A very interesting verdict for dealers of all kinds comes today from Cologne. The versions can probably be transferred to most electronic devices and, of course, to online retailers.
The Higher Regional Court of Cologne has ruled that an electronics market does not have to point to security vulnerabilities and missing updates to the operating system of the smartphones it sells.
The plaintiffs’ consumer association had carried out test purchases at the defendant electronics market and had the purchased smartphones examined for security vulnerabilities by experts from the Federal Office for Information Security. One of the devices had 15 of 28 vulnerabilities tested, and another had only one vulnerability, although both devices were nominally the same older version of the Android operating system. The background is that the operating system is adapted by the respective manufacturer to the respective smartphone model and new versions of the operating system can only be used if the new version of the operating system is previously used for the respective model of the smartphones has been adapted.
The BSI concluded that the device with the 15 security vulnerabilities posed a glaring security risk to users. After the BSI had unsuccessfully contacted the manufacturer, the applicant asked the operator of the electronics market not to continue selling the devices without reference to the security gaps.
The subsequent action for an injunction was dismissed by the Landgericht and the Higher Regional Court of Cologne. In the context of the dismissal of the appeal, the 6th Civil Senate of the Higher Regional Court stated, in essence, that the conditions of an injunction were not met. It constitutes an unreasonable burden for the defendant to obtain information on security vulnerabilities for each individual model of smartphone it offers.
It is true that information on the existence of security gaps is of great importance to consumers, since it could infringe consumer privacy and misuse data obtained for fraudulent purposes. However, it should also be borne in mind that the defendant can only identify the security gaps by means of tests which must relate to the particular type of smartphone. Nor is it possible to identify all existing security vulnerabilities. All operating system vendors would find security vulnerabilities in the operating system again and again, partly only due to attacks by third parties. Finally, the detectable security gaps could change at any time, so that the defendant would have to repeat the tests at regular intervals.
Nothing else applies to information about the provision ingesnotating security updates. The defendant is not usually aware of security updates for a specific model at the time of sale. Nor does it have the possibility of obtaining that information without the intervention of the producers. The manufacturer alone decides whether and when to adapt a security update for the respective smartphone model. Here, too, the relevant information could change on a daily basis, especially since the manufacturer is not aware of whether and when a security update, which he could adapt, will be published.
Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.
BGH strengthens the rights of players in foreign online sports betting In a recent decision, the Federal Court of Justice...
Read moreDetails
Now, it seems that case law is again turning to the effect that German courts are on the side of...
Read moreDetails
Ohweia: Federal Labor Court: If a supposedly freelance employment relationship subsequently turns out to be an employment relationship, it cannot...
Read moreDetails
The subject is actually ancient and yet I see it again and again. Just in a current mandate, an incorrectly...
Read moreDetails
As a lawyer, I have done a lot of contracting and consulting on traditional business models. But it is particularly...
Read moreDetails
Since 26 April 2019, the new Trade Secrets Act has implemented an EU directive that has so far received little...
Read moreDetails
Introduction and explanation of the button solution The convenience of online shopping has undoubtedly revolutionized our buying habits. With just...
Read moreDetails
Yesterday, the European Court of Justice made a far-reaching decision on the issue of consent to the setting of cookies(see...
Read moreDetails
The Federal Court of Justice has ruled that the sale of baked goods in bakery branches with café operations on...
Read moreDetailsThe Distance Learning Protection Act (FernUSG) has been experiencing a renaissance for some time now. What for decades was considered...
Read moreDetails
This informative podcast offers a comprehensive insight into the legal challenges faced by start-ups when expanding internationally. The experienced lawyer...
Read moreDetails
In this video, I talk a bit about transparent billing and how I communicate what it costs to work with...
Read moreDetails
