per cent of the case fee in the appeal.
Mr White contended that the contested provisions, so far as they dealt with “qualifying costs”, “relevant costs” and “case fees”, were conditions of the general authorisation, or what should have been included within the general authorisation, and, therefore, were not permitted as such by the Annex to the AD. In particular, the provisions relating to “relevant costs” could not be a condition allowed by paragraph 2 of the Annex, since these costs were not charges falling within Article 12 AD.
For the reasons given earlier, I do not accept that the contested provisions, including the provisions in respect of “qualifying costs”, “relevant costs” and “case fees” are conditions of a general authorisation. The contested provisions are simply outwith the scope of the general authorisation, and it would be wrong in principle to include them.
However, the matter does not end there because Article 12, standing alone, prohibits in any event “administrative charges” which cover costs extending beyond those identified in that Article. The question, therefore, arises whether any of the cost provisions is prohibited on that ground.
In my view, “relevant costs” are in this context irrelevant. They are not “administrative charges” at all. ISPs do not pay “relevant costs”: they will incur such costs internally in order to discharge statutory obligations under the DEA. The Costs Order is simply a means by which ISPs can recover from copyright owners a (substantial) proportion of internal costs that ISPs have had to incur. The DEA could have left ISPs to bear such costs entirely and have provided no mechanism for recovering any part of such costs. However, Parliament provided that in fairness copyright owners should reimburse ISPs for a substantial part of the costs incurred by ISPs in discharging their obligations under the DEA.
Similarly, it does not seem to me that “case fees” can be regarded as “administrative charges” under Article 12 AD. The fees arise because a subscriber has brought a specific appeal, involving a relevant ISP and a relevant copyright owner. The fees are intended to do no more than ensure that the judicial vehicle for resolving disputes under the DEA is adequately funded.
However, charges imposed to recover “qualifying costs” would ordinarily be regarded as “administrative charges” and would, in principle, appear to be administrative charges under Article 12 AD.
Consistently with the case on the meaning and scope of Article 2(2) AD, the Defendant argues that the charges imposed to ensure the recovery of “qualifying costs” are not administrative charges, because ISPs do not pay them “under” the authorisation, that is, they do not pay them in their capacity as authorised persons. ISPs pay them because they are ISPs who are required by other national legislation to discharge certain statutory duties.
For the reasons already given, I agree that the contested provisions do not, and could not properly, form part of the conditions of the general authorisation. However, Article 12 does not in terms say that administrative charges are charges that ISPs pay only in their capacity as authorised persons, that is, in meeting the conditions set by the general authorisation. Article 12(1) appears simply to identify a class of person, namely, “an undertaking providing a service or a network under the general authorisation or to whom a right of use has been granted”. No charges of an administrative nature may then be imposed upon such persons, if such charges fall, and fall substantially, on persons of that description. Corporation tax, business rates, etc would not be caught because those charges, even if administrative, do not fall exclusively or substantially on persons within the protected description.
It appears to me that the interpretation put forward by the Defendant does not represent the natural meaning of the language of Article 12(1). That interpretation also seems to carry unsatisfactory policy consequences. A narrow reading would potentially allow Member States to impose charges on authorised persons, and only or substantially on authorised persons, and then to argue that such charges were imposed on them not “in their capacity as such”, that is, in meeting the conditions of the general authorisation, but because they were doing other things under national law. It does not require great imagination to see that the “other things” relied upon might be contrived, vague or dubious, and that the charges in such cases were more likely to be a disguised form of levy or tax exclusively or substantially charged on authorised persons, which was in truth being charged because telecommunication enterprises tend to be perceived as easy and worthy targets of such levies or taxes. Such a potential effect would run counter to the rationale of Article 12 – to prohibit such specific levies, charges or forced subsidies – as clearly articulated by the Court of Justice in the leading case of Case C – 296/06 Telecom Italia [2008] ECR 1-801.
The Defendant also argued that the charges were not administrative charges because ISPs could meet them, in whole or in part, out of the relevant costs recovered, by way of notification fees, from copyright owners. I confess that I had difficulty in understanding this argument. Notification fees are paid exclusively to meet 75 per cent of “relevant costs” incurred by ISPs. They are not paid to subsidise ISPs’ liability to Ofcom. It may be that, looked at as a whole, ISPs will not be out of pocket. However, that does not seem to me to be the right test. The competitive structure in a telecommunications market might be such that the (few) operators could readily pass on most if not all taxes or levies imposed on them, but that fact would not take such taxes or levies outside the prohibition. It may be that the recovery rate of the relevant costs could be lawfully adjusted to take account of the fact that only copyright owners could be charged qualifying costs, but that is not an issue that I have to decide in this claim.
It is common ground that if the charges in respect of “qualifying costs” amount to “administrative charges” within Article 12, they do not relate to any of the matters specified under Article 12, and must, therefore, be unlawful.
Ground 4: Discrimination
The Claimants also argue that the proposed exclusion of small-scale ISPs from the scope of the initial obligations is “discriminatory” under Article 6 of the AD (assuming that the AD applies at all to the contested provisions). However, it appears from the evidence that Ofcom proposed the initial qualifying threshold of 400,000 subscribers as a starting point because it represented a proportionate response. The six ISPs who have more than 400,000 subscribers together account for 93.4 per cent of the residential and SME business broadband market. There is a natural break point below the big six, in that the smallest of the big six is still twice the size of the next in line. In my view, it is reasonable and proportionate to concentrate on the larger ISPs in the first instance, and to identify any other individual ISPs where there are high levels of copyright infringement on a case by case basis. Any alleged “migration” of infringers to smaller ISPs is speculative at this stage and could be addressed if it began to present real problems.
As to the exclusion of mobile network operators (“MNOs”), the evidence shows that mobile networks are less conducive to online copyright infringement due to technical features such as speed and capacity constraints, traffic management policies, and pricing relative to fixed lines. Internet traffic carried by MNOs represents only a very small proportion (less than 5 per cent) of the overall file-sharing problem. It was therefore considered disproportionate to include MNOs at the present time and this appears to me to be a legitimate policy choice for the Defendant to make, having regard to proportionality. In any event, under the DEA Ofcom has a statutory obligation to monitor levels of online copyright infringement. Ofcom could be expected to alter the qualification criteria in the Code as necessary in future notification periods, to bring within the scope of the obligations in the Code any ISP, whether fixed or mobile, where the scale of infringement is such that inclusion in the Code was justified.
