Countries in the European Union can't allow an individual to get away with copyright infringements by merely naming other family members who might have used his or her internet connection to share files, the EU's top court has ruled.
The file-sharing verdict came down on Thursday from the Court of Justice of the European Union (CJEU), in a case involving an audio book from the German publisher BasteiLübbe.
The audiobook had been unlawfully shared on a peer-to-peer platform via the connection of a man named Michael Strotzer, which prompted the publisher to sue Strotzer.
Strotzer denied having anything to do with the file-sharing in question, instead pointing out that his parents, who live with him, had access to the same connection. That, he said, was the end of the matter.
A Munich regional court said German federal case law does indeed allow this defense on the basis of the fundamental right to protection of family life.
SEE: IT pro's guide to GDPR compliance (free PDF)
The court said the case law doesn't even require the connection's owner to provide further details of how the family member supposedly used it, so there's no opportunity for anyone to then go after the family member for liability.
However, the court asked the CJEU to clarify the matter and, according to the EU court, that German case law doesn't fly.
The CJEU, also commonly known as the European Court of Justice, or ECJ, explained that there needs to be a balance between the rights to privacy and family life, and the rights to hold intellectual property and get an effective legal remedy from the courts.
If family members get "almost absolute protection" of the sort claimed in the Strotzer case, the court said, that's not a fair balance because the publisher doesn't get to defend its rights.
In other words, the defense is no defense without evidence of who perpetrated the file-sharing.
"EU law precludes national legislation (such as that at issue, as interpreted by the relevant national courts) under which the owner of an internet connection used for copyright infringements through file-sharing cannot be held liable to pay damages if he can name at least one family member who might have had access to that connection, without providing further details as to when and how the internet was used by that family member," the CJEU said.
So it's now back to the Munich court to decide whether there's some way under German law to force Strotzer to provide "information necessary for proving, in circumstances such as those at issue in that case, copyright infringement and who infringed it".
Forcing him to do so might make for an awkward Christmas at the Strotzer household, but it would comply with EU copyright law.
Germany seems to be making a habit of testing the limits of European copyright law. A couple of years ago, the CJEU handed down a ruling in the case of a Bavarian shopkeeper named Tobias McFadden and his open Wi-Fi hotspot.
The ruling established that hotspot operators aren't liable for other people unlawfully file-sharing through their connections, but also that rights holders can force them to secure their networks to prevent the filesharing.
Previous and related coverage
New rules will make it harder to share links and content. So can it be stopped?
Although an anti-immigrant comment doesn't break German law, Facebook can still delete it.
The German parliament has waved through a massive expansion of police hacking powers.
Vital internet hub, De-Cix in Frankfurt, has lost its fight against German intelligence services' mass surveillance.
The German government is trying to quell outrage over reported smart-home and car-bugging proposals.
The controversial copyright measure is making its way through the European Parliament ahead of a committee vote on June 20 and parliamentary vote in July or September.
Critics say the law could make the internet more closed in future.