VPN services are a useful tools for protecting internet users’ online privacy. They can also help to bypass geographical restrictions.
The latter can be helpful if people want to access a streaming service’s content library in another country. While this often runs contrary to most streaming companies’ terms of service, it’s common practice among so-called ‘VPN pirates’.
This type of unauthorized access is at the center of a case currently before the EU Court of Justice. The matter deals with a dispute between Serbian production company Grand Production and streaming platform GO4YU (now MTEL), also from Serbia.
The two parties negotiated a licensing deal to distribute a TV program in Serbia and Montenegro. However, Grand Production discovered that the streaming service also showed the program in Austria. In addition, VPN users were able to view the program from anywhere in the world, as long as they were connected to a Serbian VPN service.
VPN Piracy Referral to the CJEU
The production company filed a lawsuit against the streaming service in Austria, holding it accountable for this unauthorized use. The matter went all the way up to the Supreme Court which, considering the complex VPN issue, sought clarification from Europe’s Highest Court (CJEU).
One of the key questions for the CJEU is whether online streaming services are liable for copyright infringement if their subscribers use VPN services to bypass geo-blocking efforts. EU Advocate General Maciej Szpunar shared his advice on the matter this week.
The Advocate General (AG) notes that geo-blocking efforts are essentially a form of digital rights management (DRM). These are typically used to create virtual borders on the Internet which, in itself, is borderless.
This basically means that people circumvent access restrictions if they choose to use a VPN to access content outside these artificial borders. As such, they communicate the content to a new public, something that can constitute copyright infringement. However, that’s not the core issue at stake here.
Streaming Service Not Liable
The opinion of AG Szpunar compares the current case to existing EU jurisprudence on hyperlinks, concluding that a streaming service doesn’t violate the law when subscribers bypass its geo-blocking efforts.
“If the copyright owner (or its licensee) has such a block installed, it directs its broadcast exclusively to persons who are granted access to the protected content from an area designated by that right owner. Consequently, the rightholder does not communicate to the public in the rest of the territory.”
It’s a myth that technical restrictions can be 100% effective, Szpunar notes in his opinion. As soon as new measures are implemented, people will find ways to route around them.
“While there are technical means to counteract such practices, they are never infallible and probably never will be, as the techniques to overcome them are always one step ahead of safeguards,” he writes.
As a result, holding the operators of streaming services liable for this type of unauthorized access goes too far. In common with hyperlinking cases, the person who bypasses the restrictions should be held responsible, not the platform where they are published.
“It is the users themselves who circumvent this blocking by accessing the above programs, without the intervention of third parties,” Szpunar writes.
Grand Production argued that GO4YU knew very well that subscribers bypassed its geographical restrictions. The AG notes that this is likely true but the producer was also aware of the issue when it negotiated the licensing agreements.
“Circumventing different security mechanisms represents a risk that is inextricably linked to the distribution of copyright-protected works in digital form, especially on the Internet. When granting GO4YU Beograd permission to broadcast their shows publicly on a streaming platform in a certain area, Grand Production must have been aware of that.”
The general conclusion is that streaming services are not by definition liable for VPN ‘piracy’. This is an important conclusion as it directly relates to online services’ anti-piracy obligations under Article 17 of the Copyright Directive.
However, this doesn’t mean that these services have no obligations at all. According to AG Szpunar, they can be held liable if they don’t have any geo-blocking measures at all, or if they intentionally use ineffective blocking tools.
The AG’s advice is not binding but in most cases, recommendations are followed by the EU Court of Justice, which will likely issue its final verdict in the next few months.
A copy of EU Advocate General Maciej Szpunar opinion can be found here. The English version is not available yet and all the quotes are translations. For further reading, we recommend Prof. Dr. Eleonora Rosati’s IPKitten article on the topic.