Addressing database rights: Royal Mail successfully protects rights in its Postcode Address File

Introduction

Case: IDDQD Limited and Royal Mail Group Limited v Codeberry Limited and Lee Paul Smith [2025] EWHC 2561 (Ch)

The Postcode Address File (PAF) might just be the most used database in the UK you’ve never heard of! Have you ever wondered how addresses are found when you’re buying online or how those lists are compiled and used, and what rights arise from them? That is exactly what is addressed (pun intended) in this article by Quinn Liang, Associate and IP litigator in Bird & Bird’s London office.

Significance

In IDDQD Limited and Royal Mail Group Limited v Codeberry Limited and Lee Paul Smith [2025] EWHC 2561 (Ch), the High Court found infringements of database rights and copyright subsisting in postal address databases. 

The PAF is a great example of how valuable a simple database can be. It is a database of UK postal addresses that has been licensed to 50,000 UK business for a multitude of uses, from mapping to satellite navigation to customer profiling. Thousands of changes are made to the PAF each week, with operating costs amounting to around £3 million per year. With so much at stake, it’s no wonder that the PAF was the subject of a recent database right and copyright dispute.

The case is significant because it concerns database rights – lesser-known IP rights similar to copyright, but with important differences. As the data economy grows, database rights have grown more prominent. This dispute is important as judgments dealing with them are still relatively few. 

It also contains an exciting gotcha: the cunning use of ‘Mountweazles’: harmless, deliberate errors introduced into databases designed to catch copyists red handed.

Background

Claimants: The case ended in a joint trial of two different actions with different claimants against the same defendants. The two Claimants are the Royal Mail Group (RMG) and IDDQD Limited (IDDQD). In 1959, the Post Office, now the RMG, began to develop the PAF and subsequently made the PAF available to around 50,000 users subject to a licence fee. One of the licensees is IDDQD, a company that used the PAF to create its own GBR Database.

Defendants: The Defendants are: (i) a software developer, Lee Smith, who created a postal address database called GetAddress and (ii) Mr Smith’s trading company Codeberry Limited (Codeberry). Mr Smith, and then subsequently Codeberry, marketed GetAddress in competition with the PAF and the GBR Database. The Defendants had legal representation throughout most of the proceedings (for their evidence, disclosure and written arguments), but their lawyers did not appear at trial.

Claims: The Claimants claimed that Mr Smith created GetAddress using PAF data, and that GetAddress was later modified using the GBR Database. The Claimants alleged that Mr Smith’s use of his IDDQD account to download data from the GBR Database was in breach of his standard agreement with IDDQD which incorporated the RMG’s End User Terms (RMG EUT). The Claimants alleged that because the Defendants avoided paying any licence fees to RMG, the Defendants were able to offer GetAddress at severely undercut prices. 

As such, the Claimants claimed infringement of both database right and copyright in the PAF owned by RMG as well as database right in the GBR Database owned by IDDQD.

The claims were heard and decided by His Honor Judge Hacon sitting as a judge of the High Court.  

Database Right

Database right subsistence and infringement: Database rights have different criteria for subsistence than copyright: instead of requiring originality, database right instead focuses on the acts of collating and investment. 

• PAF: The Court found that database right subsisted in the PAF as a “rolling database” due to the ongoing investment in the creation and maintenance of the PAF – a massive task involving 9-12,000 changes each week and operating costs of between £27m and £34m.
• GBR Database: The Court found that database right subsisted in IDDQD’s GBR Database, which was built using the PAF with permission under the terms of a licence from RMG. The GBR Database had sufficient investment in obtaining, verifying and presenting the contents of the PAF and the GBR Database, and was updated daily with data modifications to improve the efficiency of searching and retrieval. 

The Court found that the Defendants had extracted 3-4 million addresses from the GBR Database, which was no doubt a significant part. As the GBR Database is built around the PAF, the Defendants must have downloaded PAF data too. By downloading and incorporating a substantial amount of the GBR Database and PAF data into the GetAddress database before marketing GetAddress without a licence, there was therefore infringement of both RMG and IDDQD’s database rights. 

Tricks, traps, and evidence of infringement: Mr Smith argued that the GetAddress database was created not from the PAF but from a list of 13 publicly available sources such as The Ordnance Survey Code-Point Open dataset, an NHS postcode directory, addresses of social housing, and HM Land Registry Price Paid Data. 

Cunningly, both the PAF and the GBR Databases had been seeded with dummy addresses, decoys purposefully introduced to expose copying – known as a ‘Mountweazel’ after a famous encyclopaedia entry designed to do just that.

Evidence presented at the trial demonstrated a high correlation between the PAF data and GetAddress data (around 78%), similar uses of abbreviations, and in particular two forms of mountweazel: the presence of ‘seed’ addresses (postcodes that do not exist originally planted by  RMG in their PAF data) and over 5,000 ‘sleepers’ (errors in addresses purposefully introduced by the creator of the GBR Database once he became suspicious that GetAddress was using information from the GBR Database) in the GetAddress database.

