Oxford Handbook of Online Intermediary Liability

Mapping Online Intermediary Liability

Giancarlo Frosio
Oxford Handbook of Online Intermediary Liability
Edited by Giancarlo Frosio
Print Publication Date: May 2020 Subject: Law, IT and Communications Law
Online Publication Date: May 2020 DOI: 10.1093/oxfordhb/9780198837138.013.1
Abstract and Keywords
ronment. The Oxford Handbook of Online Intermediary Liability

tially contribute to this mapping exercise, both from a subject-specific and jurisdictional
perspective, while highlighting emerging trends in a field of research that has been fast-
evolving and is today in a constant, quite unpredictable, flux. This chapter contextualizes
the mapping exercise undertaken by the contributors to the Handbook. It introduces the
vide a blueprint for the consistent development of those chapters as it sets out in advance
erated.
Keywords: intermediary liability, online, mapping, trends, international, subject-specific, enforcement,

dering, internet jurisdiction
INTERMEDIARY
bility and responsibility of online service providers (OSPs). In addition, market conditions,
against which the initial regulation was developed, have changed considerably since the
first appearance of online intermediaries almost two decades ago. These changes started
to be reflected in new policy approaches. Tinkering with this matter which is in constant
flux brought The Oxford Handbook of Online Intermediary Liability
nundrum, map emerging regulatory trends, and qualify political and economic factors
tiple scholarly perspectives and promoting a global discourse through cross-jurisdictional

parallels. The Handbook thus serves as a privileged venue for observing emerging trends
in internet jurisdiction and innovation regulation, with special emphasis on enforcement
Page 1 of 34
PRINTED FROM OXFORD HANDBOOKS ONLINE (www.oxfordhandbooks.com). © Oxford University Press, 2022. All Rights
Reserved. Under the terms of the licence agreement, an individual user may print out a PDF of a single chapter of a title in
Oxford Handbooks Online for personal use (for details see Privacy Policy and Legal Notice).
Subscriber: Waseda University; date: 06 February 2022

fringement, and the role of online platforms in moderating the speech they carry for
users, including obligations and liabilities for defamation, hate, and dangerous speech.
tant policy debate, the Handbook enlisted leading authorities with the goal of mapping
cessor, the World Intermediary Liability Map (WILMap), a repository for information
(p. 4)
ternet and Society (CIS), that I developed and launched with contributions from many of
the co-authors of this Handbook.1
tioned earlier, mapping and comparative analysis exercises have been undertaken by the
Network of Centers,2 the World Intellectual Property Organization (WIPO),3 and other
academic initiatives.4 Institutional efforts at the international level are on the rise. The
Global Multistakeholder Meeting on the Future of Internet Governance (NETmundial)
worked towards the establishment of global provisions on intermediary liability within a
charter of internet governance principles.5 The final text of the NETmundial Statement
way that respects and promotes economic growth, innovation, creativity, and free flow of
6
ing or revising their policies for the internet economy, the state members should consider
the limitation of intermediary liability as a high level principle.7
laration of the three Special Rapporteurs for Freedom of Expression contains statements
suggesting an ongoing search for a global regime for intermediary liability.8
sentative on Freedom of the Media of the (p. 5) OSCE issued a Communiqué on Open
Journalism
10
Other projects developed best practices that can be implemented by
mental rights.11
namic Coalition for Platform Responsibility aims to delineate a set of model contractual
provisions.12
Guiding Principles on Business and Human Rights.13

Page 2 of 34

aries.14 The project ranks internet and telecommunications companies according to their
Several initiatives have looked into notice-and-takedown procedures in order to highlight
down ecology.15 The Takedown Project is a collaborative effort housed at the University of
down procedures.16 Again, the Internet and Jurisdiction project has been developing a
due process framework to deal more efficiently with transnational notice-and-takedown
eration requests.17
(p. 6) 1. Mapping Fundamental Notions

Following this chapter, Part II of the Handbook maps out fundamental notions and issues
ty and remedies. In addition, it puts into context intermediary liability regulation with
Graeme Dinwoodie sets the stage by defining a taxonomy of online intermediaries in

Chapter 2. Dinwoodie ask the question Who are Internet Intermediaries? or, as multiple
ings, disappointing as they may be, are that there is little consensus, a condition that is
common to all things related to online intermediary liability. Fragmentation and multiple
approaches abound. Reconstruction of the notion comes from scattered references in
sion and bringing together the systematization of other contributors to the Handbook,
such as Jaani Riordan and Martin Husovec.18
proach unbounded by ephemeral technological references. The present debate on the

overhaul of the online intermediary liability regime exposes the limitations of the former
diaries bring together or facilitate transactions between third parties on the Internet.
They give access to, host, transmit and index content, products and services originated by
19
Page 3 of 34

creasingly become obsolete. More granularity is needed and account should be taken of
actors performing multiple functions and services.
ed along a spectrum comprising four main standards: strict liability; negligence or fault-
bility may be further divided into prohibitory and mandatory (p. 7)

dan explains, these rules can be then situated within concepts of primary and secondary
liability. The review of the types of liability and intermediary obligations also leads to
identifying the main justifications given for imposing liability on intermediaries. On one
bility for primary wrongdoers and intermediary liability rules reflect the secondary
enforcement costs by secondary actors who are likely to be least-cost avoiders. Finally,
Chapter 3
defamation, hate speech, breach of regulatory obligations, and disclosure obligations.

Further chapters will pick up several of these wrongdoings for more detailed discussion.
In Chapter 4, Martin Husovec completes this preliminary mapping exercise with an
tions, their scope and goals, while also analysing the costs of those remedies. In
bility, secondary liability, and injunctions against innocent third parties or intermediaries,
which are a more recent development. Applying any of these pillars to intermediaries has
ties that never acted wrongfully themselves, rather than against known tortfeasors that
sue by putting in place the necessary balancing, while others do not come up with similar
risdictions. In search of consistency, legal systems should look for a common vocabulary
and a common set of consequences associated with regulatory modalities.
Chapter 5 wraps up the legal framework that has been in place for almost two decades by
looking at it through the lens of empirical evidence. Kristofer Erickson and Martin
Page 4 of 34

mediary liability policy, which builds on previous empirical projects such as the Copyright
Evidence Wiki, an open-access repository of findings relating to the effects of copyright.20
(p. 8) liability, moving
from an obligation to act once knowledge is obtained to an obligation to prevent harmful
forcement or abuse, transparency of the takedown process, and the costs of enforcement
borne by different parties, should be assessed in advance of policymaking. Legislative and
regulatory changes should then follow from an empirically-based policymaking process.
All in all, according to Erickson and Kretschmer, evidence suggests that the notice-and-
parency of algorithmic decision-making becomes a critical call for the platform society,
unaccountable privately-run algorithms.21

cussed by Ben Wagner in Chapter 35.
After mapping fundamental categorizations in the field, Part II also highlights tensions
within the system, especially concerning the ethical implications of intermediary liability
regulation and frictions with fundamental rights. In Chapter 6
signers of online environments, OSPs play a civic role in mature information societies.
acceptable and socially preferable from a global perspective that can reconcile different
soft ethics to consider what
op ethical foresight analyses to consider the impact of their practices and technologies
step-by-step and, if necessary, identify alternatives and risk-mitigating strategies. In
Chapter 7
mediary liability and fundamental rights with special emphasis on the European legal
nundrum. Policymakers are still in search of a balanced and proportional fine-tuning of
view in several chapters of the Handbook, might set in motion dystopian scenarios where
Page 5 of 34

2. Mapping International Fragmentation:

(p. 9)
From Safe Harbours to Liability

Part III
ping international actions which have oscillated from safe harbours to liability. This Part
es. Each chapter in this Part focuses on regional trends, then cherry-picks an important
topic to be discussed in detail. In this respect, Part III exposes an increasing number of
forms. Since the enactment of the first safe harbours and liability exemptions for online
intermediary liability conundrum.
In the mid-1990s, after an initial brief hesitation,22

mediaries, both access and hosting providers, should enjoy exemptions from liability for
mediaries from liability for the speech they carry.23
ment under more stringent requirements.24

posed on EU Member States the obligation to enact similar legal arrangements to protect
a range of online intermediaries from liability.25 Other jurisdictions have more recently
followed suit.26 In most cases, safe harbour legislation provides mere (p. 10) conduit,
eral obligation on online providers to monitor the information which they transmit or
store or actively seek facts or circumstances indicating illegal activity.27
munities in the United States in Chapter 8, even the traditionally strong enforcement of
(CDA) shows signs of decay with critics claiming that the functional life of section 230 is
nearing its end and more regulation is necessary.28 Similarly, safe harbours for copyright
infringement provided for by the US DMCA have also been questioned.29 However, on the
gress to undermine significantly section 230. In Chapter 9, Juan Carlos Lara Gálvez and
net intermediary liability in Latin America. They note that even where FTAs have been
Page 6 of 34

adopted between the United States and Latin American countries, the implementation of
related intermediary liability provisions lags behind. So far, only Chile and Costa Rica
have implemented these provisions in their national laws. Notably, after the withdrawal of
the Unites States from the Trans-Pacific Partnership (TPP), the remaining parties reached
an agreement on an amended version of the TPP, which actually suspended the provisions
whether adopting the DMCA model is ideal for Latin American countries. In any event,
el for balancing the rights of copyright holders and the general public, which explains the
resistance in implementing this regime nationally.
Similar resistance to providing immunities for intellectual property infringement is also
ing a civil liability exemption for internet access providers and other internet providers.30
right infringement.31 Luiz Moncau and Diego Arguelhes describe the process leading to
enactment of the MCI and its main achievements in Chapter 10. (p. 11) Although the MCI
is simply an ordinary federal statute, it arguably stands out as a manifestation of digital
constitutionalism, as Moncau and Arguelhes argue. Following in the footsteps of an
emerging global move,32
of
powers is very much threatened by private companies that hold the resources and tools
to shape our online experience.
line intermediaries for quite some time. In Chapter 11, Nicolo Zingales reviews a global
attempt in several African jurisdictions to adjust the legal framework to the challenges
posed by the platform economy. In Intermediary Liability in Africa: Looking Back, Moving
Forward?
most sophisticated intermediary liability legislation in the area.33 Ghana, Zambia, and
Uganda have enacted legislation heavily inspired by the South African model. Meanwhile,
bersecurity, and personal data protection, in particular with a dedicated AU

Convention.34 However, very limited intermediary liability legislation has been adopted in
gled with immunities and the self- and co-regulation schemes that characterize the South
mental rights, such as freedom of expression. According to Zingales, only the AU could
promote a shared notion of intermediary liability exemptions in the region.
tralian law governing the liability of online intermediaries, according to Kylie Pappalardo
and Nicolas Suzor, who provide a comprehensive review of the current state of Australian
online intermediary liability law across different doctrines, such as laws of defamation,
Page 7 of 34

racial vilification, misleading and deceptive conduct, contempt of court, and copyright. In
Chapter 12, Pappalardo and Suzor show that the basis on which third parties are liable
termediaries will not be held liable, which results in a great deal of uncertainty. These
conflicts in flux within Australian doctrines that have been applied to online intermediary
liability have led to a push for greater online enforcement and intermediary regulation
palardo and Suzor posit that confusion between capacity and responsibility has a role in
much of the uncertainty in Australia intermediary liability regulation. One solution would
be for Australian courts to more strictly apply responsibility (p. 12) theory in tort law and
wrong, therefore establishing fault first and liability later.
In Chapter 13, Kyung-Sin Park compares the intermediary liability rules of six major Asian
countries including China, India, Japan, Korea, Indonesia, and Malaysia to demonstrate
that under the label of safe harbours lies, in fact, a liability trap.35 China and South Korea
adopted a rule that an intermediary is required to remove known unlawful content on the
vert the whole system into one imposing, rather than exempting from, liability. However,
such a threat may have had an impact on the jurisprudence that, by way of the 2013
Shreya Singhal decision,36
bour regulation which was announced in December 2016 seems to move towards the
to follow the US model closely but has a structure that allows the same misunderstanding
In Chapter 14, Danny Friedmann expands on China and explains how the interplay of
multiple laws, regulations, and judicial interpretations have produced a system where
weak safe harbours for online intermediaries oscillate heavily towards enhanced liability,
sors, like Alibaba and Baidu, to become an omniscient tool against alleged infringement,
both intellectual property (IP) and speech related. However, in a move that is surprisingly
Page 8 of 34

ry framework seems to push forward self-regulation and pressure for OSPs to take on
more responsibility, rather than a legislatively mandated duty of care.
termediaries. As part of its Digital Single Market (DSM) Strategy, the European (p. 13)
ronment for platforms and online intermediaries.37 In Chapter 15, Maria Lillà Montagnani
discusses this development by looking into the emergence of A New Liability Regime for
Illegal Content in the Digital Single Market Strategy
ing with unlawful third party content.38

right in the DSM Directive,39 the amendments to the Audiovisual Media Service
Directive,40 and the Guidance on Unfair Commercial Practices,41
42
among online platforms in Europe. These developments both aim
to achieve a fairer allocation of value generated by the distribution of copyright-protected
43
costs of online enforcement by shifting the burden of sanitization of allegedly illegal

speech on online intermediaries rather than law enforcement agencies. In this context,
Montagnani highlights obvious inconsistencies between the new vertical regimes and the
horizontal safeguards for intermediary liability provided by the e-Commerce Directive.44
nection with the expansion of private ordering and voluntary measures in Europe as
much as in other jurisdictions as earlier noted.
opments of intermediary liability regulation can be identified as consistently emerging in

multiple jurisdictions. Standards for liability are lowered, safe harbours constricted, and
incentives for responsible behaviour, that should mainly be carried out (p. 14)
aries have been increasingly involved with semiotic regulation online, which is perceived
as a major threat to global stability due to the ubiquity of allegedly infringing behaviours
and the enormous transaction costs that enforcement entails. However, standards differ
termediaries in the United States, while the rest of the world is slowly drifting away from
crease in vertical regulation often launched without pondering potential inconsistencies

with horizontal regulation that has now been in place for a few decades.
Page 9 of 34

3. Mapping Subject-Specific Regulation

Mapping online intermediary liability worldwide entails a review of a wide-ranging topic,
stretching into many different areas of law and domain-specific solutions. The purpose of
Part IV
ments. This Part provides an overview of intermediate liability for copyright, trade mark,
tions and liabilities for defamation, hate, and dangerous speech.
Secondary liability for copyright infringement has increasingly moved centre stage and is
right reform has struggled to find consensus on new obligations for OSPs.45
ability and the alternative of construing online intermediaries as primarily liable for the
dorsed by the European Parliament,46 setting Europe apart from the dominant approach
in other jurisdictions. In Chapter 16, Christina Angelopoulos builds on her long-standing
bility in copyright in order to plot a path for

ty in the EU: A Summary
tions of Europe: the UK, France, and Germany. This examination shows the emergence of
three cross-jurisdictional approaches to intermediary liability, including intra-copyright
solutions, tort-based solutions, and (p. 15) injunction-based solutions. Existing projects on
the harmonization of European tort law, such as the Principles of European Tort Law
(PETL),47
ty in copyright. Angelopoulos proposes a negligence-based approach, which is informed
mental rights.48
However, harmonization in this field is also taking place through an expansive notion of
communication to the public. Both CJEU case law49 and EU legislation50 have construed
some online intermediaries as directly liable for communicating infringing content to the
public. In Chapter 17, Eleonora Rosati looks into the Direct Liability of Intermediaries for
copyright infringement and disentangles the complexities of the recent CJEU case law
concerning the matter. In the light of recent legislation,51 direct liability reaches beyond
cluded by the CJEU in The Pirate Bay case.52

tent platforms that organize and promote user-uploaded content for profit.53 In addition,
no safe harbours will be available to platforms that communicate to the public. Both these
Page 10 of 34

cially in the EU.
In a highly volatile policy environment like that of the United States where market forces
ropean developments might lead to reconsideration of the traditional balance of interests
line intermediaries. Presently, although reform activity and ligation has slowed down in
ments of the Digital Millennium Copyright Act.54 In discussing

fringement Liability and User-Generated Content in the United States, Lerner highlights
tion of the notion of inducement and wilful blindness, which leaves room for litigation
fringing content.
(p. 16)
right, trade mark infringement can become a sensitive public order concern, especially
when it involves drugs or food the commercialization of which might put public health at
guidelines has made tackling counterfeits in a borderless digital environment even more
the international level for online trade mark infringement. In Chapter 19
proportionate and reasonable measures which a reasonable ISP would take in the same
ius gentium of
ey approaches, registry systems, advertising codes of practice preventing advertisements

on counterfeit websites, and educational campaigns.
As Friedmann also explained earlier in Chapter 14, with special regard to Chinese online
conglomerates such as Alibaba, the development of this ius gentium
ment, which is potentially even more challenging than copyright infringement. The issue
damental rights, such as freedom of competition, freedom of expression and information,
Page 11 of 34

and the right to privacy, can be hard to achieve through automated enforcement. Actually,
Chapter 20 magnifies the issue of balancing trade mark protection and social and cultural
values from a civil law perspective. Martin Senftleben reviews the CJEU case law on point
tion of necessary limitations in trade mark protection for providing breathing space for
commercial, artistic, and political freedom of expression. However, Senftleben also warns
against a Proliferation of Filter Obligations in Civil Law Jurisdictions
cerns already expressed in other chapters. Overblocking through filtering technologies
mark exclusive rights, which make file-matching technologies inefficient in trade mark
enforcement online.55 In this regard, at least in (p. 17) European civil law jurisdictions,
there are fragmented responses. Senftleben uses the example of Dutch courts imposing a
far-reaching filtering obligation only if the intermediary systematically and structurally
stantial specific monitoring and filtering duties for online intermediaries, such as in the
eBay and Rapidshare cases.56 This jurisprudence will be also reassessed in Chapter 28 by
ing and monitoring obligations.
The peculiarities of the common law perspective of intermediary liability and trade mark
infringement are discussed by Richard Arnold in Chapter 21. Arnold crystallizes the
teachings of UK case law in this domain, while situating this common law perspective
within EU trade mark law,57 the e-Commerce Directive,58 and the Enforcement
Directive.59 Arnold, as well as other contributors in this Handbook earlier,60
bility proper. This second type of liability includes injunctions against intermediaries
whose services are used to infringe trade marks made available in national jurisdictions
by the implementation of Article 11 of the Enforcement Directive. Although other types of
main. The Cartier

site-blocking injunction to trade mark infringement.61
Online intermediary liability can also arise as a consequence of infringements of rights

and legal interests other than IP rights. In Chapter 22, Valentina Moscon and Reto Hilty
fringement under European law.62 Moscon and Hilty investigate whether and (p. 18)
der which conditions online intermediaries are liable under rules of conduct governing
Page 12 of 34

merce Directive as a lex specialis will prevail on competing legal instruments and provide
edge required for triggering takedown obligations or the obligation of preventing future
ply, is a matter of fragmented and unharmonized national tort laws that implement very
ized nature of digital markets and their steady growth, multiplying potential violations by
online intermediaries, Moscon and Hilty conclude that the status quo is unsatisfactory
and specific alternatives for UCPs and trade secret violations in digital markets must be
developed.
ed information offer than the traditional mass media.63

ity exemptions have been challenged almost everywhere, even in the United States,
line intermediaries for speech-related infringements. Elsewhere, the messenger can now
be more freely shot unless it acts responsibly enough and supports wronged parties and
law enforcement agencies in fighting illegal speech online. In Chapter 23, Emily Laidlaw
spective on intermediary liability for defamation and dangerous and hate speech. Laidlaw
posal for online defamation that goes under the name of Notice-and-Notice-Plus (NN+).
ing optimal intermediary liability models for the regulation of other kinds of harmful
speech, including fake news, terrorist content, and hate speech.
In Free Expression and Internet Intermediaries: The Changing Geometry of European

Regulation, Tarlach McGonagle stresses how the geometry of European regulation has
ing that freedom of the media must be safeguarded and regulation should not curb the
development of information and communication technologies. McGonagle reviews (p. 19)
the case law of the European Court of Human Rights (ECtHR), such as Delphi,64
munications, Recommendations, and Codes of Conduct and concludes that the greater
the seriousness of the perceived harms of certain categories of expression, such as hate
speech, the more responsibly online intermediaries are supposed to act. In particular, as
noted elsewhere, there is an emergent preference for self-regulatory codes of conduct as
Page 13 of 34

ket with appropriate self-regulatory choices, they put forward a rather coercive approach.
In the information society, the role of private sector entities in gathering information for
come a main focus of privacy regulation, especially in jurisdictions with a strong tradition
of privacy protection such as Europe.65 In Chapter 25, Miquel Peguera discusses The
Right to be Forgotten in the European Union. As Peguera recounts, in a landmark case
sonal data which appear on web pages published by third parties.66 The Google Spain
serves freedom of expression and public interest.67 However, also in this field, there still
tainable alternatives. At the same time, additional obligations of uncertain applicability,

such as the prohibition of processing of sensitive data that should theoretically apply to
all data controllers including those online intermediaries that qualify as such, might be so
invasive as to disrupt the business of online intermediaries. Peguera also discusses the
sible extraterritorial global application to .com domains rather than European domains
only. Extraterritorial application of intermediary liability obligations is a critical issue that
goes beyond enforcement of the right to be forgotten and will be further discussed in Part
VI.
(p. 20)
lowing the Google Spain ruling.68
tionism against the de facto market dominance of US internet conglomerates.69 There are
Schrems decision and Russian Federal
Law No. 242-FZ. In Schrems
70
whereas Russia introduced
ducted with the use of servers located in Russia.71

pact of enhanced privacy obligation for online intermediaries in Chapter 26
cusses the Belén Rodriguez
Case and the Impact of the New European Rules
Page 14 of 34

tering generally. In the aftermath of the CJEU Google Spain

sion and privacy advocates have been in confrontation in Latin America with proposals to
introduce the right to be forgotten or other delisting obligations often met with strong
civil society opposition. The Belén Rodriguez case in Argentina, for example, endorsed the
dered by a court or in a few specific cases of obviously infringing content.72 Bertoni, in

particular, warns about de-indexing obligations against search engines that would amount
man Rights.73
sion of the Inter-American Commission on Human Rights has been quite straightforward
in rejecting delisting obligations à la Google Spain.74 Tensions between fundamental
ty conundrum online. In this context, fragmentation and inconsistencies abound. They are
actually steadily growing rather than receding. Obviously, fragmentation (p. 21)
plied vertically across different subject matter and if common solutions are not rapidly
agreed, inconsistencies may soon become so irreconcilable that they will drive a process
of Balkanization that will break down the internet, as discussed in more detail in Part VI
of the Handbook.
4. Mapping Intermediary Liability Enforcement
ment agencies and wronged parties to curb widespread illegal behaviours online. Given
the scale of the phenomenon, intermediaries have been increasingly identified as the
ment. Part V
ing trends, including notice and action, proactive monitoring obligations across the entire
spectrum of intermediary liability subject matter, blocking orders against innocent third
parties, and the emergence of administrative enforcement of online infringement. Later,
Part VI discusses private ordering and voluntary measures, an additional emerging trend
in intermediary liability enforcement. The focus of the review in Part V
fies the tensions between enforcement strategies and miscellaneous fundamental rights,
including freedom of expression, privacy, and freedom of business.
In Chapter 27, Aleksandra Kuczerawy discusses

. Kuczerawy describes
ing for the removal or blocking of content, all these mechanism can interfere with the
Page 15 of 34

N&A mechanisms amplify the risks to free expression and what safeguards they include
der pressure. The recent move away from the e-Commerce notice-and-stay-down model to
endorse notice-and-stay down and other filtering obligations in the new Directive on
mediary regulation and fundamental rights.75
(p. 22) In Monitoring and Filtering: European Reform or Global Trend?, Sunimal Mendis
focusing on the widespread deployment of monitoring and filtering obligations through

voluntary, judicial, and legislative means. The recent EU copyright reform would de facto
force hosting providers to develop and deploy filtering systems, therefore monitoring
their networks.76 As we argue, the solution adopted by the new Directive follows in the
footsteps of a well-established path in recent intermediary liability policy: the demise of
such as Allostreaming in France, Dafra in Brazil, RapidShare in Germany, or Baidu

na.77 Actually, the emerging enforcement of proactive filtering and monitoring obligations
has spanned the entire spectrum of intermediary liability subject matter, including other
IP rights,78 privacy,79 defamation, and hate/dangerous speech.80 In that context, notable
Belén Rodriguez case that is discussed in detail in
Chapter 26
ity.81
82
Their
validity under EU law was recently confirmed by the CJEU in the Telekabel decision.83
Outside the EU, website blocking of copyright-infringing sites has been authorized in
countries including Argentina, India, Indonesia, Malaysia, Mexico, South Korea, and
Turkey.84 In December 2014, Singapore effected an amendment to its Copyright Act to
enable rightholders to obtain website-blocking orders,85 and in 2015 Australia introduced
86
These (p. 23)
acted with the aim of curbing IP infringement online, although negative effects on human
rights have been widely highlighted. In Chapter 29
menko discuss Blocking Orders: Assessing Tensions with Human Rights and consider the
cult coexistence between blocking orders and fundamental rights, including freedom of
expression and freedom to conduct a business. Although CJEU case law has recognized
sion online,87
mal solution from a human right perspective. It is forced on international courts, such as
Page 16 of 34

16 and 17.
ders, Geiger and Izyumenko discuss the allocation of costs of enforcement; that is,
ing. The issue is also discussed in Chapter 20. The UK Supreme Court in Cartier,88 a trade
ing the opposite view to the French Cour de cassation in the Allostreaming case,89
right infringement case. Both the UK and French Courts of Appeal had instead decided
that the costs of enforcement had to be equally divided between the two parties.90 Other
courts in Europe, such as the Irish Court of Appeal in the Sony Music case,91
ciding on costs for setting up a graduate response scheme rather than website blocking,
came to a different ratio, imposing 80 per cent of the costs to the online intermediaries
gard and leave the decision to the national courts on the basis of their (p. 24) national
law.92
tion of costs of enforcement. Fragmentation in this context brings about legal uncertainty
and higher transaction costs that reflect on the sustainability of the business models of
online intermediaries in Europe.
defamation, and morality. In this respect, the emergence of administrative enforcement of

online intermediary liability appears to be another well-marked trend in recent internet
cation Authority (AGCOM), the Second Section of the Copyright Commission (CPI), and
given powers to police copyright infringement online and issue blocking orders and other
decisions to selectively remove infringing digital works.93 In Chapter 30, Alessandro Cogo
and Marco Ricolfi dig deep into the legal and regulatory framework empowering these
administrative bodies by studying the
ment Online in Europe
ternational and EU law for the protection and enforcement of IP rights,94
form to the same principles and safeguards as those for judicial review. Cogo and Ricolfi
in these administrative enforcement systems.
Worldwide many other administrative agencies enjoy broader powers of sanitization of

the internet. The Russian Roskomnadzor is an administrative body competent to request
Page 17 of 34

sites that violate the law.95 Chapter 33 provides more insight on the functioning of this
Russian agency. In South Korea, the Korea Communications Commission (p. 25)
ments deletion or blocking orders according to the request and standards of the Korea
96
In Turkey, the law empowers the Presidency of Telecommunications (TIB)
97
98
which is dealt by a special committee examining within seven days all requests received
for blocking access to online information.99
issue orders against ISPs regarding the legality, blocking, and removal of online content,
100
Concerned views have
sic due process guarantees.101
5. Mapping Private Ordering and Intermediary

Responsibility
line enforcement. Part VI
ment strategies through voluntary measures and self-regulation, in addition to legally

mandated obligations. As Martin Husovec argued, EU law, for example, increasingly
forces internet intermediaries to work for the rightholders by making them accountable
even if they are not tortiously liable for the actions of their users.102 Bringing pressure on
innocent third parties that may enable or encourage violations by others is a (p. 26) well-
established strategy to curb infringement. As also discussed by Riordan in Chapter 3
to utilitarian approaches. A moral approach would argue that encouraging infringement

is widely seen as immoral.103
fare theories.104 Welfare theory approaches have been dominant in intermediary liability
policy until recently. They have been based on the notion that liability should be imposed
sponsibility for the actions of users as opposed to efficiency or balance innovation vs

harm.
105
Page 18 of 34

106
porate social responsibilities and their role in implementing and fostering human
rights.107 However, emphasis on a responsible role for intermediaries in fostering human
rights has a flip side when multiple competing rights are at stake. Online intermediaries
108
mediaries will inherently try to lower the transaction costs of adjudication and liability
and, in order to do so, might functionally err on the side of overblocking, in particular by
rate visions and disparate terms of service. Of course, there are also (p. 27)
ing forces at work in the present internet governance struggle. As seen in Chapter 10, a
centripetal move towards digital constitutionalism for internet governance alleviates the
effects of the centrifugal platform responsibility discourse.109
This move from intermediary liability to platform responsibility has been occurring on
gies that will be detailed in Part VI
of illegal hate speech online,110 fight incitement to terrorism,111 prevent cyber-

bullying,112 or curb IP infringement online.113
sion in Chapter 31, where we describe several emerging legal trends reflecting this
change in perspectives, such as obviously voluntary agreements and codes of conduct,
ulation, follow-the-money strategies, voluntary filtering and website blocking, and private
Domain Name System (DNS) content regulation. Under these agreements, schemes, and
enforcement strategies, access and hosting providers would be called on actively and
swiftly removing illegal materials, instead of reacting to complaints. Of course, some of
these enforcement tools are also discussed in many other chapters of the Handbook as
stand-alone items and from a legal liability rule perspective. However, as Husovec and I
ens steadily beyond the traditional access and hosting providers. On the IP enforcement
applied widely.114 Both the European Commission and the US government have endorsed
Page 19 of 34

115
anating from their illegal activities, and therefore act as a (p. 28) Payment
processors like MasterCard and Visa have been pressured to act as IP enforcers as well
erce payment providers to stop providing service to websites like Backpage, for the adult
section it runs,116 or Wikileaks.
Annemarie Bridy focuses on one additional emerging enforcement strategy involving non-
conventional intermediaries in
lation in the United States and the DNS. In Chapter 32, Bridy describes how the reach of
privately ordered online content regulation is deepening by migrating downwards from
domain name can be suspended if the registrant is found to have engaged copyright or
trade mark infringement. On the basis of this clause in the ICANN-Registry Agreement,
complaint to the registry operator. Bridy highlights lack of transparency and due process
in this privately-ordered form of enforcement, which is also heavily biased in favour of
complainants. Bridy also notices how the notice-and-action procedures institutionalized
by these IP-focused agreements are readily adaptable for use in censoring all types of
content.
Increased intermediary accountability has become a globalized trend that has been
emerging in numerous jurisdictions. In this regard, online intermediaries are not only
held liable for IP, privacy, or defamation infringements, but are also held responsible for
trols over the internet. In Chapter 33, Sergei Hovyadinov looks exactly at this expanded
net
tory restrictions on online content and anonymity. Regulation increasingly restricted the
type of information available online and allowed the state to collect user data and online
activity. As part of this development, telecom operators, web-hosting providers, and social
(p. 29)
curred in many jurisdictions besides Russia. Chapters 13 and 14

ics occurring in China and other Asian countries. Chapter 11 stresses the enlisting of
OSPs as cyber-police in African countries. Several chapters also report similar trends in
Page 20 of 34

the European regulatory framework. Although Hovyadinov notes that transparency and
public accountability of private involvement in internet regulation in Russia is especially
lated infringements, and state security.
Privately-ordered content moderation defines the contours of the infosphere where social
interaction occurs for billions of people daily.117 The impact of online content moderation
on modern society is tremendous. Governments, along the lines of what Hovyadinov has
described in Chapter 33, rightholders, and miscellaneous user groups would like to shape
the gatekeeping functions of OSPs according to their agendas. In Guarding the
Guardians: Content Moderation by Online Intermediaries and the Rule of Law, Niva Elkin-
Koren and Maayan Perel continue the discourse undertaken in this Part by highlighting
bility. Chapter 34, then, introduces a critical point in the current debate on intermediary
liability online: socially relevant choices are delegated to automated enforcement run
challenging semiotic regulation online.118 In addition, Elkin-Koren and Perel stress that
machine learning and data analytics allow OSPs to proactively predict and prevent illicit
ter 14. Omniscient platforms that give a not-so-invisible handshake119 to government for
cybersecurity, surveillance, censorship, and general law-enforcement tasks through
opaque algorithms evoke threatening dystopian scenarios. Elkin-Koren and Perel suggest
that the solution to black box content moderation can be found in grassroots oversight
120
forms.
wards a globalized, ongoing move in the direction of privatization of law enforcement

(p. 30) online through algorithmic tools. Algorithmic enforcement makes this shift even
more unpredictable in terms of fair balancing between private and public interests and
human rights. In Chapter 35, Ben Wagner tries to shed some light on this murky issue by
discussing Algorithmic Accountability: Towards Accountable Systems. Given the early
stage of human engagement with AI, the essential basics and the precise nature of the
notion itself of algorithmic accountability are still under review. Basically, according to
rithms should be accountable. An initial basic finding, which fits within Elkin-Koren and
spect, access to the source code might provide some accountability but users should be
enabled to understand what the algorithm is actually doing. In order to do so, Wagner
lists a number of technical, organizational, and regulatory challenges to ensuring access
to data. Considering intermediary liability and algorithmic accountability more closely,
Page 21 of 34

lower liability of intermediaries could contribute to more effectively ensuring compliance
the automated decisions, and availability of human review of the decisions.
6.
riality, and Intermediary Liability
Finally, international private law issues are addressed in Part VII. The purpose of this Part
is to examine the interface between intermediary liability online and internet jurisdiction,
which has been emerging as a consistent trend in intermediary liability policy.
panding rather than becoming normalized. This phenomenon is perhaps tightly attached
ternet governance. In Chapter 36
net Jurisdiction and Intermediary Liability, Svantesson points at several issues, including
(p. 31) access data
stored abroad, but the key development that threatens the global internet relates to the
cation of such obligations.
Extraterritorial enforcement recently made the headlines for the worldwide enforcement
should have an extraterritorial reach. On the territorial effect of delisting decisions, the
121
authority, ordered Google to apply the right to be forgotten on all domain names of
122
The question raised by CNiL was
ing of a defamatory post on Facebook. The CJEU concluded that EU law does not impose
Page 22 of 34

or preclude worldwide measures.123 Instead, it is up to national courts to decide whether
mental rights and application of international norms.124
plication of worldwide delisting and blocking orders.125 Svantesson shares similar critical
on digital sovereignty is to be expected. Of course, this approach is set to create conflicts

between the law of the affected party and the law of the speaker. However, national
If
tionals have been infringed must impose measures that provide global redress.
peared elsewhere. Svantesson discusses additional ones from Australia and the United
States, such as X v Twitter126 and Garcia v Google respectively.127 Notably, the (p. 32)
Supreme Court of Canada issued an order requiring Google to remove websites from its
move links anywhere in the world, rather than only from the search results available
through Google.ca.128 In Chapter 37, Michael Geist discusses The Equustek Effect: A
Canadian Perspective on Global Takedown Orders in the Age of the Internet. Equustek
stands as a quintessential example of the disruptive effect of extraterritorial enforcement
and the stalemate that it might bring about. After the Canadian Supreme Court issued its
cally opposed decision stating that Google would be infringing US law if it enforced the
Canadian order. Twenty years later, the catch-22 scenario of Licra v Yahoo! resurfaces in
a far more distributed fashion and might potentially break the internet.129 The 2000 hate
come an unsolvable puzzle. For a couple of decades, though, courts shied away from the
Jurisdiction on the Internet: From Legal Arms

Race to Transnational Cooperation
ly, challenging the Westphalian international system. Possibly, as the case law reviewed
by Svantesson and Geist has already shown, a legal arm race will escalate with countries
exerting digital sovereignty through an extensive interpretation of territoriality criteria
certain path for the future of the global digital economy, human rights, cybersecurity, and
Page 23 of 34

al agreement on the matter. Unfortunately, there is no consensus in sight and this is not
Given the role of online intermediaries in the digital interconnected society, their liability
for the speech and content they carry has become a primary policy concern. Much has
(p. 33) duties

and obligations. The Oxford Handbook of Online Intermediary Liability
stand a confused international legal framework. The uncertainty that this confusion
ative new services in certain markets. Additionally, companies may unnecessarily limit
what users can do online, or engage in censorship by proxy to avoid uncertain retribution
parently confused legal and theoretical landscape, there is a growing tendency towards
dencies towards data protectionism.
Notes:
(1
ancarlo Frosio and hosted at Stanford CIS) <https://wilmap.law.stanford.edu> (WILMap).
(2
<https://cyber.law.harvard.edu/node/98684>.
(3
(4) See e.g. for other mapping and comparative exercises, Graeme Dinwoodie (ed.),
condary Liability of Internet Service Providers (Springer 2017); Martin Husovec,
tions Against Intermediaries in the European Union: Accountable But not Liable? (CUP
2017); Jaani Riordan, The Liability of Internet Intermediaries
gelopoulos, European Intermediary Liability in Copyright: A Tort-Based Analysis (Wolters
Kluwer 2016); Christopher Heath and Anselm Kamperman Sanders (eds), Intellectual
Property Liability of Consumers, Facilitators, and Intermediaries (Wolters Kluwer 2012).
Page 24 of 34

(5) See NETmundial Multistakeholder Statement (São Paulo, Brazil, 24 April 2014)
<http://netmundial.br/wp-content/uploads/2014/04/NETmundial-Multistakeholder-
Document.pdf>.
(6) ibid. 5.
(7
C(2011)154 <
tID=270
http://www.oecd.org/internet/ieconomy/44949023.pdf>.
(8
ion and Expression, the Organization for Security and Co-operation in Europe (OSCE)
cial Rapporteur on Freedom of Expression and the African Commission on Human and
http://www.osce.org/fom/78309?download =true>.
(9) ibid.
(10) See Manila Principles on Intermediary Liability, Intro <https://

www.manilaprinciples.org>.
(11) See e.g. Jamila Venturini and others, Terms of Service and Human Rights: Analysing
Contracts of Online Platforms (Editora Revan 2016).
(12) See Dynamic Coalition on Platform Responsibility: a Structural Element of the United
Nations Internet Governance Forum <http://platformresponsibility.info>.
(13
(14) See Ranking Digital Rights <https://rankingdigitalrights.org>.
(15) See Lumen <www.lumendatabase.org>.
(16) See The Takedown Project <http://takedownproject.org>.
(17
<http://www.internetjurisdiction.net/wp-content/uploads/2014/08/Internet-Jurisdiction-
Project-White-Paper-3.pdf>.
(18) See Husovec (n. 4) and Riordan (n. 4).
(19) See OECD, The Economic and Social Role of Internet Intermediaries (2010) 9.
Page 25 of 34

(20
Centre, University of Glasgow <http://CopyrightEvidence.org>.
(21) See Frank Pasquale,

ey and Information (HUP 2015).
(22) See Bruce Lehman, Intellectual Property and the National Information Infrastructure:
The Report of the Working Group on Intellectual Property Rights (DIANE Publishing
https://www.uspto.gov/web/offices/com/doc/ipnii/ipnii.pdf
(23) See Communications Decency Act of 1996, 47 USC § 230.
(24) See the Digital Millennium Copyright Act of 1998, 17 USC § 512 (DMCA).
(25) See Directive 2000/31/EC of the European Parliament and of the Council of 17 July
merce, in the Internal Market [2000] OJ L178/1.
(26) See e.g. Copyright Legislation Amendment Act 2004 (Cth) no. 154, Sch. 1 (Aus.);
Copyright Modernization Act, SC 2012, c.20, s. 31.1 (Can.); Judicial Interpretation no. 20
Application of Law in Hearing Civil Dispute Cases Involving Infringement of the Right of
Dissemination on Information Networks (Ch.); Federal Law no. 149-FZ of 27 July 2006 on
Information, Information Technologies and Protection of Information (Rus.) and Federal
cluding most of the safe harbour legislation enacted worldwide can be found at the
WILMap (n. 1).
(27
(28
Study of Intermediary Immunity Under Section 230 of the Communications Decency
(29
pact and effectiveness of the safe harbour provisions. In particular, notice-and-stay-down
elsewhere. See United States Copyright Office, Section 512 Study <http://copyright.gov/
policy/section512>.
(30) See Marco Civil da Internet, Federal Law no. 12.965 (23 April 2014) Art. 18 (Bra.)
access] provider shall not be subject to civil liability for content
(31) ibid. Art. 19(2).
Page 26 of 34

(32
Gazette 311.
(33) See Electronic Transactions and Communications Act (ECTA) (2001) XI.
(34) See African Union Convention on Cyber Security and Personal Data Protection
(2014).
(35) The Hong Kong government introduced a Copyright Bill establishing a statutory safe
harbour for OSPs for copyright infringement, provided that they meet certain prescribed
conditions, including taking reasonable steps to limit or stop copyright infringement after
being notified. See Copyright Amendment Bill 2014, C2957, cl. 50 (HK) <http://
www.gld.gov.hk/egazette/pdf/20141824/es32014182421.pdf>.
(36) See Shreya Singhal [2013] 12 SCC 73 (Ind.).
(37
(38
(39) See Directive 2019/790/EU of the European Parliament and of the Council of 17 April
tives 96/9/EC and 2001/29/EC [2019] OJ L130/92.
(40
on the coordination of certain provisions laid down by law, regulation or administrative
action in Member States concerning the provision of audio-visual media services in view
(41
May 2016) SWD(2016) 163 final.
(42
(43
(44
tive does not affect the possibility for Member States of requiring service providers, who
host information provided by recipients of their service, to apply duties of care, which can
Page 27 of 34

(45
(46) See Directive 2019/790/EU (n. 39) Art. 17(1).
(47) See European Group on Tort Law, Principles of European Tort Law <http://
www.egtl.org>.
(48) See e.g. C-160/15 GS Media BV v Sanoma Media Netherlands BV [2016] ECLI:EU:C:
2016:644, para. 31.
(49) See e.g. C-466/12 Nils Svensson et al. v Retriever Sverige AB [2014] ECLI:EU:C:
2014:76; C-527/15 Stichting Brein v Jack Frederik Wullems [2017] ECLI:EU:C:2017:300;
C-610/15 Stichting Brein v Ziggo BV and XS4All Internet BV [2017] ECLI:EU:C:2017:456.
(51) ibid.
(52) C-610/15 Stichting Brein v Ziggo BV and XS4All Internet BV [2017] ECLI:EU:C:
2017:456.
(53) See Directive 2019/790/EU (n. 39) Art. 2(6) and recital 62.
(54) See 17 USC § 512.
(55
(56) See e.g. Bundesgerichtshof [Supreme Court] (BGH) Rolex v eBay (aka
steigerung II) [19 April 2007] I ZR 35/04 (Ger.); BGH Rolex v Ricardo (aka
steigerung III) [30 April 2008] I ZR 73/05 (Ger.); BGH GEMA v RapidShare [15 August
2013] I ZR 80/12 (Ger.).
(57
cast) [2015] OJ L336/1; Regulation 2017/1001/EU of 14 June 2017 on the European Union
trade mark [2017] OJ L154/1.
(58
(59) See Directive 2004/48/EC of the European Parliament and of the Council of 29 April
2004 on the enforcement of intellectual property rights [2004] OJ L195/16, Art. 11.
(60) See, for an identical or close categorization, Riordan, Husovec, Angelopoulos, and
Mostert.
(61) See Cartier International AG v British Telecommunications plc [2018] UKSC 28 (UK).
Page 28 of 34

(62) See Directive 2005/29/EC of the European Parliament and of the Council of 11 May
ket and amending Council Directive 84/450/EEC, Directives 97/7/EC, 98/27/EC and
2002/65/EC of the European Parliament and of the Council and Regulation (EC) No.
2006/2004 of the European Parliament and of the Council (Unfair Commercial Practices
Directive) [2005] OJ L149/22; Directive (EU) 2016/943 of the European Parliament and of
lawful acquisition, use and disclosure [2016] OJ L157/1.
(63) See José van Dijck, Thomas Poell, and Martijn de Waal, The Platform Society: Public
Values in a Connective World (OUP 2018) 46 as cited in Chapter 24.
(64) Delfi AS v Estonia [GC] App. no. 64569/09 (ECtHR, 16 June 2015).
(65
(66) See C-131/12 Google Spain SL v Agencia Española de Protección de Datos [2014]
ECLI:EU:C:2014:317.
(67
(68
(69
Slate, 18 November 2016) <http://www.slate.com/articles/technology/
future_tense/2016/11/the_u_s_should_stop_lecturing_about_internet_values.html>.
(70) See C-362/14.
(71
eral-law-no-242-fz>.
(72) See Corte Suprema de Justicia de la Nación [National Supreme Court] Rodríguez,
María Belén v Google Inc. /daños y perjuicios [2014] CSJN Case no. 337:1174 (Arg.).
(73) See Organization of American States (OAS), American Convention on Human Rights
13.
Page 29 of 34

(74) See Office of the Special Rapporteur for Freedom of Expression of the Inter-American
<http://www.oas.org/en/iachr/expression/docs/reports/annual/
AnnualReport2016RELE.pdf>.
(75
(76) ibid.
(77) See Cour de cassation [French Supreme Court] SFR, Orange, Free, Bouygues télécom
et al. v Union des producteurs de cinéma et al. [6 July 2017] no. 909 (Fra.) (Allostreaming);
Superior Court of Justice Google Brazil v Dafra (24 March 2014) Special Appeal 1306157/
SP (Bra.); BGH GEMA v RapidShare Zhong Qin Wen
v Baidu [2014] Gao Min Zhong Zi 2045 (Ch.).
(78) See BGH Rolex v eBay (n. 56); BGH Rolex v Ricardo (n. 56).
(79) See Tribunal de grande instance [High Court] TGI Paris Google v Mosley
ber 2013] (Fra.); Landgericht [District Court] (LG) Hamburg Max Mosley v Google Inc.
[24 January 2014] 324 O 264/11 (Ger.); Mosley v Google [2015] EWHC 59 (QB) (UK).
(80) See Delfi (n. 64).
(81) See Belén (n. 72).
(82
right and related rights in the information society [2001] OJ L167/10, Art. 8(3).
(83) See C-314/12 UPC Telekabel Wien GmbH v Constantin Film Verleih GmbH [2014]
ECLI:EU:C:2014:192.
(84) See Swiss Institute of Comparative Law, Comparative Study on Filtering, Blocking
and Take-down of Illegal Content of the Internet (a study commissioned by the Council of
Europe, 20 December 2015) <
ing-blocking-and-take-down-of-illegal-content-on-the-internet>.
(85) See Copyright (Amendment) Act 2014, An Act to Amend the Copyright Act (Ch. 63 of
the 2006 revised edn).
(86) See Copyright Amendment (Online Infringement) Act 2015 (Cth).
(87) C-314/12 (n. 83) para. 57.
(88) Cartier
for a different order an innocent intermediary is entitled to be indemnified by the rights-
Page 30 of 34

(89) See Allostreaming
borne by the technical intermediaries, even when such measures may present significant
see that notwithstanding the principle of non-responsibility of the intermediaries, the
tent and, in particular, against the infringement of copyright and related rights, when
(90) See e.g.
(91) See Sony Music Entertainment Ireland Ltd v UPC Communications Ireland Ltd [2016]
(92
dressee in a manner which restricts the free use of the resources at his disposal because
tive 2001/29/EC (n. 82) recital 59.
(93) See AGCOM Regulations regarding Online Copyright Enforcement, 12 December

2013 680/13/CONS (It.); Royal Legislative Decree No. 1/1996, enacting the consolidated
text of the Copyright Act, 12 April 1996 (as amended by Law No. 21/2014, 4 November
2014) (Sp.).
(94) See Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPs) (15
April 1994) Marrakesh Agreement Establishing the World Trade Organization, Annex 1C,
(95
(96) See Act on the Establishment and Operation of Korea Communications Commission,
last amended by Act no. 11711 of 23 March 2013 (Kor.).
(97) See Omnibus Bill no. 524 of 26 June 2013, amending provisions in various laws and
Page 31 of 34

(98) See Information Technology Act 2000, as amended by the Information Technology
(Amendment) Act 2008, Art. 69(A)(1).
(99
formation by Public) Rules 2009 (to be read with s. 69A of the IT Act), rule 7 (Ind.).
(100
berspace, March 2012 (Ire.); Ley de Responsabilidad Social en Radio Televisión y Medios
Electrónicos (ResorteME) [Law of Social Responsibility in Radio-Television and Electronic
Media], Official Gazette no. 39.579 of 22 December 2012 (Ven.).
(101
quired to be restricted without an order by a judicial authority).
(102) See Husovec (n. 4).
(103
Ethics and Emerging Technologies (Palgrave
Rev. 731.
(104
(105
(106
(107
rights). See also Emily Laidlaw, Regulating Speech in Cyberspace: Gatekeepers, Human
Rights and Corporate Responsibility
(108
Econ. 1.
Page 32 of 34

(109
(110
ting-discrimination/racism-and-xenophobia/countering-illegal-hate-speech-online_en>.
(111
(112
(114
(115
erty Enforcement Coordinator, Supporting Innovation, Creativity & Enterprise: Charting a
(2017) 61ff.
(116) See Backpage v Dart

against Sheriff Dart for his informal efforts to coerce credit card companies into closing
their accounts with Backpage).
(117) See Tarleton Gillespie, Custodians of the Internet: Platforms, Content Moderation,
and the Hidden Decisions That Shape Social Media (Yale U. Press 2018).
(118) See Joshua Kroll, Joanna Huey, Solon Barocas, Edward Felten, Joel Reidenberg,
(119
(120
(121
(122 https://
www.cnil.fr/sites/default/files/atoms/files/d2016-054_penalty_google.pdf
Page 33 of 34

CNiL, 12
June 2015) <https://www.cnil.fr/fr/node/15790>.
(123) See C-507/17

(CNIL) [2019] ECLI:EU:C:2019:772, para. 72; C-18/18
book Ireland Ltd
(124) ibid.
(125) C-507/17
(CNIL) [2019] ECLI:EU:C:2019:15, Opinion of AG Szpunar, para. 36.
(126) [2017] NSWSC 1300.
(127) See Cindy Lee Garcia v Google Inc. and others, 786 F.3d 733 (9th Cir. 2015) (US).
(128) Equustek Solutions Inc. v Google [2017] SCC 34 9 (Can.).
(129) TGI Paris LICRA & UEJF v Yahoo! Inc [20 November 2000] (Fra.).
Giancarlo Frosio
Giancarlo Frosio is an Associate Professor at the Center for International Intellectual

Property Studies at Strasbourg University, a Fellow at Stanford Law School Center
for Internet and Society, and Faculty Associate of the NEXA Center in Turin. Email:
gcfrosio@ceipi.edu.
Page 34 of 34

eration
Jurisdiction on the Internet: From Legal Arms Race to

Transnational Cooperation
Bertrand de La Chapelle Paul Fehlinger
The cross-border internet with its transnational data flows and intermediaries spans a
fragmented patchwork of national jurisdictions. As connectivity and internet penetration
increase, so do conflicts between jurisdictions. Such conflicts challenge the Westphalian
international system, and traditional modes of legal cooperation struggle to resolve these
tion of digital sovereignty put the global community on a dangerous path if employed on
the global scale. If nothing is done, this legal arms race could lead to severe unintended
consequences for the future of the global digital economy, human rights, cybersecurity,
and the technical internet infrastructure. Twenty-first century digital realities challenge
ternet governance that may be solved by drawing lessons from the technical governance
mand innovative cooperation mechanisms as transnational as the internet itself. This

chapter argues that issue-based multistakeholder policy networks are necessary and the
right approach to develop scalable solutions for cross-border legal challenges with regard
to data flows, online content, or domains.
Keywords: internet jurisdiction, multistakeholder cooperation, legal interoperability, policy coherence, standards
need to be no less creative than those who invented it. Clearly, there is a need for
tional way for something that is so very different.1
*
THE
Page 1 of 25

eration
ritoriality of jurisdiction.
Rooted in the seventeenth-century treaties of the Peace of Westphalia, our international
state cooperation struggle to cope with the digital realities of internet intermediaries and
cross-border data flows in the twenty-first century.
(p. 728)
al nature of cyberspace, with its cross-border data flows and services, while respecting
tection of human rights. Both challenges require cooperation, as well as policy standards
and clear procedures across borders, to ensure efficiency and due process.
Since 2012, the Internet & Jurisdiction Policy Network facilitates a global policy process
holder organization enables coordination and cooperation between governments, major

internet companies, technical operators, civil society, and international organizations. Its
Secretariat helps these stakeholders develop policy standards and operational solutions
for transnational cooperation on jurisdictional issues.
holder organization. It addresses successively:
sure to find rapid solutions as the uses and misuses of the internet increase;
the legal arms race produced by uncoordinated actions and unrestrained application
of territoriality;
tion of legal uncertainty, especially with regard to access to data, content restrictions,
and domain seizures;
the resulting dangerous path that threatens to destroy the nature and benefits of the
global network and the risks related to the economy, human rights, infrastructure, and
security;
the need to fill the institutional gap in internet governance through innovative
processes involving all stakeholder groups; and
how to move toward transnational cooperation frameworks.
Page 2 of 25

eration
1.
ta Flows and Services
1.1 Conflicting Territorialities
The technical architecture of the internet itself was conceived as cross-border and non-
territorial from the onset. The World Wide Web technically allows, by default, access to
any link regardless of physical location, and intermediaries serve hundreds of millions of
users in shared cross-border online spaces. This transnational nature of the internet has
generated unprecedented benefits for humankind, be they political, economic, or social.
In particular, it uniquely fulfils the promises of Article 19 of the Universal Declaration of
Yet, stored or processed data, as well as globally accessible content or services,

(p. 729)
can be legal in one country while infringing laws in other jurisdictions.
From a historical perspective, cross-border interactions were rare, and international legal
tecture of the open internet, interactions across borders have become the new normal. As
a consequence, cross-border conflicts arise between users, the intermediaries they use,
public authorities, and any combination thereof. How to determine the applicable laws
ternational system is based on a patchwork of separate and territorially defined national

jurisdictions.
less, states are faced with the need to regulate conduct or subject matter in contexts
where the territorial nexus is only partial and, in some cases, uncertain. This immediately
represents a challenge to the Westphalian model of exclusive territorial state sovereignty
2
At least four territorial factors can play a role in determining applicable law: the
location(s) of internet end-user(s) or connected devices; the location(s) of the servers or
devices that store or process the actual data; the locus of incorporation of the internet
companies that run the service(s) in question; and, in the case of the world wide web, the
registrars or registries through which a domain name was registered.
These overlapping and often conflicting territorial criteria make both the application of
national laws in cyberspace and the resolution of internet-related disputes difficult and
inefficient. The principles of separation of sovereignties and non-interference between
states that underpin the international system not only render court decisions difficult to
enforce but also prevent the cooperation across borders necessary to efficiently deal with
crimes and abuses online.
Page 3 of 25

eration
Tensions arise and will only grow as internet penetration reaches five billion users and
sitivities.3
1.2 A Challenge for All Stakeholders
The present situation of legal uncertainty is a concern for each category of actors.
Governments have a responsibility to ensure respect of the rule of law online, protect
their citizens, and combat crime. A sense of frustration prevails in the absence of clear
standards on how to enforce national laws on the cross-border internet, ranging from
(p. 730)
able to conduct necessary investigations to stop transnational crime and involving data
ple of separation of jurisdictions becomes an obstacle to international cooperation.
Internet companies, which relied on terms of service early on to establish the jurisdiction
ent national legal frameworks of the countries in which their services are accessible or
connected devices used. This is a particular challenge for start-ups and medium-sized
companies. Faced with more and more direct requests for access to data or takedown of
joyed so far and becoming responsible for thousands of micro-decisions of a quasi-judicial

nature4 with significant human rights dimensions and reputation risks.
Technical operators worry that the fundamental separation of layers that forms the basis
of the internet architecture will become blurred. Registries and registrars in particular
see increasing efforts to leverage the domain name system (DNS) as a content control
tool with global reach. Data centre operators, hosting providers, and internet service
growing application of strict territorial sovereignty and increasing liabilities.
Civil society groups around the world worry about a potential race to the bottom in terms
dress when harmed, as multinational litigation is beyond their reach.
International organizations
graphical remit that is not universal. Although some, such as the Council of Europe, the
tions Educational, Scientific and Cultural Organization (UNESCO) have made significant
efforts to include civil society, the private sector, and the technical community in their
Page 4 of 25

eration
ited in their capacity to timely put sensitive but necessary issues on their agenda by the
lack of consensus, or worse, dissent among their members.
1.3 A Core Issue of Internet Governance
tiple traditional policy areas: the development of the global digital economy, ensuring
(p. 731) a clear and predictable legal environment through cooperation, guaranteeing the
exercise of fundamental human rights, and ensuring security and public order. Since
mented more than 1,600 high-level cases around the world that show the growing tension
between national jurisdictions due to the cross-border nature of the internet.5 According
to the Internet & Jurisdiction Global Status Report 2019, an overwhelming 79 per cent of
lenges on the internet.6
Unfortunately, unilateral actions by actors trying to solve on their own the complex
lem harder rather than easier to solve. Contrary to what they may perceive, however, the
trends toward the renationalization of cyberspaces are observable7 and stakeholders at

the 1st Global Conference of the Internet & Jurisdiction Policy Network emphasized, that
8
laration of Human Rights, notably Article 19, and boosts innovation and growth through
tion.
At the 2nd Global Conference of the Internet & Jurisdiction Policy Network, organized in
lutions in three key areas.
Data & Jurisdiction: how can transnational data flows and the protection of privacy
be reconciled with lawful access requirements to address crime?
Content & Jurisdiction: how can we manage globally-available content in the light of
the diversity of local laws and norms applicable on the internet?
preserved when national laws are applied to the DNS?
Page 5 of 25

eration
(p. 732)
es Documents with concrete proposals for operational norms, criteria, and mechanisms.9
These were discussed by almost 300 stakeholders from over fifty countries at the 3rd
nized in partnership with the government of Germany. This resulted in the Berlin
erational solutions and policy standards.
2. A Legal Arms Race in Cyberspace?

Solving the internet and jurisdiction challenge is intrinsically linked to the general debate
about modalities of global governance. Christoph Knill and Dirk Lehmkuhl had already
range of problems that exceed the scope of national sovereignty and can therefore no
10
Marie-
emplified by the global digital economy and its cross-border data flows and services, as a
11
tive orders served as the prime regulatory instrument to handle abuses or disputes,
states are now confronted with increasing domestic pressure to address cross-border
islative or enforcement national actions can be observed around the world.
A looming risk is a legal arms race, in which states resort to an extensive interpretation
reimposing national borders.
(p. 733) 2.1 Extraterritoriality
Extraterritorial extension of national jurisdiction is becoming the realpolitik of internet

regulation.
cal operators incorporated on their soil can impose their national laws and regulations on
vices. An often-cited example regarding the United States are the surveillance capacities
described in the Snowden revelations. Regarding the reach of law enforcement, the US
Page 6 of 25

eration
Cloud Act establishes that warrants for access to electronic evidence can cover data
volved a Department of US Homeland Security agency seizing domain names belonging

to foreign registrants on the sole basis of their registration through a US-based registrar
(the RojaDirecta case12) or registry (the Bodog case13).
Furthermore, legislations increasingly include clauses establishing extraterritorial reach,

such as the General Data Protection Regulation in the EU.14
pacts far beyond the respective jurisdictions. Facebook, for instance, changed its global
15
creasingly affirm competence regarding services incorporated in other countries merely

because they are accessible in their territory, as illustrated by the Yahoo case in
Belgium.16 Some difficulties naturally exist in enforcing the resulting judgments, as the
national blockade of WhatsApp in Brazil showed.17
pacts. For instance, after the Court of Justice of the European Union Costeja decision (the
right to be de-indexed), the French data protection (p. 734) authority demanded that
Google extend its de-indexing to all versions of its search engine, arguing that the service
is based on a single processing of data worldwide.18
crosoft Bing or Yahoo Search19 and has produced ripple effects in Asia and Latin
America.20
2.2 Digital Sovereignty
the creation of a limited number of national gateways.
21
quirements, stipulating that the data of national citizens processed by foreign companies
needs to be stored within the national jurisdiction.
Page 7 of 25

eration
Other digital sovereignty measures can range from strong national intermediary liability
regimes,22
ternet shutdowns.
(p. 735) 2.3 Paradoxes of Sovereignty
Extreme and unrestrained leveraging of traditional territorial criteria introduces two

paradoxes.
sions and potential conflicts between jurisdictions. While rewarding the most powerful
digital countries, it encourages others to react and adopt measures based on mistrust and
the reimposition of national borders.
Secondly, strict digital sovereignty measures such as data localization are not scalable
globally, including technically. It is highly unlikely that necessary data centres could be,
for example, established in all developing or small countries. Furthermore, although often
lance through the replication of data, which is required to create local copies stored in
the reach of national authorities, while still allowing global processing and cross-border
interactions.
23
gorical imperative that should underpin international internet regulation: any national
policy measure that would be detrimental if generalized around the world should not be
adopted in the first place. International norms of cooperation are needed to prevent this
legal arms race in cyberspace.
3. Limits to International Cooperation

Managing cross-border commons poses systemic difficulties for the existing international
system.24 The Westphalian principles of separation of sovereignties and non-interference
actually represent more of an obstacle than a solution for cooperation on cyber issues.
Page 8 of 25

eration
John Palfrey and Urs Gasser25 and Rolf Weber26 rightfully argue that we need
(p. 736)
more legal interoperability to preserve the global nature of the internet, but substantive
harmonization of laws related to the use of the internet seems unattainable and often
ments such as mutual legal assistance treaties (MLATs) are in dire need of reform; and
the increasing number of informal interactions between public and private actors across
borders lack procedural guarantees.
3.1 Obstacles to Multilateral Efforts
The internet is by nature disruptive, including with respect to the international regulatory
er and authority are incapable of providing contemporary understanding, producing a

27
The idea of a global, all-encompassing internet treaty that would harmonize relevant laws
gotiations that resulted in the Law of the Sea Convention or the Outer Space Treaty. But
all these international conventions can be seen as great achievements of contemporary
28
due to the newness, volatility, and rapid pace of innovation
29
in the digital realm.
Since the end of the World Summit on the Information Society (WSIS), intergovernmental
laration adopted in Tunis in 2005. The split of the international community in 2012 during
ample for the absence of global consensus not only at the level of substance, but even on
the proper institutional framework for such discussions.
In any case, treaty negotiations are notoriously long. Even the most extensive agreement
to date tackling cybercrime, the Budapest Convention, was a lengthy process. If formal
(p. 737) negotiations took only four years, more than a decade was necessary to actually
put the topic on the agenda. Although now signed by more than sixty states around the
tries still use the fact that it was elaborated initially within the Council of Europe as an
tional agreements, the Budapest Convention is also difficult to modify in response to
lateral setting.
In the past few years, many useful declarations have been developed within multilateral
organizations at the level of general principles, showing some form of convergence. Still,
Page 9 of 25

eration
none of them were able to move towards developing an operationally implementable
regime.
3.2 MLATs: The Switched Network of International Cooperation
cess user data stored by an operator in country B. Upon receipt of the request, country B
examines if it is also valid according to its national laws. If so, the data holder in country
B is lawfully compelled to submit the data to authorities in country B, which will then
share it with the requesting authorities of country A.
Speed
formation. In the best cases, an MLAT request from one government to another takes
months to be processed. It can take up to two years between certain countries. The
very elaborate circuit of validations is legitimately intended to provide procedural
guarantees but makes the whole system impracticable.
Scope
tries. Given the disparity of national legislations, their relevance is limited, particularly
on speech issues (e.g. hate speech and defamation). They are also ineffective when the
location of the data is unknown.
Asymmetry: regardless of the actual physical location of events or involved parties,
the MLAT system de facto imposes the law of the recipient country over the law of the
corporation of the targeted platform or operator. An increasing number of countries

find this unbalanced, given the dominant role of US-based companies.
(p. 738) Scalability: the system of traditional MLAT treaties can hardly encompass the
scale of the internet. A large number of countries around the world do not have MLAT
treaties with each other and establishing such bilateral relations among 190 countries
would require more than 15,000 arrangements.30
The MLAT system is the switched network of international cooperation.31 It is in dire
quire more than simply streamlining existing procedures: creative solutions are needed to
cy.
Recent initiatives to create frameworks for direct requests for cross-border access to
Page 10 of 25

eration
mission, and the negotiation of an additional protocol to the Budapest Convention. But
ensuring the interoperability of these regimes represents a new challenge.
4. A Dangerous Path
That is, every single actor, forced to use the only tools available to it, is incentivized to
make short-term decisions that appear in its immediate interest, though their cumulative
effect is at best suboptimal and most likely detrimental to all in the longer term.
the national, rather than managing shared cross-border online spaces in a collaborative
32
the sum of uncoordinated unilateral actions by governments and private actors
can have unintended consequences, with strong negative impacts in economic, human
rights, infrastructure, and security areas (see Table 38.1).
Page 11 of 25

eration
Table 38.1
structure, and security areas
Economy Human rights Infrastructure Security
Demise of Lack of Blurred Eroding

access to separation of global
cessible justice and of internet
services redress layers rity and
and data Reduced Reduced trust
flows freedom of
Market expression silience Diplomatic
entry and tensions
ders Shutdowns Increase
ers Limits to
Reduced Facilitation crimes and
investment formation
in start-ups Limits to lance rorism
freedom of Threats
certainty assembly in Encryption to human
wars security
vation der online and peace
spaces
Restrictions
on the use
tages for of technical
developing tools such
countries as VPNs
Source: Authors.
4.1 Economic Impacts
In 2014, the Boston Consulting Group estimated the value of the entire digital economy of
the Group of Twenty countries alone at US$4.2 trillion, representing 5 to 9 per cent of
(p. 739) total GDP in developed countries,33 while McKinsey Global Institute estimated
that back in 2014 cross-border data flows alone had already added around US$2.8 trillion
to world GDP. The cross-border nature of the internet and its cloud-based services are at
ternet openness in its June 2016 Ministerial Conference in Mexico, and why the 2016
Page 12 of 25

eration
tionally before the current move towards re-territorialization. The future development of
global services, data flows, and the cloud economy are at stake.
Investment in start-ups and medium-sized companies (especially those dealing with user-
gal uncertainty. Compulsory data localization might constitute a potential market entry
tors, limiting innovation and market accessibility for small companies wanting to serve a
global market, particularly from developing countries.
4.2 Human Rights Impacts
established the connection between human rights and the cross-border internet.34
(p. 740)
The internet has uniquely fulfilled the promises of Article 19 of the Universal Declaration
35
ders, and improved our quality of life. Personal communication capacities are augmented,
allowing frictionless expression, deliberation, and the holding of opinions across borders.
asporas with irreplaceable communication tools. It has enabled the creation of critical-
ated tremendous global social value, such as Wikipedia.
The uncontrolled re-territorialization of the internet in order to address its misuses could
destroy the unprecedented human rights benefits the internet has generated. Ironically,
measures such as data localization and decryption could in fact increase opportunities for
surveillance rather than reduce them, as well as harm the right to privacy.36 Increased
versely, the continued absence of affordable cross-border appeal and redress mechanisms
for harmed internet users has a serious negative impact on global justice.
At the same time, legal uncertainty and the absence of proper cooperation frameworks
prevent the necessary fight against abuses such as incitement to violence, harassment, or
disinformation.
4.3 Technical Infrastructure Impacts
technical infrastructure met in Montevideo, Uruguay, to stress in their joint statement
37
In enforcing national laws online in the absence of
Page 13 of 25

eration
(p. 741) international cooperation frameworks, there is a temptation to use the technical
tal architectural principle of the internet: the separation of the neutral logical layer (DNS,
IP addresses, etc.) and the application layer (online platforms and services).
Leveraging the location of registries and registrars to impose the national laws of their
country of incorporation on the global content under the country-code top-level domains
eralizing geo-IP filtering to withhold content on specific territories may ultimately lead to
al basis. Such a scenario could complicate routing. With the transition from IP version 4
(IPv4) to IP version 6 (IPv6), it could even facilitate surveillance, should IP addresses be
permanently hardwired to specific devices and become identity identifiers.
tween public and private actors. The imposition of a limited number of internet gateways
tual private networks is not only contrary to Article 13(2) of the Universal Declaration of
Human Rights,38 it also reduces the security of transactions and communications. More
drastically, the technology for governments to completely shut down the internet in their
comes increasingly accessible.
4.4 Security Impacts
The absence of agreed-upon frameworks to handle requests across borders has already
resulted in diplomatic tensions between a country seeking to enforce its national laws and
39
the Indian Assam riots in
40 41
2012, the Innocence of Muslim YouTube video in 2012, (p. 742) blocking of
Twitter in 2014.42
nances. Such international conflicts are likely to increase if nothing is done.
sions of Article 29 of the Universal Declaration of Human Rights. However, the rapid and
disaster if we lack efficient transnational cooperation mechanisms that set standards and
ders in situations of public order tensions. The international fight against terrorism online
is emblematic of this challenge. Meanwhile, cybercrime is on the rise, and most online
essary to guarantee security online, as well as offline. The absence of appropriate
Page 14 of 25

eration
lance. Failure to develop the needed frameworks might ultimately lead to a decrease in
global cyber security and order.
5.
ernance
propriate solutions. Legal harmonization on substance is difficult to achieve but the costs
tem that must be filled to adequately address these new challenges. In doing so, following
misuses demands the development of innovative cooperation mechanisms that are as

transnational, inclusive, and distributed as the network itself.
5.1
43
(p. 743)
44
World Wide Web Consortium (W3C) for the development of internet and web standards;
five Regional Internet Registries allocating IP addresses; the thirteen root servers and
their multiple mirrors; ICANN; and the numerous registries and registrars distributing
second-level domain names.
framing, drafting, validation, implementation, and reviews. Policies developed through
tensions or the accreditation of market operators (registrars and registries).
Page 15 of 25

eration
tional institutions is fundamentally distributed: each entity deals with a specific issue,
with loosely coupled coordination. It was developed progressively through time as policy
dures. Most importantly, they operate on a fundamental principle: the open participation
pacted by.
5.2
45
The Internet Governance Forum (IGF) is the main outcome of the WSIS process. In its ten
(p. 744)
work. However, despite its undeniable success and essential role, not to mention the
emergence of numerous national and regional spin-offs, it still only covers at best the first
going intersessional work on specific issues to produce, let alone implement and enforce,
The NETmundial Roadmap, an outcome of the major 2014 multistakeholder conference,

highlighted the jurisdiction issue as an important topic for the global community.46 To
preserve the cross-border nature of the internet by default for the next generations to
47
nization of technical governance organizations, this does not mean the mere replication
of a single model, but rather taking adequate inspiration from these principles to develop
In the specific case of developing new policy standards and transnational cooperation
Page 16 of 25

eration
teroperability, economy, human rights, and cybersecurity.
5.3 Enabling Issue-Based Multistakeholder Cooperation
The multistakeholder approach was explicitly endorsed by more than 180 countries at the
sembly High-Level Meeting on the WSIS+10 in December 2015. Filling the institutional
gap requires neither the creation of new international organizations nor giving a unique
nance networks.
In line with the 2014 recommendations of the High-Level Panel on Global Internet
(p. 745)
Cooperation and Governance Mechanisms,48 chaired by the President of Estonia, Toomas
tistakeholder and issue-based processes.
Ongoing, because the current proliferation of one-shot conferences, fora, panels, and
sues and objectives cannot be achieved in disconnected series of two-hour sessions.

Multistakeholder, because no single stakeholder group working alone can grasp all
though it is a condition for the development of balanced regimes. Furthermore, the

likelihood of rapid implementation and scalability is increased if the diverse actors that
will have to contribute to the implementations of a regime have also participated in its
elaboration.
Issue-based, because each topic involves different sets of concerned stakeholders, or
even different individuals and units within each entity. Efficient policy innovation
therefore requires focus on a specific issue to ensure inclusion of all relevant actors.
Based on the lessons of the Internet & Jurisdiction Policy Network, some key factors for
the success of such issue-based policy networks are:
framing the problem as an issue of common concern for all actors;

ensuring the neutrality of the convener and facilitation team/secretariat;
involving all six stakeholder groups: states, internet platforms, technical operators,
academia, civil society, and international organizations;
engaging a critical mass of actors with sufficient diversity to be representative of the
various perspectives and able to implement potential solutions;
enable coordination between individual initiatives and major processes to enhance
policy coherence;
constructing and expanding a global network of key actors;
Page 17 of 25

eration
creating trust among heterogeneous actors and adopting a shared vernacular;

combining smaller working groups and reporting on progress to make the process
manageable and transparent;
informing stakeholders about relevant trends around the world to foster evidence-
based policy innovation; and
providing sufficient geographic diversity from the onset to allow the scalability of
adoption of any emerging policy solution.
Addressing jurisdictional issues on the internet and pre-empting the current legal
(p. 746)
arms race requires enhanced efforts to catalyse multistakeholder cooperation on specific
cess to data.
6. Towards Transnational Frameworks

Such innovative multistakeholder networks can produce scalable and adaptive policy
lations between public and private actors.
6.1 Procedural Interoperability
erence at the global level. Human Rights Council resolutions have reaffirmed that they
apply online as well as offline.49 However, rapid substantive legal harmonization at a
islations that are often considered strong elements of national identity. Meanwhile, cross-
day problems that require urgent action, as the stakes involved are high.
tions engage heterogeneous public and private actors. They are conducted in all shapes
and formats, through broadly diverse communication channels, and often without clear
and standardized procedures or sufficient transparency. In that context, prioritizing the
development of shared procedural standards has several benefits:
it provides a field of cooperation that helps build trust among stakeholders and paves
the way for constructive discussions on contentious substantive norms;
nacular and mechanisms for their interactions, not unlike the Transmission Control
Protocol/IP-enabled interoperability between heterogeneous networks;
it prepares a future digitization of the request treatment workflow, in order to reduce
the delays that plague current mechanisms, such as MLATs;
Page 18 of 25

eration
erational frameworks by design, in order to improve transnational interactions and
(p. 747) 6.2 Governance through Policy Standards
commitments between the different stakeholders, with:
clear distribution of responsibilities;

specific norms, procedural mechanisms, or guarantees; and
clear decision-making criteria.
As new forms of transnational soft law, such operational governance frameworks can, in
state cooperation (e.g. the MLAT system) or fill current governance voids that require
new sets of norms and standards.
Implementation and enforcement of such policy standards can leverage a combination of
tions. Public and private actors have different options to operationalize these shared
tive procedures, or internet platforms and technical operators doing so in their terms of
tional laws, endorsed by international organizations, or enshrined in new international

treaties.
Recognition by the existing international governance ecosystem is a pre-requisite for the

development of policy standards by a critical mass of stakeholders. Here, the Internet &
Jurisdiction Policy Network, as an organization enabling the development of such policy
standards, can serve again as an example. The regular Global Conferences of the Internet
national organizations: the Council of Europe, European Commission, ICANN, OECD,

United Nations ECLAC, and UNESCO. First achievements of stakeholders in the Internet
& Jurisdiction Policy Network have been reported to and referenced by key international
processes: the 2018 G7 Cyber Group Report endorsed its work and the Ottawa Roadmap,
al organizations, showcased the organization, and the organization was invited to report
to the G20 Multi-Stakeholder Conference on Digitalisation or the United Nations Internet
Page 19 of 25

eration
Cooperation.
their potential to scale. Multistakeholder policy standards are based on consensus among
different stakeholder groups, which augments the likelihood of successful and efficient
adoption. They can more easily be implemented across heterogeneous public and private
governance systems, which is the key to creating interoperability. Moreover, (p. 748) such
policy standards can be improved and adapted more quickly than conventional treaties,
which allows them to develop further as the internet ecosystem evolves.
7. Conclusions
In his Structure of Scientific Revolutions,50 Thomas Kuhn describes paradigm shifts that
modify the model underpinning a particular scientific field when it no longer reflects or
quately address the problems of the time.
tional system, based on the territoriality of jurisdictions, the separation of sovereignties,

and non-interference, struggles to handle the transborder digital realities of the twenty-
and approaches can become as much an obstacle as a solution to address the jurisdiction
challenges regarding cross-border data flows and intermediaries.
international cooperation only between states, to transnational cooperation among all
governmental institutions to issue-based governance networks.
Far from a rejection of traditional international cooperation, however, this is proposed as
physics, two theories coexist at the same time: relativity theory applies at high velocities
in space; but in normal conditions, classical Newtonian equations still allow us to build
bridges and predict trajectories. Both have their respective zones of validity. Likewise,
the type of transnational cooperation envisioned here in no way suppresses or reduces
the relevance and authority of existing governance frameworks, in particular national
governments. On the contrary, multistakeholder processes can produce policy standards
that help the reform of existing interstate cooperation mechanisms, and policy standards
can even later be enshrined by traditional multilateral organizations.
gal arms race, preserve the global nature of the internet, and address its misuse. We need
Page 20 of 25

eration
innovative cooperation mechanisms that are as transnational as the internet itself and the
necessary institutional ecosystem and cooperation processes to produce them.
Notes:
(1) Kofi Annan, then UN Secretary-General, remarks at the opening session of the Global
Forum on Internet Governance (24 March 2004). <http://www.un.org/sg/STATEMENTS/
index.asp?nid=837>.
(*
sion on Internet Governance (2016).
(2
(3 GSMA,
2018) <https://www.gsma.com/mobileeconomy/wp-content/uploads/2018/02/The-Mobile-
Economy-Global-2018.pdf>.
(4
(27 November 2015) <http://svir-ssdi.ch/fileadmin/user_upload/VR-Tage/SSDI_-

_Jde_Werra_-_ADR__24_11_2015_.pdf>.
(5 https://
www.internetjurisdiction.net/publications/retrospect#eyJ0byI6IjIwMTYtMTEifQ==>.
(6
net & Jurisdiction Policy Network (2019) <
ternet-jurisdiction-global-status-report-2019>.
(7
(2016)
<http://www3.weforum.org/docs/
WEF_FII_Internet_Fragmentation_An_Overview_2016.pdf>.
(8 The Economist
(9
<
crete-proposals-for-norms-criteria-and-mechanisms-released>.
(10
(11
Page 21 of 25

eration
(12 Internet &
, 2012) <https://
www.internetjurisdiction.net/publications/retrospect#article-4449_2012-02>.
(13
, 2012) <https://
(14
, 2015)
<https://www.internetjurisdiction.net/publications/retrospect#article-5401_2015-12>.
(15
gust 2013) <https://www.internetjurisdiction.net/publications/

retrospect#article-4851_2013-08>.
(16 Internet &

, December 2015) <https://
(17
, December 2015)
(18
, September
2015) <https://www.internetjurisdiction.net/publications/
(19
, July 2014)
(20
, July 2015) <https://
(21
, April 2014) <https://
(22
ability Map (WILMap) (a project designed and developed by Giancarlo Frosio and hosted
at Stanford CIS) <https://wilmap.law.stanford.edu>.
Page 22 of 25

eration
(23
States on the Protection and Promotion of the Universality, Integrity and Openness of the
(24) See e.g. Elinor Ostrom, Governing the Commons: The Evolution of Institutions for
Collective Action (CUP 1990).
(25) John Palfrey and Urs Gasser,

ed Systems (Basic Books 2012).
(26
Commission on Internet Governance Paper Series no. 4 (2014).
(27
(28
net Research Research Papers (2001) <
tioner/cfis_skriftserie/003_kleinwachter.pdf>.
(29
(30
mental organization Access Now <https://mlat.info>.
(31) For a comparison between the public switched telephone network and the distributed
http://
www.internetsociety.org/sites/default/files/
The%20Internet%20and%20the%20Public%20Switched%20Telephone%20Network.pdf>.
(32
Internet Policy Review, 17 April 2014) <https://policyreview.info/articles/
news/cyberspace-fragmentation-internet-governance-debate-beyond-infrastructure/266>.
(33) See Paul Zwillenberg , Dominic Field, and David Dean

ing the Wheels of the Internet Economy (Boston Consulting Group 2014) <https://
www.icann.org/en/system/files/files/bcg-internet-economy-27jan14-en.pdf>.
(34
<http://www.unesco.org/new/fileadmin/MULTIMEDIA/HQ/CI/CI/pdf/news/
internet_universality_en.pdf
https://wcd.coe.int/ViewDoc.jsp?id=2306649>.
Page 23 of 25

eration
(35
teur on the Promotion and Protection of the Right to Freedom of Opinion and Expression,
(36
(37
nouncement-2013-10-07-en>.
(38) See Universal Declaration of Human Rights (adopted 10 December 1948) UNGA Res.
(39 CNET, 22
January 2010) <http://www.cnet.com/news/state-dept-presses-china-ambassador-on-
google>.
(40
Database, August 2012) <http://www.internetjurisdiction.net/observatory/retrospect/

2012-august>.
(41
, November
(42 Internet & Jurisdiction Policy

, March 2014) <https://www.internetjurisdiction.net/
publications/retrospect#article-4982_2014-03>.
(43
https://www.itu.int/net/wsis/docs2/tunis/off/6rev1.html>.
(44
Möller and Arnaud Amouroux (eds), Governing the Internet: Freedom and Regulation in
the OSCE Region (OSCE 2007) 27.
(45
(46
Document.pdf>.
Page 24 of 25

eration
(47 http://www.netmundial.org/
terms-reference>.
(48
<https://www.icann.org/en/system/files/files/collaborative-decentralized-ig-
ecosystem-21may14-en.pdf>.
(49
<http://daccess-dds-
ny.un.org/doc/UNDOC/LTD/G14/059/67/PDF/G1405967.pdf?OpenElement>.
(50) Thomas Kuhn, The Structure of Scientific Revolutions (U. Chicago Press 1962).
Bertrand de La Chapelle
stakeholder organization Internet & Jurisdiction Policy Network. Email:

bdelachapelle@internetjurisdiction.net.
Paul Fehlinger
holder organization Internet & Jurisdiction Policy Network. Email:

fehlinger@internetjurisdiction.net.
Page 25 of 25

eration
Jurisdiction on the Internet: From Legal Arms Race to

Transnational Cooperation
Bertrand de La Chapelle Paul Fehlinger
The cross-border internet with its transnational data flows and intermediaries spans a
fragmented patchwork of national jurisdictions. As connectivity and internet penetration
increase, so do conflicts between jurisdictions. Such conflicts challenge the Westphalian
international system, and traditional modes of legal cooperation struggle to resolve these
tion of digital sovereignty put the global community on a dangerous path if employed on
the global scale. If nothing is done, this legal arms race could lead to severe unintended
consequences for the future of the global digital economy, human rights, cybersecurity,
and the technical internet infrastructure. Twenty-first century digital realities challenge
ternet governance that may be solved by drawing lessons from the technical governance
mand innovative cooperation mechanisms as transnational as the internet itself. This

chapter argues that issue-based multistakeholder policy networks are necessary and the
right approach to develop scalable solutions for cross-border legal challenges with regard
to data flows, online content, or domains.
Keywords: internet jurisdiction, multistakeholder cooperation, legal interoperability, policy coherence, standards
need to be no less creative than those who invented it. Clearly, there is a need for
tional way for something that is so very different.1
*
THE
Page 1 of 25

eration
ritoriality of jurisdiction.
Rooted in the seventeenth-century treaties of the Peace of Westphalia, our international
state cooperation struggle to cope with the digital realities of internet intermediaries and
cross-border data flows in the twenty-first century.
(p. 728)
al nature of cyberspace, with its cross-border data flows and services, while respecting
tection of human rights. Both challenges require cooperation, as well as policy standards
and clear procedures across borders, to ensure efficiency and due process.
Since 2012, the Internet & Jurisdiction Policy Network facilitates a global policy process
holder organization enables coordination and cooperation between governments, major

internet companies, technical operators, civil society, and international organizations. Its
Secretariat helps these stakeholders develop policy standards and operational solutions
for transnational cooperation on jurisdictional issues.
holder organization. It addresses successively:
sure to find rapid solutions as the uses and misuses of the internet increase;
the legal arms race produced by uncoordinated actions and unrestrained application
of territoriality;
tion of legal uncertainty, especially with regard to access to data, content restrictions,
and domain seizures;
the resulting dangerous path that threatens to destroy the nature and benefits of the
global network and the risks related to the economy, human rights, infrastructure, and
security;
the need to fill the institutional gap in internet governance through innovative
processes involving all stakeholder groups; and
how to move toward transnational cooperation frameworks.
Page 2 of 25

eration
1.
ta Flows and Services
1.1 Conflicting Territorialities
The technical architecture of the internet itself was conceived as cross-border and non-
territorial from the onset. The World Wide Web technically allows, by default, access to
any link regardless of physical location, and intermediaries serve hundreds of millions of
users in shared cross-border online spaces. This transnational nature of the internet has
generated unprecedented benefits for humankind, be they political, economic, or social.
In particular, it uniquely fulfils the promises of Article 19 of the Universal Declaration of
Yet, stored or processed data, as well as globally accessible content or services,

(p. 729)
can be legal in one country while infringing laws in other jurisdictions.
From a historical perspective, cross-border interactions were rare, and international legal
tecture of the open internet, interactions across borders have become the new normal. As
a consequence, cross-border conflicts arise between users, the intermediaries they use,
public authorities, and any combination thereof. How to determine the applicable laws
ternational system is based on a patchwork of separate and territorially defined national

jurisdictions.
less, states are faced with the need to regulate conduct or subject matter in contexts
where the territorial nexus is only partial and, in some cases, uncertain. This immediately
represents a challenge to the Westphalian model of exclusive territorial state sovereignty
2
At least four territorial factors can play a role in determining applicable law: the
location(s) of internet end-user(s) or connected devices; the location(s) of the servers or
devices that store or process the actual data; the locus of incorporation of the internet
companies that run the service(s) in question; and, in the case of the world wide web, the
registrars or registries through which a domain name was registered.
These overlapping and often conflicting territorial criteria make both the application of
national laws in cyberspace and the resolution of internet-related disputes difficult and
inefficient. The principles of separation of sovereignties and non-interference between
states that underpin the international system not only render court decisions difficult to
enforce but also prevent the cooperation across borders necessary to efficiently deal with
crimes and abuses online.
Page 3 of 25

eration
Tensions arise and will only grow as internet penetration reaches five billion users and
sitivities.3
1.2 A Challenge for All Stakeholders
The present situation of legal uncertainty is a concern for each category of actors.
Governments have a responsibility to ensure respect of the rule of law online, protect
their citizens, and combat crime. A sense of frustration prevails in the absence of clear
standards on how to enforce national laws on the cross-border internet, ranging from
(p. 730)
able to conduct necessary investigations to stop transnational crime and involving data
ple of separation of jurisdictions becomes an obstacle to international cooperation.
Internet companies, which relied on terms of service early on to establish the jurisdiction
ent national legal frameworks of the countries in which their services are accessible or
connected devices used. This is a particular challenge for start-ups and medium-sized
companies. Faced with more and more direct requests for access to data or takedown of
joyed so far and becoming responsible for thousands of micro-decisions of a quasi-judicial

nature4 with significant human rights dimensions and reputation risks.
Technical operators worry that the fundamental separation of layers that forms the basis
of the internet architecture will become blurred. Registries and registrars in particular
see increasing efforts to leverage the domain name system (DNS) as a content control
tool with global reach. Data centre operators, hosting providers, and internet service
growing application of strict territorial sovereignty and increasing liabilities.
Civil society groups around the world worry about a potential race to the bottom in terms
dress when harmed, as multinational litigation is beyond their reach.
International organizations
graphical remit that is not universal. Although some, such as the Council of Europe, the
tions Educational, Scientific and Cultural Organization (UNESCO) have made significant
efforts to include civil society, the private sector, and the technical community in their
Page 4 of 25

eration
ited in their capacity to timely put sensitive but necessary issues on their agenda by the
lack of consensus, or worse, dissent among their members.
1.3 A Core Issue of Internet Governance
tiple traditional policy areas: the development of the global digital economy, ensuring
(p. 731) a clear and predictable legal environment through cooperation, guaranteeing the
exercise of fundamental human rights, and ensuring security and public order. Since
mented more than 1,600 high-level cases around the world that show the growing tension
between national jurisdictions due to the cross-border nature of the internet.5 According
to the Internet & Jurisdiction Global Status Report 2019, an overwhelming 79 per cent of
lenges on the internet.6
Unfortunately, unilateral actions by actors trying to solve on their own the complex
lem harder rather than easier to solve. Contrary to what they may perceive, however, the
trends toward the renationalization of cyberspaces are observable7 and stakeholders at

the 1st Global Conference of the Internet & Jurisdiction Policy Network emphasized, that
8
laration of Human Rights, notably Article 19, and boosts innovation and growth through
tion.
At the 2nd Global Conference of the Internet & Jurisdiction Policy Network, organized in
lutions in three key areas.
Data & Jurisdiction: how can transnational data flows and the protection of privacy
be reconciled with lawful access requirements to address crime?
Content & Jurisdiction: how can we manage globally-available content in the light of
the diversity of local laws and norms applicable on the internet?
preserved when national laws are applied to the DNS?
Page 5 of 25

eration
(p. 732)
es Documents with concrete proposals for operational norms, criteria, and mechanisms.9
These were discussed by almost 300 stakeholders from over fifty countries at the 3rd
nized in partnership with the government of Germany. This resulted in the Berlin
erational solutions and policy standards.
2. A Legal Arms Race in Cyberspace?

