Thursday, January 22, 2015

CJEU Reaffirms: Only Accessibility Matters for the Jurisdiction

This morning the CJEU published its long awaited decision in Pez Hejduk C‑441/13. And now a surprise: it is yet another stubborn confirmation of the Pinckney ruling [which was criticized by me here, here and here]. Why stubborn? Not because I disagree. But because no matter how many Advocate Generals would say this is a bad rule, the Court will stick to its own line. More analysis will follow soon, first some flavor of the decision.

Ms Hejduk is a professional photographer of architecture and is the creator of photographic works depicting the buildings of the Austrian architect, Georg W. Reinberg. As part of a conference organised on 16 September 2004 by EnergieAgentur, Mr Reinberg used Ms Hejduk’s photographs in order to illustrate his buildings, which he was authorised to do by Ms Hejduk. Taking the view that her copyright had been infringed by EnergieAgentur, Ms Hejduk brought an action before the Handelsgericht Wien for damages in the sum of EUR 4 050, and for authorisation to publish the judgment at the expense of the defendant. In order to justify the selection of that jurisdiction, Ms Hejduk relies on Article 5(3) of Regulation No 44/2001. EnergieAgentur raised an objection that the Handelsgericht Wien lacked international and local jurisdiction, claiming that its website is not directed at Austria and that the mere fact that a website may be accessed from Austria is insufficient to confer jurisdiction on that court.

The CJEU first [paras 23-26] examines "the place of act giving rise to the damage" (Handlungsort). It comes to the Wintersteiger-like conclusion that 

25      In a case such as that in the main proceedings, the acts or omissions liable to constitute such an infringement may be localised only at the place where EnergieAgentur has its seat, since that is where the company took and carried out the decision to place photographs online on a particular website. It is undisputed that that seat is not in the Member State from which the present reference is made.

26      It follows that in circumstances such as those at issue in the main proceedings, the causal event took place at the seat of that company and therefore does not attribute jurisdiction to the court seised.
In the second step, the court looks [paras 27-37] into "the place where the damage occurred" (Erfolgsort). Here the court explicitly clears any doubts about the fact that it stands firmly behind its Pinckney ruling.

32      It is clear from the Court’s case-law that, unlike Article 15(1)(c) of Regulation No 44/2001, which was interpreted in the judgment in Pammer and Hotel Alpenhof (C‑585/08 and C‑144/09, EU:C:2010:740), Article 5(3) does not require, in particular, that the activity concerned be ‘directed to’ the Member State in which the court seised is situated (see judgment in Pinckney, EU:C:2013:635, paragraph 42).
33      Therefore, for the purposes of determining the place where the damage occurred with a view to attributing jurisdiction on the basis of Article 5(3) of Regulation No 44/2001, it is irrelevant that the website at issue in the main proceedings is not directed at the Member State in which the court seised is situated.

34      In circumstances such as those at issue in the main proceedings, it must thus be held that the occurrence of damage and/or the likelihood of its occurrence arise from the accessibility in the Member State of the referring court, via the website of EnergieAgentur, of the photographs to which the rights relied on by Ms Hejduk pertain.

35      The issue of the extent of the damage alleged by Ms Hejduk is part of the examination of the substance of the claim and is not relevant to the stage in which jurisdiction is verified.

36      However, given that the protection of copyright and rights related to copyright granted by the Member State of the court seised is limited to the territory of that Member State, a court seised on the basis of the place where the alleged damage occurred has jurisdiction only to rule on the damage caused within that Member State (see, to that effect, judgment in Pinckney, EU:C:2013:635, paragraph 45).
In other words, the ruling confirms the accessibility part of the earlier Pinckney ruling. In very clear words. Together with Coty Prestige C-360/12, this amounts to full confirmation of both contentious Pinckney issues.

Saturday, November 1, 2014

What Does BestWater Decision Mean For Future of Embedding?

I guess most of you already heard the news that CJEU recently in BestWater C-348/13 allegedly discharged embedding from copyright consent. Some media already started celebrating "this landmark ruling" and some attorneys commenting on consequences with confidence (e.g. here at FAZ). I would personally still wait with any "embedding-is-free-parties".