Ground 5: Proportionality
The Claimants submit that the contested provisions represent a disproportionate restriction on the free movement of services and/or the right to privacy and/or the right to free expression or to impart and receive information, and that the need for the measures to be proportionate flowed from, for example, Article 56 TFEU (formerly Article 49 EC) together with Article 61 TFEU (formerly Article 55 EC) and Article 52 TFEU (formerly Article 46 EU); Article 3(4) of the ECD (see paragraph 119 above); Article 15 of the PECD (see paragraph 164 above); Article 6(1) and 6(3) TEU, taken with Articles 7 and 8 of the Charter on Fundamental Rights; and Articles 8 and 10 of the ECHR; and Directive 2009/140/EC recital (4) where it is recognised that effective freedom of expression requires access to the internet.
The Defendant accepted in the detailed grounds that the contested provisions were likely to create a restriction on the free movement of services and/or freedom of establishment, so as to permit a proportionality review under EU law. Furthermore, there did not appear to be any dispute that the contested provisions in principle raised issues touching upon freedom of expression and privacy.
Mr Eadie made a preliminary point that a proportionality challenge was premature: the initial obligations had not yet been brought into effect, and their content was not yet sufficiently ascertained in the absence of the Code (see the first ground of challenge). Technical measures were not yet in contemplation and could be introduced only if the elaborate procedures had been followed under the DEA and the justifying criteria for such measures had been satisfied. There is considerable force in Mr Eadie’s point. However, it seems to me that enough is known at this stage of the fundamental regulatory structure of the DEA to permit a challenge based on proportionality, so long as one bears in mind that the final shape of the regulatory scheme is not yet established, and that the Claimants cannot simply make assumptions about the exact scheme that will be implemented in order to support its challenge, or about the effects of such final scheme.
There was also a preliminary contest between the parties as to the precise formulation of the test for proportionality in the present context, namely, whether, as the Defendant submitted, the Claimants had to discharge the heavier burden of showing that the contested measures were “manifestly disproportionate”. Each side deployed a welter of authority to support its position.
Lurking beneath this linguistic tussle was a broader issue of principle, namely, the extent to which the Court was entitled to re-assess for itself the balance that Parliament has struck in the DEA, and the extent to which the Court should accord deference, or allow an area of discretionary judgment, to the primary decision maker in the present context. Fortunately, the parties agreed that the resolution of this issue was the same whether the evaluation of proportionality was made under EU law or under the ECHR (see, in particular, R (Countryside Alliance and Others) v Attorney General [2007] UKHL 52, by Lord Brown, at [162]-[164]). In my view the relevant issue is well articulated in Beatson and Others, Human Rights: Judicial Protection in the United Kingdom, at paragraph 3-182, page 267, under the heading “Weight and Latitude”:
“The courts have struggled with the question of whether, and to what degree, they should defer to the assessment of the primary decision maker when determining whether their decision or conduct is compatible with a Convention right. The problem arises because, although the courts have been given the task of determining for themselves whether decisions of public authorities are compatible with Convention rights, such questions frequently involve difficult assessments and judgments that the courts are not as well-placed to make as the primary decision maker. By way of example, judgments about the scale of a particular social problem that Parliament or government decides to address is not a matter that the courts can easily assess. Likewise, predictions as to the likely effectiveness of measures taken by the political branches, and the potential effectiveness of alternatives, are also extremely difficult judgments for the judges to make. The primary decision maker will often be better placed to make such judgments. There is also a further concern. The courts are not accountable for making such assessments in the same way as politicians and public authorities are. It is therefore sometimes suggested that the courts lack democratic legitimacy to make such assessments and should defer to those who are accountable for making them.”
The authors go on to observe at paragraph 3-183 that
“it is because of these concerns that the case law of domestic courts under the HRA and devolution statutes has developed a concept of “deference”, or “respect” for judgments or assessments made by the primary decision maker. These concepts have been applied alongside, and interchangeably with, a host of other terms, such as “discretionary area of judgment”, “relative institutional competence”, “policy decisions”, “margin of discretion” and “degree of latitude”.” (Footnote references to authorities omitted)
At paragraph 3-184 the authors also suggest that there are principles that govern when it is appropriate for courts to place weight on the judgment of a primary decision maker, citing (at paragraph 3-189) Lord Steyn’s extra-judicial statement:
“… the Court must sometimes consider in the context of the particular case before it, where an issue of deference arguably arises, whether the context and circumstances of the case require the Court on a specific issue to the view of the legislature or the executive. It is not a matter of law: it is a matter of discretion to be exercised in the objective circumstances of the particular case.” (“Deference: A Tangled Story” [2005] P.L. 346 at 390)
In my judgment, there are good reasons in the present context for the Court to attach substantial weight to the balance struck by the primary decision maker, namely, Parliament. First, there is considerable support in the case law for the proposition that the Courts should afford particular deference to elected and accountable decision makers where the decision concerns subject matters that are regarded as within the particular province of the political branches. In Wilson v First County Trust Ltd (No 2) [2003] UKHL 40; (2004) I AC 816 Lord Nicholls stated that the readiness of a court to depart from the views of the legislature depends upon the circumstances, “one of which is the subject matter of the legislation”. The more the legislation concerns matters of broad social policy, the less ready will be a court to intervene (see [70]). (See also Ghaidan v Godin-Mendoza [2004] UKHL 30; [2004] 2 AC 557 at [19], and Michalak v London Borough of Wandsworth [2002] EWCA Civ 27; [2003] I WLR 617, at [41]). In International Transport Roth Gmbh v SSHD [2002] EWCA Civ 158; [2003] QB 728 at [83] Laws LJ stated that
“greater deference will be due to the democratic powers where the subject matter in hand is peculiarly within their constitutional responsibility.”