Solving the internet and jurisdiction challenge is intrinsically linked to the general debate
about modalities of global governance. Christoph Knill and Dirk Lehmkuhl had already
range of problems that exceed the scope of national sovereignty and can therefore no
10
Marie-
emplified by the global digital economy and its cross-border data flows and services, as a
11
tive orders served as the prime regulatory instrument to handle abuses or disputes,
states are now confronted with increasing domestic pressure to address cross-border
islative or enforcement national actions can be observed around the world.
A looming risk is a legal arms race, in which states resort to an extensive interpretation
reimposing national borders.
(p. 733) 2.1 Extraterritoriality
Extraterritorial extension of national jurisdiction is becoming the realpolitik of internet

regulation.
cal operators incorporated on their soil can impose their national laws and regulations on
vices. An often-cited example regarding the United States are the surveillance capacities
described in the Snowden revelations. Regarding the reach of law enforcement, the US
Page 6 of 25

eration
Cloud Act establishes that warrants for access to electronic evidence can cover data
volved a Department of US Homeland Security agency seizing domain names belonging

to foreign registrants on the sole basis of their registration through a US-based registrar
(the RojaDirecta case12) or registry (the Bodog case13).
Furthermore, legislations increasingly include clauses establishing extraterritorial reach,

such as the General Data Protection Regulation in the EU.14
pacts far beyond the respective jurisdictions. Facebook, for instance, changed its global
15
creasingly affirm competence regarding services incorporated in other countries merely

because they are accessible in their territory, as illustrated by the Yahoo case in
Belgium.16 Some difficulties naturally exist in enforcing the resulting judgments, as the
national blockade of WhatsApp in Brazil showed.17
pacts. For instance, after the Court of Justice of the European Union Costeja decision (the
right to be de-indexed), the French data protection (p. 734) authority demanded that
Google extend its de-indexing to all versions of its search engine, arguing that the service
is based on a single processing of data worldwide.18
crosoft Bing or Yahoo Search19 and has produced ripple effects in Asia and Latin
America.20
2.2 Digital Sovereignty
the creation of a limited number of national gateways.
21
quirements, stipulating that the data of national citizens processed by foreign companies
needs to be stored within the national jurisdiction.
Page 7 of 25

eration
Other digital sovereignty measures can range from strong national intermediary liability
regimes,22
ternet shutdowns.
(p. 735) 2.3 Paradoxes of Sovereignty
Extreme and unrestrained leveraging of traditional territorial criteria introduces two

paradoxes.
sions and potential conflicts between jurisdictions. While rewarding the most powerful
digital countries, it encourages others to react and adopt measures based on mistrust and
the reimposition of national borders.
Secondly, strict digital sovereignty measures such as data localization are not scalable
globally, including technically. It is highly unlikely that necessary data centres could be,
for example, established in all developing or small countries. Furthermore, although often
lance through the replication of data, which is required to create local copies stored in
the reach of national authorities, while still allowing global processing and cross-border
interactions.
23
gorical imperative that should underpin international internet regulation: any national
policy measure that would be detrimental if generalized around the world should not be
adopted in the first place. International norms of cooperation are needed to prevent this
legal arms race in cyberspace.
3. Limits to International Cooperation

Managing cross-border commons poses systemic difficulties for the existing international
system.24 The Westphalian principles of separation of sovereignties and non-interference
actually represent more of an obstacle than a solution for cooperation on cyber issues.
Page 8 of 25

eration
John Palfrey and Urs Gasser25 and Rolf Weber26 rightfully argue that we need
(p. 736)
more legal interoperability to preserve the global nature of the internet, but substantive
harmonization of laws related to the use of the internet seems unattainable and often
ments such as mutual legal assistance treaties (MLATs) are in dire need of reform; and
the increasing number of informal interactions between public and private actors across
borders lack procedural guarantees.
3.1 Obstacles to Multilateral Efforts
The internet is by nature disruptive, including with respect to the international regulatory
er and authority are incapable of providing contemporary understanding, producing a

27
The idea of a global, all-encompassing internet treaty that would harmonize relevant laws
gotiations that resulted in the Law of the Sea Convention or the Outer Space Treaty. But
all these international conventions can be seen as great achievements of contemporary
28
due to the newness, volatility, and rapid pace of innovation
29
in the digital realm.
Since the end of the World Summit on the Information Society (WSIS), intergovernmental
laration adopted in Tunis in 2005. The split of the international community in 2012 during
ample for the absence of global consensus not only at the level of substance, but even on
the proper institutional framework for such discussions.
In any case, treaty negotiations are notoriously long. Even the most extensive agreement
to date tackling cybercrime, the Budapest Convention, was a lengthy process. If formal
(p. 737) negotiations took only four years, more than a decade was necessary to actually
put the topic on the agenda. Although now signed by more than sixty states around the
tries still use the fact that it was elaborated initially within the Council of Europe as an
tional agreements, the Budapest Convention is also difficult to modify in response to
lateral setting.
In the past few years, many useful declarations have been developed within multilateral
organizations at the level of general principles, showing some form of convergence. Still,
Page 9 of 25

eration
none of them were able to move towards developing an operationally implementable
regime.
3.2 MLATs: The Switched Network of International Cooperation
cess user data stored by an operator in country B. Upon receipt of the request, country B
examines if it is also valid according to its national laws. If so, the data holder in country
B is lawfully compelled to submit the data to authorities in country B, which will then
share it with the requesting authorities of country A.
Speed
formation. In the best cases, an MLAT request from one government to another takes
months to be processed. It can take up to two years between certain countries. The
very elaborate circuit of validations is legitimately intended to provide procedural
guarantees but makes the whole system impracticable.
Scope
tries. Given the disparity of national legislations, their relevance is limited, particularly
on speech issues (e.g. hate speech and defamation). They are also ineffective when the
location of the data is unknown.
Asymmetry: regardless of the actual physical location of events or involved parties,
the MLAT system de facto imposes the law of the recipient country over the law of the
corporation of the targeted platform or operator. An increasing number of countries

find this unbalanced, given the dominant role of US-based companies.
(p. 738) Scalability: the system of traditional MLAT treaties can hardly encompass the
scale of the internet. A large number of countries around the world do not have MLAT
treaties with each other and establishing such bilateral relations among 190 countries
would require more than 15,000 arrangements.30
The MLAT system is the switched network of international cooperation.31 It is in dire
quire more than simply streamlining existing procedures: creative solutions are needed to
cy.
Recent initiatives to create frameworks for direct requests for cross-border access to
Page 10 of 25

eration
mission, and the negotiation of an additional protocol to the Budapest Convention. But
ensuring the interoperability of these regimes represents a new challenge.
4. A Dangerous Path
That is, every single actor, forced to use the only tools available to it, is incentivized to
make short-term decisions that appear in its immediate interest, though their cumulative
effect is at best suboptimal and most likely detrimental to all in the longer term.
the national, rather than managing shared cross-border online spaces in a collaborative
32
the sum of uncoordinated unilateral actions by governments and private actors
can have unintended consequences, with strong negative impacts in economic, human
rights, infrastructure, and security areas (see Table 38.1).
Page 11 of 25

eration
Table 38.1
structure, and security areas
Economy Human rights Infrastructure Security
Demise of Lack of Blurred Eroding

access to separation of global
cessible justice and of internet
services redress layers rity and
and data Reduced Reduced trust
flows freedom of
Market expression silience Diplomatic
entry and tensions
ders Shutdowns Increase
ers Limits to
Reduced Facilitation crimes and
investment formation
in start-ups Limits to lance rorism
freedom of Threats
certainty assembly in Encryption to human
wars security
vation der online and peace
spaces
Restrictions
on the use
tages for of technical
developing tools such
countries as VPNs
Source: Authors.
4.1 Economic Impacts
In 2014, the Boston Consulting Group estimated the value of the entire digital economy of
the Group of Twenty countries alone at US$4.2 trillion, representing 5 to 9 per cent of
(p. 739) total GDP in developed countries,33 while McKinsey Global Institute estimated
that back in 2014 cross-border data flows alone had already added around US$2.8 trillion
to world GDP. The cross-border nature of the internet and its cloud-based services are at
ternet openness in its June 2016 Ministerial Conference in Mexico, and why the 2016
Page 12 of 25

eration
tionally before the current move towards re-territorialization. The future development of
global services, data flows, and the cloud economy are at stake.
Investment in start-ups and medium-sized companies (especially those dealing with user-
gal uncertainty. Compulsory data localization might constitute a potential market entry
tors, limiting innovation and market accessibility for small companies wanting to serve a
global market, particularly from developing countries.
4.2 Human Rights Impacts
established the connection between human rights and the cross-border internet.34
(p. 740)
The internet has uniquely fulfilled the promises of Article 19 of the Universal Declaration
35
ders, and improved our quality of life. Personal communication capacities are augmented,
allowing frictionless expression, deliberation, and the holding of opinions across borders.
asporas with irreplaceable communication tools. It has enabled the creation of critical-
ated tremendous global social value, such as Wikipedia.
The uncontrolled re-territorialization of the internet in order to address its misuses could
destroy the unprecedented human rights benefits the internet has generated. Ironically,
measures such as data localization and decryption could in fact increase opportunities for
surveillance rather than reduce them, as well as harm the right to privacy.36 Increased
versely, the continued absence of affordable cross-border appeal and redress mechanisms
for harmed internet users has a serious negative impact on global justice.
At the same time, legal uncertainty and the absence of proper cooperation frameworks
prevent the necessary fight against abuses such as incitement to violence, harassment, or
disinformation.
4.3 Technical Infrastructure Impacts
technical infrastructure met in Montevideo, Uruguay, to stress in their joint statement
37
In enforcing national laws online in the absence of
Page 13 of 25

eration
(p. 741) international cooperation frameworks, there is a temptation to use the technical
tal architectural principle of the internet: the separation of the neutral logical layer (DNS,
IP addresses, etc.) and the application layer (online platforms and services).
Leveraging the location of registries and registrars to impose the national laws of their
country of incorporation on the global content under the country-code top-level domains
eralizing geo-IP filtering to withhold content on specific territories may ultimately lead to
al basis. Such a scenario could complicate routing. With the transition from IP version 4
(IPv4) to IP version 6 (IPv6), it could even facilitate surveillance, should IP addresses be
permanently hardwired to specific devices and become identity identifiers.
tween public and private actors. The imposition of a limited number of internet gateways
tual private networks is not only contrary to Article 13(2) of the Universal Declaration of
Human Rights,38 it also reduces the security of transactions and communications. More
drastically, the technology for governments to completely shut down the internet in their
comes increasingly accessible.
4.4 Security Impacts
The absence of agreed-upon frameworks to handle requests across borders has already
resulted in diplomatic tensions between a country seeking to enforce its national laws and
39
the Indian Assam riots in
40 41
2012, the Innocence of Muslim YouTube video in 2012, (p. 742) blocking of
Twitter in 2014.42
nances. Such international conflicts are likely to increase if nothing is done.
sions of Article 29 of the Universal Declaration of Human Rights. However, the rapid and
disaster if we lack efficient transnational cooperation mechanisms that set standards and
ders in situations of public order tensions. The international fight against terrorism online
is emblematic of this challenge. Meanwhile, cybercrime is on the rise, and most online
essary to guarantee security online, as well as offline. The absence of appropriate
Page 14 of 25

eration
lance. Failure to develop the needed frameworks might ultimately lead to a decrease in
global cyber security and order.
5.
ernance
propriate solutions. Legal harmonization on substance is difficult to achieve but the costs
tem that must be filled to adequately address these new challenges. In doing so, following
misuses demands the development of innovative cooperation mechanisms that are as

transnational, inclusive, and distributed as the network itself.
5.1
43
(p. 743)
44
World Wide Web Consortium (W3C) for the development of internet and web standards;
five Regional Internet Registries allocating IP addresses; the thirteen root servers and
their multiple mirrors; ICANN; and the numerous registries and registrars distributing
second-level domain names.
framing, drafting, validation, implementation, and reviews. Policies developed through
tensions or the accreditation of market operators (registrars and registries).
Page 15 of 25

eration
tional institutions is fundamentally distributed: each entity deals with a specific issue,
with loosely coupled coordination. It was developed progressively through time as policy
dures. Most importantly, they operate on a fundamental principle: the open participation
pacted by.
5.2
45
The Internet Governance Forum (IGF) is the main outcome of the WSIS process. In its ten
(p. 744)
work. However, despite its undeniable success and essential role, not to mention the
emergence of numerous national and regional spin-offs, it still only covers at best the first
going intersessional work on specific issues to produce, let alone implement and enforce,
The NETmundial Roadmap, an outcome of the major 2014 multistakeholder conference,

highlighted the jurisdiction issue as an important topic for the global community.46 To
preserve the cross-border nature of the internet by default for the next generations to
47
nization of technical governance organizations, this does not mean the mere replication
of a single model, but rather taking adequate inspiration from these principles to develop
In the specific case of developing new policy standards and transnational cooperation
Page 16 of 25

eration
teroperability, economy, human rights, and cybersecurity.
5.3 Enabling Issue-Based Multistakeholder Cooperation
The multistakeholder approach was explicitly endorsed by more than 180 countries at the
sembly High-Level Meeting on the WSIS+10 in December 2015. Filling the institutional
gap requires neither the creation of new international organizations nor giving a unique
nance networks.
In line with the 2014 recommendations of the High-Level Panel on Global Internet
(p. 745)
Cooperation and Governance Mechanisms,48 chaired by the President of Estonia, Toomas
tistakeholder and issue-based processes.
Ongoing, because the current proliferation of one-shot conferences, fora, panels, and
sues and objectives cannot be achieved in disconnected series of two-hour sessions.

Multistakeholder, because no single stakeholder group working alone can grasp all
though it is a condition for the development of balanced regimes. Furthermore, the

likelihood of rapid implementation and scalability is increased if the diverse actors that
will have to contribute to the implementations of a regime have also participated in its
elaboration.
Issue-based, because each topic involves different sets of concerned stakeholders, or
even different individuals and units within each entity. Efficient policy innovation
therefore requires focus on a specific issue to ensure inclusion of all relevant actors.
Based on the lessons of the Internet & Jurisdiction Policy Network, some key factors for
the success of such issue-based policy networks are:
framing the problem as an issue of common concern for all actors;

ensuring the neutrality of the convener and facilitation team/secretariat;
involving all six stakeholder groups: states, internet platforms, technical operators,
academia, civil society, and international organizations;
engaging a critical mass of actors with sufficient diversity to be representative of the
various perspectives and able to implement potential solutions;
enable coordination between individual initiatives and major processes to enhance
policy coherence;
constructing and expanding a global network of key actors;
Page 17 of 25

eration
creating trust among heterogeneous actors and adopting a shared vernacular;

combining smaller working groups and reporting on progress to make the process
manageable and transparent;
informing stakeholders about relevant trends around the world to foster evidence-
based policy innovation; and
providing sufficient geographic diversity from the onset to allow the scalability of
adoption of any emerging policy solution.
Addressing jurisdictional issues on the internet and pre-empting the current legal
(p. 746)
arms race requires enhanced efforts to catalyse multistakeholder cooperation on specific
cess to data.
6. Towards Transnational Frameworks

Such innovative multistakeholder networks can produce scalable and adaptive policy
lations between public and private actors.
6.1 Procedural Interoperability
erence at the global level. Human Rights Council resolutions have reaffirmed that they
apply online as well as offline.49 However, rapid substantive legal harmonization at a
islations that are often considered strong elements of national identity. Meanwhile, cross-
day problems that require urgent action, as the stakes involved are high.
tions engage heterogeneous public and private actors. They are conducted in all shapes
and formats, through broadly diverse communication channels, and often without clear
and standardized procedures or sufficient transparency. In that context, prioritizing the
development of shared procedural standards has several benefits:
it provides a field of cooperation that helps build trust among stakeholders and paves
the way for constructive discussions on contentious substantive norms;
nacular and mechanisms for their interactions, not unlike the Transmission Control
Protocol/IP-enabled interoperability between heterogeneous networks;
it prepares a future digitization of the request treatment workflow, in order to reduce
the delays that plague current mechanisms, such as MLATs;
Page 18 of 25

eration
erational frameworks by design, in order to improve transnational interactions and
(p. 747) 6.2 Governance through Policy Standards
commitments between the different stakeholders, with:
clear distribution of responsibilities;

specific norms, procedural mechanisms, or guarantees; and
clear decision-making criteria.
As new forms of transnational soft law, such operational governance frameworks can, in
state cooperation (e.g. the MLAT system) or fill current governance voids that require
new sets of norms and standards.
Implementation and enforcement of such policy standards can leverage a combination of
tions. Public and private actors have different options to operationalize these shared
tive procedures, or internet platforms and technical operators doing so in their terms of
tional laws, endorsed by international organizations, or enshrined in new international

treaties.
Recognition by the existing international governance ecosystem is a pre-requisite for the

development of policy standards by a critical mass of stakeholders. Here, the Internet &
Jurisdiction Policy Network, as an organization enabling the development of such policy
standards, can serve again as an example. The regular Global Conferences of the Internet
national organizations: the Council of Europe, European Commission, ICANN, OECD,

United Nations ECLAC, and UNESCO. First achievements of stakeholders in the Internet
& Jurisdiction Policy Network have been reported to and referenced by key international
processes: the 2018 G7 Cyber Group Report endorsed its work and the Ottawa Roadmap,
al organizations, showcased the organization, and the organization was invited to report
to the G20 Multi-Stakeholder Conference on Digitalisation or the United Nations Internet
Page 19 of 25

eration
Cooperation.
their potential to scale. Multistakeholder policy standards are based on consensus among
different stakeholder groups, which augments the likelihood of successful and efficient
adoption. They can more easily be implemented across heterogeneous public and private
governance systems, which is the key to creating interoperability. Moreover, (p. 748) such
policy standards can be improved and adapted more quickly than conventional treaties,
which allows them to develop further as the internet ecosystem evolves.
7. Conclusions
In his Structure of Scientific Revolutions,50 Thomas Kuhn describes paradigm shifts that
modify the model underpinning a particular scientific field when it no longer reflects or
quately address the problems of the time.
tional system, based on the territoriality of jurisdictions, the separation of sovereignties,

and non-interference, struggles to handle the transborder digital realities of the twenty-
and approaches can become as much an obstacle as a solution to address the jurisdiction
challenges regarding cross-border data flows and intermediaries.
international cooperation only between states, to transnational cooperation among all
governmental institutions to issue-based governance networks.
Far from a rejection of traditional international cooperation, however, this is proposed as
physics, two theories coexist at the same time: relativity theory applies at high velocities
in space; but in normal conditions, classical Newtonian equations still allow us to build
bridges and predict trajectories. Both have their respective zones of validity. Likewise,
the type of transnational cooperation envisioned here in no way suppresses or reduces
the relevance and authority of existing governance frameworks, in particular national
governments. On the contrary, multistakeholder processes can produce policy standards
that help the reform of existing interstate cooperation mechanisms, and policy standards
can even later be enshrined by traditional multilateral organizations.
gal arms race, preserve the global nature of the internet, and address its misuse. We need
Page 20 of 25

eration
innovative cooperation mechanisms that are as transnational as the internet itself and the
necessary institutional ecosystem and cooperation processes to produce them.
Notes:
(1) Kofi Annan, then UN Secretary-General, remarks at the opening session of the Global
Forum on Internet Governance (24 March 2004). <http://www.un.org/sg/STATEMENTS/
index.asp?nid=837>.
(*
sion on Internet Governance (2016).
(2
(3 GSMA,
2018) <https://www.gsma.com/mobileeconomy/wp-content/uploads/2018/02/The-Mobile-
Economy-Global-2018.pdf>.
(4
(27 November 2015) <http://svir-ssdi.ch/fileadmin/user_upload/VR-Tage/SSDI_-

_Jde_Werra_-_ADR__24_11_2015_.pdf>.
(5 https://
www.internetjurisdiction.net/publications/retrospect#eyJ0byI6IjIwMTYtMTEifQ==>.
(6
net & Jurisdiction Policy Network (2019) <
ternet-jurisdiction-global-status-report-2019>.
(7
(2016)
<http://www3.weforum.org/docs/
WEF_FII_Internet_Fragmentation_An_Overview_2016.pdf>.
(8 The Economist
(9
<
crete-proposals-for-norms-criteria-and-mechanisms-released>.
(10
(11
Page 21 of 25

eration
(12 Internet &
, 2012) <https://
(13
, 2012) <https://
(14
, 2015)
(15
gust 2013) <https://www.internetjurisdiction.net/publications/

(16 Internet &

, December 2015) <https://
(17
, December 2015)
(18
, September
(19
, July 2014)
(20
, July 2015) <https://
(21
, April 2014) <https://
(22
ability Map (WILMap) (a project designed and developed by Giancarlo Frosio and hosted
at Stanford CIS) <https://wilmap.law.stanford.edu>.
Page 22 of 25

eration
(23
States on the Protection and Promotion of the Universality, Integrity and Openness of the
(24) See e.g. Elinor Ostrom, Governing the Commons: The Evolution of Institutions for
Collective Action (CUP 1990).
(25) John Palfrey and Urs Gasser,

ed Systems (Basic Books 2012).
(26
(27
(28
net Research Research Papers (2001) <
tioner/cfis_skriftserie/003_kleinwachter.pdf>.
(29
(30
mental organization Access Now <https://mlat.info>.
(31) For a comparison between the public switched telephone network and the distributed
http://
www.internetsociety.org/sites/default/files/
The%20Internet%20and%20the%20Public%20Switched%20Telephone%20Network.pdf>.
(32
Internet Policy Review, 17 April 2014) <https://policyreview.info/articles/
news/cyberspace-fragmentation-internet-governance-debate-beyond-infrastructure/266>.
(33) See Paul Zwillenberg , Dominic Field, and David Dean

ing the Wheels of the Internet Economy (Boston Consulting Group 2014) <https://
www.icann.org/en/system/files/files/bcg-internet-economy-27jan14-en.pdf>.
(34
<http://www.unesco.org/new/fileadmin/MULTIMEDIA/HQ/CI/CI/pdf/news/
internet_universality_en.pdf
https://wcd.coe.int/ViewDoc.jsp?id=2306649>.
Page 23 of 25

eration
(35
teur on the Promotion and Protection of the Right to Freedom of Opinion and Expression,
(36
(37
nouncement-2013-10-07-en>.
(38) See Universal Declaration of Human Rights (adopted 10 December 1948) UNGA Res.
(39 CNET, 22
January 2010) <http://www.cnet.com/news/state-dept-presses-china-ambassador-on-
google>.
(40
Database, August 2012) <http://www.internetjurisdiction.net/observatory/retrospect/

2012-august>.
(41
, November
(42 Internet & Jurisdiction Policy

, March 2014) <https://www.internetjurisdiction.net/
publications/retrospect#article-4982_2014-03>.
(43
https://www.itu.int/net/wsis/docs2/tunis/off/6rev1.html>.
(44
Möller and Arnaud Amouroux (eds), Governing the Internet: Freedom and Regulation in
the OSCE Region (OSCE 2007) 27.
(45
(46
Document.pdf>.
Page 24 of 25

eration
(47 http://www.netmundial.org/
terms-reference>.
(48
<https://www.icann.org/en/system/files/files/collaborative-decentralized-ig-
ecosystem-21may14-en.pdf>.
(49
<http://daccess-dds-
ny.un.org/doc/UNDOC/LTD/G14/059/67/PDF/G1405967.pdf?OpenElement>.
(50) Thomas Kuhn, The Structure of Scientific Revolutions (U. Chicago Press 1962).
Bertrand de La Chapelle
stakeholder organization Internet & Jurisdiction Policy Network. Email:

bdelachapelle@internetjurisdiction.net.
Paul Fehlinger
holder organization Internet & Jurisdiction Policy Network. Email:

fehlinger@internetjurisdiction.net.
Page 25 of 25

The Equustek Effect: A Canadian Perspective on Global Takedown Orders in
the Age of the Internet
The Equustek Effect: A Canadian Perspective on Global

Takedown Orders in the Age of the Internet
Michael Geist
This chapter examines the Canadian Equustek case, tracing the development of internet
jurisdiction cases in the late 1990s to the current legal battles over the appropriate scope
of court orders that wield far greater effect than conventional, domestic-based orders.
The chapter begins by recounting the Yahoo France case, the internet jurisdiction case
that placed the conflict challenges squarely on the legal radar screen. It continues with a
detailed examination of the Equustek decision and its aftermath, including efforts by
der from a US court and the use by Canadian courts to extend the ruling to other internet
platforms and online issues. It also cites one additional risk with overbroad national court
net intermediaries, who may selectively choose which laws and orders to follow, thereby
overriding conventional enforcement of court orders and national regulation.
Keywords: online intermediaries, automated enforcement, algorithms, transparency, algorithmic accountability
*
IN the days before widespread broadband, social networks, and online video, a French
anti-racism group launched the internet lawsuit heard round the world. In late 2000, the
postings displaying Nazi memorabilia.1 While Yahoo already blocked access to content on
the United States (yahoo.com).
world.2 Given that the internet has little regard for conventional borders, the question of
(p. 710) whose law applies and which court gets to apply it was a seminal question as the
internet mushroomed into the dominant communications network of our time.
Page 1 of 19

Years after the Yahoo France case, the Supreme Court of Canada grappled with many of
the same issues in 2017 in an internet jurisdiction case heard around the world.3
ustek Solutions v Google
ing internet search engine.4

sults from its Canadian site, Equustek sought a far broader court order, asking Canadian
courts to require the removal of the search results on a global basis. In doing so,
dictate the content of search results for internet users worldwide. At stake was the
remove global content from a single jurisdiction.5
This chapter examines the Canadian Equustek case, tracing the development of internet
jurisdiction cases in the late 1990s to the current legal battles over the appropriate scope
of court orders that wield far greater effect than conventional, domestic-based orders.6
The chapter begins by recounting the Yahoo France case, the internet jurisdiction case
that placed the conflict challenges squarely on the legal radar screen. It continues with a
detailed examination of the Equustek decision and its aftermath, including efforts by
der from a US court and the use by Canadian courts to extend the ruling to other internet
platforms and online issues. It also cites one additional risk with overbroad national court
net intermediaries, who may selectively choose which laws and orders to follow, thereby
overriding conventional enforcement of court orders and national regulation.
1. Where it all Began: The Yahoo France Case

Few internet law cases attracted as much attention as the Yahoo France case, in which a
to implement technical or access control measures blocking auctions featuring (p. 711)
Nazi memorabilia from French residents.7 Yahoo reacted with alarm, maintaining that the
French court could not properly assert jurisdiction over the matter. Yahoo noted that the
tomized for France, that were free of Nazi-related content. These country-specific sites
targeted the local population in their local language, and endeavoured to comply with all
local laws and regulations.
The company argued that its flagship site, Yahoo.com, primarily targeted a US audience.
lated that the site was governed by US law. Since the Yahoo.com site was not intended for
ny felt confident that a French judge could not credibly assert jurisdiction over the site.
Page 2 of 19

Judge Jean-Jacques Gomez of the County Court of Paris disagreed, ruling that the court
could assert jurisdiction over the dispute since the content found on the Yahoo.com site
was available to French residents and was unlawful under French law.8 Before issuing his
nologies were imperfect, they could accurately identify French internet users at least 70
per cent of the time.9 Based on this report, Judge Gomez ordered Yahoo to ensure that
French residents could not access content that violated French law on the site. Failure to
comply with the order would result in fines of 100,000 francs per day after a three-month
grace period.
Yahoo was unsurprisingly critical of the decision, but rather than appealing the French
ruling, it chose to let it stand and to launch a lawsuit of its own in the US courts, seeking
an order that the French decision could not be enforced on its home turf.
The 9th Circuit Court of Appeals, a US appellate court, ultimately issued a ninety-nine-
hoo with its much-desired order.10

dependently removed much of the offending content, suggesting that the company was
not being forced to block legal materials.
On the question of jurisdiction, the majority of the court determined that it could assert
jurisdiction over the case despite minimal connections to the United States. Indeed, in
this case the contacts were limited to a cease-and-desist letter demanding that Yahoo
comply with French law, the formal delivery of the lawsuit, and the mere existence of the
French court order.
(p. 712)
cisions, thorny conflict of law issues, and regulatory uncertainty. The case succeeded in
tempts to extend national court orders beyond national borders would lead to protracted
line environment.
2. Equustek Solutions v Google
Canadian courts faced several notable internet jurisdiction cases in the years following
the Yahoo France case,11 but it was Equustek Solutions v Google Inc.
ed in the Province of British Columbia (BC) in 2014,12
13
The case
stemmed from claims by Equustek, a Canadian company, that another company used its
Page 3 of 19

trade secrets to create a competing product and engaged in misleading tactics to trick
users into purchasing it.
tarily removed search results for the site from Google.ca search results, a micro-site
suing what amounted to global takedown order.
Google argued against a global order by pointing to the Yahoo France case, a position that
was rejected by the lower court:
cern addressed by the Baltic proviso in Mareva injunctions. Google gives as an example of
such jurisdictional difficulties the case of Yahoo! Inc. v La Ligue Contre Le Racism et
[Yahoo
Yahoo provides a cautionary note. As with Mareva injunctions, courts must be cognizant
of potentially compelling a non-party to take action in a foreign jurisdiction that would
breach the law in that jurisdiction. That concern can be addressed in (p. 713) appropriate
cases, as it is for Mareva
cuse the non-party from compliance with the order if to do so would breach local laws.
indeed the law of any state or country from which a search could be conducted.
ty rights and view the selling of pirated products as a legal wrong.14
In assessing the impact of the internet, the court concluded that the global impact was a
reason to issue a broad-based injunction, not to shy away from one:
The Court must adapt to the reality of e-commerce with its potential for abuse by those
who would take the property of others and sell it through the borderless electronic web of
the internet. I conclude that an interim injunction should be granted compelling Google to
15
On appeal, the BC Court of Appeal noted that orders with extraterritorial effect are not
unusual:
Page 4 of 19

British Columbia courts are called upon to adjudicate disputes involving foreign residents
on a daily basis, and the fact that their decisions may affect the activities of those people
outside the borders of British Columbia is not determinative of whether an order may be
der the CJPTA [Court Jurisdiction and Proceedings Transfer Act]. If it does, it must also
ple rule that the activities of non-residents in foreign jurisdictions cannot be affected by
orders of Canadian courts.16
not see these sorts of orders as being unnecessarily intrusive or contrary to the interests
17
The court ultimately upheld the initial global takedown order, but emphasized the ability
to vary it should circumstances warrant:
With respect to extraterritorial effects, Google has, in this Court, suggested that a more
limited order ought to have been made, affecting only searches that take place (p. 714) on
the google.ca site. I accept that an order with international scope should not be made
lightly, and that where an order with only domestic consequences will accomplish all that
Mareva injunction will

freeze sufficient assets, the court should refrain from granting a more expansive world-
wide injunction.
The plaintiffs have established, in my view, that an order limited to the google.ca search
junction worldwide effect. I have already noted that applications can be made to vary the
order should unexpected issues arise concerning comity.18
3. Supreme Court of Canada Hearing

The Supreme Court of Canada unsurprisingly granted leave to appeal from the BC Court
of Appeal decision, since the broader implications of the ruling struck a chord with those
concerned with legal overreach on the internet. Indeed, experts noted since if a Canadian
court has the power to limit access to information for the globe, presumably other courts
do as well.19
pens if a Russian court orders Google to remove gay and lesbian sites from its database?
ties for legal conflict are significant given that local rules of freedom of expression often
differ from country to country.
Page 5 of 19

dia Foundation,20 Electronic Frontier Foundation,21

try associations,22 focused on issues such as the effectiveness of a Google-targeted order,
where the responsibility for identifying conflicting laws should lie, and the fairness of
bringing an innocent third party such as Google into the legal fray.
Yet largely missing from the discussion was an attempt to grapple with perhaps the
biggest question raised by the case: in a seemingly borderless internet, how do courts
foster respect for legal rules and avoid vesting enormous power in the hands of internet
ing laws.
(p. 715)
swers.23
any website.
tervenors argued that it should fall to claimants to assure a court that an extraterritorial
order would not violate the laws of other countries. Equustek responded by pointing to
enue that does business around the world to bear the burden of identifying legal conflicts.
While those issues seemed to leave the court divided, it barely addressed the elephant in
the room, namely the dangers of ceding decision-making on whether to abide by the law
resolved, with the Supreme Court largely avoiding the issue in its written decision.
4. The Supreme Court of Canada Decision
ternational basis.24
ny, the limited harm or burden to Google, and the ease with which potential conflicts
tial conflicts or assess the implications in other countries.
the case as follows:
Page 6 of 19

The issue in this appeal is whether Google can be ordered, pending a trial, to globally de-
index the websites of a company which, in breach of several court orders, is using those
websites to unlawfully sell the intellectual property of another company.25
Characterized that way, the outcome to uphold the order was no surprise. As the dissent
noted, this was likely a permanent order, not a temporary one. Further, (p. 716)
used trade secrets.
Justice Abella proceeded to analyse the law of injunctions but, for internet watchers, the
edy:
natural habitat is global. The only way to ensure that the interlocutory injunction attained
Canada alone or to google.ca, as Google suggests it should have been, the remedy would
locutory injunction which has no realistic prospect of preventing irreparable harm.26
The majority was not persuaded by concerns about potential legal conflicts of a global
missible in the other countries.
ply with it would result in Google violating the laws of that jurisdiction is, with respect,
ognize intellectual property rights and view the selling of pirated products as a legal
order, it hardly seems equitable to deny Equustek the extraterritorial scope it needs to
try, where such an order is legally permissible. We are dealing with the Internet after all,
ial reach when injunctive relief is being sought against an entity like Google.27
Page 7 of 19

This is a key aspect of the decision as the court effectively concluded that those seeking
global takedown orders do not need to canvass the laws in other countries to (p. 717)
viding search results nor that it involves a significant inconvenience:
I have trouble seeing how this interferes with what Google refers to as its content neutral
character. The injunction does not require Google to monitor content on the Internet, nor
is it a finding of any sort of liability against Google for facilitating access to the impugned
sion issues, this is far outweighed by the need to prevent the irreparable harm that would
cur any significant expense, in de-indexing the Datalink websites. It acknowledges, fairly,
that it can, and often does, exactly what is being asked of it in this case, that is, alter
search results. It does so to avoid generating links to child pornography and websites
Millennium Copyright Act, Pub. L. No. 105-304, 112 Stat. 2680 (1998) to de-index content
from its search results that allegedly infringes copyright, and removes websites that are
subject to court orders.28
ing search results, which is indeed trivial. The real inconvenience comes from conflict of
laws and the potential for global takedown orders coming from across the planet, thereby
opening the door to other countries choosing what Canadians might be able to find in
This last paragraph noted that Google already removes links to certain content such as
fect of court decisions and regulations that individually may seem reasonable but which
port for internet injunctions with global effect as a justification for its own order. The net
result is the expectation of all countries and courts that they may issue global takedown
orders regardless of the impact on internet users outside the jurisdiction or on internet
intermediaries.
The dissent rested largely on three issues: the notion that the injunction was effectively
permanent, its limited effectiveness, and the availability of alternatives. On the term of
the injunction:
Page 8 of 19

ustek to proceed with the underlying action. The effects of the Google Order (p. 718) are
final in nature. Respectfully, the pending litigation assumed by our colleague Abella J. is a
ustek more relief than it sought.29
On effectiveness, the dissent stated:
The most that can be said is that the Google Order might reduce the harm to Equustek
websites can be found using other search engines, links from other sites, bookmarks,
websites are open for business on the Internet whether Google searches list them or not.
In our view, this lack of effectiveness suggests restraint in granting the Google Order.30
Finally, on alternatives:
In our view, Equustek has an alternative remedy in law. Datalink has assets in France.
Equustek sought a world-wide Mareva injunction to freeze those assets, but the Court of
fore the Court is that French courts will assume jurisdiction and entertain an application
ustek could also pursue injunctive relief against the ISPs, as was done in Cartier, in order
ceedings in France or in any other jurisdiction with a link to the illegal websites.31
5. After Equustek
down Orders From National Courts
The Equustek decision was greeted with elation from rightholders such as the music and
date the removal of search results on a global basis.32 Yet despite claims that the (p. 719)
Supreme Court expressly rejected any monitoring requirement or attribution of liability

based merely on facilitating access to unlawful or infringing content.
The decision may have stopped short of creating a new liability framework, but it did
open the door to three internet-related legal risks. First, much like the Yahoo France case
years before, it invited protracted litigation with the possibility of competing court orders
from different jurisdictions. Secondly, it facilitated an expanded national approach to
Page 9 of 19

global issues with the likelihood of Canadian courts relying on the Equustek decision to
may have inadvertently vested increased power in the hands of internet intermediaries,
who could use the legal uncertainty and conflict to self-select which laws would govern
their activities.
5.1 Conflicting Court Orders
In the aftermath of the Canadian Supreme Court decision, Google filed suit in a US court
seeking to block its application there. The Supreme Court decision noted that it was open
to Google to raise potential conflict of laws with the BC court in the hopes of varying the
order:
If Google has evidence that complying with such an injunction would require it to violate
ingly.33
Yet despite the invitation to Google to adduce evidence of legal conflict, the cross-border
ed other courts to issue conflicting decisions without guidance on how to best resolve the
issue.
34
35 (p. 720)
termediaries through the Communications Decency Act (CDA). The court ruled that the
ings of third parties, would be lost as a result of the Canadian court order.36
Armed with the US court order, Google returned to the BC courts, seeking a ruling that
search results from its global index, however, concluding that the US ruling did not
demonstrate that the removal would result in a violation of US law.37
guished between an order inconsistent with the safe harbour protections and a violation
Page 10 of 19

junction requires
The effect of the U.S. order is that no action can be taken against Google to enforce the
tegrity of its own process through orders directed to parties over whom it has personal
jurisdiction.38
The court addressed several other Google arguments that may resurface during the full
deed, as of February 2019, it was still possible that Google could appeal the latest ruling
or await the trial for a full airing of its arguments as part of the ongoing litigation that
was supposedly addressed with finality by the Supreme Court of Canada in June 2017.
5.2 Expanding Equustek
As the Equustek decision worked its way through the Canadian courts, the case began to
influence other decisions. For example, AT v Globe24h.com involved the application of
39
Globe24h.com was a
sonal, financial, and medical information about parties which appeared in decisions easily
accessible via popular search engines.
The same court and tribunal records were also available on Canadian legal websites such
as the Canadian Legal Information Institute (CanLII).40 In fact, it is believed that
Globe24h.com downloaded the records from CanLII. However, unlike CanLII,
Globe24h.com permitted the records to be indexed by third party search engines such as
Google. Since records on Globe24h.com were indexed by search engines, those (p. 721)
containing personal information such as names would generally appear in relevant search
results. When affected individuals discovered the records, many asked Globe24h.com to
remove personal information from its website.
For example, The Globe and Mail
proceeding. Ms Fishman, who lives in Toronto, was embarrassed to learn details of what
41
that an Alberta Labour Board decision concerning his case had been republished through
Globe24h.com.42 The Federal Court ordered Globe24h.com to remove Canadian decisions
containing personal information from its website, take steps to remove decisions from
search engines caches, to refrain from further republishing of such decisions, and pay the
applicant $5,000 in damages and $300 in costs.43
Page 11 of 19

The court was aware that the ruling would have the effect of applying Canadian privacy
law to a foreign-based website, yet relied on Equustek
titled to issue the order:
As noted by the British Columbia Court of Appeal in Equustek, above, at paragraph 85,
Further, in the context of Internet abuses, courts of many other jurisdictions have found
orders that have international effects to be necessary.44
The importance of effective orders was similarly echoed in

tario et al. v Essilor Group Canada Inc., a 2018 Ontario lower court decision.45 The case
scheme should be applied to a company without a physical presence within the province
but which sold products to consumers. The court cited Equustek
was that the order be effective in Canada. Given the nature of the internet this could only
46
The Ontario Court of
ustek decision on the grounds that it addressed in personam jurisdiction, not a regulatory
scheme.47a
The expansion of the Equustek

ters. For example, the Quebec Financial Markets Administrative Tribunal was faced with
rizations in the province by virtue of the existence of corporate websites and a (p. 722)
47
presence on social media giant Facebook.
tween the Equustek case and its administrative hearing, but concluded:
The action in Equustek Solutions Inc. differs from this action in that it emanated from a
der. Nevertheless, the Tribunal is of the view that it may be appropriate to draw on the
principles developed in that judgment when an order against an added party that is a
trary to the Act.
In this case concerning the Facebook accounts of PlexCoin and PlexCorps, the order with
respect to Facebook is, in this instance, the only way to stop this solicitation of investors
net, such an order constitutes an effective remedy to stop a contravention of legislation
vention of the Act. In view of the above, the Tribunal is of the opinion that the power set
tion to ensure compliance with the Act enables it to order Facebook Canada to shut down
the accounts of PlexCoin and PlexCorps.48
Page 12 of 19

British Columbia (Attorney General) v Brecknell49 provides an illustration of the Equustek
analysis permeating into criminal law. A BC court was faced with the question of whether
it could compel a non-resident internet company with only a virtual presence to produce
documents to law enforcement in a criminal matter. Craigslist, a popular online classified
duction requests sent by email, but without a physical presence, no valid service could be
established.
The Attorney General of BC cited the Equustek case for the proposition that Canadian
in personam jurisdiction over Craigslist because, by conducting business in
request, distinguishing Equustek on the grounds that unlike Craigslist, Google had a
physical presence in Canada, and:
the remedy sought in Equustek, an injunction, was to prohibit Google from delivering
plaintiff and the defendant relates to the alleged violation of trade secrets and intellectual
plication: Equustek at paras. 40 and 41. In the case of Craigslist, however, what the AGBC
[Attorney General of British Columbia] seeks to do is (p. 723) obtain documents from a
third party record holder where the custodian of the records is outside the country.
While it is true that production orders may well gather records from outside the country,
the legislative history of the provision indicates there needs to be a custodial or record-
keeping presence within our own borders. While Craigslist does business in BC and, by
virtue of the decision in Equustek, has a real and substantial connection to the province
der for evidence gathering to be served and implemented in a foreign country. In my view,
a Criminal Code production order cannot be issued from a Canadian court against
Craigslist, an American company with only a virtual presence in B.C.50
Equustek
ternet.51 Indeed, the court warned:
in the Internet era it is formalistic and artificial to draw a distinction between physical
and virtual presence. Corporate persons, as I have noted, can exist in more than one
rate person in the jurisdiction has a physical or only a virtual presence. To draw on and
Page 13 of 19

fence were facilitated by relying on the services Craigslist provides virtually.52
With respect to the challenges of enforcing a global order, the court took comfort from
Equustek
cretion. Those difficulties do not, however, deprive the court of jurisdiction to make the
53
gal barrier.
The need to consider the implications of a global order was addressed by the BC Court of
Appeal in Nazerali v Mitchell.54 Mitchell published a book where sixteen of the twenty-
one chapters referenced Nazerali, who claimed the material was defamatory. Both Google
and domain name registrar GoDaddy.com were also named as defendants in the case. A
trial court awarded over $1.2 million in damages and special costs. Mitchell appealed the
trial decision on numerous grounds, including the granting of a (p. 724)
While the initial decision predated the Equustek

sion to establish new limits on the injunction:
The decision in the present case was issued prior to Google Inc. v Equustek Solutions Inc.
which upheld an interlocutory injunction requiring Google to de-index all of the
Supreme Court of British Columbia had in personam jurisdiction over Google and could
make an order with extraterritorial effect.
junction could require it to violate the laws of another jurisdiction, including interfering
with freedom of expression. The majority dealt with this argument by pointing out that
Google was at liberty to apply to vary the interlocutory order.
pressly given.55
The case points to the notable limitation in the Equustek ruling, namely the necessity to
ing laws.
Page 14 of 19

5.3 Expanding Intermediary Power
The Supreme Court was influenced by the perceived imbalance of power in the Equustek
ance was persuasive in shifting the onus onto Google to identify potential legal conflicts,
it also entrenched the company (and others like it such as Facebook or Twitter) as the
party responsible for sorting through legal and compliance conflicts and determining how
to effectively address the potential for conflict of laws.
tions at the feet of internet intermediaries carries considerable risk. In the context of
competing court orders, it raised the possibility of ceding decision-making on whether to
abide by the law to private interests, effectively leaving it to Google to decide whether to
der while simultaneously working to marshal evidence that it conflicted with US law, it
has been less open to complying with other foreign laws or (p. 725) rulings that are more
obviously at odds with US constitutional free speech norms.56 Since local content laws
panies such as Google selectively deciding which rules they wish to follow.
The issue of empowering intermediaries can quickly expand to other areas where courts
or regulators are content to vest responsibility for addressing conflicts or enforcement to
aries to more proactively moderate content on their sites. While the Equustek decision
search, and personnel costs that will be out of the reach of smaller companies. At a time
lions of posts or videos would reaffirm their power, rendering it virtually impossible for
upstart players to compete.
dication over to private entities.
Leaving it to search engines, rather than the courts, to determine what is harmful and
ens our system of due process. Similarly, requiring hosting providers to identify instances
al risks to freedom of expression. The Equustek case fell short of this requirement, yet by
embracing global takedowns without fully grappling with the implications of conflicts and
Page 15 of 19

um.
6. Conclusions
Yet the danger of extraterritorial application of court decisions such as those involving
nies in the unenviable position of choosing the laws and court orders they wish to follow.
Moreover, if courts or companies openly disregard foreign court orders, legal (p. 726)
tainty in the online environment is undermined, fostering cross-border litigation and an
expansive approach to applying domestic laws on a global basis.
Years of litigation starting with the Yahoo France

swers. The Equustek case is a landmark ruling that held the potential to establish the
foundation for global standards on internet jurisdiction and the responsibility of internet
tracted global litigation, expansive assertions of jurisdiction, and further empowering

large internet intermediaries.
spect for the applicability of the law on the internet by ensuring that national sovereignty
is respected. Courts should only issue orders with substantial extraterritorial effect where
it is clear that the underlying right and remedy are also available in affected foreign
tions are likely to enhance the perception of the internet as a wild west where disregard
for the law is common.
For that reason, where there is uncertainty about the legal rights in other jurisdictions,
courts should exercise restraint, recognizing that less may be more. Indeed, respect for
the law online may depend as much on when not to apply it as do efforts to extend the
reach of courts and court orders to a global internet community.
Notes:
(*
search assistance and to the Canada Research Chair programme and Social Sciences and
sions are the sole responsibility of the author.
(1 Libération, 24 July
2000).
(2
Page 16 of 19

(3
Washington Post, 29 June 2017).
(4) [2015] BCCA 265 (Can.) (hereafter Equustek 2015).
(5
the sale of goods: Lessons for the internet from OECD and CISG and sacking Google as
(6
of L., Computers & Tech. 31.
(7) Noulhat (n. 1).
(8) See Tribunal de grande instance [High Court] (TGI) Paris LICRA & UEJF v Yahoo! Inc.
[22 May 2000] (Fr.).
(9) See TGI Paris LICRA & UEJF v Yahoo! Inc. [20 November 2000] Ordonnance Référé
(Fr.); Expert Report <http://lthoumyre.chez.com/txt/jurisfr/cti/tgiparis20001106-
rp.htm#texte>.
(10)
, 433 F.3d 1199 (9th Cir. 2006) (US).
(11) See e.g. Bangoura v Washington Post [2005] OJ No. 3849 (Can.).
(12) Equustek Solutions Inc. v Google (n. 4).
(13) See e.g. Gutnick v Dow Jones & Co. [2002] HCA 56, [2002] ALJR 255 (Can.).
(14) Equustek Solutions Inc. v Google [2014] BCSC 1063, [144] (Can.).
(15) ibid. [159].
(16) Equustek 2015 (n. 4) [88].
(17) ibid. [96].
(18) ibid. [107] (emphasis added).
(19
Stanford CIS Blog, 28 June 2017) <http://cyberlaw.stanford.edu/blog/
2017/06/ominous-canadian-court-orders-google-remove-search-results-globally >.
(20) Wikimedia Foundation, Factum of the Intervener in Equustek Solutions Inc v Google
[2017] SCC 34.
(21) Electronic Frontier Foundation, Factum of the Intervener in Equustek Solutions Inc v
Google [2017] SCC 34.
Page 17 of 19

(22) International Federation of Film Producers Association & OpenMedia Engagement
Network, Factums of the Interveners in Equustek Solutions Inc v Google [2017] SCC 34.
(23 Equustek
Solutions Inc v Google
castview-webdiffusionvue-eng.aspx?
cas=36602&id=2016/2016-12-06-36602&date=2016-12-06&fp=n&audio=n>.
(24) Equustek Solutions Inc. v Google [2017] SCC 34 (Can.) (hereafter Equustek 2017).
(25) ibid. [1].
(26) ibid. [41].
(27) ibid. [47].
(28) ibid. [50].
(29) ibid. [63].
(30) ibid. [79].
(31) ibid. [81].
(32
Music
Canada, 28 June 2017) <https://musiccanada.com/news/music-canada-applauds-supreme-
dex-illegal-sites-worldwide/>.
(33) Equustek 2017 (n. 24) [46].
(34) Google LLC v Equustek Solutions Inc. et al., WL 5000834 (ND Cal. 2017), 12 (US).
(35) ibid. 2.
(36) ibid. 13.
(37) Equustek Solutions Inc. v Jack [2018] BCSC 610 (Can.).
(38) ibid. [22].
(39) AT v Globe24h.com [2017] FC 114 (Can.).
(40) Canadian Legal Information Institute <https://www.canlii.org/en/>.
(41
The Globe and Mail, 4 January 2015) <https://www.theglobeandmail.com/report-on-
es-court-case-details/article22284367/>.
Page 18 of 19

(42) See AT (n. 39) [19].
(43) ibid.
(44) ibid. [84].
(45) [2018] ONSC 206 (Can.).
(46) ibid. [87].
(47a) [2019] ONCA 265 (Can.).
(47) See Autorité des marchés financiers v PlexCorps [2017] QCTMF 88 (Can.).
(48) ibid. [173], [175], [176], [177].
(49) [2018] BCCA 5 (Can.).
(50) ibid. [42].
(51) ibid.
(52) ibid. [40].
(53) ibid. [52].
(54) [2018] BCCA 104 (Can.).
(55) ibid. [106], [107], [108].
(56
The Guardian, 22 October 2016) <https://www.theguardian.com/world/2016/oct/
24/thai-junta-google-youtube-remove-royal-insults-lese-majest->.
Michael Geist
Michael Geist is a Professor of Law at the University of Ottawa where he holds the
Canada Research Chair in Internet and E-commerce Law and is a member of the
Centre for Law, Technology and Society. Email: mgeist@pobox.com.
Page 19 of 19

Internet Jurisdiction and Intermediary Liability

Dan Jerker B. Svantesson
This chapter seeks to set the scene and make some proposals for how we may make
progress in the field of internet jurisdiction. For this purpose, the chapter will focus on
three examples where the matter of internet jurisdiction is a major concern for internet
sions regarding jurisdiction and applicable law. The second example relates to situations
questing law enforcement agency and the internet intermediary are based in different
Microsoft Warrant
give rise to such issues where the requested data is stored outside the country in which
quired to remove, block, take down, delist, de-index, or de-reference content.
*
AS the preceding chapters have made clear, internet intermediaries are crucial for how
most people use the internet. We use them, for example, to search for content, keep in
contact with friends and work colleagues, for buying and selling products, and for finding
cess. Thus, given that the claims of liability imposed on internet intermediaries steer how
they act, internet intermediary liability is a topic that affects us all directly or indirectly.
ary liability are complex and vary from country to country. This takes us to what may be
described as the most important, and perhaps most urgent, underlying issue facing the
(p. 692)
torial thinking.
Page 1 of 20

1
In Chapter 37
dresses extraterritoriality and online conflicts with particular emphasis on the Google
Canada case (Equustek). And in Chapter 38
ternet: From Legal Arms Race to Transnational Cooperation, Bertrand de La Chapelle
eration when it comes to jurisdiction on the internet.
In this chapter, I will seek to set the scene for those discussions and make some proposals
aries.
diction and applicable law. As will be illustrated, this is a matter that, due to the strong
public policy considerations that may be involved, goes well beyond traditional contract
law.
The second example relates to situations in which law enforcement agencies seek access
well-known Microsoft Warrant
termediary are based.
tent. In this last context, I will, to a great extent, draw upon a case that, at the time of
writing, is before the Court of Justice of the European Union (CJEU).
However, first, it is appropriate to make some background observations about what is at

stake, and how it is we now find ourselves in the situation we are in.
1. Internet Intermediaries and Jurisdiction

Debates about the role of, and possible protection for, internet intermediaries are often
characterized by clashing extremist points of view. On the one side we find the free
(p. 693)
promising and all-embracing free speech regime, where any restrictions imposed by an
internet intermediary on what is uploaded by internet users is seen as a gross violation.
Such extreme views must be seen in the light of how US notions of free speech were the
net is no longer a US resource it shares with the rest of the world; rather the internet is a
Page 2 of 20

Further, an absolute, or near absolute, right to free speech online will clearly clash with
the reasonable, indeed necessary, goals of addressing, for example, online bullying and
don the ideal of absolute free speech, internet intermediaries are faced with the difficult,
diaries become the censors and gatekeepers of speech. This is a role for which internet
ety should assign such a crucial role to private entities with the types of agenda normally
held by private entities. Adding to the concern, the legal rules internet intermediaries are
asked to apply in making such decisions are not always clear.
Turning to the other side of the coin, it is clear that just as the views of the free speech
extremist may be hard to accept, so are the extremist views in the legal compliance camp.
The problem is this: while most people would expect internet intermediaries to abide by
aries to abide by all laws of all other countries in the world. In the end, such compliance
strictive laws from all the countries in the world. Such a race to the bottom is doubtless
ing with all the laws around the world that claim to apply to its conduct. Elsewhere I have
forms were predominantly concerned with ensuring that such actors were provided with
sufficient protection to achieve their potential and blossom, there are now clear signs of a
tions and consumer protection can be seen in the Australian Competition & Consumer
Commission (ACCC) inquiry specifically into digital platforms.3
(p. 694)
rective, which imposes greater responsibilities on certain digital platforms to stop users
from posting copyright content.5
hance platform responsibility.6
Page 3 of 20

There can be no doubt that consumers need to be given appropriate safeguards in their
dealings with the internet giants which are often based overseas. Equally, it is obvious
that we must ensure fair competition in the media and advertising services markets, and
we must clearly protect our democracies from manipulation. At the same time, we would
do well to remember that digital platforms exist because we see reasons to use them. The
mary means of communication and, realistically, who would want to go back to a pre-
search engine internet? Thus, great care must be taken to ensure that any reform helps
worse.
At any rate, in determining how to approach the liability of internet intermediaries, we

must take care to avoid stepping into the quagmire of analogies. While it is true that
newspapers, as well as radio and TV broadcasters, have for a long time acted in the role
ary is so fundamentally different that we cannot, and should not, draw a comparison with
such media outlets. No previous intermediaries in the history of mankind have been faced
with the scale of global user-generated content with which internet intermediaries are
ternet intermediaries must be approached with fresh eyes, free from the contamination of
preconceived notions based on comparisons with the roles of other intermediaries.
2. Terms of Service, Jurisdiction, and

(p. 695)
Choice of Law
vate international law and internet intermediaries arise in the contexts of so-called
clauses are commonly incorporated into the terms of service that internet intermediaries
impose on their users.
However, studies have repeatedly highlighted that consumers very rarely read the terms
Page 4 of 20

ed States,8
disclaimer on a website does not necessarily bind visitors to the terms and conditions
stated in the disclaimer,9
exemplified in Caspi v Microsoft Network LLC.10
tract stated that the agreement was governed by the laws of the State of Washington and
Furthermore, it observed that the online computer service industry is not one without
competition and that consumers therefore have choices as to which service they select. It
also noted that:
ed in an inequality of bargaining power that was unfairly exploited by the more powerful
party.11
(p. 696)
travened public policy and whether the enforcement of the choice of forum clause would
not received adequate notice of the forum selection clause. In doing so, it noted that
there was nothing extraordinary about the size or placement of the forum selection clause
text; thus, to conclude that the plaintiffs were not bound by the choice of forum clause
would be equivalent to holding that they were bound by no other clause either, since all
provisions were identically presented.
However, the legality of such terms has now been called into question via a judgment by
the Supreme Court of Canada and a judgment by the CJEU reflecting the thinking of the
Opinion issued on 2 June 2016 by Advocate General Saugmandsgaard Øe in the same
matter.
In the June 2017 decision by the Supreme Court of Canada in Douez v Facebook Inc.,12
fornia court, unenforceable.
unfair under EU consumer law.13 Advocate General Saugmandsgaard Øe essentially broke
catered for under the Rome I Regulation.14 Thus, the clause could not be seen to unfairly
exclude the consumer from exercising that option. However, the clause Amazon EU used
Page 5 of 20

could mislead consumers into believing that they did not have the right they did in fact
der relevant EU consumer law. This reasoning was also adopted by the Court.15
as the EU is concerned, some clarity will be gained from a pending case as to the status
of agreements by way of a pre-ticked checkbox which the user must unselect to refuse his
consent.16
(p. 697) 3. Access to Evidence and Jurisdiction

Effective law enforcement carried out in accordance with fundamental rights is a state
obligation originating in both public international law and in the relationship between
states and their citizens. In other words, it is an undisputable obligation that goes to the
core of statehood, and failure to meet this obligation should be combated via a pincer
movement involving both public international law and domestic law.
The ubiquitous use by criminal actors of electronic communications and storage services
offered by internet intermediaries offers various challenges for criminal investigations.
sociates themselves. Rather, the evidence resides with cloud providers, oftentimes on
servers outside the territory of the investigating law enforcement authorities (LEAs). The
ily disclose non-content data to foreign LEAs on a direct request, without the intervention
of authorities.
Internet intermediaries with storage facilities in multiple countries may themselves not
be able to establish the geographical location of the requested data at any given time,
creating uncertainty about the applicable jurisdiction (and with it the lawful application
of investigative powers) and possible conflicts of, for example, data privacy legislation.
vide different (subsets of) data in seemingly similar situations, making the process, as a
whole, at times diffuse and unpredictable for requesting LEAs.
Microsoft Warrant case in 2018.17

Page 6 of 20

In December 2013, the US government served a search warrant on Microsoft under the
Electronic Communications Privacy Act of 1986. The warrant authorized the search and
seizure of information associated with a specified web-based email account stored at
Microsoft opposed the warrant since the relevant emails were located exclusively on
servers in Dublin, Ireland. A key question in the matter was whether the United States
would be engaging in extraterritorial law enforcement in Ireland where that data sat,
(p. 698) even though all actions taken to retrieve that data would have been taken from
tween the United States, on the one hand, and Ireland/the European Union on the other
hand. And, as Ryngaert discusses in some detail, such trans-Atlantic disputes have some
history in the setting of orders for discovery abroad.18
The case reached the Supreme Court of the United States and was heard on 27 February
2018. However, it was overtaken by legislative development in the form of the CLOUD
Act. However, the Microsoft Warrant case, and the discussions involved in that matter are
posed to law enforcement requests for user data.
sible.
bates. Microsoft argued that the issue of extraterritoriality obviously did arise, and the
US government claimed that it equally obviously did not. The difference in perspective is
apparent throughout but is particularly well illustrated in this quote from the
ment personnel on foreign territory, which is the concern of that section.19
Given issues such as this in anchoring the law in territoriality-thinking, it is not surprising
that modern regimes for law enforcement access to evidence held by intermediaries do
not focus on the location of the data;20
is now well beyond intelligent dispute.
Page 7 of 20

(p. 699)
tant that something else takes its place as the jurisprudential core of jurisdictional claims.
At least in the context of law enforcement access to digital evidence, there are signs of an
emerging consensus to focus on whether the state claiming jurisdiction has a legitimate
interest and a substantial connection to the matter at hand, combined with an assessment
risdiction.21
tive expression, I have since 2015 argued for the following principles:
In the absence of an obligation under international law to exercise jurisdiction, a state

may only exercise jurisdiction where:
(1)
ercise jurisdiction;
(2) the state seeking to exercise jurisdiction has a legitimate interest in the matter;
and
(3)
legitimate interests and other interests.22
ters traditionally classed as falling within private international law (or conflict of laws).
4. Scope of Jurisdiction of Content Blocking

When private international law lawyers speak of jurisdiction, focus is typically placed on
so-called personal jurisdiction (jurisdiction in personam) and subject matter jurisdiction.
(p. 700)
spect of which the courts may adjudicate matters.
Viewing personal jurisdiction and subject matter jurisdiction as the first two dimensions
Scope of jurisdiction relates to the appropriate geographical scope of orders rendered by

a court that has personal jurisdiction and subject matter jurisdiction.23 This question has
ingly important and therefore deserving of detailed attention.
Page 8 of 20

The most famous decided case dealing with the scope of jurisdiction is the long-running
able degree of international attention and the background to the dispute is generally well
eral court orders, sell the intellectual property of another company (Equustek Solutions
Inc.) via those websites. On 28 June 2017, the Supreme Court of Canada handed down its
judgment with the majority concluding that:
ustek pending the resolution of the underlying litigation, the only way, in fact, to preserve
vailing harm to Google is minimal to non- existent, the interlocutory injunction should be
upheld.24
This conclusion was reached via a belaboured journey through the quagmire of both legal
and technical misunderstandings and half-truths. Most of those misunderstandings and
half-truths are highlighted with commendable clarity in the dissenting judgment by Côté
and Rowe JJ.
tively attractive, but highly dangerous, path of global orders. US courts do so routinely
sions. One explicit example of this can be found in the factually complex Garcia case in
which an actress cast in a minor role in a film sought to prevent the publication, on
cure the content removal on other grounds, the actress sought and was initially granted
takedown based on her alleged intellectual property rights in her performance.25
cision was later overturned on copyright-related grounds.
(p. 701) An even more recent example is found in Hassel v Bird in its decision of July 2018,
by ensuring that platforms can continue to rely on the protection afforded under section
230 of the Communications Decency Act.26
fornia, nor the Court of Appeals, saw reason to confront the international implications
even though the injunctive relief sought was for the removal of every defamatory review
published by the defendant about plaintiffs from Yelp.com and from anywhere else they
appeared on the internet.27
On the other side of the planet, Australia had initially adopted a sensibly cautious attitude
towards scope of jurisdiction issues relating to the internet. In a case from 1999, Simpson
J observed that:
Page 9 of 20

[a]n injunction to restrain defamation in NSW [New South Wales] is designed to ensure
compliance with the laws of NSW, and to protect the rights of plaintiffs, as those rights
are defined by the law of NSW. Such an injunction is not designed to superimpose the law
of NSW relating to defamation on every other state, territory and country of the world.
Yet that would be the effect of an order restraining publication on the Internet.28
nate judgment in X v Twitter Inc.29

ed an order requiring Twitter to remove content anywhere in the world posted by one of
its users. In fact, the order went as far as to require Twitter (a foreign defendant) to block
by the unidentified (potentially foreign) person responsible for the postings at issue in the
dispute.
tion sought to compel or restrain the performance of certain conduct by the defendants
30
Given that the action was
initiated in Australia, it is perhaps likely that the plaintiff was based, or at least active, in
sible for any party anywhere in the (p. 702) world to bring an action in Australia, against
any company in the world, seeking global blocking of internet content.
For our purposes, it is also interesting to note that Pembroke J used his judgment to send
a message to the tech industry more generally in gratuitously noting that the applicable
online service or social networking web site that could be used to facilitate the posting of
31
And given that
up to defend the action, it is significant that Pembroke J emphasized that Twitter was still
32
net intermediaries.
It may be worth noting in passing that while there is an extensive international academic
ustek
sions from other parts of the world, such as Hassell v Bird and X v Twitter
Page 10 of 20

In an Opinion of 10 January 2019, Advocate General Szpunar expressed great scepticism

regarding global de-referencing orders:
cause it takes into account only one side of the coin, namely the protection of a private
33
in mid-2018 in relation to this case,34
ingly widespread view that the pursuit of the policies behind the substantive law (the
vate and public international law.
This is an extremely dangerous development, and I use both this and other publications to
ing towards securing a peaceful coexistence. If all we wanted was to secure the greatest
possible reach of our substantive laws, we would hardly need any sophisticated (p. 703)
private international law rules. We would merely proclaim that our laws always apply,
that our courts always can claim jurisdiction, and that our court orders must be enforced
this is clearly not what we want.
clusion can be traced to the 2014 decision by the CJEU in the Google Spain case in which
35
In essence, that
case arose based on a complaint made by a Spanish man about the search results that
rect, and unfortunate, consequence of this, there is considerable controversy about how
ber States have taken radically different approaches to this matter. In a media release of
that:
CNIL considers that in order to be effective, delisting must be carried out on all
extensions of the search engine and that the service provided by Google search
constitutes a single processing. In this context, the President of the CNIL has put
Google on notice to proceed, within a period of fifteen (15) days, to the requested
Page 11 of 20

gine.36
This sparked a legal battle that reached the French courts and a referral was made to the
CJEU. The questions referred may, a bit simplified, be summarized in the following: must
a search engine operator deploy the de-referencing to all of the domain names used by its
search engine? If not, must a search engine operator only remove the links on the domain
name corresponding to the state in which the request is deemed to have been made or on
address deemed to be located in the state of residence of the person benefiting from the
ed in one of the Member States?
equate, and I would rather be inclined to a different moulding of the relevant issues. In
my view, we can get out of the quagmire and regain firm ground only if we realize that
this is not an area that lends itself to such simplistic binary questions. Rather, what we
(p. 704)
a matter of degree.
eral concluded that:
point (a) of the first paragraph of Article 14 of Directive 95/46 must be interpreted as
meaning that the operator of a search engine is not required, when granting a request for
gine in such a way that the links at issue no longer appear, regardless of the place from
37
To this he added that:
Once a right to de-referencing is established, it is thus for the operator of a search engine
to take all steps available to him to ensure effective and complete de-referencing. That
operator must take all the steps which are technically possible. So far as the case before
38
Interestingly, and sensibly, the Advocate General does not rule out the possibility that in
tions at the worldwide level.39 This is similar to a nuanced approach advocated for by the
Swedish data protection authority in a parallel case that was before the Swedish courts,40
and in line with a proposed framework for scope of jurisdiction in de-referencing cases I
first advanced in 2015.41
Page 12 of 20

On 24 September 2019, the CJEU ruled that:
sions of its search engine, but on the versions of that search engine corresponding to all
quirements, effectively prevent or, at the very least, seriously discourage an internet user
conducting a search from one of the Member States on (p. 705) the basis of a data
to the links which are the subject of that request.42
Importantly, the CJEU emphasized the importance of the fact that:
43
sidered in relation to its function in society and be balanced against other fundamental
44
one hand, and the freedom of information of internet users, on the other, is likely to
45
to date, struck such a balance as regards the scope of a de-referencing outside the
46
States and that it would have intended to impose on an operator which, like Google,
falls within the scope of that directive or that regulation a de-referencing obligation
which also concerns the national versions of its search engine that do not correspond
47
visaged by Advocate General Szpunar and the Swedish DPA (as referred to earlier):
her, on the one hand, and the right to freedom of information, (p. 706) on the other, and,
after weighing those rights against each other, to order, where appropriate, the operator
of that search engine to carry out a de-referencing concerning all versions of that search
engine.48
Page 13 of 20

The implications of the outcome, as well as the reasoning that led to the outcome, are
was arguably muddled by its decision in Case C-18/18.
There, an Austrian politician sought to have content, argued to be defamatory, removed,

and future content blocked, by Facebook Ireland Ltd with worldwide effect.
of a Member State from ordering a host provider (such as a social media site) to remove
cept in the setting of pre-emptive content blocking) to the content of information which
was previously declared to be unlawful.
The freedom of expression implications are far-reaching and scholars such as Daphne
Keller have discussed them in detail.49
tion aspect of the case; a topic on which the CJEU had surprisingly little to say. Indeed, all
the CJEU did in this regard was to:
50
(1) does not preclude a court of a
injunction or to block access to that information worldwide within the framework of

51
and
(2)
52
53
However,
(p. 707) it may be somewhat rash to exclude the need for a deeper examination of the
judgment based on such assertions. In fact, the more interesting aspect here is what the
CJEU did not say.
54
and
55
These, and similar,
headlines will not merely shape public opinion about the decision around the world, they
stand to influence the behaviour of courts around the world and shape the law on scope
of jurisdiction.
C-18/18 in granting an order requiring Facebook, Twitter, and Google to remove certain
content globally based on that content being defamatory under local law in India.56 This
surely disposes of any notions suggesting that the case is of intra-EU interest only.
Page 14 of 20

5. Concluding Remarks
sues of direct relevance for the topic of internet intermediary liability. I have noted how
that internet intermediaries blossomed as a driving force of digitalization seems to be

over, and that there is a hardening regulatory attitude towards internet intermediaries.
As far as jurisdictional issues are concerned, this trend takes the form of more aggressive
forms exist because we see reasons to use them, and we must take care not to undermine
the values they bring. This is clearly a matter of striking the right balance.
I have also shown that there are developments indicative of a trend against upholding the
choice of forum, and choice of law, clauses internet intermediaries impose on their users,
quest internet intermediaries to hand over user data. In this latter context, the point was
made that considerable progress has been made, not least due to the current move away
from a strict territoriality focus.
(p. 708)
scope of jurisdiction. To see why that is so, we need only consider what is at stake in the
debates on that topic. Imagine an internet where you cannot access any content unless it
complies with every law of all the countries in the world. In this scenario, you would be
ment like this is not as far-fetched as it may currently seem.
avoidable outcome if countries are successful in seeking to impose their laws globally.
Even where they happen to be unable to prosecute the person who posted the content,
they can try to force the internet intermediaries that host the content to remove or block
it.
move or block access to specific content. As also highlighted, this is troubling. After all,
what is illegal in one country may be perfectly legal in all other countries. Why should the
harshest laws determine what can be posted online? Why should duties imposed by one
tional human rights laws?
The stakes are high and the future of the internet, as we know it, hangs in the balance.
Page 15 of 20

Notes:
(*) This chapter is based on research supported by ERDF CyberSecurity, CyberCrime, and
the Critical Information Infrastructures Center of Excellence (No. CZ.
(eds), Encyclopedia of Private International Law
Privacy, Sovereign Powers and the Rule of Law (Edward Elgar 2017); Dan Svantesson and
The Conversation, 15 January 2019) <https://theconversation.com/the-

future-of-the-internet-looks-brighter-thanks-to-an-eu-court-opinion-109721>; Dan
ternet jurisdiction and Google France

Dan Svantesson, Solving the Internet Jurisdiction Puzzle (OUP 2017).
(1
(2) See Svantesson, Solving the Internet Jurisdiction Puzzle
(3) Letter from Scott Morrison to ACCC Chairman Rod Sims requiring ACCC inquiry into
digital platforms (4 December 2017) <https://www.accc.gov.au/system/files/
Ministerial%20direction.pdf>.
(4
Reuters, 26 December 2018) <
dia-ecommerce/india-tightens-e-commerce-rules-likely-to-hit-amazon-flipkart-
idUSKCN1OP14M>.
tives 96/9/EC and 2001/29/EC [2019] OJ L130/92, Art. 17.
(6
https://
www.intgovforum.org/multilingual/content/dynamic-coalition-on-platform-responsibility-
dcpr>.
( 7) < >.
Page 16 of 20

(8
search Paper no. 2309526 (2013).
(9) See Ticketmaster Corp v Tickets.com, 2000 US Dist. Lexis 4553 (CD Ca. 2000) (US).
(10) Caspi v Microsoft Network LLC, 323 N.J. Super. 118 (NJ Super. Add. Div. 1999) (US).
(11) ibid. (internal reference omitted).
(12) 2017 SCC 33 (Can.).
(13) See Council Directive 93/13/EEC of the European Parliament and of the Council of 5
April 1993 on unfair terms in consumer contracts [1993] OJ L95/29.
(14) Regulation 593/2008/EC of the European Parliament and of the Council of 17 June
2008 on the law applicable to contractual obligations (Rome I) [2008] OJ L177/6.
(15) See C-191/15 Verein für Konsumenteninformation v Amazon EU Sàrl [2016]

ECLI:EU:C:2016:612.
(16) See C-673/17

[2019] ECLI:EU:C:2019:246.
(17) United States v. Microsoft Corp., no. 17-2, 584 US __ (2018) (US).
(18) See Cedric Ryngaert, Jurisdiction in International Law
(19
crosoft Corporation (1:13-mj-02814) 21.
(20) See in particular Clarifying Lawful Overseas Use of Data Act or CLOUD Act (HR
(21) See further Svantesson, Solving the Internet Jurisdiction Puzzle
(22
risprudential-framework-jurisdiction-beyond-harvard-draft>.
(23
Page 17 of 20

(24) Google Inc. v Equustek Solutions Inc. 2017 SCC 34, para. 53 (Can.).
(25) See Cindy Lee Garcia v Google Inc. and others, 786 F.3d 733 (9th Cir. 2015) (US).
(26) 234 Cal. Rptr 3d 867 (2018). Section 230(c)(1) of the Communications Decency Act
publisher or speaker of any information provided by another information content
(27) Hassell (n. 26) 4.
(28) Macquarie Bank Lie & Anor v Berg [1999] NSWSC 526, para. 14 (Aus.).
(29) [2017] NSWSC 1300 (Aus.).
(30) ibid. para. 20.
(33) C-507/17
ECLI:EU:C:2019:15, Opinion of AG Szpunar, para. 36.
(34
ECLI:EU:C:2014:317.
(36
CNIL, 12 June 2015) <http://www.cnil.fr/english/news-and-events/news/article/
cnil-orders-google-to-apply-delisting-on-all-domain-names-of-the-search-engine/>.
(37) C-507/17, Opinion of AG Szpunar (n. 33) para. 63.
(38) ibid. para. 74 (internal reference omitted).
(40) See Datainspektionen överklagar Google-dom (30 May 2018) <https://

www.datainspektionen.se/nyheter/datainspektionen-overklagar-google-dom/>.
(41
published in Polcak and Svantesson, Information Sovereignty
(42) C-507/17 Google LLC, successor in law to Google Inc. v Commission nationale de
l'informatique et des libertés (CNIL) [2019] ECLI:EU:C:2019:772, para. 74. See also
Page 18 of 20

ever, it is limited to EU-wide application, leaves the door open to national authorities
GAVC Law, 2019) <https://gavclaw.com/2019/09/25/court-of-justice-
sees-no-objection-in-principle-to-eu-right-to-be-forgotten-leading-to-worldwide-delisting-
orders-holds-that-as-eu-law-stands-however-it-is-limited-to-eu-wide-application-leave>;
LinkedIn, 24 September 2019) <https://www.linkedin.com/pulse/court-

justice-european-union-steers-away-from-global-svantesson>.
(43) C-507/17 (n. 42), para. 59.
(48) ibid. para. 72. This nuanced approach was initially canvassed in detail in Dan
EUI Working Paper RSCAS 2015/45 (2015) <https://cadmus.eui.eu/bitstream/handle/

1814/36317/RSCAS_2015_45.pdf?sequence=1>.
(49
Glawischnig-Piesczek v Facebook Ireland Stanford Center for Internet
and Society, 4 September 2019) <https://cyberlaw.stanford.edu/files/Dolphins-in-the-Net-
AG-Analysis.pdf>.
(50) Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000
on Certain Aspects of Information Society Services, in particular electronic commerce, in
the Internal Market [2000] OJ L178.
(51) C-18/18 Eva Glawischnig-Piesczek v Facebook Ireland Ltd [2019] ECLI:EU:C:

2019:821, para. 55.
(53 Web
Page, October 2019) <https://www.twobirds.com/en/news/articles/2019/global/notice-and-
stay-down-orders-and-impact-on-online-platforms#__prclt=pzS67trR>.
(54
ABC News Web Page, 4 October 2019) <https://www.abc.net.au/news/
2019-10-04/facebook-can-be-forced-to-remove-illegal-content/11572794>.
(55
Washington Post (4 October 2019) <https://www.washingtonpost.com/technology/
2019/10/03/facebook-can-be-ordered-remove-content-worldwide-eu-says/>.
Page 19 of 20

(56) High Court of Delhi at New Delhi Swami Ramdev & Anr vs Facebook, Inc. & Ors [23
October 2019] CS (OS) 27/2019.
Dan Jerker B. Svantesson
Dan Jerker B. Svantesson is a Professor at the Faculty of Law at Bond University, a

Visiting Professor at the Faculty of Law, Masaryk University, and a Researcher at the
Swedish Law & Informatics Research Institute, Stockholm University. Email:
dasvante@bond.edu.au.
Page 20 of 20

Algorithmic Accountability: Towards Accountable Systems
tems
Ben Wagner
termediary liability and human rights. First, the chapter looks into open issues related to
the chapter considers algorithmic accountability to users, listing a number of technical,
ence to algorithmic accountability would lower liability of intermediaries and contribute

to more effectively ensuring compliance with human rights.
ALGORITHMIC accountability refers to the process in which both information systems

themselves, their developers, and the organizations behind them are held accountable for
the decisions made by those information systems.1
times reduced to a specific technical subset of that system2
of the debates about algorithmic accountability tend to focus on the role of information
systems in society.3
ty to a specific technical subsystem.
Why should algorithms be accountable at all? The main argument typically used in this
context is of algorithms as a form of power. While some authors believe that this power is
overstated,4 most tend to use the justification of the power embedded within algorithms
as a reason to justify the need for accountability.5 For example, Just and (p. 680) Latzer6
discuss how algorithms express power in a form of algorithmic governance, while Karen
7
Page 1 of 11

gorithms are an inscrutable black box,9

ed algorithmic systems without sufficient accountability.10
Beyond this general definition much is unclear about the specific nature of accountability
within the context of algorithmic accountability.11 In particular, the precise nature of the
count of algorithms:
1. Accountable to whom?
tives on to whom an algorithm should be accountable. From a user-centric perspective,

algorithms should be accountable to their users,12 and there are many scholars working
on algorithmic accountability who share this view.13
rithms should be accountable to those affected by them, suggesting that there should be
14
Beyond these two, there are scholars who
call for great accountability of algorithms towards public regulators15 or simply that their
source code should be disclosed to the general public.16
(p. 681)
mum to their users. Without this very basic level of accountability, it is impossible for
tion system is operating without any meaningful oversight at all. It is very difficult to
build any accountability into the system without at least at minimum accountability to the
countability. As such, it is important to remember that while other forms of accountability

may be necessary as well, taking the user seriously is equally important.
mation system or its vendor. While the free software movement has attempted to remedy
part of this through providing access to the source code of the system,17 it is questionable
whether this is a sufficient accountability mechanism.18 While providing access to the
derstand what the overall system is actually doing.
2. Accountability for what?
19 While bias is currently taking centre
Page 2 of 11

stand. However, it also suggests to a considerable degree that these biases are errors
within the information system and that if these biases are simply fixed then the problem
itself is resolved. A far greater challenge would be for algorithmic systems to ensure the
non-manipulation of users,20 preventing negative societal impacts,21
vant ethical frameworks,22 or even more broadly enabling and safeguarding human
(p. 682) rights frameworks and the values embedded within them.23
tion system and user to ensure that the system is systematically accountable to the user.
Veale and others note in their field study of algorithmic systems in the UK public sector24
that those developing algorithms should not be assumed to be unaware or naive in their
collaborative approach may be necessary to improve algorithms over time. While this may
be true in the public sector in some cases, it is questionable whether this insight extends
beyond the public sector. This is because the public sector in many countries like the UK
formation requests that contribute to algorithmic accountability which do not exist within
the private sector. Without such information-provision mechanisms required by law, it
seems more difficult to argue for a collaborative relationship. Given the ongoing rise in
manipulative and coercive practice in modern information system,25
atically be able to actively hold the software they use to account.
3. Challenges with Algorithmic Accountability

However, in order for users to be able to so systematically, there are numerous stumbling
blocks along the way. None of these are necessarily insurmountable challenges, but they
provide an overview of technical, organizational, and regulatory challenges in ensuring
access to data.
3.1 Access to the Algorithmic System
The first set of issues relates to getting access to the data, through which the information
system might more effectively be held to account. While this may sound like a relatively
(p. 683) simple task, it is often one of the most difficult, particularly in order to ensure
that the data is accessible in a machine-readable format. This is particularly the case with
recommender systems, which typically provide transitory quick information to users,
tempt to ensure algorithmic accountability have turned towards users entering this data
themselves,26
other more recent method has been to use data subject access requests under the EU
Page 3 of 11

viously existing data protection regulation. A wide variety of initiatives have taken this
path both before and after the GDPR came into force,27 however with a mixed degree of
success. As such, access to reliable data from information systems remains a challenge
for all types of information systems.
3.2 Verification
Aside from the considerable privacy issues related to collecting all of this data, this poses
the wider challenge of accurately assessing what an unbiased, fair, impartial, or ethical
response of an information system would look like.
3.3 Aggregation
The third set of issues relates to aggregating sufficient amounts of ground truth data.
This ground truth data then needs to be compared to the actual data presented to the
user by the system in order to ascertain accuracy. In many cases, this comparison is only
possible if a large sample of decisions are known, and any potential bias frequently refers
to different forms of personalization across large datasets.
3.4 Measuring the Effect of a System on User Behaviour
The fourth set of issues is measuring the effect that the biases have on user behaviour.
While statements about bias typically focus on the information system28 there is an
(p. 684) implicit assumption behind this that bias is not just presented to the user, but also
has an effect on user behaviour. However, the effects of systemic bias on user behaviour
is rarely studied and requires considerable additional analysis.
3.5
Using
Fifthly, another associated challenge is how users learn to adapt to the biases, quirks, and
other input they receive from the information system. There is an extensive literature on
how users adapt simply to failures of information systems,29
puter input at face value.
3.6 Improving the Quality of Technical Systems
laborative models of information system improvement as suggested by Veale and others30

Page 4 of 11

el needs to be considered the default if meaningful accountability is to be developed.31
3.7 Accountability of the Socio-Technical System
tors such as a for-profit/non-profit developer, public/private sector organization, closed

source/open source, accessibility of bug reporting, etc. could provide relevant contextual
countability beyond a specific information system to the overall organizational system
bedded.
4. What does Algorithmic Accountability

(p. 685)
mean in the context of Intermediary Liability

Online?
32
where private rather than state actors are increasingly responsible for
mediating the flow of content online.
At the same time, it can equally be argued that there are good reasons to increase the
burden of liability on online intermediaries. There are numerous widespread and well-
document problems with the way many of them design and operate their platforms, from
issues with hate speech on platforms33
able governance mechanisms,34
forms.35
Algorithmic accountability can be helpful in this context, because it serves to provide a
ing the threat of liability to ensure that platforms act more accountably and responsibly,
considering not just their own interests but also those of others as well. While this may be
er36 in a similar manner to the focus of algorithmic accountability, which attempts to do

the same.
Page 5 of 11

tal rights. Regulators have thus far shied away from using more specific (p. 686)
ring instead to simply mandate that content must be removed to avoid legal liability,
sometimes even within twenty-four hours for manifestly illegal content (German
NetzDG)37 or even within one hour in the proposed EU terrorist content Regulation.38
This intense pressure to remove content has not significantly contributed to ensuring that
thing, it creates incentives for limiting freedom of expression39 in an invasive and opaque
manner.
Thus, a proposal in which adherence to algorithmic accountability would lower liability of

intermediaries could contribute to more effectively ensuring compliance with human
terests of all relevant stakeholders. Such an approach would go beyond simply requiring
intermediaries to take down content, but also specify how they should take down content.
clude the following.
(1) Decisions of automated content takedown systems need to be transparent to the

users of the system, those affected by those decisions (typically content owners but
also other referenced within the content) and society at large.
(2) The development of external algorithmic accountability mechanisms in which
outside organizations audit and report on the functioning, effectiveness, and errors
of a specific content-takedown algorithm.
(3) An independent external body40 to which complaints can be addressed and are
independently adjudicated. In places where a functioning judicial system exists, this
should be based on the existing legal system.
41
(4) on the:
(a) exact system design and variables used in automated content-moderation
systems used and their functionality;
(b) the outputs of these systems when measured against a standardized set of
content which serves to compare different systems;
(c) the actual outputs of these systems, including an explicit list of the content
they take down and the content they allow to stay up;
(p. 687) (d) the business processes around those systems and how the business
processes interact with existing automated systems.
(5) Storing automated decisions in such an irrevocable manner to ensure that they
cannot later be tampered with and can be fully reconstructed and assessed after the
fact.
Page 6 of 11

(6) Meaningfully explaining the automated content regulatory decisions that were
hind them.
(7) Ensuring that human review of these decisions is possible, with human beings
ful legal determination.

(8) Ensuring that all involved parties are always aware whether decisions are made
tionship in this context.

(9)
possible for users to access. Instead they serve to pre-empt legislative decisions in a
human rights-friendly manner.
5. Conclusions
termediary liability regimes in a manner which provides greater support of human rights.
ary liability regimes not just on freedom of expression but human rights in general.
More broadly, there is an urgent need for ensuring the development and implementation
of more accountable systems. While ensuring algorithmic accountability can contribute to
tation of intermediary liability regimes but ensure accountability more broadly. Given the
massive accountability deficit in technical systems that has been identified by numerous
UN special rapporteurs and academics alike,42 these is clearly a (p. 688) significant deficit
here. Human rights-enabling systems cannot just be left at the protocol layer,43 they need
to be integrated across socio-technical systems and integrated within technical systems,
as well as business and institutional processes.
ing such systems which promote accountability. Thus, most companies around the world
implement a two-man rule in technical systems for important corporate decisions, such as
that a two-man rule has to be implemented systematically and failure to implement it will
be sanctioned accordingly. However, similar technical checks and limitations do not
meaningfully exist for human rights.
Page 7 of 11

ternal company audits or transfers of funds. Unless accountable systems are seen as a
core aspect of the development of technical systems, they are unlikely to be implemented
ability is a core component of this approach and can thus meaningfully contribute not just
to ensuring that intermediary liability is implemented in an effective and human rights-
ly safeguarded by technical systems as well.
Notes:
(1
(2
formation, Communication & Society 14.
(3
18th ACM Conference on Computer\ldots (2015) <http://dl.acm.org/citation.cfm?id=2,

to
https://cihr.eu/publication-the-
ethics-of-algorithms/>.
(4
Science, Tech., & Human Values 3.

ey and Information
ta Increases Inequality and Threatens Democracy
New Media & Society 1164.
(6
(7
Information, Communication & Society 118, 118.
(8
(9) Pasquale (n. 5).
(10
Page 8 of 11

(11) See Ziewitz (n. 4); Kitchin (n. 2).
(12) See Don Norman, The Design of Everyday Things: Revised and Expanded Edition
(revd, expanded edn, Basic Books 2013).
(13
(14
(15
man-rights-study-on-the-human-rights-dimension-of-aut/1680796d10>.
(16
(17) See Richard Stallman, The GNU Manifesto (1985); Julio Cesar Sampaio do Prado
Systems Engineering 127.
(18
http://arxiv.org/abs/1504.04971>.
(19) Veale, Van Kleek, and Binns (n. 14).
(20) See Sarah Spiekermann,

proach (CRC Press 2015).
(21) See Wagner (n. 15).
(22 Ind.ie, 2017) <

cal-design/>; Gry Hasselbalch and Pernille Tranberg, Data Ethics: The New Competitive
Advantage (Publishare 2016).
(23
Corinne
449.
Page 9 of 11

(25
<http://dl.acm.org/citation.cfm?doid=3173574.3174108>.
(26) See Resa Mohabbat Kar and Peter Parycek,

gorithmen Als Ordnungs-Und Steuerungsinstrumente in Der Digitalen Gesellschaft (DEU
2018).
(27
HotPETs during The 17th Privacy Enhancing Technologies Symposium (2017).
(28
(29
Success through Failure: The Paradox of
Design (Princeton U. Press 2018).
(31
<https://papers.ssrn.com/abstract=3081776>.
(32
tions and Risks (OUP 2018) 225.
(33
ProPublica, 28 June 2017)
<
ments-algorithms>.
(34
ments-dds-ny.un.org/doc/UNDOC/GEN/G18/096/72/PDF/G1809672.pdf?OpenElement>.
(35) See Wagner (n. 32).
(36
(37
setzung in sozialen Netzwerken, NetzDG) (Ger.), s. 3(2)(2).
(38
P8_TA-PROV(2019)0421, Arts 4(2) and 4b(2).
Page 10 of 11

(39
GISWatch, 2011) <
ternet-implications-foreign-policy>.
(40
Being Profiling. Cogitas ergo sum
(Amsterdam University Press 2018).
(41) Kaye (n. 34).
(42
of the Right to Freedom of Opinion and Expression to the Thirty-Second Session of the
of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of
http://www.ontla.on.ca/library/repository/mon/24005/301946.pdf>; Frank
Real Life, 2018) <http://reallifemag.com/odd-numbers/>.
(43) ten Oever and Beraldo (n. 23).
Ben Wagner
puting Lab at Vienna University of Economics and Business and a Senior Researcher
of the Centre of Internet & Human Rights (CIHR). Email: ben@benwagner.org.
Page 11 of 11

Guarding the Guardians: Content Moderation by Online Intermediaries and
the Rule of Law
Guarding the Guardians: Content Moderation by Online

Intermediaries and the Rule of Law
Niva Elkin-Koren Maayan Perel
This chapter describes three ways in which content moderation by online intermediaries
sponsibilities; it delegates the power to make social choices about content legitimacy to
opaque algorithms; and it circumvents the constitutional safeguard of the separation of
powers. The chapter further discusses the barriers to accountability in online content
eration using machine learning; barriers arising from the partialness of data and data
floods; and trade secrecy which protects the algorithmic decision-making process. Finally,
tent moderation. After describing the benefits of black box tinkering, the chapter explains
what regulatory steps should be taken to promote the adoption of this oversight strategy.
Keywords: online intermediaries, content moderation, rule of law, automated enforcement, algorithms,
parency, black box tinkering
*
ONLINE
able or disable access by removing or blocking controversial content, or by terminating
sor content amounting to hate speech, inciting materials, or copyright infringement.1
The rising pressure on online platforms to block, remove, monitor, or filter illegitimate
jectionable content, which may expose platforms to legal liability or raise a public outcry.
As a result, online intermediaries are effectively performing three roles at the same time:
they act like a legislature, in defining what constitute legitimate content (p. 670) on their
platform, like judges who determine the legitimacy of content in particular instances, and
like administrative agencies who act on these adjudications to block illegitimate content.2
Page 1 of 12

the Rule of Law
ty regimes have demonstrated that platforms often fail in weeding out legitimate content,
lawful speech.3 Yet, pervasive power must be restrained in order to ensure civil liberties
and the rule of law. Hence, we argue that even if they are not liable
tent made available by their subscribers, online intermediaries must still be held
able for content moderation.
Traditional legal rights and processes, however, are ill equipped to oversee the robust,
line intermediaries. We currently lack sufficient safeguards against over-enforcement of

protected speech as well as under-enforcement of illicit content. Allowing unchecked
power to escape traditional schemes of constitutional restraints is potentially game-
tions of trust and accountability.
This chapter describes three ways in which content moderation by online intermediaries
sponsibilities; it delegates the power to make social choices about content legitimacy to
opaque algorithms; and it circumvents the constitutional safeguard of the separation of
powers. The chapter further discusses the barriers to accountability in online content
eration using machine learning; barriers arising from the partialness of data and data
floods; and trade secrecy which protects the algorithmic decision-making process. Finally,
tent moderation. After describing the benefits of black box tinkering, the chapter explains
what regulatory steps should be taken to promote the adoption of this oversight strategy.
1. Content Moderation by Platforms and The

Rule of law
course on these platforms constitutes our public sphere, and therefore platforms can
(p. 671) (and according to some, should)4 exercise power to remove unwarranted
content.5 Public discourse is always subject to limits, to protect private interests (e.g.
rity (e.g. espionage laws protecting classified materials). The laws of different countries
raises several challenges to the rule of law: one arising from the dual role of platforms as
Page 2 of 12

the Rule of Law
mentation of content policies, and the third arising from informal collaboration with state
apparatus.
forms thrived on democratic notions of freedom and openness enabling diverse users to
speech, online intermediaries were given immunity from liability to harm caused by their
users.6
vention that may unduly censor or chill speech. At the same time, however, as numerous
line content, and by ranking, or giving priority to some content, while diverting attention
from other types of information.7 As commercial speakers, online intermediaries might be
entitled to constitutional protection of free speech, but they might also be held liable for
illegal content.8 Online intermediaries thus play a dual role: they are commercial players,
advance public welfare.9
vate companies. The fact that online intermediaries profit from facilitating online speech
of users conflates their commercial interests and their governing roles. Requiring them to
guard against those who potentially tend their garden, and adjudicate the content they
distribute, may trap intermediaries in a conflict of interests.
(p. 672)
sures to identify, filter, and block illegitimate content. Online content moderation involves
normative choices regarding the boundaries between legitimate and illegitimate content.
lish copyrightability;10
fringement;11 12
Before
algorithms can implement these qualitative doctrines they must be translated into
tled doctrines.13 Algorithms could err in identifying the content accurately, and may also
err in determining whether a particular use of content is illegal, since such determination
depends on the context.14 Such errors in algorithmic content moderation may result in
censoring legitimate content, and sometimes also in disproportionally censoring some
groups.15 Privately designed systems of content moderation are often applied ex ante, as
filtering occurs before the content ever becomes publicly available.16
cedures are scrutinized.17
Page 3 of 12

the Rule of Law
sions on unprotected speech are made by law, and are subject to judicial review. Content-
filtering systems, however, effectively blend law enforcement and adjudication powers,
reflecting a profound transformation in our traditional system of governance by law. Such
nies, and a fundamental transformation of the nature of law enforcement.
(p. 673)
cause, online platforms exercise control over the content shared by users and access to a
communication channel, and, most importantly, they hold vast amounts of personal data
on their users. This unprecedented power allows intermediaries to monitor, remove, and
prevent unwarranted content. The use of data analytics further enhances investigative
and predictive capacities, enabling platforms to predict the illicit use of content and take
fringement in live video streams.18
aries in cybersecurity, surveillance, censorship, and general law enforcement tasks.19

This is becoming a powerful tool for governments seeking to block content under the
radar of the judiciary. According to the Google Transparency Report, for instance, Russia
has come out on top of a ranking of government requests to have online content removed
or blocked.20
21
fined by law.22 While law enforcement agencies are authorized to operate under the rule
of law within constitutional restraints, private bodies are not subject to any constitutional
damental rights. Therefore, relying (p. 674)
aries enables governments to bypass constitutional constraints.23
Overall, the governing function of online intermediaries in content moderation cannot be

restrained by market forces alone. In their governing functions as law enforcers, online
trative agencies who act upon these adjudications to block illegitimate content.24 Just as
judicial review facilitates public scrutiny to strengthen public trust and promote the rule
of law, so too should online intermediaries who perform public functions be subject to
oversight.25
ation and must comply with the rule of law.
Page 4 of 12

the Rule of Law
2. Barriers to Accountability
ally assumed that public knowledge of the details of exercising governmental powers
should counter abuse of power and dysfunctional governance.26
tices.27
Still, transparency alone might not prove as useful to ensure accountability in content
moderation by private online intermediaries, using algorithmic tools. The shortcomings of
eration relies on dynamic machine learning. Providing a neural network with thousands
28
The learning process (p. 675) allows
the system to identify trends, relationships, and unexpected patterns in disparate groups
lines algorithmic systems of content moderation does not tell us much about the actual
performance of such systems. The underlying values embedded in the code will only be
relevant to the time of disclosure, implying nothing about its actual performance which
could be tweaked by learning.
tors, online intermediaries are generally not subject to mandatory disclosure obligations:
they are free to determine which specific data to share with the public in accordance with
their private business interests.29
complete, misleading, or even biased, with determinative weight is like counting on a
guard to objectively review its own guardianship.
At the same time, voluntary disclosures could still be overwhelming, creating a problem
of magnitude.30
minous data.31 But then we are left with a vicious cycle, where more transparency only
ten fails to report content that was filtered before it ever became publicly available, and
this further bolsters the shortcomings of transparency in generating accountability.32
Thirdly, trade secrecy may create another weighty barrier to transparency as a measure
of accountability in content moderation.33 Indeed, embedding discretional choices about
therefore treated as their own intellectual property. Moreover, if online intermediaries

disclose how exactly they implement their content-moderation system, (p. 676) interested
parties could easily game the system and bypass their restrictions. Therefore, keeping
some aspects of the process secret may ensure its efficiency.
Page 5 of 12

the Rule of Law
3.
How can we hold online intermediaries accountable and ensure they comply with the rule
of law? The limits of transparency as a guard against illegitimate suppressions of speech
suggest that new innovative measures must be introduced to complement it. We therefore
ing on a static check, based on publicly available (but incomplete) data or on platforms
self-reporting their content moderation, we propose a dynamic approach. This assumes
ongoing strategy of monitoring its performance.
34
35
tion, tinkering may further facilitate social activism, while creating a policy lever for
checks and balances of the hidden practices of algorithmic decision-making.36 Thus, it
ditional means of transparency.
How can we tinker with online systems of content moderation? We can systematically test
and record how online intermediaries respond to representatives, like-real content that
we prepare and submit to the platforms. For instance, we have studied the compliance of
the takedown policy of hosting platforms with copyright law, by uploading different types
37
Similarly, a recent study conducted at the Princeton University Center
for Information Technology policy sought to check the error rate of ads moderation by
Google and Facebook during the 2018 US elections. To test whether common ads, which
were not related to the election, were prohibited, the team used (p. 677)
it any of the ads posted, whereas Facebook prohibited 4.2 per cent of the submitted
ads).38
cussed in Section 2.39 Firstly, tinkering overcomes the dynamics of machine learning used
by online intermediaries for content-moderation purposes because it relies on ongoing
cess to the data generated by the platform, or on disclosures by the intermediaries who
moderate content. Rather, with tinkering, the investigators or activists extract their own
data set in real time.40
Page 6 of 12

the Rule of Law
macy, but purports to uncover concrete misapplications of it.
aries, why has it not become prevalent? Unfortunately, several legal challenges must be
41
lenged the access section of the CFAA, arguing that it would criminalize their research
activities which were meant to find out if automated transactions were discriminatory.
deemed unauthorized access to a computer, hence in violation of the CFAA. Whether this
is actually true remains unknown for now, as this case is still pending resolution.42
Second, and related, the exploitation of tinkering is discouraged by different contractual
(ToU), any violation of these terms may also be enforceable directly under contract law.43
Nevertheless, to the extent that the potential harm of violating the (p. 678)
posed to any meaningful contractual liability.
purposes that will allow testing that is conducted to ensure compliance with the rule of
tivists acting in good faith to test compliance by platforms, are immune from liability for
their intentional, yet de minimis, legal violations in the course of tinkering. Enacting such
a statutory immunity would promote active engagement in revealing the hidden practices
view and eventually affect the way these algorithms function, while ultimately guarding
those who apply them effectively.
4. Future Challenges
We have reached a point in time where it has become impossible to expect intermediary
liability to protect the public interest in a safe internet, without stifling free speech and
Page 7 of 12

the Rule of Law
bility for content that they facilitate leads to over-removal of legitimate content.44
course daily. As information floods are expected only to grow, and with them attempts by
interested parties to control or manipulate information, things will only become worse. An
sumed but rather assured ceaselessly. Maintaining this balance in an era controlled by
data giants is a huge challenge, yet we believe that the key to resolving this puzzle is in
than pressing the latter to block more (e.g. by subjecting them to direct liability), we
should press them to block better
termediaries are offered precise definitions regarding the content to be removed, but are
ability will promote self-review by online intermediaries and will force them to abide by
the law and not merely count on it as a shield against liability.
Notes:
(*) This research was supported by the Israel Science Foundation (grant no. 1820/17).
(1) An increasing number of laws encourage online intermediaries to moderate online

content: one classic example is the notice-and-takedown regime established by the US
legedly infringing copyright materials upon receiving a notice; 17 USC § 1201. Another
termediaries to delete content which appears to be evidently unlawful, within twenty-four

hours of a complaint being filed. See the Network Enforcement Act (Gesetz zur
Verbesserung der Rechtsdurchsetzung in sozialen Netzwerken, NetzDG) (Ger.). Similarly,
http://
europa.eu/rapid/press-release_IP-18-5561_en.htm>.
(2
(3
(4
sonably reachable).
Page 8 of 12

the Rule of Law
(5) See Martin Husovec,
countable but not Liable? (CUP 2017).
(6) See the Communication Decency Act, 47 USC § 230, Ch. V; Directive 2000/31/EC of 17
July 2000 on certain legal aspects of information society services, in particular electronic
commerce, in the Internal Market [2000] OJ L178/1, Art. 12.
(7) See Tarleton Gillespie, Custodians of the Internet: Platforms, Content Moderation, and
the Hidden Decisions That Shape Social Media (Yale U. Press 2018); Lucas Introna and
(8
(9
(10) See , 499 US 340, 345 (1991) (US).
(11) See Ideal Toy Corp. v Fab-Lu Ltd

