TMT Newsletter | November 2025

Outlook

On 26.11.2025, the CJEU will hear a case on whether, and under what conditions, a national provision requiring the promotion of culturally significant works from the revenues of a collecting society is compatible with Directive (EU) 2014/26 (C-840/24). On 02.12.2025, the CJEU will deliver its judgment on the liability of a hosting provider which, under its terms of use, reserves the right to use uploaded advertisements, under the E-Commerce Directive and the GDPR (AG Szpunar: liability exemption is applicable as long as the hosting provider remains neutral) (C-492/23). On 04.12.2025, the CJEU will rule on the copyright protection of works of applied art in the cases konektra (C-795/23; BGH referral of 21.12.23) and Mio et al. (C-580/23). On the same day, the German Federal Court of Justice (BGH) will decide on the protectability of the film character “Miss Moneypenny” as a work title and on its infringement through identical designations (I ZR 219/24). On 10.12.2025, the EGC will decide on Intel’s action against the imposition of a fine for abuse of a dominant position in the market for x86 processors under Art. 102 TFEU and Art. 54 EEA Agreement (T-1129/23). On 11.12.2025, AG Emiliou will publish his Opinion on whether the freedom to provide services (Art. 56 TFEU) precludes reimbursement claims by sports betting providers in cases of unlawful online betting (C-530/24). On 18.12.2025, the BGH will rule on whether credit agencies may store information on payment defaults even after the claim has been settled – and, if so, for how long (I ZR 97/25). On the same day, AG Szpunar will publish his Opinion on whether expressions of opinion on social networks can be protected by copyright under Art. 2(a) Directive 2001/29/EC (InfoSoc Directive), and on whether Art. 5(3)(c) Directive 2001/29/EC (InfoSoc Directive) precludes a provision of national law that permits the use of short extracts of works for reporting on current events provided the reporting is of non-commercial character (C-598/24). The EUCOM plans to publish the draft of the Digital Networks Act by the end of the year (notice of 24.10.25).

CJEU – Daily email newsletter permissible under E-Privacy Directive

Users of an online press outlet who wanted to read further articles had to create a free user account by providing their email address and signing up for a daily newsletter. The users could also opt out of the daily newsletter. The Romanian data protection authority considered this conduct as unlawful data processing. According to the CJEU, in such circumstances, the respective press outlet obtains the email addresses "in the context of the sale of a product" and is allowed to use them for direct marketing, cf. Art. 13(2) E-Privacy Directive (C-654/23).

CJEU-AG – No use of a trademark for parodistic party advertising

A Belgian party had used IKEA trademarks to publicly present its asylum policy agenda. According to AG Szpunar, political parties use trademarks "in the course of trade" (Art. 10(2) Directive (EU) 2015/2436, Art. 9(2) Regulation (EU) 2017/1001) when they obtain (indirect) economic advantages, regardless of any profit-making intention. A "due cause" exists only if the use of the trademark contributes to the political debate; mere promotion of one’s own campaign is not sufficient (opinion C-298/23).

EGC – Fundamental rights review of VLOP designation

The EGC dismissed Amazon’s action against the designation of its marketplace as a ‘very large online platform’ (VLOP). The Court assumed that Amazon is in principle entitled to challenge the constitutionality of the obligations imposed by the designation. The VLOP rules also constitute infringements of fundamental rights. However, these are justified in view of the wide discretion enjoyed by the legislator. (T-367/23).

EUCOM – Preliminary findings of violations of the DSA's transparency requirements

Several social media platforms may have introduced systems that hinder researchers' access to data, resulting in researchers only receiving incomplete or unreliable data. In addition, user-unfriendly reporting and redress procedures are alleged to be in place, including the use of 'dark patterns'. The platforms now have the opportunity to comment on the Commission’s preliminary findings and implement corrective measures (press release of 24.10.25).

EUCOM – DSA: Researchers gain data access

The delegated act, which specifies the details of data access in accordance with Art. 40 DSA, entered into force on 29.10.25. "Vetted researchers" can now apply for access to previously unavailable data from VLOPs/VLOSEs via the European data access portal (press release of 29.10.25; see also NL 07/25).

EUCOM – Establishment of the Digital Commons European Digital Consortium (DC-EDIC) confirmed

The new EU instrument enables Member States to develop, set up, and operate cross-border digital infrastructures, thereby pooling digital resources. The consortium will have its own governance and legal personality. Founding members include Germany, France, the Netherlands, and Italy; other members can join at any time (press release of 29.10.25).

EUCOM – 'Digital Omnibus'

The 'Digital Omnibus' aims to reform the European digital regulatory framework by reducing administrative burdens and compliance requirements for European companies, thereby promoting innovation. For this purpose, among others, the GDPR and the AI Act, are to be amended. The proposal suggests, i.a., linking the entry into application of the rules governing high-risk AI systems to support tools for companies. From a data-protection perspective, for example, the means of identification within the meaning of Art. 4 No. 1 GDPR are to be limited to those available to the controller itself (press release of 19.11.2025).

Higher Administrative Court of Schleswig-Holstein – Official information provided in response to press inquiries constitutes a formal administrative act

The court thus departs from the prevailing opinion, which regards the provision of information in press matters as a real act (Realakt). From a procedural perspective, this means that the right to information under press law (for example, Section 4 PressG SH) must be enforced through an action for issuance of a formal administrative act (Verpflichtungsklage), rather than a general action for performance (allgemeine Leistungsklage) (6 MB 28/25).

Higher Regional Court of Frankfurt am Main – Bundled offer: Mobile phone seller liable only for own service conditions

If a mobile phone retailer simultaneously offers the conclusion of a mobile service contract along with the phone, they are not considered the user of the service terms of that contract, as the latter agreement is concluded exclusively between the customer and the mobile provider. Furthermore, the service terms are not subject to unfair standard terms control as there is no modification of the parties’ performance obligations (cf. Section 307 III BGB) (press release of 31.10.25; not yet published, 6 U 117/24).

Higher Regional Court of Düsseldorf – Unilateral price adjustment right unlawful

A consumer protection agency filed an injunction against the price adjustment clause of an online platform. This clause allowed a unilateral price increase without the users’ consent. The only way to reject this was to terminate the membership. According to the court, such terms and conditions unreasonably disadvantage consumers (I-20 U 19/25, not yet final and binding).

Regional Court of Munich I – Use of lyrics in large language models (LLMs) violates copyright

The memorization of text within the models and its replication in the chatbot output (the latter indicating the former) constitute reproductions (Section 16 UrhG), the display in the output also constitutes making the work available to the public (Section 19a UrhG). The defendant could also not rely on a defense. In particular, according to the court, the text and data mining exception under Section 44b UrhG only covers the compilation of training data, not subsequent uses within the model. OpenAI is expected to appeal (42 O 14139/24, not yet final and binding).

German Federal Government – Data Act Implementation Act draft bill

Under the cabinet draft, the Federal Network Agency (BNetzA) shall be the sole supervisory authority, while the Federal Commissioner for Data Protection and Freedom of Information (BfDI) shall be responsible for data protection issues in connection with the Data Act (draft of 25.10.25).

German Federal Network Agency (BNetzA) – Draft Catalogue of Security Requirements for Telecommunications Networks and Services

The new draft catalogue pursuant to Section 167 TKG introduces potential hazards that, depending on the public significance of the network operators and service providers, require different security measures to be implemented. In addition, the list of critical functions has been integrated, and the draft specifies measures for the configuration of 5G networks (draft of Oct. 2025; press release).