Guidance

The Collective Management of Copyright (EU Directive) Regulations 2016: How the IPO will carry out investigation and enforcement activities

Updated 26 January 2021

© Crown copyright 2021

This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.

Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.

This publication is available at https://www.gov.uk/government/publications/how-the-ipo-will-carry-out-investigation-and-enforcement-activities/the-collective-management-of-copyright-eu-directive-regulations-2016-how-the-ipo-will-carry-out-investigation-and-enforcement-activities

Introduction

The Collective Management of Copyright (EU Directive) Regulations 2016 (“the Regulations”) set standards for bodies engaged in collective licensing of copyright works.

The Secretary of State for Business, Environment and Industrial Strategy is responsible for monitoring and enforcing compliance with the Regulations. In practice the day-to-day functions of the national competent authority will be carried out for the Secretary of State by officials at the Intellectual Property Office (“the IPO”), which is an executive agency of BEIS. This document refers to the IPO in the context of investigation and enforcement activity for the sake of brevity.

The majority of the Regulation’s provisions apply to bodies known as Collective Management Organisations (“CMOs”). A CMO is defined in the Regulations as a body authorised by law or by way of assignment, licence or any other contractual arrangement to manage copyright or rights related to copyright on behalf of more than one right holder, for the collective benefit of those right holders, as its sole or main purpose, and which fulfils one or both of the following criteria:

  • it is owned or controlled by its members;
  • it is organised on a not-for-profit basis

Certain obligations under the Regulations apply to other parties, namely:

  • entities connected with CMOs which engage in certain collective licensing activities;
  • independent management entities (IMEs) (licensing bodies which are not owned or controlled by their members and which operate on a for-profit basis);
  • members of CMOs;
  • users of collective licences (or bodies representing their interests);
  • right holders (or bodies representing their interests)

This guidance only relates to the IPO’s investigation and enforcement functions. The IPO will also work with parties affected by the Regulations on an informal basis to monitor, promote and support compliance with the Regulations.

Investigations

The IPO is obliged to have regard to information which is received regarding behaviour or activities which may constitute a breach of the Regulations. However, the IPO is not obligated to take any particular action in response to such information.

Information on how the IPO regulates licensing bodies and ways you are able to submit information to the IPO are available.

Before considering whether to proceed with a formal investigation which could result in the use of the enforcement powers available under the Regulations, the IPO would usually consider whether any potential non-compliance could be informally addressed. The IPO intends to maintain a regular dialogue with parties affected by the Regulations including inter alia CMOs, IMEs, and bodies representing right holders and users, and will use these forums to address potential issues as they develop. In the absence of a compelling reason to move immediately to a formal investigation, the IPO will encourage resolution through informal means, including the issuing of guidance.

The IPO intends to adopt a proportionate approach to its regulatory functions. As such, it will analyse and prioritise information it receives in order to decide whether to initiate an investigation, and whether to continue to pursue an investigation already in progress.

The IPO will prioritise according to the following principles:

  • impact
  • systematic importance
  • rationale for public enforcement
  • proportionality

Impact

The IPO will be more likely to formally investigate a possible breach of the Regulations where there is a risk of ongoing negative impact on the parties affected by the breach – for example, financial or reputational loss.

The IPO will also assess whether the breach and an investigation that could result from it could have a wider impact on collective rights management in the UK. For example, the IPO may be more likely to initiate an investigation where it considers that enforcement action to act upon the possible breach could prevent more serious impacts in the future. The IPO could also consider whether investigation and enforcement has the capacity, for example, to improve behaviours to the benefit of right holders or users of collective licences.

Systemic importance

The IPO will be more likely to conduct an investigation where it feels that the breach connects to a broader issue of compliance. For example, a large volume of complaints relating to a single issue could indicate a systematic failure to comply with the Regulations – particularly where similar complaints emerge from different sectors.

The IPO could also consider whether information about a potential breach or series of breaches evidences a systemic failure to comply in a particular organisation.

Rationale for public enforcement

The IPO will need to consider whether an investigation – and subsequent potential enforcement action – is necessary or appropriate to resolve the issue at hand. For example, the IPO will not usually launch an investigation in relation to an individual complaint where the option to use a CMO’s internal complaints process has not been explored.