CJEU decided BestWater in a form of an order, which means that it considered its own case-law crystal clear. The order is basically repeating Svensson arguments, and explaining some of it rationale also for embedding: new public is a must (§ 15), freely accessible content does not reach any new public (§ 16) and any user confusion about the source of the content does not matter (§ 17) - or at least, is not a copyright business. The most important paragraph is § 18, where the court summarizes its position as follows:
German version: Denn sofern und soweit dieses Werk auf der Webseite, auf die der Internetlink verweist, frei zugänglich ist, ist davon auszugehen, dass die Inhaber des Urheberrechts, als sie die Wiedergabe erlaubt haben, an alle Internetnutzer als Publikum gedacht haben.
My free English translation: As long as a work is freely accessible on the website to which the [embed] link refers, it must be assumed that the copyright right holder allowed the communication and considered all the Internet users as a public.
The Court thus creates an assumption, for the purposes of linking, that freely accessible content is also coming from a legal source. If this is a restatement of confusing Svensson language, its a great move, which solves many problems. It also means that CJEU is listening to the critique, though in his own way. Very soon BGH will most likely confirm this, given that it was reported that BestWater is a case about the unauthorized source.

So why am I not cracking a party?

I already mentioned this couple of times [here, here]. In Svensson, CJEU told us that a national court can not extend the exclusive right of communication to the public in its national law, because this would create "legislative differences and thus, for third parties, legal uncertainty". This is nothing extraordinary given that it is long clear to everybody that this is an autonomous concept of the Union law. The problem, however, is that because the Union law harmonizes only some exclusive rights, the national court can still create some additional rights as unnamed non-harmonized rights. But even these rights are subject to some Union law, namely primary law of four fundamental freedoms of internal market. For non-Europeans, this means that CJEU could restrict the Member States even on their ability to legislate further rights, despite the fact that they are not harmonized. So it could also foreclose the possibility of the Member States to prohibit linking beyond the Svensson and BestWater.

This is not a merely theoretical problem. The Czech Supreme Court seemed to suggest (in its pre-Svensson decision) that even if embedding would be no infringement upon the right to communication to the public, it can constitute an interference with a local non-harmonized unnamed right of a copyright holder. Even the German Federal Supreme Court in BestWater referral explicitly stated that embedding videos may be a yet “unnamed right of exploitation” within the scope of Art. 15(2) German Copyright Act.

Before Svensson was handed down, I lamented on Kluwer Copyright Blog that "if the CJEU will take any of these two positions [ALAI or Copyright Society] or some middle position, things might just get worse anyway, as a CJEU ruling won’t preempt national courts from adopting  “unnamed rights” and further fragmenting the landscape of exclusive rights in the EU". Now, I see a possibility of a light at the end of the tunnel. It all depends on how you read the second answer of Svensson.
If Svensson means that
  • the communication to the public is merely an autonomous concept of the Union law, then the Member States are pretty much free to impose their own restrictions on embedding, whether by unfair competition or copyright laws; 
  • if however, it means that the non-exhaustive list of exploitation rights is restricted by the primary law to such an extend that, at least in field of the communication of works to the public, no further rights could be adopted nationally, then the Member States could not provide additional rights.
The latter is nevertheless no easy sell given the limited arguments the CJEU gave. In any case, the BGH will soon tell us what he thinks of this.

Update 23/12/2014

An observant reader noted that:
Another possible translation, in my opinion, is: As long as the work is freely available on the website to which the link refers to, it must be considered that, when the rightholders have authorised THIS communication, the public taken into account consists of all internet users.’ If that translation is adopted, the Court doesn't really say anything about the status of unauthorised content. It simply reiterates what was already clear from Svensson, that is, that one can link (and embed) from an authorised source. That's why the judgement was handed down through an Order.
When I double-checked against the French version ..
"En effet, dès lors que et tant que cette œuvre est librement disponible sur le site vers lequel pointe le lien Internet, il doit être considéré que, lorsque les titulaires du droit d’auteur ont autorisé cette communication, ceux-ci ont pris en compte l’ensemble des internautes comme public."
.. the translation does really read rather differently (thanks Miquel):
"Indeed, from the moment and inasmuch this work is freely available on the site towards which the link points to, it must be considered that, when the right owners have authorized this communication, they have taken into account the whole of the internet users as public"
In other words, as pointed out by the reader, the CJEU is really just restating its problematic Svensson rule. Nothing else.