In this case Parliament has addressed a major problem of social and economic policy, where important and conflicting interests are in play. On the one hand, there is evidence to suggest that the media industry, broadly interpreted, is sustaining substantial economic damage as a result of unlawful activity on the internet; and there is concern that such damage may significantly affect creativity and productivity in an economic area of national importance where, at least historically, the UK has tended to enjoy some comparative advantage in international markets. On the other hand, the business models of ISPs are constructed on the basis that they are essentially conduits for the flow of information, and the efficiency, cost effectiveness and competitiveness of their operations depend on the minimum regulatory interference with that flow of traffic, and on the minimum responsibility and burden in respect of the actual content of the material passing through the conduit. Similarly, subscribers of the ISPs and users of the internet appreciate that the technology is the most prodigious tool for the transmission and interchange of information and other material ever designed, and, in general, they would oppose restrictions on their ability to enjoy untrammeled access to such information and material. Information is also a public good, and interference with access to, and publication of, information may adversely affect general welfare. How these competing and conflicting interests should be accommodated and balanced appears to me to be a classic legislative task, and the court should be cautious indeed before striking down as disproportionate the specific balance that Parliament has legislated.
Secondly, Parliament struck the challenged balance after a lengthy process of consultation with all interested parties, which took account of the representations made by those parties, and after a voluntary, non-legislative scheme was tried out. That process is likely to have provided the decision maker with an insight and capacity that the court is unlikely to enjoy.
Thirdly, in a case of this nature, there are real limits on the process of adjudication. Although I was confronted with 11 files of evidence, I cannot be entirely confident that all relevant material was before me, nor can the sheer constraints of judicial review proceedings afford the time that would be necessary critically and rigorously to evaluate the volume of material that was submitted. For example, a number of expert economists were deployed on each side, putting forward with equal conviction and vigour their rival cases. Experience in the Restrictive Practices Court, now extinct, suggests that a thorough exploration and assessment of such evidence could be likely to take many days of detailed cross-examination. Furthermore, the issues in this judicial review, for the reasons already given, are classically of the kind that Professor Lon Fuller famously described as “polycentric” where it is hard enough for the legislature to seek to think through, and to weigh all the possible implications of a range of policy choices that are theoretically open, but is well nigh impossible for a judge. In R v Secretary of State for Health Ex p. Eastside Cheese [1999] CMLR 123, Lord Bingham accorded a margin of appreciation (under EU law) because the challenged decision called for:
“the evaluation of scientific evidence and advice as to public health risks, and which have serious implications both for the general public and for the manufacturers, processors and retailers of the suspect cheese.”
Here, the evaluation is not of scientific evidence but of competing economic arguments, when a similar margin of appreciation is justified.
Fourthly, and this seems to me to be a very important consideration, this is not a case where, on the one side, there is a human right, or a fundamental EU freedom, and on the other side the State is seeking to restrict or interfere with that right on grounds of general utility or welfare. The Court may then wish, notwithstanding other contextual factors, to examine the proportionality of the measure with considerable intensity, and to accord less weight to the balance struck by the legislature or executive. Mr Saini, who appeared on behalf of the Interested Parties, rightly stressed that the countervailing interests in this case are also recognised as fundamental rights. He referred, in particular, to Article 17.1 of the Charter of Fundamental Rights, to the observations of the Court of Justice in Promusicae at [62] and to ECHR Article 1 Protocol 1 for the proposition that copyright was an important right of property and that its enjoyment and exploitation was recognised as a fundamental right. The Claimants did not challenge that proposition.
Mr Saini drew what I consider is a very helpful analogy with Schmidberger v Republik Österreich, Court of Justice 12 June 2003, a case in which the government of Austria had closed the Brenner pass for a period (preventing road hauliers from using the pass) in order to allow a peaceful demonstration to take place. The case, therefore, raised
“the question of the need to reconcile the requirements of the protection of fundamental rights in the Community with those arising from a fundamental freedom enshrined in the Treaty and, more particularly, the question of the respective scope of freedom of expression and freedom of assembly, guaranteed by Articles 10 and 11 of the ECHR, and of the free movement of goods, where the former are relied upon as justification for a restriction of the other.” [77]
The Court held:
“79. Second, whilst the fundamental rights at issue in the main proceedings are expressly recognised by the ECHR and constitute the fundamental pillars of a democratic society, it nevertheless follows from the express wording of paragraph 2 of Articles 10 and 11 of the Convention that freedom of expression and freedom of assembly are also subject to certain limitations justified by objectives in the public interest, in so far as those derogations are in accordance with the law, motivated by one or more of the legitimate aims under those provisions and necessary in a democratic society, that is to say justified by a pressing social need and, in particular, proportionate to the legitimate aim pursued (see, to that effect, Case C-368/95 Familiapress [1997] ECR I-3689, paragraph 26, Case C-60/00 Carpenter [2002] ECR I-6279, paragraph 42, and Eur. Court HR, Steel and Others v. The United Kingdom judgment of 23 September 1998, Reports of Judgments and Decisions 1998-VII, § 101).
80. Thus, unlike other fundamental rights enshrined in that Convention, such as the right to life or the prohibition of torture and inhuman or degrading treatment or punishment, which admit of no restriction, neither the freedom of expression nor the freedom of assembly guaranteed by the ECHR appears to be absolute but must be viewed in relation to its social purpose. Consequently, the exercise of those rights may be restricted, provided that the restrictions in fact correspond to objectives of general interest and do not, taking account of the aim of the restrictions, constitute disproportionate and unacceptable interference, impairing the very substance of the rights guaranteed (see, to that effect, Case C-62/90 Commission v Germany [1992] ECR I-2575, paragraph 23, and Case C-404/92 P X v Commission [1994] ECR I-4737, paragraph 18).
81. In those circumstances, the interests involved must be weighed having regard to all the circumstances of the case in order to determine whether a fair balance was struck between those interests.
82. The competent authorities enjoy a wide margin of discretion in that regard. Nevertheless, it is necessary to determine whether the restrictions placed upon intra-Community trade are proportionate in the light of the legitimate objective pursued, namely, in the present case, the protection of fundamental rights.”
For the same reasons this Court must accord Parliament a wide margin of discretion in weighing the competing rights in this case.
I turn now to the six specific points upon which the Claimants rely on this ground of challenge.
First, it is contended that the DEA does not pursue a legitimate aim. It is accepted that the contested provisions do pursue the legitimate aim of the fundamental right to property, but Mr White submitted that the DEA was also enacted for the purpose of enhancing effective judicial protection, and that many of the provisions do not in fact advance that aim.
It is correct that the production and transmission of CIRs is an administrative or regulatory procedure that does not involve judicial supervision in the strict sense, although a subscriber may have a right of appeal in appropriate circumstances. However, persistent infringement will lead to a CIL; and that in turn will enable the copyright owner to apply to the Court to ascertain the identity of the infringer and, in appropriate cases, to bring legal proceedings for breach of copyright against the infringer. Considered as a whole, therefore, the contested provisions of the DEA do promote the aim of judicial protection of copyright, and I see no force in this criticism.