1021 (2d Cir. 1966) (US).
(12) See Cambridge Univ. Press v Patton, 769 F.3d 1232, 1282 (11th Cir. 2014) (US).
(13
ines how technology is shaped by societal factors such as politics, institutions, economics,
(14
Engine, March 2017) <https://
www.engine.is/the-limits-of-filtering>.
(15
3262950 (29 March 2018) <https://papersssrncom/sol3/paperscfm?

abstract_id=3262950>.
(16) See Perel and Elkin-Koren (n. 2) 504.
(17
(18
vances in Social Networks Analysis and Mining (2018).
Page 9 of 12

the Rule of Law
(19
ment and of the Council on preventing the dissemination of terrorist content online, A
(20
Moscow Times, 22 July 2017) <http://wwwthemoscowtimescom/news/
google-transparency-report-shows-russian-government-requests-to-remove-
online--58468>.
(21
Commission and IT Companies Announce Code of Conduct on Illegal Online Hate

http://europaeu/rapid/press-release_IP-16-1937_enhtm
EDRi, 2016)
<https://edri.org/europol-non-transparent-cooperation-with-it-companies
scribing the use of terms of service by law enforcement agencies as a basis for removal
requests).
(22) e.g. the Facebook NetzDG Transparency Report, filed under the German NetzDG
demonstrates that during the first six months of the law, Facebook removed 1,704 items
of content based on 886 NetzDG legal notices, while removing millions of items during
the same period based on its Community Guidelines reporting system.
(23
(24
(25
ernment agency or administrative body).
(26
Page 10 of 12

the Rule of Law
(27) See NetzDG (n. 1).
(28
TechTalks, 10 December 2018) <https://bdtechtalkscom/2018/12/10/ai-deep-
learning-adult-content-moderation>.
(29
move content is very challenging, given that in its Transparency Report, Google merely
Dame L. Rev. 947, 967.
(30) See Niva Elkin-Koren and Eli M Salzberger, Law, Economics and Cyberspace (Edward
may go lower, the cognitive barriers to individual choice are likely to become stronger);
(31
ing ambiguity in website policies, while providing companies with a useful mechanism to
improve the drafting of their policies. See Joel Reidenberg, Jaspreet Bhatia, and Travis
Breauk, Automated Measurement of Privacy Policy Ambiguity (work-in-progress, on file
with authors).
(32) See Perel and Elkin-Koren (n. 2).
(33
(34 Freedom to Tinker, 21 March

2013) <https://freedom-to-tinkercom/blog/felten/the-new-freedom-to-tinker-movement>.
(35
http://papersssrncom/sol3/paperscfm?
(36
(37) We previously tested this methodology in a pilot conducted at the Haifa Center for
Law & Technology, in Israel. In that pilot, we tested systematically how hosting websites
implement the notice-and-takedown policy in copyright law by examining popular local
Page 11 of 12

the Rule of Law
image-sharing and video-sharing platforms. Accordingly, different types of infringing,
ed to trace choices made by the black box system throughout its enforcement process.
The findings are presented in Perel and Elkin-Koren (n. 33).
(38
GitHub, 1 November 2018) <https://githubcom/citp/mistaken-ad-
enforcement>.
(39
(40) ibid.
(41) Pub L. No. 98-473, 98 Stat. 2192 (1986) (codified as amended at 18 USC § 1030
(2012)) (US).
(42) See Christian W. Sandvig et al. v Attorney General, no. 1613-68 (DDC 2018) (US).
(43) See Fteja v Facebook Inc., 841 F.Supp.2d 829, 837, 841 (SDNY 2012) (US) (noting
(44) See Urban, Karaganis, and Schofield (n. 3); Sharon Bar-Ziv and Niva Elkin-Koren,
Niva Elkin-Koren
Niva Elkin-Koren is a Professor of Law at the University of Haifa, Faculty of Law and
a Faculty Associate at the Berkman Klein Center at Harvard University. She is the
tor of the Center for Cyber, Law and Policy. Email: elkiniva@law.haifa.ac.il.
Maayan Perel
Maayan Perel is an Assistant Professor in Intellectual Property Law at the Netanya

Academic College in Israel and a Senior Research Fellow at the Cyber Center for Law
& Policy, University of Haifa. Email: maayanfilmar@gmail.com.
Page 12 of 12

forcement of State Controls over the Internet
Intermediary Liability in Russia and the Role of Private

Business in the Enforcement of State Controls over the
Internet
Sergei Hovyadinov
The rapid expansion of the internet in Russia, combined with its potential to instigate a
flow of information. This chapter attempts to demonstrate the evolution of intermediary
internet regulation. It describes how this regulation is followed and enforced with respect
to content removal and online surveillance, and how private companies have become an
ta and online activity. Within both categories, this chapter focuses on the obligations of
intermediaries (telecom operators, web-hosting providers, and social media platforms).
terviews that were conducted with executives of telecom and web-hosting companies,
telecom lawyers, internet activists, and representatives of industry associations.
Keywords: online intermediaries, Russia, private businesses, enforcement, content, surveillance
THE internet is not an ethereal substance. Its infrastructure (cables, servers, routers,
bone infrastructure and connect (or disconnect) people online; search engines like Google
and Yandex index web pages and display search results in an order determined by their
Page 1 of 32

cial network companies like Facebook and VKontakte block user-generated content that
tion to specific materials based on our interests and location, or block access to specific
websites (or to the internet altogether) based on government demands.
(p. 648)
2 3
Others have critiqued them for
failing to protect user privacy rights and have raised concerns about their increasing
power, lack of transparency, and financial incentives to cooperate with governments.4
5
to
sisting in online surveillance.
Russia has often been cited as a regime that has been successful in establishing a tight
grip on the media.7
ence for centuries.8
peratives and undergirded by a more general paranoia against the west.9 Since then, a
series of new laws have imposed ever greater restrictions.
One of the key features of how the Kremlin established control over the internet was the
role of internet businesses enlisted by the government to conduct a range of censorship
and surveillance activities. The state has come to rely on the cooperation of the internet
ernment with previously unexplored, but very effective, forms of power over information
flow and user activity.
(p. 649)
islative requirements,10 presented quantitative measurements,11

parency of intermediaries12 and the effect of public opinion on state control,13 reported
human rights violations online,14 and provided historical background about the Russian
15
However, we
know little about the role of local and global platforms in shaping and participating in the
Page 2 of 32

lation. We describe how this regulation is followed and enforced with respect to content
removal and online surveillance, and how private companies have become an integral
ators, web-hosting providers, and social media platforms). We further complement the
utives of telecom and web-hosting companies, telecom lawyers, internet activists, and
representatives of industry associations.16
1. Russian Internet
In the last decade, Russia has seen a phenomenal growth in the number of internet users,
from 18 per cent in 2006 to 76 per cent in 2017.17 Despite the increasing prominence of
(p. 650) global internet companies such as Facebook, Twitter, Google, and Microsoft,
33.1).18 The
public cloud services market is largely dominated by international players (e.g. Microsoft,
SAP, Amazon), but local players including CROC, SKB Kontur, and DataLine are gaining
IT sector.19
Page 3 of 32

(p. 652) Table 33.1 Most popular websites in Russia
Website Category
1. YouTube.com Video hosting
2. Yandex.ru Search engine; news portal
3. Vkontakte (Vk.com) Social network
4. Google.ru Search engine
5. Mail.ru Search engine; news portal
6. Google.com Search engine
7. Avito.ru Classified advertisements
8. Ok.ru Social network
9. Aliexpress.com Online marketplace
10. Wikipedia.org Online encyclopaedia
Source https://www.alexa.com/topsites/
countries/RU>.
and network coverage) are Mobile TeleSystems (MTS), MegaFon, Beeline, and Tele 2.
Over the last decade, they have established a nationwide presence; together, they now
control nearly 83 per cent of all Russian wireless subscribers.20 In the broadband market,
Rostelecom (a company in which the government holds more than 48 per cent of its
shares) and TransTelecom (part of the state-run Russian Railways) hold almost 50 per
cent of the market. Rostelecom controls nearly all key elements of the broadband value
chain (access, backbone, and international connectivity), and it operates a 500,000km-
plus digital fibre-optic backbone network that transmits voice, data, and video across the
entire Russian Federation.
While international companies remain largely independent of Russian authorities, the

state has initiated changes in regulation and ownership structure of major local internet
actors, similar to what has been done to traditional media outlets, seeking to establish
both de jure and de facto control over them. This strengthening of control is often framed
(p. 651)
Page 4 of 32

vices.21
veil their online activities, and cooperate with law enforcement. Failure to comply with
gether, these companies hold almost 50 per cent of the broadband market. As any mobile
operator or ISP needs to rely on backbone infrastructure, and the overall dominance in
structure and its operations.22
priority share in Yandex held by a leading state bank Sberbank, giving it veto power on
23
Other examples include Mail.ru,
VKontakte, and Odnoklassniki, which of this writing are controlled by an oligarch closely
affiliated with the Kremlin.24
When establishing control over global platforms was not feasible through ownership, the
pliance applied broadly to all platforms, regardless of their country of residence. The
sia, the processing of personal data of Russian citizens, or the availability of a particular
function to Russian users.25 The government has also come to rely on the policies of these
est transparency report from Twitter, the company withheld twenty-three accounts and
630 tweets for violation of Russian law in response to requests submitted by the Russian
26
2. The Evolution of Internet Regulations and

ISP Liability
tor, with the government and the presidential administration adopting a liberal, hands-off
approach to its regulation.27 Key policy stakeholders publicly denied any plans to regulate
the internet or censor content. Similarly, the regulation of intermediary liability was
scarce. It was only in 2006, when the Law On Information, Information Technologies and
cess to information from liability for third party content and actions.28 However, the law
excluded liability for IP infringements, which was left to the courts to adjudicate. In 2008,
Page 5 of 32

in the landmark case Kontent i Pravo v Masterhost, the Supreme Arbitration Court of the
ty for hosting copyright-infringing content: a provider is not liable if it does not initiate
transmission, select the addressee, or modify the transmitted content.29 That regulatory
gap was finally closed in July 2013, when the Russian Parliament (the Duma) adopted
ters and introduced a notice-and-takedown system.30
31
and even considered the possibility
of isolating the national segment of the internet by imposing limitations on local
(p. 653)
and international traffic (see Table 33.2).32
Page 6 of 32

Table 33.2
termediaries since 2011
Year Development
2011
children from harmful information online.33
2012
unified register of websites that contain information about
drug usage, advocate suicide or describe methods of suicide,
nism for blocking those sites.34
2013
anism to block websites accused of copyright

infringement.35
2013
ties or participation in unsanctioned mass protests, giving
out a court order.36
2014
more than 3,000 daily visitors refrain from using their blogs
plicable laws (electoral, mass media, privacy, defamation,

etc.).
able the receipt, transmission, delivery and/or processing of
notify the Roskomnadzor, a government telecom watchdog,

before commencing the provision of services; to retain and
store in Russia certain user data; and to cooperate with law
37
Page 7 of 32

2014
of personal data of Russian citizens is conducted only with
the use of servers located in Russia. Failure to comply with
services or websites.38
2014
39
2015
quires that search engines operating in Russia remove
search results listing information on individuals when such
dated, or irrelevant.40
2016 The bundle of anti-terrorism amendments known as
vices offering encryption must assist the Federal Security

Service (FSB) with decoding encrypted data.41
2016 LinkedIn becomes the first global online service to be

blocked in Russia for failing to comply with data localization
requirements.42
2016
ty of the information that appears on their services.43
2017 Government agency Roskomnadzor blocks BlackBerry, Line,

and Imo messengers, as well as the video service Vchat, for
failing to comply with data localization requirements.44
2017
45
Page 8 of 32

2017
gines, virtual private networks (VPNs), and internet
anonymizers cooperate with Roskomnadzor and block access
websites.46
2017
stant messaging services in Russia identify users based on
formation, and restrict the transmission of certain messages

at the request of the government.47
2018 The messaging service Telegram is banned by court order
ed user communications. Roskomnadzor enforces the ban by

blocking more than 15 million IP addresses, including ones
associated with Amazon and Google services.48
sistance from the industry and public outcry from users. Local and global companies like
Russian-language version of Wikipedia shut down its page for one day, Google (p. 654)
(p. 655) published a blogpost criticizing the law, and Yandex posted a black banner
(p. 656)
on its homepage.49 In response, government officials and members of the parliament set
sultations only created an appearance of seeking feedback from the industry and did not
have a meaningful impact.
tation with the government is doomed to fail, either because the officials use it as a cover
to legitimize new restrictions or because the industry is unable to speak with one voice.
As some anonymous study subjects said:
Everything is decided somewhere at the top. There are no consultations with the
ing consultations with the industry, the state only creates an appearance to be
50
government initiatives.51 There is a public discussion of laws as such, but nobody

pays any attention to it. The position within the industry is not completely unified
either, and many companies prefer to remain in the shadows without raising a
Page 9 of 32

trol measures, someone is against, someone is neutral, and says that nothing will
help.52
(p. 657)
tions. However, the major concern of these companies did not relate to the restriction of
53
3.
aries
tory obligations on intermediaries that were focused on content blocking, data storage,
mines any content to be illegal, internet access providers are required to promptly block
ing through any other proxy.54 Email communication providers are asked to store user
content locally and, if requested, provide access to it by law enforcement. In effect, the
tions designed to assist the state with informational control.
3.1 Content
The Law On Information lists content categories that are subject to a centralized blocking
procedure and grants authority to specified administrative agencies and courts to make
decisions on blocking such content. While the criteria for most categories are defined by
tion of the judges and public prosecutors who oversee these types of cases (see Table
33.3).
(p. 658) (p. 659) In general, there is a standard process for blocking content. When
(p. 660)
allegedly illegal content is reported to the state telecom watchdog Roskomnadzor,56 one
of the designated administrative agencies is tasked to establish its legality. If the content
is found to be illegal, Roskomnadzor orders a hosting provider, regardless of its country
Page 10 of 32

33.3),
which triggers an obligation for telecom operators throughout the country to prevent
the General Prosecutor or his deputies.
Page 11 of 32

Table 33.3 Content categories that are subject to centralized blocking

mechanism under the Law On Information
Prohibited Authority
content that decides ter termediary
tions
tent
(1) Materials The Unified Hosting

Register of provider:
graphic images pervision of Domain
of minors and/ cation from
net Website
gaging minors nology, and form a site

as performers Mass Media owner and
for participation dresses that request the
zor) Allow the deletion of
ment events of Identification a web page
a pornographic of Internet containing
nature prohibited
tion;
hibited for
in case of
Distribution
ance by the
site owner,
cess to the
website.
Telecom
provider:
monitor
the state
registers;
cess to the
website for
its users.
Page 12 of 32

Operators of
(2) Information Federal Drug
about ways and
vice (until 25
November
ing, and using 2016)
narcotic agents, Ministry of
works:
psychotropic
substances, and fairs (since
25 November cess to
sors; places 2016) websites
where such from the
Unified
stances, and pervision of Register,
their precursors exclude
sources
ods and places nology, and from
for cultivating Mass Media
sults.
ing narcotic zor)
agents
(3) Information
mit suicide, as veillance on

well as calls to Consumer
commit suicide
tection and
being
nadzor)
(4) Information
about minors nated
being victims of
tions (omission
to act) whose
dissemination is
prohibited by
federal law
Page 13 of 32

(5) Information Federal Tax

that violates the Service
provisions of
ganization and
ies
(6) Information
with proposals nated
for the retail
sale of alcohol
products when
their retail sale
is restricted or
prohibited by
applicable laws
District
courts
clared by a
semination of
ian Federation
Page 14 of 32

(8) Information The Register

that contains ecutor, of Domain
calls for mass deputies of
the General net Website
Prosecutor
pation in mass dresses that

(public) events Allow the
conducted in Identification
of Internet
als of a foreign ments and

or international Appeals to
tal organization tremism or to

whose activities Participate in
Mass (Public)
desirable in the Events Held
territory of the in Violation of
Applicable
tion
Page 15 of 32

(9) Copyright- Moscow City The Register

Court of Domain
rials
net Website
dresses that
Allow the
Identification
of Internet
clusive Rights
Source
ber 26, 2012.55
ods to deploy.57
views, is preferred by operators. However, this method requires the use of additional
tors. In addition, if web content is transmitted using the encrypted HTTPS protocol, ISPs
and telecom operators cannot block individual web pages within the domain, and have no
choice but to block either an entire domain or IP address. Both actions result in the same
consequence: the collateral blocking of adjacent legitimate resources.58 This happened,
for example, in August 2015, when Russian telecom operators temporarily blocked the
entire Reddit platform following an order from Roskomnadzor to block a thread related to
recreational drug use.59
60
Some local web-hosting companies try to shield their clients from this collateral damage
pages:
Page 16 of 32

see (p. 661) that the content is controversial, I can allocate to that client a separate
are potentially subject to blocking (generally, sites with music and movies) are
hosted on separate IPs so that [their blockage does] not affect the other clients.61
ance. In December 2016, it ordered all telecom operators to install a monitoring system
net access and allows Roskomnadzor to monitor the status of the blocking of prohibited
information remotely and around the clock.62
fringers to court. According to its latest public report, in 2017 alone the agency brought
3,481 such administrative cases against violators.63
3.2 Surveillance
terprises cooperate with or resist such surveillance.64 Russian law does not prohibit
ing wi-fi access in public places, have to collect user IDs;65 instant messaging services
have to identify the phone numbers of their users;66
ly readers must register with Roskomnadzor and publish their contact information (see
Table 33.4).67
Page 17 of 32

Table 33.4 The main obligations imposed on intermediaries in order to

facilitate online surveillance
Type of Type of intermediary

data tions
User Identify users and

identity net access, including public
wi-fi
tion to law enforcement
authorities
Any online intermediary that Store personal data of

collects personal data of Russian users locally
Russian citizens
authorities
Identify users based on

ing services their mobile phone
number

authorities
Telecom operators Install equipment that

tivity
ment to intercept online
ta and communication
content)
data for three years
tion for six months

Provide metadata and
ment authorities at
their request
Page 18 of 32

data for one year
tion for six months

ganizers of distribution of Provide metadata and
ment authorities at
their request
Provide encryption keys
ment in decoding user

communication
ators must cooperate with law enforcement authorities and install SORM equipment that
permits law enforcement to intercept online communications directly, without going
through another proxy. Formally, online surveillance should be accompanied by a court
sures and the content of court orders is not public. With so little oversight and lack of
cations outside a valid legal process. Pavel Durov, the founder and former (p. 662) CEO of
Russian security services sought the private user data for members of several Ukrainian
protest groups from his company.68 In another case, the Anti-Corruption Foundation, led
by prominent opposition leader Alexei Navalny, accused the Russian mobile operator MTS
of helping law enforcement hack into their accounts on the messaging application
Telegram.69
(p. 663)
administrative proceedings and brings them to court, seeking to impose administrative

penalties or block their service. According to the Roskomnadzor public report, in 2017 it
audited more than 30,000 wi-fi access points and identified more than 2,000 violations of
their requirement to identify network users; in many of those instances, Roskomnadzor
brought administrative cases against infringers.70
Page 19 of 32

ance.
71
tention to small operators.72
tim of a new data localization law. Roskomnadzor blocked its website after the company
failed to store Russian user data in servers located on Russian territory. That case set a
clear precedent for global companies, which are now reviewing their compliance models
forms like Facebook, Google, and Twitter.73
4. Compliance Dilemma
The new set of requirements has created a compliance dilemma for private companies.
They have to strike the right balance between full obedience with government requests to
the prioritization of their users, human rights law obligations, and becoming a trusted
(p. 664)
nies are controlled by local shareholders, their main assets and employees are based in
putting human rights first is nearly unheard of among these actors. The state has many
cision-makers.
One scenario in which local companies still care about their popular perception is when
they expand internationally and start trading publicly on one of the major international
stock markets. At this point, their reporting obligations significantly expand and their
practices start attracting global attention from regulators and internet activists. In 2011,
in the run-up to its listing on Nasdaq, Yandex had to address challenging questions about
74
ance with government requests may trigger a negative backlash among shareholders,75
Page 20 of 32

policymakers,76 users,77 and employees at home.78 On the other hand, being a standard-
bearer for values such as freedom of speech in an autocratic environment like Russia, and
pushing back on excessive government requests while at the same time pursuing revenue
maximization, might be unpalatable to the local regulatory environment. See Figure 33.1.
Figure 33.1
Source: Audit-it.ru.79
When foreign companies fail to cooperate, the government is not shy about launching
ployees. In early 2013, when YouTube went to a local court to invalidate the
decision to block an allegedly suicidal video (which was actually an instructional video for
putting on Halloween make-up), the authorities launched a PR (p. 665)
ing YouTube and publicly naming and shaming its local employees for not complying with
80
The authorities have also repeatedly issued threats to block global platforms in Russia for
their lack of compliance with data localization or content-removal requests. In May 2014,
Maksim Ksenzov, then the deputy head of Roskomnadzor, plainly outlined the
less
significant compared to the harm to the Russian society caused by the non-constructive
position of the leadership of these global companies, we will do what is required by
81
Transparency reports published by global companies operating in Russia suggest that the
government has been trying to remove more and more content from these platforms, and
tween 2012 and 2017, the number of content-removal requests Google received from the
Russian authorities increased almost 200-fold, from 120 in 2012 to (p. 666) 23,823 in
2017.82 For Twitter, that amount increased from 0 in 2012 to 2,505 in 2017.83 However,
their level of compliance with the requests for the last reported period differed; while
cent of the cases.84
Page 21 of 32

5. Transparency and Compliance with Human

Rights
In his 2016 report to the UN Human Rights Council, the Special Rapporteur on freedom
plement policies that take into account their potential impact on human rights, ensuring
85
Similarly, in March 2018, the
Council of Europe, of which Russia is a member, issued a recommendation on the roles
tionally recognised human rights and fundamental freedoms of their users and of other
86
nies to monitor user activity online and restrict access to information, the willingness of
intermediaries to build their practices around international human rights standards can
help keep government influence under control and provide some minimum protection for
users. Being more transparent can help, not hurt. Without transparency, users are unable
to understand the restrictions placed on their freedoms and challenge those restrictions
when appropriate.
Several interviewees highlighted the difference between global and local companies in
nies are more transparent. They must satisfy the requirements of both their country of
origin and those of Russia, and must follow a more diligent, formalized review (p. 667)
their disclosed commitments and policies affecting freedom of expression and privacy,
mands to remove content or to hand over user data. Moreover, these companies lack
er tracking tools.87
Another study by RosKomSvoboda and the Internet Protection Society that evaluated the
transparency practices of major Russian mobile operators showed similar findings.88
tion about government requests for user information, describe how they restrict access to
allegedly illegal content, or explain how users can appeal their decisions. These findings
Page 22 of 32

reflect the rather submissive stance these operators take with respect to cooperating
with law enforcement, which is consistent with what we found in our interviews.
ment requests, preferring not to question their validity. According to our interviewees,
many telecom operators and hosting providers have direct channels of communication
with the police and FSB and provide the requested information without delay:
This is law. There is no point in appealing [law enforcement requests]. More so,
operators have personnel responsible for communication with the authorities. In
fident that all requests are valid.89
companies can provide information without an official request or based on an
is valid.90
(p. 668) 6. Conclusions
icant regulatory restrictions on online content and anonymity. Faced with new technical
plement these restrictions and control the flow of information.
This indirect method of state control of the internet is not unique to Russia. Other more
rity. What is different in Russia is how closely these private companies, especially local
much
transparency and public accountability.
ly on online intermediaries to implement their control measures, but internet users and
civil society rely on these companies to protect their online freedoms and provide checks
and balances against government malpractice.
Page 23 of 32

sia is not an easy task. The state can use many levers, official and unofficial, to mandate
national human rights law, including the practice of the European Court of Human Rights,
that the companies could deploy in order to counter excessive governmental demands.
The UN Guiding Principles on Business and Human Rights provide a solid framework for
greater transparency and predictability in that respect. Both local and global internet
companies operating in Russia will only benefit from implementing its key principles. In
the end, maximum transparency and adhering to standards of universal human rights
when dealing with autocratic governments will only help these platforms earn the trust of
Russian users while staying within the framework of applicable law.
Notes:
(1
(2) Larry Diamond and Marc Plattner (eds), Liberation Technology: Social Media and the
Struggle for Democracy (John Hopkins U. Press 2012).
(3
(4) See Rebecca MacKinnon and others, Fostering Freedom Online: The Role of Internet
Intermediaries: (UNESCO Publishing 2015); Evgeny Morozov, The Net Delusion: The Dark
Side of Internet Freedom (Public Affairs 2012).
(5
(6) Marin Husovec,

able But Not Liable? (CUP 2017).
(7 https://
www.state.gov/j/drl/rls/hrrpt/humanrightsreport/index.htm>.
(8
Management and
Participation in the Public Sphere
(9
12 American Enterprise Institute (2015) <http://www.aei.org/wp-content/uploads/
2015/01/Internet-freedom-in-Putins-Russia.pdf>.
Page 24 of 32

(10
sias-dictatorship-law-approach-internet-policy>; Ognyanova (n. 8).
(11 https://ozi-ru.org/proekty/indeks-svobodi-
interneta/>.
(12
https://rankingdigitalrights.org/index2018/>.
(13
http://
www.global.asc.upenn.edu/app/uploads/2015/02/Russia-Censorship-Asmolov-
FINAL1.pdf>.
(14
https://
freedomhouse.org/report/freedom-net/2017/russia>.
(15) See Andrei Soldatov and Irina Borogan,

Digital Dictators and the New Online Revolutionaries (Public Affairs 2015).
(16) All but one of our interviewees asked to remain anonymous. Thus, when providing
cation method (e.g. phone, Skype). Quotations have been edited for grammar and clarity.
(17 https://
data.worldbank.org/indicator/IT.NET.USER.ZS?locations=RU>.
(18 https://mediascope.net/data/>.
(19 IDC: The

premier global market intelligence company) <https://www.idc.com/getdoc.jsp?
containerId=CEMA42695918>.
(20
ta/country-profiles/ee/russia/wireless.html>.
(21
(22) See Carlo Maria Rossotto and others, A Sector Assessment: Broadband in Russia
(23 sec.gov, 2017) <https://www.sec.gov/Archives/

edgar/data/1513845/000151384518000013/yndx-20171231x20f.htm>.
Page 25 of 32

(24 Bloomberg News, 25
January 2014) <https://www.bloomberg.com/news/articles/2014-01-25/vkontakte-ceo-
durov-sells-stake-to-billionaire-usmanov-s-partner
The Verge, 31 January 2014) <https://
www.theverge.com/2014/1/31/5363990/how-putins-cronies-seized-control-over-russias-
facebook-pavel-durov-vk>.
(25) For example, the package of anti-terrorism amendments passed in July 2016, known
Federal Security Service (FSB) with decoding encrypted data.
(26 https://transparency.twitter.com/en/removal-
requests.html>.
(27
Washington Post, 31 July 2014) <https://www.washingtonpost.com/world/
russian-blogger-law-puts-new-restrictions-on-internet-freedoms/2014/07/31/42a05924-
a931-459f-acd2-6d08598c375b_story.html>; Duffy (n. 8); Vendil Pallin (n. 21).
(28
nologies and Protection of Information <https://wilmap.law.stanford.edu/entries/federal-

law-no-149-fz-information-information-technologies-and-protection-information>.
(29) Postanovleniye Prezidiuma VAS RF ot 23.12.2008 N 10962/08 po delu N

A40-6440/07-5-68 <http://arbitr.ru/as/pract/post_pres/1_1_edbd3254-
a5c3-40b6-9f4f-3f9c35977eb1.html https://
wilmap.law.stanford.edu/entries/kontent-i-pravo-v-masterhost>.
(30
prav
08.07.2013, N 27, st. 3479. See also Federal Law No. 187-FZ <https://
wilmap.law.stanford.edu/entries/federal-law-no-187-fz>.
(31
eign Relations Subcommittee on East Asia, the Pacific, and International Cybersecurity
esandremarks/257719.htm>.
(32
Vedomosti, 13 May 2016) <http://www.vedomosti.ru/technology/articles/
2016/05/13/640856-runet-obosoblen>.
Page 26 of 32

(33
RadioFreeEurope/RadioLiberty, 18 July 2012) <
ternet-defense-league-a-grassroots-initiative-created-by-the-government/24649221.html>.
(34
https://
wilmap.law.stanford.edu/entries/federal-law-no-139-fz-blacklist-law>.
(35) Federal Law No. 187-FZ (n. 30).
(36
https://wilmap.law.stanford.edu/entries/federal-
law-no-398-fz-amending-federal-law-information-information-technologies-and>.
(37
works <https://wilmap.law.stanford.edu/entries/federal-law-no-97-fz-bloggers-law>.
(38
https://wilmap.law.stanford.edu/entries/federal-law-no-242-fz>.
(39
Page 27 of 32

https://wilmap.law.stanford.edu/
entries/federal-law-no-364-fz-anti-piracy-law>.
(40
tries/federal-law-no-264-fz-amending-federal-law-information-information-technologies-
and>.
(41
combating terrorism and certain legislative acts of the Russian Federation regarding the
https://
rorism-and-certain-legislative-acts>.
(42 TechCrunch, 17
November 2016) <https://techcrunch.com/2016/11/17/linkedin-is-now-officially-blocked-
in-russia/>.
(43
(44
tional) <https://www.rt.com/news/386900-russia-bans-four-messengers/>.
(45 Global
Voices, 10 April 2017) <https://globalvoices.org/2017/04/10/russia-blocks-walkie-talkie-
app-zello-as-truckers-strike/>.
(46
(47
Page 28 of 32

(48
TechCrunch, 13 April 2018) <https://techcrunch.com/2018/04/13/telegram-
blocked-in-russia/>.
(49
RT International, 11 July 2012) <
ship-bill-936/>.
(50) Sergei Hovyadinov, Interview with I5, Skype.
(51) ibid., Interview with I1, Email.
(52) ibid., Interview with I2, Skype.
(53
Los Angeles Times, 27 June 2016) <https://
www.latimes.com/world/europe/la-fg-russia-anti-terror-law-20160627-snap-story.html>.
(54
Wikipedia, 3 October 2018) <https://en.wikipedia.org/w/
index.php?title=SORM&oldid=862350538>.
(56
tions, Information Technology, and Mass Media.
(55
tyabrya 2012 g N 44 st. 6044.
(57) For a good overview of the key terms related to online blocking, see Daphne Keller,
Keller (ed.), Law, Borders, and Speech: Proceedings and Materials (Stanford Law School
CIS 2017) 51 <https://cyberlaw.stanford.edu/publications/proceedings-volume>.
(58
(59
The Independent, 13 August 2015) <http://www.independent.co.uk/life-
style/gadgets-and-tech/news/reddit-banned-in-russia-because-of-one-
thread-10453063.html>.
(60 https://reestr.rublacklist.net/>.
Page 29 of 32

(62
https://rkn.gov.ru/docs/
doc_2326.pdf>.
(63) ibid.
(64) See Kaye (n. 1).
(65
(66) See Federal Law 241-FZ (n. 47).
(67) See Federal Law 97-FZ (n. 37).
(68
Mashable, 16 April 2014) <https://mashable.com/2014/04/16/
vkontakte-founder-fsb-euromaidan/>.
(69
Financial Times, 6 May 2016) <https://www.ft.com/content/
74d5ce00-12dd-11e6-839f-2922947098f0>.
(70) Roskomnadzor (n. 62).
(73 CNNMoney, 26 September

2017) <https://money.cnn.com/2017/09/26/technology/facebook-russia-data-blocked/
index.html>.
(74 BBC, 3 May 2011) <https://

www.bbc.com/news/business-13274443>.
(75
2007 <https://www.sec.gov/Archives/edgar/data/1288776/000119312507073756/
ddef14a.htm#rom97745_48>, and 2008 <https://www.sec.gov/Archives/edgar/data/
1288776/000119312508064574/ddef14a.htm>.
(76
gressional hearings for their alleged collaboration with the Chinese government. See Tom
New York Times, 16 February
Page 30 of 32

2006) <
ings-in-china.html>.
(77
https://www.change.org/p/facebook-
>.
(78
New York Times, 16 August 2018) <https://
www.nytimes.com/2018/08/16/technology/google-employees-protest-search-censored-
china.html>.
(79
https://www.audit-it.ru/buh_otchet/7704582421_ooo-gugl>.
(80
Forbes.ru, 20 March 2013) <

zor-obvinil-youtube-v-podryvnoi-rabote-protiv-zashchity-detei>.
(81
Izvestiya, 16 May 2014) <https://iz.ru/news/570863> (authors translation).
(82 https://transparencyreport.google.com/government-
removals/overview?hl=en>.
(83
(84
fied Register, which suggests that Roskomnadzor, for some reason, has been satisfied
(85) Kaye (n. 1).
(86
Rec(2018)2 <https://search.coe.int/cm/Pages/result_details.aspx?
ObjectID=0900001680790e14>.
(87
(88) Sarkis Darbinyan, Mikhail Klimarev, and Sergei Hovyadinov, Ranking Transparency of
Mobile Network Operators in Russia (Roskomsvoboda and OZI 2018) <https://
digitalrating.ru/en>.

Page 31 of 32

Sergei Hovyadinov
Sergei Hovyadinov is a JSD candidate at Stanford Law School. Email:

sergeih@stanford.edu.
Page 32 of 32

Addressing Infringement: Developments in Content Regulation in the US
and the DNS
Addressing Infringement: Developments in Content

Regulation in the US and the DNS
Annemarie Bridy
The reach of privately ordered online content regulation is wide and deepening. It is
Name System (DNS). This chapter explores the recent expansion of intellectual property
enforcement in the DNS, with a focus on associated due process and expressive harms. It
begins with a technical explanation of the operation and governance of the DNS. It goes
solving intellectual property complaints involving domain names. In doing so, it compares
the long-running Uniform Dispute Resolution Policy (UDRP) for adjudicating trademark
cybersquatting claims to newer ADR programmes targeting copyright infringement on
websites underlying domain names.
Keywords: online intermediaries, intellectual property, infringement, DNS, ICANN, domain name, blocking
FROM
aries has remained relatively stable for two decades. Section 230 of the Communications
Decency Act (CDA) of 19961 and section 512 of the Digital Millennium Copyright Act
(DMCA) of 19982 remain the pillars of US internet law. Together, they define how internet
3
In the years between the resounding defeat of the Stop Online Piracy Act (SOPA)4 in 2012
and the enactment of the Allow States and Victims to Fight Online Sex Trafficking Act
(FOSTA)5 in 2018, US policymakers showed little interest in legislation that would alter
erful wave of anti-tech sentiment to easy adoption, the United States may be entering
(p. 632)
dia platforms like Facebook and YouTube continue to lose lustre amid controversies over
the viral spread of hate speech, junk news, and state-sponsored propaganda, they face a
Page 1 of 17

and the DNS
realistic prospect that the legal protections they have long enjoyed will erode.6
just the beginning of the backlash.
Seeking to capitalize on public disenchantment with Silicon Valley, copyright industry
become legislative reality.7

manding that intermediaries remove hate speech8 and terrorism-related content9 within a
short time of receiving notice, on penalty of steep fines. Globally, the scales are tipping
quickly in favour of legislatively mandated, on-demand takedown for a wide range of
user-generated online content.
It would be a mistake, however, to conclude that the twenty-year stretch between the
tent regulation. The contrary is true. Over the course of the last decade, in response to
significant pressure from the US and other governments, service providers have assumed
private obligations to regulate online content that have no basis in public law.10 For US
putes has grown up on the margins of the DMCA and the CDA.11 For the most part, this
regime has been built for the benefit of intellectual property rightholders attempting to
control online piracy and counterfeiting beyond the territorial limits of the United States
and without recourse to judicial process.
The reach of privately ordered online content regulation is wide and deepening. It is wide
in terms of the range of service providers that have already partnered with corporations
and trade associations to block sites, terminate accounts, and remove or demote content
ing networks in addition to internet access providers, search engines, and social (p. 633)
12
media platforms.
specifically, the Domain Name System (DNS), which is commonly described as the
13
alize are readily adaptable for use in censoring all kinds of disfavoured content.
Recent private agreements between DNS intermediaries and intellectual property

rightholders cross the Rubicon. Such agreements, which are the subject of this chapter,
are cause for special concern among open internet advocates, because they transform
technical network intermediaries into content regulators in an unprecedented way. They
expand the remit of domain name registrars and registry operators beyond their raison
Page 2 of 17

and the DNS
ing a tangible but hard-to-measure toll on the global environment for freedom of speech
and access to information online.
1. ICANN, the DNS, and DNS Intermediaries
14
net.
The DNS is the technical infrastructure that allows users to access the sites and services
they use on the internet every day. A domain name is a string of letters (e.g. Amazon.com)
that corresponds to a string of numbers called an Internet Protocol (IP) address (e.g.
205.251.242.54). Every piece of hardware connected to the internet, including (p. 634)
every server that acts as a website host, has a unique IP address. IP addresses are hard
to remember, but domain names are not. The DNS obviates the necessity for users to
keep track of long lists of IP addresses and the websites to which they correspond. The
and .gov), there is a separate registry. For every domain name in a given gTLD, there is
an entry in the registry that links the domain name to its corresponding IP address. When
a user enters the domain name of a website into the address bar of her web browser, the
dress and then directs the browser to that IP address. This process is called resolving a
domain name.
Each gTLD registry is administered and controlled by a registry operator. Individuals and
businesses that want to register domain names do so through domain name registrars.
Both registry operators and registrars must be accredited by ICANN and are governed in
their operations by a web of contracts specifying their rights and duties to ICANN, each
other, registrants, and third parties. Registry operators are bound by the ICANN-Registry
Agreement. Registrars are bound by both the ICANN Registrar Accreditation Agreement
and separate contracts with individual gTLD registry operators. The terms and conditions
in these agreements are set by ICANN through a multistakeholder governance process, in
which registrars and registry operators participate as stakeholders. Other stakeholders
that participate in ICANN governance include national governments, commercial internet
users (including intellectual property rightholders), and non-commercial internet users
(including digital civil liberties advocates and other civil society groups). The voluntary
Page 3 of 17

and the DNS
agreements that are the subject of this chapter are facilitated and encouraged by ICANN,
diaries and its multistakeholder governance process.15
Without the DNS and the intermediaries that maintain it, navigating the internet with the
main name from resolving, users lose access to all of the content hosted at the associated
IP address. For some domains, that can amount to thousands of unique websites and tens
(or even hundreds) of thousands of individual web pages (uniform resource locators, or
URLs). Domain name blocking is trivially easy as a technical matter; all it requires to
make a domain globally unavailable is a simple edit to a database. That simplicity leads
densome nor unreasonable. From a human rights point of view, however, site blocking by
tion, especially if such blocking becomes routine.
2.
(p. 635)
forcement in the DNS

Historically speaking, intellectual property rights have been enforced in the DNS in a
practice known as cybersquatting, which is defined as bad faith registration and use of a
domain name.16 In the early days of the internet, cybersquatters pre-emptively registered
17
ing alleged cases of cybersquatting. The system, which applies to all registrants in all
gTLDs, is called the Uniform Dispute Resolution Policy (UDRP). Trade mark infringement,
fer of the disputed domain name from the registrant to the complainant.
2.1 The UDRP
streamlined, online process. Once a UDRP complaint is filed by a complainant (who can
UDRP process until its conclusion. If either party to a UDRP proceeding is dissatisfied
risdiction. A registrant seeking judicial recourse following an adverse UDRP decision has
ten business days to file a claim in court and produce evidence that she has done so to
Page 4 of 17

and the DNS
the registrar. If the registrant files a lawsuit in a timely manner, the prevailing
ferred.
tive, 89 per cent of disputes have resulted in cancellation or transfer of the (p. 636)
ed domain name to the complainant.18 Registrants have prevailed in only 11 per cent of
cases.19 Critics of the process point to these numbers and to the fact that a small number
of providers handle the vast majority of UDRP complaints as evidence that the system has
created strong structural incentives for providers to rule in favour of complainants.20 A
provider whose results do not demonstrably favour complainants can easily find itself
out of business in the early years of the UDRP for lack of a sustainable caseload.21
3.
Stakeholder Demands
Beginning in 2013, in a long-anticipated and much-ballyhooed move, ICANN created over
1,200 new gTLDs in the DNS. In the rollout of the new gTLD programme, rightholders
saw an opportunity to lobby within ICANN to extend the reach of IP enforcement in the
DNS beyond the UDRP and cybersquatting. The MPAA, which represents Hollywood
movie studios, and the RIAA, which represents major record labels, demanded that
22
right piracy with the distribution of malware, strategically blurring an otherwise clear
ers also want ICANN, through its formal contractual compliance process, to discipline any
registrar that demands a court order before taking action against a registrant accused of
infringing copyrights.23
tion and, consequently, their ability to do business.
(p. 637)
24
Page 5 of 17

and the DNS
manager of the IANA functions. Most registrars understandably do not want to be in the
law enforcement and claim adjudication business.
4.
in and Without ICANN
Rightholders achieved a partial victory in the battle within ICANN over domain blocking
tors, as a workaround in cases where registrars refuse to block domains without a court
order. ICANN would not leverage its contractual compliance process to compel registrars
to play ball with rightholders, but it did provide a means for rightholders to strike private
deals with registry operators to bypass or override recalcitrant registrars. The key to this
25
clude in their contracts with registrars a provision requiring registrars to include in their
and any related procedures) consequences for such activities including suspension of the
26
ment and the identification of (unspecified) consequences for it are pushed down the DNS
nism that makes the UDRP binding on all gTLD registrants.
The endpoint in this cascade of contractual obligations is, of course, the registrant, whose
registration is conditioned on her acceptance of the prospect that her domain name may
be suspended if she is found to have engaged in copyright (or trade mark) (p. 638)
main name on receipt of a court order or other valid legal process. The elegance of the
registrars at all. It can also be enforced by registry operators that are willing to act on
the gTLDs they control, registry operators can block or otherwise disable any domain
name within their zones.
New gTLD registry operators supportive of Specification 11 explain their willingness to

cooperate with rightholders in terms of defensive or pre-emptive self-regulation.27 If we
ations on us. This self-regulatory rhetoric obscures the plain fact that the real regulatory
targets of intellectual property enforcement within the DNS are domain name registrants
and the websites they operate. Registry operators that partner with rightholders to block
domains are acting not as regulators of their own content but as regulators of third party
Page 6 of 17

and the DNS
derlying domain names as their own premises to police. It seems disingenuous, however,
to characterize Specification 11 as the foundation for a self-regulatory framework. It is
enforcement of private property rights through the DNS.
4.1
28
Together, they control hundreds
Rid announced a similar agreement with the International Anti-counterfeiting Coalition

(IACC), which counts the MPAA and RIAA among its members.29 EURid controls the .eu
copyright enforcement; however, EURid declined to release any information about the
agreement beyond a press release announcing the fact of its existence.
Lack of transparency, a hallmark of privately ordered inter-industry intellectual property

enforcement, is a perennial challenge for researchers and civil society groups trying to
assess the impact of voluntary agreements on the openness of the internet and the
(p. 639) environment for free expression online. Because these agreements are private,
and generally include non-disclosure provisions, the public usually learns nothing about
them beyond what can be learned from the occasional press release. To its credit, the
MPAA did release a fact sheet in connection with the Donuts agreement, but it has since
been taken offline.30 The following paragraphs describe the programme outlined in that
fact sheet.
interest group dedicated to examining illegal behavior, or a similarly situated entity with
demonstrated extensive expertise in the area in which it operates and ability to identify
31
The document does not specify
Judgments about eligibility for trusted notifier status appear to be left to the discretion of
the participating registry operator. It is also worth noting that the definition includes a
grammes beyond the realm of intellectual property enforcement.
the registry operator has no obligation under the agreement to independently investigate
Page 7 of 17

and the DNS
it is inclined to do so.
[r]egistry
will not necessarily receive notice of the complaint or be given an opportunity to respond.
few days. For a registrant whose business is dependent on her active domain, such a
(p. 640) claim
lationship is with the registrar.
the registry operator to actually investigate the complaint or to solicit a response from
the registrant, there is a high risk that participating registries will default to a rubber
through its contractual compliance process, but that registrant would likely be rebuffed
tion over intellectual property disputes concerning content on websites.32
After one year of operation, Donuts released a high-level summary of actions taken under
33
MPAA agreement has ever been published. Donuts reported that the MPAA sent notices
hosting provider, and the remaining one was found to warrant no action at all.
tices, making further inquiry into the facts surrounding the complaints impossible. All we
ly infringing. Neither Donuts nor the MPAA has made any subsequent public disclosures
about the operation of the programme or the number of domains it has affected. The low
Page 8 of 17

and the DNS
provision in the agreement banning the use of bots to identify putative infringements and
leged peer-to-peer file-sharing activity, the growing use of bots has led to significant
abuse and over-claiming.34
forcement and concomitant harm to free expression.
(p. 641) 4.1.1 The trusted notifier model and the UDRP compared
were free to negotiate a deal mutually agreeable to them, without vetting the terms
35
tion for which it now disclaims responsibility and oversight.36
able conduct. The programme gives trusted notifiers an open invitation to provide a
of the wedge when it comes to notice-driven content regulation through the DNS. The
UDRP, in contrast, begins and ends with cybersquatting, the elements of which the
ture and amount of information complainants must provide to initiate a claim. A trusted
of alleged illegality in the form of sample URLs and screenshots. The UDRP, by contrast,
name.
The trusted notifier programme also differs from the UDRP in that the UDRP guarantees
the registrant an opportunity to respond and, if the outcome is unfavourable, to bring a
determinations about the legality of content under an unspecified range of laws from an
unspecified range of jurisdictions, some of which may have conflicting laws on the same
Page 9 of 17

and the DNS
so many legal variables are in play is obviously high.
least run by accredited legal professionals who are tasked with applying uniform legal
ed notifier programme, UDRP adjudicators are never expected to (p. 642)

plainants the benefit of the doubt when deciding the merits of a complaint. Whether they
written into the UDRP, as there is written into the trusted notifier programme.
4.2 Future Plans: A Copyright-Specific UDRP?
ic literature, but without real impact.37 The door to copyright enforcement through the
DNS is now open, however, thanks to Specification 11 and the new gTLD trusted notifier
agreements it spawned. In 2017, the Domain Name Association (DNA), an industry trade
38
As introduced, the so-called Healthy Domains Initiative consisted of four goals, the last
two of which relate to expanded intellectual property enforcement: addressing threats to
network security (e.g. malware, phishing, and pharming); eliminating child pornography
and child abuse imagery; streamlining the handling of complaints related to so-called
rogue pharmacies; and establishing a UDRP-like voluntary system for handling copyright
infringement.39 Of the four, only the first is related in any meaningful way to the IANA
functions.
Policy (Copyright ADRP).40

Registry (PIR) announced plans to adopt a Systemic Copyright Infringement Alternative
41
PIR, which controls the .org gTLD, is listed on the
42
programme.
This section summarizes the publicly available information about the two plans,
(p. 643)
both of which were abruptly put on hold almost as soon as they became publicly known.43
jected to the closed development process, among other, substantive concerns.44
Page 10 of 17

and the DNS
4.2.1
would be available for voluntary participation by registries and registrars who would like
45 The promise of adherence to
gramme described earlier, in which the registry operator functions as an unconstrained,

all-in-one investigator, adjudicator, and enforcer. Participation in the Copyright ADRP
would become binding on registrants through provider-drafted terms of service, as with
the UDRP. The system would thus be voluntary only for registries and registrars; it would
be mandatory for registrants.
46
ties; nor could registrars, although registrars would be permitted to intervene in disputes
at their discretion.
The programme would be administered by an ADR provider and staffed by third party
istry operator or registrar is located. Decisions rendered by neutrals could be appealed

by either the complainant or the registrant to a court of competent jurisdiction. The only
name. Defaults by non-responsive registrants would result in automatic suspension or
47
(p. 644)
ments of the prima facie claim would be or what qualifications would be required for
third party neutrals. All of the same concerns about structural pro-complainant bias that
posed Copyright ADRP. As with the UDRP, complaining rightholders under the Copyright
an existential incentive to make and keep rightholders happy.
4.2.2
Pirate Bay, PIR has been the target of public demands from the RIAA to cancel the
48
court order.49
Page 11 of 17

and the DNS
the .org namespace, but she is uncomfortable with the lack of due process inherent in the
50
mise between the full due process afforded by public courts and the complete lack of due
vironment where zero due process has been floated as the replacement for full due
process, some due process takes on the appearance of middle ground. Considering the
practices in preparation for the bigger win represented by the SCDRP. The reach of the
would accrue to all rightholders, not just Hollywood studios. PIR administers 10.3 million
domain names in the .org gTLD alone.51
olution. ICANN requires PIR to require registrants to:
acknowledge and agree that PIR reserves the right to deny, cancel or transfer any
tus, (p. 645)

52
serves the right to place upon registry lock, hold or similar status a domain name during
53
These provisions, which specifically reference ADR, appear
low PIR to implement the SCDRP at some future date.
54
clude copyright or trade mark infringement.55
If PIR were to implement the SCDRP, the RIAA would almost certainly succeed in having
sociated with a lawsuit against its long-time nemesis. Any resistance from EasyDNS
down provision and thereby subject to the SCDRP and its penalty of domain transfer.
ADRP.56 It is all but certain, however, that these plans will be reintroduced in the future.
Page 12 of 17

and the DNS
When they are, open internet and human rights advocates will (and should) be quick to
respond. In the meantime, it is unclear exactly what the DNA and PIR are waiting for, or
ers excluded from prior planning.
5. Conclusions
In the United States, in the seemingly quiet years between the defeat of SOPA and the
passage of FOSTA, voluntary agreements between corporate intellectual property (p. 646)
rightholders and online intermediaries proliferated. These agreements were formed and
are operating in the shadow of democratic process, without the checks and balances that
ture, private law enforcement actions taken under these agreements reach far beyond the
ment in this regulatory space has been the penetration of privately ordered site-blocking
termediaries.
The adoption and normalization of privately ordered domain blocking within the DNS is
troubling because DNS infrastructure has been, until now, dedicated to addressing and
navigational functions that are independent of content-related considerations. There are
tion layer, and that any content-related law enforcement action by DNS intermediaries
against domain name registrants be subject to court orders. Privately ordered intellectual
property enforcement in the DNS should be resisted, whether it comes in the form of
trusted notifier agreements or mandatory ADR policies that are developed on the margins
of multistakeholder governance institutions.
Notes:
(1) Communications Decency Act 1996, s. 230 (US).
(2) Digital Millennium Copyright Act of 1998, s. 512 (US).
(3
(4) Stop Online Piracy Act 2011 (US).
(5) Allow States and Victims to Fight Online Sex Trafficking Act 2017 (US).
(6
Foreign Policy, 2017) <https://foreignpolicy.com/2017/11/13/its-the-beginning-of-the-
end-of-the-internets-legal-immunity/>.
Page 13 of 17

and the DNS
(7
ital Single Market and amending Directives 96/9/EC and 2001/29/EC [2019] OJ L130/92,
Arts 15 and 17.
(8
zung in sozialen Netzwerken, NetzDG) (Ger.).
(9
http://europa.eu/rapid/press-
release_MEMO-18-5711_en.htm>.
(10) See Natasha Tusikov, Chokepoints: Global Private Regulation on the Internet
(11
merce Law (Edward Elgar 2016).
(12) ibid. 188; Tusikov (n. 10) 66.
(13) See Milton Mueller, Networks and States: The Global Politics of Internet Governance
(14
come-2012-02-25-en> accessed 20 September 2018.
(15) See Bridy (n. 13) 1371.
(16) See ICANN, Uniform Dispute Resolution Policy, s. 4(a).
(17) See Panavision International LP v Toeppen, 141 F3d 1316 (9th Cir. 1998).
(18) See WIPO Statistics, Case Outcome (Consolidated): All Years <http://www.wipo.int/
amc/en/domains/statistics/decision_rate.jsp?year=>.
(19) ibid.
(20
Cardozo J. of Conflict Resolution 23, 54.
(21
(22
man of the Bd., ICANN, and Fadi Chehade, CEO, ICANN (5 March 2015) <https://
www.icann.org/en/system/files/correspondence/riaa-to-icann-05mar15-en.pdf>.
Page 14 of 17

and the DNS
(23) See Bridy (n. 13) 1368.
(24
EFF Deeplinks, 29 September 2016) <https://www.eff.org/deeplinks/
2016/09/shadow-regulation-back-room-threat-digital-rights
Internet Commerce
Association, 10 February 2017) <
cerned-with-proposal-to-enable-domain-transfers-based-upon-copyright-claims/>.
(25) See ICANN, Registry Agreement, s. 2.17 <https://newgtlds.icann.org/sites/default/

files/agreements/agreement-approved-31jul17-en.pdf>.
(26) ibid. 97.
(27
https://meetings.icann.org/en/marrakech55/
schedule/wed-dna-healthy-domains-initiative/transcript-dna-healthy-domains-
initiative-09mar16-en.pdf>.
(28 MPAA
News, 16 May 2016) <https://www.mpaa.org/press/radix-and-the-mpaa-establish-new-
partnership-to-reduce-online-piracy/>.
(29
Domainpulse, 28 June 2018) <http://www.domainpulse.com/2018/06/28/eurid-
iacc-team-up-fight-cybercrime/>.
(30
(31) This concept circulates in the EU policy conversation concerning voluntary measures
(32) See Letter from Stephen D. Crocker, Chair of the Board, ICANN, to Greg Shatan,
President, Intellectual Property Constituency (30 June 2016) <https://www.icann.org/en/
system/files/correspondence/crocker-to-shatan-30jun16-en.pdf>.
(33
Domain Name Wire, 28 February 2017) <https://domainnamewire.com/
2017/02/28/11-domains-affected-donuts-trusted-notifier-deal-mpaa/>.
(34
tronic Frontier Foundation Takedown Hall of Shame, 22 July 2018) <https://www.eff.org/
takedowns/topple-track-attacks-eff-and-others-outrageous-dmca-notices>.
(35) See Meeting Transcript (n. 27) 2.
Page 15 of 17

and the DNS
(36) ibid.
(37
(38
<http://domainincite.com/docs/DNA-Healthy-Practices-2017.pdf
(39) ibid. 2.
(40) ibid. Appendix D.
(41
Domain Incite, 7 February 2017) <http://domainincite.com/21517-the-pirate-bay-
likely-to-be-sunk-as-org-adopts-udrp-for-copyright>.
(42) DNA Membership List < https://thedna.org/current-dna-members/>.
(43
net Commerce Association, 25 February 2017) <https://www.internetcommerce.org/ica-
concerns-heard-on-copyright-udrp/>.
(44 Domain Incite

ruary 2017) <http://domainincite.com/21532-angry-reactions-to-udrp-for-copyright>.
(45 Business
Wire, 8 February 2017) <https://www.businesswire.com/news/home/20170208005354/en/
Domain-Association-Unveils-Healthy-Domains-Initiative-Practices>.
(46
(47) ibid.
(48) See Letter from Bradley Buckles, Executive Vice-President for Anti-Piracy, RIAA, to
Elizabeth Finberg, General Counsel, PIR (2 June 2016) <https://www.scribd.com/doc/
314979775/Redacted-Letter-to-Elizabeth-Finberg-Re-the-Pirate-Bay-Dated-6-2-16-Final>.
(49
rentFreak, 6 June 2016) <https://torrentfreak.com/riaa-fails-take-pirate-bay-domain-
now-160606/>.
(50) See Murphy (n. 41).
(51) See PIR, Frequently Asked Questions <https://pir.org/resources/faq/>.
Page 16 of 17

and the DNS
(52) See ICANN, .org Registry-Registrar Agreement, Appendix 8 s. 3.6.5 (October 2015)
<https://www.icann.org/sites/default/files/tlds/org/org-appx-08-pdf-17jul18-en.pdf>.
(53) ibid.
(54) PIR, Takedown Policy <https://pir.org/policies/org-idn-policies/takedown-policy/>.
(55) ibid.
(56
https://pir.org/systemic-copyright-infringement-alternative-
dispute-resolution-policy-scdrp/
the time of writing was the edited version.
Annemarie Bridy
Annemarie Bridy is the Allan G. Shepard Professor of Law at the University of Idaho
College of Law, an Affiliate Scholar at the Stanford Law School Center for Internet
ety Project (ISP). Email: annemarie.bridy@gmail.com.
Page 17 of 17

Accountability and Responsibility of Online Intermediaries
aries
Giancarlo Frosio Martin Husovec
cial emphasis on the emergence of voluntary measures and private ordering. Looking at
pectations which are further developed through market transactions, business decisions,
and political pressure. Therefore, the real responsibility landscape is equally determined
by a mixture of voluntary agreements, self-regulation, corporate social responsibility, and
ad hoc deal-making. Accountability schemes can differ significantly, ranging from legal
entitlements to request assistance in enforcement to entirely voluntary private-ordering
schemes. This chapter provides a mapping of these basic approaches in order to illustrate
ades and follow-the-money strategies, private denial of service (DNS) content regulation,
and online search manipulation, are discussed to complement the typical legal liability
view of the regulation of intermediaries. The discussion of these enforcement strategies
will be framed within the investigation of notions such as market and private ordering,
corporate social responsibility, assistance in enforcement of a innocent third party made
accountable although not liable and public deal-making.
Keywords: online intermediaries, private enforcement, liability, responsibility, accountability, market,

tion, voluntary measures, corporate social responsibility, public deal-making
LEGAL
providers (OSPs) to affect the informational environment is exceptional.1

mia, policymakers, and society increasingly ascribe a public role to online
intermediaries.2
3
The discourse focuses
more and more on the moral responsibilities of OSPs in contemporary societies and aims
Page 1 of 21

ple corporate social responsibilities or human rights. Responsible behaviour beyond the
(p. 614) their
4
role in implementing and fostering human rights. In the introduction to
ties of Online Service Providers
to
what kind of responsibilities OSPs should bear, and which ethical principles should guide
5
fication for policy intervention would be based on responsibility for the actions of users as
opposed to efficiency or balance innovation vs harm.6
7
Again, in another Communication, the Commission made this goal even clearer by
8
against illegal activities.9

in setting up and applying voluntary cooperation mechanisms aimed at depriving those
10
swiftly remove illegal materials, instead of reacting to complaints. They would be called
proactive measures to detect and remove illegal content
11
gies.12
child sexual abuse, and hate speech.13
Looking at the legal liability rules always tells only half of a story. Legal rules are often
ness decisions, and political pressure. Therefore, the real responsibility landscape is
equally determined by a mixture of voluntary agreements, self-regulation, (p. 615)
ly voluntary private-ordering schemes. In this chapter, we try to provide a mapping of

these approaches in order to illustrate the richness and trade-offs associated with such
measures. Miscellaneous policy and enforcement tools, such as monitoring and filtering,
graduated response, payment blockades and follow-the-money strategies, private DNS
ical legal liability view of the regulation of intermediaries.
Page 2 of 21

1. Tools for Increasing Responsibility
duct, three-strike schemes, voluntary filtering, online search manipulation, follow-the-
alized, ongoing move towards privatization of law enforcement online through proactive
pectations created by the legal liability framework. Inherently, their common trajectory is
towards a more proactive tackling of illegal or otherwise objectionable content.
However, these policies often differ in the way in which they come about. Even the same
type of enforcement arrangements, such as graduated response, can be the result of a
private-ordering scheme, ad hoc governmental policy administered by agencies, or of the
application of legal claims to assistance in enforcement. In this section, we provide a brief
mapping of different arrangements which have been developed over the years. In the
next section, we then highlight how the mechanisms
nificant consequences for the parameters of the rule of law, due process, transparency, or
cost allocation.
1.1 Graduated Response
connection strategy. The French HADOPI Act and other countries such as New Zealand,
South Korea, Taiwan, and the UK, have mandated gradual response schemes, (p. 616)
tually managed by administrative agencies, rather than intermediaries.14
try-led self-regulation makes up the largest part of graduated response schemes as in the
15
CAS implemented a system of multiple alerts. After a fifth alert, ISPs were allowed to take
16
Mitigation measures included
ter or reviews and responds to some educational information about copyright, or other
17
In Australia, an industry-negotiated graduated response code was
tion as an industry code, requiring ISPs to pass on warnings to residential fixed account
holders who were alleged to have infringed copyright.18
Page 3 of 21

ed Response Protocol under which Eircom would issue copyright infringement notices to
customers, after a settlement had been reached between record companies and Eircom.19
The Irish Supreme Court later upheld the validity of the scheme against an Irish Data
the Protocol.20 Recently, an agreement has been negotiated between major British ISPs
Content UK.21 This voluntary scheme would implement four educational-only notices or
alerts sent by the ISPs to their subscribers based on IP addresses supplied by the
rightholders, where the IP address is alleged to have been used to transmit infringing
content.22
(p. 617) 1.2 Changes to Online Search Results
tively illicit activities online through voluntary measures and private ordering. Demotion
spans multiple subject matters and online allegedly illicit activities. Starting from the
untary Code of Practice dedicated to the removal of links to infringing content from the
first page of search results.23 However, Google have been demoting allegedly pirate sites
count the number of Digital Millennium Copyright Act (DMCA)-compliant notices for each
website.24 Shortly thereafter, in 2014, Google started to demote autocomplete predictions
returning search results containing DMCA-demoted sites.25
Voluntary measures have been traditionally implemented with regard to manifestly illegal
content, such as child pornography.26
tory measures for revenge porn, which Google delists from internet searches.27
venge porn publishers in the past,28

nology to stop revenge porn and proactively filter its reappearance.29
nipulation and demotion begun to be applied to curb extremism and radicalization. Plans
tion videos and links more prominent.30
(p. 618) 1.3 Payment Blockades and Follow the Money
31
In its Joint Strategic Plan for Intellectual Property Enforcement, the
strategy.32
Page 4 of 21

proach.33 According to the Commission, follow-the-money mechanisms should be based

on a self-regulatory approach through the implementation of codes of conduct, such as
34
bile, tablets, or set-top boxes), thereby minimising the funding of IP infringement through
35
sured to act as IP enforcers, extending the reach of IP law to websites operating from
servers and physical facilities located abroad.36
press, Discover, MasterCard, Visa, and PayPal, PULSE, and Diners Club entered into a
best practice agreement with thirty-one major rightholders.37 The voluntary agreement
tional AntiCounterfeiting Coalition (IACC).38
been used as pressure points against protected speech. Inter alia, payment blockades
crippled Wikileaks of 95 per cent of its revenues, when PayPal, Moneybookers, Visa, and
MasterCard stopped accepting public donations. No legal proceedings were ever actually
initiated against Wikileaks. In Backpage v Dart
(p. 619)
39
ads site. The credit card companies both complied, cutting off services to the entire
40
pressure amounted to a prior restraint on speech.41 The case was finally appealed to the
Seventh Circuit, which reversed the previous decision and upheld a prior restraint on
speech defence.42 As it turned out, however, a single action from a governmental official
line business operating worldwide.
The Backpage case highlights how intermediaries often face business incentives that
make them more likely to yield to pressure. In the United States, a prior restraint on
a business,43 still this is costly and uncertain to prove.
Other tools which were developed to tackle money flow are information disclosures
against payment providers. The European system of information disclosures against third
parties was used in litigation to unveil the identity of potential infringers by invoking
these measures against banking institutions. Although the courts recognized the interest
in secrecy and data protection as important, their application has to be balanced with the
right to an effective remedy of IP rightholders.44
Page 5 of 21

1.4 Private DNS Content Regulation
Domain hopping would evade law enforcement by moving from one ccTLDs (country code
top-level domains) or gTLDs (generic top-level domains) registrar to another, thus driving
up time and resources spent on protecting IP right. In this context, responsible behaviour
plicates internet infrastructure and governance.45

ingly directly involved with online content regulation through its contractual facilitation
for the new gTLDs embeds support for private, DNS-based (p. 620) content regulation on
ing suspension of the domain name.46
47
In general, as Bridy
48
1.5 Standardization
The European Commission also increased pressure through its soft law by creating a set
of expectations that should be followed by the intermediaries to avoid further regulation.
ing the view that:
In order to ensure a high quality of notices and faster removal of illegal content,
criteria based notably on respect for fundamental rights and of democratic values
could be agreed by the industry at EU level. This can be done
tory mechanisms or within the EU standardisation framework
ticular entity can be considered a trusted flagger, allowing for sufficient flexibility
dards and quality assurance, as well as legal safeguards as regards independence,

conflicts of interest, protection of privacy and personal data, as a non-exhaustive
list.49
In addition, especially in the domain of terrorist propaganda, extremism, and hate
mous notification systems.50 The goal of these mechanisms is to standardize procedures,

relationships with the notifying parties, and the technologies used to (p. 621) implement
Page 6 of 21

gal framework.
1.6 Codes of Conduct
In the aftermath of the refugee crisis, the fight against online hate speech became one of
ers were perhaps the most inclined to regulate the removal of hate speech. Because self-
er EU Member States threatened to bring in a law to impose heavy fines on a platform

failing to take down hate-based criminal content.51
In response to this, the European Commission acted swiftly by coordinating EU-wide self-
citement to terrorism, and prevent cyber-bullying.52 As an immediate result of this new
gal hate speech online in Europe.53

tice and takedown for illegal hate speech that will be removed within twenty-four hours
or special channels for notices from government and NGOs to remove illegal content.54 In
ist propaganda.55
nism increasing responsibility. Historically the first was the Memorandum of (p. 622)
derstanding in the area of trade mark infringements.56

sion adopted a new Code of Practice against disinformation.57
1.7 Filtering
enforcement strategy online.58

vate-ordering approach following pressure from rightholders and government to purge
suits launched against them,59 YouTube and Vimeo felt compelled to implement filtering
mechanisms on their platforms on a voluntary basis. Google launched Contend ID in
2008.60 Vimeo adopted Copyright Match in 2014.61
gerprinting to match an uploaded file against a database of protected works provided by
rightholders.62
Technologies from these initiatives inspired part of the solutions debated within the 2019
Page 7 of 21

sary information to trigger such technologies. According to some, this effectively means
the imposition of filtering content-recognition technologies to prevent the availability of
infringing content.63
Enforcing online behaviour through automated or algorithmic filtering and fair use is
heavily debate in the literature. Julie Cohen and Dan Burk argued that fair use cannot be
quired instead.64
sult, subjects online speech and cultural participation to a new layer of private ordering
65
According to Matthew Sag, automatic copyright-filtering systems
(p. 623)
66
On the other hand, Niva
67 68
Elkin-Koren and Husovec
dress the concerns of overblocking on a large scale and with the necessary speed.
69
ism.70 When one company identifies and removes such a piece of content, the others will
be able to use the hash to identify and remove the same piece of content from their own
network.71
been widely used to find the pictures and stop their distribution.72
ing used by the Internet Watch Foundation, which operates its dedicated internet
crawler,73 and private firms, such as Microsoft, Twitter, Google, and Facebook for some of
their own products.74
tives with special emphasis on tackling the dissemination of terrorist content online. In a
recent Recommendation, the Commission singled out automated filtering means as the
optimal policy solution:
diately prevent content providers from re-submitting content which has already
been (p. 624) removed or to which access has already been disabled because it is
considered to be terrorist content75
dorses similar principles and is under consideration before the EU Parliament.76
Page 8 of 21

1.8 Website-Blocking
Another enforcement tool popularized in the area of IP law has been website-blocking
measures.77 These injunctions led to considerable case law in some of the Member States.
ropean Union.78 These measures were then sometimes adopted in national law by means
of administrative regulations which entrusted authorities with special powers to block
websites under specific conditions.79
Even before these court-imposed injunctions entered the European landscape, a number
of providers were engaging in voluntary website-blocking schemes. Perhaps the most
prominent of these was the anti-child abuse programme operated by the Internet Watch
Foundation (IWF).80 In 2002, IWF started distributing its URL list for the purposes
(p. 625) of implementing blocking or filtering solutions.81 Next to internet access
providers, a number of other technological companies voluntarily subscribe to the list.82
2. Mechanisms and Legal Challenges

After reviewing the most significant ways in which the landscape of responsibilities is
shifting beyond the mere legal liability-imposed baseline, it is time to highlight how these
are the result of different mechanisms.
2.1 Market and Private Ordering
In particular in the area of IP, much of the increased responsibility is a result of private
pears rational given the business dealings with rightholders.
own responsibility.83 First of all, is user experience. Often, illegal content misleads users
or attempts to defraud them. For instance, it makes commercial sense for a newspaper to
couraged from contributing themselves84

aries. Secondly, is credibility and reputation, which services often strive to achieve. More
tising or other investments. For instance, Yelp, despite having no legal obligation to do so,
has incorporated a right-to-reply into its review service after public pressure from the
business community.85
Perhaps more typical situations are when increased responsibility results from market
transactions. Some rightholders might be in a position to cut deals with platforms, or
leverage their existing business relationships. To give an example, Amazon, asking its
Page 9 of 21

users to review their purchasing experience with sellers, is in a business relationship

(p. 626) with both sellers and users (buyers). Sellers will certainly voice their concerns
about fraudulent reviews in negotiations about conditions for sale, and failure to respond
to such demands could lead them away from Amazon to its competitors. Provided that the
market is competitive, Amazon must internalize the harm of its customers by action. A
different type of rightholder is existing business partners which have other leverage
points. It has been observed in many countries that voluntary enforcement schemes were
usually initiated when intermediaries such as internet access providers tried to vertically
integrate into markets where they had to do business with major rightholders and license
their content (e.g. video on demand). Licence agreements then often served as a tool for
vices.86
The measures discussed earlier, especially filtering and changes to online searches, could
tion for YouTube which was not interested in continuous takedown of content and needed
a way credibly to monetize videos and increase collaboration with rightholders. The
downside of these privately agreed-on solutions is that they happen entirely in the dark,
and thus the public has very little information about them. Terms of their operation are
out governmental intervention, exposure to legal safeguards is more challenging. Human

rights were, after all, designed to protect against the state.
2.2 Corporate Social Responsibility
Corporate social responsibility theory has been ported to cyberspace to deploy human
tional human rights law.87 Arguments have been made that obligations pertaining to
freedom as a human right88 89 (p. 627)
Other international instruments to that effect have been identified in the Declaration of
Human Duties and Responsibilities,90
ties of Transnational Corporations and Other Business Enterprises,91 and the UN Guiding
Principles on Business and Human Rights.92 In 2014, the UN Human Rights Council
adopted a resolution on the promotion, protection, and enjoyment of human rights on the
ty to ensure human rights.93
In the EU, the Directive on the disclosure of non-financial and diversity information by
94
ployee matters, respect for human rights Recital 9
nancial performance information should help investors, consumers, policymakers, and
Page 10 of 21

rectly encourage them to develop a responsible approach to business.95
Corporate social responsibility is sometimes hard to distinguish from another reason why
96
Unlike in other areas, the risk of Facebook being held liable for disinformation is often
forts as part of its ambition to be a good citizen, its corporate social responsibility.
The obvious downside of the corporate social responsibility approach is that it does not
nies will act in a responsible way. The expectations are very often very vague and thus
hard to measure or evaluate.
(p. 628) 2.3 Involuntary Cooperation in IP Rights Enforcement
and bear much of the risk of online enforcement. Husovec has argued that European
Union law increasingly forces internet intermediaries to work for the rightholders by
making them accountable even if they are not tortiously liable for the actions of their
users.97 According to Husovec, the shift from liability to accountability has occurred by
derailing injunctions from the tracks of tort law.98 The practical outcome of this is that
rightholders can potentially ask for all sorts of help in enforcement of their rights without
having to argue about what the intermediaries did wrong. This is because the sole reason
for their involvement is that they are in a position which attracts responsibility as such.
From the examples discussed, we can see a number of enforcement tools originating in
this mechanism. Website-blocking orders are the primary example.
The approach of adding duties of responsibility beyond those provided in the liability
Harms White Paper published in 2019 reinforces this discourse by proposing a new duty
of care towards users, holding companies to account for tackling a comprehensive set of
online harms, ranging from illegal activity and content to behaviours which are harmful
but not necessarily illegal.99
100
Violation of the duty of care would be assessed separately from liability for particular
duty to cooperate on the providers and turns it into a separate form of responsibility,
which is enforceable by public authorities by means of fines.101 At the same time, it leaves
the underlying responsibility for individual instances of problematic content intact.
Page 11 of 21

2.4 Public Deal-Making
nomenon of deal-making with public authorities. As a result of liability safe harbours,
tively have the power to decide about content which users post. However, this power is
not supplement by a responsibility towards their users to respect their rights of speech in
(p. 629)
102 103
This responsibility gap
moval of information without following a proper process. Again, public deal-making is
here closely intertwined with the interest of platforms to avoid new forms of regulation.
In Against Jawboning
mediaries that spans a large variety of content types and subject matter.104 Bambauer
105
intermediaries play along and adopt the solutions pushed.
mental pressure.106
nent European example. The problem of these solutions is due process, prior restraint,
and generally the applicability of the human rights safeguards.107
2.4 Circulation of Solutions
As demonstrated by a number of examples, sometimes solutions that first originated in

private-ordering or injunction cases, eventually inspired changes in the law. For instance,
der. For instance, the HADOPI Acts inspired private plaintiffs to demand similar solutions
in countries where legislation was absent, for example Ireland,108
dering schemes in the United States.109

The responsibility of intermediaries has emerged as a powerful slogan for policymakers.
The European Commission has plainly admitted in recent documents that the forthcoming
mediary liability arrangements. In turn, this theoretical approach portends the enhanced
Page 12 of 21

involvement of private parties in online governance and a broader move towards private
dress an unprecedented challenge in terms of global human semiotic behaviour would
perspective.
This development poses plenty of challenges. First, enforcement through private ordering
110
111
Finally, tightly connected to the points above, transferring regulation and adjudication of
internet rights to private actors highlights the inescapable tensions with fundamental
ing effects, or curbing due process.
Notes:
(1
as gatekeepers to content and information, increases their responsibilities towards their
(2) Pressure comes increasingly from users as well as recent lawsuits against platforms
CNBC
cember 2016) <http://www.cnbc.com/2016/12/21/orlando-nightclub-victims-families-sue-
twitter-google-facebook.html>.
(3) Andrew Shapiro, The Control Revolution: How the Internet is Putting Individuals in
Charge and Changing the World We Know (Public Affairs 2000) 225.
(4) See Emily Laidlaw, Regulating Speech in Cyberspace: Gatekeepers, Human Rights and
Corporate Responsibility
Mariarosaria Taddeo and Luciano Floridi (eds), The Responsibilities of Online Service
Providers
Page 13 of 21

(5
(6) For further discussion on justifications for intermediary liability, see Chapter 3
tion 4.
(7
(8) See Communication (n. 1).
(9) ibid. s. 3.
(10) See Communication (n. 7) 8.
(11
sures does not lead online platforms to automatically lose the hosting liability exemption
provided by the e-Commerce Directive).
(12) ibid. s. 3.3.2.
(13) Communication (n. 7) 9.
(14) See Law no. 2009-669 of 12 June 2009, promoting the dissemination and protection
ber 2009, on the criminal protection of literary and artistic property on the Internet, Arts
7 and 10 (Fr.) (providing internet suspension sanctions for those using the internet to
ternet access); Copyright (Infringing File Sharing) Regulations 2011 (NZ); Copyright Act
as amended on 22 January 2014, Art. 90-4(2) (Taiwan); Digital Economy Act 2010 (UK)
(15 ArsTechnica, 30 January

2017).
(16) See Center for Copyright Information, Copyright Alert System (CAS) <http://
web.archive.org/web/20130113051248/http://www.copyrightinformation.org/alerts>.
(17) ibid.
(18
http://www.commsalliance.com.au/__data/assets/pdf_file/0005/48551/
C653-Copyright-Notice-Scheme-Industry-Code-FINAL.pdf>.
(19 http://www.eir.ie/notification/
legalmusic/faqs>.
(20) See EMI v Data Protection Commissioner [2013] IESC 34 (Ire.).
Page 14 of 21

(21) Creative Content UK <http://www.creativecontentuk.org>.
(22) ibid.
(23
https://www.gov.uk/government/
news/search-engines-and-creative-industries-sign-anti-piracy-agreement>.
(24
merce Law (Edward Elgar 2016) 200.
(25) ibid.
(26
(27 The
Guardian, 21 June 2015) <https://www.theguardian.com/technology/2015/jun/20/google-
excludes-revenge-porn-internet-searches>.
(28
The Guardian, 26 June 2015) <https://www.theguardian.com/technology/
2015/jun/26/facebook-ordered-by-dutch-court-to-identify-revenge-porn-publisher>.
(29
Wired, 6 April 2017).
(30
The Guardian, 2 February 2016) <http://buff.ly/20J3pFi>.
(31
(32
(33
(34
http://
ec.europa.eu/docsroom/documents/19462/attachments/1/translations/en/renditions/
native>.
(35) ibid.
(36) ibid. 1523.
Page 15 of 21

(37
(38) See Bridy (n. 31) 1549.
(39) See Letter from Sheriff Thomas J. Dart to Mr Charles W. Scharf, Chief Executive, Visa
Inc. (29 June 2015) <http://cdn.arstechnica.net/wp-content/uploads/2015/07/
backpageexhibit.pdf>; Letter from Sheriff Thomas J. Dart to Mr Ajaypal Banga, President
and Chief Executive Officer, MasterCard Inc. (29 June 2015).
(40
EFF, 6 July 2015) <https://www.eff.org/deeplinks/
pagecom>.
(41) See Backpage.com v Sheriff Thomas J. Dart

plaint for Injunctive and Declaratory Relief and Damages).
(42) See Backpage.com v Sheriff Thomas J. Dart, 807 F.3d 229 (7th Cir. 2015) (US).
(43) See Charter of Fundamental Rights of the European Union [2000] 2000/C OJ 364/1,
Art. 16.
(44) See C-580/13 Coty Germany.
(45) See, for further in-depth review of this enforcement strategy, Chapter 32.
(46
creditation Agreement (2013) s, 3.18.
(47 http://
www.donuts.domains/images/pdfs/Trusted-Notifier-Summary.pdf>.
(48
(49) See Communication (n. 1) s. 3.2.1.
(50) ibid. ss. 3.2.1. and 3.2.3.
(51
durchsetzung in sozialen Netzwerken, NetzDG) (Ger.).
(52) See Communication (n. 7) 10. Several other documents coming out of the EU on anti-
radicalization and countering extremism, including the UK Counter Extremism Strategy
emphasize a stronger role for intermediaries in policing online content. See European
Page 16 of 21

2015/2063(INI); Home Department (UK), Counter-Extremism Strategy (Cmd 9148, 2015).
(53
http://
(54) ibid.
(55
Google Blog, 5 December 2016) <
ing-help-curb-spread-terrorist-content-online>.
(56
ment/memorandum-of-understanding-online-advertising-ipr_en>.
(57 2018)
<https://ec.europa.eu/digital-single-market/en/news/code-practice-disinformation>.
(58) See Chapters 28 and 29.
(59) See , 676 F.3d 19 (2d Cir. 2012) (US); Capitol Records LLC
v Vimeo, 826 F.3d 78 (2d Cir. 2015) (US).
(60 https://support.google.com/youtube/answer/
2797370?hl=en>.
(61
The Verge, 21 May 2014) <https://www.theverge.com/2014/5/21/5738584/vimeo-
copyright-match-finds-and-removes-illegal-videos>.
(62) YouTube (n. 60).
(63) See Chapter 28, Section 4.2.
(64
https://ssrn.com/
abstract=239731>.
(65
(66) ibid.
(67
Page 17 of 21

(68
(69
Reuters, 25 June 2016) <http://
www.reuters.com/article/us-internet-extremism-video-exclusive-idUSKCN0ZB00M>.
(70
The Guardian, 6 December 2016) <https://www.theguardian.com/technology/
2016/dec/05/facebook-twitter-google-microsoft-terrorist-extremist-content>.
(71
room, 5 December 2016) <https://newsroom.fb.com/news/2016/12/partnering-to-help-
curb-spread-of-online-terrorist-content>.
(72 https://www.microsoft.com/en-us/photodna>.
(73
NetClean, 11 February 2019) <https://
ual-abuse-material-the-internet-watch-foundation>.
(74 https://en.wikipedia.org/wiki/PhotoDNA>.
(75
(76
PROV(2019)0421.
(77) See, inter alia, Chapters 4, 16, 20, and 29.
(78
(79) See e.g. AGCOM Regulations regarding Online Copyright Enforcement, 680/13/
CONS, 12 December 2013 (It.) (providing AGCOM with administrative power to enforce
dated text of the Copyright Act, 12 April 1996 (as amended by the Law No. 21/2014, 4
who infringe copyright); Omnibus Bill no. 524 of 26 June 2013, amending provisions in
Page 18 of 21

atives online); Federal Law no. 139-FZ, on the protection of children from information
Registry and site-blocking enforcement); Act on the establishment and operation of Korea
Communications Commission (KCC) last amended by Act no. 11711 of 23 March 2013
(Kor.) (establishing the KCC implementing deletion or blocking orders according to the
ed by the same law). For further in-depth discussion of administrative enforcement of IP

rights online, see Chapter 30.
(80 https://www.iwf.org.uk/become-a-member/services-for-
members/url-list/url-list-policy>.
(81) ibid.
(82 https://www.iwf.org.uk/become-a-member/services-
for-members/url-list/iwf-url-list-recipients>.
(83) See Marin Husovec,

countable But Not Liable? (CUP 2017) 13.
(84) For an overview of industry practices and their corresponding business reasons, see
Emma Goodman, Online Comment Moderation: Emerging Best Practices (WAN-IFRA
2013) <
ing-best-practices>.
(85 New York

Times
New York Times, 10 April 2009).
(86) e.g. in the Netherlands, US rightholders, such as Disney and Warner, attempted to
leverage their rights to content, when some Dutch providers decided to start providing
Bits of Freedom
rently Ziggo, in a press release from 2006 stated that, in the course of a VOD-deal, they
also agreed to a three-strike regime).
(87) See Laidlaw (n. 4) (noting that ultimately, however, the largely voluntary nature of
nance tool for international internet gateways (IIGs) and freedom of speech).
(88
Page 19 of 21

(89
(90
tion) (1998).
(91
ness Enterprises (13 August 2003).
(92
(93
(94) Directive 2014/95/EU of the European Parliament and of the Council of 22 October
2014 amending Directive 2013/34/EU as regards disclosure of non-financial and diversity
sis added). See also ibid. Art. 19a.
(95) This information should be available in company reports starting from 2018.
(96 Facebook
for Media, 7 April 2017) <https://www.facebook.com/facebookmedia/blog/working-to-
stop-misinformation-and-false-news>.
(97) See Husovec (n. 83).
(98) ibid.
(99) See Department for Digital, Culture, Media & Sport and Home Department, Online
Harm White Paper (CP 59, 2019).
(100) ibid. 67.
(101) ibid. 59.
(102
(103
https://www.lawfareblog.com/who-
do-you-sue-state-and-platform-hybrid-power-over-online-speech>.
Page 20 of 21

(104
formal enforcement measures, such as threats, at the edge of or outside their authority).
(105
(106
(107
(108) See Sony Music Entertainment (Ireland) Ltd v UPC Communicaitons Ireland Ltd (No.
1) [2015] IEHC 317.
(109
Electronic Frontier Foundation, 6 February 2017) <https://www.eff.org/deeplinks/
2017/02/its-end-copyright-alert-system-we-know-it>.
(110
(ed.), The Future of Copyright in a Digital Environment
(111
Giancarlo Frosio

gcfrosio@ceipi.edu.
Martin Husovec
Martin Husovec is Assistant Professor at the University of Tilburg (Tilburg Institute

for Law, Technology and Society & Tilburg Law and Economics Center) and Affiliate
Scholar at Stanford Law School Center for Internet and Society. Email:
martin@husovec.eu.
Page 21 of 21

Administrative Enforcement of Copyright Infringement in Europe
Administrative Enforcement of Copyright Infringement

in Europe
Alessandro Cogo Marco Ricolfi
Print Publication Date: May 2020

Subject: Law, IT and Communications Law, Intellectual Property Law
able difficulties that the enforcement of copyright faces in a digital environment. This
chapter describes first the European landscape of administrative bodies entrusted with
the enforcement of copyright infringement online, with special emphasis on Greece, Italy,
tive bodies operate with emphasis on the TRIPs Agreement, EU law, and the EU Charter
dies, transparency, and safeguards against abuse. Finally, the chapter elaborates on the
implementation of the AGCOM Regulation in practice, providing data from the case law
developed so far.
Keywords: online intermediaries, Europe, Italy, Spain Greece, administrative enforcement, blocking orders, notice-
and-takedown
*
IN the last few decades, the involvement of administrative bodies in the enforcement of
copyright has expanded in several countries. However, administrative enforcement is by
fline, analogue environments.1 There, its perimeter has usually remained quite limited to
vironment.2
velopments may have played a role. Indeed, in the last decades internet services (p. 587)
providers (ISPs) were required in many jurisdictions to put in place filtering and blocking
Page 1 of 31

cessed by minors or fighting phenomena such as pedopornography.3 The availability of

this tool may have suggested granting public administrations the power to require ISPs to
extend the use of the newly acquired technological tools to also combat online copyright
piracy.
difficulties the latter option may entail. As countering online infringement of copyright
may resort to a variety of tools, including soft law instruments,4 it stands to reason that
from time to time the adopted mix depends to some extent on the overall context. So, it
has been suggested that resort to public administration powers may in some countries
have been prompted by failures in self-regulation.5
tive involvement. Diplomatic sources indicate that the US administration put considerable
ceived as laggards in combating copyright piracy.6 This is particularly true in the case of
Spain, Italy, and Greece, which in fact are the European jurisdictions that in the last
decade resorted to administrative enforcement of copyright.
A quite different story is the basis of the adoption in France of the measure known as
7 (p. 588)
ers. This form of administrative intervention is of limited interest in this chapter, which
8
Accordingly,
HADOPI focuses on action directed towards end-users accessing illegal content and
adopts an approach which has not been followed by other European countries as it has
proved both unpopular and legally questionable.9
forcement of copyright by courts entails jurisdictional safeguards. In fact, prior notice of

the alleged infringer, due process, and transparency are essential components of judicial
involvement.10 In all these regards, algorithmic enforcement of copyright online11
ed at the opposite end of the spectrum: to the extent that it entails automated blocking, it
rithmic enforcement. Where this point is to be found largely depends on the institutional
arrangements from time to time adopted, to which we now turn our attention.
Page 2 of 31

1. The European Landscape: Spain, Italy, and

Greece
Spain was the first European jurisdiction to opt for the administrative enforcement of
copyright.12
ed (p. 589) by Law 2/2012 of 29 June 2012, which has since been incorporated into the
Spanish Copyright Act by Law 2/2019.13
trative body set up in 2011 under the oversight of the Ministry of Culture, currently acts
with the powers conferred on it by Article 193(2) of Law 2/2019.14
torità per le garanzie nelle comunicazioni, AGCOM),15 by decision no. 680/13 adopted a
Regulation concerning copyright enforcement on electronic communications networks
and the corresponding implementing procedures. This initial measure was amended by
decision no. 490/18.16 The departments in charge are the Directorate for Media Services
Board Committee of the same Directorate.
Finally came Greece. Article 52 § 1 of Law No. 2281/2017 introduced a new mechanism to
ture and Sports.17
ations on 3 September 2018.18
tions are primarily ISPs.19

online infringement, as online infringement may not be carried out without resorting to
hosting or access providers.20 Nevertheless, this does not mean that under (p. 590)
gal rules currently prevailing in these jurisdictions, they themselves are also necessarily
deemed either direct or contributory infringers.21
fringing, they may still receive injunctive remedies.22 This outcome can be accounted for
selves, their position is that of nominal, rather than effective, defendants in infringement
proceedings.23
The remedies adopted by the legislative systems under review encompass a variety of
measures. Usually, these measures are described as resorting to a dichotomy: access-
blocking and takedown orders, the former directed to access providers and operating ex
ante, the latter directed to hosting providers and operating ex post.24
Page 3 of 31

zation.25 While takedown is normally understood to be removal of the infringing content
ders directed towards hosting providers to selectively disable or block access to websites
and web pages carrying infringing material.26 Also, takedown orders to (p. 591)
termediaries may become stay-down orders when the intermediary is asked to ensure
that the infringer does not repeat the same violation.27 For their part, it is access
ders.
In either case, all these orders raise concerns when they deny access to IP addresses
wards a page indicating that the requested address or page has been disabled.
This approach may have several advantages over alternative options. First, it steers clear
of direct attacks against end-users,28
ous fundamental rights concerns.29 Secondly, while resort to mechanism such as notice
and takedown (NTD) in itself may prove ineffective, since the owner of the website or the
web page may well keep infringing just by opening a new website, a blocking order may
dered to be blocked. This allows rightholders to respond effectively to efforts made by the
website operators to circumvent the orders by changing their IP addresses or URLs.30
Thirdly, administrative enforcement is often resorted to in preference to action before the
courts, where jurisdictional proceedings may be deemed to involve shortcomings, in
terms of speed, formalities, and costs.
However, several questions loom large over administrative enforcement. To begin with,
ment by other private players; while administrative bodies, in all the systems considered,
are supposed to act in the public, rather than private, interest. This tension raises the
question whether and to what extent administrative enforcement of copyright (p. 592)
(and of intellectual property at large) is admissible under the legal principles of the, from
come opens up a number of consequential questions. More specifically, the question is

bound to arise whether the applicable administrative proceedings are amenable to the
kind of safeguards characteristic of jurisdictional actions mandated by supranational
right is rooted.
Page 4 of 31

2. The Legal Context

2.1 International and EU Legislative Provisions
2.1.1 TRIPs
ment on Trade-Related Aspects of Intellectual Property Rights (TRIPs Agreement),31

which in Part III deals with the enforcement of intellectual property rights. While the
TRIPs Agreement provides that intellectual property rights (IPRs) may also be protected
form to principles substantially equivalent to judicial proceedings.32
trative decisions,33 34
35, both in connection with actions on the merits and interlocutory relief.36
(p. 593) 2.1.2 The EU

At the EU level, the relevant provisions result from the interplay of three separate sets of
provisions.
First, all the last paragraphs of each of the three provisions of the e-Commerce
Directive37
This provision clearly opens the way for setting up administrative enforcement or, more
place, jurisdictional ones.38
Secondly, the Enforcement Directive details specific rules concerning both interlocutory
and final injunctions against intermediaries.39 Article 11 indicates in its third sentence
tion against intermediaries whose services are used by a third party to infringe IPRs. It is
true that the rules for the operation of these injunctions, relating to the conditions to be
ciples mandated by European law set clear limits on the enforcement powers conferred
by these provisions.40
Therefore, the Enforcement Directive raises the question of determining to what extent
the principles and rules set out by the EU lawmakers are binding on the Member States
as suggested by Article 49 of the TRIPs Agreement. The question has in turn significant
ramifications, considering that the Enforcement Directive lays down quite (p. 594)
41
Under Article
Page 5 of 31

and shall be applied in such a manner as to avoid the creation of barriers to legitimate
of
pose on ISPs a general obligation to monitor.42
The
rective,43
er and, notably, uses in its Article 8(3) exactly the same wording which was to be adopted
in the third proposition of Article 11 of the Enforcement Directive a few years later.44
2.1.3 The EU Charter of Fundamental Rights

In relation to the EU Charter of Fundamental Rights,45
46
nized through EU Directives. Therefore, such public bodies are bound to respect, inter
al.47 Most relevant, in the present context, is Article 52, the first paragraph of (p. 595)
nised by this Charter must be provided for by law and respect the essence of those rights
and freedoms. Subject to the principle of proportionality, limitations may be made only if
they are necessary and genuinely meet objectives of general interest recognised by the
48 This is a quite emphatic
restatement of the classic rule of law, the continued relevance of which we now have a
chance to revisit by turning our attention to the legal basis of the domestic provisions on
which the administrative enforcement of copyright is based.
2.2 Domestic Legal Basis
The legal basis of much of the legislation setting up the administrative enforcement of
copyright has been, at best, very shaky. To begin with Italy, it is most doubtful that back
in 2013 AGCOM had the implied powers necessary to adopt a Regulation concerning
copyright enforcement on electronic communications networks.49 However, the issue has
in the meantime become moot, as the lack of rule-making power that undermined the
original Regulation has arguably been cured by a (belated) legislative measure.50
ter in terms of legal basis. As indicated in the specialist literature, decisions by CIPIV
would appear to be rather vulnerable. The Greek copyright office (OPI) is governed by
private law; CIPIV, that is not even an emanation of the OPI, being hosted in the premises
of the latter but also composed of members coming from other public administrations,
Page 6 of 31

would not appear to meet either the formal or the functional criteria to qualify as
(p. 596)
a public sector body.51
3. The Essential Features

