A pub owner has been fined £8,000 because someone unlawfully downloaded copyrighted material over their open Wi-Fi hotspot, according to the managing director of hotspot provider The Cloud.
Graham Cove told ZDNet UK on Friday he believes the case to be the first of its kind in the UK. However, he would not identify the pub concerned, because its owner — a pubco that is a client of The Cloud's — had not yet given their permission for the case to be publicised.
Cove would say only that the fine had been levied in a civil case, brought about by a rights holder, "sometime this summer". The Cloud's pubco clients include Fullers, Greene King, Marsdens, Scottish & Newcastle, Mitchell & Butlers and Punch Taverns.
The law surrounding open Wi-Fi networks and the liability of those running them is a grey area.
According to internet law professor Lilian Edwards, of Sheffield Law School, where a business operates an open Wi-Fi spot to give customers or visitors internet access, they would be "not be responsible in theory" for users' unlawful downloads, under "existing substantive copyright law".
She also said the measures that would be brought in under the Digital Economy Bill — measures that could include disconnection of the account holder — would not apply because the business could be classified as a public communications service provider, which would make it exempt. According to the terms of the bill, only "subscribers" can be targeted with sanctions.
According to legal advice sent to The Cloud by the law firm Faegre & Benson on 17 August, "Wi-Fi hotspots in public and enterprise environments providing access to the internet to members of the public, free or paid, are public communications services".
A public communications service provider must, under the terms of the Data Retention Regulations that came into force in the UK in April of this year, retain records for 12 months on communications that have taken place over their network. This data includes user IDs, the times and dates of access, and the online destinations that were being accessed. The content of the communications cannot be retained without the user's permission, due to data-protection laws.
However, there is a get-out clause in the Data Retention Regulations, in that no public communications service provider has to keep such records unless they are notified by the government that they are required to do so.
According to Edwards, this is because "only the big six ISPs have the facilities to comply, and because the government agreed [in its legislation] to repay some of the costs [of retaining such records]". She noted that this clause might itself be non-compliant with the EU data-retention laws that were transposed into UK law in April.
Edwards pointed out that, even if the sanctions proposed in the Digital Economy Bill come into force, "no-one will know who [the downloader] was, because the IP address that will show up [upon investigation] will be of the hotspot". She added that the rights holder seeking infringers of their copyright would probably not know that the IP address in question was not that of a subscriber.
It would then be up to the hotspot operator to point out that they were not the end user downloading copyrighted material. "But when would they get to say that? Maybe straightaway, maybe not until after disconnection — it's not currently clear," Edwards said.
Update: In an earlier version of this story, Professor Lilian Edwards was erroneously quoted as saying that businesses would "be responsible in theory" for users' unlawful downloads, under "existing substantive copyright law". She actually told ZDNet UK that businesses would not be responsible in theory, and we have amended the story accordingly.