Secondly, in their grounds the Claimants alleged that there was no need for legislation to deal with the identified problem of large scale copyright infringement, and that less restrictive measures were adequate. Much of the Claimants’ original evidence filed in support of the claim was directed towards that allegation. That led to considerable evidence in response from the Defendant. It was explained that the Government’s preferred solution to the problem of unlawful P2P file sharing had been for ISPs and copyright owners to collaborate to produce their own voluntary codes of best practice to reduce its incidence. In the event, no such agreement was forthcoming, despite the encouragement given in the Government’s Creative Britain strategy document.
There were further efforts to reach a voluntary agreement through a MOU. Following consultation the Government favoured a “co-regulatory” response, in which a voluntary agreement reached by industry would be supervised by Ofcom. After further consideration on that proposal, it was found to be impractical. By the time of the publication of the Digital Britain Interim Report in January 2009, the MOU process had ceased, and legislation was inevitable.
By June 2009 the initial legislative proposals had been further developed, with a more central role for Ofcom, and the introduction of reserve powers for more interventionist technical measures, should the initial obligations prove insufficiently effective. Those proposals were fully consulted on, giving ISPs and others the opportunity to submit any evidence or comment in response to the proposals. ISPs’ responses concerning the initial obligations were generally neutral, but revealed concerns about the attribution of costs. BT’s own response to the initial obligations was broadly supportive and did not suggest that the initial obligations would be disproportionate.
The Government concluded that the initial obligations proposal remained the option that the Government would pursue through legislation, with a reserve power to introduce technical measures in the event that they should prove to be necessary and proportionate. Ofcom would be required to evaluate and make recommendations on what measures might be appropriate, effective and proportionate if and when it was deemed necessary to introduce an obligation on technical measures. The DEA, when enacted, offered the industry an opportunity to draft an Initial Obligations Code to be approved by Ofcom under Section 124C. No such industry agreed code has been forthcoming and, by default, Ofcom must act.
The Claimants’ argument under this heading has now narrowed to one point, namely, that Parliament enacted the contested provisions in the mistaken belief that the existing civil procedures did not allow copyright owners to target “repeat” offenders. Mr White referred, for example, to the Explanatory Notes to the Bill, and to the impact assessment, to show that Parliament must have been labouring under such a misapprehension. In fact Mr White was able to show a form of Norwich Pharmacal order, settled by BT, that was specifically designed to enable copyright owners to identify, and target, such repeat infringers.
It seems to me that the Claimants have here somewhat lost sight of what they need to show in order to succeed on the proportionality challenge, namely, that there was a clearly less intrusive but equally effective means of resolving the relevant problem. Currently, copyright owners, armed with evidence of infringement and IP addresses, must go to Court in order to ascertain precisely who has infringed and to what extent. Having obtained that information, the copyright owner may decide which infringers, if any, to pursue in legal proceedings. It is at that point that the infringer, if pursued, will be confronted with a legal claim, with the anxiety, uncertainty and expense that ensue.
Under the DEA, on the other hand, the copyright owner will routinely and systematically receive CILs that, in practically every case, will accurately identify the subscriber/infringer and the extent of copyright infringement. Without going near court, the copyright owner can decide which infringers, if any, to pursue in legal proceedings, in which the first step would then be to establish the identities of targeted infringers through Norwich Pharmacal orders. Furthermore, if substantive proceedings are then brought, the infringer can hardly be caught unawares, for ex hypothesi he or she will already have received prior warning(s) through receipt of the CIRs earlier sent on by the ISP. Indeed, many potential targets of legal action under current procedures may well have ceased infringing before they find themselves on a CIL at all, a much less stressful and costly outcome for them. Thus, from the point of view of both copyright owner and subscriber, the DEA represents a more efficient, focussed and fair system than the current arrangements. To the extent that CIRs received from ISPs dissuade subscribers from continuing to act unlawfully and so obviate the need for legal proceedings, there will also be cost savings for the administration of civil justice.
Whatever, therefore, may have been believed about the efficacy of Norwich Pharmacal orders in identifying repeat infringers, the fact remains that as an objective matter the contested provisions are not shown to be disproportionate.
The third point, which has two aspects, is an alleged lack of appropriateness of the contested provisions. Relying upon BPI data, Mr White was able to show that less than 40 per cent (in fact, about 37 per cent) of online copyright infringement was due to P2P file sharing, the form of infringement against which the measures in the DEA are targeted. However, that does not, in my view, tend to undermine the appropriateness of the contested provisions: P2P file sharing appears to account for the largest single element of online copyright infringement, and the percentage of the total, 37 per cent, is still very substantial. A very significant reduction in that form of infringement would make a valuable contribution to reducing the overall level of infringement.
The second aspect is that a determined infringer has in any event several means of avoiding detection, and that for that reason the contested measures will have little, if any, impact on reducing P2P file sharing.
It is not disputed that technical means of avoiding detection are available, for those knowledgeable and skilful enough to employ them. However, the central difficulty of this argument is that it rests upon assumptions about human behaviour. Experts can seek to establish a profile of those who engage in P2P file sharing, and their various reasons for doing so, and may then attempt to predict how these users may be likely to respond if confronted with the kind of regime that the DEA enacts. In theory, some may cease or substantially curtail their unlawful activities, substituting or not, for example, lawful downloading of music; others may simply seek other means to continue their unlawful activities, using whatever technical means are open. The final outcome is uncertain because it is notoriously difficult accurately to predict human behaviour. Professors Mansell and Steinmueller, expert economists engaged by the Claimants, say:
“The results of studies of intentions, behavioural range, deviant behaviour, the effects of deterrents, and cognitive perceptions of moral behaviour online, are ambiguous at best.” First Report, at paragraph 2.3. See also paragraph 2.12: “Overall, studies from several disciplines indicate that it is unclear what effects that various types of prosecution, threats of prosecution and other sanctions are likely to have.”
