Sony sne Music isn’t entitled to compensation from a German shop owner whose free Wi-Fi hotspot was used to illegally share copyrighted music, the EU’s highest court ruled Thursday.

The ruling was well-timed, given the European Commission’s Wednesday announcement that it wanted to see free Wi-Fi extended across Europe.

The Court of Justice of the European Union (CJEU) also stressed that EU law forbids anyone from forcing Wi-Fi hotspot operators to monitor what people do over their networks. However, the judgement was not all good news for hotspot operators.

Get Data Sheet, Fortune’s technology newsletter.

Back in March, the court’s top legal advisor recommended that the business owner—a man called Tobias McFadden, who runs a lighting and sound system store—should not be forced to password-protect his network either.

Advocate general Maciej Szpunar said “conferring an active, preventative role” on hotspot operators would be inconsistent with their protected status under the 2000 e-Commerce Directive. (The directive says network operators aren’t liable for what happens on their networks, as long as they aren’t involved with the dodgy activity in question.)

That’s not what the CJEU decided in Thursday’s ruling. It said the copyright holder could get an injunction forcing the hotspot operator to secure its access point with a password—and to only give the password to people who “reveal their identity.”

This would ensure “a balance between, on the one hand, the intellectual property rights of rightholders and, on the other hand, the freedom to conduct a business of access providers and the freedom of information of the network users,” the court said in a statement.

So this is really a mixed ruling as far as hotspot operators like McFadden are concerned.

For more on Wi-Fi, watch our video.

It’s probably enough to encourage more people like him to offer free Wi-Fi as a sweetener to their customers, as they know they won’t have to pay up if a customer uses the connection for unlawful file-sharing.

On the other hand, it means they’ll have to keep an eye out for lawyers’ letters telling them to secure their networks, if it turns out their customers have been naughty.

Julia Reda, a Pirate Party member of the European Parliament, leapt on the ruling as evidence that copyright law is outdated and conflicts with the European Commission’s goal of widespread connectivity.

“That is not just a risk for private persons operating free Wi-Fi, but also for commercial providers or for access points run by local authorities, as foreseen by the European Commission—and it undermines their stated aims,” she said in a statement. “It has been bureaucratic hurdles like this one that have stifled the roll-out of free Wi-Fi.”

EuroISPA, a trade group representing European Internet service providers, broadly welcomed the ruling but seemed wary about the possibility of demanding password protection on hotspots.

“It is essential that national courts follow the finely-balanced reasoning of the CJEU, and order such injunctive relief only in those instances where there is demonstrable and serious risk of repeat infringements,” the group said in a statement.