Tuesday, October 28, 2014

CJEU is Asked: Are Dynamic IP Addresses Personal Data?

BGH just issued a press release informing that it filed a preliminary reference to the CJEU. The question is whether dynamic IP addresses constitute a personal data according to Art. 2 (a) Data Protection Directive. The case arose between an individual who is suing the Federal Republic of Germany for an injunction against the storage of its information.

  • The first question is basically if an IP address, which is stored by a service provider in context of accessing a website, constitutes a personal data despite the fact that only a third party with its additional knowledge can identify said person.
  • By the second question, BGH is trying to see if Art. 15(1) of the Telemedia Act is compliant with the Data Protection Directive, especially its Art. 7. This provision reads as follows:
Art. 15(1) TMG: The service provider may collect and use the personal data of a recipient of a service only to the extent necessary to enable and invoice the use of telemedia (data on usage).
Article 2 (a) defines 'personal data' as "any information relating to an identified or identifiable natural person ('data subject'); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;"

Monday, October 13, 2014

Munich Court Asks CJEU About Injunctions Against Operators of Open WiFis

Regional Court in Munich (LG München) last month filed a preliminary reference to the CJEU (Case 7 O 14719/12 - reported by OffeneNetze) asking several questions related to applicability of mere conduit safe harbour to free and open WiFis and also to possibilities of national courts to impose certain obligations on (non-liable) providers of such hot spots. In Germany, German Federal Supreme Court (BGH) in 2010 judgement (Sommer unseres Lebens, I ZR 121/08) obliged most of the operators to password-protect their WiFis. Now this could either change or be extended to some other European countries.

Update 27/11/2014, the case is now listed as Mc Fadden C-484/14.

The case arose between an entrepreneur selling light and audio systems who is also a member of the German Pirate Party and a record label. The entrepreneur operates an open and free of charge WiFi in his store. He uses the WiFi sometimes as a tool for advertising of his store (preloaded home page points to his shop and name of the network bears its name) and sometimes to agitate for his political views (pointing to particular websites such as data protection campaigns, etc.). After receiving a letter informing him about a copyright infringement allegedly committed via his hot-spot, the entrepreneur unusually sued the right holder pursuing the negative declaratory action. The right holder as a defendant later counter-claimed asking for damages, injunctive relief and pre-trail costs as well as court fees under the above mentioned doctrine of BGH.

The referring court is hesitant whether mere conduit safe harbour of Article 12 allows especially for injunctive relief on which the German concept of Stoererhaftung is based. It points to similar cases before the Hamburg court (Case No. 25b C 431/13 and Case No. 25b C 924/13) that recently denied such claims arguing that mere conduit safe harbour prevents them. The court comes to conclusion that the plaintiff did not infringe the rights himself, and thus is considering what kind of measures can be imposed on a WiFi operator such as plaintiff. It is very symptomatic to German case-law on injunctive relief that the Munich court does not even mention applicability of Article 8(3) InfoSoc in this case. Despite the fact that its case is clearly about its local transposition and European limits.

Here is my very freely translated and heavily rephrased summary of questions with some commentary.

1. Question 

Q: Can a provider of a free open WiFi qualify for a mere conduit safe harbour? In particular, should the phrase of ‘normally provided for remuneration’ that defines the terms ‘information society services’ be interpreted as meaning that:
  • the particular service must be provided for remuneration,
  • the services on the market of this kind need to be provided for remuneration or
  • it is enough that majority of such or comparable services are provided for such remuneration.