The IPO will also consider whether the availability of other routes to persons in relation to non-compliance would be more appropriate than enforcement under the Regulations. For example, in considering whether to investigate an alleged failure to provide information to a CMO by a licensed user, the IPO would be likely to ask whether this constitutes a breach of contract by the user. In that instance (and in the absence of another compelling reason for public enforcement) it might be considered that public enforcement is not appropriate.

Resources

The IPO will only decide to open or continue with a formal investigation or to take action if it is satisfied that it is proportionate to do so.

The amount of resource required is likely to differ depending on the issue and the type of investigation. When assessing resources, the IPO will consider:

  • the possible informal and formal actions that the IPO could take to resolve the issue and the relative resource requirements for each action;
  • the possibility of tackling an issue quickly to ensure it does not become more widespread. Informal actions may be quicker in this respect;
  • the anticipated length of the investigation and other time factors;
  • the resources required for the investigation compared to the likely benefits of taking possible action; and
  • the possible impact of taking resources away from other work

Where the IPO decides not to proceed with an investigation on the grounds that it is not proportionate to do so, it will retain relevant information about the issue in order that this decision can be kept under review. For example, where new evidence comes to light that increases the impact of a known issue, it may become proportionate to open a formal investigation where it was not previously so.

Investigation process

When it chooses to open a formal investigation, the IPO will look to inform the relevant person as soon as possible.

The IPO has a power in the Regulations to require certain specified persons to provide information.

The IPO would usually make an informal request for information in the first instance. If the IPO needs to formally request information from any person, it will provide them with a written notice, specifying:

  • the power under which the information is requested;
  • who is required to provide the information?
  • what information is required?
  • to whom the information is to be provided;
  • in what form it is to be communicated (e.g. post, e-mail);
  • where it is to be provided;
  • when, or the time by which, it is to be provided; and
  • the possible consequences of failing to comply

When setting out the information required and the time by which it must be provided by, the IPO will have regard to the proportionality and complexity of the request. However, the burden of complying with a request will not be considered an acceptable reason not to comply, or to delay compliance.

Delays in the provision of information can have a major impact on the overall timescale of an investigation. The IPO will therefore expect persons to respond to formal requests in the timeframe requested.

Any information provided to the IPO in connection with its activities as the national competent authority will be treated in accordance with the IPO’s privacy policy and its obligations under data protection legislation. In particular, the IPO will seek to keep the identity of a party that informs it of a potential breach confidential if that party so wishes.

The IPO may undertake other activity in the course of an investigation. This could include informal information-gathering, the commissioning of specialist research or analysis, facilitating meetings, or other such activity as the IPO believes may support its investigation.

There are no statutory limits on the timescale of an investigation. The IPO will attempt to complete any investigation as soon as is reasonable given the particular circumstances of a case. If the IPO provides an indicative timescale to any party, this will not be binding.

The IPO is not required to publish the outcome of a formal investigation. However, it will usually seek to do so in cases where formal enforcement action has been taken.

Persons who will be identified as part of such a report will be given reasonable notice to comment on some aspects of the report before publication. This would include questions of commercial confidentiality, as well as any material factual inaccuracies.

Enforcement action

An investigation by the IPO would usually result on one of the following findings:

  • no breach of the Regulations has occurred
  • a breach of the Regulations has occurred, but has been remedied during the course of or before the investigation
  • a breach of the Regulations has occurred and is ongoing

Where the IPO considers that a breach of the Regulations has occurred, it will consider whether the use of its enforcement powers is appropriate or proportionate. It will do so having regard to factors including, but not limited to:

  • the impact of the breach on affected parties
  • any action taken by the non-compliant party to remedy the breach
  • the likely effectiveness of any enforcement action, including the promotion of future compliance
  • whether the issue can be resolved by other means, including a publication of recommendations or revised guidance

Where the IPO considers that formal enforcement action is required, it may take the following actions:

  • give a compliance notice the person in question requesting it to take specified actions to remedy a breach of the Regulations; or
  • impose financial penalties

The IPO will consider which enforcement action is appropriate according to the circumstances of the individual case and the limits set by the Regulation.

The IPO’s decision on appropriate enforcement action will be informed by the principles established by the Macrory Report (2006).

  • a sanction should aim to change the behaviour of the offender;
  • a sanction should aim to eliminate any financial gain or benefit from non-compliance;
  • a sanction should be responsive and consider what is appropriate for the particular offender and the regulatory issue;
  • a sanction should be proportionate to the nature of the offence and the harm caused;
  • a sanction should aim to restore the harm caused by regulatory noncompliance where appropriate, although this does not include awarding compensation;
  • a sanction should aim to deter future non-compliance

In accordance with the Macrory principles, the IPO will pursue sanctions that are proportionate to the nature and seriousness of the breach and its impact. In considering which, if any, enforcement powers to use, the IPO’s main objective will be to ensure that its actions promote compliance with the Regulations.