Against this background, we can now turn to the essential features of the administrative
enforcement of copyright adopted in the three jurisdictions relevant here.52
3.1 The Independence of the Public Bodies Entrusted with the Task
To the extent that applicable legal provisions require a minimum of independence of the
public body in charge, this threshold would not appear to be met in Spain.53 Also the
Greek CIPIV is arguably bedevilled by a possible case of conflict of interest: on the one
nanced by the associations representing one of the parties to potential disputes (i.e. the
ing action.54 For its part, AGCOM is classified among the independent authorities.
3.2 Protected Subject Matter and Violations
Administrative enforcement, on the basis of the national rules reviewed earlier, covers
copyright and related rights.55 Italian rules expressly envisage intervention in connection
als on a web page;56 however, the language of the same provision is expanded to (p. 597)
ered by the provision.57
tion.
While the language of the Regulation does not spell out whether the violations considered
dicates that they also encompass indirect violations as well as third party violations in
which ISPs happen to be involved, even though they may be not infringing either directly
or indirectly.58 As a matter of fact, very often the ISPs themselves may not infringe the
rights considered by the Regulation; rather, they may be involved in violations by third
parties. If this is the case, the intermediary must be summoned in the proceedings,59 but
is merely a nominal defendant.60
In principle, enforcement should never target situations that are covered by limitations or
exceptions to copyright exclusivity. Article 2(2) of the Regulation indicates that AGCOM is
bound to take into account limitations and exceptions as provided by copyright legislation
Page 7 of 31

ory available to the interested parties, who can raise them within the procedure.61
ages and even prevents taking into account said defences.
3.3 Parties
The Italian Regulation gives the standing to sue to rightholders and their licensees.62
ers and independent management entities63 also have standing to sue if duly authorized
by rightholders.64
(p. 598) In terms of standing to be sued, letter aa) of Article 1 of the Regulation mentions
ators are also mentioned in letters g) and f). In turn, ISPs engaged in mere conduit and
hosting (i.e. access and hosting providers) are referred to in letter f);65 audiovisual media
and radio operators in letters m) and n).66
es a few interesting issues.
In the mechanism set up by Article 7 of the Italian Regulation, ISPs are necessary parties;
website and web page operators and uploaders are not. The former must be summoned;
the latter may be summoned before the Authority, only to the extent that they can be
traced.67 This rule is in line with the Italian case law developed before civil courts: joint
tortfeasors need not be co-joined.68 Also from a practical perspective, it makes perfect
sense to dispense with a requirement (of notice to third parties which all too often are out
of reach) which is usually very difficult to meet. This approach, however, has a clear
downside: as fair use and other defences are normally raised by uploaders and entities
running websites and web pages, rather than by ISPs, hosting ISPs, lacking an input from
uploaders and website holders are not in a position to challenge a violation complaint or a
notice adopted by AGCOM. While this possibility is theoretically open to them,69 ISPs
tend to err on the side of caution. If they insist on providing their services after receiving
a notice, they risk losing their immunity and becoming liable for copyright violation. On
centive to litigate the matter against ISPs.
3.4 Procedure
The shortcoming indicated in the afore-mentioned subsection is exacerbated by the fact

that the Italian rules do not even require that, to file a complaint, a rightholder must
show that he has given prior notice to the third parties alleged to have infringed; even
when a complaint is filed, website and web page operators as well as uploaders must be
summoned only if they can be traced.70 Therefore, the party that is alleged to be directly
or indirectly (p. 599) infringing may have no inkling as to the initiation of proceedings
Page 8 of 31

which may lead to the selective disabling or blocking of the information it has uploaded
ment or to raise a defence.
hollow. To begin with, it is doubtful whether an administrative body is equal to the task of
cating a conflict between private parties.71 This is even more so if one considers that
blocking orders, and even orders that mandate selective disabling, may be at the expense
of unrelated, innocent third parties. This is the case when the order targets an entire
website, or domain name or IP address, thereby preventing access both to illegitimate
damental rights: the right to be heard and to fair process for the innocent third party (EU
Charter, Art. 47) and the freedom of expression and information of the innocent content
providers and of the public at large (EU Charter, Art. 11r).72 Moreover, orders adopted by
second paragraph of the provision.
3.5 Abbreviated Proceedings and Protective Orders
In principle, it makes sense that an abbreviated procedure is foreseen by Article 9 of the

Regulation. This is particularly so when the loss to rightholders is especially significant.73
Also, interlocutory relief may be granted by protective orders under Article 9-bis, that
(p. 600) are issued ex parte
tion foreseen in the abbreviated procedure to submit remarks (three days, rather than
five),74
sions.
3.6 Costs
Costs are inevitably involved both in taking part in proceedings and in complying with the
orders issued at their close. This is a very relevant matter,75
tional (rather than EU) law.76 However, the Italian Regulation does not mention the issue.
Lacking any provision in this regard, the result is that each party bears its own costs,
both for legal fees and for compliance with the order. This outcome has been challenged
before an Italian Administrative Court, to no avail. It was held that it is only natural that
77
Page 9 of 31

3.7 Remedies
If at the end of the proceedings the Authority finds an infringement, it can order the ISP
der.78 If the server hosting the work in violation is located in Italy, the measures consist of
selective removal of the infringing items and adoption of the steps appropriate to prevent
uploading.79
80
Blocking orders are the only alternative available if the server is
located outside Italy. The AGCOM has a duty to list additional websites to (p. 601) which
the blocking order must be extended.81 In terms of territorial reach, no order is directed
der a responsibility to make the works (or the links to them) inaccessible from the Italian
territory. These orders remain subject to the prohibition for Member States to impose a
general monitoring obligation on ISPs.82 Failure to comply with an order carries penalties
and may lead to the temporary shutting down of the operations of the party in breach of
the order.83
3.8 Transparency
Public administrations are subject to a mandate of transparency. This obligation appears

to be complied with by AGCOM, that regularly publishes on its website both statements
of objections and decrees.84 This is a welcome feature, considering that in Greece the
publication of decisions adopted by CIPIV is left to the discretion of the Committee
itself.85
3.9 Double Track
The Italian Regulation provides for a double track: the same alleged infringement may be
tion between the jurisdictional and administrative path is designed by Article 6(3) and (7)
ing before a court; in turn, administrative proceedings are terminated by the initiation of
court proceedings.
tute, for the administrative procedure. Originally, no measure affecting freedom (p. 602) of
expression and information as protected by Article 20 of the Spanish Constitution could
ment was waived by the corresponding provision of the current Law 2/2019.86
3.10 Review
Under general principles of Italian administrative law, as well general constitutional and
international provisions,87 orders must spell out the grounds on the basis of which they
Page 10 of 31

are taken. Article 8(2) of the Italian Regulation provides that orders, as earlier indicated,
According to Article 17 of the Regulation, the orders adopted by AGCOM are subject to
judicial review by an administrative court. However, this review is restricted to the limits
istrative powers were used correctly, while it has no say over the substance of conflicts
between the competing rights of private parties.88
ing from uploaders and website operators have no chance of being taken up, which,
again, is to be seen as a failure if considered against EU standards.89
sion establishing a review by an administrative court appears unfortunate, it also appears
to run counter to the specific provisions of the TRIPs Agreement90 and the EU Charter.91
3.11 Safeguards against Abuse
Both the TRIPs Agreement and the EU Enforcement Directive mandate safeguards
against abuse; in turn, the EU Charter proclaims the prohibition of abuses as a general
principle.92 The Italian Regulation is altogether silent on the matter.
4. The AGCOM Regulation in Practice: A

(p. 603)
Case Study
The administrative enforcement of copyright and related rights became effective in Italy
in 2014. A factsheet periodically updated by AGCOM shows that, so far,93 the authority
seven being against audiovisual and radio services.94 One-third did not make it through
95
The rest resulted in the institution
96
of 950 proceedings:
pliance (278)97 or withdrawal by the applicant (12); 650 led to an adjudication by the
Commission on Services and Products.98 On 600 occasions the Commission found in
favour of the applicant, issuing 665 blocking orders aimed at access providers operating
in Italy.99
4.1 Transparency
Until May 2016, AGCOM published, in a specific section of its website,100 information on
the outcome of all applications lodged under the Regulation. Then, it discontinued the
service, which has been replaced by a searchable database101 covering only adjudications
by the Commission on Services and Products.102 As a matter of fact, information about
cases that ended in the preliminary phase,103 or were dismissed by the Directorate for
Media Services once the proceeding had started,104
Page 11 of 31

siders that some interesting inference in its overall functioning can be drawn precisely
from the source of information which has been discontinued.
formal requirements or lacking essential information,105 those not substantiated by

(p. 604) documents demonstrating possession of the relevant rights by the applicant,106 or
which have been pre-empted by pending judiciary proceedings,107 as well as those falling
outside the scope of application of the Regulation or which are manifestly unfounded.108
Ostensibly, decisions based on the last two grounds provide valuable insights both into
the availability of remedies offered by the Regulation and the level of protection of third
109
come has to be reflected in a decision by the same board. It is submitted that knowledge
of these decisions would help to understand the dynamics of the interaction between all
the parties concerned.110
4.2 Protected Subject Matter
tions falling outside the scope of the Regulation. It did so by considering the Regulation
subject to (sometimes inherent or implied) limitations as to subject matter, violations,
remedies, and addressees of the orders requested.
Regulation itself, can be protected. This has several implications. First, applications must
refer to literary, musical, audiovisual, and photographic works, including video games and
computer programs. Any other subject matter protected by copyright or related rights
does not qualify.111 Secondly, said work needs to be protected by the Italian Copyright
Law, which means that the Directorate checks whether the work meets the (p. 605)
vant requirements.112 Thirdly, the work needs to be one that has been made available on
ered as a requirement of the work for which protection is sought or as a reference to the
kind of infringing uses that can be repressed under the Regulation.113 On the other hand,
giarism.114
ing of the relevant provision,115 that would have called for an explanation, which on the
contrary is totally lacking in the relevant decisions.116 Similarly, it is hard to understand
why the Regulation has been deemed inapplicable to links that have been published by
search engines. The Directorate holds that this follows from the fact that search engines
of the Regulation.117 However, this reasoning is somewhat puzzling, since search engines
der the Regulation, but as owners of the web page where the link can be found.118
Page 12 of 31

4.3 Scope of Violations
It could be argued that within the system set out by the Regulation, protection of third
119
cise of a certain amount of decisional discretion by AGCOM. One such power consists in
sumes that its task entails, first and foremost, fact checking, to make sure that the work
is actually available on the allegedly infringing website,120 and, secondly, a preliminary
assessment as to the infringing nature of the use in question. Usually this assessment is
plications regarding less than perfect copies of the allegedly infringed work, also (p. 606)
121
and applying the
122
exception on quotations in a few more instances. On the other hand, the Directorate
has allowed a broad interpretation of the concept of making a work available on a web
page in violation of Italian copyright law,123 also including in the notion from the outset
the mere provision of links to works, torrent files,124 and more recently pirate internet
protocol television (IPTV).125
tober 2018,126 the same concept has been further extended to include the advertisement
nological protection measures applied to video games and corresponding consoles.127
4.4 Remedies
Applications that make it through the preliminary phase lead to the institution of formal
proceedings, which end with adjudication by the Commission on Services and Products
unless voluntary compliance occurs. In this regard, some very clear trends seem to
emerge.
First and foremost, cases resulting in blocking orders present recurrent characteristics.
The application usually128 comes from a collecting society,129
tity representing rightholders in a specific industry,130
veillance and enforcement services.131 The application contains a list of works which have
been made available on the allegedly infringing website, together with relevant URLs.132
However, there have been cases in which apparently only works without an indication of
corresponding URLs have been mentioned,133 which have ended with a blocking order all
ing to many other protected works. All that considered, AGCOM typically accepts dealing
with a case according to the rules on abbreviated proceedings.134
main name, the hosting provider, and the owner of the server are summoned by email.135
As the servers are usually located abroad, access providers (p. 607) operating in Italy also
have to be summoned. However, this does not take place via email. Taking advantage of
cation on its own website suffices, considering the large number of service providers that
would otherwise have to be given notice individually.136
ly hide themselves behind anonymity service providers.137 When this is the case, it is all
Page 13 of 31

too obvious that they prefer to remain in the shadows138 to avoid liability, particularly if
ceedings. They can simply take down infringing contents if they wish to avoid a blocking
order,139
cently140
tem,141 they can be easily circumvented either by creating aliases or by letting users take
advantage of virtual private networks. Hosting providers and providers of servers never
ceedings. The outcome of all this is a blacklist of more than 700 domain names, according
to information available at the beginning of 2019. This list is likely to grow in the future
at a faster pace, considering that the 2018 amended Regulation enables AGCOM to adopt
dynamic blocking orders.142
(p. 608)
ent from the others. People or companies involved in the alleged infringement can be
identified and summoned. Very often, either they reply stating their case143 or comply
with the request to take down infringing content.144 In the very limited number of cases
in this category in which AGCOM adjudicated the case, no blocking orders have ever
been issued. Most of the time, the Commission on Services and Products has held the
contested websites to be non-infringing145 or has resorted to the traditional rule in dubio
pro reo.146
ality to dismiss the case.
4.5 Relevance of the Principle of Proportionality
cant does not claim or demonstrate that the infringement is sufficiently relevant to justify
a blocking order.147 When this happens, AGCOM dismisses the case and transmits its file
to (p. 609) the judiciary police; in other words, no immediate redress will be granted.148 At
fect on the economic interests of the applicant, and the nature of the service provided by
the infringing website.149
On the one hand, as already mentioned, if the application was made by an association of
rightholders or by a major content provider and is aimed at a website providing access to
a large repertoire of copyrighted works,150 AGCOM normally considers the case as one of
massive infringement and issues a blocking order. There are exceptions, though. It is not
precise description of the cases or extensive grounds.151 However, it would appear that
tate infringement. This applies to services used for substantial non-infringing purposes,
even though they may be extensively used to infringe.152 For instance, AGCOM refused
Page 14 of 31

has to block a web portal,153 a cyberlocker,154 a web writing platform,155

saging service,156 and a URL-shortening service.157 Also, it let go a website that featured,
as illustrations of the products offered, non-creative photographs copied from the outlet
of a competitor, on the rather shaky assumption (p. 610) that it would be disproportionate
158
able one159 to four,160 161

literary or editorial works, one162 or two163
photographs, a video game,164 twelve tracks from the same album,165 one166 or two167
audiovisual works, or even an entire TV series168 has been deemed insufficient. Overall, it
legally made available on a website will never be big enough to convince AGCOM that a
blocking order is proportionate, unless other factors weigh in the balance. In the case of
audiovisual works, it has been considered sufficient that a movie had been made available
online while it was still running in cinemas.169 In respect of music recordings, football
matches, and TV subscription services, blocking orders have been issued if recordings,170
matches,171 and programmes were made available systematically.172
Notes:
(*) Sections 1 to 3 were written by Marco Ricolfi; Section 4 by Alessandro Cogo.
(1
DA 268, mentioning Art. 157 of Law No. 633 of 1941 (the Italian Copyright Law, hereafter
ICL), to which also Arts 171 ff, 174-quinquies(2) should be added.
(2) For an overview, see Maria Lillà Montagnani,

ità degli intermediari
prietà intellettuale fra giurisdizione ed amministrazione [2013] AIDA 335.
(3) For a comprehensive discussion, see the chapter on content regulation in Milton
Mueller, Networks and States. The Global Politics of Internet Governance (MIT Press
dom-expression/study-filtering-blocking-and-take-down-of-illegal-content-on-the-
internet>. A clear outline of the reasons that led to the adoption of automated blocking
measures by ISPs in these specific areas is in Cartier International AG and others v
British Sky Broadcasting Ltd and others [2014] EWHC 3354 (Ch) (UK) (hereafter Cartier
v BSkyB 2014).
Page 15 of 31

(4
complementarity of soft law and the general legal framework in several jurisdictions), 21
(on the need of compliance with the human rights standards), 24 and 30 (on the impact of
EU law on self-regulatory blocking and notice-and-takedown schemes) and Frosio (n. 2)
17, 20.
(5
Frosio (n. 2) 10, 21.
(6) Italy was removed from the Watch List in the 2014 Special 301 Report adopted by the
Representative April 2016, 10, 56 <

cial-301-Report.pdf>.
(7) Law No. 2009-669 of 12 June 2009, Promoting the Dissemination and Protection of
Creative Works on the Internet, as amended, after the intervention of the Constitutional
Court, by Law No. 2009-1311 of 28 October 2009, on the Criminal Protection of Literary
and Artistic Property on the Internet (Fr.) (empowering the administrative authority to
send warnings to identified infringers and transfer the case to a court in cases of repeat
infringement; the judge may order a range of penalties, including a thirty-day account
suspension). See also, for a detailed discussion of HADOPI, Chapter 27.
(8
see among the many Montagnani (n. 2) 136; Frosio (n. 2).
(9
and Regulation 2015/2120/EU of 25 November 2015 laying down measures concerning
(10
Rev. 1149. In specific connection with online infringement of IPRs, see Martin Husovec,
Injunctions against intermediaries in the EU. Accountable but not liable? (CUP 2017) and
Christina Angelopoulos, European Intermediary Liability in Copyright. A Tort-Based
Analysis (Wolters Kluwer 2016).
(11) On which, see Daniel Friedmann, Trademarks and Social Media. Towards Algorithmic
Justice
Page 16 of 31

Frosio (n. 2) 20, 25.
(12) Actually, the frontrunner in this specific regard was Turkey, which in the fourth year
nani (n. 2) 141.
(13) Ley 2/2019, de 1 de marzo, por la que se modifica el texto refundido de la Ley de
Propiedad Intelectual, aprobado por el Real Decreto Legislativo 1/1996, de 12 de abril, y
por el que se incorporan al ordenamiento jurídico español la Directiva 2014/26/UE del
Parlamento Europeo y del Consejo, de 26 de febrero de 2014, y la Directiva (UE)
2017/1564 del Parlamento Europeo y del Consejo, de 13 de septiembre de 2017 (Sp.).
<https://www.boe.es/diario_boe/txt.php?id=BOE-A-2019-2974>.
(14
sions of the Ley Sinde (hereafter Implementing Regulation of the Ley Sinde).
(15
ting up the Authority (hereafter AGCOM Act 1997).
(16) The consolidated text is available at <https://www.agcom.it/interventi-dell-autorita-a-

tutela-del-diritto-d-autore> (hereafter 2013 AGCOM Regulation as amended). The Italian
provisions mirror to a large extent the text of the Ley Sinde.
(17
201.
(18) The Committee adopted its first three decisions blocking access to several infringing
sites by orders of 7 November 2018 <https://www.opi.gr/en/current-affairs1/news/
9379-07-11-2018-decisions-of-the-committee-for-the-notification-of-copyright-and-related-
rights-infringement-on-the-internet>.
(19) However, the whole Chapter IV of the Italian Regulation concerns administrative
Art. 1 of the Regulation itself. Unsurprisingly, resort to the provisions of that chapter has
been so limited (see s. 5) that only occasional references will be made to it.
(20) It should be noted that access providers usually have contractual links with end-users
rather than with infringing web operators. However, their services are also used by the
ed by C-557/07 LSG-Gesellschaft zur Wahrnehmung von Leistungsschutzrechten GmbH v

Tele2 Telecommunication GmbH
used by a third party to infringe a copyright or related right, inasmuch as those access
Page 17 of 31

same conclusion was reached in C-314/12

produktionsgesellschaft mbH
discussion of the issue, see Cartier v BSkyB 2014 (n. 3), para 155.
(21) For an overview of the legal position of ISPs in connection with direct and indirect
copyright infringement, inclusive of current legislative developments, see Frosio (n. 11)
role is underway: online content-sharing service providers storing and giving access to
EU of 17 April 2019 on copyright and related rights in the Digital Single Market and
amending Directives 96/9/EC and 2001/29/EC [2019] OJ L130/92, Art. 17; a similar result
has already been derived from stretching the interpretation of the previous notion by EU
case law: see C-527/15 Stichting Brein v Jack Frederik Wullems [2017] ECLI:EU:C:
2017:300, para. 32; C-610/15 Stichting Brein v Ziggo BV and XS4All Internet BV [2017]
Supreme Court, BGH) to the Court of Justice of the European Union (CJEU) is pending.
See Nemo Studios v You Tube and Google 13 September 2018 (order).
(22 [2011]
ECLI:EU:C:2011:474, paras 128, 134, 144.
(23
(24
(25) It is often remarked that the remedies referred to in the text may to a large extent
overlap, also because the terminology used to describe them is not always consistent. See
Stanford
CIS Blog, 29 January 2018) <
net-content-blocking-tools>.
(26) See Sections 4.4 and 4.5. For a case of a transfer of the domain name by means of a
EPP code (Extensible Provisioning Protocol)
or transfer key
bunale [Court] Milano (order)
nology & Materials Sagl in liquidazione and Aruba spa [13 June 2017] in Giur. Ann. Dir.
Ind. 6544.
(27
Page 18 of 31

plaint: for German judicial precedent to this effect, see the decision of the BGH of 12 July
RapidShare
(28) Such as the three-strike mechanism established in France with the HADOPI I and II
Acts of 2009.
(29
(30) As a rule, responsibility falls on the rightholders to identify the IP addresses and
URLs to be notified to ISPs in this way. For this purpose, the rightholders may engage a
third party to monitor server locations and domain names used by the target websites.
For criticism of this approach that relies on findings made out of court, on the basis of the
(31) For comment of the relevant TRIPs provisions, see Justin Malbon, Charles Lawson,
and Mark Davison,
ty Rights. A Commentary (Edward Elgar 2014) 613. For a discussion, see Michele Bertani,
Il regolamento AGCOM sul diritto di autore

(Giappichelli 2014) 194.
(32
tive procedures on the merits of a case, such procedures shall conform to principles
son (n. 31) 670.
(33) See TRIPs Agreement (15 April 1994) Marrakesh Agreement Establishing the World
ministrative, rather than civil, judicial review were admissible, it is submitted that it
should extend to the merits.
(34) TRIPs Agreement (n. 33) Art. 42.
(35) ibid. Art. 41(1), last para.
(36
of administrative procedures, such procedures shall conform to principles equivalent in
Page 19 of 31

providers. Therefore, we will mainly refer to access providers.
(38) It was initially suggested that EU lawmakers had subsequently backtracked in that
ing with jurisdictional proceedings, would indicate a choice of courts over administrative
bodies. See Tonoletti (n. 2) 362 and Nexa Center <https://nexa.polito.it/nexacenterfiles/
nexa_consultazione_agcom:452_13.pdf>. This position (which we originally backed) is
nowadays no longer followed as it is not supported either by the case law or literature.
2004 on the enforcement of intellectual property rights [2004] OJ L195/16, Arts 9 and 11.
tween injunctions against intermediaries as stipulated in the first sentence of Art. 11 and
(40
Plc and another [2018] UKSC 28 (UK) (hereafter Cartier 2018) (in connection with trade
marks); Cour de cassation [French Supreme Court] SFR, Orange, Free, Bouyegues v
Union des producteurs de cinéma and others [6 July 2017] no. 909, ECLI:FR:CCASS:
2017:C100909 (Fr.) (hereafter Allostreaming).
(41) See Directive 2004/48/EC (n. 39) Art. 3.
(42
pose a general obligation on providers, when providing the services covered by Articles
12, 13 and 14, to monitor the information they transmit or store, nor a general obligation
on the continued viability of this principle, see Frosio (n. 5) 202.
mation society [2001] OJ L167/10.
(44
(on which n. 9). Those provisions are usually understood as dealing with restrictions of
cess.
Page 20 of 31

(45) Charter of Fundamental Rights of the European Union [2012] OJ C326/391. It was
originally proclaimed by the European Parliament, Council, and Commission at Nice in
ing into force of the Lisbon Treaty in December 2009.
(46) Charter (n. 45) Art. 51(1). See also Directive 2004/48/EC (n. 39) recital 32.
(47
no, Silvia Allegrezza, Fabio Pappalardo and Orsola Razzolini (eds),

(Giuffrè 2017) 864.
(48
(ECHR) and with the questions raised by its interface with intellectual property, on which
in connection with freedom of expression under Art. 10 of the ECHR and the liability of a
web portal for posting a link, Magyar Jeti Zrt v Hungary
cember 2018). On the relationship of the ECHR with intellectual property, see Annette
Kur and Thomas Dreier, European Intellectual Property Law. Text, Cases and Materials
(Edward Elgar 2013) 78. See also Chapter 29.
(49) See, however, Constitutional Court Altroconsumo v Confindustria and others

cember 2015] (It.) (not reaching the merits of the question because of the failures of the
istrativi Regionali [Regional Administrative Court] (TAR) Lazio

provider and others v AGCOM [30 March 2017] (It.) It is arguable whether in Italy the
need for administrative intervention was originally felt with special urgency because the
legislation implementing the e-Commerce Directive required that notice of infringement
Legislative Decree no. 70 of 2002 (It.), so that a notice, however detailed and complete,
However, in the meantime the Corte di Cassazione in Reti Televisive Italiane spa v Yahoo!
Inc and Yahoo! Italia srl
cation of the public authority is not required for hosting providers (as opposed to caching
providers, on which see the decision of the same court no. 7709 om the same day).
(50
sions, Art. 2 (It.). Decision no. 490/18 was adopted pursuant this legislative mandate.
(51) See Tsigou (n. 17) 204. It should be added that it appears most doubtful whether the
legal basis for the legislation setting up CIPIV could plausibly be found in Art. 36 of EU
Directive 2014/26/EU on collective management of copyright and related rights, that
Page 21 of 31

(52) While here reference will be made mainly to the Italian rules, Greek and Spanish
rules will also be considered where appropriate.
(53
https://www.eipin.org/bilder/
congress_docs/17th_congress/alicante_2016/peguera.pdf>.
(54) See Tsigou (n. 17) 206.
(55) See 2013 AGCOM Regulation as amended (n. 16) Art. 6(1); Art. 193(2)(b) of Law
2/2019. See also Section 4.3.
(56) See 2013 AGCOM Regulation as amended (n. 16) Art. 6(1).
(57) See also the reference to communication to the public of works via link or torrent or
by other means in ibid. (n. 16) Art. 1, letter ff), subject to selective removal under Art.
8(3).
(58) These situations are also considered in Art. 8(3) of the Information Society Directive
and Arts 9 and 11(1), final sentence of the Enforcement Directive.
(60 1.
(62) Exclusive or otherwise. The inclusion of non-exclusive licensees is unusual in other

fields of intellectual property; not necessarily so in the field of copyright (see Arts 156
and 167 ICL).
(63) As defined in Art. 3 of Directive 2014/26/EU of the European Parliament and of the
Council of 26 February 2014 on collective management of copyright and related rights
and multi-territorial licensing of rights in musical works for online use in the internal
market [2014] OJ L84/72.
(64) For Spain, see Law 2/2019, Art. 195(3) para. 2. Also Greek Law no. 2281/2017, Art.
52 s. 1.1 gives standing to collective rights management organizations. See Tsigou (n. 17)
204.
(65) It is arguable, however, whether the third category of ISPs, engaged in caching, are
encompassed in the broader text of Art. 2(1) of Act no. 167 of 20 November 2017, which
only deals with protective orders.
Page 22 of 31

(66) Audiovisual media operators are considered in a separate chapter, Chapter IV, of the
AGCOM Regulation, which deals in a much milder way with violations.
(67) See 2013 AGCOM Regulation as amended (n. 16) Art. 7(1). On the similar provision in
Greek law, see Tsigou (n. 17) 206.
(68) See the order of the Milan Court 8 May 2017,

works Ltd, Telecom Italia spa, Vodafone Italia spa, Fastweb spa, Tiscali Italia spa, Wind
(It.) in [2019] AIDA forthcoming.
(69) Under the 2013 AGCOM Regulation as amended (n. 16) Art. 7(4).
(70) See ibid. Art. 5. On the requirement under Spanish law that an attempt is made to
have the infringing content removed or disabled by the infringer prior to requesting a
blocking order, see Art. 195(3) of Law 2/2019 and previously Peguera (n. 53); similarly,
for Greece, see Law no. 2281/2017, Art. 52 s. 1.4.c) on which Tsigou (n. 17) 205. On the
importance of prior notice to the alleged infringer in this context, see Balkin (n. 10) 1197
and Husovec (n. 10) 123. Also Italian courts dispense with the requirement of notice to
nection Mediaset Premium spa v Quasi networks Ltd (n. 68).
(71
(obiter).
(72
a fortiori
sic Entertainment Germany GmbH [2016] ECLI:EU:C:2016:689, para. 93. With reference
to the ECtHR see Yildirim v Turkey App no 3111/10, (ECtHR, 18 December 2012) (holding
that wholesale blocking of access to Google sites was arbitrary and the judicial review of
the measure was insufficient).
(73) See 2013 AGCOM Regulation as amended (n. 16) Art. 9(2), letters a) and c). See also
Section 4.4.
(74) cf. ibid. Art. 9(1), letter b) to Art. 7(4) of the same.
(75) For the reasons convincingly shown by Husovec (n. 10) 125.
(76) See Cartier 2018 (n. 40) [30].
(77) See Altroconsumo v AGCOM

sumes obiter that a telco which is at the receiving end of an injunction bears its own
costs; a full discussion of the issue is in Cartier
Page 23 of 31

able English law, between rules applicable to access and hosting providers, at [37], and
holding the former entitled to be reimbursed for their own costs by claimant rightholders;
on the contrary, Allostreaming (n. 40), comes to the opposite conclusion under French law
by arguing that the basis is not the liability of the ISP, which may well be lacking, but its
bility for rightholders to recover costs incurred in giving notice to ISPs is considered in
(78) See 2013 AGCOM Regulation as amended (n. 16) Art. 8(2). For an illustration of
(79
lective removal means the deletion from the web page of the infringing works or of the
connection to them via link or torrent or by other means.
(80) 2013 AGCOM Regulation as amended (n. 16) Art. 8(3).
(81
cept that its responsibility rests with the authority rather than with the rightholder; it is
the same authority that, in the event of repeat infringers, is tasked with updating the list
thority may also turn the file over to the police.
(82) On which see, also for references, Frosio (n. 2) 22.
(83) See AGCOM Act 1997 (n. 15) Art. 1(31) and (32). Spanish legislation provides for a
53);
the possibility of a temporary shutdown is established by the Implementing Regulation of
Tsigou (n. 17) 206.
(84
https://www.agcom.it/interventi-dell-autorita-a-tutela-del-diritto-d-autore> (hereafter
ments discussed in Section 4.1.
(85
es are not public according to Peguera (n. 53).
(86
ary. For the previous regime, see Peguera (n. 53).
(87) See Italian Constitution, Art. 24, EU Charter (n. 45) Art. 47 and Art. 6 ECHR. A duty
to state reasons is also foreseen in Spain, see Peguera (n. 53).
Page 24 of 31

(88
tive court, see Michele Bertani, Pratiche commerciali scorrette e consumatore medio
(Giuffrè 2016) 17.
(89) See C-314/12 (n. 20) para. 57.
(90) See TRIPs Agreement (n. 33) Art. 41(2); for interlocutory injunctions, see also Art.
50(8). For similar remarks Tonoletti (n. 2) 352; Bertani (n. 31) 156.
(91) See Art. 47; see in this connection Domenicucci and Filpo (n. 47) 869.
(92) See TRIPs Agreement (n. 33) Art. 42, Directive 2004/48/EC (n. 39) Art. 3(2) and EU
Charter, Art. 54. See also, in this connection, Husovec (n. 10) 123.
(93) As of 18 January 2019.
(94) See 33/16/CSP and 180/18/CSP (the acronym designates decisions adopted by the
Commission on Services and Products). The analysis in the following sections is limited to
ent rules, which are not considered here.
(95) See 2013 AGCOM Regulation as amended (n. 16) Art. 6(4). See Section 4.1.
(97) ibid. Art. 7(3), (3)-bis, and (6).
(98) ibid. Art. 8(1) and (2).
(99) ibid. Art. 8(4).
(100) See Section 3.8 and AGCOM Copyright Decisions (n. 84).
(101) ibid.
(102) See 2013 AGCOM Regulation as amended (n. 16) Art. 8.
(103) ibid. Art. 6(4), letters a) to d).
(104) ibid. Art. 7(3) and (6).
(105) Commonly, for failure to submit a copy of the allegedly infringed work (75/14/DDA;
86/15/DDA; 92/15/DDA; 102/15/DDA; 103/15/DDA; 109/15/DDA) or for failure to identify
precisely the targeted web page (8/14/DDA; 91/15/DDA; 9/16/DDA; 21/16/DDA) (the
torate).
Page 25 of 31

(106
edge (4/14/DDA) or information provided by the applicant himself (95/15/DDA and 96/15/
DDA) to dismiss due to lack of standing to sue.
(107) Invariably, the Directorate found the relevant information in the news and did not
consider relevant whether the applicant was party to the judiciary proceeding: see 8/14/
DDA; 39/14/DDA; 71/14/DDA.
(108) AGCOM Regulation as amended (n. 16) Art. 6(4), letters a) to d).
(109) A major issue in the system put in place by the Regulation. See Sections 3.3, 3.4,
and. 3.8.
(110) In particular, it helps to understand how ISPs behave (see Section 3.3
tarily blocked a website because of a statement of objections published by AGCOM. On
fringing content voluntarily, particularly if they are located in Italy, arguably because they
are easier targets for follow-on damage claims. It remains to be seen whether they do so
following procedures that take into account the interests of the content providers. See n.
144.
(111) As easily predictable, applications claiming infringement of trade marks (see 4/14/
tractual terms and conditions (20/16/DDA), and a press conference (3/14/DDA). Arguably,
applications referring to databases, whether or not creative, will be doomed to dismissal.
parently on the assumptions that they could somehow qualify as a combination of literary
and photographic works.
(112) On this ground, the Directorate has dismissed applications regarding photographs of
objects (5/14/DDA, 31/14/DDA, and 33/14/DDA), a brief description of rules and tricks for
online games (17/16/DDA), a title for a radio programme (23/16/DDA, Viva la radio), and a
catalogue (32/15/DDA). Little to no explanation is given for the reasons supporting such
findings.
(113) A few applications have been dismissed for lack of relevant information on the work
to be protected. At least one of them raises the doubts expressed in the text, particularly
tion suggests that such a requirement does not exist (see <https://ddaonline.agcom.it/
modulo/#opereDigitali>).
(114
tion of moral rights alone.
(115) AGCOM Regulation as amended (n. 16) Art. 6(1).
Page 26 of 31

(116) On the contrary, it is obvious that the Regulation does not apply to printing. See
8/16/DDA.
(117) See 25/14/DDA and 67/14/DDA.
(118) See Section 3.3.
(119) See Sections 3.3 and 3.4.
(120
ing work is not (or is no longer) accessible at the URL mentioned in the application (see
e.g. 15/14/DDA and 82/14/DDA), if the work is only mentioned (Det 97/15/DDA), if the
website is unavailable (94/14/DDA), or access from Italy is denied (58/15/DDA).
(121) See 40/15/DDA; 80/15/DDA; 88/15/DDA.
(122
tion for quotations.
(123) See AGCOM Regulation as amended (n. 16) Art. 6(1).
(124) See e.g. 50/14/CSP.
(125) See e.g. 28/18/CSP.
(127) See 331/18/CSP.
(128) For an individual application, see e.g. 212/2018/CSP.
(129) See e.g. 265/18/CSP.
(130) See e.g. 334/18/CSP.
(131) See e.g. 332/18/CSP.
(132) See e.g. 287/18/CSP.
(133) e.g. 3/18/CSP, 15/18/CSP, 47/18/CSP, 68/18/CSP and 147/18/CSP. When this is the
case, the resulting statement of objections issued by the Authority might arguably fall
short of compelling the notice recipient hosting provider to take down infringing content
under Art. 14(1)(b) of the e-Commerce Directive. See RTI v Yahoo!
guishes on this matter between passive and active hosting providers.
(135) To the extent that they can be identified, see Section 3.3 and later in this section.
(136) It has been so from the very beginning. See 41/14/CSP.
Page 27 of 31

(137
cation claimed that the infringement was massive and the Authority found that there
ample, AGCOM did not consider the voluntary removal of the works in the list sufficient.
der, so much that the residual infringement, if any, could be deemed neither grave nor
massive. This approach raises obvious concerns if the domain name holder qualifies as a
vices from the Italian territory on the basis of its failure to remove all infringing content
from its servers would run counter to the prohibition to impose a general obligation to
monitor provided for in Art. 15(1) of the same Directive (see Section 2.1.2)
(138) Exceptions are very rare and usually insignificant. E.g. in 231/18/CSP the company
cation, claiming that the allegedly infringing content had been deleted. However, AGCOM
found that the content was still available and added the domain name to its blacklist.
(139) If they do, and the Directorate comes to know, the proceedings end with a dismissal.
See e.g. 63/14/DDA
(140) See Section 3.7 and n. 142.
(141) So far, AGCOM has never blocked IP addresses.
(142
lows considerable saving of time and resources. Previously, to block an alias of a website
lowing the swifter rules provided for abbreviated proceedings (Art. 9). See e.g. 6/18/CSP;
and 283/18/CSP, which also offers a sample of the characteristics considered relevant by
the Authority to qualify a website as an alias. Now, the Directorate for Media Services, on
request from the rightholder, can extend the effects of an already issued blocking order if
it deems that the violation denounced is actually the same. Next, all concerned parties
COM Regulation as amended (n. 16) Art. 9-bis.
(143
der a research contract and that it was owner or co-owner of the copyright. In 243/16/
CSP, the respondent showed that the work had been made available on the request of the
very same applicant.
(144) Most of the time, content is removed by the owner of the website (see e.g. 6/14/DDA
and 24/14/DDA, both regarding newspapers), although there are a few cases in which the
owner of the web page (2/15/DDA), the uploader (52/14/DDA; 91/14/DDA; 26/15/DDA), or
the hosting provider (41/14/DDA; 78/15/DDA; 87/15/DDA) do so. Not unfrequently, the
website hosts a blog, a forum, or a video-sharing platform. When this is the case, it often
Page 28 of 31

remains unclear whether its owner or the hosting provider consulted the owner of the
web page or the uploader before removing the allegedly infringing contents (see 14/14/
DDA; 50/14/DDA; 87/14/DDA; 14/15/DDA; 27/15/DDA; 64/15/DDA; 74/15/DDA; 27/16/
DDA), although they certainly did so in the proceedings ended by 91/14/DDA; 82/15/DDA
33/15/DDA; 50/15/DDA (in all these cases the uploader agreed). It is worth mentioning
that hosting providers may help AGCOM in reaching the owner of the website, which then
complies without necessarily revealing its identity (see e.g. 54/14/DDA; 2/15/DDA; 43/15/
DDA).
(145) e.g. in 67/14/CSP AGCOM took note that the website operator had modified its links
in such a way as to enable it to resort to the ruling of the CJEU in the Svensson case. See
also 144/16, in which AGCOM found out that the link published on the contested website
did not work but, considering that it was made available on a subscription service, gave
cial practices.
(146) See 64/14/CSP in which a contractual dispute between the applicant and the website
legedly infringing website made available links pointing to external resources protected
by a paywall. In this case, AGCOM considered relevant the fact that, according to blogs
and fora, files hosted on the linked website were systematically corrupted.
(147) As already mentioned (see Sections 1 and 3.7), blocking orders aimed at access
providers are the only alternative available when the server is located outside Italy. If, on
the contrary, the server is located within the national borders, AGCOM can order the
ty considered that a hosting provider, which confines itself to storing information, without
playing any role in the transmission or management of content hosted on its network, due
to technical reasons (without any further explanation) cannot disable access to individual
sumption expands the relevance of the principle of proportionality, which can be relied on
ests of the rightholders should not be overestimated, though. After receiving a notice
claims for damages in view of Art. 14 of the e-Commerce Directive. It is submitted that
this effect might explain the far more cooperative behaviour of Italian hosting providers
dicate cases involving their services.
(148) See AGCOM Regulation as amended (n. 16) Art. 8(2-bis).
Page 29 of 31

(149) AGCOM does not seem to consider relevant whether the applicant has, or has not,
vention. From time to time, its decisions let it slip that attempts have been made. See e.g.
38/18/CSP.
(150) Applicants usually provide for exemplificative lists of ten to thirty works and URLs.
In the vast majority of its decisions, AGCOM explicitly bases its blocking order on the
finding that the works illegally made available on the contested website appear to be
many more. There are cases in which the same statement cannot be found. However, it
might well be a lapsus. Therefore, it would probably be inaccurate to draw conclusions
ly on the mere presence on the contested website of eleven audiovisual works.
(151
las. This might be seen as a violation of the principle that the order must spell out the
grounds on the basis of which it has been taken (see Section 3.10).
(152) It remains to be seen whether the balancing of interests underlying this approach
gets past the concerns raised earlier, in the last paragraph or in Section 3.4.
(153) See 5/18/CSP.
(154) See 333/18/CSP.
(155) See 321/18/CSP.
(156) See 72/18/CSP, 73/18/CSP, 248/18/CSP, 306/18/CSP, and 314/18/CSP, all of which
concerned public channels of an online messaging service used to distribute newspapers
and magazines.
(157) See 276/17/CSP.
(158) See 174/17/CSP and 175/17/CSP.
(159) See 40/15/CSP; 48/15/CSP; 142/15/CSP; 10/16/CSP; 30/16/CSP; 62/16/CSP; 111/16/

CSP.
(160) See 99/15/CSP.
(161) See 218/15/CSP.
(162) See 9/16/CSP.
(163) See 49/17/CSP.
(164) See 68/14/CSP.
(165) See 151/17/CSP.
Page 30 of 31

(166) See 79/14/CSP; 43/15/CSP; 58/15/CSP; 59/15/CSP; 63/15/CSP.
(167) See 24/15/CSP, in which AGCOM did not consider that the list had been provided by
the applicant exempli gratia.
(168) See 109/14/CSP.
(169) See 212/18/CSP. On the same note, 44/17/CSP considered enough the availability of
that the website had already come to the attention of the Authority for being linked by
other websites already included in the blacklist.
(170) See 3/18/CSP, 15/18/CSP, 47/18/CSP.
(171) See eg 126/18/CSP-129/18/CSP.
(172) See 61/18/CSP, 62/18/CSP, 63/18/CSP, 66/18/CSP and 67/17/CSP.
Alessandro Cogo
rector of the Master of Laws in Intellectual Property jointly organized by the World
Intellectual Property Organization and the Turin University. Email:
alessandroenrico.cogo@unito.it.
Marco Ricolfi
Marco Ricolfi is Professor of Intellectual Property at the Turin Law School, Partner at
the law firm Tosetto, Weigmann e Associati, and Co-director of the Nexa Center on
Internet and Society of the Turin Polytechnic. Email: marco.ricolfi@studiotosetto.it.
Page 31 of 31

Blocking Orders: Assessing Tensions with Human Rights
Blocking Orders: Assessing Tensions with Human

Rights
Christophe Geiger Elena Izyumenko
In the past few years, the practice of enforcing intellectual property by ordering internet
copyright enforcement in Europe. This chapter provides an overview of these factors,

starting with the freedom of expression framework for website blocking and the rather
revolutionary, at least for the European judiciary, concept of user rights that has being
quired efficacy of the blocking resulting from the human right to property framework for
intellectual property is also examined. Potential effects on the website-blocking practices
of the recent EU copyright reform are then discussed before concluding.
Keywords: online intermediaries, liability, blocking orders, human rights, CJEU, ECtHR
*
OVER
proportionate, whereas targeting the website operators is not an easy task either, as
these often run their services from another jurisdiction, can easily change location, or can
main the most efficient option left to the rightholders.
formation Society Directive.1
cal provision, but with regards to all intellectual property rights, is enshrined in the third
sentence of Article 11 of the Enforcement Directive.2 In addition, Article 12(3) of the e-
Commerce Directive3
Page 1 of 25

court or administrative authority, in accordance with Member (p. 567)
of intermediary service providers established in this Directive do not affect the possibility
of injunctions of different kinds; such injunctions can in particular consist of orders by
At the same time, Article 15 of the e-Commerce prohibits a general monitoring obligation.
Even though authorized in principle by the European legislator,5 blocking injunctions
6
and
the ability of the internet service providers (ISPs) to freely conduct their business.
UPC Telekabel case

and Akdeniz v Turkey.
The case before the CJEU, UPC Telekabel,7 concerned a generic blocking order issued by
site kino.to
sent. Before the CJEU, the Austrian referring court queried, inter alia, compatibility of the
fringement (so-called outcome prohibitions), with Union fundamental rights.
The CJEU held that such injunctions were legitimate in principle, but made it necessary
(p. 568)
users were accorded an opportunity to assert their rights before the national court once
the implementing measures taken by the ISP were known.8 No violation was established
9
left the ISP
tion.10
avoid liability by showing that it had taken all reasonable measures had, according to the
provider.11 Finally, with regard to the right to intellectual property, the Court observed
12
13
ing users from accessing infringing content.14
Page 2 of 25

Interestingly, just a few days before the Telekabel
blocking and its effects on human rights. The case before the Strasbourg Court, Akdeniz,15
concerned the blocking of access in Turkey to the websites myspace.com and last.fm
because they were disseminating musical works in violation of copyright. As a user of the
websites which had been blocked, the applicant complained about the collateral effects of
blocking which, according to him, were disproportionate. The only issue raised before the
Strasbourg Court thus concerned the freedom of information of internet users, as neither
the websites in question nor their ISPs contested the blocking. Moreover, no provision
European Convention on Human Rights (ECHR), which largely remains an instrument for
the protection of civil and political rights.
clared the application inadmissible ratione personae.16 The Court noted that the applicant
sic-sharing websites.17
cause they did not comply with copyright legislation and that the applicant (p. 569) had
only been deprived of one means of listening to music among many (legitimate) others.18
formation of specific interest to him or that the blocking deprived him of an importance
source of communication.19
user, not as an owner or contributor to the websites in question.20 In addition, neither the
tant question of general interest.21 Finally, the need to balance freedom of information
lating the dispute.22
copyright enforcement in Europe.23 This chapter provides an overview of these factors,

starting with the freedom of expression framework for website blocking and the rather
revolutionary, at least for the European judiciary, concept of user rights that has being
ness (Section 2). The required efficacy of the blocking resulting from the human right to
property framework for IP merits separate examination (Section 3). Potential effects on
fore concluding (Section 4).
Page 3 of 25

1. A Freedom of Expression Perspective on

Website Blocking: The Emergence of User
Rights
1.1 User Rights
One prominent consequence of the free speech review of website blocking in copyright
infringement cases rests on the idea of user rights as enforceable rights of equal value
(and not mere interests to be taken into account).24
(p. 570) In Telekabel
cluding the adoption of an injunction such as that at issue in the main proceedings, the
national procedural rules must provide a possibility for internet users to assert their
rights before the court once the implementing measures taken by the internet service
25
Thereby obliging the national authorities to avail the users of the procedural opportunity
to challenge the blocking before the courts, the CJEU advanced the idea that freedom of
expression may be invoked not as a mere defence, but as a right on which an action in the
main case was based. Although the CJEU envisaged this possibility within quite a limited
cedural standing or locus standi

specific orders
26
2019, Funke Medien and Spiegel Online

right protection and media freedom.27 In those cases, not only the rights of internet users
rights. As stated by the CJEU in Funke Medien and Spiegel Online
that those exceptions or limitations do themselves confer rights on the users of works or
of other subject matter 28 Such an unequivocal recognition by the (p. 571)
ment, user rights might be deemed enforceable, among others, vis-à-vis online contracts
29
Page 4 of 25

2019 the Swedish Patents and Market Court of Appeal has interpreted the Telekabel
considered in the event that a blocking injunction would leave room for an ISP to decide
what measures should be taken in the event of infringement through its services. In such
event, the Court should be presented with an opportunity to assess whether overblocking
30
tus of the applicant-users, none of those concerned copyright.31 Moreover, unlike the
users32 acting as the passive recipients thereof. For example, in the case of Cengiz and
Others,33 which concerned the blocking of access to YouTube, the Court recognized the
victim status of the applicants who used the platform not only for accessing videos in
which they were interested but also actively, by downloading and sharing files from their
YouTube accounts.34 Analogously, in the case of Yildirim, (p. 572) locus standi was granted
to the owner of the website blocked in the context of judicial proceedings unrelated to the
ter alia, the use concerned was qualified as passive.35
On their substance, however, the approaches of the CJEU and the ECtHR to the rights of
users might not be that different. The decision on victim status was linked by the ECtHR
ers against the freedom of information of the users.36
1.2 Collateral Effects of Blocking: The Risk of Overblocking
Collateral effects of blocking constitute, alongside the manner of site usage, an important
factor to be taken into account under the freedom of expression framework. The CJEU
37
stressed in Telekabel
without thereby affecting

internet users
38
The CJEU thereby confirmed the principle first set down by the ECtHR in Yildirim
and further reiterated in Akdeniz
ing access to a website [has] to be part of a particularly strict legal framework ensuring
39
precludes an injunction. In the majority of cases, it would suffice that a substantial
Page 5 of 25

proportion of the website was infringing, despite certain pieces of legitimate content also
being affected. It is for this reason that the blocking of Newzbin2, for example, was found
justified in the UK case of Twentieth Century Fox v BT,40 even after admitting that that
measure potentially prevented non-infringing uses, which were, however, (p. 573)
mal.41
42
cise, to look not at an absolute amount of legitimate content on the respective site, but at
the overall ratio of lawful and unlawful content and whether the former constitutes a non-
43
significant In Denmark, the blocking of an online
ilar reasons.44 In Norway, the blocking of seven file-sharing sites, the estimated amount of
infringing content on which varied from 75 to 100 per cent, was authorized by the Oslo
District Court.45
part of the proportionality evaluation, the extent to which copyright-protected material is
made available through the relevant websites and domain names and how large a share
46
tional courts are likely to require a more targeted form of order.47 Thus, in Italy, the Court
of Appeals of Rome overturned an order requiring local ISPs to block access to the video-
streaming platform Filmakerz.org in its entirety, on consideration that the order was too
broad.48 According to the Court, the partial blocking of specific URLs was to be preferred
in that event over the blocking of an entire site.49 Likewise, the Court of Milan rejected
ing website but also any potential top-level domain or any other platform which could be
related to an infringing website.50
(p. 574) 1.3
The next factor which needs to be taken into account in the balancing process from a
freedom of expression perspective is the general public interest in information affected
by the blocking measure.51 Unlike the CJEU which was not unduly concerned with this
criterion in Telekabel, the ECtHR provided some guidance on its potential implications for
copyright enforcement.
The Strasbourg Court pointed out in Akdeniz

websites in question disseminated information which could present a specific interest for
him or that the blocking of access had had the effect of depriving him of a major source of
communication 52
access to those websites had not prevented him from taking part in a debate on a matter
of general interest 53 What follows from this statement is that the blocking can be found
terest at stake.
Page 6 of 25

The ECtHR distinguishes, in particular, political speech and speech in the general public
interest among the prioritized fields of the protection of the freedom of expression.54
To give just a few examples, in Cengiz and Yildirim transmission of academic materials
dom of expression finding.55
tailing breach of copyright, was ruled by the ECtHR to be outside the sphere of general
public interest.56
Alongside education, criticism and news reporting also rank highly on the balancing scale
for the freedom of expression.57
terest were ruled to include, in addition, artistic use of a famous fashion brand to (p. 575)
criticize the culture of consumerism,58

tention to the health risks of smoking,59
60
criticism of the social policy of those players in the economy,61 or simply playing ironically
62
1.4 Alternative Means of Accessing Information
tive means of accessing information. In Cengiz, in particular, a violation of Article 10
tion of specific interest that was not otherwise easily available and for which there was no
equivalent.63 Analogously, by noting in Akdeniz
cess to music were available to the applicant,64
gitimate offerings.
65
66
(p. 576)
67
by partially shifting the onus to
forcement to the introduction of more attractive alternatives in the marketplace. In this

vein, Fred von Lohmann has argued that in the context of proceedings relating to Article
8(3) of the Information Society Directive there is only an accuser demanding reasonable
measures from a defendant, whereas the most effective measure might be something that
the accuser himself is capable of bringing to the marketplace.68
Page 7 of 25

in the context of Article 8(3) lacks the ability to weigh all the interests and improvise a
69
tive.
2.
tive on Website Blocking: The (Rising) Role of
the ISPS in Digital Copyright Enforcement
2.1 Costs and Complexity of Blocking
As noted in Telekabel
for any business to be able to freely use, within the limits of its liability for its own acts,
70
This is consonant with
ment in Telekabel
dressee in a manner which restricts the free use of the resources at his disposal because
it obliges him to take measures which may represent a significant cost for him, (p. 577)
have a considerable impact on the organisation of his activities or require difficult and
71
the very substance of the freedom of an internet service

72
This was for two main reasons. First, the outcome
achieve the result sought, with the result that he [could] choose to put in place measures
73
Secondly, the
that allowed the ISP to avoid liability by showing that it had taken all reasonable steps to
74
The Court thus appeared to suggest that result-tailored injunctions encroach less on the
freedom to conduct a business than their specific counterparts, as long as the former
leave ISPs to make their enforcement choices freely. Some commentators disputed this
want specific conditions
75
Page 8 of 25

leaving an intermediary to navigate between possible liability for breach of the order and
a potential dispute with its customers on freedom of expression grounds.
All in all, despite the particular conclusion reached by the Court in Telekabel, the costs
and complexity of blocking were highlighted as an important factor in the proportionality
evaluation. In the Sabam cases,76 this criterion even led the CJEU to outlaw an injunction
vices.77
It is notable that both the Sabam and Telekabel judgments seem to assume that an ISP is
the one to carry the costs of implementation.78
(p. 578)
79
diaries are better placed to fight copyright infringement.80 In other words, French courts
81
Interestingly, such a default allocation of costs to ISPs was rejected in the UK, albeit in
the context of blocking targeted online trade mark infringement. According to the June
82
The court stressed, however, that this position was limited to the
83
Thus, each jurisdiction is free to decide on the allocation of costs, in conformity with the
84
Such allocation
conduct a business.
Some clarification of how to assess, in practice, the reasonableness of the allocation of
85
lar block is at issue.86 Rather, they should be looked at within the broader context (p. 579)
Page 9 of 25

against the ISP by a first rightholder would always fail due to the fact that the [ISP] could
87
2.2 Availability of Reasonable Alternatives (Subsidiarity)
Another important factor to take into account when it comes to balancing in website-
blocking cases is the proportionality of going after an internet access provider instead of
trying to put an end to the infringement at source, by suing, for example, direct infringers
ronment, in particular, the services of intermediaries may increasingly be used by third

parties for infringing activities. In many cases such intermediaries are best placed to
88
The Information Society Directive left open,
fore recourse to the internet access provider. Neither was this issue addressed by the
Telekabel court, which only highlighted that the blocking was justified in the light of the
89
of, which is to guarantee rightholders a high level
proportionality principle90
freedom to conduct a business in this case) should be the least intrusive measure which
Although both the Information Society Directive and the Enforcement Directive envisage
91
terion on board in their assessments of proportionality of blocking. The judgments by the
dustry and the German collecting society GEMA are illustrative in this respect. In those
access to the file-sharing website goldesel.to.92 This was (p. 580) because the claimants
ondary infringers.93
forts to take action against those parties who committed the infringement themselves
(such as the owner of the website) or who have contributed to the infringement by the
provision of services (such as the hosting provider). Only when recourse to those parties
fails or lacks any prospect of success, thereby creating a lacuna in legal protection, can
recourse to the access provider be considered reasonable. Operators and host providers
are much closer to the infringement than those who only generally provide access to the
94
95
In
96
The relevance of the subsidiarity principle has also
Page 10 of 25

been confirmed in a decision of the Regional Court of Munich from February 2018.97 The
Telekabel
matter of priority, so far as possible, claim directly against the operators of the illegal
98
Only in situations when such a claim is not possible, can recourse
be made to the ISP of end-users.
A different approach was adopted, however, by the High Court of Paris, when it ruled
mentation of Art. 8(3) of the Information Society Directive] is addressed to anyone who
can contribute to remedy the violations of protected rights, no legal provision requires
calling in the same instance the hosting providers and
aged 99 The same approach is followed in Belgium, where the Antwerp Court of Appeals
likewise struck out the subsidiarity factor considering that it was not required by Article
8(3) of the Information Society Directive.100 As Pekka Savola reports, targeting the direct
infringers was also not required on an application of national law by the Helsinki Court of
Appeals.101
3.
(p. 581)
site Blocking: Effectiveness of the Blocking

In Telekabel
end to the infringements of the intellectual property right [did] not exist or [was] not in
practice achievable, as a result of which some measures taken might be capable of being
102
sufficiently effective to ensure genuine protection of the fundamental right

103
preventing unauthorised access to the protected subject-matter or, at least, of making it
104
lands, where the Court of Appeal of The Hague refused (in a decision rendered two
months prior to the CJEU judgment in Telekabel) to issue an order requiring two major
Dutch ISPs to block access to The Pirate Bay.105 The court reached this conclusion on
sharing platforms seem relatively ineffective to reduce [the overall level of] unauthorised
106
This was due, first, to the ease of circumvention, and, secondly, to the
freedom to conduct a business.107 This conclusion was not invalidated by the contention
made by the claimant (the Dutch collecting society BREIN in that case) that the blocking
Page 11 of 25

would not have cost the ISP anything.108 According to the court, the blocking, after all,
(p. 582) discretion, which, in
view of that blocking inefficacy, could not be justified by the need to protect intellectual
property.109 All the more so, the court reasoned, since the ISP was not itself committing
an infringement.110
Following the CJEU judgment in Telekabel

111
It held, with references to
bel, that the Court of Appeal had erred in its assessment of the blocking efficacy based on
the overall effect of the measure on illegal file-sharing on the internet.112
ing to the Supreme Court, the lower court had failed to recognize that even if certain
measures did not lead to a complete cessation of all copyright infringements, they could
still be compatible with the requirement of proportionality of Article 52(1) of the EU
Charter by at least making unauthorized access difficult or seriously discouraging it.113
including those issued prior to Telekabel,114

sonable effectiveness informed the decision of the High Court of Paris ordering four of
115
As stated in that judgment,
established, first, that the vast majority of Internet users who are accustomed to free
communications and to a number of Internet services, have a strong will to participate in
global piracy on a large scale. Second, the requested measures target the largest number
116
The court cited Telekabel
bility to ensure complete enforcement of the orders was not an obstacle to blocking and
did not have to result in the lack of recognition of the rights of IP holders by the
courts.117
This was also the position taken by some courts in Germany, where the Regional Court of
118
119
ers to demonstrate that such action can attain at least some efficacy.120
(p. 583)
blocking have been questioned by some commentators.121
ations advanced by the CJEU in Telekabel might still be called into question.
Page 12 of 25

4. Recent EU Copyright Reform and its Effects

on Website Blocking and Fundamental Rights
pean law (with some deviations) to shift enforcement burdens onto intermediaries. In that
sense, Telekabel contributes to the growing number of laws and judicial decisions that put
the burden of IP enforcement, previously allocated primarily to rightholders, on ISPs. The
Directive adopted by the European Parliament in 2019 on copyright in the Digital Single
Market contributes to this development.122
that an online content-sharing service provider performs an act of communication to the

public or an act of making available to the public for the purposes of this Directive when
it gives the public access to copyright-protected works or other protected subject matter
123
This implies that ISPs will be liable for infringing content made
available through their services, unless they can demonstrate that they have: (1) used
best efforts to obtain authorization from rightholders; (b) used best efforts to ensure the
unavailability of the infringing works; and (c) acted expeditiously, on receiving notice
from the rightholders, to disable access to, or to remove from, their websites the notified
works or other subject matter, and used best efforts to prevent their future uploading.124
It is therefore expected that ISPs will adopt filtering measures, such as automated upload
filters, in order to avoid liability for the activity of their users.125
Although this requirement concerns the content-hosting platforms, and not the internet
access providers that were the focus of Telekabel, it adds to the general phenomenon of
shifting IP enforcement competences to intermediaries. The main concern of (p. 584)
those opposing this tendency usually deals with the argument that once intermediaries
126 127
Martin
likely to pose substantial difficulties in practice and make far-reaching inroads into the
128
Concerns have also been raised with regard to the possible incompatibility
providers and its prohibition on general monitoring.129
Article 17 poses further risks for the implementation of certain exceptions and limitations
ing and making available content generated by them on online content-sharing services,
dy, and pastiche.130

dom of expression in the EU are hardly applicable, as the content filters arguably will not
be able to recognize what is or is not permitted.131
Page 13 of 25

5. Conclusions
In conclusion, it appears that, even in the light of the guidance provided by the European
dards applicable in the field of blocking orders and their collateral effects on fundamental
cent EU copyright reform imposes on online intermediaries. Nevertheless, existing

(p. 585)
marized as follows (as per the right to freedom of expression): (1) the manner in which
tent; (3) the general public interest in information; and (4) the availability of alternative
means of accessing the information. Insofar as the (EU-specific) freedom to conduct a
compassed: (1) the costs and complexity of blocking; and (2) subsidiarity. Finally, the
right to property perspective on website blocking dictates a required degree of efficacy of
the blocking.
sis in enforcement and competing fundamental rights has been confirmed.132 The CJEU
court, thereby being arguably more observant of freedom of expression and information
than was the ECtHR when it first ruled on copyright website blocking. On the other hand,
the CJEU (unlike its Advocate General or the ECtHR) shifted a considerable part of the
cate policy decision. The Luxembourg Court seems to consider that intermediaries cannot
what and in which cases. Arguably, it is not an easy task and it is difficult to blame the
tomed to resolving issues of copyright enforcement.133

stood as an invitation to the legislator to take responsibility and define the rules of the
game of the information society. Whether the EU legislator has succeeded in this task
tain, as numerous questions are left open by the new provisions regarding the liability of
intermediaries. Without doubt, several referrals to the CJEU will be needed to understand
tral role in balancing the interests at stake in the future.
Notes:
(*) This chapter draws for some parts on previous research published by the authors, in
Page 14 of 25

2004 on the enforcement of intellectual property rights [2004] OJ L195/16.
(3) See Directive 2000/31/EC of the European Parliament and of the Council of 8 June
(4) See, similarly, Information Society Directive (n. 1) recital 59.
(5) Note though that not all European jurisdictions make website blocking available to
rightholders. Notably, courts in Switzerland, which is not part of the EU and hence is not
bound by EU law, has recently refused recourse to website blocking in cases of copyright
Swiss film studio to order a local ISP to block its customers from accessing a website
cording to the Swiss Federal Supreme Court, the possibility to access copyright-protected
works in such circumstances was covered by the Swiss private copy exception and thus
did not amount to copyright infringement. See Federal Supreme Court of Switzerland,
case No. 4A_433/2018, 8 February 2019 (Swi.) <http://tiny.cc/u6jp7y
IPKat, 1 March 2019) < http://

ipkitten.blogspot.com/2019/03/31-countries-offer-site-blocking-in.html>.
(6
such and the right to freedom of information. The European Court of Human Rights has
over the years extended the latter right to inclusion of the right of access to information.
See, notably, Magyar Helsinki Bizottság v Hungary
vember 2016) para. 149. On the freedom of information in the copyright context, see
Christophe Geiger,
comparé
Research Handbook on
Human Rights and Intellectual Property (Edward Elgar 2015) 331.
ECLI:EU:C:2014:192.
(8
Page 15 of 25

(9
site) without the measures to be taken for that purpose by the addressee of the injunction
(15) See Akdeniz v Turkey (dec) App. no. 20877/10 (ECtHR, 11 March 2014). For comment
(eds), Intellectual Property and the Judiciary (Edward Elgar 2018) 48 ff.
(16) See Akdeniz v Turkey (n. 15) para. 29.
(20) ibid. para. 27 (emphasis added).
(22) ibid.
(23
process) guarantees are also discussed, but only to the extent that they affect substantive
rights that are relevant here. For a more substantial discussion of the fair trial aspects of
Defendant Rights and Interests in International Intellectual Property Enforcement
(24
New Developments in EU and International Copyright Law
Page 16 of 25

(25) C-314/12 (n. 7) para. 57 (emphasis added).
(26
Maria Riccio, and Marco Bassini (eds), Copyright Versus (Other) Fundamental Rights in
the Digital Age. A Comparative Analysis in Search of a Common Constitutional Ground
(Edward Elgar, forthcoming 2020).
(27) C-469/17 Funke Medien NRW GmbH v Bundesrepublik Deutschland [2019]

ECLI:EU:C:2019:623, and C-516/17 Spiegel Online GmbH v Volker Beck [2019]
ECLI:EU:C:2019:625.
(28) Funke Medien (n. 27) para. 70, and Spiegel Online (n. 27) para. 54 (emphasis added).
ization of Intellectual Property Law in the EU and the Funke Medien, Pelham and Spiegel
tional Intellectual Property Studies (CEIPI) Research Paper No. 2019-09 <https://
ssrn.com/abstract=3472852> or <http://dx.doi.org/10.2139/ssrn.3472852
coming 2020).
(29) Further on the possible consequences of the recognition of user rights, including in
Giblin and Kim G. Weatherall (eds), What if We Could Reimagine Copyright? (Australian
National University (ANU) Press 2016) 94; Pascale Chapdelaine, Copyright User Rights:
Contracts and the Erosion of Property
yond the Conflict Between Freedom of Contract and Copyright Policies: In Search of a
IIC, <https://doi.org/10.1007/s40319-019-00883-0>.
(30) Svea hovrätt. Patent- och marknadsöverdomstolen [Swedish Patents and Market
Court of Appeal] Telia Sverige AB v Aktiebolaget Svensk Filmindustri and others
ary 2019] case no. PMÖ 9945-18, 10 (Swe.). See also, for a translation from Swedish,
Page 17 of 25

IPKat, 8 February 2019) <http://

ipkitten.blogspot.com/2019/02/swedish-patents-and-market-court-of.html>.
(31) See Ahmet Yildirim v Turkey App. no. 3111/10 (ECtHR, 18 December 2012); and
giz and Others v Turkey App. nos 48226/10 and 14027/11 (ECtHR, 1 December 2015).
(32) Akdeniz v Turkey (n. 15) para. 27; Cengiz and Others v Turkey
phasis added).
(33) Cengiz and Others v Turkey (n. 31) para. 49.
(36) On the proportionality review carried out by the ECtHR in copyright cases, see
Geiger and Izyumenko (n. 15) 37 ff, and, comparing approaches of the ECtHR and CJEU
(37) C-314/12 (n. 7) para. 56.
(38) ibid. (emphasis added). See also C-484/14

ment Germany GmbH [2016] ECLI:EU:C:2016:689, para. 93.
(39) Akdeniz v Turkey (n. 15) para. 28 citing Ahmet Yildirim v Turkey
(the translation from French draws on the Legal Summary of the case prepared by the
(40) See Twentieth Century Fox Film Corp. & Others v British Telecommunications Plc
[2011] EWHC 1981 (Ch) (UK).
(41
(42) Bundesgerichtshof [Supreme Court] (BGH) [26 November 2015] I ZR 3/14,
man). See also, to the same effect, BGH [26 November 2015] I ZR 174/14, DE:BGH:
2015:261115UIZR174.14.0, para. 55 (Ger.).
(43) ibid. (emphasis added).
(44) See Maritime and Commercial Court in Copenhagen Fritz Hansen A/S and Others v
Telia Danmark [11 December 2014] no. A-38-14 (Den.).
Page 18 of 25

(45) See Oslo Tingrett [Oslo District Court]

ers v Telenor Norge AS and others [1 September 2015] no. 15-067093TVI-OTIR/05 (Nor.).
Pirate Times, 3 September 2015) <http://piratetimes.net/norway-blocks-the-pirate-

bay-and-other-sites/>.
(46) Telia Sverige AB

tandis, Swedish Patent and Market Court of Appeal
ers v B2 Bredband AB [13 February 2017] case no. PMT 11706-15 (Swe.); Stockholms
Tingsrätt/Patent- och marknadsdomstolen [Stockholm Patent and Market Court] Svensk
Filmindustri and Others v Telia Sverige [25 October 2018] (Swe.).
(47) See Savola (n. 26) 126 para. 72.
(48 TorrentFreak, 3
April 2014) <https://torrentfreak.com/court-orders-isps-to-unblock-pirate-site-140403/>.
(49) ibid.
(50) See Tribunale di Milano [Milan Court of First Instance] Mediaset Premium v Orlando
and Others
IPKat, 31 August 2016)
<http://ipkitten.blogspot.com/2016/08/milan-court-of-first-instance-rejects.html>.
(51
(52) Akdeniz v Turkey (n. 15) para. 26 (emphasis added).
(54) See Sürek v Turkey (No. 1) [GC] App. no. 26682/95 (ECtHR, 8 July 1999) para. 61;
Lindon, Otchakovsky-Laurens and July v France [GC] App. nos 21279/02 and 36448/02
(ECtHR, 22 October 2007) para. 46; Axel Springer AG v Germany [GC] App. no. 39954/08
(ECtHR, 7 February 2012) para. 90; Morice v France [GC] App. no. 29369/10 (ECtHR, 23
April 2015) para. 125; and Bédat v Switzerland [GC] App. no. 56925/08 (ECtHR, 29 March
2016) para. 49. See Geiger and Izyumenko (n. 51) 325 ff.
(55) See Cengiz and Others v Turkey (n. 31) para. 50; Yildirim v Turkey (n. 31) para. 51.
(56) See Neij and Sunde Kolmisoppi v Sweden

ary 2013); Akdeniz v Turkey (n. 15) paras 25 and 26.
(57) See Pedersen and Baadsgaard v Denmark

ber 2004) para. 71; De Haes and Gijsels v Belgium
ary 1997) para. 37.
Page 19 of 25

(58 [4 May 2011]

no. 389526/KG ZA 11-294 (Neth.) (translation from Dutch by Kennedy Van der Laan at
<http://www.nadiaplesner.com/upl/website/simple-living--darfurnica1/
VerdictEnglish.pdf>).
(59) Cour de cassation [French Supreme Court]

piratoires et la Tuberculose v Societe JT International GmbH, no. 1601, 19 October 2006
(Fr.).
(60) See Cour de cassation Sté Esso v Greenpeace France [8 April 2008] no. 06-10961
(Fr.); Cour de cassation Associations Greenpeace France et Greenpeace New-Zealand v la
Société Areva [8 April 2008] no. 07-11251 (Fr.).
(61
Sté Gervais Danone [30 April 2003] (Fr.).
(62) See BGH
(ed.) (n. 6) 354.
(63) See Cengiz and Others v Turkey
(65
https://
assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/
file/78095/Ofcom:Site-Blocking-_report_with_redactions_vs2.pdf>. See also Cormac
Callanan and others, Internet Blocking: Balancing Cybercrime Responses in Democratic
Societies (Aconite/Open Society Institute, October 2009) <http://www.aconite.com/sites/
default/files/Internet_blocking_and_Democracy.pdf >.
(66) Ofcom (n. 65) 5.
(67
Computing 84, 85.
(68
stitute for Information Law, Amsterdam (3 July 2014).
(69) ibid.
(70) C-314/12 (n. 7) para. 49. More generally on freedom to conduct a business in the IP
Page 20 of 25

(71) C-314/12 (n. 7) para. 50.
(72) ibid. para. 51 (emphasis added).
(75 The
1709 Blog, 28 March 2014) <http://the1709blog.blogspot.fr/2014/03/website-blocking-in-
copyright.html> (emphasis added). See also in this sense, Husovec (n. 26) 632; Christina
Kluwer Copyright Blog, 3 April 2014) <http://kluwercopyrightblog.com/

2014/04/03/upc-telekabel-wien/
ment L. Rev. 175, 177.
(76) See C-70/10

teurs SCRL (SABAM) [2011] ECLI:EU:C:2011:771 and C-360/10 Belgische Vereniging van
Auteurs, Componisten en Uitgevers CVBA (SABAM) v Netlog NV [2012] ECLI:EU:C:
2012:85.
(77) See C-70/10 (n. 76) para. 48; and C-360/10 (n. 76) para. 46. See also, in the trade
mark context, C-324/09 [2011]
ECLI:EU:C:2011:474, para. 139.
(78) UPC Telekabel Wien (n. 7) para. 50; C-70/10 (n. 76) para. 48; C-360/10 (n. 76) para.
46.
(79) Cour de cassation [6 July 2017] judgment no. 909, ECLI:FR:CCASS:2017:C100909
(80) ibid.
(81) ibid.
(82) Cartier International AG and others v British Telecommunications Plc and another
[2018] UKSC 28 [31] (UK) (hereafter Cartier
turned the position taken at first instance and on appeal, in accordance with which the
costs are to be allocated with the ISPs, who are then in a position to pass on such costs to
their customers in the form of higher subscription fees. See Cartier International AG and
others v British Sky Broadcasting Ltd and others
firmed on appeal: [2016] EWCA Civ 658 (hereafter Cartier 2016).
(83) Cartier 2018 (n. 82) [28].
(84) Directive 2001/29/EC (n. 1) recital 59.
Page 21 of 25

(85) Landgericht [District Court] (LG) Munich, [1 February

2018] case no. 7 O 17752/17, para. 6 (Ger.) (English translation of the original German
judgment available at <http://copyrightblog.kluweriplaw.com/wp-content/uploads/sites/
49/2018/05/Translation-of-Decision-of-District-Court-Munich.pdf>). For comment on this
Kluwer Copyright Blog, 10 May 2018) <http://

copyrightblog.kluweriplaw.com/2018/05/10/first-blocking-order-germany-prevent-access-
copyright-infringing-website/>.
(86) (n. 85) para. 6.
(87) ibid.
(88) Directive 2001/29/EC (n. 1) recital 59 (emphasis added).
(89) C-314/12 (n. 7) para. 31 (emphasis added).
(90) For a discussion of this principle, see e.g. Christoffersen (n. 36).
(91) Directive 2004/48/EC (n. 2) recital 23; and, analogously Directive 2001/29/EC (n. 1)
recital 59.
(92
Kluwer Copyright Blog
cember 2015) <http://kluwercopyrightblog.com/2015/12/22/isp-liability-finally-achieved-
in-germany/
Technology Law Blog, 29 November 2015) <http://www.husovec.eu/2015/11/bgh-accepts-
website-blocking-injunctions.html>.
(93
(94 http://
juris.bundesgerichtshof.de/cgi-bin/rechtsprechung/document.py?
Gericht=bgh&Art=pm&Datum=2015&Sort=3&nr=72928&pos=14&anz=209
translation from German).
(95) ibid.
(96) ibid.
(97) See (n. 85) para. 3.
(98) C-314/12
produktionsgesellschaft mbH [2013] ECLI:EU:C:2013:781, Opinion of AG Villalón, para.
107.
(99) TGI Paris APC and Others v Auchan Telecom and Others [28 November 2013] no.
Page 22 of 25

(100) See Hof van Beroep Antwerpen [Antwerp Court of Appeals] VZW Belgian Anti-Piracy
Federation v NV Telenet [26 September 2011] no. 2011/8314 (Bel.) cited in Savola (n. 26)
para. 59.
(101) See Helsinki Court of Appeals Elisa [15 June 2012] no. S 11/3097 (Fin.) cited in
Savola (n. 26) para. 55.
(102) C-314/12 (n. 7) para. 60.
(103) ibid. para. 62. This was also the position of AG Villalón. See C-314/12, Opinion of AG
(104) C-314/12 (n. 7) para. 60. See also C-484/14 (n. 38) para. 99 (finding that requiring
the effective protection of
(105) See Gerechtshof Den Haag [Court of Appeal of The Hague] Ziggo and XS4ALL v
BREIN [28 January 2014] no. 200.105.418/01 (Neth.).
(106
(107) Ziggo (n. 105) para. 5.22.
(108) ibid.
(109) ibid.
(110) ibid.
(111) Hoge Raad [Dutch Supreme Court] Ziggo and XS4ALL v BREIN [13 November 2015]
no. 14/02399 (Neth.).
(112) ibid. para. 4.4.2.
(113) ibid. with references to C-314/12 (n. 7) para. 62.
(114) Twentieth Century Fox (n. 40) [198]; Cartier 2016 (n. 82) [64].
(115) TGI Paris SCPP v Orange, Free, SFR et Bouygues Télécom [4 December 2014] no.
14/03236 (Fr.).
(116
(117) ibid.
(118) (n. 85) para. 4.
(119) ibid.
Page 23 of 25

(120
(121) See e.g. Savola (n. 26) para. 75.
(122) See Directive 2019/790/EU of 17 April 2019 on copyright and related rights in the
Digital Single Market and amending Directives 96/9/EC and 2001/29/EC [2019] OJ
L130/92.
(123) ibid. Art. 17(1).
(124) ibid. Art. 17(4).
(125
https://ssrn.com/abstract=3367219>
ary and artistic works every day, the employment of automated filtering tools to ensure
(126
8(2) SCRIPTed 154, 154.
(127
The Evolution and Equilibrium of
Copyright in the Digital Age (CUP 2014) 48.
(128) Senftleben (n. 125).
(129
https://
right-reform-def.pdf>. See also, suggesting that Europe is currently witnessing the death
(130) Directive 2019/790/EU (n. 122) Art. 17(7).
(131) The Art. 17 incorporation of the freedom of expression safeguards in the text of
Telekabel to find a balance
with fundamental rights, albeit on the level of judicial lawmaking. For the suggestion of a
workable solution on how to incorporate and internalize the currently largely external
freedom of expression safeguards in European copyright law, see Christophe Geiger and
Page 24 of 25

(132) On the increasing influence of human and fundamental rights on the resolution of IP
Intellectual Property and Human Rights (3rd edn, Kluwer

in
Rights: When Freedom of Artistic Expression allows Creative Appropriations and Opens
Sun (eds), The Cambridge Handbook of Copyright Limitations and Exceptions

coming 2020).
(133
activity in this sphere: see further on this, Izyumenko (n. 36); Geiger and Izyumenko (n.
15); and Geiger and Izyumenko (n. 131).
Christophe Geiger
Christophe Geiger is Professor of Law and Director of the Research Department of
versity. Email: christophe.geiger@ceipi.edu.
Elena Izyumenko
al Intellectual Property Studies (CEIPI), University of Strasbourg. Email:

elena.izyumenko@ceipi.edu.
Page 25 of 25

Monitoring and Filtering: European Reform or Global Trend?
Monitoring and Filtering: European Reform or Global

Trend?
Giancarlo Frosio Sunimal Mendis
toring obligations on intermediaries along the entire spectrum of intermediary liability
ly enacted EU Directive on copyright in the Digital Single Market has come under fire for
right-infringing content stored or transmitted by them. Based on an analysis of case law
cate the new European reform within a much wider global trend that aims to impose
proactive monitoring and filtering obligations on OSPs. It argues that the impetus for the
ticle 17 diverges from the existing intermediary liability framework in the EU, the chapter
tems and algorithmic enforcement mechanisms.
Keywords: monitoring, filtering, case law, copyright, trade marks, privacy, speech, copyright reform, digital single
market, article 17
INCREASINGLY, proactive monitoring obligations have been imposed on intermediaries

along the entire spectrum of intermediary liability subject matter. This has happened via
voluntary measures, judicial decisions, and legislation, as in the case of the recent EU
copyright law reform. Since its initial introduction, the proposal1 for an EU Directive on
copyright in the Digital Single Market (C-DSM Directive) has been the subject of heated
debate. A critical point of this controversy has been (and indeed continues to be) Article
17 (previously Art. 13) of the C-DSM Directive that imposes a heightened duty of care and
an enhanced degree of liability on online content-sharing service providers (OCSSPs) as
regards copyright-infringing content that is posted on their services by users. It has been
Page 1 of 25

argued that (at least in practical terms), the avoidance of liability under the new regime
tent (UGC). If this is the case, Article 17 would signal a transition of EU copyright law
spread adoption of automated filtering and algorithmic copyright enforcement systems.

In reviewing this magmatic legal framework, the chapter considers the implications of
termediaries.
(p. 545) 1.
Since the early days of the internet industry, determining the nature and scope of online
service provider (OSP) liability for content posted by third parties on online digital spaces
and services provided by them, has been a pressing issue for judges and policymakers.2
In the EU, the e-Commerce Directive3 (ECD) provides the main legal framework4 for the
der section 512 of the Digital Millennium Copyright Act (DMCA)5 and section 230 of the
Communications Decency Act (CDA).6
tively seek facts or circumstances indicating illegal activity. Together with safe harbour
provisions which impose liability based on knowledge,7 OSPs may become liable only if
they do not take down allegedly infringing materials promptly enough upon knowledge of
its existence, usually given by a notice from interested third parties.8 Although Article
14(3) read with recital 47 of the ECD does allow national law to provide for monitoring
general
tions.9 The ECD also acknowledges that Member States can impose duties of care on
10
However, their scope should not extend to general monitoring obligations, if any meaning
is to be given to the statement in recital 47 that only specific monitoring obligations are
allowed. Furthermore, recital 48 of the ECD emphasizes that the duties of care required
reasonably
11
them.
ed from service providers, these (p. 546) are explicitly barred by the Directive. In order to
distinguish general from specific monitoring obligations, it should be considered that: (1)
as an exception, specific monitoring obligations must be interpreted narrowly; (2) both
Page 2 of 25

sonably expected to be identified, must be sufficiently narrow; and (3) it must be obvious
which material constitute an infringement.12 As Van Eecke noted:
[i]f [clear criteria] are not defined, or only vague criteria are defined by the court
hosting provider to necessarily investigate each and every video on its systems
posed.13
through the digital spaces or services provided by them. As noted by Friedmann,14

gal frameworks in the EU and the United States on intermediary liability were drafted
sion of the variety and quality of internet services.15 This negligence-based approach to
intermediary liability has been adopted by jurisdictions across the world and for a long
time remained the prevalent standard for determining the liability of OSPs regarding
copyright-infringing content disseminated over their services.
Although imperfect because of considerable chilling effects,16

mediary liability system has inherent built-in protections for fundamental rights. (p. 547)
tive monitoring and filtering mechanisms in EU law.17 The Joint Declaration of the Special
services.18
2.
Global Shift in Intermediary Liability
ened standard of liability on OSPs as regards content uploaded by users. This approach is
underscored through the imposition of obligations on OSPs to proactively engage in the
monitoring and filtering of content stored and transmitted by them. This signifies a
Page 3 of 25

tion is steadily gaining ground and evolving into a mainstream approach to intermediary
liability.
This shift is primarily reflected in developments in case law and appears to be rooted in
untameable monsters19 who are likely to inflict imminent harm unless subdued through
enhanced legal obligations and liability. It has been supplemented by automated content-
screening and filtering software adopted by influential industry players.
(p. 548) 2.1 Case Law
The decision delivered by the Brazilian Superior Tribunal de Justiça (STJ) in the Dafra20
case is a good starting point for illustrating this shift. In this decision, which concerned
copyright-infringing videos posted on the YouTube platform (owned by Google) by users,
the Brazilian STJ stressed the importance of imposing liability on intermediaries, stating
lated unauthorized videos, even if they were uploaded by other users and bore a different
title.21
take down all videos due to the fact that blocking filters that are capable of identifying all
infringing materials do not currently exist22
that the lack of a technical solution for fixing a defective new product does not exempt
the manufacturer from liability, or from the obligation of providing a solution.23
talization and internet distribution.24

forcement. The court in Dafra
public lynching of innocents are routinely reported, all practiced in the worldwide web
with substantially increased damage because of the widespread nature of this medium of
25
tice Newman of the US Court of Appeals for the Second Circuit in the decision delivered
in the Universal v Corley case.26
frain from using the DMCA as an instrument of censorship, Justice Newman replied as
27
In the Baidu
ing obligations on hosting providers based on the popularity of the infringed works and
high-volume views/downloads.28
Page 4 of 25

able to impose on the OSP Baidu, a duty to monitor and to examine the legal status of an
uploaded work once it had been viewed or downloaded more than a (p. 549)
ber of times.29
nally created by the uploader or legally authorized by the copyright owners.30 However,
cient for triggering the duty, thereby giving rise to legal uncertainty regarding the exact
A notable exception to the global trend in enforcing proactive monitoring obligations is

the decision delivered by the Supreme Court of Argentina in the Belén Rodriguez case.31
search engines Google and Yahoo for linking search results to third party content which,
she claimed, violated her copyright and her right to honour and privacy. In the lower
32
However, the imposition of liability based on a
regime of strict liability was repudiated by the Argentinian Supreme Court which adopted
a test based on actual knowledge and negligence and required judicial review for issuing
vent infringing links from appearing in the future.33 In the rather extreme view taken by
ently, the Argentinian Supreme Court believes that, if harm is not manifest, a balancing of
rights might be necessary, which can only be done by a court of law rather than a private
party.
2.1.1 The European experience
ment made by Judge Newman in the US Court of Appeals in Universal v Corley (but this
time in the context of hate speech rather than copyright infringement). The ECtHR
(p. 550)
er before, worldwide, in a matter of seconds, and sometimes remain persistently available

34
net news portal should be liable for user-generated comments and obliged to monitor and
proactively filter its networks in order to avoid liability. The Delfi
comments containing clearly unlawful hate speech which had been posted below a news
Page 5 of 25

article published by Delfi (an Estonian internet news provider) on its online news portal.
der its freedom to impart information. Thus, the ECtHR was required to strike a balance
between the freedom of expression granted under Article 10 of the European Convention
on Human Rights and the preservation of personality rights of third persons under Article
8 of the same Convention.35
fere with freedom of expression.36

age risk of defamation or hate speech,37
lowed,38 a professionally managed and commercially based internet news portal should
39
based filtering or ex post
tHR therefore concluded that finding Delfi liable for anonymous comments posted by
third parties on its online platform did not breach its freedom to impart information.40 In
intermediaries. In MTE
could function in many cases as an appropriate tool for balancing the rights and interests
41
of all those (p. 551) Therefore, if the specifics of Delfi do not apply and the
42
the ECtHR
43
Similarly, in the
case of Pihl v Sweden, the ECtHR confirmed its previous reasoning by rejecting the
lished on a blog.44 The ECtHR reasoned that no proactive monitoring à la Delfi was to be
imposed against the defendant because, although the comment had been offensive, it had
not amounted to hate speech or an incitement to violence; it had been posted on a small
blog run by a non-profit association; it had been taken down the day after the applicant
had made a complaint; and it had only been on the blog for around nine days.45 Still,
46
the Baidu decision, the ECtHR also seems to set a threshold for proactive monitoring
based on the popularity of the content in question. In the Delfi decision, the ECtHR noted
bers of comments posted below it.
At the national level, too, courts of the EU Members States have implemented proactive
ty subject matter.
Page 6 of 25

In the Allostreaming47
ing and affiliated enterprises. In addition, search engines, including Google, Yahoo, and
Bing, were required to proactively expunge any link to those websites from their search
results.48 (p. 552) with a
49
principle of proportionality that [ISPs and search engines] contribute to blocking and
50
borne by access and hosting providers.51
52
el is mainly based on copyright infringement. In two disputes involving the Swiss-based
shof (BGH) imposed monitoring obligations on RapidShare.53
it nevertheless provided incentives to third parties to illegally share copyrighted

content.54 Therefore (as also affirmed by the BGH in the decision delivered in the case of
Atari Europe v RapidShare55
quired to abide by more stringent monitoring duties. Thus, the BGH determined that a
hosting provider is not only required to delete files containing copyrighted material as
soon as it is notified of a violation by the rightholder but must also take steps to prevent
similar infringements by other users in the future. File-hosting services are required to
actively monitor incoming links to discover copyrighted files as soon as there is a specific
reason to do so and then to ensure that those files become inaccessible to the public.56 In
by user-generated repositories of links.57 Furthermore, in the (p. 553)

58
ther manually or through software filters, if the necessary measures were possible and
economically reasonable.59
trine of Störerhaftung which, as codified in section 1004 of the German Civil Code, grants
terference with his property.60

ing held liable as a Störer (i.e. an interferer) if that would entail an unreasonable burden
on him, the BGH struggled to determine the exact scope of the duty of care to be imposed
Internet Auction III case, the BGH determined that the investigation of clearly noticeable
Page 7 of 25

whereas a filtering obligation which endangers the business model of the internet auction
platform would be unreasonable. However, as per a later decision of the BGH delivered in
61
On the other hand, offering filtering tools to trade
themselves, would
be sufficient for the purpose of avoiding liability under the doctrine of Störerhaftung.62
In Italy, a mixed case law has emerged. Some courts have imposed proactive monitoring
obligations on intermediaries, whereas other courts have taken the opposite stance and
confirmed that there is no monitoring obligation for intermediaries under European law.63
In a long-standing legal battle between Delta TV and YouTube being (p. 554) fought before
the Tribunal of Turin, Delta TV sued Google and YouTube for copyright infringement of
certain South American soap operas that users had uploaded to YouTube. In this case,
Google complied with its notice-and-takedown policy, and the videos were removed as
soon as the specific URLs were provided by Delta TV. In one interim decision, the court
videos and to prevent further uploads of the same content through the use of its Content
ID software (using as a reference the URLs provided by Delta TV).64 The court stressed
65
In 2017, the Tribunal of Turin delivered a final decision on the matter,
confirming the previous decision and an obligation on YouTube to partially monitor its
network by preventing the re-uploading of previously removed content.66 The court noted
67
According to the court,
this amounts to an ex post specific obligation or duty of care in line with recital 40 of the
ECD. It is worth noting that multiple Italian cases have applied reasoning which is similar
to that employed by the Brazilian STJ in the Dafra case, by stating that hosting providers,
ments once they have actual knowledge of the infringement, according to the principle
cuius commoda, eius et incommoda
68
tual (or tort) liability under which any person who benefits from a certain activity should
be liable for any damages that that activity may cause.
On the other hand, in Spain, the decision delivered by the Madrid Court of Appeal in the
Telecinco case marks a departure from the trend towards the imposition of general
(p. 555) monitoring obligations.69 Indeed, it is in line with several decisions delivered by
the national courts of EU Member States (including Italy as mentioned earlier) that deny
the application of general monitoring obligations in accordance with Article 14 of the
ECD. In the Telecinco case, the Madrid Court of Appeal dismissed the request of Telecinco
the future posting of copyright-infringing content by users on the YouTube platform. In

Page 8 of 25

tion of a proactive monitoring obligation at the national level is pre-empted by EU law

and jurisprudence. The Court of Appeal noted that although the CJEU interpreted Article
which contribute, not only to bringing to an end infringements of those rights by users of
70
it also
71
Accordingly, the Court of Appeal concluded that
issuing an injunction to prevent future infringements would be in contravention of EU
law, as it would result either in an order to proactively monitor UGC (contrary to the
ECD) or in an obligation to implement a filtering system that, according to the CJEU,
rights, including data protection and freedom of information.
2.2 Private Ordering: Emerging Industry Practice
dering mechanism in response to pressure from rightholders and governments to purge

the internet of allegedly infringing content or illegal speech and as a means of protecting
themselves from lawsuits as regards content uploaded by third parties. In 2008, Google
form (owned by Viacom) by users.72

tering system known as Copyright Match in the aftermath of a copyright-infringement
lawsuit brought against it by Capitol Records and EMI concerning several (p. 556) music
videos that were uploaded to the Vimeo platform by users.73 Both technologies rely on
digital fingerprinting to match an uploaded file against a database of protected works
cluding: (1) muting matched audio in an uploaded video; (2) completely blocking a
74
The Copyright
Match system functions in a similar way. Tailoring of Content ID policies is also possible
ing on the amount of copyrighted content included in the allegedly infringing uploaded
75
Private ordering by OSPs through the voluntary application of monitoring mechanisms is
76
In other words, the Commission would
cific problems.77
Page 9 of 25

and swiftly remove illegal material, instead of reacting to complaints. As the Commission
78
Again, the Commission a 2017 Communication aims at promoting
proactive
79
As an umbrella framework, in
commitments to combat the spread of illegal hate speech online in Europe.80

tial response to this increased pressure from the EU regarding the role of intermediaries
in the fight against online terrorism, major tech companies announced that they would
begin sharing hashes of apparent terrorist propaganda.81 For some time, YouTube and
Facebook have been using Content ID and (p. 557)
82
For this purpose, tech companies plan to create a shared database of unique
rorism.83 When one company identifies and removes such a piece of content, the others
will be able to use the hash to identify and remove the same piece of content from their
84
tion, the task of defining removal policies will remain within the remit of each platform.85
3. The EU Copyright Directive in the Digital
tion?
tive means. The C-DSM Directive limits itself to OCSSP liability relating to content that
vacy, etc.
proposed by the Commission in September 2016 (hereafter C-DSM Directive Proposal).86

In July 2018, the European Parliament rejected a mandate proposed by the Legal Affairs
(JURI) Committee to enter into negotiations with the European Council for the purpose of
enacting the C-DSM Directive,87 following which (and after further negotiations) an
(p. 558) was then
Directive and Article 17 (then Art. 13) was agreed upon during the trilogue negotiations
Page 10 of 25

