The Court of Justice of the European Union (CJEU) has handed down a ruling that may significantly affect owners of databases of information who wish to restrict how their data is used and those who make use of such databases.
The CJEU has ruled that the owner of a database can contractually limit the use of the database if it does not fall within the statutory protection given by the Database Directive.
The Database Directive
Under the Directive, a lawful user of a database can use it for what would otherwise be 'restricted acts' (such as reproducing, translating, distributing or communicating to the public the contents of the database) that are necessary for the purposes of access to the contents of the database and provided that they constitute 'normal use'.
In addition, where a database is made available to the public (e.g. on a website), the database owner can't prevent a lawful user from extracting or reusing insubstantial parts of the database provided that it is a 'normal exploitation' of the database and does not prejudice the database owner's legitimate interests or prejudice their rights as copyright owner.
Article 15 of the Database Directive specifically stops a database owner from putting anything in their terms and conditions that stops this and says that any such terms and conditions will be void.
In the case between Ryanair and Dutch company PR Aviation which resulted in the recent ruling, PR Aviation ran a price comparison website allowing users to compare and then book low cost flights without ever visiting the airline's own website.
They had obtained the price and flight data from Ryanair's website, which terms and conditions stated that any price comparison websites should enter into a licence of Ryanair's database of flight price and timetable information. PR Aviation had not done this.
Ryanair brought a claim for infringement of its rights in its flight information data, as well as for breach of the website terms and conditions.
Proceedings were referred to the CJEU, asking whether the Directive (and in particular the provisions preventing contractual limitations) extend to databases which are not protected by copyright or by database right. The CJEU ruled that they do not, and that databases which fall outside of the Directive can contractually restrict users in a way owners of protected databases cannot.
When does a database fall within the Directive?
A database is defined as 'a collection of independent works, data or other materials arranged in a systematic or methodical way and accessible by electronic or other means'. In this case the database was a website containing flight information.
A database will be protected by copyright if, by reason of the selection or arrangement of its contents, the database constitutes the owners own original work. The bar for originality is low, and the Directive has clarified that the copyright protects the structure of the database, rather than the data itself.
Database right exists independently of copyright and protects the compilation of information itself. It will apply when there has been a 'substantial investment in obtaining, verifying or presenting the contents of the database'. Because of the requirement of 'substantial investment', companies who create a database using their own data will not likely not be protected by database right, unless they made more investment in the database then just creating or collecting the data.
What does this mean?
If the data is not therefore protected by copyright or database right (for example because it consists of the database creators own data and no extra investment has been made in compiling the data) then this decision will apply, and the database owner will be able to contractually limit what its lawful users do with the data.
This could be very relevant to both database owners and users alike, and in particular as in this case to price comparison businesses, businesses who sell third party products or services directly to consumers, and indeed businesses whose goods and services are sold by third parties.
Owners of a database that does not fall within the scope of protection of the Directive will have contractual means to control their data, meaning that they could make it difficult for the likes of price comparison websites by restricting their ability to make use of data without a licence or potentially at all.
Such businesses will need clarity on whether their database falls within the Directive in order to be clear on what they can limit users from doing in their terms and conditions.
What should I do?
- The value of databases can be easily overlooked but sensible technical and practical measures (encryption, password protection, limiting access) should be taken to protect valuable datasets
- Ensure that databases are regularly maintained - the duration of database right, if it exists, will be refreshed every time a substantial update is made to the content
This document is for informational purposes only and does not constitute legal advice. It is recommended that specific professional advice is sought before acting on any of the information given.