TPM circumvention and website blocking orders: An EU perspective

Blocking application

Website blocking orders in IP cases (mostly, though not solely, in relation to copyright-infringing websites) are routinely granted in several jurisdictions, whether in Europe or third countries. The availability of such relief has been established in case law, administrative frameworks and academic studies alike.

The Court of Justice of the European Union ('CJEU') expressly acknowledged the compatibility of such a remedy with EU law in its 2014 decision in UPC Telekabel. Also the European Court of Human Rights recently found that, although it is necessary that this particular remedy is available within a balanced and carefully drafted legislative framework which contains a robust and articulated set of safeguards against abuse, website blocking orders are not per se contrary to the provision in Article 10 ECHR.

Over time, courts and other authorities (including administrative authorities in certain EU Member States) have dealt with applications which have: been based on different legal grounds; been aimed at protecting different types of rights; and resulted in different types of orders against internet service providers ('ISPs').

An interesting recent development concerns website blocking orders in relation to websites that market and sell devices and software aimed at circumventing technological protection measures (‘TPMs’). TPMs offer rights holders an ancillary right of protection and are deployed to protect against infringement of copyright in works that subsist in multimedia content such as video games. TPMs are a cornerstone in copyright protection in the digital age where large-scale copying and dissemination of copyright-protected content is so prevalent.

So far, in Europe there have been some instances – including in Italy, Spain, and the UK – in which an application based inter alia on the protection against TPM circumvention has been granted.

What is the broader significance of this further evolution of website blocking order jurisprudence? And, more generally: should we expect to see more decisions ordering ISPs to block access to websites providing TPM circumvention devices? As it will be illustrated in what follows, such an evolution of website blocking order jurisprudence is hardly surprising and, yes, we should expect to see more of these orders being granted across Europe.

Intermediary injunctions under EU IP law: rationale, scope and evolution

The reason why intermediaries are involved in the enforcement process by means of injunctions against them – and why this proves particularly helpful in the online context – is explained in Recital 59 in the preamble to the InfoSoc Directive:

In the digital environment, in particular, the services of intermediaries may increasingly be used by third parties for infringing activities. In many cases such intermediaries are best placed to bring such infringing activities to an end. (emphasis added) 

The EU IP framework (Article 8(3) of the InfoSoc Directive and Article 11, third sentence, of the Enforcement Directive) expressly requires Member States to ensure that rightholders are in a position to apply for injunctions against intermediaries under their national laws. This possibility is without prejudice to the provisions of the E-commerce Directive and subsists irrespective of any liability of the intermediary targeted by the injunction. Whilst conditions for and modalities of such injunctions are a matter of national law, competent courts and authorities need to inter alia comply with Article 3 of the Enforcement Directive and general principles of EU law, as well as the provisions of the EU Charter of Fundamental Rights.

Through a number of decisions – notably those in L’Oréal and Others (2011), Scarlet Extended (2011), SABAM (2011), UPC Telekabel (2014), Mc Fadden (2016), Tommy Hilfiger (2016), and Ziggo (2017) – the CJEU has articulated a number of key standards in relation to intermediary injunctions. Among other things, the notion of ‘intermediary’ is both loose and broad: for an economic operator to be considered as ‘intermediary’, it is sufficient that they provide – even among other things – a service capable of being used by one or more other persons in order to infringe one or more IP rights. In addition, as the CJEU clarified in L’Oréal and Others, injunctions may be aimed at repressing existing infringements and also preventing further infringements. This conclusion is also in line with the overall framework established by the E-commerce Directive.

As mentioned, website blocking legislation and jurisprudence have evolved. First, some EU Member States have adopted enforcement models in which administrative authorities are also competent to issue website blocking orders (an example is Italy and its Communication Authority’s Copyright Regulation, which has been applied with overall satisfactory results so far). Secondly, courts and authorities have been issuing increasingly tailored and effective injunctions, characterized by dynamism and the collaboration between rightholders and the relevant ISPs. Thirdly, injunctions have been granted in relation to different IP rights, including copyright and trade marks. Related to the latter point, as mentioned, a further evolution is the one concerning blocking of access to websites offering devices and software that allow for the circumvention of TPMs.

