TMT Newsletter | June 2026
Outlook
02.07.2026
CJEU: Does it constitute an abuse of a dominant market position if a service provider imposes requirements on device manufacturers for, i.a., pre-installed software and regulates the distribution of software versions (Article 102 TFEU, Article 54 EEA; decision C-738/22 P)?
CJEU: Is it sufficient under Article 6 (1) (a) GDPR to consent towards an internet service provider and its unspecified "partners" to allow these "partners" to display direct advertising (hearing C-317/25)?
German Federal Court of Justice: Does the retransmission of broadcast programs via an internal cable system to the residents of a retirement home constitute a "communication to the public" within the meaning of Article 3 (1) of the InfoSoc Directive and Secs. 87 (1) No. 1, 20, 20b German Copyright Act (following CJEU, case C-127/24; hearing I ZR 34/23 and I ZR 35/23)?
German Federal Court of Justice: On the copyright protectability of a modular furniture system (following CJEU, cases C-580/23 and C-795/23; decision I ZR 96/22).
06.07.2026
CJEU: Do the Belgian provisions for the press publisher right (in particular, unilateral negotiation and information obligations for service providers, and a binding administrative rate setting procedure) and the requirements for Online Content-Sharing Service Providers (OCSSPs; in particular, a mandatory direct remuneration claim that may only be exercised through a collective management organization) violate EU law (Articles 15, 17 DSM Directive; hearing C-663/24)?
09.07.2026
CJEU: Do provisions of Swedish law violate Article 85 GDPR by largely exempting online databases of unedited verdicts by criminal courts from the GDPR while leaving data subjects with remedies under civil and criminal defamation law (decision C-199/24)?
CJEU: Is a streaming subscription for TV and video content a "supply of digital content" within the meaning of Article 16 (m) in conjunction with Article 2(11) of Directive 2011/83/EU, or a "digital service" within the meaning of Article 2(2) of Directive (EU) 2019/770? The differentiation determines whether streaming service providers may exclude a 14-day withdrawal right once streaming begins (decision C-234/25).
CJEU: Does it constitute an abuse of a dominant market position if a service provider uses contractual clauses vis-à-vis third-party website operators that contain provisions regarding exclusivity, placement, as well as approval procedures (Article 102 TFEU, Article 54 EEA; hearing C-826/24 P)?
15.07.2026
German Federal Court of Justice: Does a confirmation webpage displayed during the online termination of gym contracts violate Sec. 312k German Civil Code if it contains information on alternatives to the termination (decision I ZR 200/25)?
16.07.2026
German Federal Court of Justice: Is a permission from the phonogram producer required when copying and using a rhythm fragment from a sound recording? The FCJ is expected to focus on the recently specified requirements of the "pastiche" exception within the meaning of Article 5(3)(k) of the InfoSoc Directive (following CJEU, case C-590/23; hearing I ZR 74/22 ("Metall auf Metall V")).
30.07.2026
German Federal Court of Justice: Does forwarding private chat messages to an employer violate Article 6 GDPR, or does the GDPR not apply in this case (Article 2(2)(c) GDPR) (hearing I ZR 256/25)?
News
CJEU – On the scope of the country-of-origin principle and the DSA liability provisions for hosting service providers
Provisions of French law regarding the age verification for pornography websites and the prohibition to distribute information about certain traffic controls fall within the "coordinated field" (Article 3 (1), (2) E-Commerce Directive). They may be applied to providers from other Member States if the conditions of Article 3 (4) E-Commerce Directive are met (i.a., a request to the country of origin and notification to the Commission; Article 3 (4) (b) E-Commerce Directive). The limitation of liability for hosting service providers (Articles 14, 15 E-Commerce Directive; now: Articles 6, 8 Digital Services Act) does not apply to providers who play an "active role" in respect to user information that is stored on their behalf. A hosting service provider plays an "active role" if, in its own interest, it uses an algorithm – going beyond mere categorization and indexing – to determine under what conditions, in what manner, and in what order information is broadcast (C-188/24 and C-190/24).
CJEU – On the applicability of the GDPR to data from criminal investigations in personnel files
The GDPR applies when a department of an authority uses data in a personnel file that was collected by another department of the same authority for the purposes of a criminal investigation (Article 2 (1) GDPR). Directive 2016/680 does not apply to this (subsequent) use, as it no longer serves the purposes of criminal prosecution. A right to erasure ("right to be forgotten") may be excluded under three conditions (Article 17 (3) (b) GDPR): The storage must be based on a clear, precise, and foreseeable legal basis, it must serve a legitimate public interest and be proportionate (C-312/24).