This question was a ticking bomb. And it was not even a few weeks ago, when I criticized that if CJEU follows its approach from Papasavvas C-291/03, its case-law will soon bump into a trouble. So here it is. I understand that ‘normally provided for remuneration’ is limitation coming from the primary law and the very competence of the EU, but stretching the factor of required economic activity is a step that is necessary if we don't want to end up with a framework which punishes service providers for not making any money out of their services.

2. & 3. Question

Q: Does provision of an open WiFi hot spot constitute "the transmission in a communication network of information" as required by Article 12 of the E-Commerce Directive? And if so, is such a service also "provided" in the sense of the same Article when it is offered to the public by mere opening of connectivity without any advertising or offer to contract.

Personally, I don't see why this should not be resounding "YES". Munich court apparently thinks the same, but probably only wanted to make sure it is right.

4. & 5. Question

Q: Does the wording of Article 12(1), which requires Member States to "ensure that the service provider is not liable for the information transmitted" and Article 12(3), which permits some injunctions, when read together, mean that (a) injunctive relief, (b) damages, (c) pre-trail costs and (d) court fees are precluded before the first copyright infringement is established.

Q: Should Article 12 bar the national court from obliging an operator of WiFi to prevent third parties from using the Internet access for peer to peer file-sharing?

Article 12 covers only monetary claims. I think this is a general consensus [not necessarily in Germany, I know]. In my opinion, there is clear string of case-law that shows that injunctive relief is not covered by Article 12 (see here). UPC Telekabel Wien being the most obvious one. I believe that the CJEU will just confirm this. What is, however, very interesting and potentially far-reaching are the questions related to shielding from pre-trail costs and court fees. Especially in countries like Germany where you can recover pre-trail expenses related to injunctive claims, this could be of a great significance. Also, if such expenses would be included in the safe harbours, in the future, even courts in the enforcement proceedings could have difficulty to impose fines on mere conduits when they do not comply with website blocking for instance. I am really thrilled to see how the court approaches this question. Though admittedly for different reasons that the referring court.

6. Question

Munich court, disturbed by the fact that if no obligations were to be imposed on open WiFi operators there could be no recourse for right holders, suggests that such a situation would be incompatible with the recital 41 that safeguards the balance "between the different interests at stake and establishes principles upon which industry agreements and standards can be based". To prevent such imbalance, the court suggests his solution in questions 6,7,8.

Q: Should the knowledge requirement of hosting safe harbour apply per analogy also to injunctive relief against mere conduits?

This question is "understandable" from the German perspective, where the problem is whether pre-trail costs attach to the first cease and desist letter exercising claim to injunctive relief (yes, in most of the continental countries injunctive relief is a material claim, similarly as damages, not a procedural tool of a court, so it existis also outside of the court). The Munich court is basically trying to curb these costs before the first notification by this question [at least that is my understanding]. Not sure if CJEU will get this message, and even if it does, whether it can/should at all do something about it, given that the court wrongly seems to assume that Article 14 knowledge requirement also applies to injunctions against hosts. It does not. I probably do not need to stress too much that this would be constitute rewriting of the existing safe harbour schemes.

7. & 8. Questions

But the court also has second suggestion.

Q: Are there any unwritten requirements for mere conduits?

Invoking wording of Article 2(a) [who qualifies as a service provider] and Article 12 it seeks to know if there is any backdoor for mere conduits. The Munich court explicitly suggests that a possible unwritten requirement could be whether operators can prove to have a link/need of such open WiFis to their business model. I personally think that the CJEU might take the L'Oreal v. eBay neutrality requirement out of pocket and apply it here. This would, however, create similar uncertainty as it created with hosting safe harbour today.
9. Question

Puzzled by what UPC Telekable Wien, especially with considerations of Article 15 of E-Commerce Directive, might mean for the case at hand, the Munich court also asks an additional question provided that injunctions are permitted.

Q: Does Article 12, considering the provisions of the EU Charter, the Enforcement Directive and the InfoSoc Directive, bar a national court from issuing an injunction against a WiFi operator obliging him to prevent third parties from using that access for peer to peer file-sharing, if such a provider is given option to chose what kind of technical means he will use to comply with this obligation? Does the fact that such a provider can comply with this obligation change if it is known already before the enforcement proceedings that the only way of complying with the order is refraining from using the WiFi, password-protecting it, or filtering all the content passing through it.


