Out-Law / Your Daily Need-To-Know

EU opens debate on whether KYC obligations can address problems with identifying IP infringers

Out-Law News | 19 Sep 2014 | 4:55 pm | 2 min. read

A debate into whether internet service providers (ISPs) should be able to deliver content over their networks to anonymous internet users has been launched in the EU.

The presidency of the Council of Ministers, an EU law making body, said there was a need to clarify whether "due diligence obligations such as 'know your customer' are or should be imposed on intermediaries".

It said clarity was required as part of a wider need to detail what mechanisms can be used for identifying infringers of intellectual property rights (IPRs) (3-page / 174KB PDF).

"It is important to: clarify which tools are available to identify IPR infringers; clarify the retention and disclosure of personal data by intermediaries, in order to improve identification in case of commercial scale infringements while guaranteeing the protection of fundamental rights of individuals (thus avoiding abuses); clarify to what extent due diligence obligations such as 'know your customer' are or should be imposed on intermediaries," the presidency said.

'Know your customer' (KYC) is a concept more familiar to heavily regulated businesses, such as those operating in the financial services or gambling industries.

In financial services, KYC broadly refers to the due diligence checks banks are obliged to conduct to ensure that their customers are who they say they are and are not involved in money laundering activities or in financing terrorism, for example. In the gambling sector, KYC obligations are imposed on gambling operators with the aim of preventing under-age gambling as well as to combat financial crime.

The often competing rights to privacy and the right to the protection of intellectual property under EU laws have been the subject of debate for years.

In a ruling in 2011, the Court of Justice of the EU (CJEU) confirmed that court injunctions that force internet service providers (ISPs) to filter and monitor user traffic for the purpose of preventing illegal file-sharing are contrary to EU law and fundamental rights, including ISPs' rights to freely conduct business and individuals' rights to privacy, free speech and the protection of their personal data.

A similar CJEU judgment in 2012 was issued in a case concerning what responsibilities social networks can legitimately be placed subject to in the fight against online copyright infringement.

EU copyright rules state that copyright owners can obtain a court order against intermediaries whose services are used for piracy. However, the EU's E-Commerce Directive contains rules which make it clear that intermediaries are generally not responsible for the online activities of customers and that member states must not put those businesses under any obligation to monitor for illegal activity being undertaken via their service.

However, in its paper, the presidency of the Council of Ministers said there is a need to "improve the efficiency of actions to stop IPR infringements through better involvement of intermediaries".

It said clarity was required on a number of related issues, such as whether payment and advertising service providers can be classed as 'intermediaries' and what conditions need to be satisfied for injunctions to be legitimately served on intermediaries and what kind of action those injunctions should compel intermediaries to take to combat IPR infringement. The length that injunctions should apply for and whether they can be applied across multiple countries within the EU are issues that also need to be resolved, it said.