The Act clarifies that WLAN operators are access providers as defined in § 8 TMG. This does not result in any changes in the existing legal position for service providers which offer access to a communications network in accordance with the TKG (Telekommunikationsgesetz, Telecommunications Act). The obligations on these service providers resulting from the TKG continue to apply. In addition, the principle which has already been developed in case-law is codified that holders of WLAN connections are not to be held liable as interferors if they have fulfilled reasonable obligations in order to prevent rights violations. The Act (de) serves to specify the requirements placed on service providers which provide access to the internet via WLAN, irrespective of whether this is for commercial purposes. If the provisions of the Act are obeyed, it is assumed that the WLAN operator has taken the precautions which are reasonable for them in order to prevent third parties from violating rights. In such cases he will not be held liable as the interferor for omission or removal and can also not be warned to desist. The stipulations mentioned in the Act can generally be fulfilled by WLAN operators. However, this does not exclude operators, in certain cases, from also being able to carry out their obligations through other reasonable means. The Act also cites various situations in which it can be assumed that the host provider will be aware of an unlawful act.
The requirements of the TMG (de) are directed in particular at services which are offered in connection with business activities. The new provisions applicable across borders as proposed in this draft Act in the field of providers’ responsibility have particular significance for Germany as a business centre. § 8(3) TMG does not immediately exempt the operator of a wireless local area network from its liability as a so-called “interferor.” Anyone can be a liable “interferor” under this case-law who intentionally and sufficiently causally contributes in any way to the infringement of a protected right if he has violated reasonable checking obligations. This liability is directed at omission, but not at compensation. Sentence 1 of § 8(4) TMG codifies in this sense that all service providers, irrespective of whether they provide their WLAN for commercial purposes, in the private domain or as a public facility, cannot in principle be claimed on as an “interferor” if they have taken reasonable measures to prevent a rights violation by users.
The question of which obligations are reasonable for the operators of WLAN access in this connection has occupied the courts in numerous cases, and also the Federal Court of Justice several times. Although the courts have defined certain groups of cases and have clearly restricted liability in some cases, adequate legal certainty has not yet been provided. A continuation of this legal uncertainty would still dissuade potential operators of internet access via WLAN because of the liability risk from providing their customers with such access. In addition to clarifying the liability privilege, the draft Act therefore, in sentence 2, also specifies in more detail the requirements under which these access providers can be assumed to have fulfilled their reasonable obligations in order to prevent the abuse of the internet access. The previous principles developed in case-law are taken and further developed by way of examples in order to create legal certainty as extensively as possible. The principles developed in case-law for private holders of WLAN connections are to apply equally to all other operators of WLAN. This does not exclude taking other reasonable measures in addition, by means of which not least the permanent application of the provision in the progressive technological change process will be secured.
It can be assumed specifically that WLAN operators have fulfilled the obligations reasonably to be expected of them when they:
1. Have taken appropriate security measures against unauthorised access of the wireless local area network.
The first requirement for exemption from liability for interference is that the WLAN operator secures his network in a technically appropriate form from access by unauthorised parties. This is reasonable to expect from a service provider who offers access to the internet through the WLAN, because otherwise he creates a potential source of risk that unlawful actions will be committed. Particularly in view of the increased in cyber-criminality, this also ties in with the operator’s own interests. In this way it is guaranteed that his data and those of the WLAN users will be secured as much as possible from access by unauthorised parties. The appropriate security measure may be defined in the sense of the required technological neutrality of the operators. For this, the encryption of the router comes into consideration in particular, which in many cases has already been provided for by the manufacturer, as is currently seen in the form of the WPA2 standard. However, it would also be possible to have voluntary registration by users.
2. Only grant internet access to users who have declared not to commit any rights violations in the context of the use.
The service provider can also be expected to ensure that the user is only granted access to the internet if he has consented to the condition not to commit any unlawful acts via it. This can take place on handing over WLAN access by means of terms of use to which the user must specifically agree before opening the WLAN connection, if possible by ticking a box. However, the Act does not stipulate anything in this case, so that for example consent can also be given by agreeing to the published terms and conditions, from which the terms of use result. As a rule, the service provider shall give the user access to the internet by notifying them of a password. This may take the form of publishing on the home page or menu or be notified to the user by other means. It is also possible to set up an entry page on which only the terms of use appear and are accepted by a click.