This agreed-upon text (with several inconsequential changes) was finally adopted by the
Council in April 2019 (following its approval by the Parliament).88
Before proceeding to discuss the salient features of Article 17, a brief exposition of the
line digital economy which refers to an alleged unfair distribution of revenues generated
from the online use of copyright-protected works among industry actors along the value
chain.89
to engage in a more proactive role in preventing the availability of copyright-infringing
priate remuneration for the use of their works.90
3.1 Definition of an OCSSP
Article 2(6) of the C-DSM Directive defines an OCSSP as:
es is to store and give the public access to a large amount of copyright- protected works
or other protected subject-matter uploaded by its users, which it organises and promotes
for profit-making purposes.91
Thus, the application of Article 17 is limited to UGC hosting providers.92

quired that the OCSSP plays an active role in organizing (including categorizing) the UGC
content and promoting it for profit-making purposes, thereby excluding the (p. 559)
cation of the hosting liability exemption in Article 14 of the ECD.93 In doing so, the C-
94
DSM Directive redeploys the language of the CJEU in
mization and promotion of offers for sale hosted on its platform by eBay was linked to the
active role played by eBay in respect of those offers for sale, thereby removing it from the
protection offered under Article 14 of the ECD. As per recital 62 of the C-DSM Directive,
the definition of an OCSSP is expected to target online services which play an important
role in the online content market by competing with other online content services such as
online audio- and video-streaming services, for the same audiences. On the other hand,
abling users to upload and share copyright-protected content for profit-making purposes
such as OCSSPs operating for non-profit motives (e.g. open-source software-development
platforms, online encyclopedias), electronic communication services,95
tected content, and business-to-business cloud services (e.g. cyberlockers) that allow
users to upload content for their own use.96 In sum, platforms like YouTube, Facebook,
cle 2(6). This further serves to underscore the primary aim of Article 17 as closing the
Page 11 of 25

ers. Although this may constitute a legitimate objective, the means employed by Article
17 appear to overreach this aim and threaten to severely upset the balance between the
right-protected content online.
3.2 A General Monitoring Obligation?
tion that they perform an act of communication to the public97
loaded by users. This represents a radical shift from the prevailing regulatory framework
under the ECD that imputes secondary liability based on actual knowledge (p. 560) and
98
Thus, under Article 17 OCSSPs would automatically be assumed to infringe
copyright and be held directly liable for acts of copyright infringement that are materially
committed by users who upload unauthorized content to online services provided by
them.
The imposition of direct liability for copyright infringement is combined with an elevated
standard of care and due diligence that is exemplified through a three-tier framework of
direct liability.99
tion of the relevant copyright owners (rightholders) before communicating any copyright-
protected content to the public.100
sure the unavailability of specific works concerning which rightholders have provided the
relevant and necessary information.101 Thirdly, on receiving a sufficiently substantiated
notice from the rightholders, OCSSPs are required to act expeditiously to disable access
content).102 As noted previously, the limitation of liability under Article 14 of the ECD is
made expressly inapplicable to situations covered under Article 17.103
104
105
ness of the steps taken and their proportionality in achieving the relevant objective (i.e.
to avoid and to discontinue the availability of unauthorized works) are also pertinent to
means, including future developments, for avoiding the availability of different types of
106
Thus, it is anticipated that the standard of due diligence expected from
proved and effective means of identifying and blocking unauthorized copyright-protected

content from online platforms.
Page 12 of 25

It is argued here that the transformation effected by Article 17 to the nature and scope of
through legislative means of the shift initially observed through case law in perceiving
of copyright-infringing content over the online services provided by them. On the one
(p. 561) hand, Article 17 is unprecedented in its imposition of direct liability on OCSSPs
for copyright infringement and the high standard of care to which OCSSPs are required
to adhere. Even CJEU case law that may be interpreted as reinforcing the position upheld
by the C-DSM Directive has hitherto not reached so far.107
On the other hand, it is difficult to envision how an OCSSP could

cle 17 without engaging in general monitoring of content. Ensuring the unavailability of
specific works for which rightholders have provided relevant and necessary information
ly infringing content. Preventing future uploads of unauthorized content once they have
been taken down would be especially difficult to achieve without engaging in general
monitoring of all content uploaded to the online service so as to ensure the exclusion of
Through the decisions delivered in the cases of Scarlet, Netlog, and , the
CJEU has authoritatively defined the distinction between general and specific monitoring
obligations. In Netlog
ropean law must be interpreted as precluding the requirement for a hosting provider to
install a system for filtering: (1) information which is stored on its servers by the users of
its service; (2) which applies indiscriminately to all of those users; (3) as a preventative
ble of identifying electronic files containing musical, cinematographic, or audiovisual

works.108 It is evident that any obligation to monitor all content uploaded by users to a
ing obligation within the meaning of this definition. This is further substantiated by the
decision delivered by the CJEU in the case where the CJEU made it clear
fringements would be precluded by EU law.109
preventative measure over an unlimited time at the exclusive expense of the OCSSP, and
apply to all kind of infringements, thus remaining general rather than specific. Therefore,
110
cle shall in practical terms, by requiring
content over services provided by them, (p. 562) Article 17 (albeit indirectly) compels
them to engage in general monitoring of content posted by users on their services.111
Page 13 of 25

ability of infringing content) is developed on a voluntary basis under the aegis of Article
not in any way preclude OCSSPs from voluntarily engaging in the general monitoring of
content uploaded by users in order to avoid liability under Article 17. In view of the high
standard of care required of them, it is natural to assume that many risk-averse OCSSPs
112
lized in guidance issued by the Commission.113 Article 17 would be de facto imposing

monitoring obligations but not ex lege, making the chances of success of a challenge on
the basis of the afore-mentioned inconsistency with the ECD extremely low.
tent-recognition technologies) and algorithmic enforcement mechanisms (e.g. automated
tent uploaded by users through manual filtering of content would impose a considerable
financial and logistical burden on OCSSPs. Thus, automated filtering and blocking tools
accordance with industry standards and evolving technologies implies that OCSSPs may
even be legally required to employ algorithmic monitoring and enforcement systems if
these are determined to be the most effective and proportionate means of achieving the
unavailability of specific copyright-protected content over online services, and moreover
gies such as content-recognition (p. 563) tools.114 This reference to the use of effective
tices.115
tems was deleted from the final version, thereby leaving the door open for OCSSPs to use
automated content-blocking in fulfilling their obligations under Article 17.
Page 14 of 25

4. Effect on Fundamental Rights

The implications of an increase in the general monitoring by OCSSPs of content uploaded
to online services, and the enhanced use of automated filtering and enforcement systems
other fundamental rights.116 In particular, automatic infringement-assessment systems
ileged uses of copyright protected content.117
tween unauthorized uses of copyright-protected content and uses that are permissible by
reason of falling within the ambit of copyright exceptions and limitations.118 Therefore,
(p. 564) undermine the freedom of information, since that system might
119
The redress mechanism under Article 17(9) that enables users to challenge the removal
or blocking of access to content uploaded by them falls short of adequately preserving
where all specific works duly notified would be blocked regardless of whether or not their
use was privileged, with a redress mechanism operating ex post, defies the fundamental
ex
ante
rality in online content distribution. Actually, the introduction of a complaints and redress
mechanism120 inter alia to prevent misuses of or restrictions to the exercise of exceptions
and limitations, turns a traditionally ex ante review mechanism into an ex post mechanism
while content is taken down proactively by automated algorithmic filtering regardless of
the fairness of the use, the application of exceptions and limitations, or the public domain
status of the works. Again, Article 17 confirms this departure from traditional procedural
arrangements for the enforcement of intellectual property rights (IPRs) by providing that,
authority to assert the use of an exception or limitation to copyright and related

121
Traditional IPR enforcement focuses on the merits of claims of infringement by
rightholders, rather than on re-users asserting the use of an exception or limitation in
court after
tion will usually be too high for these creators who will predominantly choose not to seek
any legal redress even if the blocking or takedown has apparently been bogus.122
Page 15 of 25

5. Conclusions
ations on OCSSPs under Article 17 of the C-DSM Directive is not a novel contrivance
wrought by an inventive EU legislature but, rather, represents the legislative culmination
of a global trend that inclines towards the imposition of proactive monitoring and filtering
obligations on OSPs. It argues that it constitutes a legitimation by legislative means of an
(p. 565)
123
rithmic enforcement systems. This has the potential to severely curtail the ability of users
to benefit from legally granted exceptions and limitations that enable certain privileged
uses of copyright-protected content and may even curb the use of certain public domain
content.
ticle 17 as regards copyright-protected content will expand to other subject matter along
vacy, etc. In the meantime, it is vital to ensure that Article 17 is interpreted and enforced
diaries, and rightholders, especially in relation to the preservation of the fundamental

rights to expression and information.
Notes:
(1
DSM Directive Proposal).
(2
Lexology, 28 February 2018) <www.lexology.com/library/detail.aspx?
g=6048affd-983e-4b18-b63f-3320ea85fae9>.
(3) See Directive 2000/31/EC of the European Parliament and the Council of 8 June 2000
merce, in the Internal Market [2000] OJ L178/1. The ECD is supplemented by Directive
sation of certain aspects of copyright and related rights in the information society [2001]
tellectual property rights [2004] OJ L157/45.
(4) See Directive 2000/31/EC (n. 3) Arts 12, 13, 14, and 15.
(5) See the Digital Millennium Copyright Act of 1998, 17 USC § 512(m).
Page 16 of 25

(6) See Communication Decency Act [1996] 47 USC s. 230.
(7
(8) Note that there is no direct relation between liability and exemptions which function
diary liability at the EU level.
(9) Directive 2000/31/EC (n. 3) Art. 15(1).
(10) ibid. recital 48.
(12
(13) ibid. 1487.
(14
(15) ibid. citing 718 F.Supp.2d 514, 519 (2d Cir. 2010)
(US).
(16
Tech. L.J. 621; Lumen <http://www.lumendatabase.org

archiving takedown notices to promote transparency and facilitate research about the
fences by copyright holders. See Stephanie Lenz v Universal Music Corp., 801 F.3d 1126,
(17) See e.g. Case C-70/10 Scarlet Extended SA v Société belge des auteurs, compositeurs
et éditeurs SCRL (SABAM) [2011] ECLI:EU:C:2011:771 (restating the principles in favour
of access providers); C-360/10
ers CVBA (SABAM) v Netlog NV [2012] ECLI:EU:C:2012:85 (confirming the principle in
Page 17 of 25

favour of hosting providers); C-324/09

Others [2011] ECLI:EU:C:2011:474.
(18) See Organization for Security and Co-operation in Europe (OSCE), Joint Declaration
on Freedom of Expression and the Internet 2.b (1 June 2011) <http://www.osce.org/fom/
78309?download =true>.
(19
(20) Superior Court of Justice Fourth Panel Google Brazil v Dafra [24 March 2014] Special
Appeal no. 1306157/SP (Bra.).
(21) ibid. para. 5.2.
(22) ibid. para. 4.
(23) ibid. para. 5.4.
(24) See James Boyle, The Public Domain: Enclosing the Commons of the Mind (Yale U.
(25) Dafra (n. 20) para. 5.4.
(26) Universal v Corley, 60 USPQ.2d 1953 (2d Cir. 2011) (US).
(27) ibid. 1968.
(28 Zhong Qin Wen v Baidu [2014] Gao Min Zhong Zi

no. 2045 (Ch.).
(29) ibid.
(30) ibid.
(31) See Supreme Court Rodriguez M. Belén v Google y Otro s/ daños y perjuicios
(32) See e.g. Cámara Nacional de Apelaciones en lo Civil de la Capital Federal S.M., M.S. v
Yahoo de Argentina SRL y Otro s/ daños y perjuicios [6 November 2013] no. 89.007/2006
AR/JUR/XXXXX/2013 (Arg.); Cámara Nacional de Apelaciones en lo Civil de la Capital
Federal Da Cunha, Virginia v Yahoo de Argentina S.R.L. and Google [10 August 2010] no.
99.620/2006, AR/JUR/40066/2010 (Arg.).
(33) See Rodriguez Belén (n. 31).
(34) Delfi AS v Estonia App. no. 64569/09 (ECtHR, 16 June 2015) para. 110.
Page 18 of 25

(36) For detailed comments of each relevant principle stated in the decision, see Giancarlo
CIS Blog, 25 October 2013) <https://cyberlaw.stanford.edu/blog/2013/10/european-

court-human-rights-holds-delfiee-liable-anonymous-defamation>.
(37) See Delfi

older decision of the Japanese Supreme Court. See Supreme Court Animal Hospital Case
[7 October 2005] (Jap.) <https://cyberlaw.stanford.edu/page/wilmap-japan> (finding
for Channel 2 to know that each thread was defamatory, but it was sufficient that Channel
tory).
(38) See Delfi
(39
(40
(41) See Magyar Tartalomszolgáltatók Egyesülete and Index.Hu v Hungary App. no.
22947/13 (ECtHR, 2 May 2016) para. 91.
(44) See Rolf Anders Daniel Pihl v Sweden App. no. 74742/14 (ECtHR, 7 February 2017).
(46) See Delfi (n. 34) para. 110.
(47 UPC et al. v Google, Microsoft, Yahoo!, Bouygues et al. [16

March 2016] (Fr.) (Allostreaming 2016) confirming Tribunal de grande instance [High
Court] (TGI) Paris UPC et al. v Google, Microsoft, Yahoo!, Bouygues et al. (28 November
Paris TF1 v DailyMotion [2 December 2014] (stating that DailyMotion enjoys limitation of
liability as a hosting provider and is not required to proactively monitor users' infringing
CIS Blog, 8 December 2014) <https://
Page 19 of 25

fringing-materials>.
(48) See Allostreaming 2016

firmed in part the first instance decision delivered by the TGI Paris. Notably, the appellate
ly shared between the infringing websites and the search engines as previously decided
by the TGI.
(49) ibid.
(50) ibid.
(51) Cour de cassation

teurs de cinéma et al. [6 July 2017] no. 909 (Fr.).
(52
plements the provisions of the ECD (including Art. 14(1)) in German law.
(53) See BGH GEMA v RapidShare [15 August 2013] I ZR 79/12, [2014] GRUR-RR 136
out consent from GEMA or the rightholder). An English translation is available at

<https://stichtingbrein.nl/public/2013-08-15%20BGH_RapidShare_EN.pdf>.
(54) ibid.
(55) See BGH Atari Europe v RapidShare [12 July 2012] I ZR 18/11, [2013] GRUR 370
users).
(56) See GEMA v RapidShare (n. 51) para. 60.
(57) ibid.
(58) See BGH Rolex v Ebay/Ricardo (aka Internetversteigerung I) [11 March 2004] I ZR
304/01 [2004] GRUR 860 (Ger.) para. 31; BGH Rolex v eBay (aka Internetversteigerung II)
[19 April 2007] I ZR 35/04, [2007] GRUR 708 (Ger.); BGH Rolex v Ricardo (aka
netversteigerung III) [30 May 2008] I ZR 73/05, [2008] GRUR 702 (Ger.).
(59) See ibid. Internetversteigerung I (n. 56) para. 46.
(60) This doctrine has been extended by analogy to intellectual property law and was in
fact applied in the RapidShare cases mentioned earlier (nn. 51 and 53).
Page 20 of 25

(61) See BGH Kinderhochstühle im Internet [22 July 2010] I ZR 139/08, [2011] GRUR 152
(Ger.).
(62) ibid.
(63) For case law confirming the safe harbour and no monitoring obligations, see Corte
Reti Televisive Italiane S.p.A. (RTI) v Yahoo!
Italia S.r.l. (Yahoo!) et al.
cision regarding the publication of fragments of television programmes through the now-
terminated Yahoo! Video service and clarifying that RTI had the obligation to indicate in a
Milano [Milan Tribunal] Mediaset Premium S.p.a. v Telecom Italia S.p.a. et al. [27 July
2016] (It.) (discussing a blocking injunction against Calcion.at and clarifying that mere
matically remove content). See also Tribunale Roma [Rome Tribunal]

iane S.p.A. (RTI) v TMFT Enterprises LLC- Break Media [27 April 2016] (It.) (confirming
no monitoring obligations but stating that rightholders do not need to list the URLs where
the videos are made available).
(64) See Tribunale Torino [Tribunal of Turin] Delta TV v YouTube [23 June 2014] N RG
basis that: (1) there is no obligation on the part of Google and YouTube, as hosting
IPKat, 21 July 2014) <http://

ipkitten.blogspot.fr/2014/07/italian-court-says-that-youtubes.html>.
(65) See Delta TV v YouTube (n. 62) 12.
(66) See Tribunale Torino [Tribunal of Turin] Delta TV v Google and YouTube [7 April
2017] N RG 38113/2013 (It.).
(67
IPKat, 30 April
2017) <http://ipkitten.blogspot.fr/2017/04/italian-court-finds-google-and-youtube.html>.
(68) See e.g. Tribunale Milano sez Penale [Milan Tribunal, Criminal Section]
mond and others
own case and convicting Google executives for violating data protection law in connection
with the online posting of a video showing a disabled person being bullied and insulted).
(69) See Madrid Court of Appeal YouTube v Telecinco [2014] decision no. 11/2014 (Sp.).
Page 21 of 25

(70) C-324/09 (n. 17) para. 144.
(71
(72) See ., 676 F.3d 19 (2d. Cir 2012) (US) (upholding
site). The lawsuit was subsequently settled.
(73) See Capitol Records LLC v Vimeo, 972 F.Supp.2d 500 (SDNY 2013) (US) (denying in
2797370?hl=en>.
(75
swer/2797454?hl=en>.
(76
(77) ibid. 8.
(78) ibid.
(79
(80
http://
(81
Google Blog, 5 December 2016) <
ing-help-curb-spread-terrorist-content-online>.
(82
Reuters, 25 June 2016) <http://
www.reuters.com/article/us-Internet-extremism-video-exclusive-idUSKCN0ZB00M
ing duplicate copies of video that have already been removed through human review).
(83
The Guardian, 6 December 2016) <http://www.theguardian.com/technology/
2016/dec/05/facebook-twitter-google-microsoft-terrorist-extremist-content>.
(84
room, 5 December 2016) <https://newsroom.fb.com/news/2016/12/partnering-to-help-
curb-spread-of-online-terrorist-content>.
Page 22 of 25

(85) ibid.
(86) C-DSM Directive Proposal (n. 1).
(87
http://www.europarl.europa.eu/news/en/press-room/
20180628IPR06809/parliament-to-review-copyright-rules-in-september>.
tives 96/9/EC and 2001/29/EC [2019] OJ L130/92. In the absence of an indication to the
contrary, all references to the C-DSM Directive, including Art. 17, made in the course of
the following discussion will refer to provisions of this final version.
(89) See Part 1 of the Explanatory Memorandum to the C-DSM Directive Proposal (n. 1).
and rightholders receive a fair share of the value that is generated by the use of their
(90) Directive 2019/790/EU (n. 86) recital 61 (recital 37 in the version of September
2018).
(91) ibid. Art. 2(6) (emphasis added).
(92) ibid. recitals 61 and 62.
(93) ibid. Art. 17(3) explicitly precludes the limitation of liability established in Art. 14(1)
of the ECD from applying to situations covered by the C-DSM Directive, Art. 17. However,
its application is preserved for uses of content that do not fall within the ambit of C-DSM
Directive, Art. 17.
(94) See C-324/09 (n. 17) para. 116.
(95) As defined in Art. 2(4) of Directive (EU) 2018/1972 of the European Parliament and of
the Council of 11 December 2018 establishing the European Electronic Communications
Code [2018] OJ L321/36.
(97
access to copyright-protected work to an additional public. See e.g. C-160/15 GS Media

BV v Sanoma Media Netherlands BV [2016] ECLI:EU:C:2016:644; C-162/10 Phonographic
Performance (Ireland) Ltd v Ireland and Attorney General [2012] ECLI:EU:C:2012:141.
Page 23 of 25

(99) Although a few limitations apply for services: (1) available in the EU for less than
million unique visitors per month. See Directive 2019/790/EU (n. 86) Art. 17(6).
(100) ibid. Art. 17(4)(a).
(101) ibid. Art. 17(4)(b).
(102) ibid. Art. 17(4)(c).
(103) ibid. Art. 17(3).
(104) ibid. Art. 17(4)(b).
(105) ibid. recital 66, para. 2.
(107
position of the European Commission, especially the basic idea that the making available,
by a hosting provider, of third-party uploaded copyright content may fall within the scope
(108) See C-360/10 (n. 17) paras 26 and 52.
(109) See C-324/09 (n. 17) para. 139.
(110) Directive 2019/790/EU (n. 86) Art. 17(8) (emphasis added).
(111) In fact, EU Commissioner Gunther Oettinger who was a key proponent of the C-DSM
Speigel Online, 29
March 2019) <http://www.spiegel.de/netzwelt/web/uploadfilter-sind-laut-cdu-politikern-
nicht-zu-verhindern-a-1260279.html
(113) ibid.
(114) See ibid. Proposal Art. 13(3).
(115
count shall be taken of fundamental rights, the use of exceptions and limitations as well
automated blocking of content is avoided
(116) See C-360/10 (n. 17) para. 52.
Page 24 of 25

(117
Law conference, Cracow, Poland (November 2016) 55.
(118
port prepared for the European Commission on behalf of the COMMUNIA Network and
http://www.communia-project.eu/final-report>
(discussing most of the relevant literature and major threats that technological protection
measures pose for fair dealing and privileged and fair uses).
(119) C-360/10 (n. 17) para. 50.
(121) ibid.
(122) See Giancarlo Frosio, Reconciling Copyright with Cumulative Creativity: the Third
Paradigm
(123) See Frosio (n. 19) 214.
Giancarlo Frosio

gcfrosio@ceipi.edu.
Sunimal Mendis
tual Property Studies (CEIPI) at Strasbourg University. Email: mendis@ceipi.edu
Page 25 of 25

guards for Freedom of Expression
Risks and Safeguards for Freedom of Expression

Aleksandra Kuczerawy
duced limited liability regimes, which provide rightholders with enforcement mechanisms
lieve they have been subject. These mechanisms go generally under the name of notice
tional implementations. As all N&A mechanisms provide for the removal or blocking of
dom of expression. The goal of this chapter is to examine how different types of N&A
vent such risks from manifesting themselves.
Keywords: enforcement, online intermediaries, notice and takedown, notice and notice, notice and stay down,
freedom of expression
SINCE
ered a problematic issue. Providers of intermediary services, such as access providers
bility.1
2
The plea did not
tent provided they do not modify that content and are not aware of its illegal character;
and (2) the absence of a general obligation to monitor content.3 Such immunity was
tional immunity condition, which requires intermediaries to act (p. 526)

on obtaining knowledge about illegal character of content. The resulting mechanism,
Page 1 of 22

ty to call upon an internet intermediary directly to remedy a wrongdoing they believe

they have been subject to.
Limited liability regimes then gradually made their way into regulatory instruments at
both the national and regional level. It could first be spotted in the US Digital Millennium
Copyright Act (DMCA).4 In the EU, liability exemptions for internet intermediaries were
incorporated in the e-Commerce Directive 2000/31, which was later implemented in all
EU Member States.5
gal or infringing content from the internet upon request of the rightholder.6 N&A is based
ers that their rights have been infringed (from the rightholder, third party, organization,
mediary can respond to such a notice in a number of ways. It can react immediately by
taking down or blocking access to content, or it can wait for a response from the content
provider and react accordingly after hearing his defence. It can also act continuously
specific national implementations. As all N&A mechanisms provide for the removal or
blocking of content, each mechanism also constitutes a potential interference with the
right to freedom of expression. The goal of this chapter is to examine how different types
clude to prevent such risks from manifesting themselves. The reader should note that the
analysis provided here is not exhaustive. Rather, it serves to give an indication of how the
pression.
(p. 527) 1. Impact on Freedom of Expression
swift and effective relief, far quicker than the relief typically provided by the judiciary. By
dress mechanism.7 Responses to complaints, however, have a direct effect on the right to
natively a reduction of its visibility). N&A mechanisms place intermediaries in a situation

where they are essentially required to decide about competing rights and interests. This
is obviously problematic because, as private companies, intermediaries are not qualified
Page 2 of 22

aries at risk of being held liable. Obviously, the most cautionary approach is to act upon
any indication of illegality, without engaging in any sophisticated balancing of rights in
conflict. It is not surprising, therefore, that in many cases, investigations of the illicit
character of the content and balancing of the rights at stake is minimal at best.9
ten leads to preventive overblocking of entirely legitimate content, or in other words, to
intermediaries in content regulation seems inevitable. Involving intermediaries in making
cannot practicably be forestalled, on pain of completely undermining the way the Internet
10
tion properly depends very much on how they are legally framed and implemented. The
provided safeguards can either achieve their goal, or completely miss the point. For this
reason, it is worth looking at a few of the most popular notice-and-action mechanisms
and to examine how the different elements of their procedures impact freedom of
(p. 528)
expression and what safeguards they contain.
2. Notice and TakeDown

2.1 General
move or disable access to information in response to a breach of their rights (or of the
credible and whether the content is in fact infringing or illegal. Based on this assessment,
able. It is, therefore, a two-stage process where both rightholders and intermediaries are
involved in the enforcement of rights on the internet.11 When looking at specific national
implementations of the NTD, it becomes clear that they all contain additional elements or
formal conditions, which have a substantial effect on the right to freedom of expression in
the content-removal process.
2.2 Variations of the Mechanism
al and national levels. The most well-known notice-and-takedown mechanism is included
Page 3 of 22

in the US DMCA. The procedure in the DMCA relates exclusively to copyright-infringing
aries to disable access to material or activity claimed to be infringing as long as they act
in good faith in response to a claim or based on facts or circumstances that the material
or activity is infringing.12
cle 14 of the e-Commerce Directive 2000/31/EC. Under this provision, hosting providers
cess to information upon obtaining knowledge about its illegal character. The provision
applies to any kind of illegal or infringing content. In practice, however, NTD mechanisms
tent.
(p. 529)
right infringements.13
ed mechanisms to other types of infringements.14 Hungary, for example, has extended the
mechanism to cover the personal rights of minors in addition to copyright
infringements.15 In 2017, Germany introduced a law requiring social media providers to
zDG.16
ments and another applying to privacy-infringing content, defamatory content, or content
otherwise violating the rights of others.17
Not all the countries, however, limit the scope of the NTD mechanism to a specific type of
content. The NTD procedure implemented in France, for example, does not contain such
delineation.18
al law.19
(p. 530) 2.3 Risks and Safeguards for Freedom of Expression
2.3.1 Foreseeability
nisms varies considerably. In the EU, the e-Commerce Directive provided no guidelines on
how the mechanism should look but left it to the discretion of the Member States.20 To
this day, a significant number of countries have no specific legal framework for content
removal but rely on general rules of law instead. Only a few EU countries opted for the
sures, most notably Finland, France, Hungary, Lithuania, Sweden, and partially the UK.21
Countries that further codified NTD mechanisms into their national law, both in the EU
and beyond, describe the relevant procedures in detail. For example, they specify the
time frames for different actions in the procedure and the formal requirements for a valid
notice.22
tice often determines the existence of actual knowledge, which is necessary to decide on
Page 4 of 22

23
The importance of a legal framework specifying detailed
tainty, as all stakeholders can easily inform themselves on what behaviour is expected of
them, and when.
2.3.2 Abusive requests

Interferences with freedom of expression can also stem from abusive takedown requests.
Certain NTD procedures include provisions aimed to discourage abusive notifications by
introducing penalties for misrepresentations. Examples can be found in the United
States, which takes a strict approach with penalties of perjury, and Finland, with a more
lenient approach limited to compensation for damage.24
Penalties for misrepresentations in a notice, as implemented in the United States, are not
a successful deterrent against abusive notices.25 Complaints against notification (p. 531)
senders are rarely successful, although there are some notable exemptions to this
trend.26 27 The Ninth Circuit
Court of Appeals ruled, after ten years of litigation, that copyright owners must at least
consider fair use before they issue the DMCA takedown request.28
The Finnish provision regarding misrepresentations is more light-handed in its approach.

A person who gives false information in the notification or in the plea with objection will
be liable to compensate for the damage caused.29
pensate or it may be adjusted if the notifying party had reasonable grounds to assume
that the information was correct or if the false information was only of minor significance,
when taking into account the entire content of the notification or the plea.
2.3.3 Notification and counter-notification

Due process and effective remedy are essential to the protection of fundamental rights.
One way to introduce elements of due process is by requiring a notification to the content
CA, the service provider should take reasonable steps to promptly notify the content
provider that it has removed or disabled access to content.30 Similarly, in Finland and in
Hungary when the challenged content is taken offline the host must notify the content
provider.31 In Finland, additionally, the notification must state the reason for removal and
provide information on the right to appeal in a court, within fourteen days of receipt of
cation.32
plaint and put forward a defence for their use of the content. Counter-notifications must
usually meet specified requirements and time frames. They are resolved by the hosting
providers, who can effectively put the content back online. In Hungary, the service
provider is required to expeditiously make the relevant information accessible again upon
receiving an objection. In the United States, content is (p. 532) reinstated, but no earlier
Page 5 of 22

tice that the rightholder took the case to court.33
anism is rarely used in practice.34 The reason for this is that the content provider has to
moved or disabled as a result of a mistake or misidentification.35
about her copyright defenses is much higher than the cost of error for a copyright owner
36
As a result, while counter-notification in the DMCA
37
3. Notice and Notice

3.1 General
Under a notice-and-notice mechanism (NN), an intermediary receives a notification with a

complaint, which he then forwards to the content provider.38
nity to correct his behaviour, which halts the procedure, or to defend it within a provided
time limit, which may lead to further actions (notifications or sanctions). The notice-and-
notice mechanism is a variation of notice and takedown. The main difference is that the
remedy to the potential wrongdoing is not taken immediately but is spread over time.
Usually, there are several notifications (warnings) to the content provider before the final
response is delivered. The goal of this mechanism is to educate users and to deter them
from wrongdoings by demonstrating that they cannot hide from detection.39 It is meant to
sic.40
Several variations of the notice-and-notice mechanism exist, varying in how the conflict
escalates or in the final outcome. The variations include, for example, notice and (p. 533)
notice leading to a judicial takedown and notice wait and takedown.41 Other responses
might involve the suspension and termination of service, capping of bandwidth, blocking
of sites, portals, and protocols.42
connected from the internet after the final warning has been issued. This version of the
proach, although the number of strikes might differ.43 Administration of the responses
may be entrusted to an internet service provider (ISP), an administrative authority, or a
court of law, depending on the country. Examples of NN mechanisms can be found in
Canada, Chile, and South Korea.44 Also the NN in France, which pioneered the approach
in the HADOPI Act, deserves attention.45
Page 6 of 22

3.2 Variations of the Mechanism
ble to situations when a user failed to properly secure his internet connection, creating a
possibility for somebody else to commit a copyright infringement using his network. The
(p. 534)
quired. In July 2013, the French Ministry of Culture issued a decree lifting the penalty of
internet access suspension for those who failed to secure access to their network.46
The NN mechanism exists in many variations.47 Canada took a light-handed approach

whereby intermediaries are only required to forward the notice, while Chile opted for a
moderate version where any decisions to take down or suspend an account are taken by
the courts.48 South Korea chose a stricter version, where NN can lead to user account
suspension (but not to the suspension of an email account).49 The most severe approach
scribe to a new ISP.
3.3 Risks and Safeguards for Freedom of Expression
3.3.1 Foreseeability
The examples of NN mechanisms mentioned earlier describe the relevant procedures in
cation. For example, in Canada notices have to be forwarded by the intermediary to the
content provider. The rules describe what information the notice must contain but there
are no restrictions limiting the content of the notice. This has allowed copyright holders
to add information designed to intimidate users in order to demand settlements.50
Intermediaries, even if aware of the false claims, cannot refuse to forward the notice.
Users who receive such notices are often confused about their rights and obligations.51 A
system which allows misleading people about their (p. 535) situation can hardly pass as
strictions, has been criticized by many, who urge the government to review the rules.52
The French law introducing the graduated response started with a firm idea of what it
fied) complaints about its constitutionality and respect for human rights. Already at the
tionnel, which declared that the power to suspend internet access could not be exercised
by an administrative body as it constituted a disproportionate restriction on the freedom
of expression and an unacceptable presumption of culpability.53
54
It eventually became
Page 7 of 22

clear that the HADOPI Act was not sufficiently foreseeable, neither for French internet
users nor for the French legislator.
3.3.2 Decision-making bodies

Entrusting removal decisions to courts can increase the level of procedural fairness, and
sions as they are made by bodies competent to resolve conflicts. This option was chosen
in Canada and Chile. In Canada, the intermediary is not obliged to take down the content
without a court order, but only to assist the copyright holder in exercising the rights
against the primary infringer. The only tasks of the ISPs are to forward the complaint and
to retain records to be presented in court and to identify the infringer.55 In Chile, a court
order is required to compel blocking or removal of infringing content.56 The approach
shifts the task of evaluating notices from intermediaries to courts.57
tries added other elements of due process in their procedures, such as the forwarding of
notifications to the content provider and the possibility to issue counter-notifications.58
Both these steps strengthen the fairness of the procedure by introducing elements of the
right to a fair hearing, adversarial proceedings, and equality of arms. Court involvement,
moreover, ensures compliance with the right to an effective remedy, as the right to appeal
is generally available when the decisions are made directly by the courts.
In countries where the decisions are made by public administration, the lack of
(p. 536)
due process is one of the main recurring criticisms. This is the case, for example, in South
Korea where the procedure is handled by the executive branch of the government and the
decisions are not reviewed by the courts.59 This makes the process non-transparent and
mediaries and users to present their opinion in advance of fulfilling the order, but it is not
view.60 The South Korean NN mechanism provides for additional safeguards, including
notification to the content provider. Their presence, however, does little to improve the
opaque decision-making process and the absence of an effective remedy through judicial
review.
In France, the lack of judicial redress was one of the main reasons why the original
dure contained elements introducing a certain amount of due process. For example, the
garding the charges.61

fend his behaviour.62 In the last phase, the user was able to challenge the decision in
front of a judge. Nevertheless, the Conseil constitutionnel ruled that the law allowed for
able presumption of guilt.63 The court effectively took away the power of the HADOPI
tered under judicial control.64 65
which gave the competence to the criminal court.66 Procedures that concentrate all the
Page 8 of 22

atic from the perspective of the right to an effective remedy.67
3.3.3 Severity of the response

The severity of existing NN mechanisms differs widely, from a light slap on the wrist to
full-on disconnection from the internet. It is interesting to observe that, despite (p. 537)
portionate response to copyright infringements in the respective country.
In France, the NN mechanism took the most extreme form. When it was first introduced,
the new law gave the HADOPI agency power to issue sanctions in the form of fines and
temporary suspensions of internet connection. The latter penalty was strengthened with a
prohibition to subscribe to any other ISP for the period of the punishment. The period of
suspension could range from three months to one year.68 Between 2010 and 2017, the
law led to more than 2,000 referrals to prosecutors and 189 criminal convictions.69
connection, which was used for copyright infringements by others. The latter penalty was
eventually abolished by the Ministry of Culture.70
curring constitutional struggles, the law is considered to have failed to achieve its
goals.71
sures available. Due to continuous doubts about its constitutionality, proportionality, and
effectiveness, however, the law was gradually reduced to a mere shadow of its former
self.
ings, the minister may order suspension of an account or a website for up to six months.72
The suspension does not apply to email accounts but includes other accounts given by the
relevant online service provider.73 Unlike in France, the sanction is not a complete exile
from the internet but it clearly creates an obstacle to the exercise of the right to freedom
of expression and access to information. The disconnection measure, moreover, does not
appear to be proportionate to the harm caused. Most of the suspended users are minor
offenders.74 Half of those suspended were involved in infringement of content that would
cost less than 90 US cents.75 This is in stark contrast to the (p. 538) intention of the law,
76
ful in curbing online piracy.77

fringements was constantly increasing.78
proach, together with the widespread levity of the offences, it is hard to consider the
mechanism as proportionate.
Page 9 of 22

4. Notice and Stay Down

4.1 General
Under a notice-and-stay-down (NSD) mechanism, the intermediary receives a notification
ditional measures to ensure that it is not subsequently reposted, either by the same user
or by other users.79 The identification of recurring postings of content previously notified
tems.80 In both cases, however, the intermediaries must filter the entirety of content to
detect a reposting of once-removed content.81 The mechanism, therefore, requires
mandatory filtering initiated by the first notification.82
a submitted notice not only concerns a one-time infringement, but starts an ongoing
ring in the future. It could, however, go even further and require prevention not only of
the same but also similar infringements. The NSD mechanism, until recently, has not
been provided by any law but has resulted from an extensive interpretation of the same
provisions that constitute the basis of a NTD mechanism. Existing instances of NSD
mechanisms can therefore be found in case law, rather than in the law on the books. Most
instances of NSD involved intellectual property infringements.
The situation has changed recently. The new Directive on copyright in the Digital
(p. 539)
Single Market (DSM)83 targets a category of online intermediaries which includes most
prevent their future uploads

rective introduced an NSD mechanism in EU law although it remains to be seen how the
Directive will be implemented in national legislations.
4.2 Judicial Construct
struct. The most prominent example of a judicial NSD mechanism can be found in the
eBay
fringement on the online marketplace eBay. The CJEU stated that injunctions ex Article
11 of the Enforcement Directive can be issued not only to take measures that contribute
to bringing to an end to infringements, but also to preventing further infringements.84
itoring of all the data of each of the users of an online intermediary.85 According to the
Page 10 of 22

ment in order to prevent (1) further infringements of that kind (2) by the same seller (3)
in respect of the same trade marks.86
Among national attempts at creating NSD arrangement,87 a relevant application of NSD
troduced an NSD mechanism in its Internetversteigerung I judgment.88 The mechanism
tent, irrespective of their liability in tort.89 The mechanism (p. 540) requires that the host
90
fringements. Interestingly, the duty does not apply only to identical copies of the content,
or to copies uploaded by the same users.91
ing infringing acts of a similar nature that are easily recognizable.92
93
ments must be
4.3 Risks and Safeguards for Freedom of Expression
4.3.1 General v specific monitoring

The NSD mechanism is not a commonly used mechanism. The main reason is that most
vents states from introducing general monitoring obligations.94 An obligation to prevent
ture infringements.95 An obligation of this sort has been rejected by the CJEU. Next to the
afore-mentioned eBay case, the CJEU addressed the issue in Scarlet Extended and Netlog.
In the latter rulings, the CJEU declared that the filtering of all electronic communications
fore not permitted by the Directive.96 The Court explained that preventive monitoring of
this kind would require active observation of almost all files stored by almost all users of
the hosting service provider.97 In the more recent 2016 McFadden
98
In Germany, courts and many scholars believe that an obligation to detect future
(p. 541)
infringements that are not only the same but merely similar does not constitute a general
monitoring obligation, but a specific one, which is allowed by the e-Commerce
Directive.99
ence between the purpose of the monitoring (detecting specific infringements) and the
rulings in Scarlet Extended, Netlog, and McFadden did not convince German courts that
Page 11 of 22

es legitimate questions about the compatibility of the NSD mechanism with the original
principles of the intermediary liability regimes. The newly adopted Directive on copyright
cordance with high industry standards of professional diligence. The Directive stipulates
any general monitoring obligation
sure copyrighted works are not re-uploaded. To effectively recognize infringing content, a
technological tool must be used to systematically monitor the entirety of the uploaded
100
4.3.2 Clear and precise notifications

The key characteristic of NSD is that an intermediary, once notified about the infringing
fringements may not only apply to other works of the same kind by the same user but also
to other works of similar types infringed by a different user (if the service is particularly
susceptible to infringements).
As the Bundesgerichtshof acknowledged in Blog-Eintrag, it is not always possible for the

hosting provider to immediately recognize whether an infringement has taken place.101
Accordingly, a host provider is required to act only if the notice he received is sufficiently
culty; that is, without an in-depth legal and factual review.102 It is interesting, however,
out the need for a thorough legal and factual examination, yet the (p. 542) host is required
tification requirements by the German courts is consistent with the subsequent obligation
to remove future undefined infringements.103 Moreover, such a task will clearly require
detailed legal and factual analyses to avoid overbroad removals. Such an application of
ferent users, or the fact that the status of content changes over time. These aspects of the
tion of the Directive on copyrights in the DSM. It remains to be seen what form the newly
introduced NSD will take.
4.3.3 Appeal procedure

Existence of a redress mechanism, for example an appeal procedure, can greatly improve
the legitimacy of an N&A mechanism. The newly adopted Directive on copyright in the
DSM provides in Article 17(9) that online content-sharing service providers put in place
an effective and expeditious complaint and redress mechanism available to their users in
Page 12 of 22

case of any disputes regarding the uploaded content. Moreover, out-of-court redress
mechanisms should be available for the settlement of disputes but without depriving the
court or another relevant judicial authority to assert the use of an exception or limitation
nisms can be learnt from the currently functioning NSD mechanisms.
istered by courts of law. This ensures that due process rights are respected. Moreover,
the fact that any order to remove current and future infringing content requires a court
decision means, in theory, that judicial redress is possible. Nevertheless, an obligation to
dressed. Despite the fact that the mechanism is administered by courts, the only parties
that get to express their opinion are the plaintiffs (rightholders) and the intermediaries.
The content providers do not take part in the process. They have, therefore, no say in the
process that will effectively impact their rights by restricting their expression. The reason
is that the Störerhaftung doctrine is a procedure aimed only at third parties who have not
ciding about removals of the reposted content. In their case, the decision will be made by
the intermediary and not by the court. There is no judicial oversight for decisions made
regarding future infringements. If the intermediary makes (p. 543) a wrong assessment,
fringing content have limited chances to exercise their right to an effective remedy.
5. Conclusions
All over the world, different types of notice-and-action mechanisms are used to regulate
er requirements. The requirements are related to different stages of the procedure, for
ference with the right to freedom of expression. If the requirements are properly defined
and followed, they can act as important safeguards. Their actual effect, however, may
vary tremendously, depending on the form they take and accompanying restrictions. This
can be seen in the example of counter-notifications and penalties for misrepresentations.
to an insignificant measure without much meaning. The same can be said about appeal
Page 13 of 22

ing process increases. If the appeal procedure is limited to filing an objection to a public
authority, the remedy may not be effective in practice.
Involving intermediaries in content regulation may be inevitable. The legal framework, on
tice and action provide an effective but proportionate and balanced redress mechanism.
In particular, the legal framework governing notice-and-action mechanisms should be
tered by courts. These objectives can be achieved by introducing safeguards designed to

ensure the effective exercise of the right to freedom of expression. Examples of what
safeguards are needed, as well as how to implement them (and how not to implement
them) in practice, can be found in multiple national jurisdictions around the world. It is
tions of potential improvements.
Notes:
(1) See Organization for Economic Co-operation and Development (OECD), Directorate
(2) ibid. 11.
(3) ibid. 6.
(4) See the Digital Millennium Copyright Act of 1998, 17 USC § 512 (US).
(5) See Directive 2000/31/EC of the European Parliament and the Council of 8 June 2000
merce, in the Internal Market [2000] OJ L178/1 (e-Commerce Directive).
(6
(7) See also Jaani Riordan, The Liability of Internet Intermediaries (OUP 2016) 64.
(8
sultations/docs/2010/ecommerce/summary_report_en.pdf>.
Page 14 of 22

(9
http://pcmlp.socleg.ox.ac.uk/wp-content/uploads/2014/12/liberty.pdf>.
(10
(11
https://
papers.ssrn.com/sol3/papers.cfm?abstract_id=3239040>.
(12) See DMCA (n. 4) s. 512 (g)(1).
(13) See ibid. s. 512. In Finland, the NTD procedure described in the Information Society
etoyhteiskuntakaari [The Finnish Information Society Code] no. 917 of 7 November 2014,
entered into force on 1 January 2015, ch. 22 (Fin.) <
set/2014/en20140917.pdf
tronic commerce services and information society services, promulgated on 24 December,
2001, Art. 13(1) (Hun.) <http://www.neuronit.com/documents/
108_2001_el_comm:torv_20070502.pdf>. In South Korea, see Copyright Act amended by
ber 2011, Act no. 14083 of 22 March 2016; Act no. 14634 of 21 March 2017 (Kor.)
<http://elaw.klri.re.kr/kor_service/lawView.do?hseq=25455&lang=ENG>.
(14
er than copyright, in the Act on Promotion of Information and Communications Network
Utilization and Information Protection, last amended by Act no. 11322 of 17 February
2012 (Kor.) <http://elaw.klri.re.kr/kor_service/lawView.do?hseq=25446&lang=ENG>
(hereafter ICNA, Information and Communications Network Act).
(15
intermediary to examine the request and disregard those that he considers unjustified.
commerce, 27 April 2017) E01636.
(16
KU Leuven CiTiP
Blog, 30 November 2017) <https://www.law.kuleuven.be/citip/blog/phantom-safeguards-
analysis-of-the-german-law-on-hate-speech-netzdg/>.
(17) See ICNA, Information and Communications Network Act (n. 14).
Page 15 of 22

(18
(Fr.) <http://www.wipo.int/wipolex/en/text.jsp?file_id=276258
<https://www.article19.org/resources/france-analysis-of-draft-hate-speech-bill/>.
(19) See Swiss Institute of Comparative Law (SICL), Comparative Study on Filtering,
port commissioned by the Council of Europe (20 December 2015) 244.
(20) See Directive 2000/31/EC (n. 5) recital 46.
(21
2009); SICL (n. 19) 797.
(22) See, in Finland, Information Society Code (n. 13) s. 191; in France, LCEN (n. 18) art.
6-I-5; in Hungary, Act CVIII (n. 13) Art. 13(2).
(23) See Verbiest and others (n. 21) 14 and 41.
(24) See DMCA (n. 4) s. 512(f); Information Society Code (n. 13) s. 194.
(25
<https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2755628>.
(26) See Online Policy Group v Diebold Inc., 337 F.Supp.2d 1195 (ND Cal. 2004) (US)
Rossi v Motion Picture Assoc. of Am., 391 F.3d 1000 (9th
CA survived a motion to dismiss. This, however, rarely happens and the claimant still
faces a long way to reach a favourable judgment. See Johnson v New Destiny Christian
Center Church
Tech &
Markt Law Blog, 30 August 2017) <http://blog.ericgoldman.org/archives/2017/08/
section-512f-complaint-survives-motion-to-dismiss-johnson-v-new-destiny-church.htm>.
(27) See Lenz v Universal Music Corp., 801 F.3d 1126 (9th Cir. 2015) (US).
(28
(29) See Information Society Code (n. 13) s. 194.

Page 16 of 22

(30) See DMCA (n. 4) s. 512(g)(2)(A).
(31) See Information Society Code (n. 13) s. 187; and Act CVIII (n. 13) Art. 13(4).
(32) DMCA (n. 4) s. 512 (g)(B); Information Society Code (n. 13) s. 193; Act CVIII (n. 13)
Art. 13(6).
(33) DMCA (n. 4) s. 512(g)(2)(c).
(34
ta Clara Computer and High Tech. L.J. 621, 625; Urban, Karaganis, and Schofield (n. 25)
42.
(35) See DMCA (n. 4) s. 512(g)(3)(C).
(36
2016) 29 <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2920871>.
(37) ibid. 30.
(38) See OECD (n. 1) 57.
(39) ibid. 29.
(40) ibid.
(41
(42
(43) See ibid. In February 2013, Motion Picture Association of America (MPAA) and five
Analysis: Comparative Study of Intermediary Liability Regimes Chile, Canada, India,
https://www.eff.org/files/2015/07/08/
manila_principles_jurisdictional_analysis.pdf
Extreme
Tech, 19 November 2012) <
grams-from-isps-mpaa-ignites-in-nine-days-heres-what-you-need-to-know>.
(44) See Copyright Modernization Act of 2012, c. 20 (Can.) <http://laws-lois.justice.gc.ca/

eng/annualstatutes/2012_20/page-1.html> (hereafter CMA); Ley no. 20.435, modifica la
erty Law enacted on 4 May] (Col.) 2010 <https://www.leychile.cl/Navegar?

Page 17 of 22

idNorma=1012827&idParte=&idVersion=2010-05-04
sponse is provided by the Copyright Act, Arts 133-2 and 133-3. The mechanism functions
in addition to the NTD procedures for copyright and other types of infringing content
(hereafter LPI).
(45
tion sur internet [Law no. 2009-669 of 12 June 2009, promoting the dissemination and
protection of creative works on the internet] (HADOPI Act) (Fr.) <http://www.wipo.int/
wipolex/en/text.jsp?file_id=179252>.
(46) See Décret no. 2013-596 du 8 juillet 2013 supprimant la peine contraventionnelle
du code de la propriété intellectuelle [Decree no. 2013-596 of 8 July 2013 abolishing the
additional complementary penalty of the suspension of the access to an online public
vided for in article L 331-21 of the Intellectual Property Code] (Fr.).
(47
oped through jurisprudence, see the landmark case of
hoo! decided by the Argentinian Supreme Court. The case involved violation of copyright,
reputation, and privacy rights. The Supreme Court ruled that judicial review is required
Rodríguez,
María Belén v Google Inc./daños y perjuicios [2014] CSJN Case no. 337:1174 (Arg.). See
also Chapter 26
(48 International Encyclopaedia of Laws
CDT, August 2012) 2 <https://cdt.org/files/pdfs/

Chile-notice-takedown.pdf>.
(49) See Copyright Act (n. 13) Art. 133-2(2).
(50
Michael Geist Blog, 5
March 2015) <
tem-continues-u-s-firm-sending-thousands-notices-settlement-demands/>.
(51
CBC, 2 November 2016) <
right-infringement-notice-canada-piracy-1.3831492>.
(52
CBC, 1 February 2017) <http://
www.cbc.ca/news/business/notice-system-piracy-copyright-internet-1.3960462>.
Page 18 of 22

(53) See Conseil constitutionnel [Constitutional Court], décision no. 2009-580 DC du 10
gelopoulos, European Intermediary Liability in Copyright: A Tort-Based Analysis (Kluwer
(54
Opennet, 27 July 2017) <https://opennet.net/blog/2011/07/france-disconnect-
first-internet-users-under-three-strikes-regime>.
(55) See CMA (n. 44) Art. 41.26(1).
(56) See CDT (n. 48) 2.
(57) ibid. 5.
(58) See CMA (n. 44) Art. 41.26(1); LPI (n. 44) Art. 85 U. However, the content provider in
so Cerda Silva (n. 48) 131.
(59) The Minister of Culture, Sports and Tourism (MCST) has the power to order service
providers to issue warnings to infringers and websites hosting infringing content and to
tinues after three warnings, the minister may order the service provider to suspend an
account of the infringer or a website for up to six months. Copyright Act (n. 13) Art 133-2
nications Network).
(61) See HADOPI Act (n. 45) arts L 335-7 and L 335-7-1.
(62
The Turn to
Infrastructure in Internet Governance (Palgrave-Macmillan 2016) 134.
(63) See Conseil constitutionnel (n. 53).
(64) See de Filippi and Bourcier (n. 62) 135.
(65
priété littéraire et artistique (HADOPI 2) (Fr.).
(67) See Chapter 30.
Page 19 of 22

(69 Torrentfreak,
1 December 2017) <https://torrentfreak.com/seven-years-of-hadopi-nine-million-piracy-
warnings-189-convictions-171201/>.
(70) By 2013, the law had resulted in conviction and a fifteen-day suspension of exactly
one individual who, moreover, insisted that he did not commit the infringement. See
Columbus (n. 54).
(71
(73) ibid.
(74
2013) 6 <http://www.law-democracy.org/live/wp-content/uploads/2013/06/
Korea.Copyright.pdf
Digital Music News, 1 April 2013) <https://
www.digitalmusicnews.com/2013/04/01/effkorea/
, 24 October 2010) <http://
hurips.blogspot.be/2010/10/facts-and-figures-on-copyright-three.html>.
(75
EFF, 29 March 2013) <https://www.eff.org/deeplinks/
2013/03/korea-stands-against-three-strikes>.
(76
<https://opennet.or.kr/copyright-reform>.
(77
(78
hap News Agency, 13 August 2011) <http://english.yonhapnews.co.kr/national/
2011/08/13/43/0302000000AEN20110813001100315F.HTML>.
(79) See Angelopoulos and Smet (n. 41) 288.
(80) ibid.
(81 EFF, 21
January 2016) <https://www.eff.org/deeplinks/2016/01/notice-and-stay-down-really-filter-
everything>.
(82
TILEC Discussion Paper no. 2016-012 (2016) 70 <https://papers.ssrn.com/sol3/
papers.cfm?abstract_id=2773768>.
Page 20 of 22

(83) See Directive 2019/790/EU of the European Parliament and the Council of 17 April
(84 [2011]
ECLI:EU:C:2011:474, para. 144. See Chapter 28.
(85) ibid. para. 139.
(86) ibid. para. 141. See also C-494/15 Tommy Hilfiger Licensing LLC v Delta Center as
[2016] ECLI:EU:C:2016:528.
(87) For a brief time, it also operated in France, but it was rather quickly brought to an
end by the Cour de cassation. See Cour de cassation [Supreme Court] La société Google
[12 July 2012] decision no. 831,
11-13669 (Fr); Cour de cassation La société Google France v La société Bac films (Les
dissimulateurs) [12 July 2012] decision no. 828, 11-13666 (Fr.); Cour de cassation
ciété Google France v. André Rau (Auféminin) [12 July 2012] 11-15.165; 11-15.188 (Fr.).
(88) BGH Internetversteigerung I [2004] I ZR 304/01 (Ger.).
(89) See SICL (n. 19) 261.
(90) See Husovec (n. 11) 10.
(91
(92) ibid.
(93
GRUR-Beil 1 as referenced by Angelopoulos (n. 53) 154. For a new take on equivalent
content, in the context of defamatory statements, see C-18/18 Eva Glawischnig-Piesczek v
Facebook Ireland Ltd [2019] ECLI:EU:C:2019:821.
(94) This argument was decisive in ending the NSD mechanism in France.
(95
CDT, 26 June 2012) <
line-intermediaries-in-fighting-copyright-infringement/>.
(96) See C-70/10

teurs SCRL (SABAM) [2011] ECLI:EU:C:2011:771 and C-360/10 Belgische Vereniging van
Auteurs, Componisten en Uitgevers CVBA (SABAM) v Netlog NV [2012] ECLI:EU:C:
2012:85.
Page 21 of 22

(98) C-484/14 Tobias Mc Fadden v Sony Music Entertainment Germany GmbH [2016]
ECLI:EU:C:2016:689, para. 87.
(99
(100
Bilyana Petkova and Tuomas Ojanen (eds), Fundamental Rights Protection Online: The
Future Regulation of Intermediaries (Edward Elgar, forthcoming 2020).
(101) See Bundesgerichtshof [Supreme Court] (BGH) Blog-Eintrag [25 October 2011] I ZR
93/10 (Ger.).
(102) See Angelopoulos (n. 52) 154.
(103) ibid.
Aleksandra Kuczerawy
Aleksandra Kuczerawy is a Postdoctoral Researcher at the Katholieke Universiteit
Page 22 of 22

Belén Rodriguez
the Belén Rodriguez Case and the Impact of the New

European Rules
Eduardo Bertoni
some have said, like all successful political slogans it is like a Rorschach test. People can
see in it what they want. However, particularly after the Costeja
gun to permeate Latin America countries in the form of legislative reforms and judicial
requests to implement it. The Belén Rodriguez case decided by the Argentine Supreme
Court is only one example, though not the only one that has had an indubious impact on
how to define the right to be forgotten. This chapter will review other cases decided by
Latin America courts and also legislative initiatives that link the right to be forgotten and
intermediary liability. This chapter will in particular compare how these initiatives follow
dards and the recent Europeans trends since Costeja. Finally, this chapter will give some
ing obligations.
Keywords: freedom of expression, speech, privacy, Latin America, Argentina, Chile, Columbia, Mexico, Peru,
Uruguay
*MANY
Costeja
sure, we have spent the past few decades in search of the truth regarding what occurred
during the dark years of the military dictatorships.1
volved in massive human rights violations could request a search engine (Google, Yahoo,
or any other) to make that information inaccessible, claiming, for example, that (p. 504)
Page 1 of 21

Belén Rodriguez
review the content and scope given to the right to be forgotten in some Latin American
countries during the past years.
It is important to start outlining the CJEU Costeja
2
By stressing
mation intended to be forgotten is not erased, but rather remains on the site where it was
published. The only obligation search engines have is the prohibition to direct users to
that site. However, it is fair to say that the search engine, according to the ruling, would
mental rights is justified by the preponderant interest of said public in having, as a result
The European ruling has been subject to many critiques. The main one being that the
CJEU leaves it to the private companies that manage the search engines to decide what
we are able to encounter in the digital world. The problem might be more important for
the Latin American countries because of the case law of Inter American System of Human
3
On the one
hand, judges and legislators, perhaps without exhaustively considering the consequences,
Perhaps, the answer is that of Jonathan Zittrain, author of The Future of Internet and
How to Stop It.4 Zittrain suggested that the path forward is probably not a legal right, but
rather a structure that permits those who disseminate information to build connections
with the subjects of their discussions. In practical terms, that would imply constructing
ment. When people feel wronged by information available about them online, they should
be able to contest that information directly, and the search engine itself should have an
instrument to enable that process. More information, not (p. 505) less. That way, we can
for its name.
na. Then it reviews some standards coming from the Inter American System of Human
Page 2 of 21

Belén Rodriguez
Rights that should be considered not only by legislators but also, and principally, by
judges. The chapter finishes with some conclusions.
1. The Belén Rodriguez Case: Something New

Under the Sun?
dríguez case.5
vacy and honour against freedom of expression.
In 2006, Argentinian model María Belén Rodriguez sued Google claiming that searches of
her name returned links to and thumbnail photographs from pornographic websites. She
alleged the search results falsely portrayed her as a prostitute and the thumbnails used
mately US$6,000 on the basis that Google was responsible for the harm caused by the
third party sites, which were not parties to the case.
6
Both Google and Yahoo were
fendants acted negligently by not proceeding to block or prevent the existence of harmful
The María Belén Rodriguez case later reached the Court of Appeal, where the previous
decision was partially revoked.7 The Court of Appeal decided to analyse Google and
quest to remove the harmful content, but instead had actual knowledge once the plaintiff
had initiated legal action. The Court of Appeal added, however, that Google did have to be
held liable for the use of thumbnails, because such use represented an unauthorized use
The Supreme Court of Justice had the final say in this matter. It decided that the search
except for the cases in which (1) they had previous and actual knowledge (2) of
(p. 506)
the explicit illegality of the content and (3) did not act diligently to remove such content.
1.1 Previous and Actual Knowledge
ability applying rules of strict liability, but rather decided to apply subjective liability
loaded to the web.8 More specifically, the Supreme Court stated that the search engines
did not have a general obligation to monitor the uploaded content provided by each
Page 3 of 21

Belén Rodriguez
plies the inexistence of liability.9
Pursuant to this decision, search engines should only respond to content published by
third parties when they have actual knowledge of the illegality of the content.10 Actual
court order deciding to block the website. In this sense, only at the moment of actual
knowledge of the existence of the illegal content uploaded to the internet does the search
ty.
1.2 Explicit Illegality of the Content
As an obiter dictum
able, doubtful, or require further clarification. For explicit and obvious situations, the
court decided that a private notice from the victim addressed to the search engine would
tervention.11
In order to clarify which events may cause explicit and obvious damages, the Supreme
ful content; (2) child pornography; (3) data that facilitates or instructs the commission of
crimes; (4) that endangers the life or physical integrity of one or more people; (5) that
motivates genocide that involves racism or discrimination with incitement to violence; (6)
that involves racial or religious hatred; (7) that disrupts or informs about ongoing judicial
(p. 507)
age, or is notoriously false; (9) and images or acts that are naturally private, although not
necessarily of a sexual nature.12
According to the Supreme Court, the unlawful nature of the above events is obvious, and
it is unambiguously demonstrated by consulting the website claimed by the victim to be
unlawful. There is no need to require any other assessment or clarification and an explicit
notice by the victim will suffice.
1.3 Negligent Response
to block the harmful content.13
However, in those cases in which further clarification is needed, judicial proceedings are
Page 4 of 21

Belén Rodriguez
engine negligently ignores its obligation to block the content.14
enced other Latin American jurisdictions.
2.
low?
sions relating to the right to be forgotten in some Latin American countries. References
are to Chile, Colombia, Peru, Mexico, and Uruguay.
2.1 Chile
The Republic of Chile does not have specific regulations on the liability of intermediaries.
lines available in the Constitution and ordinary civil and criminal legislation that allows
the issue to be addressed. On the one hand, some argue that the circulation of content,
als, including private life and the honour of the person and their families. On (p. 508) the
other hand, the activity of internet authors and intermediaries is protected by the same
rules, specifically with regard to freedom of association for the development of economic
pending on the criteria adopted, judges have found grounds to lean in favour of one or
the other of these rights.
In any event, within the framework of the right to be forgotten in Europe, a group of
Chilean senators presented a bill15
net search engines to remove links to personal data content on certain occasions. At its
core, the bill aims to grant the right to users to demand the elimination of their personal
data from search engines or websites.
risprudence has mostly rejected the right to be forgotten. However, there have been some
exceptions. The first exceptional case was Abbott Charme, Jorge v Google.cl.16
bott requested a protection action in the Court of Appeals of Valparaiso, claiming that his
name should not be linked in search engines to insults. According to Abbott, Google
searches on his name showed websites that insulted him. To prevent that information
plying that the plaintiff should go to the servers or direct managers of the websites where
the publications appeared and request them to remove the content. Finally, the Court of
Appeals ruled in favour of the plaintiff. It considered that both Jorge Abbott and his family
Page 5 of 21

Belén Rodriguez
our and private life. In that sense, the Court of Appeal ordered Google Chile to establish
automated filters to avoid publications of an injurious nature or of any type that entails a
our. This measure meant that search engine employees became judges of the content in
circulation on internet platforms. However, this decision was never enforced: Google did
not adopt filters and the court did not supervise the implementation of its decision.
The second exception was ISB and others v VF, Google Chile and Google Inc.17 In this
case, three sisters and their aunt requested protective action against VF, a man who had
been convicted for creating profiles on internet sites between 2009 and 2013, where he
uploaded offensive content against the plaintiffs. The Court of Appeals admitted that the
expressions and photographs were offensive and ordered Google to remove the sites. The
nour of the plaintiffs. Both parties appealed the decision, (p. 509) although the Supreme
Court never resolved the case because of the withdrawal of both parties as a result of a
private settlement.
In the opposite direction to the two cases mentioned, jurisprudence has been, in general,
tained the impossibility of casting liability on internet intermediaries which, as such, only
ing injurious content. For example, this conclusion was reached in Kruljac, Daira v Google
Chile and Google Inc.18 Mrs Kruljac started litigation because the search engine indexed
ready been eliminated (or had disappeared) from the original source but considered that
mediary. The court ruled that, in general, the possibility of action against search engines
should be rejected for content created by third parties. Also, as an obiter dictum, the
ground, or elements that would categorically state that she had urged the respondent to
eliminate the comments and offences that could be found on the internet through use of
ing to the definition provided in Law 19.628), insults, falsehoods, and imputations, could
not possibly be included in that definition, which added another reason for the request to
be rejected.
In Gómez Arata, Maximiliano v Google Chile Ltda and Google Inc., the plaintiff claimed to
have been subjected to insulting expressions because when he typed his name in the
chanta
blocking requests of the web pages in which the harmful content appeared. The Court of
Page 6 of 21

Belén Rodriguez
diaries do not have a general obligation to monitor the content that is uploaded to the
network and that is provided by those responsible for each of the web pages. Referring to
Law no. 27.336, as amended by Law no. 20,345 of May 2010, the court held that search
engines do not have an obligation to monitor the data they transmit, store, or reference,
except in certain circumstances. In this regard, the Court of Appeals ruled that the search
ifest illegality of that content and if such knowledge was not followed by acting diligently.
ple, it would be enough to notify the search engine.
Furthermore, in cases involving actions against electronic media, Chilean jurisprudence

has also frequently rejected the right to be forgotten. According to a study (p. 510)
ducted by Pedro Anguita Ramírez, the case of
curio
sion has not been ratified either by the Courts of Appeals or by the Supreme Court.19
2.2 Colombia
Colombian legislation does not explicitly mention the right to be forgotten. However,
there are some standards the consideration of which is essential to carry out a correct
analysis of this matter.
The Constitution of Colombia protects the freedom to express and to disseminate

thoughts and opinions, to inform and receive information, and to establish mass media
outlets. It also guarantees journalistic endeavours and prohibits censorship of the media.
In turn, the Constitution obliges the state to respect and enforce the rights to privacy and
good name, and guarantees the right to know, update, and rectify information that has
tionally has Law no. 1,341, which establishes the Network Neutrality Principle.
Taking into consideration current and applicable legislation on the matter, we refer here
to some judgments that are relevant in the formation of Colombian jurisprudence on
point. First, Decision T-453/13 is noteworthy.20
cepted the appeal of a decision that forced the newspaper El Nuevo Día to remove from
the web any information, news, report, or data that would allow the identification or the
tutela action, alleging that the newspaper
appeared in two pages of El Nuevo Día. The court understood that the freedom to inform
is not absolute, finding its limit inter alia in respect of the rights of others. In that regard,
Page 7 of 21

Belén Rodriguez
ments of the intimate lives of individuals or their families, because even if the information
cerned. It also stated that an even greater degree of responsibility is required when the
news involves children and adolescents.
In addition, in Decision T-453/13, the court analysed the responsibility of search

engines.21 Citing Decision T-040 of 28 January 2013,22 the court held that search engines
cannot be held liable for the veracity or impartiality of an article, news item, or column
that appears in its results. The search engines simply provide a search service for all the
(p. 511) information found on the network, but they are not the ones who write or publish
such information. Thus, the court determined that those responsible for the information
fied a minor.
Likewise, the court refused to hold search engines liable in Decision T-277/15.23
According to the facts of the case, the plaintiff sued the newspaper El Tiempo
victed by a formal judicial process. By virtue of this, the court ruled that the real violation
fore, the court ruled against the liability of the search engines and, instead, ordered the
der the newspaper to remove the content. The court referred to the Google Spain case,
but decided to depart from it because it considered that the solution reached was not
ful article would not prevent access to it through a direct link; and (2) to guarantee, first
of all, the right to freedom of expression set out in the Constitution. Finally, the Court
forced El Tiempo to use technological means (e.g. robots.txt and meta tags) to prevent
new search engines from indexing the news to their web pages.
In Decision T-098/17 the court rejected the claim of Luis Alfonso Cano Bolaño against
Caracol Televisión.24
tion of Mr Cano Bolaño in 2000 for several crimes. The Constitutional Court indicated
sion. As obiter dictum, the Constitutional Court underscored that in matters of criminal
habeas data
habeas data penal
ferring to a criminal record. According to the court, the faculty of suppression should be
Page 8 of 21

Belén Rodriguez
nal records fulfils legitimate constitutional and legal purposes to which the court had
telligence activities, enforcement of the law). In a convincing way, the court affirmed that,
in this case, there was no right to oblivion as such. Therefore, the court considered that it
was not part of the right of habeas data, allowing (p. 512) the possibility of demanding
of such data.
2.3 Mexico
tees the freedom to disseminate opinions, information, and ideas, through any means,
without prior censorship. The Mexican state guarantees the right to information, except
in the case that it attacks morals, private life, or the rights of third parties, provokes any
crime, or disturbs public order.
Likewise, the Constitution recognizes, in its article 7, the fundamental right to protection,
curity, public order provisions, security, and public health, or to protect the rights of third
ing of personal data. Compliance with that law is supervised by the National Institute of
Transparency, Access to Information and Protection of Personal Data of Mexico (INAI), an
ies, as well as the Federal Law on Protection of Personal Data are the fundamental tools
available to the Mexican state to promote digital protection rights.
In addition, in 2017 the Official Gazette published the General Law for the Protection of
Personal Data in Possession of Obliged Subjects through which Mexico seeks to have
greater control of the treatment of the personal data of every individual. This legislation
is added to the Telecommunications Law and the Personal Data Protection Law.
The decisions of Mexican courts will be analysed in the light of that legislation. The first
case that dealt with the matter was in 2011 in Anonymous Applicant v Federal Board of
Conciliation and Arbitration.25 The applicant had participated in a labour dispute before
the Federal Board of Conciliation and Arbitration. As part of that procedure, the Board
had posted notices in its online bulletins and anyone could find and access information
her personal data. On refusal to do so, the applicant requested that the Federal Institute
of Access to Public Information (IFAI) determine the cessation of the publication. In 2009,
the IFAI denied the request on the grounds that the request did not comply with the
grounds for the review as the relevant laws only allowed review of the denial of access to
Page 9 of 21

Belén Rodriguez
information instead of requests to stop the dissemination of information. (p. 513)
plicant filed an amparo
rection of personal data and the right to the elimination of personal data. In this regard, it
thority is incorrect or inaccurate, while the second applies in cases where the possession
of personal information by a public authority is unnecessary or excessive. In addition, the
information reported was considered as a historical document and, as such, could not be
nation of his personal data, and was only complaining about its continuous dissemination
which, in the opinion of the IFAI, involved the right to opposition instead of the right to
cluded that the right would only apply in cases where: (1) consent to process the data is
ble standards; and (3) there is a justified reason on the part of the applicant, based on
their specific personal situation, to request an end to the processing of their data to avoid
injury.
cally opposite direction.26 This was the first Mexican case not only referring to the right
co to remove various results following a search based on his name, which linked him to
acts of corruption. Given the refusal, the INAI initiated proceedings to sanction Google
ment it applied to personal data that appeared on web pages published by third parties.
Therefore, under certain conditions, the data subjects should be able to go directly to the
search engine to seek removal of links to web pages that contained information about her,
INAI concluded that Google had breached that obligation when it denied the request for
cancellation. It is worth noting that, later, Fortuna magazine filed an amparo suit against
the decision,27
process rights of Fortuna magazine. The Seventh Collegiate Circuit Court of the Auxiliary
Center of the First Region granted Fortuna
granted by the INAI affected the right to freedom of expression of the magazine and that,
therefore, it should have participated in the administrative procedure as an interested
third party. With that decision, the INAI resolution was (p. 514) overturned and de la
the proceedings.28
Page 10 of 21

Belén Rodriguez
Regardless of current and applicable regulations and jurisprudential decisions, it is worth
noting the actions of Mexican civil society organizations, which have urged rejection of
the right to be forgotten. Led by the Digital Rights Network, civil society organizations
tection of personal data or solve the real problems of misuse of data on the internet, but
rather implies regression.29
2.4 Peru
sion, and dissemination by any means of communication, without prior authorization or
tion that suspends or closes an organ of expression or that prevents it from circulating
freely.30 In turn, the Constitution (in the same article, different paragraph) provides the
31
tion of Personal Data.32 This guarantees the rights of access, rectification, cancellation,
tion and data in circulation. In Peru, there was additionally an administrative office in the
Ministry of Justice and Human Rights serving as a data protection authority that, since
al design of the data protection authority is currently undergoing change.
plication of the liability of search engines with respect to the processing of personal data.
In Resolutions 074-2014-JUS/DGPDP33 and 075-2014-JUS/DGPDP,34 (p. 515) the General
Directorate of Personal Data of Peru issued a decision against the website datosperu.org
for containing judicial and administrative resolutions without anonymization and without
giving the data holders the right to access, rectification, cancellation, and opposition.
In Resolution 045-2015-JUS/DGPDP,35 the General Directorate of Personal Data of Peru

was even more severe when ordering Google to de-index search results and imposing a
fine based on the liability of the search engine. The plaintiff had requested Google Peru to
cancel his personal data from any information or news regarding a criminal accusation
rectorate ordered Google to de-index certain results, so that they did not appear in the
Page 11 of 21

Belén Rodriguez
search engines, and imposed a fine. According to the General Directorate, de-indexing
the results does not imply in any case the elimination from the internet of all information
or news related to the matter, which (1) continues to exist unchanged on the source web
tact publishers in advance) and (2) is still accessible through search engines by any other
search term (reducing accessibility to information by searching by first and last names).
Additionally, the General Directorate of Personal Data of Peru identified three types of
dresses; (2) search engines proper, which in their database relate topics to keywords; and
(3) the metasearch engines, which do not have their own database, but use those of third
parties. According to the Directorate, Google Search is a search engine and there is no
doubt that, as such, it tracks information and catalogues it according to a certain order of
surnames, constitutes a processing of personal data and the Directorate considered, for
the first time in Peru,36 that Google was responsible for that data processing.
In the same year, the Directorate issued Resolution 026-2016 (2016) again against
Google.37
lation of his personal data contained in a notice related to the dismissal of a lawsuit to
which he was a party, which appears in Google search results, was denied. The General
trollers and, Google one such controller, was ordered to block not only specific URLs but
any and all searches related to the incident that could appear by searching for the
(p. 516)
dexing.
2.5 Uruguay
the Constitution does not exclude others that are inherent to human personality or derive
tion. Reinforcing constitutional protection, Law 18,331 was enacted in 2008 to regulate
the Protection of Personal Data and Habeas Data. Moreover, Article 329 of Law 16.226,
ceeding ended with revocation of the prosecution, dismissal, or acquittal.
Despite the current and applicable Uruguayan regulations, the case of AA and BB against
CC rejected a request to eliminate data and personal information.38 In the case, a man
was accused ten years earlier as a mentally incapacitated party of two homicides and
theft. He was admitted to a mental hospital and after release several years later, he
Page 12 of 21

Belén Rodriguez
was seeking information about the case involving their son. Therefore, the plaintiffs
brought an amparo action against the defendant to enjoin the future release of any TV
programme or information that might mention them or their son in connection with their
quest fitted within the area of prior censorship.
Nevertheless, that conclusion was not unanimous and the treatment of similar matters
ecutive Council of the Personal Data Regulatory and Control Unit, Resolution 1040/01239
determined that the best option to address the issue of content de-indexing would be to
take preventive measures to control the spread of information and, once the person who
moved from the internet and the most popular (p. 517) search engines should be asked to
remove the content from their caches.40 In any event, the Council adds, metatags can be
added in the HTML code of the web page to avoid indexing or caching of content.41
3.
dom of Expression Under the Inter American
System of Human Rights and its Impact on the
Right to be Forgotten
One of the established standards in the Inter American System of Human Rights is the
The text of Article 13 of the America Convention on Human Rights (ACHR) in relation to
the prohibition of prior censorship is clear.42 In 1985 when Advisory Opinion no. 5 (OC-5)
43
vention, which was partly modeled on Article 19 of the Covenant, contains a reduced list
of restrictions than that the European Convention and the Covenant itself, only because it
does not expressly prohibit prior censorship 44
Later, and reaffirming concepts already held in OC-5

ther by saying that:
Page 13 of 21

Belén Rodriguez
lows it in the case of public entertainment, but only in order to regulate access for the
moral protection of children and adolescents. In all other cases, any preventive measure
implies the impairment of freedom of thought and expression.45
(p. 518) Note the force of this last sentence which establishes that in the Inter-American
dexing of content).
tal age, it pertains to the possibility of casting subsequent responsibility on those who do
not intervene in the creation of contents found on the internet.46 How does this relate to
the just mentioned standard of the Inter-American system and with the implementation of
the right to be forgotten, as defined in the Costeja
cided Delfi As v Estonia case in the European Court of Human Rights?47
termediaries can avoid liability by applying some criterion of censorship. However, it is
doubtful if this would be possible in the context of the Inter-American System.
First, as explained earlier, the prohibition of prior censorship would also apply to cases
that seek to resolve the responsibility of intermediaries when they agree not to index
ticle 13(2) of the ACHR. On the other hand, leaving the possibility of censoring content to
viduals would be violating freedom of expression. OC-5 reminds us that:
(p. 519)
from
48
OC-5
Costeja or what the European Court of
Human Rights asked the news platforms to do in Delfi? The Inter-American Court in OC-5
49
Page 14 of 21

Belén Rodriguez
Secondly, when it comes to expressions that may concern public interest, OC-5
established the bases for the development of what some years later began to be called the
for certain expressions. This test finds an initial formulation in the Advisory Opinion of
established, according to the Convention, it is necessary that several requirements be

met, namely: a) the existence of previously established causes of liability, b) the express
and exhaustive definition of these causes by law, c) the legitimacy of the aims pursued
50
This test is important in the light of what the IACHR subsequently understood OC-5 to be
in a good number of cases where it interpreted Article 13. In them, the Court understood
that:
freedom of expression constitutes one of the essential pillars of democratic society and a
fundamental condition for its progress and the personal development of each individual.
so with regard to those that offend, are unwelcome or shock the State or any sector of the
population.51
quence for not de-indexing content that they do not create, such responsibility should be
established not only by respecting the tripartite test but also considering that a good
(p. 520) number of expressions that are currently the object of questioning and that are
thors or for intermediaries.
countries must be done with great care.
4. Conclusions
In view of the previous analysis, it might be important to underscore some preliminary
conclusions about trends and future developments in Latin America.
(1)
lematic.
Page 15 of 21

Belén Rodriguez
(2) It would seem that the trend in Latin America is to completely banish the idea of
Belén Rodriguez some
point was proposed by some scholars through theories that led to interpretation of
(3) Although the decisions do not go only in one direction, the influence of the Inter
American System of Human Rights seems to be powerful and for that reason there is
(4) However, determining, as it is proposed by some cases in Latin America or in

some way in the Costeja
yet resolved.
Perhaps, to stress some of the points already made in this chapter, the best way to wrap
up this review of the state of intermediary liability in Latin America might be by quoting
the 2016 annual report of the Office of the Special Rapporteur for Freedom of Expression
of the Inter-American Commission on Human Rights:
Costeja
trary, the Office of the Special Rapporteur is of the opinion that the application to
the Americas of a private system for the removal and de-indexing of online content
with such vague and (p. 521) ambiguous limits is particularly problematic in light
of the wide regulatory margin of the protection of freedom of expression provided
by article 13 of the ACHR.
The removal of content from the Internet constitute a clear interference with the
right to freedom of expression, in both its individual and social dimensions, as well
makes the information more difficult to find and renders it invisible. Both have a
sibility to seek, receive and impart information and ideas regardless of national
frontiers.
mation regarding governmental and military activity of the past and gross human
rights violations. People want to remember and not to forget. In this sense, it is
tion might impact the right to truth and memory.
Page 16 of 21

Belén Rodriguez
The protection of personal data to which the right to be forgotten refers cannot
lead to the imposition of restrictions on information disseminated by media outlets
platforms cannot be understood as personal data controllers. They are public

sources of information and platforms for the dissemination of opinions and ideas
der nor to the suppression of online content regarding matters of public interest.52
Notes:
(*) I thank Victoria Racciatti who assisted me in writing this chapter. Victoria conducted
part of the research and drafted some parts of the chapter under my supervision. Victoria
obtained her Law degree suma cum laude from the Universidad de San Andrés (2017)
tion from the Universidad Austral (2017) and the other, in migrants and protection of
refugees from the Universidad de Buenos Aires (2018). This chapter is up to date as of
December 2018.
(1) I published these ideas some time ago at The Huffington Post. See Eduardo Bertoni,
Huffington Post
vember 2014) <https://www.huffingtonpost.com/eduardo-bertoni/the-right-to-be-
forgotten_b_5870664.html>.
(2) See C-131/12 Google Spain SL v. Agencia Española de Protección de Datos [2014]
ECLI:EU:C:2014:317.
(3) Peter Fleischer, The right to be forgotten, or how to edit your history (Peter Fleischer
Blogspot, 29 January 2012) <
gotten-or-how-to-edit.html>.
(4) See Jonathan Zittrain, The Future of Internet and How to Stop It (Yale U. Press 2008).
(5) See Corte Suprema de Justicia de la Nación [National Supreme Court] Rodríguez,
María Belén v Google Inc./daños y perjuicios [2014] CSJN Case no. 337:1174 (Arg.).
(6) ibid. para. 2.
(7
(8) ibid. para. 15.
(9) ibid. para. 16.
(12) ibid.
Page 17 of 21

Belén Rodriguez
(13) ibid.
(14) ibid.
(15
bre Protección de la Vida Privada [Draft Law no. 10608-07 of 7 April 2016 amending Law
no. 19.628 on the Protection of Private Life] (Chile).
(16) See Corte de Apelaciones de Valparaíso [Court of Appeal of Valparaiso] Abbott

Charme, Jorge v Google Chile [2012] case no. 228-2012 (Chile).
(17) See Corte de Apelaciones ISB y otros v VF, Google Chile y Google Inc. (Chile).
(18
https://cldup.com/Fp8gDqNpkC.pdf> (Chile).
(19
(20) See Sala Sexta de Revisión de la Corte Constitucional [2013] case no. T-3819973
(Col.).
(21) See Sala Sexta de Revisión de la Corte Constitucional [2013] case no. T-3819973
(Col.).
(22) See Sala Primera de Revisión de la Corte Constitucional [2013] case no. T-3.623.589
(Col.).
(23) See Sala Primera de Revisión de la Corte Constitucional [2015] case no. T-4296509
(Col.).
(24) See Sala Novena de Revisión de la Corte Constitucional [2017] case no. T-5759011
(Col.).
(25) See Anonymous Applicant v Federal Board of Conciliation and Arbitration [2011] in
Columbia University Global Freedom of Expression <https://
globalfreedomofexpression.columbia.edu/cases/fiaipd-anonymous-applicant-v-federal-
board-conciliation-arbitration/>.
(26) See Instituto Federal de Acceso a la Información y Protección de Datos [2014] case
no. PPD.0094/14 (Mex.) <http://inicio.ifai.org.mx/pdf/resoluciones/2014/PPD%2094.pdf>.
(27) See Séptimo Tribunal Colegiado de Circuito del Centro Auxiliar de la Primera Región
[2017] (Mex.) <http://sise.cjf.gob.mx/SVP/word1.aspx?
arch=1100/11000000188593240001001.docx_0&sec=_Mercedes__Santos_Gonz%C3%A1lez&svp=1>
(28 ¡Ganamos! Tribunal anula resolución

del INAI sobre el falso derecho al olvido https://r3d.mx/2016/08/24/amparo-inai-
derecho-olvido>.
Page 18 of 21

Belén Rodriguez
(29
versal, 2016) <http://www.eluniversal.com.mx/articulo/cartera/telecom/2016/07/12/piden-
eliminar-derecho-al-olvido-de-constitucion-en-cdmx>.
(30) Political Comstitution, enacted 29 December 1993, Art. 2(4) (Per.).
(31) ibid. Art. 2(6).
(32) See Ley no. 29.733, 3 de julio de 2011 [Law no. 29.733 of 3 July 2011] (Per.) <http://
www.leyes.congreso.gob.pe/Documentos/Leyes/29733.pdf>.
(33) See Resolución Directoral [2014] case no. 074-2014-JUS/DGPDP (Per.) <https://
www.minjus.gob.pe/wp-content/uploads/2014/11/expediente-007-2014-PTT-
censurado.pdf>.
www.minjus.gob.pe/wp-content/uploads/2014/11/expediente-008-2014-ptt-
censurado.pdf>.
www.minjus.gob.pe/wp-content/uploads/2016/04/Exp.-12-2015-RD-45-2015-PTT.pdf>.
(36 La Ley,
2016) <http://laley.pe/not/3377/derecho-al-olvido-en-version-peruana-1-1>.
(37) See Resolución Directoral [2016] case no. 026-2016-JUS/DGPDP (Uru.) <https://
hiperderecho.org/wp-content/uploads/2016/06/datos_personales_google_olvido_2.pdf>.
(38) See Juzgado Letrado de Primera Instancia en lo Civil de 8° Turno no. 55 [2008] case
no. IUE 2-400000/2008 (Uru.) <http://www.redipd.org/documentacion/jurisprudencia/
common/uruguay/sentencia-del-juzgado-letrado-de-primera-instancia.pdf>.
(39
ber 2012] Resoution no. 1040/012 (Uru.) <
ries/normativa/URCDP_Res_1040-012.pdf>.
(40) ibid. 3.
(41) ibid.
(42) See Organization of American States (OAS), American Convention on Human Rights
13.
(43) See Advisory Opinion OC-5/85 Series A no. 5 (Inter-American Court of Human Rights,
de medidas de control preventivo sino fundamento de responsabilidad para quien lo haya
Page 19 of 21

Belén Rodriguez
(44) ibid.
(45) La Última Tentación de Cristo (Olmedo Bustos y otros) v Chile Serie C no. 73 (Inter-
American Court of Human Rights [IACHR], 2009) para. 70.
(46
Internet services such as providing access, or searching for, or transmission or caching of
ing those services, as long as they do not specifically intervene in that content or refuse
to obey a court order to remove that content, where they have the capacity to do so
aries should not be required to monitor user-generated content and should not be subject
Freedom of Expression and the Internet by the United Nations Special Rapporteur on
Freedom of Opinion and Expression, the OSCE Representative on Freedom of the Media,
the OAS Special Rapporteur on Freedom of Expression and the African Commission on
http://www.osce.org/fom/78309?download
=true>. This Declaration was followed by the RELE-OEA in a 2013 report.
(47) See Delfi AS v Estonia

tailed description of the case, Chapter 24.
(48) Advisory Opinion OC-5/85 (n. 43) para. 38.
(51) See Herrera Ulloa Serie C no. 107 (IACHR, 2001) para. 113; La Última Tentación de
Cristo (n. 45) para. 69; Ríos y otros v Venezuela Serie C no. 194 (IACHR, 2009) para. 105;
Perozo y otros v Venezuela Serie C no. 195 (IACHR, 2009) para. 116.
(52) Office of the Special Rapporteur for Freedom of Expression of the Inter-American
<http://www.oas.org/en/iachr/expression/docs/reports/annual/
AnnualReport2016RELE.pdf>.
Eduardo Bertoni
Page 20 of 21

Belén Rodriguez
gentina, Director of the Post-graduated Program on Data Protection at Buenos Aires
versity School of Law, New York. Email: eduardo.bertoni@nyu.edu and

eduardobertoni@derecho.uba.ar.
Page 21 of 21

The Right to Be Forgotten in the European Union

Miquel Peguera
This chapter discusses data protection aspects of liability of online intermediaries with
special emphasis on the right to be forgotten as developed by the Court of Justice of the
European Union (CJEU) and later by national courts in Europe. It considers also relevant
be forgotten as they are being currently applied in the EU. First, the right to be forgotten
condly, the right-to-be-forgotten claims directed against primary publishers to have the
information deleted or anonymized at the source. In doing so, this chapter will point to
hotly debated issues, recently addressed by the CJEU, such as the geographical scope of
tion of processing of sensitive data that should theoretically apply to all data controllers,
including those online intermediaries that qualify as such. This chapter also considers
how balancing of rights should occur when right-to-be-forgotten claims to delist content
are brought against search engines or publishers.
Keywords: right to be forgotten, search engines, Google Spain, GDPR, CNIL, freedom of expression, CJEU, ECtHR
AMONG the huge volume of content that is made available at a rapidly growing pace on
dividuals. Such information may be inaccurate, may be shown out of context, or may be
decades old and have become embarrassing or damaging today. Even where it is perfectly
gines cause such information to emerge as one of the first results in a search made on the
want such information to be permanently remembered and linked to him or her. He or she
Page 1 of 20

The problem of the widespread availability of privacy-damaging information is not new. It

has been dealt with since long before the internet era, sometimes under the label of droit
, particularly in connection to mass media publications.1 Nonetheless, the issue
has grown to an unprecedented level after the eruption of the web, the digitization of
press archives, and the ease of finding information thanks to search engines.2
ter of Fundamental Rights of the European Union,3 which is in some respects (p. 487)
wider than that of privacy notwithstanding their overlaps,4
tional self-determination.5 It includes the right to have personal data erased wherever
lation (GDPR)6
When the works for revamping the EU data protection legal framework started around
over their data,8

tive was still challenging, especially regarding the online environment. Specifically, the
dividuals to have their data no longer processed and deleted when they are no longer
9
10
Nonetheless, the GDPR did not expressly codify the outcome of the landmark 2014 ruling
issued by the Court of Justice of the European Union (CJEU) in the Google Spain case.11
The ruling held that internet search engines are obliged to remove the search results
(p. 488) or
12
where the search is made on the basis of the data
Google Spain
13
ly applicable under the GDPR.
This chapter will briefly consider two manifestations of the right to be forgotten as they
are being currently applied in the EU. First, the right to be forgotten vis-à-vis internet
Page 2 of 20

search engines; that is, the right to be delisted from search results. Secondly, the right-to-
be-forgotten claims directed against primary publishers to have the information deleted
or anonymized at the source.
1. The Right to be Forgotten Vis-à-Vis Search

Engines
Under EU data protection law, the so-called right to be forgotten may be exercised by a
tions for any of those rights are met. Such claims may be directed to any data controller.
sisted of its use vis-à-vis internet search engines, following the recognition of this right by
the CJEU in Google Spain.
1.1 Google Spain
As a threshold question, the Court in Google Spain dealt with the territorial scope of the
then-in-force Data Protection Directive. It found that it was applicable to the processing
offered by the search engine.14 As a result, one of the connecting factors provided for in
the Directive to trigger its applicability was met.15 The same conclusion can certainly be
(p. 489)
necting factor, and generally widens the territorial scope compared to the Directive.16
processing of the
personal data included in the web pages it indexes and gives access to through the search
results, a processing which is different from that carried out by the websites where the
information is located;17 and (2) is a data controller, as it determines the purposes and
means of such a processing.18 Again, the basis for such conclusions may also be found in
After redrafting some of the questions posed by the national court so as to be able to give
of search results pointing to personal information in searches carried out on the basis of
stance, where the data are inadequate, irrelevant, or excessive in relation to the purposes
Page 3 of 20

data quality.19
According to the CJEU, the data subject does not need to have suffered any prejudice;20
the data does not have to be necessarily unlawful, inaccurate, or untruthful, or even be
private information. In addition, there is no need to have the content erased beforehand
removal. The data subject may directly request the delisting of the search results to the
search engine, as it carries out a separate and additional processing from that carried out
by the primary publisher.21
life and on the interest of the public in having that information, an interest which may
22
(p. 490)
its of the right-to-be-forgotten requests and make a decision taking into account the
rights and interests involved.23 When a request is rejected by the search engine, the data
subject may resort to the Data Protection Authority (DPA), which may order the search
engine to delist the link. Courts may also be involved either where a data subject files a
1.2 Delisting in Numbers
When considering the practical application of the right to be forgotten in relation to

search engine results, Google is of course the crucial source of information to look at, not
least because of its absolute dominance in Europe, where it holds more than 90 per cent
of the market share for search engines.24
25
2019, it received 864,791 requests to delist. Each request may comprise one or more
URLs to be delisted. The requests received in that period comprised 3,426,336 URLs. Out
ed 1,327,420 URLs (45.0 per cent) and rejected delisting 1,620,598 URLs (55.0 per
cent).26
Most of the requests (88.4 per cent) came from private individuals. The remaining 11.6
rate entities, and requests made on behalf of deceased persons.
Page 4 of 20

rectories or aggregators of information about individuals such as names and addresses,

11.5 per cent on social networking sites, 18.8 per cent on the website of a media outlet or
(p. 491)
lighted that 17.5 per cent of URLs related to professional information. In addition to
those, content related to professional wrongdoing made up 6.1 per cent of URLs, and
crime represented 6.2 per cent. Pages containing self-authored content made up 6.7 per
cent of URLs. Non-sensitive personal information, such as addresses, contact details, or
other cases, the name of the requester did not appear on the web page (15.5 per cent).
must be recalled that delisting only implies that the result will not be shown in searches
queries. Conversely, requests that lack sufficient information are not delisted. A very high
delisting rate applies to non-sensitive and sensitive personal information. Crime-related
content is delisted in less than half of cases, as well as self-authored content. Professional
information and content related to professional wrongdoing have a very low delisting
rate; and an even lower rate applies to political information.
1.3 Balancing Rights
The balancing exercise required by the CJEU lies at the core of any delisting decision.
ed removal. Some helpful criteria were provided by the Guidelines issued by the Article
29 Working Party (Article 29 WP).27 A small fraction of data subjects who do not agree
a result, a body of case law is being created, which deals with a variety of situations and
reflects the different cultural approaches to freedom of expression and information. By
which is the EU country where far more court rulings have been handed down regarding
delisting requests.28
A relevant case in the UK is NT1, NT2 v Google LLC,29 which decides on two separate
quested Google to delist search results to information about their convictions. After
Google rejected delisting most of the links, they brought judicial proceedings seeking
(p. 492)
leged that the information was inaccurate and, in any event, out of date, not relevant, of
Page 5 of 20

tice Warby considered specifically the criteria contained in the Article 29 WP Guidelines,
finding particularly relevant the criterion regarding the cases where the data relate to a
the de-listing of search results relating to relatively minor offences that happened a long
30
NT1 had been convicted of conspiracy of false accounting for the purpose of evading tax.
pany director. The Court of Appeal noted that he had been the principal actor in the false
accounting conspiracy.31
accurate, was related to his business life not his personal life, and originally appeared in
the national media, being a foreseeable consequence of his criminal conduct. Mr Justice
Warby concluded that the information retained sufficient current relevance even though,
32
A different outcome was reached regarding the second claimant. NT2 had been convicted
of phone tapping and computer hacking and had pleaded guilty. He was sentenced to six
of date and irrelevant and there was no sufficient legitimate interest of internet users in
tition, and no need for anybody to be warned about it.33
tive comments about the professional conduct of a renowned medical doctor.34
ing public interest in finding the information. The DPA then ordered Google to remove the
ences and opinions. However, in another case also concerning the professional activity of
upheld.35 In the latter case

(p. 493)
the court argued that the publication was more than twenty years old; the doctor, who
specialized in gynaecology and obstetrics, lacked public relevance or public notoriety in
his professional field, and had not committed a crime but was at fault of negligence.
Page 6 of 20

Somewhat similarly, in a decision by a Dutch court of first instance, a surgeon who had
been disciplined for medical negligence was granted a delisting request.36 The surgeon
was included in a website containing an unofficial blacklist of doctors. The court found
that the website might suggest that the surgeon was unfit to treat people, which was not
matched with such a result in any search on the basis of her name should prevail over the
In another ruling,37
well that there was a public interest in accessing the information. Interestingly, the court
dictum
derline that Article 17 GDPR expressly considers freedom of expression as an exception
to the right to erasure.
Other cases concern information about political activities. In a 2017 ruling which denied
cratic transparency.38 The ruling cited a 2007 judgment of the Spanish Constitutional
Court where it was held that a person who participates as a candidate in a public election
formation must be public in a democratic society.39
A relevant factor in any analysis is whether the information relates to the professional or
lower.40
ment, even though a long period of time is not necessarily required.41
In yet another Spanish case, on this occasion concerning Yahoo,42

(p. 494)
ject requested the delisting of results pointing to information about the Cali Cartel and
jected the request, the individual obtained a delisting order from the DPA. Yahoo brought
mation related to his commercial activities and was of social significance. The AN held
that one of the links should indeed be delisted as, in view of the documents proving the
from the publication of the news report, and more than fifteen years after the closure of
moval of the other two URLs, noting that they referred to much more recent publications,
the data subject was a prestigious businessman and thus a public figure, and the public
interest should prevail.
All in all, these examples reveal that where there may be a significant public interest,
such as in cases affecting professional activities or concerning public figures, a truly
Page 7 of 20

case-by-case approach is followed, reaching sometimes diverging outcomes which are not
always straightforward in view of the limited context which some rulings provide.
1.4 Geographical Scope
Google Spain did not specify the territorial scope of the delisting. It was not clear in the
name corresponding to the country were the search is carried out (e.g. google.fr, in the
mains; or even if, irrespective of the place where the search was initiated, the link should
be removed on any domain name used by the search engine, including the .com and the
43
The latter option appears to be the one favoured by the Article 29 WP in its guidelines on
the application of Google Spain.44
lishes an obligation of results, which must be implemented in such a way that guarantees
45
(p. 495) The practical application of this criterion has not been homogeneous. In a 2015
46
case,
ever, the Stockholm Administrative Court upheld the delisting only for searches made
court argued that global delisting would imply going beyond the scope of application of
the Directive and would prejudice legal certainty.47
The geographical scope of the delisting was brought before the CJEU in Google v CNIL.
Advocate General Szpunar delivered his Opinion on 10 January 2019, recommending a
names, but only for searches carried out in the EU.48
and offered instead to use geoblocking techniques to remove the links whenever a search
main name utilized by the internet user. This was not accepted by the CNIL, which fined
essence: (1) whether a search engine is obliged to delist globally; (2) if not, whether it is
enough to delist on the domain name of the state in which the request was made, or more
Page 8 of 20

main for searches deemed to be initiated in the EU country of the data subject, or more
generally in any EU Member State.
other fundamental rights, particularly that of receiving information, and that if worldwide
delisting was to be imposed, EU authorities would not be able to define and determine a
right to receive information, let alone to balance that right against other fundamental
rights, particularly taking into account that the public interest in accessing information
would vary from one third-country to another.49 He warned against the risk of preventing
wide delisting, other countries may want to do the same according to their own laws, thus
giving rise to a race-to-the-bottom, affecting freedom of expression both at the European
level and globally.50 As to the other questions, Advocate General Szpunar underlined that
Google Spain
achieved.51 He (p. 496)
concluded that the delisting should therefore cover any search carried out from a location
in the EU. The search engine operator should employ all means at its disposal to ensure
that such delisting was effective and complete, which included resorting to geoblocking
techniques.52
The Court, which considered the questions in the light of both the Directive and the
GDPR, offered a somewhat open answer in its ruling, handed down on 24 September
2019. It noted that a delisting carried out on all the versions of a search engine would
certainly meet in full the objective of guaranteeing a high level of protection of personal
data throughout the EU.53
der search results ubiquitous, and that when the results concern a person whose centre
of interests is located in the EU, access to those links, also from outside the EU, is likely
tifies the existence of a competence on the part of the EU legislature to require global
delisting.54 However, the Court concluded that neither the Directive nor the GDPR have
chosen to impose such an obligation,55 and held therefore that current EU law does not
require delisting on all the versions of a search engine.56 It also held that, under the
sponding to the Member State of residence of the data subject, but in respect of all the
Member States. In addition, the ruling established that, if necessary, the search engine
must take measures to prevent or, at the very least, seriously discourage internet users in
57
It is for the national courts to assess the adequacy of such measures.
referencing granted concern all versions of the search engine in question, it also does not
58
Page 9 of 20

appropriate, the operator of [a] search engine to carry out a de-referencing concerning
59
1.5 Sensitive Data
Characterizing a search engine as a data controller raises the question of how a search
huge amount of data it indexes. As noted earlier, Google Spain held that search engines
(p. 497)
60
This may be understood as
tions, and as an effective limitation of its obligations in that respect. Nonetheless, the
matter requires clarification, particularly in relation to the prohibition of processing of
ions, religious or philosophical beliefs, and data on health and sexual life.61
mation containing sensitive data, and how the exception based on freedom of expression
should play out in those cases. In his Opinion,62 Advocate General Szpunar suggested that
the Court should answer that the prohibition of processing sensitive data does apply to a
Google Spain
framework of its responsibilities, powers, and capabilities, noting that ex ante control by
search engines would be neither possible nor desirable.63 Crucially, Advocate General
data cannot be applied to a search engine as if the search engine itself had put the data
on the indexed web pages. Rather, they can only apply to a search engine by reason of the
indexation and location of the information, and therefore, by means of ex post verification
after a delisting request.64 In the judgment delivered on 24 September 2019, the Court
der the supervision of the competent national authorities, following a request by the data
65
The Court also held that the operator of a search engine is in principle required by the
quests concerning those data. However, if it establishes that the processing is covered by
the request, provided that all the other conditions of lawfulness are satisfied, and unless
the data subject has the right to object to the processing on grounds relating to his or her
particular situation.66
Page 10 of 20

In addition, the Court acknowledged the need to balance the rights of privacy and data
protection with the right of freedom of information guaranteed in Article 11 of the
(p. 498)
67
A previous Dutch case reported by Kulk and Borgesius seems to be in line with the
68
There, the lower court ordered Google to delist a link to information
about a criminal conviction, which under Dutch law is considered sensitive data, precisely
because of the sensitive character of the data.69
versed, and the court held that the search engine could benefit from the exception for
journalistic purposes.70
2. The Right to be Forgotten Vis-à-Vis Primary

Publishers
While the right to be forgotten has most dramatically affected search engines, requests
and legal actions have also been brought against primary publishers of information. As
Google Spain
tions may be different than when referring to processing by a search engine. Most cases
casion to balance the rights at stake.
Nationally, there have been divergent rulings regarding claims seeking to anonymize
2016 a lower court decision ordering Le Soir to anonymize the name of the claimant in
the online version of an article published in 1994.71 The article reported the conviction of
the claimant, who caused a car accident in which two people died, while driving under
der the general right to privacy, rather than being a claim based on data protection. The
(p. 499)
freedom of expression and information consisting in anonymizing the name of the

claimant in the digital archive was justified.
Conversely, in a case against El País,72
such archives are protected by the right to freedom of expression and information. The
court also rejected that the newspaper should delist the result in its website internal
search tool.73 The latter holding was nonetheless reversed by the Constitutional Court,
Page 11 of 20

holding that the claimant had the right to have the results delisted in the internal search
74
plemented exclusion protocols so that the content was not indexed by search engines.
Failing to do so constituted an illegal processing by the publisher and thus the court
er.75
On the other hand, in ECtHR cases dealing with news publishers, the Court has engaged
spect for private and family life (Art. 8) and the right to freedom of expression (Art. 10),
information. Nonetheless, the ECtHR has stressed the important role of online archives in
such archives fall within the scope of Article 10 ECHR.76
Indeed, the ECtHR has strongly protected freedom of information against attempts to
suppress information from press archives, even for information which has been declared
defamatory.
A case in point is
cians. A domestic court found the allegations to be unfounded and damaging to the
(p. 500)
article from the online archive and compensation for non-pecuniary damages. The claim
ing the archive was protected under Article 10,77 and found no violation of Article 8.
thorities to engage in rewriting history by ordering the removal from the public domain of
all traces of publications which have in the past been found, by final judicial decisions, to
78
When assessing the degree of the diffusion of a news report, the ECtHR considers the
original reach of the publication rather than the amplifying effects facilitated by search
was readily available through search engines, the Court disregarded the claim noting that
the applicants had not contacted the search engine to have the links removed.79
Page 12 of 20

In M.L. and W.W. v Germany

oblige media publishers to suppress from their news reports available online the names of
80
The case concerned the murder of a popular
actor, of which the applicants had been convicted and served time in prison. According to
the German Federal Court of Justice, the concerned news reports were objective and
truthful. Interestingly, in this case the ECtHR cited the Google Spain
ly.
ing the affected person may be different than those of the publisher of the information.
dom of expression seeks to protect, the main interest of a search engine is not that of
publishing the information about the affected individual, but to make it possible for the
public to find the available information about that person and to establish a profile about
him or her.81
The ECtHR jurisprudence provides some criteria for weighing the interests at stake;
son affected, the subject of the news report, the prior conduct of the person concerned,
82
Applying these criteria in M.L. and W.W. v
Germany, the ECtHR found that the freedom of expression and information should prevail
over the rights of the claimants, and thus that Germany did not incur a violation of the
latter. In particular, the ECtHR found that the news reports at issue did (p. 501) contribute
to a debate of public interest. The issue at stake was not the initial publication of the
the data subjects were about to leave prison, and thus were all the more interested in no
longer being confronted with their criminal past in view of their social reintegration. In
that regard, the ECtHR fully agreed with the German Federal Court in that the public has
a legitimate interest not only in being informed about current events, but also in being
able to search for information about past events, and reminded that the public interest in
accessing online press archives is protected under Article 10.83 The ECtHR also warned
that finding otherwise could give rise to a chilling effect, with news publishers avoiding
making their archives available online or omitting parts of news reports.
In this case, the applicants did not intend to have the news reports deleted altogether, but
only to have their names erased from them, which implies a lower degree of interference
with freedom of expression. Nonetheless, the ECtHR held that including in a news report
ing such details is an important aspect of the work of the press, all the more when it
comes to reporting criminal proceedings that have aroused considerable public
interest.84
Page 13 of 20

3. Conclusions
the dissemination and persistent availability of information about them. The basis for
such a right may be found in the fields of privacy, data protection, and other personality
rights. The most visible manifestation of the right to be forgotten focuses on obtaining
son, and emerged in 2014, in the framework of data protection law, with the landmark
Google Spain judgment.
Since the Google Spain

gines is well-established and settled law. The key findings of the judgment, no matter how
risdictions.85 In any event, delisting requests are routinely dealt with by search engines,
cise details, the GDPR only enhances what the Court had already devised based (p. 502)
expression and information.
The key element when it comes to exercising the right is the appropriate balancing of
rights and interests the search engine is initially called on to perform. Search engines
and DPAs seem to converge more and more in the criteria and results of the analysis,
which in turn are modelled by court decisions. The areas where the outcomes are more
tent relating to crimes or to involvement in actual or alleged unlawful activities in the

past. Nonetheless, significant open questions still surround the right to be forgotten. Two
of them, extraterritoriality and sensitive data, have been highlighted in this chapter.
Though they have already been tackled by the CJEU, the practical application of the
The right to be forgotten is also being exercised against primary publishers, particularly
sizes the importance of such archives for accessing information and tends to favour their
inalterability, while accepting less intrusive measures to provide for some obscurity to
benefit the individual expectations of oblivion.
Notes:
(1
and references therein.
(2) See e.g. Viktor Mayer-Schönberger, Delete: The Virtue of Forgetting in the Digital Age
(Princeton U. Press 2009).
Page 14 of 20

(3) See Charter of Fundamental Rights of the European Union [2012] OJ C326/391 (the
Charter), Art. 8. On the recognition of data protection as a fundamental right, see Gloria
González Fuster, The Emergence of Personal Data Protection as a Fundamental Right of
the EU (Springer 2014).
(4
(5
Colorado Tech. L.J. 307, 313.
(6) See Regulation 2016/679/EU of the European Parliament and the Council of 27 April
2016 on the protection of natural persons with regard to the processing of personal data
and on the free movement of such data, and repealing Directive 95/46/EC (General Data
Protection Regulation) [2016] OJ L119/1.
(7) See the no-longer-in-force Directive 95/46/EC of the European Parliament and of the
Council of 24 October 1995 on the protection of individuals with regard to the processing
of personal data and on the free movement of such data [1995] OJ L281/31, Art. 12(b).
(8
(9
http://europa.eu/rapid/press-
release_SPEECH-10-700_en.htm>.
(10) However, there is little in Art. 17 which was not already recognized for data subjects
in the Directive, and thus it is not clear that the right to erasure has been meaningfully
enhanced by the GDPR, the addition of the right-to-be-forgotten words being arguably
cosmetic.
ECLI:EU:C:2014:317.
(13
sion into account.
(14) See C-131/12 (n. 11) para. 60.
(15) See Directive 95/46/EC (n. 7) Art. 4(1)(a).
(16) See Regulation 2016/679/EU (n. 6) Art. 3.
(17) C-131/12 (n. 11) para. 35.

