The regular article tracking developments at the national level in key European countries in the...
-
Upload
mark-turner -
Category
Documents
-
view
214 -
download
0
Transcript of The regular article tracking developments at the national level in key European countries in the...
ava i lab le a t www.sc iencedi rec t .com
www.compsecon l ine .com/publ i ca t i ons /prodc law.h tm
c o m p u t e r l a w & s e c u r i t y r e p o r t 2 4 ( 2 0 0 8 ) 2 8 – 3 2
European national news
The regular article tracking developments at the national levelin key European countries in the area of IT andcommunications – Co-ordinated by Herbert Smith LLP andcontributed to by firms across Europe
Mark Turner, Dominic Callaghan
Herbert Smith LLP, London, United Kingdom
a b s t r a c t
This column provides a concise alerting service of important national developments in key
European countries. Part of its purpose is to compliment the Journal’s feature articles and
Briefing Notes by keeping readers abreast of what is currently happening ‘‘on the ground’’
at a national level in implementing EU level legislation and international conventions and
treaties. Where an item of European National News is of particular significance, CLSR may
also cover it in more detail in the current or a subsequent edition.
ª 2007 Herbert Smith LLP. Published by Elsevier Ltd. All rights reserved.
1. Belgium
1.1. Court of appeal rules on the scope of database rights
In a recently published judgment of 5 June 2007, the Court of
Appeal of Brussels ruled that a map containing a tourist route
through the city centre of Brussels and its accompanying text
is not protected under the Belgian Act of 31 August 1998 relat-
ing to the Legal Protection of Databases. The Act implements
European Database Directive 96/9/EC of 11 March 1996.
Under the Act, a database is a ‘‘collection of independent
works, data or other materials arranged in a systematic or me-
thodical way and individually accessible by electronic or other
means’’. The court explained that in the present case, the col-
lection could not be qualified as a database for several
reasons.
First, the court found that even though a geographical
route that passes by a number of tourist attractions and
its accompanying text might be qualified as a ‘‘collection
of data’’ (since the collected data were systematically orga-
0267-3649/$ – see front matter ª 2007 Herbert Smith LLP. Publisheddoi:10.1016/j.clsr.2007.11.010
nized), the data were not collected in a way that they could
be consulted ‘‘as such’’. For a potential user of the data, the
collected data were only represented and accessible as
a common piece of writing. In addition, the court stated
that the collection could not be qualified as a database since
the collection did not provide a ‘technical entry key’, like
a table of contents, to enable access to individual items of
data in the collection.
The court also stated that the creation of a database re-
quires a substantial qualitative or quantitative investment in
human, financial or technical means. The Court referred to
the ‘William Hill’ judgments of the European Court of Justice,
which stated that the necessary substantial investment has to
be at one of the following levels: obtaining, verification or pre-
sentation of the contents of a database. This was however not
the case on the facts before the Belgian Court of Appeal.
Erik Valgaeren, Partner, [email protected] and Lien Ceule-
mans, Associate, [email protected] from the Brussels of-
fice of Stibbe (Tel.: þ32 2 533 53 51).
by Elsevier Ltd. All rights reserved.
c o m p u t e r l a w & s e c u r i t y r e p o r t 2 4 ( 2 0 0 8 ) 2 8 – 3 2 29
2. Denmark
2.1. Assignment of software licences in connectionwith outsourcing
The question of whether a software supplier is entitled to de-
mand the purchase of a new licence or the payment of a signif-
icant outsourcing-fee in connection with the customer’s
outsourcing of operations often arises in practice.
The defendant had entered into a licence agreement (the
‘‘Agreement’’) with the plaintiff regarding use by the defen-
dant of a reporting and calculation program related to cus-
toms clearance. According to the Agreement the right of use
could only be assigned to a third party with the prior consent
of the plaintiff. The defendant was only allowed to use the
program, at the defendant’s offices. The defendant decided
to outsource its customs clearance work to a third party out-
sourcing supplier. When the plaintiff became aware of the
outsourcing supplier’s use of the program the plaintiff submit-
ted a claim for compensation against the defendant.
The plaintiff argued that a specific prohibition against out-
sourcing was not required as outsourcing was already pro-
hibited by the non-assignment provision of the Agreement.
Further, the plaintiff argued that the assignment was a viola-
tion of the rules regarding distribution and reproduction in the
Danish Act on Copyright (the ‘‘Act’’).