In a way, this is an indirect direct attack on BGH case-law obliging operators of open WIFIs to password-protect them in order to prevent infringing use. At the same time, some questions are scary. It is expected that the CJEU confirms that injunctive relief is not restricted by mere conduit safe harbour. And it is hoped that it will refuse the invitation to create new conditions for mere conduits out of the blue. The court could, however, seize the opportunity to examine whether such measures are compatible with fundamental rights and not only another socially wasteful enforcement practice. In order this to happen, somebody should explain the court the innovative potential and social use of open WiFis beyond mere household use, which most of the judges are [only] familiar with.

Tuesday, September 23, 2014

New Paper On Novel Type of Injunctions Against Intermediaries

The readers interested in questions of intermediary liability, injunctions and online enforcement might be interested in a new paper authored by me and my friend Miquel Peguera. It is a substantially revised version of a working paper that was previously made available on SSRN in July this year. Since the copyright policy of the journal (IIC) requires us to remove the paper after its publication from SSRN for two upcoming years, I encourage all the interested readers to download it as soon as possible.

In this article we examine the legal framework of the European Union for injunctions against intermediaries whose services are used by a third party to infringe an intellectual property right, as set forth in the InfoSoc Directive and the Enforcement Directive. In particular, we consider the conditions to apply for the injunctions, taking into account how those conditions have been construed by the CJEU. We explore which is the minimum floor of injunctive relief Member States are obliged to provide under the Directives, as well as the maximum ceiling allowed, beyond which the protection granted would infringe upon the limits imposed by the EU Law. Next, we move to consider a particular type of injunctions that rights holders may apply for against intermediaries on the basis of Art. 8(3) of the InfoSoc Directive, namely those that would consist of enjoining an ISP from providing internet access to one of its users allegedly engaging in copyright infringement. A case already decided in Spain, Promusicae et al v. R Cable y Telecomunicaciones Galicia, granting such an injunction serves us as a study case to assess the problems these remedies face.

On the one hand, these privately litigated internet disconnection injunctions may be seen by rights holders as a promising tool to fight online copyright infringement – maybe an alternative to unsuccessful graduate response schemes. However, as we show in the article, these injunctions raise serious issues regarding their compatibility with the EU Charter of Fundamental Rights. Indeed, the possibility of effective and human-right-conform injunctions of this kind turns up to be very narrow. In other words, the Directive's provisions promise much, but if applied correctly, they deliver little.

Friday, September 12, 2014

CJEU on Applicability of the Safe Harbors to Free-of-Charge Websites

CJEU seems to be on copyright spree these days. Technische Universität Darmstadt C-117/13 [decision], Deckmyn C-201/13 [decision], Commission v Council C-114/12 [decision], Pez Hejduk C-441/13 [decision] and Art & Allposters C-419/13 [opinion] are all the cases I hope to be able to come back to on this blog. While these cases can wait, CJEU's new ruling - Papasavvas C-291/03 - on safe harbours can not.

Papasavvas involves pretty "disoriented" CJEU reference from the Cypriot court [reported before here]. The court wanted to know all sorts of things, but mostly whether: a) E-Commerce Directive safe harbours also apply to services that are provided free of charge, b) if so, whether newspapers could invoke any of the safe harbours for its editorial content [sic!]. Cypriot court also tried to use the country of origin principle and to rewrite European history of direct effect of the directives, but CJEU very quickly made clear what is the rule ["the Court wishes to inform the referring court that .."].

Background. On 11 November 2010, Mr Papasavvas brought an action for damages before the Cypriot court against a newspaper company, and against its Editor-in-Chief and an another journalist at that newspaper, for acts which, in his opinion, constitute defamation. Mr Papasavvas seeks damages for harm allegedly caused to him by articles published in the daily national newspaper and, which were published online on two websites ( and He requests also the national court to order a prohibitory injunction to prohibit the publication of the contested articles.