Page 15 of 20

(19) See Directive 95/46/EC (n. 7) Art. 6(c). Similarly, the principle of data minimisation
(20) C-131/12 (n. 11) para. 96.
(22) ibid. para. 81. Some criticism about the way the CJEU framed the balancing of rights
Google Spain v.
González
panola de Proteccion de Datos
507.
(23
Unexpected Consequences of the EU Right to Be Forgotten: Internet Search Engines as
Personal Data Protection and
Legal Developments in the European Union (IGI Global, 2020) <
stract=3277348>.
(24) See Statcounter <http://gs.statcounter.com/search-engine-market-share/all/europe>.
(25) See (2019) <https://transparencyreport.google.com>. For a detailed research paper
https://g.co/research/rtbf_report>.
(26
not fully processed as of 31 October 2019.
(27
225 <https://ec.europa.eu/newsroom/article29/item-detail.cfm?item:id=667236>.
(28
Page 16 of 20

(29) See NT1, NT2 v Google LLC [2018] EWHC 799 (QB) (UK).
(30
(31) See NT1, NT2 v Google
(32) ibid. [170].
(33) ibid. [223].
(34) Audiencia Nacional (AN) judgment of 11 May 2017 ECLI:ES:AN:2017:2433 (Sp.).
(35) See AN judgment of 13 July 2017 ECLI:ES:AN:2017:3257 (Sp.).
(36) See Rechtbank [District Court] Amsterdam decision of 19 July 2018 ECLI:NL:RBAMS:
The Guardian, 21 January 2019) <

gy/2019/jan/21/dutch-surgeon-wins-landmark-right-to-be-forgotten-case-google>.
(37) AN judgment of 12 December 2018 (Sp.).
(38) See AN judgment of 19 June 2017 ECLI:ES:AN:2017:2562 (Sp.). More recently, in a

similar case, the court held likewise, denying the requested delisting. See AN judgement
of 27 November 2018 ECLI:ES:AN:2018:4712 (Sp.).
(39) Tribunal Constitucional [Constitutional Court] judgment 110/2007 [10 May 2007]
ECLI:ES:TC:2007:110 (Sp.).
(40
ing a legal adviser at the Parliament, where the information was not just a critique of her
ligious beliefs, the AN ordered the delisting. See AN judgment of 5 January 2018
ECLI:ES:AN:2018:136 (Sp.).
(41) e.g. the lapse of three years was highly relevant for granting the delisting in a case
tion. See AN judgement of 25 July 2017 ECLI: ES:AN:2017:3260 (Sp.).
(42) See AN (Administrative Chamber) judgment of 8 November 2017 ECLI: ES:AN:

2017:5118 (Sp.).
(43
Jurisdiction After Google Spain
(44
Page 17 of 20

(45) ibid. para. 20. While it is true that the WP29 did not state that the delisting should be
made on all domain names only on the relevant ones, it certainly included the .com
domain, which in any event is rejected by those opposing global delisting.
(46
The IPkat, March 2018) <http://
ipkitten.blogspot.com/2018/05/swedish-court-holds-that-google-can-be.html>.
(47) ibid.
(48
(CNIL) [2019] ECLI:EU:C:2019:15, Opinion of AG Szpunar.
(50
wide delisting could be required but notes that there is no reason for that in the case at
issue.
(51) C-131/12 (n. 11) para. 38.
(52
(53
(CNIL) [2019] ECLI:EU:C:2019:772, para. 55.
(56
(57) ibid. paras 70, 73.
(59) ibid.
(60) C-131/12 (n. 11) para. 38.
(61) See Directive 95/46/EC (n. 7) Art 8 and GDPR (n. 6) Arts 9 and 10. See also Joris van
per no. 2495580 (2014) <https://ssrn.com/abstract=2495580>.
(62
ertés (CNIL) [2019] ECLI:EU:C:2019:14, Opinion of AG Szpunar.
(63
(64
Page 18 of 20

(65
ertés (CNIL) [2019] ECLI:EU:C:2019:773, para. 48.
(67) ibid.
(68
The
Cambridge Handbook of Consumer Privacy (CUP 2018).
(69) See Rechtbank Rotterdam decision of 29 March 2016 ECLI:NL:RBROT:2016:2395

(Neth.).
(70) See Hof Den Haag [Court of The Hague] decision of 23 May 2017 ECLI:NL:GHDHA:
2017:1360 (Neth.).
(71) See Cour de Cassation Olivier G v Le Soir [29 April 2016] no. C.15.0052.F (Fr.).
(72) See Tribunal Supremo [Supreme Court] (Civil Chamber) judgment of 15 October
2015 ECLI:ES:TS:2015:4132 (Sp.).
(73
delisting should not apply to search engines with a restricted field of action, particularly
18).
(74) See Tribunal Constitucional judgment of 4 June 2018 ECLI:ES:TC:2018:58 (Sp.).
(75) See Oberlandesgericht [Higher Court] Hamburg decision of 7 July 2015 7U 29/12
(76) See Times Newspapers Ltd (Nos 1 and 2) v UK

tHR, 10 March 2009) para. 27.
(77) See App, no. 33846/07 (ECtHR, 16 July

2013) para. 65.
(78) ibid.
(79) See Fuchsmann v Germany App. no. 71233/13 (ECtHR, 19 October 2017) para. 53;
M.L and W.W. v Germany App. nos 60798/10 and 65599/10 (ECtHR, 28 June 2018) para.
114.
(80) ibid.
(81) ibid. para. 97 (referring to Google Spain

Page 19 of 20

(83) See (n. 77) para. 65.
(84) See M.L. and W.W. v Germany (n. 79) para. 105. The ECtHR refers to Fuchsmann (n.
79).
(85
University of Cambridge Faculty of Law Research Paper no. 46/2017 (2017) <https://
ssrn.com/abstract=3043870>.
Miquel Peguera
Miquel Peguera is an Associate Professor of Law at the Universitat Oberta de

Catalunya (UOC) in Barcelona and Affiliate Scholar, Stanford Center for Internet and
Society. Email: mpeguera@uoc.edu.
Page 20 of 20

Free Expression and Internet Intermediaries: The Changing Geometry of
European Regulation
Free Expression and Internet Intermediaries: The

Changing Geometry of European Regulation
Tarlach McGonagle
This chapter explores ongoing shifts in the geometrical patterns of speech regulation in
twined legally binding and political standards adopted by the Council of Europe and the
couraged, particular geometrical patterns in European lawmaking and policymaking.
ing shift in existing regulatory patterns, which entails a significant move towards foisting
tent hosted by them or distributed via their services or networks. There is an emergent
preference for self-regulatory codes of conduct as a regulatory technique. However, as
this chapter will argue, the relevant European codes of conduct are less voluntary than
they may ostensibly seem as recent codes of conduct seem to have a coercive undertone.
Keywords: freedom of expression, Europe, Council of Europe, ECHR, speech, intermediary liability, Delfi, AVMS
*
IN Europe, as elsewhere in the world, the perennial political and scholarly debates about
the regulation of expression continue unabated. Fuelled by an incessant stream of high-
tional human rights standards also apply (fully) in the online environment? Do they need
to be rethought and repurposed? When does regulation for
ping point and tumble into regulation of free expression? Is it necessary, desirable, or
forms in the online environment?
Page 1 of 21

European Regulation
The chapter explores ongoing shifts in the geometrical patterns of speech regulation in
Europe. It first sets out the regulatory framework, which comprises an array of (p. 468)
tertwined legally binding and political standards adopted by the Council of Europe and
the European Union. It then explains how this framework has given rise to, and indeed
encouraged, particular geometrical patterns in European lawmaking and policymaking.
kets for such technologies and services.
ternet intermediaries for illegal third party content hosted by them or distributed via
their services or networks. There is an emergent preference for self-regulatory codes of
pean codes of conduct are less voluntary than they may ostensibly seem. Whereas in the
past, the encouragement by public authorities of self-regulation appeared to indicate a
subtext appears to read: if the codes of conduct are not adequately adhered to, sanctions
will follow.
1. The European Regulatory Framework

1.1 The Council of Europe
Article 10 of the European Convention on Human Rights (ECHR) is the centrepiece of
Page 2 of 21

European Regulation
Article 10 ECHR opens with a broad statement of the right to freedom of expression in its
first paragraph. It guarantees a composite right to freedom of expression. The component
parts of the right are the freedom to hold opinions and to receive and impart information
and ideas without interference by public authority and regardless of frontiers. But no
sooner have these freedoms been set out, than they are reined in, as the text provides
(p. 469) It
vant duties and responsibilities not through broad principles, but on a case-by-case basis.
It tends to distinguish between different professional occupations, such as journalism,
dia, and internet and social media.2
The Court has by and large interpreted Article 10 expansively and in a way that is faithful
to the broad principles of freedom of expression. Its approach is, simply stated: the right
to freedom of expression is the rule; any limitations on the right are the exception. When
assessing whether an interference with the right to freedom of expression amounts to a
violation of the right, the Court applies a standard test. It first establishes whether the
sion is prescribed by law. It then determines whether the impugned measure pursues a
pugned measure is necessary in a democratic society, corresponding to a pressing social

need. The measure must furthermore be proportionate to the legitimate aim(s) pursued
In practice, the Court has sought to interpret Article 10 ECHR in a way that ensures
mously affirmed in its Handyside
3
Recent case law from the Court suggests that this so-called
side principle actually extends to much of the offensive, unsavoury, and vulgar content
Page 3 of 21

European Regulation
that is widely available on the internet. However, a red line marking the outer limits of
protected expression can be traced around the contours of hate speech.
pression) directed at the destruction of any of the rights enshrined in the (p. 470)
vention. Article 17 can therefore be seen as a safety valve that denies protection to acts
that seek to undermine the Convention and go against its letter and spirit. In the past, the
Court has applied Article 17 to ensure that Article 10 protection is not extended to racist,
doning the Holocaust, or (neo-)Nazi ideas.4 This means that, in practice, sanctions for
racist speech do not violate the right to freedom of expression of those uttering the racist
forward fashion. This usually leads to a finding that a claim is manifestly ill-founded, and
the claim is accordingly declared inadmissible. Such a finding means that the Court will
not examine the substance of the claim because it blatantly goes against the values of the
5
However, the criteria used by the Court for resorting to Article 17 (as opposed to Art.
10(2)) are unclear, leading to divergent jurisprudence.6
derstood and delineated is very important when it comes to determining what measures
the media and internet intermediaries should take to counter types of expression that
(may) amount to hate speech.
The Court has developed a corpus of case law from which it has distilled a set of key free
eties. It has repeatedly recalled the important contributions that the media, journalists,
dia: disseminate information and ideas widely and thereby contribute to public opinion-
forming; perform a public watchdog role by keeping governmental and other powerful
forces in society under scrutiny; and create shared fora in which public debate can take
mation about matters of general interest to society, but the media have the duty to impart
such information. In order to enable the media to carry out the key roles ascribed to them
in democratic societies, the Court has carved out specific freedoms for them, such as the
With the advent and growing influence of the internet, the Court has had to figure out
how far and how fast the principles it had developed for the media would travel in the
(p. 471) online world. It has progressively recognized that the roles that were traditionally
Page 4 of 21

European Regulation
ers, citizen journalists, bloggers, and ordinary individuals.7 The Court has identified a
ticipation in public debate by everyone and to enable the expression of opinions and ideas
without fear.8
To meet the challenge of applying its principles in the digital age, the Court has sought to
Court has sought to replicate its media freedom standards in respect of the internet, but
in a way that is adaptive to distinctive features of the online environment.
pression today: it offers essential tools for participation in activities and debates relating
9
Thus, a measure resulting in the wholesale
10
termediaries have gained influence and power over the shaping public debate. The Court
11
and it has referred to
12
All of this is in line with earlier observations by the Court that the internet is qualitatively
13
Nevertheless, the Court is clearly still navigating its way
from the shoreline of familiar principles towards the new digital horizons. It still tends to
measure new media against the yardstick of print and audiovisual media. As recently as
(p. 472) have
14
there is no evidence of a sufficiently serious shift in the respective influences of the new
and of the broadcast media in the [UK] to undermine the need for special measures for
15
cations environment, such as hyperlinking.16
In the light of the complexity of the current-day communications environment, the Court
has underscored the increased importance of the duties and responsibilities that govern
the exercise of the right to freedom of expression and the pursuit of journalistic
activities.17
framework clarifying issues such as liability and responsibility.18
Page 5 of 21

European Regulation
dance and communicative potential of the medium, its judgment in Delfi AS v Estonia,
which dealt with harmful aspects of online expression, threw a proverbial spanner in the
works.19
In the case of Delfi AS v Estonia, the Estonian courts had held a large online news portal
liable for the unlawful third party comments posted on its site in response to one of its
own articles, despite having an automated filtering system and a notice-and-takedown
procedure in place. Delfi removed the comments on the same day that it was requested to
do so by the lawyer of the person most directly implicated by the comments. However,
ed. The Grand Chamber of the European Court of Human Rights held that the national
and Tsotsoria penned a lengthy and very strongly worded joint dissenting opinion. The
judgment has proved very controversial, particularly among free speech advocates, who
diaries, leading to private censorship and a chilling effect on freedom of expression.
Several criticisms have been levelled at the Delfi judgment. First, the Court took the view
20
ments as such extreme forms of speech, the Court purports to legitimize the stringent
measures that it sets out for online news portals to take against such manifestly unlawful
content. The dissenting judges objected to this approach, pointing out that (p. 473)
21
Secondly, the Court endorses the view of the Estonian Supreme Court that Delfi could
22
quirement is problematic because, as pointed out by the dissenting judges, it is not linked
to notice or actual knowledge23 and it paves the way for systematic, proactive monitoring
of third party content.
portal run on a commercial basis which sought to attract a large number of comments on
24
25
26
but again, this did
27
not wash for the dissenting judges.
Page 6 of 21

European Regulation
It is noteworthy that the Court has distinguished the Delfi case and a string of subsequent
cases on the basis of the nature of the comments. Whereas it had found that some of the
comments in Delfi amounted to hate speech, it described the comments at issue in the
MTE & Index.hu
28
The Court followed this line in its inadmissibility decision in Pihl v Sweden, a
case involving a defamatory blogpost and an anonymous online comment.29 Similarly, in
Savva Terentyev v Russia
30
However, after deep contextual examination, it
a diatribe against the police, posted as a comment on an online blog.
Delfi case and its progeny.
(p. 474)
regulation. The Committee of Ministers, for instance, has adopted numerous Declarations
pression, association, and assembly with regard to privately operated internet platforms
For instance, in its Recommendation CM/Rec(2018)2 to Member States on the roles and
31
If further states
sponsibilities and their protection under law should be determined with respect to the
32
In its Appendix, the Recommendation sets out detailed and extensive Guidelines for states
on actions to be taken vis-à-vis internet intermediaries with due regard to their roles and
responsibilities. The Guidelines have a dual focus: obligations of states and
ties of internet intermediaries. The identified obligations of states include ensuring: the
legality of measures adopted, legal certainty and transparency, safeguards for freedom of
Page 7 of 21

European Regulation
doms, transparency and accountability, responsibilities in respect of content moderation,
the use of personal data, and ensuring access to an effective remedy.
1.2 The European Union
The EU, too, has a multilayered regulatory framework containing provisions on freedom
sented by way of general overview.
ment for the protection of human rights. Since the entry into force of the Lisbon Treaty at
(p. 475)
tive and executive acts taken by institutions, bodies, offices and agencies of the Union,
and by acts of Member States when they are implementing Union law, in the exercise of
tions (Art. 52(4)).
rope and the EU are broadly consistent or equivalent. This is important from the point of
view of legal consistency within Europe. In keeping with this line of thinking, the Charter
provides that insofar as the Charter contains rights that correspond to those safeguarded
down
the European Court of Human Rights.33
pean Court of Human Rights. The text of Article 11 of the Charter is in any case modelled
on Article 10 of the Convention, but is more succinctly formulated. All of this means that
the principles from relevant case law of the European Court of Human Rights (set out
tice of the European Union (CJEU).
At the level of secondary EU law, a number of Directives are relevant, in particular the e-
Commerce Directive and the Audiovisual Media Services Directive.
Page 8 of 21

European Regulation
34
standing of how internet intermediaries worked in 2000 when the Directive was adopted,
namely that intermediaries either have a passive or an active relationship with third party
tinction, the drafters of the Directive sought to ensure that passive intermediaries would
not be held liable for content over which they had no knowledge or control. The Directive
the information society service provider is limited to the technical process of operating
and giving access to a communication network over which information made (p. 476)
available by third parties is transmitted or temporarily stored, for the sole purpose of
making the transmission more efficient; this activity is of a mere technical, automatic and
passive nature, which implies that the information society service provider has neither
35
emptions are set out in Articles 12 to 14 of the Directive and they can be availed of by
providers would ordinarily benefit from an exemption for liability for illegal content, as
long as they maintain a neutral or passive stance towards that content. A service provider
that hosts third party content may avail of this exemption on condition that it does not
ages, is not aware of facts or circumstances from which the illegal activity or information
36
access has to be undertaken in the observance of the principle of freedom of expression

37
Pursuant to Article 15
of the Directive, EU Member States are not allowed to impose a general obligation on
lance that such a general monitoring obligation would entail would have a chilling effect
on the freedom of expression of users of the service.
flects the complexity of the relationship between intermediaries and third party content
today. Ongoing technological developments have enabled intermediaries to engage in a
dation, ranking, and editorial functions. Such activities place the binary distinction under
strain because exemption from liability is based on an objective distance from content
created by third party users.
Page 9 of 21

European Regulation
tion across the EU of national legislation governing audiovisual media services, with a
market. In pursuance of these aims, the Directive coordinates a number of areas: general
principles; jurisdiction; incitement to hatred; accessibility for persons with disabilities;
tions; and protection of minors.
The Directive has evolved from the former Television without Frontiers Directive, and
vices. Following the revision of the Directive in 2018, the providers of video-sharing
(p. 477) platform services will henceforth also fall under the scope of the Directive, insofar
as they are covered by the definition of such services. The definition is rather convoluted:
ed to providing programmes, user-generated videos, or both, to the general public, for

which the video-sharing platform provider does not have editorial responsibility, in order
to inform, entertain or educate, by means of electronic communications networks within
the meaning of point (a) of Article 2 of Directive 2002/21/EC and the organisation of
which is determined by the video-sharing platform provider, including by automatic
means or algorithms in particular by displaying, tagging and sequencing.
tent is made available, its level of prominence, and so on. If they de facto control what
their users see and how they see it, they should also be held responsible or liable for the
rective:
der the editorial responsibility of the video-sharing platform provider. However, those
providers typically determine the organisation of the content, namely programmes, user-
generated videos and audiovisual commercial communications, including by automatic
means or algorithms. Therefore, those providers should be required to take appropriate
measures to protect minors from content that may impair their physical, mental or moral
development. They should also be required to take appropriate measures to protect the
general public from content that contains incitement to violence or hatred directed
against a group or a member of a group on any of the grounds referred to in Article 21 of
nation of which constitutes a criminal offence under Union law.
Page 10 of 21

European Regulation
38
39
(p. 478)
vices does not concern all provisions of the Directive. The focus is very much on content
that is damaging for minors, incitement to violence or hatred, and public provocation to
commit a terrorist offences (but there is also attention for requirements for audiovisual
commercial communications). Article 28b is the operative provision in this regard. It
reads:
1. Without prejudice to Articles 12 to 15 of Directive 2000/31/EC, Member States
propriate measures to protect:

(a)
ment in accordance with Article 6a(1);

(b) the general public from programmes, user-generated videos and audiovisual
ed against a group of persons or a member of a group based on any of the

grounds referred to in Article 21 of the Charter;
(c) the general public from programmes, user-generated videos and audiovisual
stitutes an activity which is a criminal offence under Union law, namely public
provocation to commit a terrorist offence as set out in Article 5 of Directive (EU)
fences concerning racism and xenophobia as set out in Article 1 of Framework

Decision 2008/913/JHA.
Bringing video-sharing platform providers under the Directive stretches both the material
scope and the underlying logic of the Directive. Be that as it may, the move reflects a
clear anxiety about the prevalence of particular types of harmful content on video-sharing
platforms and their influence on the public. The move seeks to ensure that the selected
types of harmful content cannot slip through any regulatory meshes between the nets of
the e-Commerce Directive and the Audiovisual Media Services Directive. The three types
er types of (less) harmful content. A similar distinction in the case law of the European
Court of Human Rights has also been observed (see further earlier in the chapter).
it is also apposite to pay attention to self- and co-regulatory systems, and non-legislative
ulatory mechanisms as the most appropriate form of regulating the internet and mobile
technologies, due to constant technological developments in those areas. According to
Page 11 of 21

European Regulation
tal organisations and associations to adopt common guidelines amongst (p. 479)
selves and for themselves. They are responsible for developing, monitoring and enforcing
tain aspects of media, internet, and mobile technologies. For instance, the Audiovisual
ty of self- and/or co-regulatory techniques.40 Similarly, both the e-Commerce Directive

(Art. 16)41 and the former Data Protection Directive (Art. 27)42
portance of codes of conduct; approaches which represent a tentative move away from
traditional regulatory techniques in the direction of self-regulation.
2. Geometrical Shifts
43
stitution
mass media have ceded that position to, or are at least sharing it with, a growing number
of other new media actors. These actors do not usually fall within the ambit of traditional
sion in the online environment.44
Internet intermediaries are important actors in the online environment. Due to their gate-
keeping functions, they can facilitate or obstruct access to the online fora in which public
debate is increasingly conducted.45 Intermediaries with search and/or recommendation
functions, typically driven by algorithms, have far-reaching influence on the (p. 480)
46
Search engines, for their part, have the aim
fluence over how people find information and ideas and over what kinds of information
and ideas they find.47 Both of these types of internet intermediary therefore have clear
48
fully and sometimes loosely, to denote a particular type of online actor. The term has
49
toward the systematic collection, algorithmic processing, circulation, and monetization of

50
The combination of actions and interactions enabled by platforms, and their
complexity, demonstrate that they are qualitatively different to traditional media, and that
Page 12 of 21

European Regulation
the regulatory framework for traditional media cannot straightforwardly be extended to
online platforms.
Some authors speak of the datafication and platformization of society and the Internet of
mechanisms shape every sphere of life, whether markets or commons, private or public
51
tution in democratic societies. A more abundant, but fragmented, information offer has
emerged instead, with new gate-keepers controlling its flow.
Internet intermediary liability has been the subject of extensive academic examination,
from a variety of perspectives, such as accountability issues,52 tort law,53
pression,54 and copyright.55 Some authors have detected a recent shift of focus in (p. 481)
going movement from intermediary and platform liability to responsibility.56
ments. At the Council of Europe, the Delfi

tain types of internet intermediaries to take strong and effective measures against hate
speech (although the Grand Chamber of the Court was at pains to stress that the wider
tee of Ministers stress that the human rights responsibilities of internet intermediaries
should guide all of their activities.
tions for video-sharing platforms to prevent the dissemination of certain types of harmful
illegal content via their services. The new Directive on copyright and related rights in the
aries for unauthorized communication to the public of copyrighted works.57 Under Article
rised acts of communication to the public, including making available to the public, of
stances. This provision has sparked fears that it will lead in practice to the installation of
upload filters to pre-empt the sharing of copyright-protected works in a strategy to avoid
liability for the unauthorized communication to the public of such works.
58
The title of the Communication accurately
encapsulates its intent. The Communication provides guidance to online service providers
in respect of their responsibilities vis-à-vis illegal online content. The Commission took
ed, including by monitoring progress on the basis of existing voluntary arrangements

among service providers. The Communication was followed by a Recommendation on
the
progress made in the framework of (p. 482)
Page 13 of 21

European Regulation
59
posal for a Regulation of the European Parliament and of the Council on preventing the
dissemination of terrorist content online.60
sonable and proportionate actions necessary to ensure the safety of their services and to
swiftly and effectively detect and remove terrorist content online, taking into account the
61
This new wave of EU law and policy consistently mentions the need to take into account
or have regard for fundamental rights safeguards and existing provisions for exemptions
come mere lip-service and that the new wave of EU law and policy does not wash over or
wash away fundamental rights safeguards.62
A selection of policy and ostensibly self-regulatory initiatives deserve mention at this
mation. In May 2016, at the behest of the European Commission, the Code of Conduct on
Countering Illegal Hate Speech Online was adopted by a number of leading multinational
tech companies. The initial signatories were Facebook, Microsoft, Twitter, and YouTube
(owned by Google), with other companies joining later: Instagram (owned by Facebook),
Google+, Snapchat, and Dailymotion in 2018 and Jeuxvideo.com in 2019. Under the Code,
for removal of illegal hate speech in less than 24 hours and remove or disable access to
uations; the fourth evaluation took place in December 2018. As in the previous annual
evaluations, the Commission and the IT companies were self-congratulatory about the
high statistics provided about the speed of reviewing and high removal rate of illegal hate
speech from their services. The IT companies review an (p. 483) average of 89 per cent of
notifications of illegal hate speech within twenty-four hours and they are removing 72 per
cent of the illegal hate speech notified to them.63
64
peditious removal or disabling of hate speech from online networks is to be welcomed.

However, concerns persist about the risk of private censorship by the actors responsible
Page 14 of 21

European Regulation
removal of content and less on other commitments under the Code that could contribute
ples include education and awareness-raising and the promotion of independent counter-
narratives. It is important to appreciate and pay attention to the range of responsibilities
standing of the range of responsibilities at issue.65 It is important for the IT companies to

demonstrate positional awareness within relevant European and international standards
when honouring their commitments under the Code.
working service operators, and advertising companies agreed on a Code of Practice on

Disinformation. This initiative should be seen in the context of a wider range of efforts by
against Disinformation (December 2018). Google, Facebook, Twitter, Mozilla, and the
trade associations representing the advertising sector submitted their first reports on the
measures they are taking to comply with the Code of Practice on Disinformation at the
end of January 2019.66 The European Commission gave the reports a guarded welcome,
while urging the signatories to improve and/or (p. 484) increase the measures they have
ments. The Commission has reminded/cautioned the signatories about the possibility of a
legislative backstop in this area. The Commission has stated that should the results of the
ulatory nature.
3. Conclusions
It is little wonder that the Council of Europe and the European Court of Human Rights
are moving tentatively from one shore to another in their approach to media freedom and
regulation in the digital age. As the Delfi
can exert control, it is essential not to lose sight of the free expression principles that
those principles repeatedly in the post-Delfi

lash against that judgment has not gone unheard within the Court. The Committee of
Ministers is pushing for internet intermediaries to show a greater sense of ambition and
initiative when it comes to identifying and fulfilling their human rights responsibilities.
A continuing challenge and source of tension involves the delineation of the term hate
speech; that is, the demarcation line between types of harmful expression that ordinarily
are entitled to protection and the most harmful types of expression that attack the values
Page 15 of 21

European Regulation
of the ECHR and therefore do not enjoy protection. It is very important that the Court
tions on internet intermediaries to take effective measures to counter and prevent hate
ousness of the perceived harms of certain categories of expression and the expectation of
tection against them.
nical capacity to take preventive and removal/blocking actions. However, the lack of legal
cy and accountability for how they actually exercise their censorial power in this regard,
raises a range of pressing fundamental rights concerns. Internet intermediaries are now
coming under increasing pressure to live up to their corporate social and human rights
responsibilities in markets where their corporate interests dominate, but (p. 485) where
there is a pending possibility of sanctions and/or regulation to put steel into voluntary
commitments entered into by intermediaries.
The regulatory geometry of internet intermediaries is complex and multi-dimensional. It
tors to an anxious awe of complicated, multi-functional platforms which have reshaped

the whole ecosystem in which they operate. More shifts in these geometrical patterns are
to be expected in order to deal with the ongoing platformization of public debate.
Notes:
(*) This chapter repurposes, in places, some earlier work by the author on similar themes.
(1) See Fressoz and Roire v France [GC] App. no. 29183/95 (ECtHR, 21 January 1999)
para. 52.
(2) See Jersild v Denmark App. no. 15890/89 (ECtHR, 23 September 1994) para. 31.
(3) See Handyside v United Kingdom App. no. 5493/72 (ECHR, 7 December 1976) para.
49.
(4
(5
Page 16 of 21

European Regulation
Freedom of Expression: Essays in honour of
Nicolas Bratza (Wolf Legal Publishers, 2012) 284.
(6
in the European Human Rights Convention: An Added Value for Democracy and Human
(7) See, by way of indicative example, Magyar Helsinki Bizottság v Hungary [GC] App. no.
18030/11 (ECtHR, 8 November 2016).
(8) See Dink v Turkey App. nos 2668/07 and four others (ECtHR, 14 September 2010)
Journalism at risk:
Threats, challenges and perspectives
(9) See App. no. 3111/10 (ECtHR, 18 December 2012) para. 54.
(10) ibid. para. 66 and Cengiz and Others v Turkey

tHR, 1 December 2015) para. 64.
(11) See Magyar Tartalomszolgáltatók Egyesülete and Index.hu Zrt v Hungary App. no.
22947/13 (ECtHR, 2 February 2016) para. 88 (and para. 69).
(12) Tamiz v United Kingdom App. no. 3877/14 (ECtHR, 12 October 2017) para. 90.
(13) Editorial Board of Pravoye Delo and Shtekel v Ukraine App. no. 33014/05 (ECtHR, 5
May 2011) para. 63.
(14) Animal Defenders International v United Kingdom [GC] App. no. 48876/08 (ECtHR
2013) para. 119.
(15) ibid.
(16) See Magyar Jeti Zrt v Hungary App. no. 11257/16 (ECtHR, 4 December 2018).
(17) See Stoll v Switzerland [GC] App. no. 69698/01 (ECtHR, 10 December 2007).
(18) Inferred from Editorial Board (n. 13) para. 63.
(19) See Delfi AS v Estonia [GC] App. no. 64569/09 (ECtHR, 16 June 2015).
(20) ibid. para. 140.
(21
tively.
(22) ibid. para. 153.
(23) ibid. Joint Dissenting Opinion para. 8.
Page 17 of 21

European Regulation
(24) ibid. para. 144.
(25) ibid. Joint Dissenting Opinion paras 39 and 28.
(26) ibid. para. 116.
(27) ibid. Joint Dissenting Opinion para. 9.
(28) Magyar (n. 11) para. 64.
(29) See Pihl v Sweden (dec.) App. no. 74742/14 (ECtHR, 7 February 2017).
(30) Savva Terentyev v Russia App. no. 10692/09 (ECtHR, 28 August 2018) para. 67. See
also Pihl v Sweden (n. 29) para. 73.
(31) Recommendation CM/Rec(2018)2 of the Committee of Ministers to member States on

the roles and responsibilities of internet intermediaries (7 March 2018) Preamble, para.
4.
(33) EU Network of Independent Experts on Fundamental Rights, Commentary of the

Charter of Fundamental Rights of the European Union (2006) 400.
merce, in the Internal Market [2000] OJ L178/1 , Art. 1.
(36) ibid. Art. 14.
(38
er of Google, Amazon, Facebook, and Apple (OUP 2018) 223.
(39) ibid.
(40) See Directive 2010/13/EU of the European Parliament and of the Council of 10 March
rective 2018/1808/EU of the European Parliament and of the Council of 14 November
L303/69.
Page 18 of 21

European Regulation
merce, in the Internal Market (e-Commerce Directive) [2000] OJ L178/1.
(42) See Directive 95/46/EC of the European Parliament and of the Council of 24 October
1995 on the protection of individuals with regard to the processing of personal data and
on the free movement of such data [1995] OJ L281/31.
(43
nications L.J. 651, 654.
(44
Essays in Honour of Richard de Mulder
(45) See e.g. Aleksandra Kuczerawy, Intermediary Liability and Freedom of Expression in
the EU: from Concepts to Standards (Intersentia 2018) chs 1 and 2.
(46
(47) See generally Joris van Hoboken, Search Engine Freedom. On the Implications of the
Right to Freedom of Expression for the Legal Governance of Web Search Engines (Kluwer
(48) Emily Laidlaw, Regulating Speech in Cyberspace: Gatekeepers, Human Rights and
Corporate Responsibility (CUP 2015) 204.
(49) ibid. 4.
(50) ibid.
(51) (Emphasis in original) José van Dijck, Thomas Poell, and Martijn de Waal,
form Society: Public Values in a Connective World (OUP 2018) 46.

countable But Not Liable? (CUP 2017).
(53) See e.g. Christina Angelopoulos, European Intermediary Liability in Copyright. A

Tort-Based Analysis
(54) See e.g. Aleksandra Kuczerawy, Intermediary Liability and Freedom of Expression in
the EU: from Concepts to Standards (Intersentia 2018).
(55
Page 19 of 21

European Regulation
(56
Intermediary Liability
and Freedom of Expression in the EU: from Concepts to Safeguards (Intersentia 2018).
Martin Moore and Damian Tambini (eds),

zon, Facebook, and Apple
(58
(59
(60
September 2018) COM (2018) 640 final, 2018/0331 (COD) para. 2.
(61) ibid. 2.
(62
Foundations, Institute for Information Law (2015). See also, in particular as regards the
(February 2019).
(63
(64
more and Martha Nussbaum (eds),
tion
(65
Rec(2018)2.
(66
sults-eu-code-practice-against-disinformation>.
Page 20 of 21

European Regulation
Tarlach McGonagle
Tarlach McGonagle is a Senior Lecturer/Researcher at IViR, University of Amsterdam

and Professor of Media Law & Information Society at Leiden Law School. Email:
T.McGonagle@uva.nl.
Page 21 of 21

Notice-and-Notice-Plus: A Canadian Perspective Beyond the Liability and
Immunity Divide
yond the Liability and Immunity Divide

Emily Laidlaw
This chapters discusses liability of online intermediaries for defamation, hate speech, and
other speech-related infringements in Canada and other common law jurisdictions. After
an introduction to the common law and statutory legal context, this chapter puts forward
a reform proposal for online defamation. In doing so, first the chapter outlines the Notice-
ing its main features. Secondly, this chapter explores the viability of deploying this model
to other kinds of harmful speech, including fake news, terrorist content, and hate speech.
mal intermediary liability model for their regulation online.
Keywords: freedom of expression, common law, Canada, online intermediaries, liability, immunity, defamation,
rorist content, hate speech, fake news
*
THE spectrum of intermediary liability models is wide. They range from strict liability
tent,1
tions Decency Act (CDA),2
aries. In between are a range of approaches that attempt to carve a middle path, such as
3
Many of these models have
tion.
Debates no longer centre as rigidly on immunity versus liability. Rather, the shift
(p. 445)
in focus is to responsibility,4 a broader notion based on principles of accountability.5 This

shift is partly reflective of the changing role of intermediaries, from conduits to platforms
that design and mediate how we interact with the world.6 As Julie Cohen explains, the
7
The
shift is also partly explained, because intermediaries are increasingly scrutinized through
the lens of international human rights principles.8 9
reflects a human
Page 1 of 28

Immunity Divide
rights-centred approach, largely reserving intermediary liability only for circumstances
for copyright law is an innovative model that shifts away from a liability framework, but
rather focuses on action requirements for intermediaries that serve an education function
for users.10 In this spirit, Hilary Young and I proposed a regulatory model to the Law
Commission of Ontario for its project on reforming defamation law in the digital age,
which we call notice-and-notice-plus (NN+).11
ing the legal context for our proposal and sketching its main features. This inevitably will
miss some key detail and I encourage reading the full paper.12 To summarize, (p. 446)
ator much like the notice-and-notice model. However, if the creator does not respond in a
mediary is not liability in defamation, rather a statutory fine. In this way, the intermediary
does not play an adjudicative role and does not risk liability for the underlying wrong.
Secondly, I explore the viability of deploying this model to other kinds of harmful speech.
Our proposal is specific to defamation law, and yet a question we are regularly asked is
fluenced our thinking are horizontal in nature, applying to multiple causes of action,
vide better certainty to intermediaries, but the dynamics of different kinds of unlawful
speech often lead to subject-specific solutions. They allow for more nuance, which more
readily enables balancing of the right to freedom of expression against other rights. This
section is necessarily exploratory, considering the strengths and weaknesses of deploying
NN+ to other types of unlawful speech.
1. Legal Context
Canada does not have a general statutory model for intermediary liability as evident in
although note that the new trade deal with the United States and Mexico might lead to
the adoption of broad intermediary immunity similar to CDA section 230.13
gan with the common law, but we were nevertheless influenced by lessons learned from
text is important as it provides the basis for the NN+ regime.
Page 2 of 28

Immunity Divide
1.1 Common Law
At common law, defamation consists of publishing a communication that would tend to

make an ordinary person think less of the plaintiff. The definition of publication is broad
(p. 447) and includes acts of conveying libellous speech or participating in conveying it.14
Publication does not require authorship, endorsement, or even necessarily awareness of

specific content.15 Because of this broad definition, a wide range of participants may be
considered publishers, including internet intermediaries.
Based on the developing body of case law,16 it seems the less implicated an intermediary
er. Thus, for example, internet service providers (ISPs) are never treated as publishers of
defamatory content, even after notice.17 For other kinds of intermediaries, the issue tends
to be whether notice is sufficient to make an intermediary responsible for that content
should it fail to remove it. Some courts have found intermediaries, other than ISPs, to be
non-publishers regardless of notice on the theory that their involvement in publication is
too passive.18
out knowledge19
20
In some contexts, the effect of notice remains unresolved. Search engines,
for example, raise unique issues, because they categorize and rank information sources,
provide snippets, and algorithmically generate autocompletes. While courts have tended
to find that search engines are not publishers before notice,21 their status after (p. 448)
notice is less clear.22 The question is unresolved in Canada,23 New Zealand,24 Hong
Kong,25 and Australia.26
The common law approach is problematic for various reasons. The law is unduly complex
sence of blameworthiness of the same kind or level as the one who originally posted the
defamatory content. It also incentivizes content removal whenever there is an allegation
of defamation, which is problematic from a free speech perspective.
1.2 Statutory Approaches
der-removal, and are unduly complex or inconsistently interpreted. In the case of safe
harbour models, such as the ECD and the Digital Millennium Copyright Act (DMCA),27
intermediaries are provided with conditional immunity from liability. This is better known
bour from liability provided it takes down content under certain circumstances.
In the case of the ECD, it is a horizontal approach, applying to multiple causes of action.
The immunity depends on the type of intermediary, with broad immunity for conduits,
Page 3 of 28

Immunity Divide
lawful.28 The DMCA, in contrast, is vertical in its approach, only applying to cases of
copyright infringement. In contrast to the ECD, the DMCA provides detailed rules for
NTD notices29 and provisions to balance the risk of over-compliance. For example, the
DMCA requires a good faith clause in notices to dissuade illegitimate claims,30
vides for a put-back procedure where the copyright holder does not sue within a period of
time.31
The challenge with NTD models is that, despite their seeming simplicity, in practice, they
are complicated regulatory frameworks. Criticism of both the ECD and DMCA is (p. 449)
nemarie Bridy and Daphne Keller compiled various empirical studies of NTD under the
DMCA, which together show over-removal of content.32 Empirical studies in Europe show
similar results.33 Part of the uncertainty is the meaning of knowledge and notice.34 What
tail in a notice fixes an intermediary with knowledge that it is hosting unlawful content?35
What types of intermediaries are captured in an NTD model or unaccounted for? The
above speaks to the general concern that NTD models privatize censorship and overly
burden intermediaries, especially small and medium-sized companies. In addition, efforts
tive. For example, the counter-notice procedure in the DMCA, something occasionally
proposed to reform the ECD,36 is rarely used.37
In contrast, the immunity model evident in CDA section 23038 provides broad immunity to
39
abled the open internet we know today.40 Interpretation of section 230 is also relatively
stable,41 providing certainty to intermediaries. The chief flaw of section (p. 450)
tors intended.42
For example, in Jones v Dirty World Entertainment Recordings LLC,43 the Court of Appeal
for the Sixth Circuit confirmed that section 230 even applies to sites that encourage the
development of unlawful content. In that case, Sarah Jones, a cheerleader and teacher,
unsuccessfully sued the website the Dirty for photos posted on the site and allegations
44
which refers to complainants
tion 230 also has the effect of shielding sites even where the website owner knows it is
move it. We reject this approach for Canada, although note the looming uncertainty with
the similarities between Article 19.17 of the USMCA and section 230.45
Page 4 of 28

Immunity Divide
reputation.
The question we struggled with is how to target defamatory speech without bringing
within its ambit offensive, but lawful, speech, and without incentivizing over-removal of
Pursuant to the Copyright Act,46
er, namely the user linked with the IP address.47 If the intermediary fails to comply with
this obligation, the risk is not liability for the underlying wrong, rather statutory damages
48
The purpose of this regime is to educate
users and discourage copyright infringement.49
tent of notices.50 In contrast, the detailed notice requirements in the (p. 451)
vide important checks to the risks of abusive complaints or intermediary over-
compliance.51
2. Proposal for Reform
termediary liability, we crystallized a series of principles on the role of intermediaries that

influenced our recommendations. First, in our view, intermediaries should not act in a
quasi-judicial capacity assessing the merits of defamation complaints. This is because
termediaries do not have the legal expertise to make such determinations. Further, if the
ny will be to remove content rather than defend expression.52
That said, intermediaries have a role in handling removal requests. The content posted
online can significantly damage reputation, and intermediaries not only benefit from third
party content, they have the capacity to manoeuvre and respond to complaints in a way
that courts cannot. Indeed, defamation disputes tend to be high volume and low value,
meaning that the expensive, slow process of traditional litigation diverts most complaints
to intermediaries to resolve, and poses a barrier to access to justice if the intermediary
condly, laws should be adaptable to changing technologies.53 Thirdly, whatever rules are
created should be human-rights based. This means they should be prescribed by law with
a legitimate aim, and comply with principles of necessity, proportionality, transparency,
accountability, and due process.54
55
creates incentives and disincentives that directly impact innovation.
Page 5 of 28

Immunity Divide
(p. 452) 2.1 Common Law
Based on the points raised in the previous section, we proposed to narrow the definition
of publication. Publication should require an intentional act of conveying specific words,
with awareness that those specific words are being conveyed.56 This would mean that an
intermediary who is unaware of a libel at the time of publication would not be a publisher,
nor would a search engine for its search results or autocompletes. Only content creators
diaries, by and large, would not be publishers of libel posted by third parties. This creates
a practical problem of how to resolve the high volume of defamation disputes online. Thus
NN+ is the product of our recommendation that procedures be codified for handling
defamation complaints. NN+ acknowledges that intermediaries incentivize and often
tent and those who object to it.
2.2 Notice-and-Notice-Plus
The notice-and-notice framework in copyright law is a compelling regulatory model. It
tices serve to educate users on infringing behaviour. However, notice and notice does not
nificant harm to reputation that can be caused by continued circulation of the offending
der.
la Principles,57 recommend that most content should only be restricted via court order. In
other respects, the human rights centring of these frameworks is persuasive. However,
restricting content removal to a court process creates a barrier to access to justice in the
light of the high-volume, low-value, and legally complex matrix of defamation disputes. A
moval58 and provides due process.59

termediary liability would ideally involve reform to dispute resolution to improve access
to justice. For example, in other work, I recommend creation of online tribunals to hear
defamation disputes.60
Taking into account the above, the NN+ framework we recommend draws from
(p. 453)
the notice-and-notice framework under the Copyright Act61 and the plus is the need for
something more in a defamation context. The basic principle is that an intermediary
should not be required to evaluate the legality of third party content. Upon receipt of a
notice of complaint, an intermediary would be required to forward the notice to the third
party content creator. If the content creator responds to the complaint, the intermediary
Page 6 of 28

Immunity Divide
will take no further steps and the content will remain in circulation. In such a situation,
mediary would disable access to the content. The risk to the intermediary if it fails to
comply with the rules is a fine rather than liability for the underlying wrong. Further, the
intermediary should not provide the complainant with personally identifying information
of the content creator, particular if the post was made anonymously or pseudonymously.62
wards platforms for user-generated content. Search engines would not have an obligation
to forward a complaint, but like the notice-and-notice system under the Copyright Act,63
would only have obligations to remove from search results where the content has been
removed from the source. Mixed-used sites, where the intermediary both hosts content
and creates content, would be treated as a question of publication (under the narrower
definition). This means that a platform that publishes defamatory content risks liability in
ry.
quiring a declaration that a complaint is made in good faith (to deter abusive complaints),
no monitoring requirements, and detailed notice requirements. Indeed, Bridy and Keller
advocate such features as the strongest balance to an NTD regime like the DMCA.64
mend codifying the content requirements in a notice of complaint. Thus, an intermediary

will not have to forward a notice or remove content on a bare allegation of defamation.
This is not intended to weigh down a notice with legalese. Rather, the intermediary can
provide a complaints form modelled on the various elements of defamation and defences.
Through model language complainants could be provided with a path to understand and
nosing, containing, and resolving disputes has been successfully used in British
matters.65
Fourthly, a critical issue is whether intermediaries should have discretion to

(p. 454)
refuse to forward a notice or remove content. The lack of discretion in the Copyright Act
meant ISPs had to forward notices they knew were illegitimate. The problem with such
discretion is that it once again places intermediaries in the role of arbiter, assessing the
aries should have discretion in limited circumstances where the complainant is vexatious.
Fifthly, we recommend, with some hesitation, that intermediaries should be permitted to
forms currently do not charge to process complaints. Further, caution must be exercised
Page 7 of 28

Immunity Divide
to avoid an exploitive business model.66 That said, it would serve the regulatory function
of dissuading casual complainers, and address the administrative burden, especially for
ery by an ISP of reasonable costs for complying with a Norwich order.67

tice-and-notice framework from which our proposal draws inspiration enables creation of
regulations concerning fees.68
ing a fee, because such regulations have not been enacted.69 Potential uses of such a fee
invite further scrutiny. Suggestions made to us include directing the fee only to small and
medium-sized companies and/or to an organization that helps online abuse complainants,
or to be held in escrow and returned to the complainant if content is removed.70
Finally, since some content will be removed without court order, due process is a crucial
aspect of intermediary content restriction practices. The Manila Principles71 emphasize
vide elements of due process in their complaints processes, others do not. The voluntary
nature of this ordering is unsatisfying and risks disproportionately interfering with the
right to freedom of expression.72
ed to have certain characteristics modelled on due process principles. In practice, this
means users should have the right to be heard, to hear the case against them, the right to
appeal or review of a decision, reinstatement of content when (p. 455) appropriate, and
ty subject to the complaint should have an opportunity to dispute the allegations in the
tion to the public, through a flag or similar, that content is challenged and/or removed.73
This should be coupled with encouragement of corporate responsibility through reporting
requirements for content-restriction procedures.74
3. Notice-and-Notice-Plus Beyond Defamation

Law
The NN+ model was designed with the law of defamation in mind. A common question is
ry, privacy-invasive and hate speech, for example. Imagine the impracticality of a codified
stagram, for example, is a sensitive private photo of a person that also presents a person
in a light that is false and damaging. The complainant would have a codified regime for a
defamation complaint, but not for invasion of privacy. This would replicate the illogical
nature of the CDA and DMCA regimes, where a complainant must hope that a copyright
complaint can be made to take down a post even though the core complaint is that the
Page 8 of 28

Immunity Divide
content is unlawful in some other way, such as hate speech or non-consensual distribution
of intimate images (NCDII).
However, strategic decisions based on a confluence of conflicting or overlapping laws is
lation. Further, something is lost in generalist regimes, namely their responsiveness to

the specific harm suffered. For example, defamation and privacy overlap when the harm
suffered is reputational, but the underlying logic of the causes of action are different.
ed to a third party, while the harm of privacy can be entirely private in nature where the
invasion of privacy itself constitutes the cause of action. As much as a generalist model
would provide certainty, it does not logically follow that this value outweighs the (p. 456)
weaknesses of stripping these causes of action of their defining features. That said, the
cess to justice, where most complainants do not have access to a forum to resolve their
dispute beyond the terms and conditions of the platform they use.75
ject due process into content-restriction practices. This exercise, albeit at this stage only
ing how private bodies handle complaints, and more specifically illustrates what makes
NN+ unique, its limitations and possibilities.
3.1 NN+ Requires the Speech to Be Unlawful but Other Forms of

Speech Are Harmful Too
ular form of unlawful speech, defamation. However, these platforms host a wealth of
harmful speech, some of which is unlawful and other forms that are legal but offensive.
The roots of NN+ in defamation law invite reflection on other similar types of online
abuse that may or may not be legal. For example, many forms of bullying are harmful, but
nication is not hate speech in a way that the law has deemed it so. There is no doubt that
gal basis for content removal.
lent online that the pressure to remove greater swathes of content strains the rule of law
and has inspired a body of literature extolling the virtues of offensive speech.76 Indeed,
dom of expression, Frank La Rue. He reminded us that speech can only be restricted
based on accepted international human rights principles, namely that the limitation must
Page 9 of 28

Immunity Divide
be provided by law (predictable and transparent), for one of the protected purposes,
namely reputation, national security, public order, health, or morals (legitimacy), and the
restriction must be necessary and the least restrictive means to (p. 457) achieve the aim
(proportionality).77 He then identified certain types of speech that are unlawful and
cide, and incitement to terrorism.78
This means that NN+ cannot be the framework, at least mandated through legislation, to
regulate many forms of harmful speech that defamation resembles. Instead, management
of such content by the platforms can be encouraged through legislation as a form of
meta-regulation, such as through reporting requirements or safe harbours. Indeed, the
sure, and similar, many of the large platforms have developed their own governance
strategies79 creating the laws of Facebook or Twitter.80 For example, Twitter was heavily
cific. In 2015, it changed its rules to more broadly prohibit promotion of violence.81
cerning as participation in our public sphere is increasingly experienced in these online

spaces.82 To go forward we need to acknowledge the difficulty in expecting companies to
moderate harmful speech on their platforms while criticizing them for removing lawful
speech. We also need to acknowledge that all kinds of harmful speech are currently legal
and perhaps the answer is to revisit speech laws to better address online abuse. The ways
lationship between NN+ and other ways that speech is regulated in online spaces.
ing NN+ to unlawful speech sounds great but, in practice, is challenging. For example,
the line between offensive speech and hate or terrorist speech can be difficult to discern.
Since the basis of NN+ is that intermediaries do not assess the merits of a complaint,
thing less than the vexatious litigant threshold we pinpointed in our proposal). This is no
longer NN+, but a bespoke framework with some similarities to NN+. The second option
is that NN+ is implemented without modification. In this case, the (p. 458) intermediary
does not assess the content and continues to pass on notices, with the risk that if the
tent removal. We recommend NN+ for defamation, because we are comfortable with how
ited circumstances, content might be removed without a court order. This balancing
might not be the same in assessing other types of speech.
Page 10 of 28

Immunity Divide
3.2 Speech Regulation for Which NN+ is Clearly Unsuitable
suitable to address NCDII. Even the Marco Civil treats NCDII differently, providing that
on notice.83 NN+ is meant to strike a balance between free speech and reputation when
it is hard to know without a trial whether speech is lawful or valuable. The same balance
should not be struck in relation to NCDII. NCDII are low-value speech that can readily be
removed without significant risk to freedom of expression. Further, the factual and legal
tion requires determinations as to truth, whether communication was responsible, etc.
sible based on little more than an allegation by a plaintiff that the distribution was non-
consensual84
Equally NN+ is unsuitable to address the problem of fake news,85 largely because it does
not offer the right type of solution to the problem at hand. The distribution of fake news is
vasion of privacy, or the crime of hate speech. Canada once had a crime of spreading false
news, but it was held to be unconstitutional in 1992.86 Therefore, there (p. 459) is no law
on which to attach NN+ unless we route it through other traditional legal categories.
Further, unlike defamation law, there is no individual whose rights are implicated and
whose responsibility it would be to request that a notice be sent. The problem of fake
news is a more fundamental challenge of false political information impacting democracy.
The dangers of fake news are unwieldy for a regulatory model such as NN+. Solutions to
space,87 and offer technical and discursive solutions that will prompt normative changes
acy.88 For example, one option is to place a banner or other warning on the site that the
book has adopted. People can flag content as false and then some of those flagged stories
are vetted by journalist fact-checkers. If false, those who shared the story are notified and
proaches wrongly presume people are passive vessels and will change their minds once
provided with correct facts, and that media literacy will somehow counteract the distrust
of media.89 The complexity of resolving the fake news problem is beyond the scope of this
chapter, and certainly beyond the scope of NN+.
Other types of harmful speech, namely terrorist and hate speech, strike closer to the core
lenging candidates. They make useful case studies, because terrorist content illustrates
the important role of courts in making determinations about content restriction, and hate
Page 11 of 28

Immunity Divide
latory strategies to curb its dissemination.
3.3 Case Study: Terrorist Content
Unlike the EU with its multitude of hard and soft law obligations90
garding removal of extremist content, Canada has not specifically addressed the liability
of intermediaries in legal instruments, guidance, or discussions, although it has created
(p. 460) a content-takedown mechanism.91 In Europe, extremist content is captured by the
ECD,92
ful content, including defamation. However, in recent years Europe intensified its focus
tions on Member States in the Terrorism Directive,93

move terrorist content within one hour,94 emphasis on automated solutions,95
termediaries roles, including potential monitoring of content.96
97
including, directly or indirectly, the glorification of terrorism, or advocating
its commission.98
tions that intermediaries host. In Canada, since 2015 it is a crime to advocate or promote
commission of a terrorist offence,99 which will likely soon be amended to the narrower
100
101
As Scott Newark describes, this is
102
taining a court order for content removal from intermediaries.103 However, obtaining a
court order for content removal envisions intermediaries in a vastly different (p. 461) role
than in a typical NTD regime, where the intermediary is tasked with assessing the merits
of a claim and risks liability for the underlying wrong.
The dynamics of terrorist content are fundamentally different than defamation such that
the NN+ framework is not appropriate to attach to such criminal offences. Indeed, in my
proach to balance the right to freedom of expression against other rights. This is because
defamation concerns individual rights, while disseminating terrorist content is a crime.
apologies, retraction, and sometimes content removal.104

nalizing terrorist-related speech, which is to deter crime and prevent creation of spaces
for radicalization and incitement.
In addition, the underlying nature of terrorist-related content invites greater scrutiny

from courts. One of the appeals of NN+ is that it seeks to remove intermediaries from the
role of assessing the merits of content complaints. It does so by providing clarity as to the
Page 12 of 28

Immunity Divide
sessed by a court. For one, as Craig Forcese and Kent Roach identify, there is a difference
between radicalization and radicalization that leads to violence.105 While the latter is
more likely enabled through personal relationships,106 the internet offers spaces for the
107
They summarize:
[w]hile the Internet alone may not be a cause of radicalization to violence, it may
calizing propaganda; a venue for social networking with the like-minded; and
then, a means of data mining during the turn towards violence.108
109
110
The task of assessing
duce radicalization, or otherwise educate users) is a complicated endeavour best left to

the courts.111
Finally, the mechanics of NN+ are unsuitable for terrorist propaganda. Under NN+, one
of the action requirements for intermediaries when they receive a complaint would be to
notify the third party of the complaint and invite a response. This would be inappropriate
for terrorist propaganda. In part, some of the complaints are made by (p. 462) authorities
monitoring such feeds and, therefore, it alerts the third party unnecessarily (but content
takedown would also do this directly or indirectly). In general, the mechanism would not
vate regulation is driving the content to another platform or to the dark net.112
3.4 Case Study: Hate Speech
rorist-related content to analyse separately. There are some similarities. As previously,

while in Europe intermediary obligations for hate speech are captured in the ECD safe
gle for deployment of NN+ is that hate speech laws are relatively disconnected from how
moting terrorism offence. The line between disseminating terrorist propaganda, hate
speech, radical opinions, jokes, hyperbole, or offence is sometimes unclear.113
ters in relation to NN+, because it invites a more fundamental question of how one would
narrowly target hate speech, given the definitional issue, and whether NN+ would help
achieve the goal of reducing the spread of hate speech online.
The first issue is identifying the legal basis of NN+. In Canada, hate speech is an offence
under the Criminal Code for public incitement of hatred or wilful promotion of hatred
against an identifiable group,114 and a judge may order that such content be removed by
an internet provider.115 At one time, a complaint could be made to the Canadian Human
Rights Commission, including specifically for hate speech communicated online, but the
Page 13 of 28

Immunity Divide
provision was repealed in 2012.116 The provision is notable, because it created a level of
sion to repeal.117 While some provinces have human rights legislation with hate speech
provisions, it is uncertain whether a complaint about hate speech on the internet, which
is federally regulated, can be made to a provincial tribunal.118 Provincial legislation uses
119
The Supreme (p. 463)
Court of Canada elucidated the meaning of hate speech in such laws as exposing a group
120
tured under criminal law, NN+ would only be possibly triggered for a specific type of hate
gests an intermediary would have no choice but to assess the merits of a complaint, at
least notionally, to identify whether a complaint is capable of meeting the criteria to be
passed on. Otherwise, any complaint that something is hate speech would risk content
takedown. To put it another way, without assessing the merits of a complaint, it is unclear
whether it is the type of speech that forms the legal basis for the NN+ regime. Some of
this can be addressed through design of the complaints system (prompting a user, e.g., to
identify in the complaint that the content complained about promotes hatred of a group).
Generally, however, the intermediary would be tasked with some assessment of content
defeating the purpose of NN+.
Even if the above can be surmounted, there are key differences between hate speech and
defamation. Both hate speech and defamation are concerned with an underlying dignitary
ent function. Translated to the role of intermediaries, it might call for different handling
of complaints concerning hate speech. As the Supreme Court of Canada noted in R v
Keegstra,121
122
prides itself on tolerance and the fostering of human dignity through, among other things,
123
NN+ would
thus function to repair the community harm of hate speech in addition to the individual
harm, which is a wider mandate than envisioned in its design.
Further, most hate speech is at the margins of legality, and some of it is communicated in
a way to bypass hate speech rules (whether through terms and conditions of a site or
criminal law). Consider the Daily Stormer style guide,124 which instructs the use of code
words that are understood as hate, but would not be easily pinned down as hate speech:
125
Indeed, platforms occasionally remove content as hate
speech that is intended to illuminate the problem itself, such as removal of Black (p. 464)
Lives Matter posts exposing the hateful communications they receive.126 Further, so
Page 14 of 28

Immunity Divide
sessment of hate speech without local involvement (leading platforms such as Facebook
to increasingly employ local content moderators).127
struggle in regulating this kind of speech, where the line between unlawful speech and
offence is not easy to identify.128
Consider also platforms that become spaces predominantly for the spread of extremist
tices. Gab, for example, espouses a free speech ethos.129 It was frequently used by the
130
ly not be criminal hate speech in Canada, nor would necessarily fall foul of community
guidelines of mainstream platforms such as Facebook. Rather, it is the collective force of
diaries in this space is not answered through NN+.
In the previous examples, intermediaries were dominant figures in assessing the merits of
complaints. A key principle of NN+ is the opposite, that private parties should not be the
arbiters of what is defamatory. In some ways, that holds true for assessment of hate
speech; a private party does not have the legitimacy to restrict freedom of expression
without a court order. However, the individual nature of defamation complaints compared
to group harms of hate speech, means intermediaries perhaps have a greater regulatory
role to play than with defamation.
Despite the concerns above, there are three benefits to an NN+ regime. First, it would
ty the opportunity to defend continued circulation of the content. Thirdly, a platform

could still craft stricter rules for users through its terms and conditions (however flawed
or controversial).131
The greatest potential, I suggest, is not NN+, but some of its underlying logic,
(p. 465)
namely, that intermediaries should not be liable for the wrongdoing of third parties, but
132
whose
platforms are primarily devoted to spreading hate or radicalizing users. And it may be
that the mechanics of what an intermediary should do with a complaint about hate speech
is different than defamation. For example, maybe intermediaries should assess the merits
of a hate speech complaint. However, what is compelling is the way that a regulatory
process can prompt responsibility.
Indeed, a key function of NN+ is to prompt social responsibility. Platforms should manage
their spaces in compliance with the duty to respect human rights.133 States can create
the playing field for companies to do this by codifying expectations for content-restriction
Page 15 of 28

Immunity Divide
procedures. In practice, this would be mean that if a complainant concludes that a site
failed to handle a complaint as required, he or she could make an application to a court
for imposition of a fine (if the NN+ process is strictly followed). The court, in determining
fined how a platform achieves the goal.134 Tarleton Gillespie makes a similar argument in
135
cus on due process here (including welcome recommendations for regulatory oversight, a
public ombudsman to communicate with the public, auditing, etc.).136 Indeed, NN+ would
137
Nevertheless, there is common understanding that a broad safe harbour
should be matched with rules of accountability, the shape of which is left to be debated.
4. Conclusions
dling defamation complaints. The risk to the intermediary is not liability for the (p. 466)
underlying wrong, but rather a statutory fine. Further, under NN+ the intermediary does
not assess the merits of complaints, but rather passes on notices of complaint to third
parties and only removes content if the third party fails to respond. The question is
whether NN+ is viable to deploy to other kinds of unlawful speech. The exploration of
this potential through select case studies shows that NN+ is largely a subject-specific
proposal, but that its underlying logic may be more widely deployed. This logic, I suggest,
cept in unusual circumstances; and (2) rules should be codified for how intermediaries
manage content based on principles of due process. These rules might differ depending
on the type of speech involved.
lawful speech, namely defamation. The problems pervasive online embrace a much wider
lawful basis is identified (hate speech, terrorist speech, privacy invasion, etc.), it is easier
said than done to piggyback NN+ to these types of speech without a risk of over-removal
or enlisting intermediaries in the role of assessing the merits of complaints. While
defamation is no easier to assess, the individual nature of defamation complaints makes it
easier to deploy through an NN+ regime.
sure of intimate images can be assessed with less difficulty than defamation complaints,
old for content removal than available through NN+. Fake news is similarly not suited to
NN+, because the legal basis of such a regime is murky, and the social harm of fake news
is not resolved through NN+. Terrorist content, ultimately, is not suitable for NN+ either,
Page 16 of 28

Immunity Divide
because the criminal nature of the charge combined with the purpose of removing such
content (e.g. reduce supply, reduce radicalization, and educate users) is best left to
courts.
Thirdly, some forms of speech might benefit from a bespoke framework modelled on the
striction practices of many platforms is due process, and legislation can be used to shore
ing requirements, or review of platform procedures by courts or a similar oversight body.
plexity of the online harms that platforms manage. However, we must acknowledge the
risks to innovation created by fragmented regulatory systems and the barriers to access
to justice it creates for users. Any effort to redesign intermediary liability regulatory
frameworks might benefit from the underlying logic of NN+, and should test this logic
against principles of innovation and access to justice.
Notes:
(*) This research was supported by the Social Sciences and Humanities Research Council
ty of Law, University of New Brunswick, for the Law Commission of Ontario.
(1
ties, withdrawal of business licences, etc. See, generally, intermediary liability models in
Article 19, 2013), <https://
www.article19.org/data/files/Intermediaries_ENGLISH.pdf> (hereafter Article 19). Also,
arguably, Art. 17 of Directive 2019/790/EU of the European Parliament and the Council of
17 April 2019 on copyright and related rights in the Digital Single Market and amending
proach.
(2
nications, privacy, and intellectual property matters.
(3) See Directive 2000/31/EC of the European Parliament and the Council of 17 July 2000
(4) See e.g. exploration of the moral responsibilities of intermediaries in Mariarosaria
Mariarosaria Taddeo and Luciano Floridi (eds), The Responsibilities of Online Service
Providers (Springer 2017).
(5) Arguably, this focus on accountability is a maturing of the regulatory environment,

shifting from softer, voluntary regulatory structures observable in the early days of the
Page 17 of 28

Immunity Divide
tems such as reporting requirements, audits, certification schemes, and so on. On this
(6) A compelling perspective on the role of many of these technology companies is Tim
The Attention Merchants: the Epic Scramble to Get Inside our head (Vintage Books
2016), examining their economic drive and its impact on our lives.
(7
(8) See the United Nations Special Rapporteur on Freedom of Opinion and Expression,
<https://www.article19.org/data/files/pdfs/press/international-mechanisms-for-promoting-
freedom-of-expression.pdf
David Kaye, Report of the Special Rapporteur on the promotion and protection of the
(9) See Marco Civil da Internet (2014) <http://infojustice.org/wp-content/uploads/

2013/11/Marco-Civil-English-Translation-November-2013.pdf> (English translation)
(Bra.).
(10) See Copyright Act, RSC 1985, c. C-42, amended by the Copyright Modernization Act,
a generalist model finds support in civil society organizations e.g. Art. 19 (n. 1).
(11
http://www.lco-
cdo.org/wp-content/uploads/2017/07/DIA-Commissioned-Paper-Laidlaw-and-Young.pdf>.
(12
asking too much from defamation law? Reputation systems, ADR, Industry Regulation and
other Extra-Judicial Possibilities for Protecting Reputation in the Internet Age: Proposal
loads/2017/07/DIA-Commissioned-Paper-Laidlaw.pdf>.
(13) See Art. 19.17 of the Agreement between the United States of America, the United
Mexican States, and Canada (USMCA) <https://ustr.gov/trade-agreements/free-trade-
agreements/united-states-mexico-canada-agreement/agreement-between>.
Page 18 of 28

Immunity Divide
(14
Crookes v Newton [2011] 3 SCR 269, 2011 SCC 47 (Can.)
para. 16, citing McNichol v Grandy [1931] CanLII 99 (SCC), [1931] SCR 696, 699 (Can.).
See also Patrick Milmo and others (eds), Gatley on Libel and Slander (Thomson Reuters
(15
(16) We refer here primarily to the courts of Canada, the UK, Australia, New Zealand, and
Hong Kong.
(17) See e.g. Bunt v Tilley [2006] EWHC 407 (QB) (UK). In addition, the Supreme Court of
Canada has treated ISPs as non-publishers in the copyright context. See
posers, Authors and Music Publishers of Canada v Canadian Assn of Internet Providers
[2004] 2 SCR 427, 2004 SCC 45, para. 101 (Can.).
(18) See e.g. Metropolitan International Schools Ltd v Designtechnica Corp. [2009] EWHC
1765 (QB), [2011] 1 WLR 1743 (UK).
(19) See e.g. Oriental Press v Fevaworks Solutions Ltd (2013) 16 HKCFAR 366 (HK);
Carter v BC Federation of Foster Parents Association, 2005 BCCA 398 (CanLII), 257 DLR
(4th) 133 (Can.).
(20) See e.g. Tamiz v Google [2013] EWCA Civ 68 (CA) (UK); Murray v Wishart
CA 461 (NZ); Weaver v Corcoran 2015 BCSC 165 (Can.); Byrne v Deane [1937] 1 KB 818
(UK). Although Byrne was overturned on appeal, the case still stands for the proposition
that one can be a publisher by omission. Publishers by omission are those who did not
participate in the initial act of publication but who control a venue in which a libel was
published. If the defendant refuses to remove the communication and the refusal can be
interpreted as endorsing it, the defendant will become a publisher of that communication
from the time he should have removed it.
(21) See e.g. Niemela v Malamas, 2015 BCSC 1024 (Can.).
(22) For the UK, see Metropolitan Schools (n. 18).
(23) Niemela (n. 21) addressed whether a search engine was a publisher but addressed
only the pre-notice period.
(24) See A v Google New Zealand Ltd [2012] NZHC 2352, paras 68, 71 (NZ).
(25) See Dr Yeung, Sau Shing Albert v Google Inc. [2014] HKCFI 1404, para. 103 (HK).
Page 19 of 28

Immunity Divide
(26) See Trkulja v Google Inc. LLC & Anor (no. 5) [2012] VSC 533 (Aus.); Duffy v Google
Trkulja was appealed to the High Court of
to the nature and extent of Google's involvement in the compilation and publication of its
Trkulja v Google LLC [2018] HCA 25, para. 39
(Aus.).
(27) Pub. L. No. 105-304, 112 Stat. 2860 (1998), s 512 (US).
(28
(29) DMCA (n. 27) s. 512(c)(3).
(30) ibid. s. 512(f).
(31
(32
2016) 23, 44, and Appendix B <https://papers.ssrn.com/sol3/papers2.cfm?

abstract_id=2757197
Stanford
CIS Blog, 12 October 2015) <
dence-over-removal-internet-companies-under-intermediary-liability-laws>.
(33
<http://pcmlp.socleg.ox.ac.uk/wp-content/uploads/2014/12/liberty.pdf>.
(34
ment, Jaani Riordan, The Liability of Internet Intermediaries (OUP 2016) 12.131.
(35 Davison v Habeeb & Others

[2011] EWHC 3031 (QB) (UK).
(36
(37
(38) CDA (n. 2).
Page 20 of 28

Immunity Divide
(39
Loyola of Los Angeles L. Rev. 373, 494.
(40) Danielle Citron, Hate Crimes in Cyberspace
(41) The key case is still Zeran v America Online Inc., 129 F.3d 327 (4th Cir. 1997), cert.
denied, 524 US 937 (1998) (US). Note recent amendments to s. 230: Allow States and
Victims to Fight Online Sex Trafficking Act of 2017, Pub. L. no. 115-164 (4 November
2018) (US).
(42) A chief reason s. 230 was passed is the disincentivizes to self-regulation created by
Stratton Oakmont, Inc. v Prodigy Services Co., 1995 WL 323710 (NY Sup. Ct 1995) (US),
which created a greater risk of liability the more the intermediary moderated content.
Immunity: Why the Communications Decency Act should Take a Page from the Digital
(43) See Jones v Dirty World Entertainment Recordings LLC, 521 F.3d 1157 (6th Cir. 2014)
(US).
(44) ibid. 10.
(45) See USMCA (n. 13).
(46) Canadian Copyright Act (n. 10).
(47) ibid. s. 41.26(1)(a).
(48) ibid. s. 41.26(3).
(49) See Government of Canada, Office of Consumer Affairs, Notice and Notice Regime
<http://www.ic.gc.ca/eic/site/oca-bc.nsf/eng/ca02920.html>.
(50
http://www.michaelgeist.ca/
bility/
http://
www.michealgeist.ca/2015/01/rightscorp-bmg-exploiting-copyright-notice-notice-system-
citing-false-legal-information-payment-demands/>; Office of Consumer Affairs (n. 49).
(51) See DMCA (n. 27) s. 512(c)(3) (notification requirements); s. 512(f) (good faith
Page 21 of 28

Immunity Divide
(52
tee on the Draft Defamation Bill, Draft Defamation Bill, House of Lords Paper no. 203,
(53
(54) This is consistent with recent HRC general comments and special rapporteur reports
(n. 8).
(55
Discussion Paper, 9 (May 2016).
(56) This change would not be limited to the internet intermediary context but rather to
the tort of defamation as a whole.
(57) See Manila Principles on Intermediary Liability <https://www.manilaprinciples.org/

principles>.
(58) See Bridy and Keller (n. 32) 23.
(59) See Manila Principles (n. 57) 57.
(60
(62) See also the Manila Principles (n. 57) principle 5.
(64) Bridy and Keller (n. 32) 23.
(65) See Civil Resolution Tribunal <https://civilresolutionbc.ca> and discussion by one of
Ethan Katsh and Orna Rabinovich-Einy, Digital Justice: Technology and the Internet of
Disputes
(66) See AT v Globe24h.com 2017 FC 114 (Can.).
(67) See Rogers Communications Inc. v Voltage Pictures LLC

so Cartier International AG and others v British Telecommunications Plc and another
[2018] UKSC 28 (UK).
(68) See Canadian Copyright Act (n. 10) s. 41.26(2).
Page 22 of 28

Immunity Divide
(69) Indeed, the fact that these regulations have not been enacted created the foundation
for the case in Rogers (n. 67).
(70) Many thanks to the participants of RightsCon 2018 for their suggestions.
(71) The Manila Principles (n. 57) emphasize the need for clear and unambiguous content-
restriction practices that provide due process, principles 3, 5, and 6 in particular.
(72
pression in more depth in Emily Laidlaw, Regulating Speech in Cyberspace: Gatekeepers,
Human Rights and Corporate Responsibility (CUP 2015) in particular, chs 3 and 6.
(73) These discursive solutions have been suggested by several scholars, e.g. Frank
Pasquale,
tion
(74) This is observable in other industries, e.g. California Transparency in Supply Chains
so the Corporate Accountability Index on Ranking Digital Rights <https://

rankingdigitalrights.org>.
(75) See Laidlaw (n. 12).
(76
(77) La Rue (n. 8) para. 24.
(79
(80
The Legal Challenges of Social
Media (Edward Elgar 2017).
(81) See Twitter Rules <https://help.twitter.com/en/rules-and-policies/twitter-rules>.
Page 23 of 28

Immunity Divide
(82
OpenNet Initiative, September 2010) <https://

opennet.net/policing-content-quasi-public-sphere>.
(83) Marco Civil (n. 9) Art. 21.
(84) This may be controversial and it is beyond the scope of this chapter to fully develop a
model approach to NCDII. Hilary Young and I are co-leading a project for The Uniform
Law Conference of Canada developing a model law for addressing NCDII: Hilary A.N.
ries/2018_pdf_en/2018ulcc0001.pdf>. The point here is simply that NN+ does not strike
the right balance for dealing with NCDII.
(85) I note the definitional challenge of fake news, recognizing, as Alice Marwick argues,
that a term that better captures the false and misleading information being spread online
fake news is being examined from the angle of the legal basis of a complaints process
modelled on NN+. This puts aside some of the more complicated aspects of fake news,
such as implications to democracy, cybersecurity, data protection, or elections law, to
name a few.
(86) See R v Zundel [1992] 2 SCR 731 (Can.).
(87) See Lawrence Lessig, Code and other Laws of Cyberspace (Basic Books 1999) and
Lawrence Lessig, Code: Version 2.0 (Basic Books 2006).
(88) See Marwick (n. 85) 507.
(89
CBC News, 10 October 2018) <
treal/fake-news-fact-checker-louis-baudoin-laarman-1.4857159
https://www.facebook.com/help/publisher/
182222309230722>.
(90
http://
cyberlaw.stanford.edu/publications/new-eu-proposal-prevention-terrorist-content-online-
important-mutation-e-commerce
https://ec.europa.eu/newsroom/just/
document.cfm?doc_id=42985>.
(91) See Criminal Code, RSC 1985, c. 46, s. 83.223 (Can.).
Page 24 of 28

Immunity Divide
(92) See Directive 2000/31/EC (n. 3).
(93) See Directive 2017/541/EU of the European Parliament and of the Council of 15
March 2017 on combating terrorism and replacing Council Framework Decision
2002/475/JHA and amending Council Decision 2005/671/JHA [2017] OJ L88/6.
(94 BBC
ber 2018) <https://www.bbc.com/news/technology-45495544>.
(95
http://europa.eu/rapid/
press-release_IP-17-5105_en.htm>.
(96
COM(2018) 640.
(97) Directive 2017/541/EU (n. 93) Art. 5.
(98) ibid.
(99) Criminal Code (n. 91) s. 83.221.
(100) Bill C-59, An Act respecting national security matters, s. 143 amending s. 83.221
<https://www.parl.ca/LegisInfo/BillDetails.aspx?Language=E&billId=9057418>.
(101) See Criminal Code (n. 91) s. 83.223.
(102
https://
macdonaldlaurier.ca/files/pdf/MLICommentaryNewark1017F_Web.pdf>. See Colin
The Globe and Mail, 16 September 2018) <https://www.theglobeandmail.com/

canada/article-federal-prosecutors-using-new-law-to-remove-terrorist-propaganda/>.
(103) See Freeze (n. 102). It is possible that in extreme cases an intermediary could be
charged with advocating or promoting a terrorist offence. Indeed, the same holds true for
other terrorist offences. It is a crime to participate or contribute to, directly or indirectly,
a terrorist group (s. 83.18) or facilitate a terrorist activity (s. 83.19(1)).
(104) See Laidlaw (n. 12).
(105
(106) ibid. 42, 43.
Page 25 of 28

Immunity Divide
(107) ibid. 43.
(108) ibid. 44.
(109) ibid. 49.
(110
ism, but not in Canada; ibid. 57.
(111
(112) Forcese and Roach discuss the risk of speech going underground in the context of
8.
(113
(114) Criminal Code (n. 91) s. 319(1) and (2).
(115) ibid. s. 320.1.
(116) See Canadian Human Rights Act, RSC 1985, c. H6, s 13 (repealed 2013, c.37, s. 2).
(117) See Richard Moon,
ternet (October 2008) <http://publications.gc.ca/collections/collection_2016/ccdp-chrc/

HR4-33-2008-eng.pdf>; Canadian Human Rights Commission,
ment: Freedom of Expression and Freedom from Hate in the Internet Age (June 2009)
<http://publications.gc.ca/collections/collection_2009/ccdp-chrc/HR4-5-2009E.pdf>.
(118) See 2008 BCHRT 378

(Can.).
(119) Quoting s. 3(1)(a), Alberta Human Rights Act, RSC 2000 C. A-25.5 (Can).
(120) Saskatchewan (Human Rights Commission) v Whatcott [2013] 1 SCR 467, para. 41
(Can.).
(121) R v Keegstra [1990] 3 SCR 697 (Can.).
(122) ibid.
(123) ibid. See also Jeremy Waldron, The Harm in Hate Speech (HUP 2012) (arguing that
cently).
(124 The New Yorker,

15 January 2018) <https://www.newyorker.com/magazine/2018/01/15/inside-the-daily-
stormers-style-guide Huffington
Page 26 of 28

Immunity Divide
Post, 13 December 2017) <https://www.huffingtonpost.ca/entry/daily-stormer-nazi-style-
guide_us_5a2ece19e4b0ce3b344492f2>.
(125) Feinberg (n. 124).
(126 https://
santaclaraprinciples.org/open-letter/
Vice, 15 November 2018) <https://
prove-takedown-appeals?
fbclid=IwAR1tn9cIeEewNfG09xuLXLo6oxeCzsUS1MjHF4H5AWZNfuxxNCZHqvQsWo8>.
(127
The Atlantic, 7 February 2018) <https://www.theatlantic.com/technology/archive/
2018/02/what-facebook-told-insiders-about-how-it-moderates-posts/552632/>.
(128
setzung in sozialen Netzwerken, NetzDG) (Ger.).
(129) See Gab <https://gab.ai
(130
CNN, 27 October 2018) <
ers/index.html>.
(131) This puts aside the concerns related to privatization of human rights. See Laidlaw (n.
72).
(132) Danielle Citron used this term in her exploration of potential amendments to s. 230.
See Citron (n. 40) 177.
(133
(134
(eds), Perspectives on Corporate Social Responsibility
(135 198,
(136) ibid. See Internet Rights Governance Model in Laidlaw (n. 72) ch. 6.
(137) Gillespie (n. 135) 201.
Page 27 of 28

Immunity Divide
Emily Laidlaw
Emily Laidlaw is Associate Professor, Faculty of Law, University of Calgary. Email:

emily.laidlaw@ucalgary.ca.
Page 28 of 28

crets Infringement
ment
Reto M. Hilty Valentina Moscon
This chapter will explore the liability of online intermediaries (OIs) under European law,
search question is whether European law adopts a consistent regulatory approach with
regard to content hosted by OIs against rules on market functioning that do not assign
the functioning of the market receive the same level of protection in different contexts. To
carry on such analysis, the chapter takes into consideration as case studies two bodies of
ond one with the unlawful acquisition, use, and disclosure of trade secrets. After having
summarized the distinguishing features of the safe harbour regime and its interplay with
tion to the position of OIs. Reference is made to the criteria of interpretation of European
law in order to assess the relationship between specific provisions and the concurrent
regime set forth in the e-Commerce Directive. Finally, this chapter assesses the emerging
gal framework.
Keywords: unfair competition, trade secrets, liability, online intermediaries, EU law, remedies, injunctive relief
(p. 422) 1. Problem Definition

*IN Europe the debate on the liability of online intermediaries (OIs)1 has mainly focused
on the infringement of intellectual property rights (IPRs).2
formation through OIs might affect a wide range of legal interests.3
ture of OIs and the fast-changing business models on which they rely have a considerable
Page 1 of 27

crets Infringement
effect on the variety of information they convey. In particular, through OIs that allow
users to upload content, infringements of different third party rights can proliferate.4
tion rules on market functioning5 that do not assign exclusive rights but simply impose
rules of conduct (e.g. rules on unfair commercial practices). We will explore whether and
ests protected by the European laws governing the functioning of the market receive the
same level of protection in different contexts.
(p. 423)
ies of law. The first deals with online unfair commercial practices (UCPs)6 and the second
with the unlawful acquisition, use, and disclosure of trade secrets.7 The selected laws
out attributing exclusive rights to the market players.8
forms and other tools offered by OIs. Also, although restricted to business-to-consumer
(B2C) relationships, the UCPs Directive has a significant impact on online markets and
forms which facilitate their speedy and anonymous dissemination. In that context, the
fringing rules laid down by European lawmakers.
Besides fundamental rights,9 in this analysis vertical and horizontal regulatory levels will
be taken into account in relation to one another. The first reference is to the liability rules
set forth in the two bodies of law mentioned earlier, which apply vertically to UCPs and
trade secrets. The second regulatory level is based on the e-Commerce Directive, which
applies horizontally, thus encompassing trade secret infringements and UCPs.10 The safe
ditions protect OIs11

licit information.12
vent injunctions13 from being (p. 424) ordered against OIs.14
forcement and the Information Society Directives15 impose on Member States the duty to
ensure that rightholders are in a position to apply for injunctions against intermediaries
whose services are used by a third party to infringe IPRs, and the question thus arises as
to whether similar remedies are applicable to similar situations.
Page 2 of 27

crets Infringement
der to assess the relationship between specific provisions and the concurrent regime set
work.
2. Online Intermediaries: Walking a Tightrope
dies
2.1 Safe Harbours
European Union law does not generally (explicitly) address the liability of someone other
than the direct infringer of the right, if the right at issue is subject to European law.16 The
nized within Europe. Only a few specific cases of indirect liability are regulated within the
European legal framework.17
(p. 425) Regarding OIs which may be misused by third parties for unlawful acts,18 the e-
bours).19 Safe harbours encompass all forms of liability including monetary liability (for
the harm suffered) and both civil and criminal sanctions.20
21
ability will ensue if the person offering such services: (1) confines his role to enable use
tent.22 Thus, on obtaining knowledge or awareness, protection is lost unless the service
23
cles 12 to 14 have no obligation to monitor content proactively.24 Thereby the legal

regime set out by the e-Commerce Directive guarantees protection to OIs from general
25
bours, the legal grounds on which they are held liable, and whether that liability is for
secondary or primary infringement, are to be determined by national law. Therefore the
ary liability fragmentation.26
Page 3 of 27

crets Infringement
2.2 Injunctions Against Online Intermediaries
The safe harbours provided for in the e-Commerce Directive do not prevent injunctions
from being ordered against OIs.27 Quite the opposite. Recital 45 of the e-Commerce
(p. 426)
28
plicitly requires Member States to make available remedies that allow for measures to be
adopted for the purpose of terminating wrongdoing and preventing further impairment of
the same interest.29 Thus, even if an intermediary is not liable under Article 12, 13, or 14
of the e-Commerce Directive it may nevertheless be susceptible to injunctive relief.30
Within the European legal framework, injunctive relief against OIs is explicitly prescribed
rective31
aries32 whose services are used by a third party to infringe on IPRs.33 At the same time,
Article 2(3) of the Enforcement Directive states that Articles 12 to 15 of the e-Commerce
Directive remain unaffected. Despite this safeguard clause, there is a notorious tension
between Articles 12 to 15, in particular Article 15(1), of the e-Commerce Directive, and
the third sentence of Article 11 of the Enforcement Directive as well as Article 8(3) of the
Information Society Directive. This then raises the question of the (p. 427)
junctive relief covering the prevention of future infringing activities.34 Even though the
CJEU has provided some guidance,35 this remains a major critical point, and the law of
the EU Member States is controversial.36
3.
termediaries
pean law.37 The initial project of organic harmonization of the subject in Europe was cut
back to what was just about capable of achieving consensus.38 The only Directive that
adopts a broad approach is the UCPs Directive.39 However, although it is clear that one of
the most substantial parts of marketing activity takes place on the web, where OIs play a
central role,40
diary liability. In order to define the liability regime applicable to OIs with respect to
UCPs to the detriment of consumers, reference will be made to the joint reading of the
UCPs Directive and the e-Commerce Directive.
3.1 Unfair Commercial Practices Definition
unfair business-to-consumer commercial practices as are laid down in Article 5, before,

during and after a commercial transaction in relation to a product.41 42
Page 4 of 27

crets Infringement
(p. 428) According to Articles 6 and 7, commercial practices are always to be considered
unfair if they are misleading or aggressive. Both provisions are then accompanied by a
comprehensive list of misleading and aggressive actions and omissions.43 Furthermore,
the Directive includes a general clause which ensures that any unfair practice that is not
caught by other provisions of the Directive (i.e. that is neither misleading nor aggressive)
can still be penalized; viz. Article 5(1) establishes a prohibition of UCPs which are unfair
terially distort the economic behaviour of the average consumer.44
3.2
Very often UCPs take place via infrastructures made available by OIs including online
marketplaces, social networks, rating portals, and other digital platforms. In the absence
of specific rules within the UCPs Directive, the first question to ask is whether OIs can be
considered direct addressees of that Directive and therefore liable for UCPs.45
The general prohibition established by the Directive applies to UCPs which occur outside
pretative questions have to be answered considering the scope of application of the UCPs
46
At present there are no CJEU decisions that clearly
47
qualify OIs as traders, nevertheless it is important to highlight that with (p. 429) the aim
of extending consumer protection, the Court interprets the notion of a trader broadly,
thereby potentially including OIs.48
Yet, since the question of whether an OI should be considered a trader is assessed on a
tivities perform commercial practices. Some commentators highlight that in the light of
the CJEU case law a restrictive interpretation seems plausible.49 In RvLS
nied the possibility of classifying the publication of sponsored articles in a newspaper as a
50
If there is a commercial practice, the
self. Following this view, it could be argued that the OI performs commercial practices if a
direct connection can be established with respect to a commercial communication and
the commercial interest of the OI.51
If the OI is not considered a trader that perform commercial practices, two hypotheses
can be distinguished: (1) the OI supports the exchange of goods and services between
users/consumers (e.g. rating portals). In that case, the prohibition in the UCPs Directive
is not applied tout court
tion in the UCPs Directive (e.g. marketplaces). Here the prohibitions established in the
Page 5 of 27

crets Infringement
UCPs Directive are relevant, with an indirect effect on an OI whose platform allows UCPs.
In this case, however, the intermediary can plainly enjoy immunity under the e-Commerce
Directive and can therefore be considered liable only under the conditions established in
Article 14 of the e-Commerce Directive.52
(p. 430)
53 54
ple, in 2014 the question was put to the Italian Competition Authority and, on rehearing,
to the Administrative Court of Lazio.55 Both were called upon to decide a case brought by
the Italian Association of Hotels against TripAdvisor. In this case it was debated whether
tion Authority56
as implemented in the Italian Consumer Code.57 It was argued that although TripAdvisor
does not directly charge for its service, it draws revenue from targeted advertising.58 The
Administrative Court of Lazio confirmed the qualification of TripAdvisor as a trader that
performs commercial practices.59 If the intermediary is qualified as a trader and engages
UCPs Directive,60 its conduct would amount to a B2C commercial practice and it might be
held liable for UCPs.
3.3 The Interplay Between the UCPs Directive and e-Commerce

