Update 22/05/2013: a very kind reader, William Bird from Patentive, provides some rough translation of the judgment.

Brein submits – in summary – that FTD World is unmistakably guilty of committing on-going copyright infringement or to facilitate it. Brein therefore has a compelling interest in order to find out who the leaders are behind FTD World. Under Articles 31 and 31a of the Copyright Act, the activities of FTD World as a criminal offense must be considered, moreover, in this case, also the application of the sanction under Article 31b Aw. The business model of FTD World means that it receives payments from advertisers and users of the websites of FTD World. ING Bank facilitates these payments. In practice, it is almost impossible to trace those responsible. Behind FTD World the domain name holder of FTD World ([E]) is a non-existing person. There was no response to a summons to his / her address. The Russian hosting provider has not responded to a summons of Brein. The Dutch intermediary involved in the registration of the domain name of FTD World has no more information than is already known to Brein. One can assume that [F] is not responsible for the websites of World FTD, she is very old and lives in Suriname in an unknown place. It is possible that she is a ‘strawman’. The person currently in the former home of [F] is not doing anything with World of FTD. Brein has therefore done everything to find out the identity of those responsible behind FTD World. Today the only clue is the account at ING Bank. ING Bank, according to its letter of 7 March 2013 is only prepared to meet part of the request for information by Brein. ING Bank has advised that there is a proxy, but the data in its letter provides not lead to the identity of those authorized. In the opinion of Brain ING Bank should also provide such data. The necessary conditions (see for example the judgment of the Supreme Court of 25 November 2005 in the case Lycos / Pessers) are met in this case [in this case, the Dutch Supreme Court said that ‘the request to reveal the identity of the holder of the website should be judged independently of the ISP’s liability based on the E-commerce Directive. Refusal to reveal the identity of the holder of a website might, in certain circumstances, constitute an unlawful act.’, note by Hutko]. FTD World develops manifestly unlawful activities, it is beyond reasonable doubt that the representative of [F] is responsible, the affiliates of Brein will suffer significant damage and Brein has no other (practical) ability to identify those responsible. The claim of Brain is limited and is sufficiently specific and proportionate. The privacy interests of [F] should therefore be waived for the interests of the members of Brein.

4. The opinion of the court

4.1. The claim of Brein can be granted if it is sufficiently plausible that ING Bank acted unlawfully towards Brein. According to Brein, ING Bank has the legal obligation to provide the names of those who are authorized to access the funds from the account of [F] and identifying data on the basis of social care standards and that ING Bank acts unlawfully against her despite a request not to do so. As answer to the question whether there is wrongdoing in this case, in the opinion of the court is that this entails a consideration of mutual interests. ING Bank would have to give up the privacy interests of its customers. The importance for Brein lies in the fact that it should take action against copyright infringement on behalf of its member owners. In this balancing of interests, all relevant circumstances of the case are involved.

4.2. Both parties have referred to the Data Protection Act (DPA), in particular Article 8 paragraph f of that law. ING Bank has also referred to the Conduct in Processing of Personal Information by Financial Institutions which is derived from the DPA. It is true that the purpose of the collection of personal data by a bank like ING Bank is not in the investigation of criminal and/or unlawful activities. In answering the question whether ING Bank may be made to provide information under the Data Protection Act and / or the Code of Conduct this broadly relates to the same interests as mentioned under

4.1. In this context, the legitimate interest in the disclosure of certain information has to be weighed against the privacy interest.

4.3. ING Bank has in the hearing rightly argued that it was not “instrumental” in the (alleged) copyright infringement by FTD World or of facilitating this by FTD World. Brein has to rely in its claim on case law concerning hosting providers and / or internet service providers that were ordered to provide information on those responsible behind “pirate websites”. In the opinion of the judge Brein misjudges the role of an Internet service provider or hosting provider which is substantially different from that of a bank like ING Bank. A “pirate site” cannot exist without a provider. There is no question of illegality if the provider does not supply services. ING Bank provides “only” bank transactions, which is not to have effect sine qua non in relation to (possible) copyright infringement [I find this argument to be very little convincing, some ISPs certainly have very similar position to a bank, note by Hutko]. The provision of services by ING Bank, is not necessary for copyright infringement (for it to be unlawful). This also occurs on the websites where no account number is known. Execution of a payment is not required to use the services offered on the websites of FTD World. The alleged unlawful activities take place entirely outside the purview of ING Bank and outside its sphere of influence. ING Bank is not in a position – and they do not have the expertise – to get an informed assessment to assess the (un) lawfulness of “pirate websites”. There is no relationship between ING Bank and copyright infringement, while there is a relationship between an internet service provider or hosting provider and copyright infringement.

4.4. Furthermore, ING Bank rightly argued that the (legal) possibilities of Brein to identify those responsible behind FTD World have not (yet) been exhausted. One can put in question the effectiveness of the efforts of Brein to trace the domain name owner  and / or trace the Russian hosting provider. Moreover, [F] has not been contacted or legally called upon to provide the personal details of the proxy let alone has any attempt been made to trace her. Brein assumes that [F] has nothing to do with FTD World, but this assumption is based on nothing else than on general knowledge about the “profile” of those responsible for “pirate websites”.

4.5. The criminal law is not closed to Brein. Brein did not file any claim, although it considers the case involves criminal offenses. While it is true that the Intellectual Property fraud is based on the principle of civil enforcement, the fact remains that the public prosecutor is the person who may ask a third party to provide certain information to him in the context of a criminal investigation. If Brein want access to personal data, they should report a crime, in order to get the public prosecutor to provide that information. Note that Intellectual Property Fraud does not make such a request impossible.

4.6. Finally, ING Bank has rightly relied on the special position that banks have in legal and financial transactions. There is a strong emphasis on the trust that clients should be able to enjoy in their banks. This confidence must keep in mind that customers’ personal data may only be communicated to third parties in very exceptional circumstances. If the data is to be provided then these should be “in safe hands” with such third parties. That Brein, as she stated in the hearing, has a legitimate statement of the Data Protection Authority, does not necessarily lead to the conclusion that it will not provide the data to others.

4.7. Based on the above considerations, the judge considers that the interests of ING Bank in this case outweigh those of Brein. For the time being ING Bank therefore is not acting unlawfully by refusing to (further) to provide data. This leads to the denial of the requested provision by Brein.

4.8. The reference to the judgment of the District Court of The Hague December 6, 2011 in the case Brain/Techno Design does not cast a different light on this matter. In that judgment is first mentioned that Techno Design made a limited defense. Techno Design is also not a bank, but a so-called payment provider. She offers an online payment service that allows visitors to a website to execute payments to the operator of a website, without the visitor obtaining information about the administrator of the site. In this way it allows administrators of websites – including operators of websites through which copyright infringement may be committed – to remain anonymous while knowingly aware of the issue. Unlike the present case in which Brein can figure out who the trustee of the account through [F], in the Brain / Techno Design case, Brain could only find out who committed the unlawful act from Techno Design. For this reason, the balance of interests differs materially.

Update 2 [16/6/13]: It seems that this summer, German Federal Supreme Court (BGH) will deal with the question in the title as well in Davidoff [trade mark] case (Az. I ZR 51/12). First instance court granted the claim for information against the bank (LG Magdeburg – Urteil vom 28. September 2011 – 7 O 545/11, ZD 2012, 39), but the second instance rejected it (OLG Naumburg – Urteil vom 15. März 2012 – 9 U 208/11, GRUR-RR 2012, 388). Now it’s up to BGH to decide.