  • Free of charge, still covered?
Cypriot court asks about the concept of ‘information society services’, which is a precondition of all the safe harbours. It wants to know whether this term covers also provision of such online information services for which the service provider is remunerated not by the recipient, but by income generated by advertisements posted on a website. This questions has following source: Article 2(a) of Directive 2000/31 defines the terms ‘information society services’ by making a reference to Article 1 of Directive 98/34, which refers to any service ‘normally provided for remuneration’, at a distance, by electronic means and at the individual request of a recipient of services. 

The answer of the CJEU is very predictable - of course, as long as its an economic activity such as service running on advertising. Although predictable [due to Art. 57 TFEU], the answer by the CJEU, however, is not particularly clever one. What about websites that are run non-profit such as Wikipedia? Should they disqualify just because they have decided not to carry any advertising? Or are they also an economic activity? This is why I argued in my book that even potential economic activity should suffice. In any case, I would not immediately infer from this that Wikipedia is not anymore covered. But CJEU should have had taken this more into account when replying.

  • Does editorial content of newspapers qualify for safe harbours?
Another question related to whether editorial content of newspapers can qualify for one of the safe harbours. Instead of rejecting this invitation by pointing to the need of information to be provided by the recipient of the service, CJEU rather started invoking its case-law on what it means to be "an intermediary", i.e. to be passive, not providing assistance etc. It is no surprise then that CJEU instead of using more suitable argument of source of the information at hand [employed or contracted journalists], comes up rather with following argument:

45      Consequently, since a newspaper publishing company which posts an online version of a newspaper on its website has, in principle, knowledge about the information which it posts and exercises control over that information, it cannot be considered to be an ‘intermediary service provider’ within the meaning of Articles 12 to 14 of Directive 2000/31, whether or not access to that website is free of charge.
The problem of this is what it does not say. Namely, that this can be objected with pretty much any service out there. Carving editorial content out of safe harbours by referring to knowledge is probably the worst strategy the Court could have taken. Not being enough, CJEU then accepts invitation to add this argument to the context of the referred question - which I bet with you - will be misrepresented many times in the future:
46      In the light of the foregoing, the answer to the fifth question is that the limitations of civil liability specified in Articles 12 to 14 of Directive 2000/31 do not apply to the case of a newspaper publishing company which operates a website on which the online version of a newspaper is posted, that company being, moreover, remunerated by income generated by commercial advertisements posted on that website, since it has knowledge of the information posted and exercises control over that information, whether or not access to that website is free of charge.
No, it does not say what it states. But you need to read the context first to get that. 

  • Are safe harbours directly invokable in horizontal relationships?
Some context for US readers first. In the European Union, the Directives oblige only Member states. This means that if the state fails to implement them, you generally can not use them as a supplementary source of law, i.e. apply/invoke it directly [there are some exceptions for vertical relationships]. In the horizontal relationships [individual vs. individual] it is more than settled that only indirect effect [interpretation in the light of the Directive] is possible. CJEU here confirms again obvious. Safe harbours have no direct horizontal effects. So if the state fails to implement them, individuals can not invoke provisions of the Directive in their disputes.

All in all, I don't think this decision brings anything new. Perhaps only new sources of certain confusions.

Friday, August 15, 2014

#CETA: Should Canadian Internet Intermediaries Worry?

The Comprehensive Economic and Trade Agreement (CETA) is a proposed free trade agreement between Canada and the European Union. It is yet another alphabet soup that was cooked by our dear policy makers without first asking the public if it is hungry for any change of intellectual property protection/enforcement. As most of the other alphabet soups these days, also this was kept secret in order not to be [b]eaten by people before its ready for serving. Until, well, until German Tagesschau leaked its entire 521 pages long recipe this week.

The intellectual property chapter of CETA (Chapter 22) also contains several provisions regulating Internet intermediaries. And exactly these provisions should not be overlooked.