The DEA proceeds on the premise, first, that a significant number of infringers do not at the moment fully appreciate that what they are doing seriously infringes the legal and moral rights of others and that, although individual behaviour of this kind may seem trivial and excusable, the general effect may well be very damaging to the creative industries, a notorious example of what is sometimes called the tyranny of small decisions that have ruinous economic consequences. A central purpose of the contested measures is educational: through systematic CIRs the recipient will be better informed about the nature of his conduct and of the likely consequences for others, and he may be disposed to cease, or at least to modify, such conduct. He may be persuaded to do so, even if it is contrary to his immediate interests: the days when it was assumed that consumers act only out of the pursuit of economic self interest, and do not, quite rationally, respond to moral, altruistic or longer term considerations, are long gone. Furthermore, insofar as the contested provisions improve the efficiency and effectiveness of copyright protection (see above), the risks attached to persistent infringing are raised: even if the selfish, determined infringer were minded to seek to evade detection, he might not be sure that technical means existed or were being developed to thwart him, and he might fear that, if he was detected, the new arrangements would be more likely to expose him to painful enforcement measures. Although it is difficult to predict the effect of measures such as those contemplated by the DEA, there are reasons for believing that such measures may well have positive effect.
In these circumstances, and bearing in mind my role on this part of the case, I am not able to conclude that insofar as Parliament proceeded on the basis that the contested provisions would be likely to have a significant effect in reducing unlawful P2P file sharing, it proceeded on an obviously flawed assumption, so as to cast doubt upon the lawful proportionality of those provisions.
The fourth point is the alleged “chilling” effect of the contested provisions. Such an effect potentially arises because the subscriber is not necessarily the copyright infringer but it is the subscriber who will be the subject of any CIR or CIL. It is easy to understand that, for example, a library with a wi-fi hot spot or internet café would wish to avert the risk of receiving such reports, of being the possible target of legal proceedings and of having to show that it took reasonable steps to prevent any infringement (as required by the DEA). Some public intermediaries and businesses provide “open” wi-fi to their customers. Parents may also be worried about their children’s use of the home computer. The Claimants’ economic experts explain how those exposed to such liabilities, and who are understandably risk averse, may take prophylactic measures that in fact go significantly beyond what is necessary to protect them from legal liability and so unnecessarily curtail the rights and freedoms of others.
The Interveners strongly support this argument and express real concern about the potential for the DEA to stifle, without good cause, access to the internet.
The Interveners draw attention to the report “Internet Access 2010” of the Office of National Statistics that reveals that 73 per cent of households in the UK now have internet access and that 30.1 million adults used the internet every day or nearly every day in the 12 months under review. Some 17.4 million adults used the internet to watch television or listen to the radio, while 31 million people bought or ordered goods or services online. The rapid growth in demand for internet services is illustrated by the fact that since 2006 an extra 5 million households now have internet access. Some 90 per cent of individuals with internet access had used it to send/receive email, 54 per cent had used the internet for online banking, 39 per cent used it to seek health-related information, 35 per cent used it for the purpose of learning, and 26 per cent used the internet to look for a job, or to send a job application. Internet access is also part of official Government policy concerning “digital inclusion”, where increasing internet access in disadvantaged communities is seen as an important part of combating social and economic exclusion.
One particular concern of the Interveners was that a subscriber could find himself the subject of a CIR and/or on a CIL, even if he was not the infringer, unless he could show that he took “reasonable measures” to prevent it (see section 124K (6) DEA). Such a burden would tend to discourage subscribers from allowing others (for example, in the same household) from gaining access to the computer or the internet. However, the counter argument is that this is not an unreasonable burden to place on subscribers if it promotes more effective copyright protection. Furthermore, inclusion on a CIL is intended to identify the subscriber whose internet service has been used to infringe copyright; even if a subscriber has been properly included on a CIL (because he failed to take reasonable precautions), that is not sufficient to establish legal liability for infringement. The copyright owner, having established the subscriber’s identity following a CIL and a Norwich Pharmacal order, would have the burden of showing, in any subsequent civil action, that the subscriber had “authorised” the infringement (which is a relatively high test on current authority: see paragraph 102 above). In addition, under present arrangements, a subscriber is exposed to the risk of a copyright owner obtaining a Norwich Pharmacal order to establish his identity, even if the subscriber has not committed the infringement and even if he took reasonable steps to prevent the infringement. The current procedures are indiscriminate, costly and inefficient, and they include within their scope, unlike the putative CIL, the careful subscriber who has taken reasonable precautions. In so far as copyright owners pursue the procedures under the DEA (as is likely to be the case), the careful subscriber will be relieved of the anxiety and cost of involvement in applications for Norwich Pharmacal orders and in subsequent infringement proceedings.
A second concern of the Interveners was that certain public intermediaries might be classed as qualifying ISPs. However, it appears likely that the Code will apply only to ISPs with more than 400,000 subscribers, so that that concern should be met.
Returning to the more general point, I accept that the “chilling effect” is now a well documented phenomenon, and I acknowledge that the concerns of the Interveners are genuine and that there is in the present context a risk of some chilling effect. The difficulty again is to assess, at this stage, the likely magnitude of such an effect. I must bear in mind that the measures are not yet even operative, and no experience has been accumulated of their effects in practice. It is also expected that the Code will deal explicitly with the position of such subscribers as libraries and internet cafés so that the regulation works fairly and reasonably. Furthermore, the regulatory regime can seek to respond to particular difficulties that have arisen of the kind foreshadowed by the Interveners’ evidence and submission. Although, therefore, I do not dismiss this point as insubstantial, it seems to me premature to conclude that any chilling effect that might arise as a result of the contested measures is likely to be such that the social costs of such measures so plainly exceeds the likely benefits (in terms of enhanced copyright protection) that they are disproportionate.
The fifth point is drawn from Directive 2004/48/EC of 28 April 2004 on the enforcement of intellectual property rights, OJ [2004] L No 157 (“the IPRE Directive”) and the opinion of the EDPS. Mr White seeks to extract from these documents that the only proportionate way to proceed is by stages; namely, first to see whether existing judicial procedures are satisfactory; then to target large, commercial scale infringers, and finally, if all else fails, to introduce something like the DEA. I agree that this may be one way of proceeding, but the relevant question is whether it is the only lawful and proportionate way of proceeding. Parliament has proceeded on the basis that existing procedures are inadequate and that legislative measures must be specifically directed to, first, educating and, second, inhibiting unlawful copyright infringement at the level where it is occurring, namely, through a huge number of individual decisions. For the reasons already given, I find nothing disproportionate in that position.