The defendant stated that the program was used solely for
the defendant’s business and that the independent supplier
only acted on behalf of the defendant.
The Danish High Court recently ruled that a transfer to a third
party would require the plaintiff’s consent and furthermore accep-
tance by the third party outsourcing supplier of the licence terms.
The Court agreed that outsourcing had not been directly
addressed in the Agreement, but since an installation of the
software with one of the defendant’s subsidiaries at a different
location than the defendant’s, would, in accordance with the
agreement, not be allowed, a prohibition against outsourcing
was implied.
On this basis, the court found that outsourcing of activities
to a different legal person including installation of the soft-
ware at a new address, could not take place without consent
from the plaintiff. If consent was not obtained it would also
breach the ‘‘Act’’.
(NB this ruling overturns the earlier decision in Scan Soft
ApS v. Sony Nordic A/S BS 8-260/2006 which was reported in
EU National News, CLSR, Vol. 22, No. 6.)
Carsten Raasteen, Partner, [email protected] and Daniel
Herman Roejtburg, Assistant Attorney, [email protected]
from Kromann Reumert, Copenhagen office, Denmark (Tel.: þ45 70
12 12 11).
3. France
3.1. Enforceability of limitation of liability clausesin IT contracts
The Cour de Cassation (French Supreme Court) recently handed
down an important decision relating to the obligations of IT
providers. The case between Oracle and one of its clients in-
volved a complex set of IT agreements composed of four inde-
pendent contracts: a software licence agreement, a software
maintenance agreement, an implementation agreement and
a training agreement.
Oracle failed to deliver the licenced software on time and
the client filed a claim to terminate the licence agreement,
the three other agreements and to be awarded damages.
These claims raised two issues:
1. Whether termination of the licence agreement would entail
the termination of the three other agreements, even though
all agreements were executed separately and none of them
contained any clause stating that they had been concluded
in consideration of one another.
2. Whether Oracle could benefit from the limitation of liability
clause inserted in the agreements to limit the damages to
be paid to its client.
On the first issue, the Cour de Cassation found that the soft-
ware licence agreement and the three other agreements were
all part of the same project, and were meaningless when
taken individually. As a consequence, they amounted to an in-
divisible whole, and termination of the licence agreement
caused the termination of the three other agreements as well.
On the second issue, the Cour de Cassation found that Ora-
cle’s promise to deliver the software was a fundamental obli-
gation which caused the client to enter into these agreements.
As a consequence, the Cour de Cassation found that in this case
the limitation of liability clause was attempting to limit Ora-
cle’s liability for performing its fundamental obligation.
Breach of a fundamental obligation deprives the agreement
of its purpose and thus the limitation of liability clause was
not enforceable.
Decision (in French) available on http://www.legifrance.gouv.fr.
Alexandra Neri, Partner, [email protected] and
Matthieu Melin, Associate, [email protected]
from the Paris Office of Herbert Smith LLP (Tel.: þ33 1 53 57 70 70).
4. Germany
4.1. New data retention laws create uncertaintyfor IP owners
In early November, the data retention bill passed the German
Federal Parliament (implementing EC directive 2006/24/EC). It
comes into force on 1 January 2008.
According to the new legislation, telecommunications and
Internet service providers are obligated to retain traffic data
on each subscriber for a period of six months. In case of phone
calls this includes the date, time, length, and the number
called, as well as the location of the phone, the IMSI code and
the SMS connection data if it is mobile phones. With respect
to Internet use, the IP address, date, time, length of the connec-
tion, the e-mail addresses involved and the header of each e-
mail are to be stored. The content of the communications is
not stored. Therefore, the new data retention law overrides re-
cent jurisprudence prohibiting the storage of any customer
c o m p u t e r l a w & s e c u r i t y r e p o r t 2 4 ( 2 0 0 8 ) 2 8 – 3 230
data other than data required for invoicing purposes. The Ger-
man law also goes beyond European obligations as retention
requirements are also applied to anonymization services and
anonymous e-mail accounts are to be banned completely.
Under the new law, public authorities can only access traffic
data for the investigation of substantial offences, the investiga-
tion of any offence committed by the use of telecommunica-
tions’ networks and for the prevention of any danger to
public safety. Secret services also have direct access to the data.