(p. 431)
Directive
Some argue that if the intermediary is qualified as a trader, it might not be exempted
gent due diligence obligation imposed by Article 5 of the UCPs Directive.61
monitor or carry out fact finding.62
mediary. The fact that OIs operate in the market as traders does not exclude a priori the
applicability of safe harbours. A commercial operator can offer different services and,
forms. Also, and more importantly, the concepts of a trader and intermediary exempted
from liability are not alternatives. Therefore, an area of overlap is conceivable, which is
more likely the broader the notion of trader. Returning to the example mentioned earlier,
TripAdvisor might be considered a trader and a hosting provider at the same time. The
tent.63 And, when the requirements for applicability of the e-Commerce Directive are met,
the OI might be exempt from liability, even with regard to the general prohibition of UCPs
contained in Article 5 of the UCPs Directive.64
Page 6 of 27

crets Infringement
This situation poses a problem of the concurrent application of two provisions of the same
mediaries under certain conditions, it might be considered lex specialis. According to the
principle lex specialis derogat legi generali, if a trader is also an intermediary, then in the
case of overlap the immunity rules might prevail over the rules of liability. 65
(p. 432)
ing the conditions under which they operate. The definition of the knowledge standard66
is challenging in cases of UCPs the assessment of which requires the concrete evaluation
67
in a certain context.68
tion sent by the claimant to the OI can preclude immunity under the hosting safe harbour
with respect to UCPs.69
ing of the interests at stake is needed and therefore required to the OI.70
mains, however, under-estimated at the European level and it is therefore left to the
Member States to precisely define the knowledge standard.71 Similarly uncertain is the
equally important issue of whether and under which conditions the OI, after achieving
vent future infringements.72
Finally, if immunity is excluded for the intermediary in the concrete case, the question
arises of the liability of the intermediary in positive terms.73
monized at the European level,74
tribute liability to the OI for not intervening in the case of a third party infringement of a
mere conduct obligation (which has limited effects between the parties).75 Once again,
(p. 433)
verse effects of the behaviour of the OIs.76
3.4
tection and consistency of the European legal system especially in comparison with the
77
bility and did not even consider possible injunctive relief for intermediaries as it does in
sition to apply for an injunction against intermediaries whose services are used by a third
party to infringe an IPR.
It has been observed in the literature that this omission does not seem to be the result of
a deliberate and well-thought-out decision.78 As a matter of fact, the need to guarantee
Page 7 of 27

crets Infringement
wards consumers regulated by the UCPs Directive. In this sense, there is a regulatory
misalignment: while IPRs enjoy remedies against intermediaries who are in the position
of blocking the infringement (including in cases in which the infringer is anonymous), the
It may be wondered whether this gap could be filled, for example, through the analogical
application79 of Article 11 of the Enforcement Directive.80 This would be supported by the
fact that recital 13 of the Enforcement Directive suggests to (p. 434)
possibility to extend, for internal purposes, the provisions of this Directive to include acts
However, the extension of the effects of the Enforcement Directive in the context of the
UCPs Directive raises among others the issue of the scope of injunctions. Injunctive relief
tions on intermediaries.81 This problem, which has already been debated with regard to
IPRs, arises most notably in the case of UCPs Directive violations for the same reasons as
OI.
4. Trade Secrets Infringement via OIs

In the case of disclosure of trade secrets through OIs, three scenarios can be identified.
First, there are cases where the claimant discloses confidential information directly to an
online intermediary for safekeeping (e.g. information stored in a cloud service). In those
cases, there can be no doubt that a trade secret infringement may arise on the part of the
OIs because such situations involve a direct relationship between the OI and the confider.
Greater difficulties arise when a service provider allows or facilitates a disclosure of

trade secrets caused by the actions of a third party. On the one hand, there are cases in
which an intermediary induces or encourages disclosure.82 On the other hand, there are
ing the information available to the public.83
closed without the consent of all the research partners. This might happen, for example,
dia platforms such as LinkedIn or Twitter. These latter cases are the main focus of this
section.
Page 8 of 27

crets Infringement
4.1
(p. 435)
tion (Trade Secrets) Within the EU: Overview
Undisclosed know-how and business information are regulated by Article 39 of the TRIPs
Agreements.84
tion of undisclosed information in national law.85
forceability of such legal protection.86
mentations.87
In 2016, the matter was the subject of harmonization in Europe with the Trade Secrets
Directive,88 the main aim of which is to overcome the fragmentation of laws protecting
trade secrets so as to strengthen cross-border innovation.89 Also, the Directive aims to
tion.90
Article 2 of the Directive adopts a definition of trade secrets which has three elements:91
(1) secrecy; (2) commercial value;92 and (3) reasonable steps to preserve (p. 436) secrecy.93
ration and assembly of its components, generally known among or readily accessible to
94
4.2 Unlawful Acquisition, Use, and Disclosure of Trade Secrets by

Third Parties
ful, and sets out a general clause according to which the acquisition of a trade secret
without the consent of the holder is unlawful, whenever carried out by any conduct
ditions specified in Article 4(3).95
Therefore, unlike IPRs, the violation of trade secrets is always linked to a certain conduct
of the infringer, which must be assessed on a case-by-case basis. This aspect brings the
erty.96
Particularly significant for the purposes of this chapter is Article 4(4) which regulates the
shall also be considered unlawful whenever a person, at the time of the acquisition, use
97
This provision
Page 9 of 27

crets Infringement
has a general scope, which leads to the conclusion that even the OI might be considered a
third party and therefore liable for trade secret infringement.
Also, according to the Directive a third party may originally acquire a trade secret in
good faith, and only become aware at a later stage on notice served by the trade secret
vant trade secret in an unlawful manner.98

pen in the online environment. However, in similar cases the question to be dealt (p. 437)
with, first, concerns the actual existence of a trade secret when the OI is notified about
the infringement. If before the notice the information is circulated on the internet, it has
potentially lost its character of being a trade secret and therefore the intermediary may
not be held liable. The answer to this question is not obvious. On the contrary, it depends
certain period of time is not in itself a cause of exclusion of secrecy. Certain information
might remain secret until it is circulated within the circles that normally deal with the
kind of information in question.99
stances depends on the features of the platform (e.g. on the target of the intermediary).
In addition, the Directive includes some exceptions to the applicability of the measures,
ticle 5(1)(a) according to which measures, procedures, and remedies provided for in the
Directive are dismissed where the acquisition, use, or disclosure of the trade secret was
100
The scope of this exception is broad; and the assessment for its applicability is left to the
mation; (2) in a broader sense, that of the public in the free circulation of information that
could be affected if high standards of monitoring were required by the intermediary.
4.3 Remedies Against Third Parties
Unlike the UCPs Directive, this Directive contains detailed harmonization measures for
remedies. According to Article 12, the judiciary has the power to order injunctions and
cret, the following orders are available against the infringer: (1) cessation or prohibition
against use or disclosure of the trade secret; and (2) prohibitions on the production or
distribution or use of infringing goods and corrective measures with regard to infringing
goods. Also, Article 14 states that an infringer can be liable to pay damages appropriate
to the prejudice suffered by the trade secret holder.
101
This statement shows that: (1) the
102
Page 10 of 27

crets
(p. 438)
Infringement
awarded;103 and (2) the judicial authority should take into account the different positions
cret unlawfully.104
4.4
merce Directive
Directive does not provide specific rules concerning OIs (e.g. similar to those contained in
ing precautionary and provisional measures,105 can only be directed to the person liable
or allegedly liable for the trade secret infringement. Hence, such measures are available
against third parties only if they satisfy the conditions of Article 4(4); that is, when they
have, or ought to have, knowledge that the trade secret was obtained from another who
was unlawfully using or disclosing the trade secret.106
Again, as in the case of UCPs, when the OI is involved there is a problem of concurrent
application of the e-Commerce Directive concerning immunity on the liability and the
rules provided for in the Trade Secrets Directive, which have a general application. There
is indeed more than one element of discrepancy between the two bodies of law under
tive, the OI, as a third party, might be held liable if it ought to have known that the trade
secret had been obtained from another person who was using or disclosing it
unlawfully,107 but according to the e-Commerce Directive the intermediary is exempt
(p. 439)
108
Moreover, the Trade Secrets Directive does not specify what characteristics should have
fringing trade secrets. And, if the notice is not sufficiently detailed and context-specific,
the same problems as in the case of UCPs arise.109
All this shows that the European legislator when drafting the Trade Secrets Directive did
not have in mind the OIs in the digital environment and the possible overlaps with the
safe harbour Directve.110 In fact, it is doubtful when the liability rules established therein
and the remedies outlined in the Trade Secrets Directive can be applied to OIs as in many
cases the e-Commerce Directive might apply. Indeed, as lex specialis derogat legi
generali, if the third party is an intermediary and the immunity rules are considered lex
specialis, whenever the conditions of Article 14 of the e-Commerce Directive are met, the
intermediary may be exempted from liability.
Page 11 of 27

crets Infringement
4.5
It is doubtful whether Article 11 of the Enforcement Directive can be extensively applied

to cases of trade secrets infringement. The applicability of the Enforcement Directive was
debated in the preparatory works for the Trade Secrets Directive111 and the debate has
plication of Directive 2004/48/EC and the scope of this Directive overlap, this Directive
takes precedence as lex specialis
tributable to completely different legal areas, the problem of regulating their possible
overlap would not be urgent.112 Therefore, while it is clear that in the case of overlap, the
(p. 440)
holes in the Trade Secrets Directive.
fringements.113 Hence, even if an extensive interpretation of the Enforcement Directive

were not acknowledged, it is conceivable that an analogical application of the rules set
forth in Article 11 of the Enforcement Directive would be accepted.
5. Assessment
ful transfer and distribution of content on the internet through digital platforms or other
view of general tort law, whose principles are not harmonized within Europe.114 Indeed,
European law has regulated various aspects of e-commerce, but with respect to OIs it has
gal framework. First

es uncertainty, because it requires a case-by-case assessment in applying national rules of
liability and the OI safe harbours.115 Secondly
al level and (2) the interplay between these rules and the e-Commerce Directive causes
Page 12 of 27

crets Infringement
ty in the European legal framework, also bringing about a lack of effective protection of
the interests covered by the rules of liability.116
In the field of IPRs, European law fills the gap ensuring protection to the
(p. 441)
rightholders with the provisions laid down in Article 11 of the Enforcement Directive and
Article 8(3) of the Information Society Directive as for copyright. Also, recently the level
The new Directive on Copyright in the Digital Single Market will under certain conditions
loaded by users. In that case, OIs do not enjoy, in relation to copyright-relevant acts, the
liability exemption regulated by Article 14 of the e-Commerce Directive.117
spite similarly regulating market behaviour, lack equal protection mechanisms. Given that
kets, it is worth asking whether such misalignment is justified. If that misalignment does
not have any justification, it may be wondered whether it would be reasonable to apply
sively.
tion to stop illicit behaviour and its effects on the market. Furthermore, the effects
caused by that illicit behaviour are difficult to eliminate ex post with monetary measures.
This is for several reasons. First, it is difficult to quantify damages.118
ing acts often have indirect effects on third parties and produce externalities that alter
the functioning of the market.119 Therefore, in these situations immediate protection that
blocks the illicit conduct might be preferable.
At the same time, it could be argued that the case studies taken into consideration in this
chapter should be treated differently from IPRs. First
sessment of infringement of IPRs is easy, being based on a title of property. However, that
ments it is required to assess the risk of confusion non not just to ascertain the existence
of the registration.120
Secondly, legal actions concerning IPRs, which are exclusive rights enforceable erga
omnes, need to be distinguished from legal actions under the UCPs Directive and Trade
(p. 442) Secrets Directive, which do not assign exclusive rights but merely impose rules of
conduct on market players. In the former case, when protected information is illegally
transferred via digital platforms, the violation of IPRs is objective in nature and so is the
sists of conduct not compliant with the law; hence, it is always questionable whether the
er, even this argument is not decisive. The proprietary nature of IPRs does not imply that
Page 13 of 27

crets Infringement
the interests protected are higher than those protected by the UCPs Directive and the
Trade Secrets Directive. Quite the opposite; all these rules are crucial in allowing the
market to work properly. Therefore, in all these cases effective protection should be
ways the cheapest cost avoider and often the only subject that is quickly within reach
with regard to illicit conduct in digital markets.
That said, without entering the ongoing discussion in Germany concerning whether in the
field of UCPs the best enforcement system is public or private, it is worth noting here that
ing the good functioning of digital markets.121 First
stance, experience with standard essential patents in the mobile phone markets shows
that injunctions may generate anticompetitive effects.122 In digital markets, injunctions
excessively wide in scope and applicable to future behaviours may involve monitoring
obligations on OIs, thus creating a tension with fundamental rights, namely freedom of
pressly states that OIs shall not be burdened with a general obligation actively to seek
facts or circumstances indicating illegal activity. Secondly
lief based on national substantial and procedural law. This approach does not really fit
with digital markets that are global by definition. Thirdly, digital markets are increasingly
fore, it is reasonable to expect a great increase in litigation, especially in the case of

UCPs. This may also lead to unexpected costs for the judicial system.
Against this backdrop, appears evident that traditional legal tools are not fully adequate
for regulating digital markets and it appears desirable to think of new alternative (p. 443)
mechanisms tailored to this specific environment. To some extent, the recent debate on
tion.123
ter bring to light that there is an urgent need to approach the regulation of information
seriously, and therefore to define the position of OIs, rethinking the traditional categories
which hardly prove to be fitting for digital markets.
Notes:
(*) The authors jointly conceived the chapter and share the views expressed. Nonetheless,
Sections 2, 3, and 4 are specifically attributable to Moscon. We wish to thank Prof. Dr.
Frauke Henning-Bodewig, Dr. Marco Bellia and Mr. Luc Desaunettes-Barbero for useful
and constructive discussions on this project.
(1
mediary, nor does the Court of Justice of the European Union (CJEU) offer unambiguous
Page 14 of 27

crets Infringement
tions depending on the context of reference. See Martin Husovec,
termediaries in the European Union, Accountable But Not Liable? (CUP 2017) 60, 70;
Jaani Riordan, The Liability of Internet Intermediaries (OUP 2016) 389. Even European
Commission documents reveal the difficulty of bridling online intermediaries into a static
tion provided by the proposed Directive amending Council Directive 93/13/EEC of 5 April
ter enforcement and modernization of EU consumer protection rules. See, in particular,

the text adopted by the European Parliament on 19 April 2019, P8_TA-PROV(2019)0399,
EU law of various terms such as online intermediaries, service providers, or, sometimes,
termediary with a broad meaning. Under the umbrella of OIs, we will include a wide
range of business models and subjects which offer various services in different layers of
gal circumstances under analysis.
(2) Among the recent attempts to regulate the matter, see Directive 2019/790/EU of 17
rectives 96/9/EC and 2001/29/EC [2019] OJ L130/92 that was adopted by the European
Parliament on 26 March 2019.
(3
(4) For a general overview of OIs, see Riordan (n. 1).
(5) Both IPRs and unfair competition law in their substantive and broad meaning concern
tition and Tax Law 1
(6) See Directive 2005/29/EC of 11 May 2005 concerning unfair business-to-consumer

commercial practices in the internal market and amending Council Directive 84/450/EEC,
Directives 97/7/EC, 98/27/EC and 2002/65/EC and Regulation (EC) No. 2006/2004 (UCPs
ered in this article.
Page 15 of 27

crets
(7) SeeInfringement
Directive (EU) 2016/943 of 8 June 2016 on the protection of undisclosed know-
how and business information (trade secrets) against their unlawful acquisition, use and
disclosure [2016] OJ L157/1.
(8
fair competition-type model. For an overview, see the survey commissioned from KPMG
by the European Union Intellectual Property Office (EUIPO). See KPMG, The Baseline of
Trade Secrets Litigation in the EU Member States (EUIPO 2018) <https://
ments/reports/2018_Baseline_of_Trade_Secrets_Litigations_in_EU_Member_States/
2018_Baseline_of_Trade_Secrets_Litigations_in_EU_Member_States_EN.pdf>.
(9) See Christina Angelopoulos, European Intermediary Liability in Copyright: A Tort-

Based Analysis (Wolters Kluwer 2016) 6.
(10
merce Directive specifically excludes from its scope a limited number of areas of national
and EU law.
(11) See Arts 2 and 14 of the e-Commerce Directive.
(12) See Riordan (n. 1) 379.
(13) An injunction is a court order prohibiting a person from doing something or requiring
a person to do something. See UK Ministry of Justice, Civil Procedures Rules, Glossary
<https://www.justice.gov.uk/courts/procedure-rules/civil/glossary>.
(14
ety services, in particular electronic commerce, in the Internal Market [2000] OJ L178/1,
recitals 40, 41, 47, 48, 52.
(15
ty rights [2004] OJ L195/16; Directive 2001/29/EC of 22 May 2001 on the harmonisation
of certain aspects of copyright and related rights in the information society [2001] OJ
L178/1.
(16
Ohly (ed.), Common Principles of European Intellectual Property Law (Mohr Siebeck
mum common principle of secondary liability in the sense of a common general direction
Page 16 of 27

crets Infringement
in assessing secondary liability cases can be identified in the law of most Member
(17) This refers to the provisions on technological protection measures (TPMs) and Digital
(18) This approach follows international trends in favour of internet self-regulation. See
Damian Tambini and others, Codifying Cyberspace
(19) The s-Commerce Directive applies to services as defined by Art. 1(2) of Directive
vices. However, the CJEU in C-484/14 Tobias Mc Fadden v Sony Music Entertainment
Germany GmbH [2016] ECLI:EU:C:2016:689 clearly favoured a broader reading arguing
that the service does not necessarily need to be paid for directly by those who benefit
DMCA Safe Harbours and their European Counterparts: A Comparative Analysis of some
(20) See Riordan (n. 1) 384; Husovec (n. 1) 57 ff.
(21) See Riordan (n. 1) 379.
(22) See among others Peguera (n. 19) 481.
(23) See Directive 2000/31/EC (n. 14) Art. 14
(24
ture is vast. Among others, see Angelopoulos (n. 9) and Riordan (n. 1).
(26
Angelopoulos (n. 9); Kur (n. 16).
(27) See Directive 2000/31/EC (n. 14) recitals 40, 41, 47, 48, 52.
(28
Directive do not affect the possibility of injunctions of different kinds; such injunctions
can in particular consist of orders by courts or administrative authorities requiring the
(29) See Riordan (n. 1) 387.
Page 17 of 27

crets Infringement
(30) The CJEU in
AG and Others
the European Parliament, the Council, the European Economic and Social Committee and
the Committee of the Regions on the Application of Directive 2004/48/EC of the European
Parliament and the Council of 29 April 2004 on the enforcement of Intellectual Property
per: Analysis of the Application of Directive 2004/48/EC of the European Parliament and
the Council of 29 April 2004 on the enforcement of Intellectual Property Rights in the
for by the Enforcement Directive and the Information Society Directive should serve as a
cooperation tool, never as a tool of sanction. Several arguments are offered in support of
this including the legislative history of both the Directives).
(31) European law includes other provisions obliging Member States to apply injunctions
in certain cases. See e.g. Directive 2009/22/EC of 23 April 2009 on injunctions for the
(32
(33
tional law and contains no definitions of the IPRs it covers. Different interpretations of
tion law such as parasitic copies. Ibid.
(34) See C-324/09 (n. 30) paras 125 ff.
(35) See ibid. paras 138 ff.
(36
mendation on Measures to Safeguard Fundamental Rights and the Open Internet in the
Page 18 of 27

crets Infringement
(37) For an overview, see Frauke Henning-Bodewig (ed.),

fair Competition Law (Hart 2013).
(38) ibid.
(39
and Frauke Henning-Bodewig (eds), Law Against Unfair Competition (Springer 2007)
(40
los, The Collaborative Economy and EU Law (Hart 2018).
(41
(42) See Art. 3.
(43
(44) In the Italian literature it has been argued that the unfairness has to be interpreted in
the same way as it is with regard to business-to-business relationships. See Adriano
Vanzetti and Vincenzo di Cataldo, Manuale di Diritto Industriale (Giuffrè Editore 2018)
(45) The rise of digital platforms such as Uber and Airbnb has sparked a controversy
about how to fit new business models into existing legal categories. This debate, which
with regard to Airbnb ended up before the CJEU in 2018, focuses on the applicability of
the provisions laid down in the e-Commerce Directive to those platforms. See Christoph
(46) Art. 2(d) of Directive 2005/29 defines commercial practices using a particularly broad
vices GmbH v Team4 Travel GmbH RLvS

Verlagsgesellschaft mbH v Stuttgarter Wochenblatt GmbH [2013] ECLI:EU:C:2013:669,
(47) See C-105/17 Komisia za zashtita na potrebitelite v Evelina Kamenova, Okrazhna
Page 19 of 27

crets Infringement
(48 BKK Mobil Oil Körperschaft des öffentlichen

Rechts v Zentrale zur Bekämpfung unlauteren Wettbewerbs eV [2013] ECLI:EU:C:
2013:634, para. 32.
(49
For a general overview on the economic arguments influencing decision-making, see
(50) See C-391/12 (n. 46) para. 40.
(51
ty or the delivery of the product are not in principle in the commercial interest of the OI,
ed commercial practices. There are, indeed, costs including those related to information
ing, see Akerlof (n. 49).
(52
correnza e del Mercato, AGCM) against the secondary ticketing provider Viagogo (
siglio di Stato, judgment No. 04359/2019
lating in particular to the insufficient or deceptive information provided by Viagogo on its

website. On 5 April 2017, by Decision 26535, AGCM found Viagogo acting as a trader in
provider within the meaning of the e-Commerce Directive 2000/31/EC, it was not liable
nulled by the Supreme Administrative Court stating, in essence, that a passive hosting
provider, such as the secondary marketplace Viagogo, cannot be requested to provide
consumers with information held by sellers operating through the platform.
(53
tion Authority] Amazon-Marketplace-Garanzia legale [9 March 2016] no. 25911, Bollettino
11/2016, 38 (It.).
Page 20 of 27

crets
(54 Infringement
(55) See AGCM TripAdvisor
(TAR) Lazio [Regional Administrative Tribunal of Lazio], Section I [13 July 2015] case no.
09355 (It.). See also Kammergericht [Court of Appeal] Berlin [8 April 2016] (Ger.) in
[2016] MultiMedia und Recht 601.
(56
tion against UCPs. See Vanzetti and di Cataldo (n. 44). This approach differs from that
taken by other European countries, such as Germany. In the German legal system, a civil
braucherrechts: Das BKartA als UWG-Behörde? Ergebnisse des Professorengutachtens
(57
rective (It.).
(58
ty was the income generated by pay-per-click advertising contracts.
(59
gard to negligence in organizing and supervising its review system. According to the
tence of a system of fact checking. As a result, TripAdvisor could not be considered to be
Court of Justice (BGH) which applies a civil law approach to UCPs, follows the same path
as the Italian AGCM. See BGH [27 April 2017] I ZR 55/16 in [2017] GRUR 1265.
(60) See Directive 2005/29/EC (n. 6) Art. 2(a).
(61
(62) ibid.
(63
place offers for sale on its server, sets the terms of its service, is remunerated for that
service and provides general information to its customers does not prevent that provider
Page 21 of 27

crets Infringement
(64) This circumstance is evaluated on a case-by-case basis. See European Commission
nal, 8. Further indications in this regard are contained in European Commission,
(65) In this sense, see Hatzopoulos (n. 40) 49. The lex specialis principle may be applied
and it is often used to resolve redundancy in law, rather than legal antinomies, and so it is
a tool to prevent the simultaneous application of special and general compatible rules. In
every field of law, the lex specialis principle is a device to coordinate and integrate special
and general rules to obtain a more complete regulation of a certain matter. In general,
https://bura.brunel.ac.uk/handle/
2438/5235>.
(66
pretation between the main stakeholders. From a comparative perspective, US courts
earlier, some guidance is provided by the CJEU in .
(67
duct and not exclusive rights.
(68
SSRN Research Paper no. 2025075 (16 March 2012) <

stract=2025075>; see also Kur (n. 16).
(69
tice might not be sufficient to prove the actual knowledge of the OI).
(70
fringements.
(72
(73
rective is implemented differently in various Member States. In some Member States
there are forms of private enforcement and in others forms of public enforcement. See
Page 22 of 27

crets
Orkun Infringement
Akseli, The European Unfair Commercial Practices Directive
65.
(74
40.
(75) Unlike IPRs, it is not a matter of violation of exclusive rights with erga omnes effects,
but rather of prohibited behaviour with inter partes
tection to the rightholder in any case irrespective of any further assessment concerning,
trast, UCPs and trade secret infringements serve as examples of inter partes
tected positions whose assessment depends on the existence of particular circumstances.
(76) Against this background, it become apparent that there is a risk of over-takedown-
tent allegedly violating the prohibition of UCPs. With regard to copyright see, Jennifer M.
L.J. 621.
(77) Directive 2005/29/EC (n. 6) Art. 11.
(78
(79
European
Legal Methodology
Claus-Wilhelm Canaris, Die Feststellung von Lücken im Gesetz (Duncker & Humblot
Akzo Nobel Chemicals Ltd

and Akcros Chemicals Ltd v European Commission [2010] ECLI:EU:C:2010:512.
(80
that rightholders are in a position to apply for an injunction against intermediaries whose
(82
form established to obtain and disseminate documents and data sets from anonymous
Page 23 of 27

crets Infringement https://en.wikipedia.org/wiki/
WikiLeaks>.
(83
(84) See Marrakesh Agreement Establishing the World Trade Organization, Annex 1C:
Agreement on Trade-Related Aspects of Intellectual Property Rights (15 April 1994) 1869
UNTS 299, 33 ILM 1197, Art. 39. This provision is based on the Uniform Trade Secrets
Act. See Daniel Gervais, The TRIPS Agreements. Drafting History and Analysis (Sweet &
Dreyfuss and Katherine Strandburg (eds),

book of Contemporary Research
(85
The Internet and the
Emerging Importance of New Forms of Intellectual Property
(86) ibid.
(87
2013).
(88) See Directive 2016/943/EU (n. 7).
(89
al for a Directive of the European Parliament and of the Council on the protection of
London Law School Research Paper no. 2014/25 (18 July 2014) <
stract=2467946>.
(90) See Directive 2016/943/EU (n. 7) recital 2. The Directive has come under criticism
from different angles. Some have even argued that the Directive was already outdated at
its inception by not taking into account the influence of the economy of knowledge on
trade secrets. In particular, the Directive does not consider the process of datafication of
(91
quirement. For further analysis, see Aplin (n. 89). These requirements reflect those laid
Page 24 of 27

crets Infringement
(92) The definition also requires the information to have commercial value because it is
secret. See Aplin (n. 89).
(93) The third element of the definition of trade secrets requires the person lawfully in
control of the information to have taken reasonable steps under the circumstances to
keep it secret. See further Aplin (n. 89) 10.
(94) See further Gervais (n 84) 542.
(95) See Directive 2016/943/EU (n. 7) Art. 4(3)(a), (b), (c).
(96) The Directive obligates the Member States to respect its limitation. Ibid. Art. 1(1),
(2), so e.g. reverse engineering or independent discovery need to remain free. Thus,
while the Member States remain free to qualify trade secrets, the regime set out in the
Trade Secrets Directive is closer to unfair competition than IPRs. See Aplin (n. 89).
(97) See Aplin (n. 89) recitals 26 and 27.
(99) So, e.g., if the competitors who are potentially interested in the secret did not have
cient on its own to destroy secrecy. See ibid.
(100) The rationale behind this exception is further clarified in recital 19.
(101) See Directive 2016/943/EU (n. 7) Art. 13.
(102) See Aplin (n. 89).
(104
in the best position to interrupt the illegal behaviour. See further Aplin (n. 89).
(105) Provided for in Directive 2016/943/EU (n. 7) Arts 12 and 10 respectively.
(106) Aplin highlights that following the letter of Art. 10 there seems to be a potential
loophole between Arts 4(4) and 10 in that it will be impossible to obtain an ex parte
ticular until such person is notified of the relevant facts. The IP Federation suggested an
amendment to Art. 10 in order to allow courts to have discretion in appropriate urgent
https://
www.ipfederation.com/policy-papers>.
Page 25 of 27

crets Infringement
(107) According to Directive 2016/943/EU (n. 7) Art. 4(4), the third party might be liable if
(108) Although disputed, the better view is that Art. 14, read in conjunction with Art.
15(1), refers to actual rather than constructive knowledge and to past or ongoing rather
eBay International AG and Others [2010] ECLI:EU:C:2010:757, Opinion of AG Jääskinen,
(109) See Section 3.3 in this chapter.
(110) See Falce (n. 90).
(111
with the enforcement of Intellectual Property rights and trade secrets are not intellectual
(112
lap with that of know-how, leading to the possible overlapping of the provisions of the two
Directives.
(113) See Section 3.4 of this chapter.
(114) See Kur (n. 16).
(115
book on Comparative and International Trademark Law (CUP 2020).
(116
ex officio
See Legislative Decree no. 206 of 6 September 2005, Official Gazette 8 October 2005,
Art. 27 (It.). Conversely, German lawmakers opted for private enforcement. The German
government assumed that Art. 11 of Directive 2005/29/EC did not require substantial
ever, since 2017 an amendment to the German Antitrust Act has entrusted the German
Federal Cartel Office with some new competences for the enforcement of consumer law.
On this matter there is, however, growing debate. See Podzun, Busch, Henning Bodewig
Page 26 of 27

crets
(118 Infringement
tual Property Law Center (2007).
(119) See generally William Landes and Richard Posner,

lectual Property Law (Belknap Press 2003).
(120) See Senftleben (n. 67).
(121
(122) On this issue, see Jorge Contreras (ed.),

dardization Law
(123
https://
ssrn.com/abstract=2947800
of the EU Copyright Rules. Position Statement of the Max Planck Institute for Innovation
no. 17-12 (2017) <

nent/escidoc:2479390/E-Book%20-%20Hilty%20-%20Moscon%20-%2018.09.2017.pdf>.
Reto M. Hilty
Reto M. Hilty is Managing Director at the Max Planck Institute for Innovation and
Competition in Munich and Full Professor (ad personam) at the University of Zurich.
Email: hilty@ip.mpg.de.
Valentina Moscon
Valentina Moscon is Senior Research Fellow in Intellectual Property and Competition

Law at the Max Planck Institute for Innovation and Competition. Email:
valentina.moscon@ip.mpg.de.
Page 27 of 27

spective
Intermediary Liability and Trade Mark Infringement: A

Common Law Perspective
Richard Arnold

This chapter discusses UK case law in the domain of intermediary liability and trade mark
infringement, while situating this common law perspective within EU trade mark law, the
ty stemming from legal principles which are not particular to intermediaries, including
cific to intermediaries, the intermediary liability proper. In this context, the chapter looks
into injunctions against intermediaries whose services are used to infringe trade marks
that are made available in national jurisdictions under the implementation of Article 11 of
the Enforcement Directive. Although other kinds of injunctions against intermediaries are
available, the chapter focuses on website-blocking injunctions, which have been recently
ported from the copyright domain, where they have been more traditionally deployed, to
the trade mark domain.
Keywords: trade mark infringement, common law, online intermediaries, primary liability, accessory liability,
termediary liability, injunctions, website-blocking
*
IN
diaries may themselves be legally liable, whether as primary infringers or accessories, for
termediaries may be amenable to injunctions aimed at preventing or reducing trade mark

infringement by third parties even though the intermediaries are not themselves liable for
pends on the application of legal principles which are not particular to intermediaries,
whereas the second question depends on the application of principles which are specific
Page 1 of 18

spective
ity.1 It is important to appreciate that the primary and accessory liability of intermediaries
junctions with regard to future acts, whereas intermediary (p. 405) liability is purely for
injunctions and not for damages or other remedies for past acts.2 A subsidiary difference
acter (requiring the infringer not to commit further infringing acts), whereas injunctions
mediary to take steps to prevent or reduce infringement by others).
liament and Council Directive 2015/2436/EU of 16 December 2015 to approximate the

laws of the Member States relating to trade marks (recast) (the Trade Marks Directive)
and what is now European Parliament and Council Regulation 2017/1001/EU of 14 June
2017 on the European Union trade mark (codification) (the EU Trade Mark Regulation) so
far as primary liability is concerned and the national laws of the Member States so far as
accessory liability is concerned. The law applicable to the second question derives at
least primarily3 from the third sentence of Article 11 of European Parliament and Council
Directive 2004/48/EC of 29 April 2004 on the enforcement of intellectual property rights
tive 2000/31/EC of 8 June 2000 on certain legal aspects of information society services, in
particular electronic commerce, in the Internal Market (the e-Commerce Directive) are
relevant to both questions. It follows that the main area in which English common law
mon law perspective on the questions of European law may also be of value.4
This Handbook is concerned with online intermediaries, but it should not be forgotten
that similar issues can arise with respect to offline intermediaries.5 To date, most of the
case law and commentary6
fringement. While some of the copyright case law and commentary is relevant to the
present context, the liability of intermediaries for trade mark infringement raises distinct
issues.7
(p. 406) 1. Who are Online Intermediaries?

It is clear from the decisions of the Court of Justice of the European Union (CJEU) in the
LSG8 and UPC9 cases that internet service providers (ISPs, also known as internet access
rective 2001/29/EC of 22 May 2001 on the harmonisation of certain aspects of copyright

and related rights in the information society (the Information Society Directive) which is
equivalent to the third sentence of Article 11 of the Enforcement Directive in this respect.
10
Equally, it appears from
mediary. More generally, the CJEU held in Tommy Hilfiger11
Page 2 of 18

spective
of being used by one or more other persons in order to infringe one or more intellectual
property rights, but it is not necessary that it maintain a specific relationship with that or
main to be tested. For example, it is not clear whether the operator of a search engine
would qualify as an intermediary within Article 11. The answer may vary according to the
service in question: a keyword advertising service and a keyword suggestion tool are
more likely to qualify than a plain vanilla search tool.12 Although a service provider which
is not an intermediary within Article 11, and thus not exposed to intermediary liability,
sory, such allegations are unlikely to succeed.
2. Primary Liability of Intermediaries for Trade

Mark Infringement
Whether under the Trade Marks Directive or under the EU Trade Mark Regulation, there
are three ways in which a trade mark may be infringed: (1) through use of an identical
sign in relation to identical goods or services (Art. 9(2)(a) of the Regulation/Art. 10(2)(a)
of the Directive); (2) through use of an identical or similar sign in relation to similar or
identical goods or services so as to give rise to a likelihood of confusion (Art. 9(2)(b) of
the Regulation/Art. 10(2)(b) of the Directive); and (3) where the trade (p. 407) mark has a
reputation, through use of an identical or similar sign in relation to any goods or services
which without due cause takes unfair advantage of, or is detrimental to, the distinctive
character or the repute of the trade mark (Art. 9(2)(c) of the Regulation/Art. 10(2)(c) of
the Directive). This is not the place in which to survey the law with respect to each of
these three types of infringements, which are the subject of an extensive body of case
gations of infringement by intermediaries. I will assume for these purposes that the
leged infringing acts (although in practice jurisdictional issues of some complexity may
arise).
2.1 Use of the Sign Complained of by the Intermediary
In order for a person to have infringed a trade mark in any of the three ways specified
fringement by an intermediary is alleged, a question is likely to arise as to whether the

sign had been used by the intermediary, rather than by some other party.13 The CJEU has
held in three cases that the intermediary did not use the sign in issue. In Google
France,14
tising service even though Google displayed advertisements to its users by reference to
those keywords, but rather the advertisers who selected and paid for the keywords did. In
,15 eBay did not use the signs under which sellers offered goods for sale on
Page 3 of 18

spective
its platform, but rather the sellers did. The test laid down by the CJEU was whether the
ters v Red Bull,16
structions and Smart Drinks then marketed.
(p. 408) By contrast, in the LUSH case,17 the High Court of England and Wales held that
zon displayed offers for sale of what were in fact competitive products in response. Some
ment services, and some were by third parties with the third parties fulfilling the sale, but
the three types of offer were mixed up together. The court held that no distinction was to
munication. The Bundesgerichtshof (German Federal Court of Justice, BGH) reached a

similar conclusion in the ORTLIEB case.18 Further light may be shed on this question by
the pending reference from the BGH in the Davidoff Hot Water case,19 in which a third
party vendor on the Amazon marketplace sold goods parallel imported from outside the
man courts took the view that Amazon did not use the sign in question in relation to the
stocking of the goods.
2.2 Use of the Sign in the Relevant Territory
Even if the intermediary has used the sign complained of, it will not have infringed the
trade mark unless it has used the sign in the relevant territory (the UK in the case of a
UK trade mark and the EU in the case of an EU trade mark). In the online context, where
a website is accessible worldwide, this gives rise to the question of the test to be applied.
It is now well established that the use in question must be targeted at consumers in the
relevant territory, mere accessibility is not enough.20 The law was reviewed in 2017 by
the Court of Appeal of England and Wales in Merck,21 where the court held that the issue
of targeting is to be considered objectively from the perspective of average consumers in
the relevant territory. The question is whether those average consumers would consider
that the use is targeted at them. Nevertheless, evidence that a trader does in fact intend
to target consumers in the territory may be relevant in assessing whether its use has that
effect. The court must carry out an evaluation of all the relevant circumstances. These
may include any clear expressions of an intention to solicit custom in the territory by, for
er is willing to dispatch its products. But a finding that an advertisement is directed at

consumers in the territory does not depend upon there being any such clear evidence.
The appearance and content of the website will be of (p. 409)
cumstances may extend beyond the website itself and include, for example, the nature
the number of visits made to the website by consumers in the territory. In

weij,22 the High Court held, applying this guidance, that advertisements and offers for
Page 4 of 18

spective
mediary had used the signs in issue.
2.3 Counterfeit Goods and Grey Goods
cerned with one or both of two types of infringing conduct: dealings in counterfeit goods
and dealings in grey goods such as parallel imports of genuine trade-marked goods from
outside the EEA.23 It is increasingly the case that the channels of trade through which
aries. Furthermore, the very nature of online intermediaries as operators in borderless

cyberspace makes them particularly attractive as channels for trade in grey goods. Trade
mark owners obviously wish to prevent sales of both counterfeits and grey goods so far as
cult, time-consuming, and resource-intensive task. Accordingly, trade mark owners look
utable intermediaries recognize that it is in their own interests to try to minimize sales of
counterfeit goods, and to a lesser extent grey goods, through their platforms, but are of
plained above, it can be difficult for trade mark owners to establish primary infringement
lish that the intermediary is liable as an accessory. Failing that, the trade mark owner
may try to obtain an injunction on the basis of intermediary liability as defined earlier.
EU countries, including the UK, in the period from 2007 to 2013. The reference from the
High Court of England and Wales (p. 410)
that, following the judgment of the CJEU, the parties negotiated an EU-wide settlement of
stood that they involved eBay taking further steps to combat sales of counterfeits and
grey goods by sellers on its platform.24
2.4 Articles 12 to 14 of the e-Commerce Directive
vant is Article 14 (hosting). If an online intermediary is sufficiently involved to have used
Page 5 of 18

spective
ary will be able to rely on this exemption, however. Accordingly, it is more convenient to
deal with this issue in the context of accessory liability.
3. Accessory Liability of Intermediaries for

Trade Mark Infringement
Although it is settled law that Articles 10 to 15 of the Trade Marks Directive and Articles
9 to 16 of the EU Trade Mark Regulation embody a complete harmonization of the rules
relating to infringement of the rights conferred by registration of a trade mark within the
EU,25 accessory liability for trade mark infringement is not harmonized by either the
Trade Marks Directive or the EU Trade Mark Regulation, both of which are entirely silent
on the point. Although it appears that the CJEU may have started in cases such as
dia,26 Filmspeler,27 and The Pirate Bay28 to develop a European (p. 411)
sory liability for copyright infringement at least by communication to the public,29 it has
so far eschewed this in trade mark cases.30 It follows that national law applies.31
3.1
ment under English Law
Accessory liability for infringements of trade marks (and other intellectual property
rights) under English law is governed by the doctrine of joint tortfeasance.32 This is a
common law (i.e. judge-created) doctrine which complements the statutory regimes. With
the exception of the Copyright, Designs and Patents Act 1988,33
ty. Hence the gap has been filled by the common law. In summary, the doctrine of joint
tortfeasance states that a person may be jointly liable for a tort (e.g. infringement of an
intellectual property right) committed by a third party where that person has procured
the commission of the tort by inducement, incitement, or persuasion or where that person
has participated in a common design to secure the doing of acts which amount to trade
pation in a common design.
Accessory liability of online intermediaries for trade mark infringements by third parties
was considered by the High Court of England and Wales in .34 At that time,
the leading authority on the doctrine of joint tortfeasance was the decision of the House
of Lords in CBS v Amstrad.35
plained of and that eBay had not participated in a (p. 412) common design to secure the
was in relation to grey goods emanating from outside the EEA, where the evidence
showed that eBay actively encouraged the listing and sale of goods from outside the EEA
to buyers in the UK and provided specific facilities to assist sellers to do this. Moreover,
no steps were taken by eBay to discourage such infringements, let alone to try to prevent
them. Nevertheless, it could not be said that the facilities provided by eBay inherently led
Page 6 of 18

spective
fringe trade marks. Whether the use of the facilities led to infringement depended on the
vent infringement and (2) facilitation of infringement with knowledge that it was likely to
occur and an intention to profit were not enough, the High Court concluded that eBay
ing.
Since then, the doctrine of joint tortfeasance through participation in a common design
has been considered by the Supreme Court in Fish & Fish.36 The Supreme Court held
that, in order to be liable with a principal tortfeasor, a defendant had to be proved to have
thered the commission of the tort by the principal tortfeasor and that he had done so in
pursuance of a common design to do, or to secure the doing of, the acts which constituted
the tort; and that whether the defendant had done enough to further commission of the
tort would depend on the circumstances in each case. Although the Supreme Court held
that it was sufficient for the defendant to be liable that it had done acts which furthered
the commission of the tort in a more than minimal or trivial way, it reiterated that neither
facilitation of a tort nor knowledge that it would be committed were enough.37 On the
other hand, Lord Sumption considered that it was different if the defendant intended the
infringements to be an effective way of increasing the use of its own website.38
gests that it is now more likely that eBay would be held jointly liable for at least some of
. Certainly, it seems clear that the
an intermediary that it is jointly liable for infringements by third parties.
(p. 413) 3.2 Article 14 of the e-Commerce Directive
ity of Article 14 to intermediaries in three cases of alleged trade mark infringement:39

Google France,40 ,41 and SNB-REACT.42 The CJEU has held that, in order to
matic, and passive processing of the data provided by its customers. If it plays an active
ed by Article 14(1). More specifically, in
vice, is remunerated for its service, and provides general information to its customers
moting those offers. Even if the operator does not play an active role, it will only benefit
from the exemption from liability under Article 14(1) if it does not have actual knowledge
Page 7 of 18

spective
of illegal activity or information and is not aware of facts and circumstances from which
the illegal activity or information is apparent (or, if it becomes aware of such facts and
tion). Operators may become aware of such facts and circumstances either through their
own investigations or through notifications by others. The question for the national court
is whether a diligent economic operator should have identified the illegality. The Cour de
cassation (French Supreme Court) subsequently held that eBay could not rely on Article
14(1) because it had played too active a role by assisting sellers in the promotion of
sales;43
nal decision on this point. In ECB v Tixdaq,44 the High Court expressed the provisional
view that the Article 14 defence would be available to the defendants, who operated an
app which enabled users to share clips of broadcasts of sporting events, in respect of
user-posted clips which were not editorially reviewed, but not in respect of clips which
were editorially reviewed.
4. Injunctions Against Intermediaries

(p. 414)
Whose Services are Used to Infringe Trade

Marks
The third sentence of Article 11 of the Enforcement Directive requires Member States to
As noted previously, this provision enables trade mark owners to obtain injunctions
eralizes Article 8(3) of the Information Society Directive, which applies to infringements
of copyright and related rights. The rationale for these provisions is set out in recital 59
of the Information Society Directive:
In the digital environment, in particular, the services of intermediaries may increasingly

be used by third parties for infringing activities. In many cases such intermediaries are
best placed to bring such infringing activities to an end. Therefore, without prejudice to
it is more practical for trade mark owners to bring proceedings against intermediaries
than against the infringers. The intermediaries are likely to be readily identifiable,
amenable to the jurisdiction of a court which is convenient for the trade mark owners,
Page 8 of 18

spective
quire intermediaries to take action to prevent infringement occurring via their services
than it is for rightholders to take action directly against infringers. The second claim is
more controversial than the first, and its correctness may depend upon factors such as
nomically efficient if, but only if, the costs of both obtaining and implementing injunctions
are borne by rightholders.45
4.1
(p. 415)
junctions Against Intermediaries in Trade Mark Cases
The UK implemented Article 8(3) of the Information Society Directive by amending the
Copyright, Designs and Patents Act 1988 to insert section 97A, which confers a specific
ries of injunctions have been granted in the exercise of the section 97A power against
ISPs requiring them to block (or at least, attempt to block) access by their customers to
46
When Article 11 of the Enforcement Directive required Member States to make the same
provision in respect of other intellectual property rights, however, no statutory provision
sary because the courts already had the power to grant such injunctions under domestic
law.
That view has been vindicated by the decisions of the High Court, Court of Appeal, and
Supreme Court in Cartier,47 in which website-blocking injunctions were granted against
ISPs in order to combat trade mark infringement rather than copyright infringement.
Lord Sumption, who delivered the judgment of the Supreme Court, held that the courts
had power to grant such an injunction on ordinary principles of equity quite apart from
the power derived from EU law. He traced the historical origin of this power to the bill of
discovery in equity, in which the sole relief sought was an order for disclosure for use in
common law proceedings. In Orr v Diaper,48 the power to order disclosure was extended
to disclosure of the identity of a wrongdoer whom the claimant wished to sue. In Upmann
v Elkan49 it was held that a freight forwarding agent who was innocently in possession of
ly to identify the wrongdoers, but also to ensure that the goods were not removed or dealt
with until the spurious brand had been removed. In Norwich Pharmacal Co. v Customs
and Excise Commissioners,50 the House of Lords confirmed that, if through no fault of his
ing, he may incur no personal liability, but he comes under a duty to assist the person
who has been wronged by giving him full information and disclosing the identity of the
wrongdoer. Lord Sumption concluded that it was clear from the authorities and correct in
principle that orders for the disclosure of information were only one (p. 416) category of
order which a court could make against a legally innocent party to prevent the use of its
facilities to commit or facilitate a wrong.
Page 9 of 18

spective
4.2 Website-Blocking Injunctions: Threshold Conditions
Where an injunction is sought against an intermediary on the basis that its services have
been used to infringe copyright or related rights, Parliament has laid down a number of
tion.51 In the context of website-blocking orders, there are four conditions which must be
satisfied. First, that the defendant is a service provider. Secondly, that users and/or the
the defendant has actual knowledge of this. For the reasons discussed earlier, Parliament
tion to grant an injunction against an intermediary on the basis that its services have
been used to infringe other intellectual property rights. It is clear, in particular from the
judgment of the CJEU in ,52 that the court must exercise its power to grant
ular Article 3 and the third sentence of Article 11, and with other applicable provisions of
EU law, and in particular Articles 12 to 15 of the e-Commerce Directive. Accordingly, it
was held by the High Court and Court of Appeal in Cartier
tions must be satisfied in order for a website-blocking injunction to be granted in a trade
mark case.53
tence of Article 11. Secondly, either the users and/or the operators of the website must be
of this. Each of the first three conditions follows from the wording of Article 11 itself. The
fourth condition is not contained in Article 11, but it was held that it follows from Article
15 of the e-Commerce Directive (no general monitoring) and by analogy with Articles
13(1)(e) and 14(1)(a) of the e-Commerce Directive (exemptions for caching and hosting in
the absence of actual knowledge of unlawful activity). If ISPs could be required to block
mount to a general obligation to monitor. It is also difficult to see that such a requirement
would be consistent with the requirements of Article 3(1) of the Enforcement Directive.
Intermediaries can be given actual knowledge by notification, however.
(p. 417) 4.3 Website-Blocking Injunctions: Applicable Principles
tion should be granted. It was held by the High Court and Court of Appeal in Cartier that
ily complicated or costly; (5) avoid barriers to legitimate trade; (6) be fair and equitable
tionate.54 Of these factors, the key one is proportionality, since consideration of the other
factors feeds into the proportionality analysis. The fundamental rights in play are usually
those protected by Article 17(2) of the EU Charter of Fundamental Rights (intellectual
property) on the one hand and those protected by Articles 11 (freedom of expression and
information) and 16 (freedom to conduct a business) of the Charter on the other hand.
Page 10 of 18

spective
sive measures. The proportionality of a website-blocking injunction as between the
geted the injunction is: the more carefully targeted at unlawful content the injunction is,
junction is to be proportionate when viewed from that perspective. The proportionality of

a website-blocking injunction as between the rightholders and the ISPs depends critically
ployed to implement the block and upon the block being kept up to date) and upon the
burdens and costs imposed by the injunction on the ISPs: the key question is whether the
effectiveness of the blocking in preventing or reducing infringement (given that the block
can readily be circumvented) justifies the burden and costs imposed on the ISPs. Finally,
it is important to ensure that the injunctions are safeguarded against abuse. The English
courts have taken a number of steps to this end: providing that affected third parties can
apply to the court to set aside or vary the orders, requiring notice of and information
about the block to be displayed at the appropriate address, and imposing a sunset clause.
It has subsequently been held by the Supreme Court in Cartier that, where a website-
posed application to the court, and hence of the evidence-gathering necessary to support
such an application, but also the marginal cost of the initial implementation of the order
the cost of updating the block over the lifetime of the order in response to notifications
from the rightholders (which involves reconfiguring the blocking system to accommodate
the migration of websites from blocked internet locations), and any costs and liabilities
that may be incurred if blocking malfunctions through no fault of (p. 418)
ample as a result of overblocking because of errors in notifications or malicious attacks
provoked by the blocking.55
56
ther or UPC indicated otherwise.
As Briggs LJ noted in the Court of Appeal,57

plementation costs will be to make it easier for rightholders to establish that, as between
themselves and the ISPs, a website-blocking injunction is proportionate; but it will also
make the remedy a somewhat more expensive one for rightholders.58
Page 11 of 18

spective
4.4 Website-Blocking Injunctions: Application to Trade Mark Cases
In Cartier
sites (a further two were added by a subsequent application). It was held by the High
Court and Court of Appeal that the threshold conditions were satisfied and that, applying
the principles set out previously, it was appropriate to grant the injunctions sought. Much
of the reasoning was similar to the reasoning applied in previous cases involving website-
blocking injunctions to combat copyright infringement. The following points which are
specific to trade marks may be noted.
So far as the third of the threshold conditions was concerned, the High Court held that
advertising and offering for sale counterfeit goods and secondly by selling and (p. 419)
supplying such goods, with both activities being targeted at UK consumers. The ISPs had
tisements and offers for sale were communicated to 95 per cent of broadband users in the
ready complete by then. It was also immaterial that, if a UK consumer did purchase an
item, the item would be transported by courier or post, since the contract of sale would
be concluded via the website.59 The Court of Appeal agreed.60
In considering the proportionality of the injunctions, the High Court considered a series
of alternative enforcement measures which the ISPs contended that the claimants should
pursue: taking action against the website operators, sending notice to the website hosts
demanding that the target websites be taken down, asking payment processors such as
get websites, sending notice to search engine providers such as Google requesting them
to de-index the target websites, and customs seizure. The High Court was not persuaded
sures was a factor to be taken into account in assessing the proportionality of the orders
sought by the claimants.61
count in assessing the proportionality of the injunctions were that, first, it was the
ing,62 and, secondly, other websites were highly substitutable for the target websites.63
These factors pointed to the possibilities that the injunctions, even if effective in stopping
tions to block large numbers of other websites. Nevertheless, the High Court concluded
that the injunctions were proportionate, and the Court of Appeal agreed.64
Page 12 of 18

spective
Since Cartier, there has only been one application for a website-blocking injunction to
combat trade mark infringement in the UK. In Nintendo v Sky65
junction was granted, applying the principles laid down in Cartier, against four websites
vented.
4.5 Other Kinds of Injunctions Against Intermediaries in Trade

(p. 420)
Mark Cases
It is clear from that website-blocking injunctions are not the only kinds of
forcement Directive in appropriate cases. One particular possibility which the CJEU
specifically mentioned is an injunction requiring the operator of an online marketplace to
suspend the accounts of sellers who perpetrate trade mark infringements.66 To date, it
other possibility which is arguably within the contemplation of the CJEU is an injunction
to enforce notice and stay-down; that is, an injunction that requires the intermediary,
when notified of an infringement by a rightholder, not merely to take down the relevant
posted by its users subsequently. Again, however, it does not appear that any application
has been made for such an injunction in the UK.
Notes:
(*) I am grateful to Paul Davies, Martin Husovec, and Ansgar Ohly for comments on an
earlier draft.
(1
net Service Providers (Springer 2017).
(2) For this reason, Martin Husovec has referred to intermediaries being accountable
rather than liable. See Martin Husovec,
pean Union: Accountable But Not Liable? (CUP 2018).
(3) It is an open question whether EU law pre-empts national law in these respects, but it
seems likely that it does.
(4) At the time of writing the UK remains a Member State of the EU.
(5) See e.g. C-494/15 Tommy Hilfiger Licensing LLC v Delta Center as [2016] ECLI:EU:C:
2016:528.
Page 13 of 18

spective
(6) At the time of writing the leading texts are Jaani Riordan,
termediaries (OUP 2016); Christina Angelopoulos, European Intermediary Liability in
Copyright: a Tort-Based Analysis (Wolters Kluwer 2016); Dinwoodie (n. 1) and Husovec (n.
2). Of these, the best coverage of trade mark issues is in Riordan ch. 7.
(7) As Martin Senftleben has pointed out, the issues raised by allegations of trade mark
right infringement (and hence, he argues, should be the subject of a differentiated safe
<https://ssrn.com/abstract=2025075>.
(8) C-557/07 LSG-Gesellschaft zur Wahrnehmung von Leistungsschutzrechten GmbH v

Tele2 Telecommunication GmbH [2009] ECLI:EU:C:2009:107.
(9) C-314/12 UPC Telekabel Wien GmbH v Constantin Film Verleih GmbH [2014]
ECLI:EU:C:2014:192.
(10) C-324/09 [2011] ECLI:EU:C:2011:474.
(11) Tommy Hilfiger (n. 5) para. 23.
(12) The Cour de cassation [French Supreme Court] granted an injunction against Google
ary in that respect. See

SARL [12 July 2012] case comment [2013] IIC 380.
(13) Conversely, the CJEU held in C-179/15
lisher failed to do so or where the advertisement was republished by third parties without
the knowledge or consent of the advertiser.
(14 Google France SARL v Louis Vuitton Malletier SA [2010]
ing of Section 4 of Chapter II of the e-Commerce Directive; but there was no issue as to
tive.
(15
(16) See C-119/10 Frisdranken Industrie Winters BV v Red Bull GmbH [2011] ECLI:EU:C:
ment Directive.
Page 14 of 18

spective
(17) See Cosmetic Warriors Ltd v Amazon.co.uk Ltd [2014] EWHC 181 (Ch), [2014] FSR
(18) I ZR 138/16 [2018] IIC 1121, [2018] GRUR 924 (Ger.).
(19) See C-567/18 Coty Germany.
(20) See C-585/08 and C-144/09 Pammer v Reederei Karl Schluter GmbH & Co. KG and
Hotel Alpenhof GesmbH v Heller [2010] ECLI:EU:C:2010:740; (n. 10); and
C-173/11 Football Dataco Ltd v Sportradar GmbH [2012] ECLI:EU:C:2012:642.
(21) See Merck KGaA v Merck Sharp & Dohme Corp. [2017] EWCA Civ 1834, [2018]
(22) See Walton International Ltd v Verweij BV [2018] EWHC 1068 (Ch), [2018] ETMR 34
(23) Claims in respect of keyword advertising were ended by Google France (n. 14).
ties where directed at the intermediary rather than the advertiser. The LUSH case (n. 17)
was unusual since the claim was effectively one of switch-selling.
(24) In the referring judgment, the High Court listed ten additional steps that eBay could
take, while observing that it did not follow that eBay was legally obliged to take any of
those steps. See [2009] EWHC 1094 (Ch), [2009] RPC
21 [277] (UK). On the question of voluntary cooperation between trade mark owners and
platform operators, see further Chapter 19.
(25) C-355/96
sellschaft mbH
ports Ltd [2001] ECLI:EU:C:2001:617; C-244/00 Van Doren + Q. GmbH v Lifestyle sports
+ sportswear Handelsgesellschaft mbH [2003] ECLI:EU:C:2003:204; C-16/03
ing AB v Axolin-Elinor AB [2004] ECLI:EU:C:2004:759.
(26) C-160/15 GS Media BV v Sanoma Media Netherlands BV [2016] ECLI:EU:C:2016:644.
(27) C-527/15 Stichting Brein v Wullems (Filmspeler) [2017] ECLI:EU:C:2017:300.
(28) C-610/15 Stichting Brein v Ziggo BV (The Pirate Bay) [2017] ECLI:EU:C:2017:456.
(29 CJEU
PLP 744.
(30 Winters v Red Bull (n.

16) para. 35. See also the discussion of this question by AG Jääskinen in his Opinion in
Page 15 of 18

spective
. See C-324/09 [2010] ECLI:EU:C:
(31
& Arts 525.
(32) On accessory liability in English law generally, see Paul Davies, Accessory Liability
(Hart 2015). On joint tortfeasance generally, see Michael Jones (ed.), Clerk & Lindsell on
Torts
(33
(34) See
(35) CBS Songs Ltd v Amstrad Consumer Electronics plc [1988] AC 1013 (UK).
(36) Fish & Fish Ltd v Sea Shepherd UK [2015] UKSC 10, [2015] AC 1229 (UK).
(37
bury).
(38 Dramatico
Entertainment Ltd v British Sky Broadcasting Ltd [2012] EWHC 268 (Ch), [2012] RPC 27
right by its users. The latter case is among those discussed in Arnold and Davies (n. 33).
(39) See also C-484/14 McFadden v Sony Music Entertainment Germany GmbH [2016]
ECLI:EU:C:2016:689, concerning Art. 12 and copyright infringement,
(40
(41
(42) See C-521/17 Coöperatieve Vereniging SNB-REACT UA v Mehta [2018] ECLI:EU:C:
(43) See Cour de cassation eBay Inc. v LVMH, Parfums Christian Dior [3 May 2012] Bull.
civ. IV, 89 (Fr.).
(44) See England and Wales Cricket Board Ltd v Tixdaq Ltd [2016] EWHC 575 (Ch),
[2016] Bus LR 641 [170] (UK).
(45
Page 16 of 18

spective
(46) Beginning with Twentieth Century Fox Film Corp. v British Telecommunications plc
[2011] EWHC 1981 (Ch), [2012] Bus LR 1471 (UK) and Twentieth Century Fox Film Corp.
v British Telecommunications plc (No. 2) [2011] EWHC 2714 (Ch), [2012] Bus LR 1525
(UK).
(47) Cartier International AG v British Telecommunications plc [2014] EWHC 3354 (Ch),
[2015] Bus LR 298 (ChD); [2016] EWCA Civ 658, [2017] Bus LR 1 (CA); [2018] UKSC 28,
[2018] Bus LR 1417 (SC) (UK).
(48) (1876) 4 Ch D 92 (UK).
(49) (1871) LR 12 Eq 140, (1871) LR 7 Ch App 130 (UK).
(50) [1974] AC 133 (UK).
(51) See Copyright, Designs and Patents Act 1988, s. 97A (UK).
(52
(53) See Cartier
(54) See Cartier
(55) This decision may give rise to disputes as to the quantification of the marginal costs
der which ISPs had to bear their own implementation costs) avoided. It also lessens the
incentive for ISPs to be efficient in implementing orders.
(56
ment such injunctions in their national systems. If that is the correct interpretation of the
tion costs, but also legal costs, on intermediaries. See McFadden (n. 39).
(57) See Cartier (n. 47) [2016] EWCA Civ 658, [2017] Bus LR 1 [212] (UK).
(58
ing-server blocking injunctions under s. 97A it was agreed between the parties that there
would be no order for costs. See Football Association Premier League Ltd v British
Telecommunications plc [2018] EWHC 1828 (Ch) [8] (UK);
ropéennes De Football v British Telecommunications plc [2018] EWHC 1900 (Ch) [6]
(UK); Matchroom Boxing Ltd v British Telecommunications plc [2018] EWHC 2443 (Ch)
[9] (UK); Queensberry Promotions Ltd v British Telecommunications plc [2018] EWHC
3273 (Ch) (UK).
Page 17 of 18

spective
(59) See Cartier
(UK).
(60) See Cartier
(61) See Cartier

(UK).
(62
(63
(64) See Cartier
(65) Nintendo Co. Ltd v Sky UK Ltd [2019] EWHC 2376 (Ch), [2019] Bus LR 2773 (UK).
(66) See (n. 10) [141].
Richard Arnold
Richard Arnold is a Judge of the Court of Appeal of England and Wales.
Page 18 of 18

Intermediary Liability and Trade Mark Infringement: Proliferation of Filter
Obligations in Civil Law Jurisdictions?
Intermediary Liability and Trade Mark Infringement:
tions?
Martin Senftleben

This chapter discusses intermediary liability and trade mark infringement from a civil law
right enforcement online. The chapter considers first how the infringement test in EU
trade mark law is more context-specific than the infringement analysis in copyright law
and how limitations of trade mark rights provide room for unauthorized use that serves
(commercial) freedom of expression and freedom of competition. In this context, this
chapter looks into the use of filtering mechanisms and how they might wash away these
tinction between legitimate comparative advertising and infringing consumer confusion,

legitimate brand criticism and infringing defamation, legitimate offers of second-hand
goods and infringing sales of replicas in order to consider the threshold when trade mark
owners obtain overbroad protection. Further, this chapter reviews leading case law of the
Court of Justice of the European Union on the question of intermediary liability and filter
that does not undermine the inherent limits and statutory limitations of trade mark
rights. However, examples of court decisions in civil law jurisdictions, such as Germany,
sive filtering duties. Against this background, the chapter concludes by considering
whether a balanced approach based on the principle of proportionality should prevail in
trade mark cases.
Keywords: trade mark infringement, civil law, online intermediaries, copyright infringement,
sion, freedom of competition
THE
tal Single Market (DSM Directive)1 leads to a remarkable climate change in the field of
EU copyright law and the civil law jurisdictions of continental EU Member States.2 (p. 382)
Page 1 of 27

plicitly exempted from the new copyright rules3 and the DSM Directive is not intended to
neutralize the safe harbour for hosting in trade mark cases,4
strictive approach in copyright law may quicken the appetite of trade mark proprietors
for similar measures in trade mark law. If primary platform liability and strict filtering
standards made their way into copyright law,5 why not adopting a similar approach in
following from character merchandising6

point. Does a biting Mickey Mouse parody on YouTube fall under the strict copyright
ble approach in trade mark cases7 (still allowing the invocation of the safe harbour
rules)?
In the light of potential repercussions, it is of particular importance to point out that the
(p. 383)
fringement can be less readily inferred from the mere appearance of a trade mark on an
online platform. The infringement test in EU trade mark law is more context-specific than
the infringement analysis in copyright law (following Section 2). Moreover, limitations of
trade mark rights provide room for unauthorized use that serves (commercial) freedom of
expression and freedom of competition.8 The use of filtering mechanisms must not wash
sumer confusion, legitimate brand criticism and infringing defamation, legitimate offers
tain overbroad protection (Section 3).
Leading case law of the Court of Justice of the European Union (CJEU) on the question of
intermediary liability and filter obligations points towards a cautious approach in trade
tations of trade mark rights.9

tions, such as Germany, show a tendency of developing national doctrines that allow the
imposition of more extensive filtering duties (Section 4). Against this background, it is to
be recalled10 that a balanced approach based on the principle of proportionality should
prevail in trade mark cases (concluding Section 5).
1. Trade Mark Rights
ploitation rights, they are granted to safeguard market transparency.11 In principle, every
trader is bound to use her own individual trade mark for the identification of her goods
ket participants and protect consumers against confusion about the origin of goods and
Page 2 of 27

services offered in the marketplace. From an economic perspective, it can be added that
search costs.12 To achieve these goals, trade mark law allows enterprises to establish an
(p. 384) exclusive link with a distinctive sign: the law grants enterprises exclusive rights
to their trade marks.
This protection mechanism has important ramifications. By exclusively assigning a trade
uct quality will add an additional layer of positive associations. In this way, the trade
mark becomes a platform which the enterprise, provided that its marketing strategy is
successful, can use to raise positive pictures, associations, and expectations in the minds
of consumers.13
a
14
powerful and valuable brand image. The initial step of sign reservation thus leads to a
further process of brand image creation.15 Trade marks are capable of serving as carriers
of complex information referring to a specific lifestyle, behaviour, or attitude. Viewed
sumers in the digital environment.16 They summarize the messages subtly conveyed to
17
est in a protection system that allows an enterprise the establishment of an exclusive link
tablished (sign reservation). Protection in this area can be regarded as a precondition

(p. 385)
ty. In modern trade mark law, this first protection interest is predominantly satisfied by
venting confusing use of identical or similar signs.18
ing from advertising and promotion activities.19

zation interests often play an important role in trade mark cases addressing the specific
reputation and communication value of trade-marked symbols.20
1.1 Inherent Limits
Whatever the stage of trade mark development, however, trade mark rights, by definition,
do not offer a degree of control over the use of the protected sign that is comparable to
the control that can be exerted by copyright owners.21 In contrast to copyright, trade
Page 3 of 27

mark law does not protect the trade-marked sign as such. Trade mark protection only
tion, the quality function, and the communication function.22
Copyright protection of the Mickey Mouse drawing, for instance, means that the drawing
as such is protected. The copyright owner acquires a broad right of reproduction23 and a
broad right of communication to the public.24 Accordingly, the mere act of copying the
Mickey Mouse drawing or making it available on the internet may amount (p. 386)
fringement, if the user cannot successfully invoke a copyright limitation as a defence.25
Trade mark protection of the Mickey Mouse drawing,26
ing the proper functioning of that drawing as a trade mark. From the outset, protection is
confined to use of the mark in the course of trade and as a trade mark.27 Because of these
cational, or political purposes is less likely to fall under the control of the trade mark
owner. The mere act of copying is not sufficient to establish infringement.
position enjoyed by a copyright owner. Instead of being able to exert general control over
certain types of use, such as acts of copying, the success in invoking trade mark rights
depends on the particular context in which the use takes place. The mere reproduction or
making available of a trade mark is not sufficient. Further conditions are to be fulfilled, in
verse effect on a protected trade mark function, and use that is likely to cause confusion
or dilution.28 Against this background, it becomes clear that a liability regime relating to
trade marks must be context-specific enough to allow the consideration of the inherent
limits of trade mark rights. Otherwise, the liability rules will lead to overbroad control
over trade mark-related online communications that does not correspond to the scope of
the underlying exclusive rights.
The reason for less complete communication control lies in fundamental differences in
right, trade mark rights are not primarily intended to serve as exploitation instruments.
They are legal instruments to ensure market transparency, undistorted (p. 387)
tion, and protection of consumers against confusion.29 Accordingly, a finding of trade
mark infringement depends on the individual circumstances of use. The identification of
dividual case. The mere appearance of a trade mark can only serve as a starting point for
this analysis. For a finding of infringement, the assessment of the context in which the
trade mark appears is indispensable.
In the area of social media, for instance, the inherent limits of trade mark rights become
particularly relevant. If a trade mark is used in the context of a social networking site to
share information about a product, the question arises whether this use constitutes use in
Page 4 of 27

the course of trade and relevant use as a trade mark in the sense of trade mark law.30
Many communications on social media platforms will fall outside the scope of trade mark
protection because of their non-commercial nature. The importance of this breathing
space for unauthorized, trade mark-based communication must not be underestimated.
favourable online word of mouth may moreover minimize the credibility of the internet as
an independent information resource.31 The outlined inherent limits of trade mark rights,
therefore, fulfil important functions in respect of consumer information and information
infrastructure.
1.2 Context-Specific Infringement Analysis
low the establishment of infringement with a degree of certainty that is comparable to

copyright cases. In trade mark law, mere copying or making available is not sufficient. By
contrast, further infringement conditions must be satisfied, such as use in the course of
trade, use in relation to goods or services, a likelihood of confusion, harm to the trade
acter. The liability question is also complex because of the diversity of online platforms
and use modalities involved. Hence, the alignment of trade mark liability and filtering
standards with obligations to employ automated, algorithmic filtering mechanisms in
copyright law32
limits that follow from the context-specific nature of the exclusive rights awarded in trade
mark law. Serious concerns about overblocking have been expressed with regard (p. 388)
to the use of algorithmic filtering systems in copyright law.33 When it comes to trade
marks, these concerns have even more weight because of the described context-specific
nature of exclusive rights.
2. Limitations of Trade Mark Rights
that are deemed important for economic, social, or cultural reasons.34

mental freedoms, in particular freedom of expression and freedom of competition, play a
crucial role.35 As the inherent limits of trade mark rights, statutory limitations of (p. 389)
protection36 must therefore be factored into the equation when devising an intermediary
liability regime in the field of trade mark law.
2.1 Commercial Freedom of Expression
dom of expression37 and the freedom of competition of other market participants.38 For
instance, the trade mark owner is not entitled to prevent other traders from the use of
the protected trade mark, if this is necessary to properly inform the public about product
Page 5 of 27

characteristics or the intended purpose of a product or service.39 For this reason, a
provider of car repair and maintenance services specializing in BMW cars, for instance,
ing. As this indication is necessary to inform consumers about the nature of the services,
the use does not amount to an infringement of the trade mark rights of the car
producer.40
ground, use of a trade mark in comparative advertising satisfying all requirements of the
EU Misleading and Comparative Advertisement Directive 2006/114/EC is exempted from
the exclusive rights of trade mark owners.41 Finally, room for legitimate unauthorized use
of a trade mark follows from the fact that trade mark rights are exhausted after the first
sale of genuine products by or with the consent of the trade (p. 390) mark owner.42 As
trade mark rights can no longer be invoked with regard to those goods, resellers do not
ing that brings the further commercialization of the goods to the attention of
consumers.43
In the context of online marketplaces, these user freedoms play an important role. Trade
tics of goods, clarify their intended purpose, or announce a resale of genuine goods after
mension, Advocate General Jääskinen urged the CJEU in his opinion in not
to forget:
by the fundamental rights of freedom of expression and information provided by Article
vention on Human Rights.44
In the context of keyword advertising, issues of commercial freedom of speech can arise
with regard to the advertising made by resellers who sell genuine goods, in respect of
which trade mark rights have been exhausted after the first sale.45 Keyword advertising
can also be used legitimately for the purpose of comparative advertising.46 In Interflora v
Marks & Spencer
out comparing goods or services, seeks to inform consumers about an alternative in the
marketplace. The Court explained that:
Page 6 of 27

reputation, it must be concluded that such use falls, as a rule, within the ambit of fair
47
The need to reconcile the protection of trade marks with commercial freedom of
(p. 391)
expression and freedom of competition enjoyed by other market participants, therefore,

makes inroads into the exclusive rights of trade mark proprietors. In particular, they are
rendered incapable of objecting to the unauthorized use of their trade marks where this
tive to inform consumers about competing offers and enhance the efficient functioning of
the market.
2.2 Artistic and Political Freedom of Expression
Besides the importance attached to competing economic interests, there is growing

awareness in the field of trade mark law that protection must be balanced against social
and cultural values. In particular, the gradual expansion of trade mark protection in the
tions safeguarding freedom of expression and information in social and cultural

contexts.48 In 1990, Professor Rochelle Dreyfuss had already pointed out that trade
marks had become focal points of communication:
quainted with the classic literature that in the past formed the basis for rhetorical
ness. Accordingly, it is not surprising that speakers and writers are drawn to those
devices that are, by dint of heavy advertising, doubtlessly universally familiar.49
turally valuable must not be underestimated with regard to use of trade marks on online
marks are more than mere identifiers of commercial source. As trade marks are often
symbols that raise complex associations in respect of lifestyles, behaviour, and attitudes,
they allow internet users to sum up complex social or cultural norms and developments
by referring to a simple word, mark, or logo. It has also been pointed out in the debate on
the social and cultural dimension of trade marks that the richness of associations and
meanings attached to a trade mark is the result of a joint effort of trade mark owners and
tions distinct from and sometimes unrelated to the advertising messages conveyed by the
trade mark owner.50 As a result, trade marks become (p. 392) metaphors with complex
meanings that are of particular importance for social and cultural discourse.
Recognizing this public interest in the use of trade marks for social and cultural ends,
lawmakers and policymakers have been alert to the need for corresponding limitations on
trade mark rights, particularly in the area of the protection of well-known marks against
Page 7 of 27

dilution. Trade mark legislation in the EU creates breathing space for free expression by
providing for a defence of referential use51
area of the protection of marks with a reputation against dilution.52
So far, the CJEU has not had the opportunity to decide cases involving the invocation of
these defences with regard to political or artistic speech. National decisions in civil law
jurisdictions, however, demonstrate the potential of the due cause defence to serve as a
safeguard for political and artistic freedom of expression. The case Lila Postkarte of the
German Federal Court of Justice, for example, concerned the marketing of postcards that
alluded ironically to trade marks and advertising campaigns of the chocolate producer
Milka.53
card sought to ridicule the nature idyll with cows and mountains that is evoked in Milka
advertising.54
Über allen Wipfeln ist Ruh/

irgendwo blökt eine Kuh/
Muh!55
Assessing this ironic play w11.734 pthe German Federal Court of Justice held that for the
use of Milka trade marks to constitute relevant trade mark use in the sense of Article
10(2)(c) of the Trade Mark Directive, it was sufficient that the postcard called to mind the
well-known Milka signs.56 Even though being decorative, the use in question therefore
gave rise to the question of trade mark infringement.57 Accordingly, the (p. 393) German
Federal Court of Justice embarked on a scrutiny of the trade mark parody in the light of
the infringement criteria of detriment to distinctive character or repute, and the taking of
unfair advantage.58
against the fundamental guarantee of the freedom of art, the court finally concluded that
card.59
in the sense of Article 10(2)(c) of the Trade Mark Directive.60
Other national decisions show that the due cause defence may also play an important role
in safeguarding political freedom of speech.61 In the light of the fundamental guarantee
of freedom of expression, the German Federal Court of Justice permitted the use of the
genetically modified milk in milk products.62 The French Supreme Court allowed the use
peace had organized to criticize environmental policies of the company on the basis of the
63
National case law also shows the limits of the due cause defence in parody cases with a
commercial background. In the decision Styriagra
ed the marketing of pumpkin seeds with blue frosting under the trade mark
STYRIAGRA.64
VIAGRA trademark and the blue Viagra pills, the court was convinced that the defendant
Page 8 of 27

draw the attention of consumers to his pumpkin product.65

jected the argument that the use had taken place with due cause.66
ducted his business in the Austrian state of Styria, the trade mark STYRIAGRA could be
understood as an ironic blend of the name of the Austrian state where the pumpkin seeds
came from, and the VIAGRA trade mark of the plaintiff.67 To further support his parody
and pill colour created a sharp contrast between chemical and natural means of treating
erectile dysfunction.68 The Austrian Supreme Court, however, remained unimpressed.69
While conceding that the due cause defence could be invoked to justify an artistic trade
(p. 394)
70
nant.
speech interests.71
These examples illustrate how national courts in the EU employ the due cause defence to
strike a proper balance between trade mark protection and competing social and cultural
cates that the due cause defence can play a crucial rule when it comes to the use of a
lead consumers as to the origin of the information communicated under this name, and
where this information does not serve the legitimate purpose of criticism and comment.72
2.3 Context-Specific Limitations
In sum, the analysis of measures taken to safeguard competing fundamental freedoms in

trade mark law yields the insight that the exclusive rights of trade mark owners are not
spects. Trade mark law seeks to strike a proper balance between trade mark protection
and competing economic, social, and cultural values. As a result, forms of use that are
sellers, use criticizing or commenting on trade-marked products and use for the purpose
voke trade mark rights against unauthorized use serving these purposes as long as the
use keeps within the limits of the respective limitations laid down in the law.
Hence, online enforcement systems relating to trade marks would not only have to reflect
the context-specific scope of trade mark rights but also the limits set to trade mark rights
ronment than justified in the light of the underlying exclusive rights. The fundamental
Page 9 of 27

freedoms justifying the exemption of the outlined forms of use, in particular freedom of
expression and freedom of competition, would be neglected.
Against this background, it becomes apparent that the risk of overbroad content
(p. 395)
blocking that has been identified in the field of copyright law73

even greater extent74
current content identification and filtering systems are not sophisticated enough to lend
sufficient weight to competing user freedoms, the extension of filtering obligations, as
adopted in the DSM Directive, to the field of trade mark law would curtail breathing
space for valuable forms of use and most probably encroach on underlying fundamental
freedoms. The risk of excessive filtering of privileged trade mark-related communications
must not be played down in the debate on intermediary liability in trade mark cases.
3. Developments in Case Law
sight that in the debate on liability and filtering standards, the default position can hardly
be the assumption that uploads including a protected trade mark justify the employment
of algorithmic filtering tools because the inclusion of the protected sign clearly points in
the direction of infringement.75
ular use in the course of trade, use in relation to goods and services, and use that causes
confusion, dilution, or unfair free-riding. An intermediary liability regime relating to trade
marks must be context-specific enough to offer room for the consideration of inherent
limits and statutory limitations of trade mark rights.
(p. 396) 3.1 Guidelines at EU Level
hosting following from Article 14 of the e-Commerce Directive76

cautious approach that is capable of satisfying this general requirement. In Google
France v Louis Vuitton, the Court qualified the advertising messages displayed by the
Google keyword advertising service as third party content provided by the advertiser and
hosted by Google. These advertising messages appear once the search terms selected by
bility arises. As to the applicability of the safe harbour for hosting in these circumstances,
the CJEU pointed out that it was necessary to examine whether the role played by Google
matic and passive, pointing to a lack of knowledge or control of the data which it
77
trast, would be relevant to the assessment of eligibility for the safe harbour.78
In the further case , the CJEU arrived at a more refined test by establishing
Page 10 of 27

in order for the provider of an information society service to be denied entitlement to the
exemption [for hosting], for it to have been aware of facts or circumstances on the basis
of which a diligent economic operator should have identified the illegality in question.79
(p. 397)
der this standard, own investigations of the platform provider would have to be taken into
tice-and-takedown system. Such notifications represented a factor of which the national

court had to take account when determining whether the intermediary was actually
aware of facts or circumstances on the basis of which a diligent economic operator should
have identified the illegality.80
emption from investigations to an obligation to consider even imprecise notifications.
Platform providers must set up a knowledge management system that reaches a certain
level of sophistication.81
However, these guidelines of the CJEU must not be misunderstood as an indication that,
in the case of trade marks, the mere appearance of a protected sign on an online platform
posed on an intermediary despite eligibility for the safe harbour for hosting.82
fied in that it was possible to order an online service provider, such as
83
Hence,
the Court opened the door to the introduction of filtering obligations. However, it pointed
out that this should not culminate in a general and permanent ban on the use of goods
bearing a specific trade mark.84
peat infringers of the same trade mark. The CJEU explained that:
if the operator of the online marketplace does not decide, on its own initiative, to suspend
the [infringer] to prevent further infringements of that kind by the same seller in respect
of the same trade marks, it may be ordered, by means of an injunction, to do so.85
Hence, the CJEU did not have a system in mind that generally prevents uploads of offers
or other content comprising a protected trade mark. First, the filtering system following
from only targets repeat infringers. In the absence of a first illegitimate act
that identifies a particular platform user as an infringer, no filtering is required. Secondly,
the filter system only concerns further infringements in respect of the same trade mark.
(p. 398) the same
trade mark. This approach differs markedly from the approach taken in Article 17(4)(b) of
tent identification algorithm detects traces of a protected work.86 In contrast to this new
Page 11 of 27

ary liability in trade mark cases is not based on cooperation between the online platform
mation about their entire trade mark portfolio and obliges online platforms to block any
3.2 Application in Civil Law Jurisdictions
ty rule following from and more general filtering measures may become
blurred. In Germany, for instance, the rules on secondary infringement in the strict sense
of aiding and abetting are regularly inapplicable unless an online platform has actual
knowledge of individual persons using its services to infringe intellectual property rights.
This starting point, however, did not prevent the German Federal Court of Justice from
developing a specific liability regime in analogy with a general provision in the German
fects on their property be removed and enjoined in the future.87 In the context of this so-
to establish an adequate causal link between an (ongoing) infringement of an intellectual

property right and acts or omissions of the defendant: in the case of online platforms,
terferences with intellectual property rights. Moreover, the platform provider must be
of
88
continued infringement. In practice, this final element allows the courts to draw the
conceptual contours of the liability regime more precisely. Intermediaries can escape the
cerned.89
The German Federal Court of Justice developed the core principles of liability for
(p. 399)
trade mark infringement under the standard of Störerhaftung in cases concerning sales
of infringing articles on auction sites.90
tion of preventive measures.91
open-ended concept of Störer offers German courts considerable room to develop specific
stances of the tort at issue. As Article 15 of the e-Commerce Directive prohibits general
monitoring obligations, this constitutes the ceiling of filtering orders that may result from
Störerhaftung.92 Nonetheless, the specific monitoring duties imposed on platform
Page 12 of 27

ered appropriate in .
Cases that culminated in substantially broader filter obligations concerned in particular

copyright infringement. In Rapidshare, the German Federal Court of Justice dealt with a
cloud storage service that allowed users not only to upload content to their individual
locker space but also to share the content via download links that could be added to link
collections.93
hanced the risk of infringement by offering premium accounts with very high download
speed that made the accounts particularly attractive for illegal content-sharing. The court
saw the premium offer as an indication that Rapidshare sought to profit from illegal
ceipt of a notice of infringing content, Rapidshare had to remove the individual content
item at issue. Moreover, it had to ensure that the affected literary and artistic work was
not infringed again in the future. Hence, the German Federal Court of Justice departed
from the double-identity rule following from
ations to cases where the same user infringed the same work, the court generalized the
monitoring and filtering duty by establishing an obligation to prevent any unauthorized
94
Furthermore, it held
that Rapidshare had to actively search for names and descriptions of download links that
contained the title of works in respect of which it had (p. 400)
fringement. This obligation included the use of web crawlers and text filters to detect
links to illegal content on Google, Facebook, and Twitter.95
In Germany, the flexible concept of Störerhaftung thus served as a vehicle to go beyond

the concept of double-identity filtering which the CJEU accepted in . This
development occurred in decisions concerning the infringement of literary and artistic
works. Given the universal applicability of the underlying provision in the German Civil
Code, however, it cannot be ruled out that a similar broadening of filter obligations may
take place with regard to trade marks. In Internet Auction I, for instance, the German
Federal Court of Justice recognized in respect of trade mark infringement that it would be
too heavy a burden for the provider of an auction site to check each individual offer prior
to its publication on the website.96
fers of Rolex watches. In such a case, the provider had to block the concrete offer without
trade mark infringements of the same kind occurred. More concretely, the provider had
stance, on typical features of suspect offers, such as a low price or a reference to Rolex
imitations.97 Under the concept of Störerhaftung, targeted filtering in trade mark cases
had thus already been deemed possible in the past. It is an open question whether more
Page 13 of 27

tice considered necessary in Rapidshare
tive.98 The prejudicial questions which the German Federal Court of Justice submitted in
YouTube may clarify this compliance question.99
Whatever the outcome of the request for CJEU guidance, the previous analysis of context-
specific inherent limits and statutory limitations of trade mark rights is a call for caution.
Even if the concept of Störerhaftung survives the ruling of the CJEU in YouTube, it is not
advisable to use this national concept as a backdoor to bring filter obligations in the field
of trade mark law close to the copyright standard that follows from the adoption of the
DSM Directive.100 As filter technology is not sophisticated enough to take account of the
limited scope of trade mark rights, this step would encourage excessive algorithmic trade
mark enforcement that disregards the context-specific conceptual contours of trade mark
rights.
(p. 401)
101
only been
granted in cases where the platform provider played an active role in the sense that he
dealt with content on the platform in a way that implied knowledge of infringing material,
collaborated with third parties offering illegal content, or added content himself. In these
fringer or other platform users.102 Hence, an obligation to take measures against repeat
infringers are conceivable with regard to specific content, if the platform provider plays
an active role and has knowledge of the infringing content.103
ticular, they embark on a thorough scrutiny of the scope of the injunction in the light of
the principle of proportionality. In Stokke v Marktplaats
peals of Leeuwarden attached particular importance to the fact that the majority of offers
ings that it would continue this practice in the future. Against this background, (p. 402)
toring by Marktplaats itself would add little to the results reached on the basis of the
measures already taken by the rightholder himself.104
ment. In the national BREIN v Ziggo decisions preceding the ruling of the CJEU,105
Page 14 of 27

stance. The Court of Appeals of The Hague, however, concluded that the website blocking
had been disproportionate because internet users had little difficulty in circumventing the
resulting access restriction. Moreover, the court held that the blocking order could hardly
be deemed effective as long as BREIN focused on only one file-sharing platform while
duced. Given this lack of effectiveness, the inroads made into the fundamental freedom to
conduct a business could not be justified.106
3.3 Need for Balanced, Proportionality-Based Approach
In contrast to the case law that evolved in Germany, national decisions in the Netherlands
tering orders. They rely heavily on the principle of proportionality as a compass to arrive
at tailor-made solutions case by case. While Article 17 of the DSM Directive will lead to
proach survives in the field of trade mark rights. Otherwise, as pointed out previously,
derlying trade mark rights.
4. Conclusions
An inquiry into the context-specific nature, inherent limits, and statutory limitations of
tering systems to trade mark cases is likely to yield undesirable results. Trade mark law
seeks to strike a proper balance between trade mark protection and competing
(p. 403)
economic, social, and cultural needs. Due to the different conceptual contours of trade
tive in the field of copyright law would give trade mark proprietors excessive control over
gitimate descriptive use of trade marks, comparative advertising, advertising by resellers,
tion on goods and services. The reliability of the internet as an independent source of
trade mark-related information would be put at risk.
Instead, a liability regime is necessary that is tailored to the particular scope and reach of
tions of protection play an important role that satisfy competing economic, social, and
Page 15 of 27

line platforms and the different ways in which trade marks may be used in accordance
with the platform infrastructure.
In sum, the configuration of trade mark protection requires a nuanced approach to the
ality constitutes an important signpost in this respect. Only a cautious, proportionality-

based approach allows judges to align their decisions with the specific scope and reach of
trade mark rights and the individual characteristics of online platforms.
Notes:
tives 96/9/EC and 2001/29/EC [2019] OJ L130/92, Art. 17(3).
(2) Almost all EU Member States follow the civil law tradition. Even in the UK, Scotland is
Paper Series (2019) <https://ssrn.com/abstract=3367219
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2947800>;
Innovation and Competition in Response to the Questions Raised by the Authorities of
cil Legal Service Regarding Article 13 and Recital 38 of the Proposal for a Directive on
http://www.ip.mpg.de
form
https://
ber 2016) <https://ssrn.com/abstract=2850483>.
Page 16 of 27

(3) See Directive 2019/790/EU (n. 1) recital 62.
(4) ibid. Art. 17(3).
(5) ibid. Art. 17(1) and (4).
(6) As to the dilemmas arising from cumulative copyright and trade mark protection, see
The
Protection of Non-Traditional Marks: Critical Perspectives (OUP 2018) 309; Irene Calboli,
Frankel and Daniel Gervais (eds),

tal Age (CUP 2014) 52; Estelle Derclaye and Matthias Leistner, Intellectual Property
(eds), Geistiges Eigentum im Dienst der Innovation (Nomos 2001) 23; D. Feer Verkade,
in Jan Kabel and Gerard Mom (eds),

Honour of Herman Cohen Jehoram (Kluwer 1998) 69.
(7) The Mickey Mouse drawing is registered internationally as a trade mark in respect of
various goods and services. See international registration nos 135376, 135377, and
296478 under the Madrid System. The particulars of the registrations can be found at
<http://www.wipo.int/madrid>. As to the status quo reached at EU level with regard to
Google France and
Google
ternational AG and Others [2011] ECLI:EU:C:2011:474, para. 120.
(8
Freedom of Expression and Undistorted Competition: Guiding Principles for the Further
(9) See n. 7.
(10
VU Centre for Law and Governance Research Paper (2012) <

stract=2025075>.
(11) Annette Kur and Martin Senftleben, (OUP

2017) para. 1.06.
(12
(CUP 2008) 241; Stacy Dogan and
Page 17 of 27

(13
(14
in Bently, Davis, and Ginsburg (n. 12) 161.
(15) See the description given by Schroeder (n. 14) 161; Lehmann (n. 13) 15.
(16
(17
mark law, see C-487/07 [2009] ECLI:EU:C:
(eds),
tion Law (Hart 2016) 339.
(18
cember 2015 to approximate the laws of the Member States relating to trade marks
pean Union trade mark [2017] OJ L154/1, Art. 9(2)(b).
(19) See Directive 2015/2436/EU (n. 18) Art. 10(2)(c); Regulation 2017/1001/EU (n. 18)
Art. 9(2)(c).
(20) cf. C-487/07 (n. 17) para. 58.
(21
of Intellectual Property and Competition L. 45. As to the tendency of bringing trade mark
rights closer to exploitation rights (as awarded in copyright law), see Jonathan Moskin,
Page 18 of 27

Cf. Fezer (n. 13) 464 and 467; Casparie-Kerdel (n. 13) 188; Brown (n. 13) 1620. In fact,
the risk of creating property rights in gross seems to be inherent in the dilution doctrine.
(22) See C-487/07 (n. 17) para. 58.
(23) See Berne Convention for the Protection of Literary and Artistic Works, Art. 9(1); of
22 May 2001, on the harmonisation of certain aspects of copyright and related rights in
the information society (2001) OJ L167/10, Art. 2.
(24) See WIPO Copyright Treaty, Art. 8; Directive 2001/29/EC (n. 23) Art. 3.
(25) See Directive 2001/29/EC (n. 23) Art. 5 for limitations of copyright protection that are
permissible in EU copyright law. Cf. C-5/08 Infopaq International A/S v Danske Dagblades
Forening Eva-Maria Painer v Standard
Verlags GmbH and Others Johan
Deckmyn and Vrijheidsfonds VZW v Helena Vandersteen and Others [2014] ECLI:EU:C:
(26) See n. 7.
(27) The requirement of use in trade is reflected in Art. 16(1) TRIPs Agreement. As to the
debate on the requirement of use as a trade mark, see Stacey Dogan and Mark Lemley,
ular with regard to Community trade marks).
(28) For a discussion of these infringement criteria, see Kur and Senftleben (n. 11) paras
(29) ibid. para. 1.06.