The sixth point relates to the impact assessment that was made by the Government to show the likely benefits and costs that could be expected to flow from the proposed legislation. A very substantial part of the expert economic evidence was directed at this impact assessment. The Claimants produced no less than four expert reports, running to 220 pages; the Interested Parties were content, modestly by comparison, with one expert who confined himself to 28 pages (unless the evidence of Professor Geoffron is also treated as expert evidence): in total almost 250 pages. I was concerned about this volume of material, adding to the eleven files of other evidential material, not to mention the five bulky files of authorities. Perhaps I might be permitted to make some general observations about this expert evidence, in the hope (perhaps forlorn) that judges in the Administrative Court might not in future be confronted to the same extent with expert evidence in this kind of judicial review.
In my view, it is essential not to lose sight of what ultimately a claimant needs to show, namely, that the impugned legislative measure is not proportionate, in other words, that the legislator unlawfully failed to balance the relevant interests at stake, bearing in mind that, for the reasons already given, the court in this type of case, involving economic interests and/or the weighing of competing rights, is very likely to accord the legislator a wide area of discretionary judgment.
The impact assessment cannot be dismissed as irrelevant to the proportionality assessment. In Sinclair Collis Limited v Secretary of State for Health [2010] EWHC 3112 (Admin), an attack was made on an impact assessment that supported a legislative ban on the sale of tobacco from automatic vending machines. Sir Anthony May, President of the Queen’s Bench Division, in rejecting the argument that the impact assessment was irrelevant, added:
“On the other hand, I do understand an argument that a decision to legislate may be proportionate even though cost/benefit analysis produces a negative money balance; or a variant of that, that a decision to legislate may be proportionate provided that the legislator identifies and takes account of the important detriments and their broad measure. This would be so perhaps where any money calculation is necessarily imprecise.” [58], emphasis added
I would, with very great respect, only venture to add to the President’s statement that, depending on the context, the legislator should also identify and take account of the important benefits and their broad measure, and possibly the broad measure of alternative arrangements that might achieve the desired legislative objective. I would suggest that this would be the correct approach also in a case where it is inherently difficult to predict precisely what might occur and the quantification of benefits and costs necessarily turns on rational assumptions made by the legislator.
It will not, therefore, be sufficient to show, through expert economic evidence, that there are arguable errors in the impact assessment. Drawing on three decades’ experience in competition cases, I would say that it would be surprising if a skilled economist, who not infrequently comes close to donning the robe of a further advocate in these cases, was unable to put forward a case that such errors had been made. It is, therefore, important for parties to appreciate the limitations of such evidence and not to lose sight of what is required to mount a successful challenge to the proportionality of primary legislation.
With these general observations in mind, I now turn to the specific criticisms of the impact assessment. At the hearing Mr White, to his great credit, chose to focus on four main points.
First, a dominant theme of the Claimants’ expert economic evidence was that the impact assessment missed a whole dimension of social welfare. It was argued that the assessment should have sought to evaluate “the welfare impact of improved incentives for the creation of audio-visual content and the welfare costs of limiting access to content through file sharing” (see paragraph 70 of the Report of Dr Koboldt). On this view it was insufficient to evaluate the increased revenues, if any, that would accrue to rights holders by reason of the enhanced protection of copyright as a result of the contested provisions. It was also necessary to assess, in quantitative terms, the extent to which the prospect of such increased revenues would lead to the production of a greater quantity of audio-visual content than would otherwise be produced. It was also necessary to set off against that marginal increase in the quantity of audio-visual content made available to consumers the welfare loss of those consumers who, no longer enjoying the copyright material free of charge, but illegally, would be “priced out” of paying for it and would so be deprived of it, or enjoy it to a lesser degree.
The problem with this argument, it seems to me, is that Parliament, through current copyright legislation, has already struck a balance between, on the one hand, the aim of providing incentives to actual and potential creators of audio-visual material, and, on the other, the potential welfare loss to those consumers who would, in the absence of copyright protection, enjoy such material either free of charge or at substantially reduced prices but who, as a result of copyright restrictions, are either deprived of the material or are required to pay higher prices for it. Existing copyright legislation may strike that balance in a way that is controversial or open to criticism. However, in my view, Parliament, when considering measures such as the contested provisions, which could be expected to enhance copyright protection, is entitled to proceed on the basis that existing copyright law does strike a fair balance between the interests referred to. In the context of such measures, Parliament does not have to re-calculate that balance. Indeed, there would seem to be serious practical and political difficulties with any such re-calculation. How precisely would the marginal increase in putative productivity arising from enhanced protection resulting from proposed measures be reliably calculated? What would be the political response if Government were seen to be counting as a genuine “welfare loss” the fact that some of those behaving unlawfully would, as a result of the proposals, no longer enjoy the fruits of their unlawful behaviour? Copyright owners would no doubt say, with some justification, that such an approach was inconsistent with existing copyright legislation, and implied that some other legislation might more efficiently promote the objectives of copyright law.
I do not conclude that the approach advocated by the Claimants’ experts (which the Interested Parties’ expert, Professor Liebowitz, contested) was not one that could not in any circumstances lawfully have been employed. However, in my judgment, there were good reasons why the impact assessment did not follow that approach and therefore did not take into account the particular balance of social welfare that such an approach would have entailed. It is perhaps also worth noting that in any event such an approach would be exclusively economic, based on the concept that copyright is no more than a response to market failure; without it, the expression of ideas and information, creativity and innovation would be available to all, without reward for those who invented in the creation and dissemination of the works produced. However, it appears that copyright, even in the Anglo-American world, now also protects the creative individual’s personality or “moral rights”, leading, for example, to a longer term of protection than a strict economic analysis might be able to justify for the fulfillment of the economic goal. That element of personality right, and its enhanced protection through the contested provisions, could not be captured in a purely economic model of social welfare.
The second criticism is that the impact assessment assumed an annual figure of “displaced” sales in the music industry of about £400 million due to unlawful P2P file sharing, whereas that figure includes all displaced sales whether by P2P file sharing or other unlawful methods. Likewise, the contested provisions are targeted at unlawful P2P file sharing, and, in calculating the extent to which the contested provisions would improve sales, it must be remembered that P2P is not the only means of gaining access to copyright music material. However, on a proportionality challenge the key issue is not whether the numbers in the impact assessment were correct, but whether there was evidence tending to show that unlawful P2P file sharing was substantially displacing lawful sales of music (and other audio-visual content) that would otherwise have been made.