The new data retention law does not provide for access to
data in civil proceedings. In this respect the new data reten-
tion law is said to weaken the new draft law of the German
government on the enforcement of intellectual property
rights. In cases of violation of intellectual property rights by
Internet users, the draft law provides for a civil claim by copy-
right holders against service providers for disclosure of all rel-
evant information. However, this claim will be rendered
ineffective, if service providers are only allowed to transfer
customer data to national authorities. The only option will
be to file a civil claim for disclosure with the court, which
then might order the transmission of the required data.
Under the present law, copyright holders are obliged to file
a complaint with the public prosecutor, who in turn acquires
the relevant data for investigational purposes. Subsequently,
the copyright holder may access the criminal records and
use the information in a civil proceeding for damages. How-
ever, this time-consuming procedure often failed because of
the service provider’s obligation to delete the traffic data. A
German regional court also recently ruled that under the pres-
ent law, even if there is a strong suspicion of a violation of in-
tellectual rights, notice of that suspicion given by copyright
holders to service providers only allows them to store data,
but does not oblige them to do so.
For further information see: http://www.bmj.bund.de.
Dr. Ann Marie Welker, [email protected] from the
Frankfurt Office of Gleiss Lutz (Tel.: þ49 69 955 140).
5. Italy
5.1. Users have the right to return preinstalled softwareand to obtain a refund
A Judge of first instance (Giudice di Pace) of the Tribunal of
Florence, by decision no. 5384 published on 28 September
2007, ordered Hewlett Packard Italiana S.r.l. (HPI) to reimburse
an Italian consumer for the price of two Microsoft programs
(Windows XP and Works 8), preinstalled on hardware the
user had purchased from HPI. The order was subject to the
consumer returning the software to HPI.
The consumer argued that he had no interest in purchasing
the software as he was only interested in purchasing the hard-
ware. HPI requested the Judge to reject the claim and offered
to reimburse the entire purchase price paid by the plaintiff
subject to the return of both the hardware and the software.
The decision was based on the following arguments:
(a) the software licence agreement was apparently prepared
unilaterally by Microsoft (i.e. a ‘‘EULA’’, End User Licence
Agreement) despite the fact that the licence was intended
to govern the relationship between the user and the hard-
ware’s producer (Hewlett Packard);
(b) the user was not able to see the specific terms and condi-
tions of the software licence agreement, before the pur-
chase of the software, while HPI was certainly aware of
the licence terms;
(c) Hewlett Packard installed the software on the hardware
and put on sale a final product consisting of both the soft-
ware and the hardware;
(d) the software licence agreement provided that, if the user did
not accept the terms and conditions of the software licence
agreement, the user should contact the producer of the
hardware (Hewlett Packard) in order to obtain information
about the return of the software and reimbursement; and
(e) the non-severability between the software and the hard-
ware was not based on technical grounds, but – as admit-
ted by HPI – on commercial reasons only.
http://www.ictlex.net/index.php/2007/10/25/giudice-di-pace-
di-firenze-sent-538407/.
Salvatore Orlando, Partner, [email protected] and Ste-
fano Bartoli, Senior Associate, [email protected] from
the Rome office of Macchi di Cellere Gangemi (Tel.: þ39 06 362141).
6. The Netherlands
6.1. The theft of a few ‘bits’ of virtual furniture
The digital investigation section of the Amsterdam police de-
partment arrested a teenager on 13 November 2007 on the sus-
picion of virtual theft. The alleged crime was the theft of
virtual furniture valued at 4000 Euros in the ‘Habbo Hotel’,
a popular virtual hangout for teenagers on the Internet
(www.habbo.com).
Habbo is active in 29 countries and has approximately
seven million users. In the Habbo Hotel people can create their
own virtual character, inhabit a room and furnish it. This vir-
tual furniture can be purchased with special Habbo-credits.
Habbo-credits can only be bought with real world money.
The defendant is alleged to have hacked into the accounts
of Habbo-users and once inside moved the furniture into their
own rooms. The defendant was charged with theft and com-
puter intrusion.
Link (in Dutch): http://www.bndestem.nl/binnenland/
2162679/Bredase-tieners-verdacht-vanvirtuele-diefstal.ece.