Defences (verifying, validating, consulting?): There were two interesting defences considered.  Mr Smith admitted to downloading parts of IDDQD’s GBR Database, which was built around the PAF. However: 

1. the Defendants argued that their use of these downloads was merely for “verifying, validating or cleansing the GetAddress Database, created from other sources, for maintenance.” The Court held that “‘verifying’ and ‘validating’ would at the least involve temporary downloading of RMG’s data, infringing both database right and copyright.”
2. the Court did not accept the Defendants’ other defence that they were merely consulting (“looking at”) the PAF, clarifying that copying part of the PAF in order to incorporate it into the GetAddress database was more than mere consultation. 

No permission (and breach of contract):  The Defendants argued that the IDDQD standard terms allowed both Defendants to use the PAF: Mr Smith because he held accounts with IDDQD, and Codeberry because Mr Smith argued he was acting as Codeberry’s agent.

• Mr Smith: Mr Smith had accounts with IDDQD under its standard terms, which incorporated the RMG EUT. The RMG EUT only allowed Mr Smith as an End User to extract PAF data solely for the purpose of verifying or correcting the GetAddress Database for his own benefit in his own business. The RMG EUT did not permit Mr Smith to incorporate the PAF into the GetAddress database nor subsequently market the GetAddress database to third party customers in competition with RMG. The Court also clarified that RMG’s failure to complain about the GetAddress database over a period of 9 years did not automatically constitute consent. Mr Smith had therefore breached both the IDDQD standard terms and RMG EUT.
• Codeberry: The agreements were between IDDQD and Mr Smith, not between IDDQD and Codeberry. When Mr Smith signed up to the IDDQD service, he did not provide details of Codeberry, nor did he state he was signing on behalf of Codeberry. There was also no evidence that IDDQD’s terms provided any licence to third parties such as Codeberry. Consequently, the Court held that Codeberry could not have been granted any sort of licence by IDDQD for its extractions from the GBR Database.

The Defendants therefore failed to show that their extraction and incorporation into the GetAddress Database was permitted under a licence. RMG’s lack of consent for the Defendants’ use of the PAF was established as there was no evidence RMG “unequivocally demonstrate[d]” an intention to renounce its right to enforce its exclusive rights. 

Copyright

RMG’s copyright infringement claim relied on copyright in the PAF as it existed in March 1996 (Historic PAF). The same evidence used to establish subsistence of database right in the PAF was held by the Court to clearly establish sufficient skill and labour in the creation of the Historic PAF, and therefore subsistence and ownership of copyright in the Historic PAF.  

The Court held that Mr Smith had copied a substantial part of the PAF for creating, maintaining and updating the GetAddress database. Even though the Defendants’ copying occurred decades after 1996, the copying still involved a substantial part of the Historic PAF. The Defendants had therefore appropriated the skill and effort expended by the Historic PAF’s authors. 

The creation and sale of the GetAddress database constituted communicating parts of the Historic PAF to the public without consent and therefore constituted copyright infringement by both Defendants in their individual capacities. 

Joint Liability

Whether or not a director is liable together with their company is often a finely balanced matter, and the law changed on this in 2024: this case was an example of the High Court applying the new principles set out by the Supreme Court joint liability case of Lifestyle Equities CV v Ahmed [2024] UKSC 17. 

Each individual Defendant had been found liable for infringement of RMG and IDDQD’s respective database rights: Mr Smith was personally liable as he had created the GetAddress database personally and had marketed GetAddress himself for a brief period; Codeberry was found directly liable for its marketing of GetAddress. However, there was an additional question as to whether Mr Smith was jointly liable for Codeberry’s acts of infringement. 

Applying Lifestyle Equities, the Court concluded that Mr Smith was in fact jointly liable for Codeberry’s infringing acts. The Court found that: 

1. Knowledge of essential features: Mr Smith had knowledge of the “essential features” of the infringing acts because he carried them out himself. Whilst Mr Smith’s wife was the only other person involved as an officer of Codeberry, she did nothing more than sign documents put in front of her without any knowledge of their contents;
2. More than trivial: Mr Smith’s assistance regarding Codeberry’s infringing acts was more than trivial (again, Codeberry’s acts were carried out by Mr Smith himself); and
3. Common design: Although the Court acknowledged that it was a little artificial to view a common design between Mr Smith and himself, there was nevertheless a common design between Mr Smith in his own right and Mr Smith as an officer of Codeberry.  

Comment

This case is a useful reminder of the relevant law on database right and copyright. 

• Database rights can subsist in a ‘rolling’ database, i.e. one which is constantly updated. The 15 years of protection afforded to database right therefore applies to the most recent version of the whole database, even if previous versions ‘disappear’.
• The old method of hiding false entries in a database can still be a cunning and effective trap to prove infringement.
• The judgment highlights the extremely narrow scope of the defence of mere consultation of databases, which essentially can only involve ‘looking at’ the database without further extraction.
• In relation to consent and permission for database extraction, the database right owner’s intention to renounce its rights must be unequivocally demonstrated. Here, extraction was permitted but the licence terms clearly stated that the extracted data must not be supplied to third parties. The owner’s failure to complain about infringement does not automatically constitute consent. 

The case also demonstrates how recent case law on joint liability can be applied, albeit in a straightforward scenario where all of one defendant’s acts were carried out by the other defendant.