This article discusses the 7 July 2022 majority decision of the Full Federal Court in Campaigntrack Pty Ltd v Real Estate Tool Box Pty Ltd [2022] FCAFC 112.

This decision highlights that businesses can be held liable for copyright infringement committed by a third party developer, but that the risk can be mitigated by checking the developer's history and insisting on appropriate warranties in the development agreement.

The scenario

You are not satisfied with one of your IT providers.

A developer you trust comes to you with a proposal to develop a new and improved system for your business. You know this developer has recently admitted to breaching copyright in their work. Despite that, you sign up and make it clear - in writing - that the developer must not breach anyone's Intellectual Property for your project.

Out of the blue, about a week before you are set to go live, you get a letter. It's your existing provider, letting you know that they have discovered this new system and claiming that it could well breach their copyright.

What do you do?

That was, in general terms, the situation faced by the real estate franchise Biggin & Scott.

They decided to carry on with the system, give undertakings to their existing provider that the new system does not infringe copyright and then a few months down the line, give the new developer's work to an independent expert for verification.

At first glance that sounds fairly reasonable. After all, Biggin & Scott have complete trust in this developer (whether or not this trust was well-founded is a separate discussion), and they told the developer that there must be no intellectual property infringement. Additionally, the developer told them that there is no infringement.

Furthermore, Biggin & Scott are very unhappy with their current provider; so maybe the current provider is just looking to persuade them against jumping ship to the new system?

Plus, they didn't copy anything themselves, so they can't be held responsible if the developer did copy any source code.right?


According to the 7 July 2022 majority decision of the Full Federal Court in Campaigntrack Pty Ltd v Real Estate Tool Box Pty Ltd [2022] FCAFC 112, the existing provider (Campaigntrack) sued both the developer and Biggin & Scott, as well as others involved in the development and use of the new system.

The situation with the developer in question was clear: he had copied their code, which is a direct infringement of Campaigntrack's copyright.

However, the situation with Biggin & Scott was more complex: as they did not directly copy the source code themselves, if they were to have liability it would necessarily be because they 'authorised' the infringement.

Authorisation has been a concept in copyright law for years (see our article Site Blocking Under the Copyright Act 1968: Silver Bullet or Pop Gun?). One of the early leading cases on the issue said 'authorisation' has it's ordinary, dictionary meaning. That is, to 'sanction, approve or countenance' (see University Of New South Wales v. Moorhouse (1975) 133 CLR 1).

Since then, changes have been made to the Copyright Act 1968 ('the Act') which state that:

are all relevant.

Unsurprisingly, authorisation cases always depend entirely on the facts of each case. It is a question of degree (see Roadshow Films Pty Ltd v iiNet Limited [2012] HCA 16).

At trial, Biggin & Scott were successful. The Judge found that Biggin & Scott:

  • trusted the developer;
  • made it clear that there was to be no infringement;
  • repeatedly sought assurances from them; and,
  • did not know that the developer had copied the source code.

Therefore, they did not authorise the copying.

Campaigntrack appealed. In the Full Federal Court, one of the Judges agreed with the trial Judge and also found that because Biggin & Scott co-operated with Campaigntrack, through giving undertakings and making the code available for review by an independent expert, there was no authorisation.

However, the other two Judges found that Biggin & Scott were 'indifferent' to the infringement and authorised it from the date on which Campaigntrack alerted them of the issue.

The majority's reasoning was that while Biggin & Scott may not have definitively known the source code was copied, they were 'indifferent' to it.

Having regard to the three factors set out in the Act, Biggin & Scott:

  • had the power to investigate the allegations of infringement and ensure the independent expert had the full suite of material available (Campaigntrack alleged that material was hidden), but failed to do so;
  • could not hide behind the blind trust they had in the developer, when faced with the allegations and the circumstances they knew at the time (including the developer's previous breaches); and
  • did not take any reasonable steps to prevent or investigate the infringement. Despite being in possession of an expert's report which said there was a 'high probability' the source code had been copied (though the dissenting Judge found this finding to be speculative), they continued to use the program (and allow their franchisees to use it) for about 18 months. In the majority's opinion, they should have co-operated with Campaigntrack to decisively get to the bottom of whether the source code had been copied. Instead, they denied the claim in the face of the evidence and even tried to walk back admissions they had previously made as to ownership of the program.

Key takeaways

  • Businesses can be liable for copyright infringement committed by a third party developer. This risk can be mitigated, including by checking the developer's history and insisting on appropriate warranties in the development agreement. However, depending on the circumstances, even those actions may not amount to the business taking 'reasonable steps' to prevent the infringement. (some kind of active supervision, compliance checking and/or third party assessment may be required); and
  • If a copyright owner makes a claim of infringement and the business is not in a position to verify the claim itself, relying on the developer's word will not be enough. The business must investigate the claim quickly and responsibly, including by seeking legal advice.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.