6.2. Placing of a link is not distribution, or is it?
In a decision dated 30 October 2007, the District Court of Rotter-
dam answered the question whether or not placing a link in an
article published on the Internet should be considered to be dis-
tribution, pursuant to article 132 of the Dutch Penal Code (DPC).
Article 132 of the DPC forbids the distribution of ‘‘inciting’’ pub-
lications.Thecourt considered that itcouldnothavebeenthein-
tention of the legislator that the mere placement of a link should
fall within the scope of this article. That would mean that all
search engines, would fall within the scope of article 132 as
c o m p u t e r l a w & s e c u r i t y r e p o r t 2 4 ( 2 0 0 8 ) 2 8 – 3 2 31
search terms automatically produce links. In this case, however,
wherethelinks (linkingto inciting Islamic publications) werede-
liberately placed in over 60 articles the defendant published in
approximately three months, the court ruled that the placing
of these links should be regarded as distribution in the sense
of the DPC and sentenced her to one month imprisonment.
Link (in Dutch only): http://www.delex.nl/jurispruden
tie.aspx?alias¼BB7174.
Robert Boekhorst, Associate, [email protected] and
Rembrandt Brouwer, Associate, [email protected]
from the Amsterdam Office of Stibbe (Tel.: þ31 20 546 01 12).
7. Norway
7.1. Greater public access to tax records
Each year the Tax Records of all registered taxpayers are made
available to the general public by the Norwegian Tax Assess-
ment Authority. The Tax Records contain personal informa-
tion such as addresses, dates of birth (Business Register
Number for companies), net assets and net income as well
as the amount of tax paid. The general public can access the
Tax Records either online or at the local tax office, but only
for a limited period of three weeks every autumn. The Tax Re-
cord is not available in its entirety after this period, but indi-
vidual tax details can still be acquired upon request from
the local tax office subject to certain additional restrictions.
The electronic online access is subject to specific restrictions
to prevent abuse. When searching the Tax Records, the person
in question must inter alia be identified and one can only search
for information about one person at a time. Recently, in August
2007, an exception entered into force, according to which the
press can order an electronic version of the Tax Records and
use it for journalistic purposes. This amendment was enacted
because the Government wanted to strengthen the critical de-
bate concerning the national tax system. This has resulted in
a media frenzy with newspapers, websites and TV channels us-
ing headlines such as ‘‘The 5 richest footballers in Norway’’,
‘‘How much does your neighbour/boss earn – search here to
find out more!’’. To what extent Tax Records should be public
is a highly disputed issue. The Norwegian Data Inspectorate
has expressed its concern, and argues that the possibility of us-
ing information – which taxpayers are obliged to give the au-
thorities – for entertainment, mass publication, sale and alike
violates fundamental principles of privacy.
Stein-Erik Jahr Dahl, Associate, [email protected]: Thommessen
Krefting Greve Lund AS (Tel.: þ47 23 11 14 94).
8. Spain
8.1. Court rules on monitoring employee’s computer usage
In a recent judgment, the Spanish Supreme Court clarified the
limits and conditions that companies should respect when in-
vestigating e-mails and their employees’ use of the Internet.
Such investigations are arguably crucial in order to monitor
companies’ productivity, to maintain order and to investigate
breaches of confidentiality.
According to the judgment, when companies allow their
employees to use computers for personal purposes, any in-
spection may harm their right to privacy and the secrecy of
communications. The court clarified that companies must re-
spect certain restrictions in order for the investigation to be
considered fair.
Under the Spanish Workers Statute, companies are
allowed to establish any means of control, which they con-
sider appropriate, to verify how employees fulfill their duties.
Companies are only limited by the obligation to respect their
employees’ dignity.
The Supreme Court recognized the right for companies to
investigate their employees’ use of computers, as it is the
only way to coordinate tasks, to continue working when an
employee is absent, and to warrant the security of the IT sys-
tem. According to the Supreme Court, companies do not cur-
rently need to justify every inspection.
Nevertheless, this right is not unlimited. The Supreme
Court underlined the need for companies to maintain good la-
bor relations, to respect their employees’ dignity, and take
steps to prevent employees from mistakenly believing that
nobody could read their e-mail or check their Internet usage.
Consequently, according to the judgment, companies have
to clearly instruct their employees on the rules for using com-
puters. They must inform them that the company controls
their computer, of the means used to perform inspections, and
the purposes for which employees should not use their computer.