According to the evidence filed in this claim of Rachel Clark, Deputy Director for Communications and Content Industries within the Information Economy Directorate at BIS, there was such evidence before the Government and Parliament. She said this:
“10. The content industries argue strongly that unlawful file sharing has had a damaging effect on sales in recent years, which significantly outweighs any of the spillover effects. There is a lack of consensus in the literature from academic and industry sources about what sort and how great an effect file sharing has on the creative industries, and whether there are other reasons to explain declining sales in recent years. That said, most studies agree that unlawful file sharing does play a role in the decline of sales. Estimates for the scale of the sales displacement effect – i.e. revenue lost by industry because the content was accessed for free, through file sharing – tend to be in the range of between zero and 20%.
Studies on the effect of unlawful P2P downloading on industry revenues
Sales displacement effect (as % of total revenues
Industry
Country
Method
Oberholzer-Gee & Strumpf (2007), Journal of Political Economy
0%
Music
US
Actual downloads data
IPSOS (2007)
2%
Film and television
UK
Survey data
Zentner (2008), Journal of Law and Economics
8%
Music
7 European countries, including the UK
Survey data
Rob & Waldfogel (2006), Journal of Law and Economics
9%
Music
US
Survey data
Hennig-Thurau, Henning & Sattler (2007), Journal of Marketing
9%
Film
Germany
Downloads proxies data
Jupiter Research (2007)
17%
Music
UK
Survey data
Peltz & Waelbroeck (2004), mimeo
20%
Music
16 countries, including the UK
Downloads proxies data
...
12. Unlawful P2P file sharing is of concern in its own right because it is unlawful. It also creates a problem of industry revenue loss creating a disincentive to invest in artists and content production as investors cannot fully appropriate the returns on their investment. That this may already be happening may be suggested by findings from the IFPI Digital Music Report 2010, which reported that the number of local repertoire releases in France dropped from 271 in the first half of 2003 to 107 in the same period of 2009. New signings of French artists also fell by 60% from 91 in the first half of 2002 to 35 in the same period in 2009. Reticence in investing in the creative industries in the future would be damaging to the economy and therefore is a significant cause for concern to the Government.
13. The figures most often quoted to illustrate the impact of file sharing on sales are for the film and music industries. The greatest amount of research into the effects of file sharing has been for the music industry, not least because it was the first industry to feel the effects of such online behaviours and, in terms of overall numbers, it represents the biggest area of P2P activity. IPSOS estimates a sales displacement effect of £185 million for the film and television industry in 2009. Jupiter Research estimated a sales displacement effect of £180 million for the music industry in 2008. We have not been able to assess fully the reliability of the methodology used in calculating these figures – not least because there is not a wide selection of work from which to draw comparative information and against which to benchmark the industry figures. However, we understand that the methodology used to generate those figures did acknowledge and take account of the fact that there would not be a direct transfer from unlawful downloads to legitimate purchases i.e. there would be some people who, if stopped from unlawfully downloading, would simply choose not to consume the content, rather than purchasing it legally, or who would have consumed it lawfully but in a way that would not have generated marginal revenue. Therefore, we are sufficiently persuaded that these figures are an appropriate contribution to the evidence base for the provisions of the DEA.
14. At all times during the DEA process and through the consultation periods before that, BIS has been scrupulous in making clear that the Government’s estimates of the loss to unlawful file sharing and potential benefits of the DEA obligations have been based on figures provided by the creative industries. The Government was not in a position either to conduct its own research – which would in any case have relied upon the cooperation of rights holders in providing information or to audit industry repots which were regarded as confidential. There has been a limited amount of research in this area, therefore the evaluation of data sources in existence is challenging because of the absence of comparative data.
15. BIS also consistently sought additional evidence through consultations on the extent of the impact of unlawful file share. Although the Claimants critique the Government’s use of industry figures in the assessment of costs and benefits of the provisions, it should be noted that ISPs have consistently declined to make available an alternative estimate for the cost of unlawful file sharing. However, those ISPs with significant content interests have not demurred at the estimates provided in their responses to Government consultations.”
In my view, this is a complete answer to the second point, so far as a proportionality challenge is concerned. It is also consistent with the evidence of one of the Claimants’ expert economists, Dr Koboldt who says:
“125. In summary, whilst I would share both Professor Liebowitz’s view that the majority of studies find that file sharing has a negative impact on the sales of recorded music and his reservations about some of the studies that find no (or a positive) impact, I would strongly object to his interpretation of the extant literature as providing strong support for the claim that file sharing is responsible for the entire decline in sales. I can see little support for the consensus view portrayed by Professor Liebowitz, and would rather take the position that Professor Leibowitz adopted in 2008 when he noted that “most recent research … has found that the impact of file sharing is negative although the methodology used in these papers generally makes it difficult to determine clear estimates of the position of the recent decline in sound recording sales that might be caused by file-sharing”.”
The third point of criticism is that the impact assessment, in quantifying benefit, assumed that 70 per cent of infringers would stop file sharing once and for all upon receiving a single notification from their ISP. This figure was based on the Digital Entertainment Survey 2008. That Survey asked respondents who admitted to unlawful file sharing whether they would stop if they received a communication from their ISP. In 2008 70 per cent of respondents agreed that a communication would be effective to stop them file sharing. In 2009 the figure was down to 33 per cent. The Survey said that the drop appeared to be explained by the fact that respondents in 2009 were asked to consider the possibility of a communication containing no specific threat. The figure of 70 per cent could be explained only on the basis that in 2008 respondents believed that the communication was a prelude to further action.
Dr Koboldt was extremely critical of the 70 per cent figure. He said that
“even without knowledge of the subsequent edition of the Digital Entertainment Survey, the claim that 70 per cent of those who engage in illegal downloading would stop completely and forever as a result of receiving a notification from their ISP is straining credulity. I would like to think that such an assumption – which is crucial for the entire analysis – should have been considered very carefully, and should have been subject to some sense checks.” (paragraph 152)
Again, in the context of a proportionality challenge, the relevant issue is not whether the figure of 70 per cent in the impact assessment was robust, but whether Parliament was entitled to proceed on the basis that a carefully worded letter from the subscriber’s ISP, drawing the subscriber’s attention to the fact that the unlawful file sharing had been detected, and that persistent infringement could lead to unpleasant legal sanctions, would have a strong and immediate impact on unlawful P2P file sharing. Of course, for the reasons already given, it is difficult to predict human behaviour and the likely response to CIRs under the contested provisions. However, I see nothing unreasonable or lacking in common sense if Parliament proceeded on the basis that I have mentioned.