For the Europeans, intermediary liability provisions of CETA might first even appear boringly predictable as they do not seem to add anything new to the Union law. But this would be misleading. First of all, these provisions are definitely TRIPS-plus provisions, and if coupled with strong investment protection before the arbitration courts, flexibility of any reform of these provisions in the existing Union law will be near to zero. So as long as CETA goes beyond TRIPS, it automatically also adds to the Union law a new international obligations, which did not exist before.

For the Canadians, these obligations can be more groundbreaking. CETA seems to mandate that (i) safe harbours should not limit injunctions and  that (ii) injunctions should extend also to innocent (non-infringing) intermediaries. I have zero knowledge of the Canadian law, but I would humbly predict that at least (ii) is not currently provided for.

Article 5.5 of CETA seems to guarantee the safe harbours in the domestic law. Sounds like a great step, doesn't it? After taking a closer look, however, it becomes clear that domestic law is almost completely free in legislating the exact conditions for the two most important safe harbours, namely hosting and mere conduit ["Each Party may prescribe in its domestic law, conditions for service providers to qualify for the limitations or exceptions in this Article." (Art. 5(5)(4))]. In fact, the only thing the provision seems to guarantee is that some safe harbours for the two activities will exist in the domestic law, and that those domestic conditions can not be conditioned "on the service provider monitoring its service, or affirmatively seeking facts indicating infringing activity" (Art. 5(5)(3)). The more precise notice and take-down system, or counter-notification system is optional (Art. 5(5)(4)). Moreover, this applies only "when [they are] acting as intermediaries" [which sounds like a good Trojan horse for concepts like "passive intermediaries"]. Oh, and did I mention that this all concerns only "copyright or related rights" (Art. 5(5)(1))?

The most important mandatory rule of the safe harbours then seems to be what comes next:
This Article shall not affect the possibility of a court or administrative authority, in accordance with Parties' legal systems, of requiring the service provider to terminate or prevent an infringement.
For non-Europeans. Similarly worded rules in the E-Commerce Directive make safe harbours "injunctions-leaky" in the EU. And they are, together with some other provisions (Art. 8(3) InfoSoc, etc.), increasingly responsible for the most of the private actions against Internet services providers on the old continent [see overview here and here]. Without appropriate cause of action, of course, this would be only a half-way attempt to import the current European trend of increasing accountability of intermediaries by blocking and filtering injunctions or as US scholars would frame it - a system of more preventive notice-and-stay-down requirements.

But CETA does not stop half-way. Article 20 provides for a [differently worded] private cause of action for injunctions against innocent third parties:
1. Each Party shall provide that, in civil judicial proceedings concerning the enforcement of intellectual property rights [by accident not only copyright and related rights?], its judicial authorities shall have the authority to issue an order against a party to desist from an infringement, and inter alia, an order to that party, or, where appropriate, to a third party over whom the relevant judicial authority exercises jurisdiction, to prevent infringing goods from entering into the channels of commerce.
Please note that this a shall-provision. And that its wording could potentially achieve everything that European system of Art. 8(3) style of injunctions does today. And yes, it is exactly the provision which was among other things strongly criticized in ACTA. In fact, ACTA started (Article 2.X.2 of ACTA April Draft 2010) with a provision which was just copy and paste of Art. 8(3) InfoSoc ["The Parties [may] shall ensure that right holders are in a position to apply for an injunction against [infringing] intermediaries whose services are used by a third party to infringe an intellectual property right."]. The provision has proved, however, too controversial. Surprisingly, not because of the concerns of the Internet service providers, but of health activists who were worried about the access to medicines. This language was eventually dropped in the September 2010, but substituted by the following provision:
“Each Party shall provide that, in civil judicial proceedings concerning the enforcement of intellectual property rights, its judicial authorities shall have the authority to issue an order against a party to desist from an infringement, and inter alia, an order to that party or, where appropriate, to a third party over whom the relevant judicial authority exercises jurisdiction, to prevent infringing goods from entering into the channels of commerce.”
As you can see, this provision from the September version of ACTA is the same rule, which now re-appeares in Art. 20(1) CETA. If it becomes the law in Canada one day, its citizens can be also looking forward to a flood of privately litigated website blocking, disconnecting, filtering and other kind of creative injunctions.