Additionally, the investigation should only be (i) made for
a fair purpose, (ii) not go beyond the fair purpose, and (iii) be
limited in scope to the minimum possible.
Finally, to resolve some practical issues, the judgment
states that inspections may be carried out at any moment
(not only during working hours) and that the presence of the
employee concerned or of an eyewitness is not required.
Javier Aparicio Salom, Partner, Intellectual Property and Data Pro-
tection Department Cuatrecasas, Madrid javier.aparicio@cuatreca
sas.com (Tel.: þ34 915 247 100).
9. Sweden
9.1. Far-reaching proposal on mandatory data retentionfor operators
On 7 November 2007, the Swedish Ministry of Justice pre-
sented a proposal for new legislation regarding retention of
traffic data. Pursuant to the proposal, operators shall be
obliged to retain certain traffic data for investigation, detection
and prosecution of serious crime. Operators shall be obliged to
disclose the traffic data to public authorities combating crime.
The proposed legislation shall apply to traffic data that is
generated or handled in connection with a communication
by fixed, mobile or Internet telephony, Internet access or e-
mail. The traffic data to be retained shall identity communi-
cating parties, the time and place of the communication and
the type of equipment that is used for the communication.
The retention requirement shall however not apply to the
c o m p u t e r l a w & s e c u r i t y r e p o r t 2 4 ( 2 0 0 8 ) 2 8 – 3 232
actual content of the communication. Pursuant to the pro-
posal, the traffic data shall be retained for one year from the
date of the communication. The new legislation is proposed
to come into force on 1 January 2009.
For further information, please refer to http://www.reger
ingen.se/sb/d/108/a/91521 (in Swedish).
9.2. A more effective Electronic Communications Act
The Swedish Government has presented a proposal to amend
the Electronic Communications Act (ECA) in order to achieve
more efficient judicial proceedings.
For this purpose, the Government proposes to limit the
number of appeals so that the Administrative Court of Appeal
will be the court of final appeal. Opportunities to cite new cir-
cumstances and evidence in the courts will be limited and the
scope for ordering a stay of enforcement in decisions under
the ECA will also be reduced.
The amended legislation is proposed to come into force on
1 January 2008.
For further information, please refer to http://www.reger
ingen.se/sb/d/108/a/89754.
Bjorn Gustavsson, Partner, [email protected] and Eva
Fredrikson, Associate, [email protected] from Advokatfir-
man Vinge KB (Tel.: þ46 8 614 30 00).
10. United Kingdom
10.1. House of Lords confirm UK credit card protectionapplies to overseas purchases
Credit cards are the dominant payment method on the Inter-
net and many UK consumers buy from both UK and overseas
websites. Difficulties can arise however if the goods fail to be
delivered or are faulty. Typically credit card contracts only
give the cardholder the right to recover from the card issuer
if there has been an unauthorised transaction. The level of
additional statutory protection offered to cardholders when
problems arise with authorised transactions is therefore an
important factor in the future growth of e-Commerce in
the UK.
Due to s75 of the UK Consumer Credit Act 1975 if a card-
holder who is a consumer makes a purchase with a credit
card and subsequently has a claim against the merchant
for misrepresentation or breach of contract the cardholder
will also be able to claim against the credit card issuer.
The merchant and the card issuer will be jointly and sever-
ally liable. In March 2006, the UK Court of Appeal in Office of
Fair Trading v. Lloyds Bank plc, Tesco Personal Finance Ltd. and
American Express Services Europe Ltd. [2006] EWCA Civ 268
ruled that this statutory protection applies regardless of
whether the transaction occurs in the UK or abroad and
also regardless of whether the card issuer has a direct con-
tractual relationship with the merchant. (For further details
see, ‘‘Is shopping online now risk free for UK consumers’’,
CLSR 2006, 22.)
On 31 October 2007, the House of Lords dismissed an ap-
peal by the credit companies against the decision of the Court
of Appeal.
Office of Fair Trading v. Lloyds TSB Bank plc and others [2007]
UKHL 48.
http://www.bailii.org/uk/cases/UKHL/2007/48.html.
Mark Turner, Report Correspondent, Partner, mark.turner@her
bertsmith.com and Dominic Callaghan, Associate (Australian qual-
ified) [email protected] from the London Office
of Herbert Smith LLP (Tel.: þ44 20 7374 8000).