Data Privacy Knowledge

Germany seeks to limit liability for Internet connections

Stepson had downloaded illegal music files from the Internet

by R. Olschewski

In a ruling on the costs of warnings about illegal downloads, the Federal Supreme Court in Germany expressed its views on January 8, 2014 (Case I ZR 169/12) concerning the accountability of a subscriber for an Internet connection.

In the case at hand, the subscriber of an Internet connection was subject to a claim for the costs of written warnings, despite the fact the infringement was attributable to a third party. The stepson – of full age – had downloaded illegal music files from the Internet and also provided them for exchange via the connection. The lower-instance courts had upheld the claim on the grounds of absolute liability and convicted the subscriber.

The Federal Court of Justice argued against that, citing a special relationship of trust based on which the owner of the Internet connection would have believed that no illegal acts would be committed. In the view of the FCJ, there was no obligation to instruct or monitor the user. This applies at least to the extent that the subscriber had no indications that any misuse of the Internet connection was taking place.

This Supreme Court ruling is also relevant for companies, data protection registrars and works councils. Employers are likely to have to trust their employees in a similar manner, namely that no illegal activities are being performed via a business Internet connection which is also available for private use. The argument supporting such trust could be strengthened in particular with a clear in-house usage regulation (Internet policy) or a company agreement on Internet use. Regardless, the Federal Supreme Court also presumes a high degree of personal responsibility of the respective user in its ruling.

Completely prohibiting private use of the Internet by employees would remain the safest regulation with regard to eliminating any risks of employers being held liable for claims due to the misconduct of employees. When regulating corporate Internet use, it is important to take into consideration that this ruling still represents a single decision on an individual case and that other courts are not directly bound by the new ruling.

Therefore, the risk of being warned in the event of abuse cannot be completely excluded. In the meantime, warnings have become a rather significant component of the German federal legal scene, and violations against data protection laws are being addressed by attorney’s letters with ever-growing frequency.

Further information:

  • juris.bundesgerichtshof.de/cgi-bin/rechtsprechung/document.py?Gericht=bgh&Art=pm&Datum=2014&Sort=3&nr=66407&pos=0&anz=5

Similar Blog Posts

Information Needed For Companies for the Whistleblower Directive Information Needed For Companies for the Whistleblower Directive

Initially, the EU Whistleblower Directive was supposed to be effective by December 17, 2021. However, the legislative process failed.

Right of Access by the Data Subject Right of Access by the Data Subject

The right of access, enshrined in Art. 15 of the GDPR, gives data subjects the right to obtain from the controller.

Subject Access Request Automation Subject Access Request Automation

Individuals have the right to access their personal data, commonly referred to as subject access. But can this process be automated?

ALL BLOG POSTS IN THIS CATEGORY

Blog Categories

Questions?