Website blocking in cases concerning TPM circumvention

Article 6 of the InfoSoc Directive mandates upon Member States to “provide adequate legal protection against the circumvention of any effective technological measures, which the person concerned carries out in the knowledge, or with reasonable grounds to know, that he or she is pursuing that objective.” The notion of TPM encompasses “any technology, device or component that, in the normal course of its operation, is designed to prevent or restrict acts, in respect of works or other subject matter, which are not authorised by the rightholder of any copyright or any right related to copyright”. TPMs “shall be deemed “effective” where the use of a protected work or other subject matter is controlled by the rightholders through application of an access control or protection process, such as encryption, scrambling or other transformation of the work or other subject matter or a copy control mechanism, which achieves the protection objective.” Article 6(2) also requires Member States to provide adequate legal protection against the manufacture, import, distribution, sale, rental, advertisement for sale, possession for commercial purposes of circumvention devices and/or software or the provision of services which are promoted, advertised or marketed for the purposes of circumvention:

Member States shall provide adequate legal protection against the manufacture, import, distribution, sale, rental, advertisement for sale or rental, or possession for commercial purposes of devices, products or components or the provision of services which: 

(a) are promoted, advertised or marketed for the purpose of circumvention of, or 

(b) have only a limited commercially significant purpose or use other than to circumvent, or 

(c) are primarily designed, produced, adapted or performed for the purpose of enabling or facilitating the circumvention of, 

any effective technological measures. 

Variety of Kats ... 
variety of website blocking orders

It is thus apparent that the protection offered by this provision is wide-ranging: not only does it encompass the manufacture and distribution of devices, but it does also include, among other things, the advertising thereof and the provision of services (i.e. modding services).

The CJEU has also clarified that the legal protection referred to in Article 6 is broad. This said, it only relates – as Advocate General Szpunar also recalled in his recent VG Bild Kunst Opinion – to the protection of the rightholders against acts which require their authorization.

In the copyright enforcement context, one may wonder whether rightholders are entitled to seek injunctions against intermediaries, not only when the target websites directly engage in the doing of copyright-restricted acts, but also when they provide devices aimed at circumventing TPMs and, thus, allow one to perform acts that copyright does restrict. If so, what could the legal basis for such applications be?

Last year, the High Court of England and Wales (Arnold J (as he then was)) issued a website blocking order against 5 of the main UK retail ISPs to block access to 4 websites advertising, distributing, offering for sale and/or selling devices that allowed TPMs on Nintendo Switch games console to be circumvented. Considering the longstanding UK website blocking jurisprudence, the novel issue in that case was the legal basis actioned by Nintendo, this being (besides trade mark rights) the rights under ss 296 and 296ZD CDPA 1988, that is the provisions through which the UK had transposed Article 6 into its own law. Arnold J noted that the rights conferred by section 296ZD are designed to protect UK copyrights. Eventually, the order sought by the applicant company was granted based on the jurisdiction of the High Court under s37(1) of the Senior Courts Act 1981.

Availability of website blocking orders in TPM circumvention cases in EU Member States

Adopting a broader, European perspective, in a case concerning TPM-circumventing devices, the jurisdiction to grant a website blocking order could be also rooted within the domestic provisions implementing Article 8(3) of the InfoSoc Directive. Article 8(3) of the InfoSoc Directive (as transposed) could be indeed the legal basis for such orders, in that it is apparent (as it was in the English case) that the operators of the target websites use the ISPs’ services “to infringe copyright”. As Arnold J acknowledged, the operators of the websites dealing with such devices were infringing Nintendo’s rights in the UK, including its copyrights.

The circumvention of TPMs results – as it was in the English case – in the unauthorized reproduction and other unlawful uses of copyright content (in that case: videogames, including their artwork, text, and soundtracks). Such a situation appears to fall squarely within the scope of application of both Articles 6 and Article 8(3) of the InfoSoc Directive. As Arnold J found, the TPMs installed by the applicant were aimed at protecting against acts which required its authorization. As such, the making available of devices that allowed for the circumvention thereof entitled such copyright holder to inter alia request an injunction against an intermediary whose services were used to infringe – through such devices – copyrights and other rights.

Conclusion

In light of the foregoing, copyright owners appear entitled to seek injunctions against intermediaries to also block access to websites dealing with TPM-circumventing devices. The legal basis for that can also be, subject to satisfying all the other requirements under EU and national law, the domestic provision implementing Article 8(3) of the InfoSoc Directive.

All in all, it appears likely that we will see more blocking orders in the future, including orders – issued by courts and competent authorities around Europe – targeting websites that provide TPM-circumventing devices. This is an unsurprising and natural evolution of website blocking jurisprudence. It also serves to show the very flexibility of this type of remedy and, matched inter alia with the loose notion of ‘intermediary’, its inherently broad availability. 

[Originally published on The IPKat on 26 November 2020]