Recent court judgment rules in favour of prohibiting the use of a third party's database, even where the information originates from a public source.
In a recent ruling by the Madrid Commercial Court nº3, dated 12 December 2016, the judge held that the use of a third party's database without consent was unlawful despite the fact that the data ultimately originated from a public source (and was consequently accessible by everyone). In addition, he considered that the unconsented use of the data shall give rise to the infringer being liable to compensate, even though the infringer alleged to have obtained the data in good faith from a third party.
The leading Spanish provider of Commercial, Financing and Marketing Information in respect of companies and employers sued one of their competitors for having published a substantial part of their data (specifically data belonging to annual accounts of approximately 300,000 enterprises) free of charge on their website. By alleging that their "sui generis right" over the database was infringed, the claimant demanded a preliminary injunction requiring the defendant to remove the disputed information from their website. The claimant also requested that the subsequent judgment:
- declare that the defendant's actions are an infringement of the claimant's rights;
- confirm that the preliminary injunction prohibiting the defendant's infringement was correct;
- order the defendant to pay damages to the claimant for losses arising from the defendant's infringement (the measure of damages to be determined at a later date); and
- order that the court ruling be published.
The defendant focused their defence strategy on the fact that the information was in the public domain (the Commercial Register ultimately) and that, since it was public information, the defendant was entitled to use such information. The defendant also argued that they had obtained the data from a third party in good faith and therefore were in any case exempt from any obligation to compensate the claimant.
The judge firstly granted the claimant a preliminary injunction and ordered that the defendant stop using the disputed information and has now, in a judgment issued the 12 December 2016, confirmed that the decision to order the defendant to cease their infringement actions was correct. In his pronouncement the judge considers that the claimant had established that there was solid evidence of infringement by the defendant of the claimant's "sui generis right" and orders that the defendant stop using (and is prohibited from restarting the use of) the claimant's data, destroy any supports in which the data has been extracted or stored, and compensate the claimant for an amount to be determined in a future procedure. Additionally, the judge orders that the defendant publish the court ruling on their website.
The court's decision on the public origin of the data question correctly identifies that, regardless of whether or not the data is ultimately public, another individual should not be able to freely extract and reutilize it from the claimant's database since the claimant made a substantial investment of time and resources in obtaining and processing the data (which the other individual should not be able to take advantage of). Hence, irrespective of the origin of the data, the claimant's database is protected by virtue of the effort and economic risk incurred.
Also, the fact that the defendant had purportedly acquired the data from a third party (and would have not extracted it directly from the claimant's databases) would only relieve the defendant from their obligation to compensate the claimant if they had acted diligently (because the obligation to compensate requires negligence). The judge held in this case that the defendant had been negligent, given the third party from which the defendant seemingly acquired the data, the context and how the market functions. Considering all factual evidence, the defendant could not objectively assert lack of knowledge about the illegal origin of the data.
Importance of the case
The ruling is of great relevance because of the very limited case law that exists in Spain in relation to the protection of databases investment through the "sui generis right" and the fact that it confronts two of the largest data provider companies in the Spanish market. Additionally, the ruling states the obligation to compensate in abstract, the amount needing to be determined in a later procedure. This means that an immaterial conviction to compensate the damage is already established (becoming final and consequently "res judicata" if not appealed) and only the exact quantifications is left for a future procedure. And this is an exceptional recourse offered by Spanish law which is very relevant in transgressions like the one at stake because the claimant usually requires the actions to be initiated immediately, not always being able to quantify (or establish the bases to quantify) the damage at the time of filing the claim (normally due to the absence of information or simply because the illegal activity is ongoing and damage is still being caused).
As a final thought, it should not be forgotten that data is acknowledged to be the gold of the XXI century and that we live in a digital environment that enables anyone to transfer data from a support to another and extract data massively and effortlessly from the Internet. Thus rulings like that issued the 12th of December are particularly important to guarantee the protection of the investments in databases by companies and discourage the common practice of third parties usurping and using data of third parties.