Digistore24 liability for competition law | IT-Medienrecht

Discover why Digistore24 faces liability for clients' competition law breaches. Learn about the crucial 'cancel button' ruling and its impact on online…

Digistore24: Liability for Clients' Competition Law Infringements

In a recent groundbreaking ruling, the Higher Regional Court of Celle determined that the prominent platform Digistore24 is accountable for infringements of competition law committed by its clients, often referred to as vendors. This specific case involved misleading advertising by a Digistore24 client, notably due to a missing cancellation button on their website.

The Higher Regional Court of Celle thereby upheld the decision of the lower court, the Regional Court of Hildesheim. Its judgment highlighted that Digistore24 operates beyond a mere technical payment service provider, such as PayPal or Stripe. Instead, it licenses content from its contractual partners and directly sells these products under its own name.

Consequently, Digistore24 bears full responsibility for the products it sells. This includes direct liability for any associated competition law infringements.

Digistore24's Unique Business Model and its Legal Implications

Digistore24 employs a distinct business model, particularly within Germany. Unlike conventional payment providers, which primarily manage payment transactions, Digistore24 actively licenses content from its partners and subsequently sells it directly to end customers.

This model extends Digistore24's responsibilities beyond mere payment processing. It also encompasses ensuring the legality of the sold content. As demonstrated by the recent court decision, this crucially includes adherence to competition law standards.

Liability for a Missing Cancellation Button

The Specifics of the Online Guitar Course Case

In the case at hand, a Digistore24 client offered an online guitar course, structured as a subscription model, via their website. Crucially, the legally required cancellation button was absent.

Both the Hildesheim Regional Court and the Celle Higher Regional Court unequivocally stated that Digistore24, as a contractual partner, shares liability for this omission. The platform was expected to ensure the availability of the cancel button, if necessary by applying contractual leverage on the client.

Ensuring Compliant Termination Processes

The precise requirements for the design and placement of cancellation buttons on websites have been a recurring subject in legal proceedings. Historically, liability in such instances has typically rested solely with the direct service provider, rather than with contracted service providers or platforms.

Additional insights into this critical area of consumer law can be found in our related articles:

These articles underscore that designing legally compliant termination processes is a complex yet vital task for all businesses engaging in online consumer contracts. Beyond the prominent termination button, numerous specific details must be meticulously observed to prevent expensive warnings and legal disputes.

Data Protection: An Additional Challenge for Digistore24

Beyond competition law, Digistore24's business model necessitates ensuring robust data protection for all products sold. This presents a significant challenge, particularly when dealing with contemporary offerings like AI services.

GDPR Compliance and AI Applications

AI-powered applications, including chatbots or courses utilizing large language models (LLMs) like GPT-3 or GPT-4, frequently involve transferring personal data to technology providers such as OpenAI. In such cases, strict adherence to the requirements of the GDPR is crucial for data transfers to third countries. This includes securing appropriate safeguards like standard contractual clauses or certifications.

Furthermore, transparency and explicit user consent are paramount. Companies must clearly articulate in their privacy policies and consent forms which data is shared with AI providers, its intended purpose, and how it will be processed. This ensures that data subjects provide truly informed consent.

Implementing comprehensive data protection concepts is therefore essential to fulfill GDPR requirements and mitigate potential liability risks. Such concepts involve both technical and organizational measures, including encryption, stringent access controls, and regular audits. Clear contractual agreements with AI providers are also indispensable.

As an experienced lawyer specializing in IT law, I assist companies in developing and implementing legally compliant solutions. Our collaborative efforts focus on harnessing the advantages of AI technologies while simultaneously safeguarding user privacy and minimizing compliance hazards.

Conclusion

The Higher Regional Court of Celle's ruling underscores the heightened responsibility of platform operators like Digistore24, especially when licensing and selling third-party content. This extends their liability beyond competition law infringements by clients, compelling them to ensure fair contractual conditions, effective customer service, and stringent data protection.

Understanding Digistore24's unique business model is critical, particularly given its significant market presence in Germany. Unlike simple payment processors, Digistore24's direct sales approach means it bears full legal responsibility for the products and services it offers.

Navigating these complex legal requirements, from competition law to consumer protection and data privacy, demands carefully developed strategies. Businesses must proactively address these challenges to mitigate liability risks and comply with all legal frameworks, especially when offering innovative services such as AI applications. Only then can they fully leverage the platform's advantages and achieve scalable growth.