Accordingly, the IPO is more likely to use informal means where a breach of the Regulations is less serious or can be quickly corrected before it has a significant detrimental impact.

Compliance notices

In cases of more serious breaches, the IPO will adopt a stepped approach in most cases, beginning with the issuance of a compliance notice. A compliance notice will be provided to the relevant party in writing and will set out:

  • how and why the IPO thinks that the Regulations have been breached;
  • the specific provision or provisions which have been breached;
  • the action that the IPO requests to be taken to end the non-compliance (if applicable);
  • the time by which the action specified above is requested to be taken;
  • the evidence that the IPO requests to demonstrate that the noncompliance has ended (if applicable);
  • the consequences of failing to comply with the compliance notice or any undertakings provided in respect of the compliance notice

A compliance notice may be withdrawn. A compliance notice would be withdrawn, for example should the IPO no longer think that there has been a breach.

The IPO will, as a matter of course, publish details of compliance notices issued and rescinded on its website.

Regulation 37 confirms that the IPO cannot impose a financial penalty following the giving of a compliance notice unless the party has failed to comply with that notice, or any undertaking given in relation to it.

Financial penalties

In order to impose a financial penalty on a person, the IPO must be satisfied that a breach by that person of the Regulations has occurred – this is a higher burden of proof than required to issue a compliance notice (which requires that the IPO must think that a breach has occurred).

Where the person in breach is a CMO a financial penalty can be imposed instead on particular individuals within the CMO. This facility could be used where the breach is attributable to a senior individual, such as a director.

When deciding on the level of a penalty, the IPO is bound by the maximum level set out in the Regulations, and is required to consider what penalty is appropriate having regard to the nature of the breach. In practice, the IPO will have regard to aggravating and mitigating factors as set out in the Macrory principles. These include:

Aggravating factors

  • seriousness of the regulatory non-compliance, e.g. the harm or potential for harm to human health or the environment, the duration of non-compliance etc;
  • evidence of intention (if any) behind the regulatory non-compliance;
  • disciplinary record or history of non-compliance of the business;
  • financial gain made by the business as a result of non-compliance with regulations;
  • size and financial resources of the firm that failed to comply with regulations;
  • the conduct of the business after the regulatory non-compliance has come to the attention of the regulator; and
  • previous actions taken by the regulator, or other regulators, to help the business into compliance.

Mitigating factors

  • actions taken to eliminate or reduce the risk of damage resulting from regulatory non-compliance;
  • actions taken to repair the harm done by regulatory non-compliance;
  • co-operation with the regulator in responding to regulatory non-compliance;
  • fast and accurate reporting of regulatory non-compliance;
  • size and financial resources of the firm that failed to comply with regulations;
  • the conduct of the business after the regulatory non-compliance has come to the attention of the regulator; and
  • vicarious liability for failures by employees including the adequacy of management controls and the extent to which the employee was acting outside of his or her authority

The IPO is required to give notice of the penalty to the person upon who it is imposed in writing. The notice will set out:

  • the amount of the penalty
  • the act or omissions contravening the Regulations which have given rounds to impose a penalty
  • the specific provisions of the Regulations that the IPO is satisfied have been breached
  • any other relevant facts which relate to the decision to impose a penalty
  • the period within which the penalty must be paid

The IPO can rescind the imposition of the penalty by giving notice to the person upon whom it has been imposed. This could occur in the event that new evidence emerges which could, if it was known at the time the penalty was imposed, have changed the decision to impose a penalty.

Any decision by the IPO to impose a penalty is subject to appeal to the First-Tier Tribunal, as set out on Regulation 40.

Any financial penalties recovered by the IPO will be paid into the Consolidated Fund, and so cannot be used to fund the IPO’s activities (whether in relation to its role as the national competent authority or otherwise). It is not possible for the IPO to re-direct penalties to provide compensation to injured parties.

Queries

If you require more information on any aspect of the content of this guidance, please contact the IPO at collectiverights@ipo.gov.uk.

Concept House
Cardiff Road
Newport
NP10 8QQ
Tel: 0300 300 2000

Back to top