One of the senior official at the Commission in Brussels told media that: "The free trade treaty with Canada is a test for the agreement with the United States". Well, if this is the case, than US readers of this blog might "forget" about their fears from their national reform of the DMCA, given that a "reform" might soon unexpectedly come from TRIPS-plus "waters".

Update 22/10/2014

The European Commission just released the final text of the CETA. Provisions relevant from the perspective of the post now look as follows:

Article 5.5 - Liability of Intermediary Service Providers

Subject to the other paragraphs of this Article, each Party shall provide limitations or exceptions in its domestic legislation regarding the liability of service providers, when acting as intermediaries, for infringements of copyright or related rights that take place on or through communication networks, in relation to the provision or use of their services.

The limitations or exceptions referred to in the previous paragraph: shall cover at least the following functions: hosting of the information at the request of a user of the hosting services; caching carried out through an automated process, when the service provider: does not modify the information other than for technical reasons; ensures that any directions related to the caching of the information that are specified in a manner widely recognized and used by industry are complied with; and does not interfere with the use of technology that is lawful and widely recognized and used by the industry in order to obtain data on the use of the information; mere conduit, which consists of the provision of the means to transmit information provided by a user, or the means of access to a communication network; may also cover other functions including: providing an information location tool, by making reproductions of copyright material in an automated manner, and communicating the reproductions.

Eligibility for the limitations or exceptions in this Article may not be conditioned on the service provider monitoring its service, or affirmatively seeking facts indicating infringing activity. Each Party may prescribe in its domestic law, conditions for service providers to qualify for the limitations or exceptions in this Article. Without prejudice to the above each Party may establish appropriate procedures for effective notifications of claimed infringement, and effective counter-notifications by those whose material is removed or disabled through mistake or misidentification. This Article is without prejudice to the availability in a Party' law of other defences, limitations and exceptions to the infringement of copyright or related rights. This Article shall not affect the possibility of a court or administrative authority, in accordance with Parties' legal systems, of requiring the service provider to terminate or prevent an infringement.

Article 17
Right of Information

Without prejudice to its law governing privilege, the protection of confidentiality of information sources or the processing of personal data, each Party shall provide that, in civil judicial proceedings concerning the enforcement of intellectual property rights, its judicial authorities shall have the authority, upon a justified request of the right holder, to order the infringer or the alleged infringer, to provide to the right holder or to the judicial authorities, at least for the purpose of collecting evidence, relevant information as provided for in its applicable laws and regulations that the infringer or alleged infringer possesses or controls. Such information may include information regarding any person involved in any aspect of the infringement or alleged infringement and regarding the means of production or the channels of distribution of the infringing or allegedly infringing goods or services, including the identification of third persons alleged to be involved in the production and distribution of such goods or services and of their channels of distribution.

Article 18
Provisional and Precautionary Measures

1. Each Party shall provide that its judicial authorities shall have the authority to order prompt and effective provisional and precautionary measures, including an interlocutory injunction, against a party, or where appropriate, against a third party over whom the relevant judicial authority exercises jurisdiction, to prevent an infringement of an intellectual property right from occurring, and in particular, to prevent infringing goods from entering the channels of commerce.

Article 20

1. Each Party shall provide that, in civil judicial proceedings concerning the enforcement of intellectual property rights, its judicial authorities shall have the authority to issue an order against a party to desist from an infringement, and inter alia, an order to that party, or, where appropriate, to a third party over whom the relevant judicial authority exercises jurisdiction, to prevent infringing goods from entering into the channels of commerce.
2. Notwithstanding the other provisions of this Section, a Party may limit the remedies available against use by government, or by third parties authorized by government, without the use of authorization of the right holders to the payment of remuneration provided that the Party complies with the provisions of Part II of the TRIPS Agreement specifically addressing such use. In other cases, the remedies under this Section shall apply or, where these remedies are inconsistent with a Party’s law, declaratory judgments and adequate compensation shall be available.