CJEU – Complaint under the GDPR admissible despite ongoing court proceedings
A national supervisory authority may not reject a complaint (Article 77 GDPR) just because a judicial remedy (Article 79(1) GDPR) has been sought or because a decision that is not yet legally binding has been issued in such proceedings. Both remedies exist independently of one another: The GDPR gives neither courts nor supervisory authorities priority of jurisdiction (C-414/24).
EGC – Partial invalidity of the Commission's Gatekeeper designation
The decision concerned the designation of a messaging service and an online marketplace as a core platform service (Article 3 (1)(b) DMA). Regarding the latter, the EGC overturned the Commission's designation due to a lack of sufficient reasoning (Article 296(2) TFEU), as it was based on outdated data. An appeal against the decision may be filed with the CJEU (T-1078/23, not yet final).
EUCOM – Fine against VLOP for breach of DSA risk assessment obligations
A Very Large Online Platform (VLOP) failed to properly assess the systemic risk of the dissemination of illegal content through its service (Article 34(1), subpara. 2, (a) DSA). The VLOP's risk assessment was not based on specific findings relating to the service (Article 34(1), subpara. 2 DSA). The platform also failed to assess how frequently consumers are exposed to non-compliant products and how the design of its service increases this risk. The platform is now required to submit remedial measures (Article 75 DSA). It may challenge the decision and the fine of EUR 200 million by way of an action for annulment (Article 263 TFEU; press release of 28.05.26).
EUCOM – Messaging service provider must (provisionally) grant access to third-party AI assistants
The preliminary measure is being issued as part of ongoing antitrust proceedings against the service provider (AT.41034). To date, the provider has been charging third-party AI assistants access fees for using the Application Programming Interface (API). According to the Commission's preliminary assessment, the provider has thereby abused a dominant market position (Article 102 TFEU, Article 54 EEA Agreement). The preliminary injunction remains in effect until a final decision is issued (press release of 09.06.26).
EUCOM – Draft Guidelines for the classification of "high-risk" AI systems
The guidelines (Article 6(5) AI Act) specify when an AI system is considered a "high-risk" AI system (Article 6 AI Act). They include criteria for classification and provide specific examples. According to the guidelines, AI systems monitoring speed limits and collision risks in rail transport, as well as those used for biometric identification and creditworthinessassessment, qualify as "high-risk" (press release of 19.05.26).
EP – Digital Omnibus and ban on "nudifier apps" adopted
Certain provisions for "independent high-risk" AI systems (Article 6(2) AI Act) will not take effect until December 2, 2027; provisions for "high-risk" AI systems (Article 6(1) AI Act) will not take effect until August 2, 2028. The labeling requirement for AI-generated content will not apply until December 2, 2026. In addition, apps generating nude imagery of individuals and AI systems that generate child sexual abuse material (CSAM) will be banned. The Council has yet to adopt the amendments (adopted text).
Regional Court of Frankfurt – Fine imposed on platform operator for removing content after two weeks
The service provider did not comply with a court order to remove untrue user posts for approximately two weeks. The court found this to be evidence of structural organizational deficiencies and imposed a fine in the six-figure range. The service provider may file an immediate appeal (Sec. 793 German Code of Civil Procedure, 2-03 O 128/26t; press release of 08.06.26).
Regional Court of Berlin – No use as a trademark through "AI Overview"
If a search engine operator's "AI Overview" displays information on perfume imitations ("dupes") of branded perfumes, this does not constitute a use of the trademark within the meaning of Article 9(2)(a) of the EU Trademark Regulation. The search engine operator neither uses the trademark in its own commercial communications nor directs its use. Users recognize "AI Overviews" as a new format for search results and do not have the impression that the search engine operator is creating its own content or assuming responsibility for the generated output. Furthermore, there is no violation of competition law because search engine operators are not competitors of perfume manufacturers (Sec. 2(1) No. 4 German Act Against Unfair Competition; 52 O 62/26, not yet final).
Regional Court of Munich I – Search engine operator held (provisionally) liable for incorrect statements about companies in "AI Overviews"
A search engine operator's "AI Overview" displayed information when searching for a company ("scam"). The provider of an "AI Overview" may be held liable as a direct infringer within the meaning of Sec. 1004 German Civil Code if the "overview" contains statements that infringe the company's personality rights. The court found the statements to be independent and to go beyond a summary of the search results or short previews (snippets). In particular, some statements contained information that was not based on the search results. Accordingly, the limitation of liability for hosting service providers under Article 6 DSA does not apply (26 O 869/26, not yet final).
German Federal Network Agency – Investigation launched against gaming service provider for alleged violation of the DSA
The agency examines whether the service provider violated its reporting and remedial obligations for illegal content under Article 16 DSA. The provider allegedly failed to take action despite complaints about racist content in a video game (Article 16(5), (6) DSA). It now has the opportunity to submit a statement (press release of 12.06.26).