In Germany, the Federal Court of Justice pulled the rug from under claims for the disclosure of user data against the providers of online services. The court ruled that statutory law would not permit a service provider to disclose user data to persons and businesses concerned by a negative and potentially unlawful review posted on a review platform (judgement of 1 July 2014, court ref. VI ZR 345/13). Only if the review constitutes a criminal act in itself, such as a defamation or slander, the prosecution may request disclosure in the course of a criminal investigation. The judgement eventually ended a debate that had been simmering for a long time.
The case concerned a medical practitioner who sued a review platform dedicated to medical services. A user had posted a review on the platform in which he alleged that patients´ files would be kept in clothesbaskets, average waiting times would be extraordinarily long, follow-up appointments would not be offered in due time, a thyroid hyperfunction had not been identified and been treated contraindicative. Shortly afterwards, further reviews were posted which were identical in places to the first review. The claimant repeatedly notified the platform provider of these reviews, and the platform provider took the reviews down. In July 2012, another review was posted with the same allegations. The claimant now sued the platform provider for cessation and desistance and for disclosure of the name and the address of the user who posted the reviews. The defendant never denied that the facts stated in the reviews were untrue.
The claim was dismissed. The court´s decision is based on Sec. 12 (2) German Telemedia Act (“TMG”), which stipulates that a service provider may only disclose user data where a specific statute exists that permits such a disclosure and expressly references “Telemedia” services, i.e. online services. The court argued that the general civil law claim for disclosure of third-party data, which is based on bona fide aspects (Sec. 242 German Civil Code), would not fulfil the requirements of Sec. 12 (2) TMG. Further, the requirements of Sec. 14 (2) TMG, which allows for a disclosure of user data if this is necessary for the purposes of criminal prosecution, protection of the constitution, averting public dangers and national security, and for the enforcement of copyright, would not apply. According to the court, there is also no room for an analogous application of Sec. 14 (2) TMG, because there would not be an unintentional gap in the statutes as required for an analogy. In this regard, the court highlighted that the question whether an individual whose personality rights were unlawfully affected by a user posting should have a claim for disclosure of that user´s data was debated in the process of legislation without further consequences.
The court noted, however, that the result of the legal assessment may be regarded as unbalanced against the statutory right for disclosure of user data in the event of a copyright infringement, and that it deems the extension of this statutory right desirable. However, the court emphasized that this decision is up to the legislator, not the court.
The question of whether a claim for disclosure of user data would be supported by German civil law had long been debated in legal literature, and courts of lower instances had issued conflicting decisions in similar cases. The appellate court (Higher Regional Court of Stuttgart) had decided in favour of the claimant, too. This debate has now been ended by the Federal Court for the time being. The judgement is clear and leaves no room for interpretation or loopholes. This is good news for both providers of online platforms, who can safely assure to their users that their identity is protected, and users who will not need to fear de-anonymization, which could result in a pre-emptive self-limitation when posting comments.
However, the question remains whether the court duly considered constitutional law aspects, as the German-law concept of personality rights is rooted in the German constitution (right to human dignity, right to personal freedoms). This has been the main reason why some courts of lower instances had obvious concerns about the result of their legal assessment and tried to find a way out of the dilemma by applying analogies, or considerations of interest, on dubious legal grounds to overcome the statutory law situation which had been deemed inappropriate in some cases. The Federal Court now has not touched constitutional law issues, so it can be concluded that at least it did not see a blatant violation of constitutional law. However, the Federal Court articulated concerns about the outcome too by declaring a revision of the statutes desirable, and by emphasizing the responsibility of the legislator to consider respective amendments of the law. Even though the judgement is final and binding, the claimant may seek additional relief by lodging a constitutional complaint.
The decision does not affect the right of the competent authorities to request a disclosure of user data in the case of criminal prosecution, i.e. in cases where the content of a user review does not only constitute a violation of personality rights as protected by civil law, but reach the threshold of criminal offences such as in the case of defamation and slander.