The fourth point of criticism is that the impact assessment translates a 70 per cent reduction in the number of file sharing infringers into a 55 per cent reduction in infringement. Some such calculation needed to be made, for one infringer may be responsible for a greater level of unlawful P2P file sharing than another. The impact assessment was in one sense conservative for it did not assume that the 70 per cent of infringers who would be deterred by a CIR accounted for 70 per cent of infringing activity: those who would be deterred on average accounted for a lesser degree of such activity. Professor Liebowitz, for the Interested Parties, thought that the relationship between infringer and infringement was not unreasonable. Dr Koboldt was not convinced:
“There is some plausibility to the underlying logic – those who download the most are more reluctant to stop or, conversely, those who stop are likely to download less than the average but there is at the same time some uncertainty about the magnitude of this effect, not least because the Impact Assessment fails to distinguish between different forms of infringement and not consider the different ways in which P2P file sharers might respond to particular enforcement measures. For example, there is nothing in the Impact Assessment that would suggest that attention has been paid to the options available for file sharers to avoid detection by using public wi-fi networks, e.g. in libraries or coffee shops (which appear to have been completely ignored in the Impact Assessment) or to download from non-P2P sources (e.g. cyberlockers), even though non-P2P file sharing had been registered as a problem by the industry.” (paragraph 146)
It is notable that Dr Koboldt wisely does not offer his own estimate of the extent to which the level of infringement could be expected to be curtailed if the 70 per cent assumption was sound, or point to any reliable industry or academic research on such a calculation. That is not surprising for it would appear difficult, first, to draw up comparative “profiles” of different classes of infringers and, secondly, to draw reliable inferences about how each different class would be likely to respond to a notification such as a CIR. Again, the relevant question is not whether the figure of 55 per cent is accurate. The background to the enactment of the DEA shows that there was an awareness of the difference between numbers of infringers and volume of infringement, and that it could not simply be assumed that curtailing a certain number of infringers would necessarily reduce infringement by a corresponding amount. The impact assessment assumed that the reduction in infringement would be less than the reduction in infringers. Nonetheless, even allowing for that lack of symmetry, Parliament proceeded on the basis that as a result of the contested measures both the number of infringers and the volume of infringement would be substantially reduced, to the very considerable benefit of copyright owners. That, in my view, was a rational and justifiable assumption and sufficient for the purpose of lawful assessment of proportionality.
The Claimants also took issue with the alleged failure of the impact assessment to take account of certain costs that were omitted. For example, the Claimants contend that the contested provisions will lead subscribers to upgrade home and business networks, and that the cost of doing so is not included. However, it is difficult to assess the extent to which the initial obligations code will in practice lead to upgrading, and so occasion additional costs. Furthermore, unsecure networks are exposed to risks at present, including the risk of action resulting from unlawful activity, and any upgrading would produce countervailing benefits, again very difficult to quantify. As to, for example, open wi-fi networks, the Code will need to take account of such needs and ensure that the impact on them is fair and proportionate. The incidence of “distress” to those who might receive CIRs in error, or of distress to those whose unlawful use of the internet has been brought to the attention of the subscriber (even if a legitimate source of grievance), is again difficult to predict and to measure quantitatively.
At the hearing Mr White focussed in particular on the costs of the appeal process which were not included in the impact assessment. It would have been difficult at the time of the impact assessment to quantify those costs, and, according to the Defendant’s evidence, work is continuing on establishing the final costs of the appeal process. Ofcom will be consulting on the tariff in connection with the Costs Order, which allocates the costs of appeal between the ISP and the copyright owner. Again, according to the Defendant’s evidence, it is not expected that the appeals process would be unduly complex or expensive. Mr White also criticised the failure to take account of, and to quantify, the costs that copyright holders would incur in bringing actions against infringers. However, he accepted that such an analysis would have to be carried out on a marginal basis. Again, it seems to me very difficult to seek to assess in any impact assessment how many more infringement actions would ultimately be brought under the contested provisions than would be pursued under present arrangements, and to quantify the marginal net economic cost of such actions, bearing in mind, first, that a principal aim of the measures is educational (so obviating legal action) and, secondly, legal action under the contested provisions can reasonably be expected to be more efficient and effective.
Dr Koboldt in his report also stated that the impact assessment should have been subject to “sensitivity analysis”, that is, a range of possibilities should have been quantified to show how an estimate of net benefit (or loss) would vary with a change in certain assumptions. That is certainly something that could have been done. However, as explained at earlier points in this discussion, the Government did expressly recognise that a range of outcomes was possible (for example, in respect of the key variable, the extent of “displaced revenues”). The reader of the impact assessment would appreciate that the quantification of benefits and costs would be different on a different set of assumptions. Even if the impact assessment had sought to attach numerical values to a range of outcomes, it is not immediately obvious that any informed person trying to interpret the impact assessment would be greatly assisted by such further quantification, and, in my view, the omission of such further quantification does not undermine the proportionality of the contested measures.
In summary, it may be the case that certain further costs could have been included in the impact assessment. However, as stated, some of the alleged costs were very difficult to quantify and would have involved little more than guesswork, and some involved questionable items. Looking at the matter in the round, I cannot conclude from the evidence as a whole that the scale of the likely costs that would arise from the contested provisions, bearing in mind that technical measures are not in immediate contemplation, would render disproportionate legislation aimed at substantially strengthening the protection of copyright material against unlawful P2P file sharing.
For these reasons, I reject the proportionality challenge.
I raised with the parties the possibility of a reference to the European Court of Justice. Mr Eadie strongly opposed such a reference; Mr White argued that a reference would be appropriate. I have come to the conclusion that the questions of European Union law raised by this judicial review admit of clear answers, and I do not believe that any useful purpose would be served by my making a reference.
In the event, the Claimants succeed only in respect of the claim relating to Article 12 AD (“administrative charges”). They are entitled to appropriate relief on that claim. Formally, I grant permission in respect of the new ground under the AD (ground 5 of the amended claim), but, save for the claim referred to, I dismiss all other claims in this judicial review.