Page 19 of 27

(30
(31
Graeme Dinwoodie and Mark Janis (eds), Trademark Law and Theory: a Handbook of
Contemporary Research
(32
(33
UC Berkeley Public Law and Legal Theory Research Paper Series (March 2017) 2
<https://ssrn.com/abstract=2755628
fied infringed work, suggesting that 4.5 million requests in the entire six-month data set
were fundamentally flawed. Another 19% of the requests raised questions about whether
they had sufficiently identified the allegedly infringed work or the allegedly infringing
(34
protection become more uncertain, we cannot rely exclusively on creative interpretation
(35) cf. Wolfgang Sakulin,

into the Conflict between Trademark Rights and Freedom of Expression under European
Law
Research Handbook on Human

Rights and Intellectual Property
lewski (eds), Les défis du droit des marques au 21e siècle/Challenges for Trademark Law
in the 21st Century
Page 20 of 27

Loyola of Los Angeles Entertainment L.J. 523.
(36) See Directive 2015/2436/EU (n. 18) Art. 14(1); Regulation 2017/1001/EU (n. 18) Art.
12(1).
(37
mercial speech, see e.g. Autronic v Switzerland App. no. 12726/87 (ECtHR, 22 May 1990)
para. 47.
(38) cf. Senftleben and others (n. 8) 337.
Art. 12(1)(c).
(40) In this sense C-63/97 Bayerische Motorenwerke AG (BMW) and BMW Nederland BV v
Ronald Karel Deenik [1999] ECLI:EU:C:1999:82, para. 59. Cf. Kur (n. 27) 1; Po Jen Yap,
(41) See Directive 2015/2436/EU (n. 18) Arts 10(3)(f) and 14(1)(c); Regulation 2017/1001/
EU (n. 18) Arts 9(3)(f) and 12(1)(c). Cf. C-487/07 (n. 17) paras 54 and 65; C-533/06 O2
Holdings Ltd and O2 (UK) Ltd v Hutchison 3G UK Ltd [2008] ECLI:EU:C:2008:339, para.
(42) See Directive 2015/2436/EU (n. 18) Art. 15; Regulation 2017/1001/EU (n. 18) Art. 13.
(43) In this sense, e.g. C-337/95 Parfums Christian Dior SA and Parfums Christian Dior BV
v Evora BV
put on the Community market by the proprietor of the trade mark or with his consent, a
reseller, besides being free to resell those goods, is also free to make use of the trade
Page 21 of 27

(44) C-324/09 [2010]

ECLI:EU:C:2010:757, Opinion of AG Jääskinen, para. 49.
(45) C-558/08 Portakabin Ltd and Portakabin BV v Primakabin BV [2010] ECLI:EU:C:

2010:416, para. 78.
(46
(47) C-323/09
ers Direct Online Ltd
Constructing European Intellectual

Property: Achievements and New Perspectives (Edward Elgar 2012).
(48) See the references to relevant literature in n. 35.
(49
(50
68 New York U. L. Rev. 960. However, see also the critical comments on the limitation of
Sydney L. Rev. 193.
Art. 12(1)(c).
and
(53) See Bundesgerichtshof [Supreme Court] (BGH) Lila Postkarte [3 February 2005] I ZR
159/02 (Ger.) in [2005] GRUR 583.
(54) ibid. 583.
(55
Rilke.
Page 22 of 27

(56) ibid. 584.
(57
(58) ibid.
(59) ibid.
(60) ibid. 585.
(61) For an overview of national decisions, see Kur and Senftleben (n. 11) paras 5.267 and
(62) BGH Gen-Milch [11 March 2008] VI ZR 7/07 (Ger.) in [2008] Neue Juristische
Wochenschrift 2110.
(63) See Cour de Cassation [Supreme Court] Greenpeace v Esso [8 April 2008] case
06-10961 (Fra.). See also Cour de Cassation Greenpeace v Areva [8 April 2008] case
07-11251 (Fra.).
(64) Oberster Gerichtshof [Supreme Court] (OGH) Styriagra [22 September 2009] case
17Ob15/09v, para. 3.4 (Aust.).
(65) ibid. para. 2.
(66) ibid.
(67) ibid.
(68) ibid.
(69) ibid. para. 3.4.
(70) ibid.
(71) ibid.
(72
<https://www.wipo.int/sct
working site, but this use of the mark may not be protected speech if it causes ordinary
(73
er things, that 30 per cent of DMCA takedown notices were legally dubious, and that 57
Page 23 of 27

ter find that instances in which this mechanism is used are relatively rare). However, cf.
(74
tions need not lead to the same filtering standards. More concretely, he sees copyright as
that, due to the context-specific nature of trade mark rights, algorithmic filter systems
are even more problematic in the field of trade mark law than they are in the area of
copyright.
(75) For a discussion of the fundamental change of the default position that follows from
able unless proven to be infringing, today materials that are detected by algorithms are
University Law Department (2018); Christina Angelopoulos,

bility in Copyright: A Tort-Based Analysis
junctions Against Intermediaries in the European Union: Accountable But Not Liable?
GRUR 801.
(77
keyword advertising service did not use affected trade marks in the sense of trade mark
law. Direct liability arising from keyword advertising services thus seems to be excluded
Page 24 of 27

sentation of search results potentially create independent trademark-related harm, thus
(78
(79) C-324/09 [2011]

ECLI:EU:C:2011:474, para. 120.
(80) ibid. para. 122.
(81
2004 on the enforcement of intellectual property rights, [2004] OJ L195/16, Art. 11. Cf.
C-314/12 UPC Telekabel v Constantin Film and Wega [2014] ECLI:EU:C:2014:192, paras
(83) C-324/09 (n. 79) para. 131.
(84) ibid. para. 140.
(85) ibid. para. 141.
(86
(87) Civil Code (Bürgerliches Gesetzbuch) § 1004 (Ger.). See BGH Internet-Versteigerung
[11 March 2004] I ZR 304/01 36 (Ger.) in (2005) 36 IIC 573; BGH Internet-Versteigerung
II [19 April 2007] case no. I ZR 35/04 (Ger.); BGH Internet-Versteigerung III [30 April
(88) This specific duty of care must not be confused with negligence of duties of care that
would result in an independent tort leading to direct liability of the intermediary.
(89
merce Directive.
(90) See Internet-Versteigerung I-III

Trademark Infringement on the Internet: The Situation in Germany and Throughout the
(91) cf. Kur and Senftleben (n. 11) para. 13.136.

Page 25 of 27

(92) See BGH File-Hosting-Service [15 August 2013] I ZR 80/12. Cf. Bornkamm (n. 87)
643; Dinwoodie (n. 74) 492.
(93) See File-Hosting-Service
(94) See File-Hosting-Service (n. 92).
(95) ibid.
(96) See Internet-Versteigerung I-III (n. 87) para. 19.
(97
(98
(99) BGH YouTube [13 September 2018] I ZR 140/15 (Ger.) in [2018] GRUR 1132, 1132.
As to the question of compliance of the concept of Störerhaftung with EU law, see the
(100
(101) It remains to be seen in which way the decisions in C-527/15 Stichting Brein v Jack
Frederik Wullems [2017] ECLI:EU:C:2017:300, para. 50 and C-610/15 Stichting Brein v
Ziggo BV and XS4All Internet BV [2017] ECLI:EU:C:2017:456, para. 36, impact national
Dutch practice. As these decisions broaden the concept of primary liability, they may lead
(102) Court of Appeals of The Hague FTD v Eyeworks [15 November 2010] LJN BO3980,
ECLI:NL:GHSGR:2010:BO3980, para. 6.9 (Neth.); Court of Appeals of Den Bos C More
Entertainment v MyP2P [12 January 2010] LJN BM9205, ECLI:NL:GHSHE:2010:BM9205,
para. 5 (Neth.); District Court of Utrecht BREIN v Mininova [26 August 2009] LJN
terdam Techno Design v BREIN [15 June 2006] LJN AX7579, ECLI:NL:GHAMS:
Page 26 of 27

(103) For an example of the grant of a preliminary filtering injunction because of active
control of platform content and knowledge resulting from this control activity, see District
Court of Amsterdam PVH v Facebook [21 December 2018] ECLI:NL:RBAMS:2018:9362,
(104) See Court of Appeals of Leeuwarden Stokke v Marktplaats [22 May 2012] LJN
(105) See C-610/15 (n. 101) para. 36.
(106) See Court of Appeals of The Hague BREIN v Ziggo [28 January 2014] case no.
Martin Senftleben
search Institute, University of Xiamen. Email: m.r.f.senftleben@uva.nl.
Page 27 of 27

ternational Common Approaches
ment: Emerging International Common Approaches

Frederick Mostert

ling counterfeits in a borderless digital environment even more challenging, this chapter
tional level for online trade mark infringement. The chapter outlines three common tenets
that can be distilled into a transnational principle of intermediary liability, including
knowledge-and-takedown obligations and availability of blocking injunctions. Further, this
chapter discusses how this emerging common international principle is then coupled by a
ius gentium
line intermediaries and rightholders to curb infringement. However, it is important to
mation and lawful competition.
Keywords: trade mark infringement, international, online intermediaries, notice-and-takedown,

tion, voluntary measures, ius gentium
*
IN view of the exponential expansion of the volume and velocity of counterfeits which
pop up on social media1 and web platforms,2 intellectual property counsels around the
world are confronted with the growing necessity to focus intently on the various legal
cupied by the measures they may be required to take on board in dealing with the listing
of fakes online.3
mains how best to develop a balanced legal approach to the implementation of new
digital tools and the appropriately calibrated touchstone for intermediary liability
(p. 370)
to ensure the equanimity of underlying fundamental interests including free speech, the
freedom to compete, and intellectual property.
Page 1 of 14

mediaries, social media and web platforms, and government law enforcement authorities
ital counterfeits and pirated goods.4 Some intermediary liability legal principles have also
started to emerge internationally in a surprisingly uniform manner. This is not to deny
that substantive differences between jurisdictions remain. However, it is suggested that
oping consistent, cross-border technical and legal standards. Effective measures can only
ther development of a ius gentium

sures.
1.
es
In general terms, although some jurisdictions may differ on certain aspects, it is found
that liability for intermediaries falls into the following categories. First, the most basic is
fringing act. Both primary infringement and accessory liability expose the wrongdoer to
ary to be either a primary infringer or an accessory. Primary infringement is generally

strict liability, whereas both accessory liability and intermediary liability involve a mental
element, usually some form of knowledge.5
Although primary liability is in principle available, especially when the intermediaries use
trade marks in their online advertising,6
(p. 371)
their business of offering their services online.7
It is of interest to note that throughout different jurisdictions in the world there are three
ly.8
First, across all jurisdictions, intermediaries are not liable for accessory liability9 if they
had no knowledge of the specific infringement in question, subject to a finding of wilful
blindness.10
Page 2 of 14

wrongdoer.11 In other words, accessory liability is liability that is dependent on the prior
liability of another party.12
Secondly, an intermediary who fails to take measures expeditiously upon gaining specific
ability.13 Generally speaking, safe harbour provisions refer to rules which grant immunity
to intermediaries from liability for damages under certain conditions. While the loss of
safe harbour protection will not result in an automatic finding of liability, the underlying
tions.14
vide a defence to an injunction.
Thirdly, there is increasing recognition of the availability of blocking injunctions against
rightholders in stopping and preventing further infringement. Website-blocking orders

are confined to taking proportionate measures and whether they are necessary (p. 372)
and effective, among other requirements.15
ferences in the extent of preventative action required, there appears to be a common red
mediaries. As a result, the scope of blocking injunctions is typically confined to taking

preventative measures against the specific trade mark violation identified by the
rightholder in the initial notice.
intermediary responsibility: upon notice of a specific infringement, an internet service
fringement brought to their attention

First, from the term ratio decidendi
based. Secondly, the word for reasonable is rationabile
ias
same circumstances by the responsible party. Both these standards, and especially the
of jurisdictions as a common thread.16
dence and the bonus pater familias standard in civil law. The value of recognizing this
forcement which is vital in effectively addressing the challenge of counterfeiting in the

borderless online environment. While formal harmonization of legal standards would be
procedurally challenging, it is a suggested that this framework could take the form of a
Page 3 of 14

gitimate interests at play: the property interests of rightholders in their trade marks, the
freedom of ISPs to conduct their business, the freedom of expression of internet users
and intermediaries,17 and data protection and privacy interests.18 As Professor (p. 373)
Dinwoodie points out, the need to balance these principles was identified in the European
context by the decision of the Court of Justice of the European Union (CJEU) in Telekabel.19
This reasoning also appears to underpin the judgment of Sullivan J in Tiffany v eBay,
which held that eBay had implemented anti-counterfeiting measures as soon as it was
eBay could have done more to prevent the sale of counterfeit goods on its platform. This
adapt can change over time.
20
Since the 2011 case of E-Land International v Taobao, the Chinese courts
have gone further and established that the standard of reasonable care, which excuses
the service provider from indirect liability, requires more than simply compliance with a
21
Service providers must take a more stringent and
available on the website); limiting the use of the website (by prohibiting the seller from
selling certain products) and,22 as a last resort, banning the online seller from using the
23
The shift seen in Chinese courts was also accompanied by further policy measures. The
Circular of the Ministry of Commerce imposed several duties on the online intermediaries
inquiry system; (ii) adopt technical measures to monitor IPR infringements; (iii) improve
pute resolution, compensation, process monitoring; (iv) institute a daily online inspection
lations of regulations and laws; and (vii) report serious cases to the competent authorities
24
These measures were reiterated in the Administrative Measures for
Online Trading by the State Administration for Industry and Commerce in 2014.25
(p. 374) Cases
26
be tailored to the specific parties in question. This is important as it allows the principle
Page 4 of 14

to account for platform differentiation. The diversity of platforms and ways trade marks
are used on different platforms makes a one-size-fits-all approach inappropriate.27
ests in relation to less commercially oriented products. Similarly, measures appropriate
posed on one that is a smaller provider with fewer resources. A series of judgments by
Lord Justice Arnold imposing blocking orders requiring ISPs to block access to infringing
websites in the UK demonstrates the virtues of adopting a flexible standard. Lord Justice
Arnold has devised mechanisms to assuage concerns of both intermediaries and internet
lem.28
29
while also recognizing IP
with other non-infringing users.30
It remains to be seen how the relatively new Article 17 of the EU Directive on Copyright
fringement liability for online user-generated content platforms.31

ftleben points out, this new strict liability of platforms for infringing content places a
heavy burden on them.32 Also, in future, platforms may in these new circumstances no
1.1 Injunctions for Blocking Websites by ISPs
Another emerging trend is the recognition of the possibility of issuing an injunction

against an ISP (a blocking injunction), who although innocent of trade mark infringement
(p. 375)
ment. The most notable developments have recently been seen in the UK.33
rope, both Australia34 and Singapore35
ing; however, this has only been applied in the copyright context thus far.36
In the UK, there is no specific legislative provision stipulating for the issuing of blocking
orders in the case of trade mark infringement. Although there is no statutory provision
like section 97(A) of the Copyright, Designs and Patents Act 1988 for copyright, courts
have found power to issue blocking orders in online trade mark counterfeit cases based
on the broad powers of section 37 of the Senior Courts Act 1981,37
obligation under Article 11 of the Enforcement Directive to provide such injunctions. This
was established in the case of Cartier, which has been confirmed by the Supreme Court.38
vices were being used to infringe a trade mark is based on four conditions:39 (1) the ISP is
40
(2) the
Page 5 of 14

the
ISP had actual knowledge of this.
In principle, IP address blocking can be proportionate, if the right procedure is

followed.41
tionality analysis:42 (1) the comparative importance of the rights that were engaged and
sures which were less onerous; (3) the efficacy of the measures that the order required
sures, and in particular the costs of implementing the measures; (5) the dissuasiveness of
those measures; (6) the impact of those measures on lawful users of the internet; and (6)
the substitutability of other websites for the target websites.
2. The Ius Gentium

(p. 376)
International Common Approaches

In response to an increase in online sales of counterfeit products, online intermediaries
and rightholders have, to some extent, engaged in voluntary cooperation,43 which has
proved to be successful, albeit not fully effective, in stopping online counterfeit sales.
These measures are either designed by online intermediaries themselves,44
operation with rightholders,45 or supported by states and their administrative
authorities.46
In effect, a ius gentium of common principles or international common approaches have
proaches to voluntary measures that this chapter will proceed to highlight in more detail.
This is aligned with calls, such as that by Knud Wallberg, for the development of a code of
conduct for voluntary measures relating to counterfeit goods in the context of the cross-
border, multi-jurisdictional environment of digital marketplaces.47
First, online intermediaries have developed initiatives to voluntarily remove counterfeit
diaries have voluntarily engaged in extensive proactive monitoring of uploaded listings
terfeit listings from being displayed (digital fingerprinting). Fourthly, intermediaries have
measures to target payment processors for online traders who engage in the sale (p. 377)
of counterfeit goods.48 In some instances, intermediaries have, as a natural next step to
rightholders to find the sellers of counterfeit products and stop the problem at source.
Page 6 of 14

cludes being able to limit listings to a pre-approved list of sellers.49

istry systems serve as prima facie evidence of rights ownership, facilitating the speedy
vertising codes of practice have been developed to discourage illegal content online. This
50
aries have also engaged in the education of users and businesses through educational
campaigns, and at the time of uploading.51
gence and machine learning are not a silver bullet for solving the counterfeit problem. As
fringement and potentially more challenging for the police.52

ment relies on identifying unauthorized copies, and this is mainly a matter of finding an
exact match or close match on a reference file, at which automated systems are adept.
ten not available for inspection) and the advertisement or listing. Sophisticated criminals
list counterfeits using pictures of the authentic products, real descriptions, and at prices
stance, optical-image or character-recognition technology could be circumvented by

counterfeiters who use images of genuine products in their listings.
(p. 378) Furthermore, as Chen notes, even rightholders struggle to distinguish between
online listings which contain legitimate second-hand or grey goods and counterfeits.53
tomated systems that are in the early stages of development and the accuracy of which
continues to improve over time. Moreover, these measures ultimately fail to address the
actual source of the problem: the pirates and counterfeiters themselves.
In summary, on the crucial point of constructive cooperation, as noted in the Financial

Times
counterfeits daily? That there is a plethora of fakes online is glaringly obvious. Who then
is responsible for removing the counterfeit products listed on (platforms). As in so many
walks of life, the answer lies in the constructive co-operation. The answer for assessing
gether and share the responsibility to stop fakes, like wildfire, to avoid a restraint on the
54
Page 7 of 14

2.1 Freedom of Expression, Competition, and Data Protection
While one of the main objectives of voluntary measures, codes of practice, or other soft
the main actors involved in such procedures.55 These fundamental rights include freedom
56
of opposing fundamental interests to arrive at an appropriate demarcation of
an absolutist starting point is both unrealistic and unreasonable. Rights have boundaries
anced against freedom of expression, and lawful competition.
Trade mark law can be misused by some rightholders to shut down competition from non-
preferred resellers of genuine products and to control distribution channels.57
bished, or genuine goods, and commentary on rightholders.58 Analogous concerns have

been (p. 379)
dom of expression and information.59 Therefore, it is important that safeguards are in
ferred resellers of genuine products, and to control distribution channels. Safeguards

could include penalties for misuse, counter-notice procedures, and greater transparency.
and checklist of authentic versus counterfeit for platforms, domain name registrars, law
enforcement, and administrative authorities to use as a source and provenance reference,
and not to control the distribution of or interfere with the sale of genuine goods.
But like all such rights, freedom of expression and competition, rights also have their own
limits if abused.60
serves to protect both consumers from deception and confusion over trade symbols and
61
This tenet of trade mark law also
applies when a counterfeiter uses a trade mark to deceive and lure web customers to its
As a form of fraud, counterfeits usually raise no free speech issues. As the US Supreme
Court and a number of other courts around the world have stipulated, deceptive speech is
not protected speech.62 Although there is an indisputable need to protect the privacy of
individuals, there must also be an acknowledgement that the individuals and businesses
that hide behind the rubric of free expression to conceal bad acts should not be allowed
to remove speech that, on its face, engages freedom of expression values, it is an order to
Page 8 of 14

cepted that freedom of expression requires the facilitation of the unlawful sale of
63

As anyone in charge of enforcement efforts will attest, the lack of uniform international
guidelines has made tackling counterfeits in a borderless digital environment even more
challenging. Nonetheless, even though trade marks are territorial, a well-developed set of
64
Equally, the internet needs an approach to enforcement of trade mark rights
that can extend internationally. Effective measures can only be implemented if consistent,
cross-border technical and legal standards are developed and implemented. As it stands
now, the better options are the further development of the ius gentium
Notes:
(*) Substantially drawn (with updates to 2018) from my Study on Approaches to Online
Trademark Infringement, WIPO/ACE/12/9 REV.2. I wish to express my gratitude to
Law) for her invaluable research and contribution to this chapter.
(1
(2
WIPO Magazine, April 2011) <http://www.wipo.int/wipo_magazine/
en/2011/02/article_0007.html#5>.
(3 Financial Times,
17 July 2008) <https://www.ft.com/content/e694a4fe-5426-11dd-aa78-000077b07658>.
(4
Financial Times, 8 June 2016) <https://www.ft.com/content/
d838b4fc-2698-11e6-8ba3-cdd781d02d89> See also Mostert (n. 3).
(5
14.
(6) In the United States, liability based on s. 43(a) of the Lanham Act; Tiffany v eBay, 600
Page 9 of 14

(7
532.
(8
theoretical clashes between the European national systems might be considerable, in
European Intermediary Liability in Copyright: A Tort-

Based Analysis
(9) While different terms have been used to refer to this concept across jurisdictions, the
substance remains the same. Other terms that have been used internationally include
(10) Tiffany v eBay
ed mark, it may not shield itself from learning of the particular infringing transactions by
Louis Vuitton Malletier SA v Akanoc Solutions Inc.,
658 F.3d 936, 1108 (9th Cir. 2011) (US).
(11
(12
edge will be held liable as an accessory, as an additional component of intent or gross
(13) This may vary depending on the nature of the intermediary. E.g. caching and mere
edge of infringement.
(14) e.g. the principles of joint tortfeasance in the UK or the application of arts 1382 and
1383 of the Civil Code in France.
(15) See n. 36.
(16 bonus
medius interretialis
(17) The freedom of expression of intermediaries was considered by the European Court
of Human Rights in Delfi AS v Estonia [GC] App. no. 64569/09 (ECtHR, 16 June 2015);
Magyar Tartalomszolgáltatók Egyesülete and Index.hu Zrt v Hungary App. no. 22947/13
(ECtHR, 2 February 2016); and Pihl v Sweden (Decision) App. no. 74742/14 (ECtHR, 7
February 2017).
(18) Data protection rights were considered by the CJEU in C-70/10 Scarlet Extended SA v
Société belge des auteurs, compositeurs et éditeurs SCRL (SABAM) [2011] ECLI:EU:C:
2011:771; C-360/10 Belgische Vereniging van Auteurs, Componisten en Uitgevers CVBA
Page 10 of 14

(SABAM) v Netlog NV [2012] ECLI:EU:C:2012:85; and C-230/16 Coty Germany GmbH v
Parfümerie Akzente GmbH [2017] ECLI:EU:C:2017:941. Privacy rights were considered in
C-275/06 Productores de Música de España (Promusicae) v Telefónica de España SAU
[2008] ECLI:EU:C:2008:54. This will certainly be relevant where the court is examining
information disclosure orders.
(19
Secondary Liability of Internet Service
Providers
(20
(21 E-Land International Fashion

(Shanghai) Co. Ltd v Du Guofa and Zhejiang Taobao Internet Co. Ltd [25 April 2011] case
no. 40 (Ch.).
(22
(23) ibid.
(24) ibid.
(25) ibid.
(26) See Chapter 14

volving Networks [13 April 2016].
(27
16.
(28
(29) ibid. 62.
(30) See Dramatico Entertainment Ltd v British Sky Broadcasting Ltd [2012] EWHC 1152
(Ch) [13] (Arnold J) (UK).
(31
(2019) 4 <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3354494>.
(32
SSRN Research Paper no. 3367219 (2019) 17 <https://papers.ssrn.com/sol3/papers.cfm?

Page 11 of 14

(33
(34) See Copyright Amendment (Online Infringement) Act 2015 (Aus.).
(35) See Copyright Amendment Act 2014 (Sing.).
(36) See Roadshow Films Pty Ltd v Telstra Corp. Ltd [2016] FCA 1503 (Aus.). See also
Lexology, 7 February 2017)
<http://www.lexology.com/library/detail.aspx?g=fdd9555c-8c11-44b0-
b3e9-514165652778>.
(37) See Cartier International AG & Others v British Sky Broadcasting Ltd & Others
[2016] EWCA Civ 658 [72] (UK).
(38) See Cartier International AG & Others v British Telecommunications Plc & Another
[2018] UKSC 28 (UK).
(39) See Cartier (n. 36) [139].
2004 on the enforcement of intellectual property rights [2004] OJ L157/16.
(41
of Appeal in Cartier
(42) ibid. [162] ff.
(43) Mostert (n 5).
(44
on Voluntary Collaboration Practices in Addressing Online Infringements of Trade Mark
(hereafter EUIPO Study 2016).
(45
the Federation of the Swiss Watch Industry in the Area of Preventative Actions to Address
(46
dustry and Commerce, 2014) in Art. 6 encourage online commodity dealers and relevant
service providers to form industry organizations and conventions, to promote industry
ment Directive on codes of practice to prevent IP infringement. This led to the signing of
a Memorandum of Understanding on the Sale of Counterfeit Goods (signed on 4 May
Page 12 of 14

2011, now revised and open for signature since 21 June 2016). See EUIPO Study 2016 (n.
43) 16.
(47
(48
tive and portal programme, later named RogueBlock as discussed in EUIPO Study 2016
WIPO/ACE/11/8.
(49
patibility of these measures with competition law.
(50) See Austrian Ethics Code for the Advertising Industry (2014); UK principles of good
been initiated in Austria, Denmark, France, Italy, the Netherlands, Poland, Slovakia, and
the UK.
(51) e.g. individuals who attempt to list an item that contains a particularly sensitive
regarding the sale of counterfeits as a deterrent.
(52
11, fn. 60.
(53) ibid. 11, fn. 61.
(54) Mostert (n. 3).
(55
(56
(57) See Mostert (n. 26).
(58) ibid.
Page 13 of 14

(59
<https://www.ivir.nl/publicaties/download/
codes_of_conduct_and_copyright_pragmatism:v_principle.pdf>.
(60 Intellectual
Property Magazine
(61) Thomas McCarthy, Trademarks and Unfair Competition

tion 2:1.
(62
Supreme Court has earmarked as unprotected speech under the First Amendment. See
Friedman v Rogers, 440 US 1 (1979). See also Canadian Supreme Court in R v Oakes
sonable limitations on rights and freedoms through legislation if it can be demonstrably

justified in a free and democratic society) and the European Commission on Human
Rights in X and Church of Scientology [1979] 16 DR 68 [79] (finding that misleading or
deceptive commercial expression deserves the least protection).
(63) Google Inc. v Equustek Solutions Inc. 2017 SCC 34 [42] (Abella J) (Can.).
(64
http://www.wipo.int/edocs/pubdocs/en/marks/833/
pub833.pdf>.
Frederick Mostert
Frederick Mostert is Professor of Intellectual Property at the Dickson Poon School of
search Centre. Email: frederick.mostert@kcl.ac.uk.
Page 14 of 14

Secondary Copyright Infringement Liability and User-Generated Content in
the United States
Secondary Copyright Infringement Liability and User-

Generated Content in the United States
Jack Lerner

In the United States, the question of whether and when online service providers can be
held liable for copyright infringement committed by their users has been one of the most
heavily litigated controversies of the digital age. This chapter answers these questions by
reviewing the common law doctrine of secondary copyright infringement and all relevant
case law behind it. It focuses on the interpretation of the Digital Millennium Copyright
iour, and inducement. This chapter focuses in particular on user-generated content (UGC)
plemented more than two decades ago and runs a comparative analysis with other similar
international legislative frameworks.
Keywords: Vicarious liability, active inducement, contributory liability, UGC, user-generated content, peer-to-peer,
file sharing
*
IN the United States, the question of whether and when online service providers can be
held liable for copyright infringement committed by their users has been one of the most
heavily litigated controversies of the digital age. The answer to this question begins with
the common law doctrine of secondary copyright infringement, as articulated by leading
US Supreme Court opinions in Sony Corp. of America v Universal City Studios, Inc. and
MGM v Grokster.1
Digital Millennium Copyright Act (DMCA).2 Section 512 of the DMCA limits secondary
copyright infringement liability for various types of online intermediaries. Over the next
two decades, the entertainment and technology industries waged epic court battles over
Viacom International Inc. v YouTube, Inc.

3
Though controversies (p. 350) around new
Page 1 of 23

the United States
business models and market entrants continue to arise4 and will do so for the foreseeable
doctrine5
aries that host user-generated content (UGC). In order for such intermediaries to avail
right Strikes programs abound.6
and companion bills, but none have been fruitful.7 It remains an open question whether
1.
mon Law
The Copyright Act does not expressly hold anyone liable for infringement committed by
ous infringement and contributory infringement. The first, vicarious liability, is based on
the concept of respondeat superior, in which one with significant supervisory authority
rect financial benefit from the infringement.8 The classic example is a dance hall or swap
creased revenue with more infringement.9 Compare that example with that of a landlord
who merely rents a space, does not know about infringing conduct, and exerts no other
control; generally, the former would result in liability while the latter would not.10 (p. 351)
11
Sony Corp. of America v Universal City Studios, Inc. Betamax
on secondary copyright liability as it pertains to technology.12 Universal Studios, Inc. and

others brought suit against Sony for manufacturing video tape recorders (VTRs) that
13
cense their works for broadcast would not object to time-shifting by private viewers, and
Page 2 of 23

the United States
infringement.14
The Betamax
15
In the
eyes of many in the digital technology industry, the holding in the case essentially paved
the way for future technological innovation,16 as innovators felt free to introduce new
pronouncement on secondary liability.
In 1999, Napster, Inc. launched the first major peer-to-peer file-sharing application. Its
MusicShare technology made music files stored on individual computers available
(p. 352)
sic files directly to one another via the internet.17

cations were found to be secondarily liable under both vicarious and contributory liability
the overall, and sometimes close, control of a digital system from the consumer products
at issue in the Betamax case18 19
The question of secondary liability for peer-to-peer technologies came to a head in 2005
with Metro-Goldwyn-Mayer Studios, Inc. v Grokster, Ltd.20 Grokster distributed software
that allowed computer users to share files through peer-to-peer networks, but unlike
Napster it did not operate a central indexing server, and claimed not to be able to tell
whether its users were distributing unauthorized copyrighted music and video files. As
the case made its way to the US Supreme Court, parties and observers alike anticipated
that the Court would revisit the Betamax holding. Instead, the Court left Betamax
sion or other affirmative steps taken to foster infringement, is liable for the resulting acts
21
22
knowledge of infringing potential or of actual infringing uses would not be enough here to
subject a distributor to liability. Nor would ordinary acts incident to product distribution,
such as offering customers technical support or product updates, support liability in
for secondary copyright infringement.23
Page 3 of 23

the United States
contributory infringement survives Grokster

24
and construed Betamax to mean that if the product or service in question is not capable of
25
bility under our jurisprudence may be predicated on actively encouraging (or inducing)
(p. 353)
uting a product distributees use to infringe copyrights, if the product is not capable of
26
Nevertheless, numerous
27
The Grokster and Betamax
lied on Grokster and Betamax in 2007 when it held that a credit card processing company
could not be held liable for processing payments to websites that infringed the copyright
of a magazine publisher,28 and in 2013 when it affirmed a permanent injunction against a
Torrent protocol.29
2. The Digital Millennium Copyright Act
visions created a safe harbour for certain types of online intermediaries.30 In passing the
Online Copyright Liability Limitation Act, which became Title II of the DMCA, Congress
tate to make the necessary investment in the expansion of the speed and capacity of the
Internet. In the ordinary course of their operations service providers must engage in all
31
The Senate
Committee on the Judiciary cited several recent cases involving online service providers
that involved claims of contributory and vicarious copyright liability, and explained that,
(p. 354) these doctrines, the
service provider is protected from monetary damages and most forms of injunctive relief
if it qualifies.32
ity or contributory liability doctrines.
Page 4 of 23

the United States
Section 512 establishes four categories of intermediary activity that are eligible for the
safe harbour:
(a)
viding connections for, material through a system or network controlled or operated
(b)
(c)
storage at the direction of a user of material that resides on a system or network
(d)
taining infringing material or infringing activity, by using information location tools,
search engines and web indexes.
33
vice provider must establish a policy for terminating the accounts of repeat infringers.34
35
The
statute also sets forth a detailed notice-and-takedown regime in which the service
provider must remove infringing content on receiving a notification from the rightholder,
and then must put the content back up on receiving a counter-notification from the user;
36
(p. 355) Congress also made clear that service providers have no obligation to monitor
37
In addition,
not constitute
38
The most vexing requirement for courts and litigants applies to categories (3) and (4) in
vice provider can only qualify for the safe harbour if it:
(A)
(i)
terial on the system or network is infringing;
(ii)
stances from which infringing activity is apparent; or
Page 5 of 23

the United States
(iii) upon obtaining such knowledge or awareness, acts expeditiously to remove,
or disable access to, the material; [and]
(B) does not receive a financial benefit directly attributable to the infringing activity,
ty.39
Hundreds of millions of dollars in legal fees have been spent litigating the meaning of
the service provider know of specific instances of infringement? With respect to subpart
(B), the provision closely resembles the elements for vicarious liability,40
For example, does the ability to take content down and terminate the accounts of repeat
important to keep in mind that notifications of claimed infringement are generally not
larly receive faulty notices.41
pellate cases decided in 2012 and 2013. In Viacom International, Inc. v YouTube, Inc.
panies filed suit against the operator of the UGC video-sharing site YouTube in 2008 for
direct and secondary copyright infringement arising from the presence of clips (p. 356) on
YouTube that originated from Viacom and other copyright holders.42 YouTube claimed the
ther fact-finding.43 In UMG Recordings Inc. v Shelter Capital Partners, Universal Music
Group and other music companies brought suit against Veoh Networks, which operated
Veoh.com, a UGC video-sharing site.44
were protected by the section 512(c) safe harbour.45
2.1
fringing activity, not generalized knowledge that infringing content is present on the site.
that a significant amount of infringing content had been uploaded to the site, and argued
in Viacom
Page 6 of 23

the United States
al of which it has been made aware.46 That obligation contemplates that the service
provider has knowledge or awareness of specific infringing material, the court explained,
47
The court then confronted the question of how actual knowledge differs
from red flag knowledge if both require knowledge of specific instances of infringement.
The difference, the court held
is not between specific and generalized knowledge, but instead between a subjective and
an objective standard. In other words, the actual knowledge provision turns on whether
provision turns on whether the provider was subjectively aware of facts that would have
sions do independent work, and both apply only to specific instances of infringement.48
(p. 357)
49
der granting summary judgment in the light of evidence showing website surveys and
streams contained copyrighted material, and that emails between the YouTube co-
founders showed some awareness of infringing activity on the site.50
quently settled.51
In UMG Recordings, the Ninth Circuit likewise held that section 512(c)(1)(A) requires
ment, the court relied on its earlier decision in A&M Records v Napster Inc., in which it
52
islative history, the court observed that copyright holders are best positioned to identify
53
mine actual or red flag knowledge, and specifies that section 512 does not create an
obligation to monitor or to affirmatively seek facts indicating infringing activity.54 The
section 512(c)(1)(A)(ii): if general knowledge that infringing materials are on the site
55
Page 7 of 23

the United States
2.2 Wilful Blindness
cuit examined this doctrine, and held that it may be applied, when appropriate, to show
knowledge or awareness of specific infringing activity;56
57
willfully blind or engages in conscious avoidance amounting to knowledge where

(p. 358)
the person was aware of a high probability of the fact in dispute and consciously avoided
58
Further, it held, section 512(m) (which makes clear that service
plied, in appropriate circumstances, to demonstrate knowledge or awareness of specific

59
The Ninth Circuit addressed this question
60
the statute, where does wilful blindness fit in? The interpretation most consistent with
section 512 is that if the safe harbour requirements are otherwise met, in order for wilful
blindness to be found the defendant must knowingly commit affirmative acts to avoid
cuits, the evidence the provider is knowingly committing affirmative acts to avoid must be
ment.) Recall that both Viacom and UMG Recordings

fringing content is not enough to overcome the safe harbour if it does not direct the
provider to specific instances. In the light of that directive, it seems clear that wilful
avoidance of general knowledge of infringement, even if that infringement is substantial,
cannot be enough for liability in the section 512 context.
2.3 Right and Ability to Control
Section 512(c)(1)(B) provides that in order for the safe harbour to apply, the service
In both Viacom and UMG Recordings
In UMG Recordings
Page 8 of 23

the United States
gages in acts that are specifically required by [section 512(c)(1)(C) of] the (p. 359) DMCA
61
Instead, the court held after discussing the legislative
62
al ability to locate infringing material and terminate access to it.63 The Second Circuit in
Viacom
than the ability to remove or block access to infringing materials.64
cuit in Viacom observed that until the time of its decision, only one court had found that a
service provider had the right and ability to control infringing activity under section
512(c)(1)(B).65 In Perfect 10 Inc. v Cybernet Ventures Inc., the US District Court for the
Central District of California found control for the purposes of the section where a credit
itored participating sites for infringing content.66 The Second Circuit discussed this case,
and surmised that inducement of copyright infringement67 might also constitute control
68
In the end, both courts held that the service
69
The Second Circuit
also distinguished the right and ability to control requirement in section 512(c)(1)(B)
70
quire monetary payments by either party.71 And though Veoh was vindicated (p. 360) by
the decision in UMG Recordings, the litigation bankrupted the company and its assets
were sold off.72
3. User-Generated Content in The Shadow of

The DMCA and Case Law
sis, little new law on section 512 has been made since Viacom and UMG Recordings. In
UGC entrants, however, still face significant uncertainty. First, there is still some question
as to what constitutes wilful blindness in the section 512 context and how the doctrine
should be applied to UGC sites.73
Page 9 of 23

the United States
victories cost YouTube and Veoh.
Another continuing problem is that section 512 simply contains so many requirements
quires that UGC service providers designate an agent to receive notifications of claimed
infringement registering the agent with the US Copyright Office. In 2016, the Copyright
Office began a switch from paper records to an online registration system and announced
that registrations would be terminated for any providers who had not re-registered by 31
December 2017; service providers also must re-register every three years.74
deed, for some defendants invoking the DMCA safe harbour may be more trouble than it
is worth; in several recent cases, defendants have defeated secondary liability claims at
the summary judgment stage without invoking section 512.75
(p. 361) download via

76
peer-to-peer networks such as BitTorrent. In addition, rightholders devote substantial
resources to finding and removing content on UGC sites. According to Google, in 2017
77
This represents
tent ID program.78
3.1 Technological Measures
In addition to the measures required by the DMCA such as terminating the accounts of
repeat infringers, today many UGC sites go further by using technological measures to
among video-streaming sites79 it has been the subject of great debate. For works that are
dio content to other uploads on the site.80 Rightholders need to apply for the program,
which requires evidence that the rightholder owns the works in question.81
ries of consequences for users including temporary suspension of some privileges and
eventual account termination.82
ties as copyright strikes; when such a claim is issued, rightholders may choose to divert
the advertising revenue to themselves, mute the audio of the file in question, block it on
certain platforms, or block the video entirely or in certain regions.83
Page 10 of 23

the United States
ers, who complain of wrongful claims and unresponsiveness from YouTube. For example,
(p. 362)
84
that received nearly 50 million views. Over a year later, a music company representing
85
Although TheFatRat appealed this claim, he reportedly lost some
monetization of the video.86
trary nature of these copyright claims, and have called for penalties on individuals who
file fraudulent copyright infringement claims against other YouTube creators.87
Other sites have implemented technological tools for detecting copyright infringement,
although rightholders complain that many sites have faulty flagging mechanisms.
and does not implement enough punitive action.88 In 2014, Vimeo began a Copyright
legedly infringing.89
3.2 Government Enforcement Efforts
The US government conducts substantial copyright enforcement efforts directed at online

intermediaries. A major instance of government seizure occurred on 19 January 2012,
right infringement that was costing copyright holders more than $500 million in
revenue.90 The owners of Megaupload were criminally indicted on several counts.
(p. 363)
ample, the US domain names of Rojadirecta, a Spanish website, were seized in January
ed videos. After nineteen months, the government dropped its claim against the site and a
91
4. Policy Activity
There have been numerous attempts at legislative reform and other policymaking activity
since the DMCA was passed in 1998, though Congress has made no major changes to the
statute. This section presents a brief, non-exhaustive92
tive activity towards reform.
Page 11 of 23

the United States
4.1 Stop Online Piracy Act and Companion Bills
stantial copyright infringement.93 The bills would have authorized the Attorney General to
force internet access providers and domain name server operators to block access to and
redirect users away from infringing sites to an Attorney General notice. The bills included
various provisions for that goal, such as court orders to end monetary payments to those
ment platforms94 and court orders requiring that internet (p. 364) service providers (ISPs)
block access to those types of websites.95 The bills would also have imposed stringent
penalties for the unauthorized streaming of copyrighted works.
Opponents of the bills argued that they would stifle innovation and the First
internet censorship.96 In response to the bills, on 18 January 2012 thousands of websites
ed protest against the bills in the form of a service blackout.97 Millions of people signed
petitions in protest, and thousands called or emailed members of Congress to indicate
their opposition to the bills. After the protest, many members of Congress rescinded their
support for the bills, and they were withdrawn.98
4.2 US Department of Commerce Internet Policy Task Force
In 2010, the Department of Commerce formed the Internet Policy Task Force, comprising
several bureaus in the department including the US Patent and Trademark Office and the
99
Over the next several years,
copyright and the Internet, identifying important issues that are being addressed by the
tions pertinent to secondary copyright infringement liability online.100
Among other suggestions, the Task Force recommended improvement of enforcement
production and distribution; further study of statutory damages in the (p. 365) context of
vate sector initiatives to improve online enforcement; and public education and outreach
Page 12 of 23

the United States
efforts to inform consumers about both rights and exceptions and to encourage the use of
legitimate online services.101
The Task Force also recommended a multistakeholder forum to develop best practices for
service providers aimed at improving the operation of the notice-and-takedown system
under the DMCA.102
tice senders.103
4.3 US House Judiciary Committee Copyright Review
right law104 and convened twenty hearings lasting several years.105 Among other policy
right Office host a small claims system to handle low-value infringement cases as well as
bad faith section 512 takedown notices.106
44 US Copyright Office Study
107
The study sought
(p. 366)
ies. At the time of writing, the study is ongoing.
5. Secondary Copyright Infringement Liability

for Online Intermediaries Outside the United
States
5.1 International Treaties and Trade Agreements
tion 512 exist in numerous other nations, and are found in many trade agreements into
which the United States has entered, and many other trade agreements.108 These include
109 110
the
111
Agreement.112
Page 13 of 23

the United States
The Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP), a
trade agreement between Pacific rim countries, requires the parties to limit liability along
lines similar to section 512.113
5.2 European Union
lar to those found in the section 512 safe harbour.114 Articles 12 and 13 direct (p. 367)
infringing content.115
The EU Copyright Directive,116

ability, but beginning in 2016 the EU began considering a comprehensive update to the
rective on Copyright in the Digital Single Market was approved in April 2019.117 The new
Directive explicitly withdraws Article 14 of the e-Commerce Directive as it pertains to
copyright and imposes new requirements on UGC sites. These include that the service
118
been extremely controversial.119
6. Conclusions
diaries was one of the most controversial, uncertain, and fast-changing areas of the law.
Recent years have been relatively calm as reform activity and litigation seemed to slow
(though they have certainly not stopped). Still, unauthorized streaming and downloading
portant components of the entertainment ecosystem. Meanwhile, many (p. 368)

lished UGC providers have chosen for practical reasons to take more active steps than
the law requires to combat infringement, including working with content providers and
using technological tools to find and remove infringing content. In the United States, new
Page 14 of 23

the United States
down notices expeditiously and actively seek to remove infringing content.
Though reform activity has slowed in the United States, that could change at any time. In
gle Market represents a stunning withdrawal from a broad international consensus in
tempts to modify section 512. In addition, as large platforms like Facebook and YouTube
cal balance of power could shift in ways that would embolden critics of section 512.
bly always be tenuous; for this reason, scholars and practitioners should keep abreast of
current developments in secondary copyright infringement liability and understand how
UGC providers and other intermediaries deal with infringement on their sites.
Notes:
(*
tance, Giancarlo Frosio for his patient editing, and Andrew Bridges and Eric Goldman for
their comments on this topic.
(1) See Sony Corp. v Universal City Studios Inc., 464 US 417 (1984) (US); MGM Studios
Inc. v Grokster Ltd, 545 US 913 (2005) (US).
(2) See Digital Millennium Copyright Act, Pub. L. no. 105-304, § 103, 112 Stat. 2860
(1998) (US).
(3 Gigaom, 15
July 2010) <https://gigaom.com/2010/07/15/googles-viacom-suit-legal-fees-100-million/>.
See generally Viacom Intern Inc. v YouTube Inc., 676 F.3d 19 (2d Cir. 2012) (US).
(4) See e.g. Capitol Records LLC v ReDigi Inc., 934 F.Supp.2d 640 (SDNY 2013) (US). In
addition, infringement suits against service providers continue. See e.g. BMG Rights
, 881 F.3d 293 (4th Cir. 2018) (US);
ical Society v Researchgate GBMH, no. 8:18-cv-03019-GJH (D Md. 2018) (US).
(5) See the discussion of wilful blindness in Section 2.2.
(6) See the discussion of technical measures in Section 3.1.
(7) In fact, some attempts at reform (e.g. the introduction of the Stop Online Piracy Act
CBS News, 18 January 2012) <https://www.cbsnews.com/news/

sopa-pipa-what-you-need-to-know/>. See later for discussion of attempts at reform.
Page 15 of 23

the United States
(8) See Fonovisa Inc. v Cherry Auction Inc., 76 F.3d 259, 262 (9th Cir. 1996) (US) (holding
ceived attendance fees, and attendance increased with infringing vendors).
(9) ibid.
(10) ibid.
(11) Fonovisa MGM v Grokster

arguably reformulated the contributory infringement standard to apply when a party is
MGM v Grokster (n. 1) 943

(Ginsburg, J., concurring).
(12) Sony (n. 1).
(13) ibid. 442.
(14
A&M
Records, Inc. v Napster, Inc., 239 F.3d 1004, 1021 (9th Cir. 2001).
(15
Reuters, 20 April 2014) <https://www.reuters.com/article/us-usa-
court-ip/echo-of-1984-betamax-landmark-in-u-s-high-court-aereo-tv-fight-
idUSBREA3F1YK20140420
Marquette University Law School
Faculty Blog, 1 November 2010) <https://law.marquette.edu/facultyblog/2010/11/01/the-
dios-1984/>.
(16 New York

Times, 26 March 2013) <https://www.nytimes.com/2013/03/27/business/in-a-copyright-
ruling-the-lingering-legacy-of-the-betamax.html>.
(17) See A&M Records Inc. v Napster Inc., 239 F.3d 1004 (9th Cir. 2001) (US).
(18) See In re Aimster Copyright Litigation, 334 F.3d 643, 648 (7th Cir. 2003) (US).
(19) ibid. 650; A&M Records (n. 17) 1020.
(20) See MGM Studios (n. 1).
(21
(22) ibid. 936.
(23) See MGM Studios (n. 1); In re Aimster (n. 18); A&M Records (n. 17).
Page 16 of 23

the United States
(24) See MGM Studios (n. 1) 930.
(25) ibid. 932.
(26) ibid. 942. See also ., No. 3:16-
mulation and declining to apply earlier standard).
(27) In Perfect 10, Inc. v Amazon.com, Inc.

court attempted to square the Grokster
actual
knowledge that specific
ple measures to prevent further damage to copyrighted works, yet continues to provide
omitted). ibid. 1172.
(28) See , 494 F.3d 788 (9th Cir. 2007) (US).
(29) See Columbia Pictures Indus Inc. v Fung, 710 F.3d 1020 (9th Cir. 2013) (US).
(30) See S. Rep. no. 105-190, 8 (1998) (US) <https://www.congress.gov/105/crpt/srpt190/

CRPT-105srpt190.pdf>. Congress also enacted special legal protections against and
remedies for circumventing technological measures such as encryption and password
(31) ibid. 8.
(32) ibid. 19.
(33) 17 USC § 512(k)(1)(B).
(34) See 17 USC § 512(i)(1)(A). All service providers must also accommodate and refrain
are developed as an industry-wide standard, § 512(i)(2). No such standard has ever been
promulgated for UGC sites that offer music or video.
(35) See 17 USC § 512(c)(2).
(36) ibid. § 512(c), (g).
(37) ibid. § 512(m)(1).
(38) ibid. § 512(c)(3)(B)(i).
(39) ibid. § 512(c), (d).
Page 17 of 23

the United States
(40) See Fonovisa (n. 7).
(41
2017), available at SSRN: <https://ssrn.com/abstract=2755628 or http://dx.doi.org/

10.2139/ssrn.2755628>.
(42) See , 676 F.3d 19 (2d Cir. 2012) (US).
(43) ibid.
(44) See UMG Recordings Inc. v Shelter Capital Partners LLC, 718 F.3d 1006 (9th Cir.
2013) (US).
(45) ibid.
(46) See Viacom (n. 42) 30.
(47) ibid. 31 (quoting 17 USC § 512(c)(1)(A)(iii)) (emphasis in original).
(48) ibid. 31. In UMG Recordings

UMG Recordings (n. 44) 1025.
(49) ibid. 32.
(50
(51 Reuters,
14 March 2014) <
com-settle-landmark-youtube-lawsuit-idUSBREA2H11220140318>.
(52) UMG Recordings (n. 44) 1021 (quoting A&M Records (n. 17)).
(53) ibid. 1022.
(54) ibid. 1022 (citing 17 USC §§ 512(c)(3)(B)(i) and 512(m)).
(55) ibid. 1024.
(56) ibid. 1023; Viacom
(57) ibid.
(58) ibid. 35 (internal quotations omitted).
(59) ibid.
(60) UMG Recordings (n. 44) 1023.
Page 18 of 23

the United States
(61) ibid. 1029 citing Ellison v Robertson
UMG Recordings Inc. v Veoh Networks Inc., 665 F.Supp.2d 1099, 1113.
(62) ibid. 1028.
(63) ibid.
(64) Viacom (n. 42) 38.
(65) ibid. 37.
(66) Perfect 10 Inc. v Cybernet Ventures Inc., 213 F.Supp.2d 1146, 1173, 1182 (CD Cal.
2002) (US). Since Viacom and UMG Recordings were decided, one other court has found
the right and ability to control in the s. 512 context: SunFrog LLC
ketplace where third party sellers uploaded designs and logos onto clothing and other
items and sold them. The court denied a motion to dismiss based in part on a finding that
like other marketplaces like eBay that do not print, ship, inspect, and promote the goods
it sells. See H-D USA LLC v SunFrog LLC, 282 F.Supp.3d 1055, 1062 (ED Wis. 2017) (US)
citing Hendrickson v eBay Inc., 165 F.Supp.2d 1082, 1094 (CD Cal. 2001).
(67) See MGM Studios (n. 1).
(68) Viacom (n. 42) 38 quoting MGM Studios (n. 1) 937.
(69) ibid.; UMG Recordings (n. 44) 1030 (quoting Viacom).
(70) Viacom (n. 42) 38.
(71) See Stempel (n. 50).
(72
Wired, 12 February 2010) <
ruptcy-after-fending-off-infringement-charges/>.
(73
Technology and Marketing Law Blog, 5 March 2019) <https://
blog.ericgoldman.org/archives/2019/03/its-really-hard-to-win-a-motion-to-dismiss-based-
on-512c-myeress-v-buzzfeed.htm
Intell. Prop. L. & Mgmt 195 (2014).
(74) See 37 CFR Part 201 <https://s3.amazonaws.com/public-

inspection.federalregister.gov/2016-26257.pdf>.
Page 19 of 23

the United States
(75) See ., 847 F.3d 657 (9th Cir.
2017).
(76
The Guardian, 9 October 2018) <https://www.theguardian.com/
music/2018/oct/09/more-than-one-third-global-music-consumers-pirate-music>; Digital
(77
2017) <https://srn.com/abstract=2755628>.
(78) Google.com (n. 77) 23.
(79) See Alexa <https://www.alexa.com/siteinfo/youtube.com>.
(80 https://support.google.com/youtube/answer/2797370>;
Audiosocket, 1 May 2018) <https://
www.audiosocket.com/blog/youtube-content-id>.
(81
swer/6005923>.
2814000>.
6013276>.
(84
The Daily Dot, 18 December 2018) <https://www.dailydot.com/upstream/
youtube-copyright-claims-thefatrat>.
(85) ibid.
(86) ibid.
(87
Digital Music News, 29 February 2016) <https://www.digitalmusicnews.com/
2016/02/29/youtube-alters-response-to-takedown-complaints>.
(88
Business Insider, 6 May 2015)
Page 20 of 23

the United States
<https://www.businessinsider.com/facebook-copyright-infringement-facebook-content-id-
celebrities-2015-5 https://
www.facebook.com/help/400287850027717>.
(89) See Andrew Flanagan, Vimeo to Launch Music Copyright ID System (Exclusive) (
board Biz, 21 May 2014) <https://www.billboard.com/biz/articles/news/digital-and-mobile/
6092241/vimeo-to-launch-music-copyright-id-system-exclusive
https://vimeo.zendesk.com/hc/en-us/
articles/224821367-How-do-Vimeo-moderators-decide-if-a-video-qualifies-as-fair-use->.
(90 USA Today, 20

January 2012) <
pload-feds-shutdown/52678528/1>.
(91
Wired, 29 August 2012) <https://www.wired.com/2012/08/domain-
names-returned>. In November 2010, the domain to Dajaz1.com, a hip-hop blog, was
seized based on allegations that Dajaz1 posted unreleased songs on the site in violation of
copyright. The owner of Dajaz1 claimed, however, that he received those songs as a
means of promotion by artists and record companies. After a full year, the government
New York Times, 6 May 2012)

<https://www.nytimes.com/2012/05/07/business/media/hip-hop-site-dajaz1s-copyright-
case-ends-in-confusion.html>.
(92
al Property Act, which increased enforcement penalties and funding for enforcement. The
forcement efforts conducted pursuant to the Act are available at <https://

www.justice.gov/iptf/pro-ip-act-reports>.
(93) See Preventing Real Online Threats to Economic Creativity and Theft of Intellectual
Property Act of 2011 (PROTECT IP Act) s. 968, 112th Cong. (2011) (US); Stop Online
Piracy Act (SOPA) HR 3261, 112th Cong. (2011) (US).
(94) ibid.
(95 The Guardian

uary 2012) <https://www.theguardian.com/commentisfree/cifamerica/2012/jan/18/sopa-
blackout-protest-makes-history>.
(96 Forbes
ary 2012) <https://www.forbes.com/sites/larrymagid/2012/01/18/what-are-sopa-and-pipa-
and-why-all-the-fuss/#7dd5986922dd>.
(97) See Condon (n. 7).
Page 21 of 23

the United States
(98
New York Times, 20 January 2012) <
ogy/senate-postpones-piracy-vote.html>.
(99
https://www.uspto.gov/
sites/default/files/news/publications/copyrightgreenpaper.pdf>.
(100) ibid.
(101) ibid.
(102) See Multistakeholder Forum on the DMCA Notice and Takedown System <https://
www.uspto.gov/learning-and-resources/ip-policy/copyright/multistakeholder-forum-dmca-
notice-and-takedown-system>.
(103) See Final Multistakeholder Document on DMCA Notice-and-Takedown Processes:

List of Good, Bad and Situational Practices (April 2015) <
fault/files/documents/DMCA_Good_Bad_and_Situational_Practices_Document-
FINAL.pdf>.
(104
Venturebeat, 24 April
2013) <
diciary-committee-to-conduct-comprehensive-review-of-u-s-copyright-law>: Judiciary
Judiciary.house.gov, 24 April 2013) <https://web.archive.org/web/
nouncescomprehensivereviewofcopyrightlaw>.
(105) See Judiciary Committee, US Copyright Review <https://web.archive.org/web/

20181222082209/https://judiciary.house.gov/issue/us-copyright-law-review/>.
(106) See Judiciary Committee, Reform of the U.S. Copyright Office <https://
web.archive.org/web/20181222185329/https://judiciary.house.gov/wp-content/uploads/
2016/12/Copyright-Reform.pdf>.
(107) See Section 512 Study <https://www.copyright.gov/policy/section512/>; Section 512

Study: Announcement of Public Roundtable, 84 FR 1233-01.
(108) See, for further in-depth discussion, Chapter 9.
(109
(110
(111
(112) See CAFTA, Art. 15.11(27).

Page 22 of 23

the United States
(113) See CPTPP, Art. 18.82. The United States withdrew from a predecessor agreement,
the Trans-Pacific Partnership Agreement, in 2017. The CPTPP incorporates Art. 18.82 of
(114) Directive 2000/31/EC of the European Parliament and of the Council of 17 July 2000
(115) The e-Commerce Directive contains no similar provision for search engines.
(116) Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001
on the harmonisation of certain aspects of copyright and related rights in the information
society [2001] OJ L167/10.
(117) Directive 2019/790/EU of the European Parliament and of the Council of 17 April
tives 96/9/EC and 2001/29/EC [2019] OJ L130/92. See, for further review, Chapters 15
and 28.
(118) ibid. Art. 17(4).
(119
The Verge, 19 June 2018) <
pean-union-parliament-copyright-article-13-upload-filter>.
Jack Lerner
Jack Lerner is a Clinical Professor of Law at the University of California, Irvine

School of Law and Director of the UCI Intellectual Property, Arts, and Technology
Clinic. Email: jlerner@law.uci.edu.
Page 23 of 23

mediaries
Edited by: Giancarlo Frosio
Print Publication Date: May 2020 Subject: Law Online Publication Date: May 2020
(p. ix)
line Intermediaries
IN pursuit of an answer to the online intermediary liability conundrum,
book of Online Intermediary Liability
tributed greatly to this emerging debate in the last few years. I have encountered or
came to know about most of my co-authors a few years ago at the time of my residence at
bility Fellow. The idea for this Handbook was the result of other projects that we have run
together, including the World Intermediary Liability Map, and the need to crystallize an
emerging field of research. This field of research has grown exponentially since this
Handbook was first envisioned. Online intermediary liability has now become a pervasive
issue on the agenda of governments, courts, civil society, and academia and in the last
diaries have followed at an astounding pace.
The role of online service providers (OSPs) is unprecedented in relation to their capacity
1 Online intermediaries mediate human
noted.2 Ubiquitous platforms dictate our daily routine: searching for information on
Google, getting a taxi on Uber, shopping on Amazon Fresh, making payments via PayPal,
collaborating on Google Docs, storing documents on Dropbox, taking up employment
ing pictures on Instagram. In particular, most creative expression today takes place over
communications networks owned by private companies. The decentralized, global nature
of the internet means that almost anyone can present an (p. x) idea, make an assertion,
ple possess multiple connected portable devices. People communicate their experiences
Page 1 of 6

line file repositories (e.g. Flickr, Dropbox, Google Photos), and various kinds of video-
China, en route to become the biggest economy in the world, at the end of 2017, it was
ternet. Goods are traded between businesses and consumers, between consumers, and
between businesses, at enormous online market platforms, such as those of the Alibaba
ally impact how we understand reality and how we interact with each other and with the
text of this kind, intermediaries may be indeed best placed to bring infringements to an
makes infringement of IPRs easy, but makes enforcement of IPRs against the sources of
increasingly find that it is more practical and effective to target online intermediaries
is rarely present at the platform end-point and intermediaries are virtually in all cases not
bated by the anonymity issue in the online world, making it very difficult to track and
(p. xi) Therefore, whether and when access providers and communications platforms like
ary liability matters because the rules of intermediary liability structure the internet.
Page 2 of 6

What internet users can and cannot see and do is largely dictated by the laws that apply
gal framework that governs their duties and that determines the conditions under which
intermediaries:
able
to afford lawyers, compliance costs, and political lobbying. At the other extreme,
sible or impracticable for claimants to enforce their rights, encouraging the

spread of disinformation and other harmful material.
the difficulties in preserving freedom of innovation [and], in terms of competition policy, it
immediate effect on the exercise of fundamental rights on the Internet, particularly in
However, Christophe Geiger and Elena Izyumenko add that:
mediaries themselves. This situation entails a serious risk of intermediary being
available in a perfectly legal manner.
OSPs are subjected to increasing pressure by governments and interest groups which are
seeking to control online content by making use of their technical capacities. In this
(p. xii)
point of control for monitoring, filtering, blocking, and disabling access to content, which
law develops:
Intermediaries occupy a critical regulatory role, because they have the capacity to
Page 3 of 6

lems posed by internet use.
risdictions follow the same path. As Bertrand de La Chapelle and Paul Fehlinger argue,
in which states resort to an extensive interpretation of territoriality criteria over cross-
terests that have very significant consequences for society at large, yet there is limited
tent, especially terrorist, which because of the volume and the speed of its dissemination
it] based on new expectations from governments and civil society as to the role online
Therefore, Niva Elkin-Koren and Maayan Perel conclude that (p. xiii)
To continue this dialogue on the role of online intermediaries in modern society, this
ary liability and platform governance.
The Handbook discusses fundamental legal issues in online intermediary liability, while
also describing advances in intermediary liability theory and identifying recent policy
trends. Part I
sistent development of other chapters as it sets out in advance the most relevant trends
according to which the structure of the book has been generated. Part II
Page 4 of 6

view of remedies. In addition, Part II introduces the discussion of the fundamental rights
implications of intermediary liability and considers the ethical ramifications of the role of
online intermediaries. Part III presents a jurisdictional overview of intermediary liability
safe harbours and highlights systemic fragmentation. In this respect, Part III
cus on enhanced responsibilities that multiple jurisdictions incresingly impose on online
intermediaries. Part IV
mediate liability for copyright, trade mark, unfair competition, and privacy infringement,
V reviews
intermediary liability enforcement strategies by focusing on emerging trends, including
proactive monitoring obligations, blocking orders, and the emergence of administrative
enforcement of online infringement. Part VI discusses an additional core emerging trend
termediary responsibility or accountability. International private law issues are addressed

in Part VII
ations.
Finally, I would like to express my gratitude to my co-authors for completing this truly
thanks also go to the team at Oxford University Press for giving us the opportunity to
publish this volume, helping to define the trajectory that it has finally taken, and for all
the editorial support. I would also like to thank my wife, Hong, and my parents, Nuccia
ness that my family gives to me.
June 2019
Notes:
(1) See Luciano Floridi,

Reality
tions, humans are once again forced to rethink their role as they must now interact with
virtual entities and agent in a wholly new medium, the infosphere).
(2) The following considerations are the result of reflections collected via email exchange
change, which is on file with the author.
(3 https://www.domo.com/learn/data-never-
sleeps-5>. Note that all hyperlinks in the Handbook were last accessed on 10 June 2019.
(4
(ed.), The Future of Copyright in a Digital Environment
Page 5 of 6

fringement online).
Page 6 of 6

The Direct Liability of Intermediaries

Eleonora Rosati
to user activities, including user-uploaded content. The Court of Justice of the European
cation to the public within Article 3(1) of Directive 2001/29, including the 2017 decision
in C-610/15 Stichting Brein (The Pirate Bay case). This chapter explains how the CJEU
has come to consider the possibility of direct liability of intermediaries in relation to user
activities and undertakes a reflection on the implications of said approach, also including
the possibility of extending the reasoning in Stichting Brein to less egregious scenarios
than the Pirate Bay.
Keywords: Europe, intermediary liability, copyright, primary liability, harmonization
*
ONE
ropean Union (CJEU) expressly envisaged the possibility of direct liability for copyright
tive),1 including the 2017 decision in C-610/15 Stichting Brein (The Pirate Bay case).2
This chapter explains how the CJEU has come to consider the possibility of direct liability
tions of said approach, also including the possibility of extending the reasoning in
ing Brein to less egregious scenarios than the Pirate Bay.
Page 1 of 17

1. The right of communication to the public as

construed through case law
tive has been subject to a significant number of referrals since the first ruling in (p. 336)
2006 in C-306/05 SGAE.3
pretation of the Information Society Directive, the CJEU has construed this exclusive
right broadly and in such a way as to encompass, under certain conditions, different types
of acts, including the making available of TV sets in certain contexts, linking to protected
content, the provision of certain types of set-up boxes, indexing activities by a platform,
and cloud-based recording services.4
mulation in Article 11bis of the Berne Convention, as adopted in 1928 and later revised
with the Brussels Act 1948.5
right Treaty supplemented the Berne Convention6
7
The wording of Article 3(1) of the Information Society Directive
is derived from Article 8 of the WIPO Copyright Treaty.8
This provision, in fact, only states that EU:
(p. 337)
hibit any communication to the public of their works, by wire or wireless means,
including the making available to the public of their works in such a way that
members of the public may access them from a place and at a time individually
chosen by them.
to determine the meaning and scope of this concept in the light of the objectives pursued
by the Information Society Directive, notably that of ensuring a high level of protection of
ticle 3(1) of the Information Society Directive, the CJEU has consistently stated that the
ally and in their interaction with one another.9
also because the relevant understanding may change depending on the context.10
de
11
minimis) number of people. In the case of a communication concerning the same works
as those covered by the initial communication and made by the same technical means
Page 2 of 17

the interpretation given by the 1978 WIPO Guide to the Berne Convention of Article 11bis(1)
(iii) of the Berne Convention as first employed by Advocate General La Pergola in his
Opinion in C-293/98 EGEDA,12
ticle 3(1) applicability is the public which was not taken into account by the relevant
rightholder when it authorized the initial communication to the public.13
(p. 338)
also its actual transmission14

cess it, irrespective of whether they avail themselves of such opportunity.15
In cases where the CJEU has held the making available of a work to be sufficient, the
erate intervention on the side of the user/defendant, without which third parties could not
access the work at issue. More specifically, the user performs an act of communication
to a protected work to its customers, and does so, in particular, where, in the absence of
that intervention, their customers would not, in principle, be able to enjoy the work.16 In
17
tion, the Court has recently clarified that an intervention which facilitates
censed content that would otherwise be more difficult to locate qualifies as an essential/
indispensable intervention. Over time, the CJEU has dismissed attempts to interpret this
criterion narrowly. A clear example is C-160/15 GS Media
vocate General Wathelet had excluded tout court that the unauthorized provision of a link
be classified as an act of communication to the public. This would be so on consideration
perlinks posted on a website that direct to copyright works freely accessible on another
tor of the website that posts the hyperlinks is not indispensable to the making available to
users the works in question.18
Another criterion considered by the CJEU is whether or not the user/defendant merely
provides physical facilities. While the mere provision of physical facilities does not
amount to an act of communication to the public (recital 27), the installation of such
(p. 339) facilities may make public access to copyright works technically possible, and
thus fall within the scope of Article 3(1) of the Information Society Directive.19
In addition to the requirements of an act of communication directed to a public, the Court
ria (having no clear textual basis), necessary to undertake an individual assessment of the
Page 3 of 17

grees. They must be applied both individually and in their interaction with one another.20
In C-160/15 GS Media
GS Media,
trality that it acquired in that case: in C-117/15 Reha Training, for instance, the Grand
ever be decisive.21 In GS Media, instead, the Court adopted a rebuttable presumption that
cerned is not illegally published on the website to which those hyperlinks lead, so that it
ed nature of that work and the possible lack of consent to publication on the internet by
22
Overall, in the context of communication to the public by linking,
ement is decisive to determine prima facie liability.23
The operation of this presumption was confirmed in the subsequent ruling in C-527/15
Stichting Brein.24 As discussed in detail elsewhere, it might not be self-evident whether
the presence of a profit-making intention should be assessed in relation to the specific act
lowing GS Media.25 In C-306/05 SGAE, C-403 and 429/08 Football (p. 340)
mier League and Others, and C-117/15 Reha Training, in fact, the Court considered that
the profit-making nature of the communication would be apparent from the fact that the
defendants transmitted the relevant works in their own establishment (hotels, a public
house, and a rehabilitation centre, respectively) in order to benefit therefrom and attract
customers to whom the works transmitted were of interest.26 In C-527/15 Stichting Brein,
the CJEU identified the profit-making intention of the defendant in the circumstance that
the multimedia player being paid in particular to obtain direct access to protected works
27
2.
ing of Acts of Communication to the Public:
The Pirate Bay Case
In its 2017 judgment in C-610/15 Stichting Brein
ciety Directive, and clarified under what conditions the operators of an unlicensed online
platform are potentially liable for copyright infringement. The operators of a platform
Page 4 of 17

that makes available to the public third party uploaded copyright content and provides
functions such as indexing, categorization, deletion, and filtering of content may be liable
tent uploaded by users.
text of litigation between the Dutch anti-piracy foundation BREIN and two internet access
providers regarding the application, by the former, for an order that would require the
latter to block access for their customers to the website of the Pirate Bay. An engine for
er, it operates a system by means of which metadata on protected works which is present
cent) of the files shared on the network of the Pirate Bay (p. 341) contain copyright works
distributed unlawfully.28
The Dutch Supreme Court sought guidance from the CJEU on whether the operators of a
website such as the Pirate Bay are to be regarded as doing acts of communication to the
public within the meaning of Article 3(1). To answer this question, the CJEU noted that
the right of communication to the public, on the one hand, has a preventive character and
must be interpreted broadly and, on the other hand, requires an individual assessment
that depends on the circumstances of the case.29
al Szpunar that in the case at hand there could be no dispute that acts of communication
to the public were being performed,30 31
The point was, however, to determine whether the platform operators were responsible
for them.
Bay were placed online on the platform not by the platform operators but by the users.
vided users with access to the works concerned. They could, therefore, be regarded as
quirement of full knowledge of the relevant facts, this was satisfied by consideration of
vention, it would not be possible, or it would be more difficult, for users to share the
works.
The Court also dismissed the argument that the Pirate Bay operators could be regarded
as providing mere physical facilities for enabling or making a communication, thus falling
Page 5 of 17

ing, categorization, deleting, or filtering activities ruled out any assimilation to the mere
tion for the purposes of Article 3(1).32
that is, a public not taken into account by the copyright holders when they authorized the
Court referred to the fact that the Pirate Bay operators were informed that their platform
ers.33 However, the CJEU did not limit liability to situations (p. 342) of actual knowledge
served how the Pirate Bay operators:
could not be unaware
ferring court, a very large number of torrent files on the online sharing platform
[the Pirate Bay] relate to works published without the consent of the rightholders.
34
the reasoning in the decision in C-324/09 , notably the part in which

the CJEU suggested that the safe harbour in Article 14 of the e-Commerce Directive35
gality in question and acted in accordance with Article 14(1)(b) of that Directive.36
The Court could have limited liability to situations of actual or constructive knowledge (as
difficult to understand the meaning of paragraphs 46 and 47 of the judgment, in which

the CJEU referred to the profit-making intention of the defendants and seemingly linked
that to a finding of prima facie liability:
ment of an online sharing platform, such as that at issue in the main proceedings,
is carried out with the purpose of obtaining profit therefrom, it being clear from
the observations submitted to the Court that that platform generates considerable
advertising revenues.
[47] Therefore, it must be held that the making available and management of an
online sharing platform, such as that at issue in the main proceedings, constitutes
2001/29.
Page 6 of 17

Although it did not refer explicitly to it, the Court had C-160/15 GS Media in mind (the
gether the making available and management of an online sharing platform, the (p. 343)
profit-making intention of their operators, and prima facie liability under Article 3(1). In
particular, the relevant part of that judgment is paragraphs 47 to 54. As in that case, in
Stichting Brein the CJEU implied that the operator of an online platform that does so
37
can be expected to have undertaken all
the necessary checks to ensure that the work concerned is not illegally published on the
website to which those hyperlinks lead, so that it must be presumed that the posting has
occurred with the full knowledge of the protected nature of that work and the possible
38
This interpretation finds support in two additional considerations. The first is that the
reasoning of the Court follows Stichting Brein
judgment, in which the CJEU had concluded that both the indispensable intervention of
der Article 3(1). As mentioned earlier, in Stichting Brein the CJEU confirmed the validity
and application of the GS Media presumption of knowledge. The second consideration is
conduct.
Hence, it is not convincing to suggest that Stichting Brein

ment of situations in which the operators of an online platform that makes available third
tent thus made available, but nonetheless pursue a profit. On the contrary, the decision
follows the same reasoning of the earlier CJEU decisions in GS Media and Stichting Brein:
39
3. Applicability of C-610/15 Stichting Brein to

Less Egregious Scenarios
A long time after the decision in Stichting Brein, it still remains uncertain to what extent
the conclusion reached may be applicable to less egregious scenarios than the Pirate Bay.
(p. 344)
Page 7 of 17

ties are carried out manually or automatically, for example algorithmically: it is sufficient
that a system is put in place to perform those activities. How many platforms would be
caught within such a broad understanding of intervention as incontournable?
National case law has begun emerging, although the issue remains controversial. This is
also due to the fact that it is still uncertain whether the safe harbour for hosting
providers in Article 14 of the e-Commerce Directive is available.40
sis, for the making available of infringing UUC.41 The Regional Court of Hamburg ruled
that the Usenet provider UseNeXT would be liable if it promoted third party unauthorized
making available and sharing of protected content.42
tion to the public.43 The claimant in the latter case is a music producer who sued Google/
mances. In 2008, unauthorized videos featuring such performances were made available
rial was made available once again shortly afterwards. In 2010, the first instance court
maining claims.44 Both the producer and Google/YouTube appealed the decision and in
2015 the appellate court only partly sided with the producer. Most importantly, it rejected
doctrine (a form of accessory liability) under section 97(1) of the Act on Copyright and
Related Rights (Urheberrechtsgesetz, UrhG).45
cided to stay the proceedings and a make a reference for a preliminary ruling to the
CJEU.46 The referral seeks guidance on the question whether the operator of an online
video platform on which users make available to the public copyright protected content
the meaning of Article 3(1) when:
(p. 345)
the platform makes revenue from advertisements, the uploads are an automated
process without any control or checks by the platform before the content goes online;
the platform receives (according to the terms of service) a worldwide, non-exclusive,
and free licence for the uploaded videos for the duration the video is online;
the platform reminds users in the terms of service and during the upload process
Page 8 of 17

platform sorts videos into categories and lists them by ranking, and suggests further
form does not have actual knowledge of illegal activity or information or on obtaining
such knowledge or awareness, acts expeditiously to remove or to disable access to the
information.47
4.
bility and Safe Harbours
The decision in Stichting Brein
ing an autonomous (EU) concept of liability through a process that, according to some
commentators, was initiated as early as in C-466/12 Svensson and Others.48
tions for a finding of liability as a secondary infringer have been left to the legal systems
of individual Member States.49 By introducing a knowledge requirement in the (p. 346)
scope of primary liability, the CJEU has blurred the distinction between what has been
ondary infringement).50 All this is likely to result in practical uncertainties for those EU
jurisdictions with a secondary liability regime, notably liability by authorization.51
The decision in Stichting Brein

ily liable for unauthorized acts of communication to the public can nonetheless invoke the
safe harbour regime available to hosting providers under Article 14 of the e-Commerce
rective and applicability of the e-Commerce Directive safe harbours, while the former is
ity of Articles 12 to 14 of the e-Commerce Directive. By proposing the adoption of the e-

Commerce Directive, the European Commission sought to clarify the responsibility of
providers for transmitting and storing information at the request of third parties; that is,
when providers act as mere intermediaries. Although outside the scope of this chapter, a
cent decisions of the European Court of Human Rights (ECtHR), for example
nia52 and Magyar Tartalomszolgáltatók v Hungary,53
tions the mere provision of a notice-and-takedown system may be insufficient. It appears
that the insulation54 provided by the safe harbour regime does not apply to providers that
go beyond the passive role of an intermediary. This means that a provider that was found
liable for making unauthorized acts of communication to the public would also be likely to
Page 9 of 17

ticle 14 of the e-Commerce Directive.55

sion,56 is supported by both textual references to the wording of the e-Commerce (p. 347)
Directive and CJEU case law.57 Google France and Google, the CJEU
58
terpret the presumption imposed by the CJEU in GS Media as part of a broader obligation
platforms with a profit-making intention would have an ex ante reasonable duty of care
and be subject to an ex post notice-and-takedown system,59 which would also include an
obligation to prevent infringements of the same kind, for example by means of re-uploads
of the same content. Albeit in the different context of intermediary injunctions, the CJEU
has already clarified that requiring a provider to take measures which contribute not just
to bringing to an end existing infringements, but also preventing further infringements of
that type are compatible with Article 15(1) of the e-Commerce Directive as long as the
gitimate trade.60
5. Conclusion
visaged a broad construction of the right of communication to the public. One of the most
significant developments has been holding that the operators of a platform that permit
UUC may, under certain conditions, be deemed to be making acts relevant to Article 3(1)
of the Information Society Directive. The resulting far-reaching issues, which are yet to
be fully worked out, are: first, whether the findings in Stichting Brein can also be applied
tion between (harmonized) primary and (unharmonized) secondary liability still makes
sense; and thirdly, whether the safe harbours protection are even in principle available to
platforms that are deemed to make acts of communication to the public.
(p. 348)
nal questions seems to have been provided in Article 17 of the Directive on Copyright in
the Digital Single Market. That provision, in both the original proposal61
sion adopted by the Council and the European Parliament moves from the assumption
that a platform that gives access to UUC directly performs acts of communication to the
public.62
forms that are potentially liable under Article 3(1) of the Information Society Directive,
tion Society Directive and enjoyment of the insulation provided by Article 14 of the e-
Page 10 of 17

Commerce Directive as complementary or even compatible.63 All of this stands as a
termediaries is already well underway, and judicial and policy discourse are proceedings
64
What remains to be seen is whether the approach
tion of the law as already existing under the Information Society Directive65 or whether,
instead, it is an innovation that provides a new liability regime for a particular type of
will agree.
Notes:
(*) This chapter is partly derived from Chapter 3 of my monograph Copyright and the
Court of Justice of the European Union (OUP 2019).
(2) See C-610/15 Stichting Brein v Ziggo BV and XS4All Internet BV [2017] ECLI:EU:C:
2017:456.
(3) They are (in chronological order): C-306/05 SGAE v Rafael Hoteles [2006] ECLI:EU:C:
2006:764; C-136/09
tikoakoustikon Ergon v Divani Akropolis Anonimi Xenodocheiaki kai Touristiki Etaireai
[2010] ECLI:EU:C:2010:151; C-283/10 [2011]
ECLI:EU:C:2011:772; C-403 and 429/08 Football Association Premier League and Others
v QC Leisure [2011] ECLI:EU:C:2011:631; C-431/09 Airfield and Canal Digitaal v SABAM
[2010] ECLI:EU:C:2011:648; C-135/10 Società Consortile Fonografici (SCF) v Marco Del
Corso [2012] ECLI:EU:C:2012:140; C-162/10 Phonographic Performance (Ireland) Ltd v
Ireland and Attorney General [2012] ECLI:EU:C:2012:141; C-607/11 ITV Broadcasting v
TVCatchup [2012] ECLI:EU:C:2013:147; C-466/12 Nils Svensson and others v Retriever
Sverige AB [2014] ECLI:EU:C:2014:76; C-351/12 OSA [2014] ECLI:EU:C:2014:110;
C-348/13 BestWater International GmbH v Michael Mebes and Stefan Potsch [2014]
ECLI:EU:C:2014:2315; C-279/13 C More Entertainment AB v Linus Sandberg [2014]
ECLI:EU:C:2015:199; C-151/15
co and Others [2015] ECLI:EU:C:2015:468; C-325/14 SBS Belgium v SABAM [2015]
Reha Training v GEMA [2016] ECLI:EU:C:2016:379;
C-160/15 GS Media BV v Sanoma Media Netherlands BV [2016] ECLI:EU:C:2016:644;
C-527/15 Stichting Brein v Jack Frederik Wullems [2017] ECLI:EU:C:2017:300; C-138/16
AKM v Zürs.net Betriebs GmbH [2017] ECLI:EU:C:2017:218; C-610/15 (n. 2); C-265/16
VCAST v RTI [2017] ECLI:EU:C:2017:913; and C-161/17 Land Nordrhein-Westfalen v Dirk
Renckhoff [2018] ECLI:EU:C:2018:634.
Page 11 of 17

(4) According to some commentators, rather than a unified concept of communication to

the public, in its case law the CJEU has created specific sui generis
(5) See World Intellectual Property Organization, Guide to Copyright and Related Rights
Treaties Administered by WIPO and Glossary of Copyright and Related Rights Terms
(2003) BC-11bis.1.
(6
the Appendix to the Berne Convention.
(7
European Copyright
(8
tions of the CJEU) with the United States, which took the position that the existing rights
of distribution and public performance under the US Act were sufficient to comply with
of its new international obligations. See United States Copyright Office, The Making
(February
https://www.copyright.gov/docs/making_available/making-available-
right.pdf>.
(9
C-160/15 (n. 3) para. 34; C-527/15 (n. 3) para. 30; C-610/15 (n. 2) para. 25.
(10
(11) See C-306/05 (n. 3) para. 38; C-135/10 (n. 3) para. 84; C-162/10 (n. 3) para. 33;
C-607/11 (n. 3) para. 32; C-466/12 (n. 3) para. 21; C-351/12 (n. 3) para. 27; C-151/15 (n.
3) para. 19; C-325/14 (n. 3) para. 21; C-160/15 (n. 3) para. 36; C-527/15 (n. 3) para. 45;
C-138/16 (n. 3) para. 24; C-610/15 (n. 3) paras 27 and 42.
(12) C-293/98 EGEDA [1999] ECLI:EU:C:1999:403, Opinion of AG La Pergola, para. 20.
(13) See C-306/05 (n. 3) paras 40 and 42; C-136/09 (n. 3) para. 39; C-403 and 429/08 (n.
3) para. 197; C-431/09 (n. 3) para. 72; C-466/12 (n. 3) para. 24; C-351/12 (n. 3) para. 31;
Page 12 of 17

also required when the specific technical means used is different. On whether terms and
conditions of use of a certain website might be relevant to determine whether the public
Svensson
(14) This appeared to be the case in: C-283/10 (n. 3) para. 40; C-403 and 429/08 (n. 3)
(n. 3) para. 38.
(15) See C-306/05 (n. 3) para. 43; C-466/12 (n. 3) para. 19; C-160/15 (n. 3) para. 27;
C-527/15 (n. 3) para. 36; C-138/16 (n. 3) para. 20; C-610/15 (n. 3) para. 19; C-161/17 (n.
(16) See C-306/05 (n. 3) para. 42; C-403 and 429/08 (n. 3) paras 194 and 195; C-431/09 (n.
C-160/15 (n. 3) para. 35; C-527/15 (n. 3) para. 31; C-610/15 (n. 3) para. 26.
(17) While the original language versions (French) of relevant judgments use the adjective
role. Recently, see also the Opinion of Advocate General Maciej Szpunar in STIM and
(18) Opinion of AG Melchior Wathelet in C-160/15

lands BV
(19
(20) See C-160/15 (n. 3) para. 34, referring to C-135/10 (n. 3) para. 79; C-162/10 (n. 3)
(21
429/08 (n. 3) para. 204. Commenting favourably on the consideration of the profit-making
2013/2 IPQ 166, 182.
(22) C-160/15 (n. 3) para. 51.
Page 13 of 17

(23
(24) See C-527/15 (n. 3) paras 49 and 51.
(25 GS Media and its Implications for the Construction of the Right
After Reha Training and GS Media Where Are We Now and Where Do We Go From
GS
Media
(26
(27) C-527/15 (n. 3) para. 51.
(28) C-610/15 Stichting Brein v Ziggo BV and XS4All Internet BV [2017] ECLI:EU:C:
2017:99, Opinion of AG Szpunar, para. 23.
(29) See C-610/15 (n. 3) para. 22.
(31
(32
(36) See C-324/09 [2011]

Pirate Bay
(37) C-610/15 (n. 2), para. 46.
Page 14 of 17

(38) C-160/15 (n. 3), para. 51.
(39) See contra
(40) For a discussion of selected national experiences (in the EU: France, Germany,
Netherlands, Poland, Spain, Sweden, and the UK), see further the questionnaires in João
<https://www.ivir.nl/publicaties/download/Global-Online-Piracy-Study-Legal-Background-
Report.pdf>.
(41) See Handelsgericht [Commercial Court] Vienna [2018] 11Cg65/14t/56 (Aust.).
(42) See Landgericht [District Court] (LG) Hamburg [2018] 308 O 314/16 (Ger.).
(43) See Bundesgerichtshof [Supreme Court] (BGH)

rechtsverletzungen [2018] I ZR 140/15 (Ger.).
(44) See LG Hamburg [2010] 308 O 27/09 (Ger.).
(45) See Oberlandesgericht [Higher Court] (OLG) Hamburg [2015] 5 U 175/10 (Ger.).
(46) C-682/18 YouTube, pending.
(47) At the time of writing the referral had not yet been assigned a case number nor had
the questions referred been translated into English. For an explanation of the background
The IPKat, 13 September 2018) <http://

ipkitten.blogspot.com/2018/09/breaking-fcj-refers-case-regarding.html>.
(48
(49
of secondary liability can be discerned.
Page 15 of 17

(50 Ziggo: The Pirate Bay Communicates

Kluwer Copyright Blog, 30 June 2017) <http://
copyrightblog.kluweriplaw.com/2017/06/30/cjeu-decision-ziggo-pirate-bay-communicates-
works-public/>.
(51
Secondary Liability of Internet Service
Providers
nominally primary liability that clearly maps in substance to
(52) See Delfi AS v Estonia App. no. 64569/09 (ECtHR, 16 June 2015).
22947/13 (ECtHR, 2 February 2016).
(54) See Jaani Riordan, The Liability of Internet Intermediaries (OUP 2016) para. 12.11.
(55
614.207 (2018), 23.
(56) Arguing that the safe harbour protection would be available in cases of primary and
secondary infringements alike, see Martin Husovec, Injunctions Against Intermediaries in
the European Union: Accountable but not Liable?
port to C-291/13 Papasavvas [2014] ECLI:EU:C:2014:2209 and C-324/09 (n. 36); Christina
Angelopoulos, European Intermediary Liability in Copyright: A Tort-based Analysis
(Wolters Kluwer 2017) 68; Jaani Riordan, The Liability of Internet Intermediaries (OUP
2016) paras 12.11, 12.01, and 12.37.
(57 Google France and Google

[2010] ECLI:EU:C:2010:159, paras 114 and 120.
(58
(59
327, 331.
(60) See C-324/09 (n. 36) paras 139 and 144.
(61
right in the Digital Single Market, COM(2016) 593.
(62) See Directive 2019/790/EU of the European Parliament and of the Council 17 April
Page 16 of 17

tives 96/9/EC and 2001/29/EC [2019] OJ L130/92, Art. 17(1). See also, for a discussion of
Art. 17 of the reform, Chapter 28.
(63) ibid. Art. 17(3).
(64 Pirate Bay Judgment and its Impact
(65
fy
munication to the public or of making available to the public when they give the public
access to copyright-protected works or other protected subject matter uploaded by their
where under Union law, nor does it affect the possible application of Article 3(1) and (2)
(emphasis added).
Eleonora Rosati
Eleonora Rosati is an Associate Professor in Intellectual Property Law at Stockholm

University and an Of Counsel at Bird & Bird. Email: eleonora@e-lawnora.com.
Page 17 of 17

Harmonizing Intermediary Copyright Liability in the EU: A Summary
Harmonizing Intermediary Copyright Liability in the

EU: A Summary
Christina Angelopoulos

sence of a complete EU framework for intermediary accessory copyright liability, Member

States currently rely on home-grown solutions. This chapter examines three examples of
such solutions: those of the UK, France, and Germany. The selected national jurisdictions
dictional approaches to intermediary liability in copyright: intra-copyright solutions, tort-

based solutions, and injunction-based solutions. On the basis of these options, and taking
into account the lessons of existing projects on the harmonization of European tort law, as
well as the case law of the Court of Justice of the European Union, the chapter proposes a
framework for European intermediary liability in copyright. As the chapter explains, this
is informed by existing EU and national law on the copyright, tort, and fundamental
rights level.
Keywords: Europe, copyright, intermediary liability, secondary liability, harmonization, tort law, UK, Germany,
France
INTERMEDIARIES
es an obvious question: what is their responsibility for such infringements?
monizing momentum has picked up at the EU level. Over the past decade, the Court of
pean legislator has also taken action. In spring 2019, the European Parliament and the
Council of the EU approved a new Directive on Copyright in the Digital Single Market.1
Page 1 of 23

tion of the Directive was trailed by heated political debate.
As lawmakers grapple with the economic and policy stakes of intermediary liability, it is
also necessary for legal theorists to consider its doctrinal implications: a legal problem
deserves, first and foremost, a legal solution. In research conducted from 2011 to 2015 at
the Institute for Information Law (IViR) of the University of Amsterdam, I examined
(p. 316) the lessons of European tort law for intermediary liability in copyright.2
net. Given the difficulties encountered in the Member States in constructing a coherent
vides a brief summary of that research.
1. The Current Incomplete EU Framework for

Intermediary Liability in Copyright
erly understanding the current state of harmonization in the area is therefore essential.
The centrepiece of the current EU framework on intermediary liability can be found in
providers from liability in the provision of three types of service: mere conduit, caching,
and hosting.3 The immunities are horizontal, meaning that they apply across a variety of
different areas of law, including copyright. Article 15 of the Directive supplements the
quiring that intermediaries protected by an immunity be subjected to general obligations
cumstances indicating illegal activity.4
In the specific area of copyright, these provisions are complemented by Article 8(3) of the
Information Society Directive (ISD).5 This requires that copyright owners be able, (p. 317)
under national law, to apply for an injunction against intermediaries whose services are
used by third parties to infringe copyright.
Page 2 of 23

of the ISD establishes that Article 8(3) applies to any intermediary that is optimally
placed to bring the infringement to an end.7 This immediately indicates that, under the
tion occurs along the lines of intermediary culpability: injunctions may be issued against
any intermediary, but substantive liability (i.e. for all other available remedies) requires
While the ECD and ISD provisions are of course useful, they do not provide a complete
harmonized framework for intermediary liability. The safe harbours are only negatively
stated, telling Member States when they cannot impose liability on intermediaries, not
when they should. Article 8(3) of the ISD only deals with injunctions. In its case law, the
CJEU has sought to bridge this gap by directing its attention beyond the secondary law of
damental right protected under Article 17(2) of the EU Charter, must be weighed against
other fundamental rights of equal normative value.8 In cases of intermediary liability, the
Court has found these to include the right of the intermediary to conduct its business
(Art. 16 EU Charter) and the rights of its users to their freedom of expression (Art. 11 EU
Charter) and the protection of their privacy and personal data (Arts 7 and 8 EU Charter).
This development has elevated the discussion on intermediary liability to hierarchically
higher legal plains, while also providing a legal basis for harmonized answers on issues of
intermediary liability not covered in the Directives. As (p. 318) a result, fundamental
ary liability.
Court in the area of injunctions. The CJEU established that broad filtering obligations
fringement.9 By contrast, blocking injunctions may be issued against internet access
mation.10
quired of wi-fi providers, the Court concluded that an order to password-protect a wi-fi
network would be possible.11 Finally, in a case concerning trade marks, the CJEU found
that orders may be issued to suspend the primary infringers, as well as to take measures
that make it easier to identify them.12 To date, no reliable method of assessing when a
13
More recently, the CJEU has also examined the consequences of fundamental rights for
substantive liability. In GS Media, the Court was called upon to assess the liability of the
providers of hyperlinks to infringing content.14
Page 3 of 23

bility in copyright, the Court approached the issue through the vehicle of communication
ISD.15 Recital 27 of the ISD makes clear that the mere provision of physical facilities for
enabling or making a communication does not in itself amount to a communication. At the
same time, exactly where the dividing line should be positioned is not clear from the text
of the Directive. The Court noted that hyperlinks are essential for the proper operation of
posed.16
ment of the liability of other promoters of third party copyright infringements.17
The GS Media
(p. 319)
ity. While primary liability occurs where a person engages in a copyright infringement
themselves, accessory liability concerns itself with the participation of one person in the
copyright infringement of another. Liability for the first has been traditionally understood
to be strict. By contrast, the second incorporates a mental element. In a creative twist,
18
This sleight of hand may be doctrinally challenging, but it dovetails nicely with the
destroying knowledge is present, not only will immunity be denied (as per the ECD), but
eral principles of tort law.
Despite these strides, questions remain: what type of involvement in the infringement of
another is sufficient for substantive liability? Is the necessary mental element the same in
all cases? How does intermediary liability operate in relation to exclusive rights other
than communication to the public? What are the precise benchmarks that determine the
appropriate injunctive relief? A complete harmonized framework governing intermediary
liability for third party copyright infringement remains absent. Rather than slowly tease
tion. For this purpose, dismounting the EU rules on intermediary copyright liability from
the lofty heights of fundamental rights and reintegrating them within the tort law rules,
which naturally govern legal relationships between private parties, can ensure a more
ber States, in cases where the copyright provisions reach their limits.
Page 4 of 23

2.
bility in Copyright
In the absence of a complete EU framework for intermediary accessory copyright liability,
the Member States have been forced to rely on home-grown solutions. In this section, the
approaches taken in three national jurisdictions is briefly examined: those of the UK,
France, and Germany.19 These were selected as corresponding to each of the three major
tort law traditions of Europe.20
proaches to intermediary liability emerge.
(p. 320) 2.1 Intra-Copyright Solutions
cessory liability.
ty in copyright has been the doctrine of authorization. Authorization is embedded in the

Copyright, Designs and Patents Act (CDPA) 1988. According to section 16(2), not only the
doing, but also the authorizing of another to do an act restricted by copyright amounts to
21
authorization: a distinction is thus drawn between granting somebody the right to copy
and granting them the power to copy.22 As modern intermediaries merely enable their
notion must therefore be stretched beyond its natural meaning if it is to be applied to

them.23 This has, nevertheless, not impeded the UK courts from using it for this
purpose.24
the public as a tool of accessory liability,25
diaries directly liable for communication to the public,26 provided certain conditions are
met.27
French
courts apply the general provisions of the French intellectual property code (Code de la
28
that this (p. 321)
has been criticized by French copyright scholars, who note that the strict liability rule
that governs primary infringement is inappropriate for mere contributors.29 As a result of
its expansive interpretation of direct infringement, the French case law on intermediary
liability has relied heavily on the conditions of the safe harbours.30 Initially, the courts
Page 5 of 23

were strikingly demanding on this front, holding that providers that failed to ensure that
infringing content was not reposted on their platforms after it had been brought to their
attention would lose safe harbour protection and become liable.31
cassation), which concluded that it amounted to the imposition of a prohibited general

monitoring obligation.32
Contrary to both the UK and France, in Germany a finding of direct liability against an
online host is very difficult to substantiate. So, for example, in a 2015 decision, the Court
of Appeal of Hamburg found that YouTube could not be held directly liable for copyright
infringements appearing on its website.33
ing available to the public was performed not by the platform but by its users. A notion of
marions-kochbuch.de.34 This held that

35
much further success before the German courts in copyright.
(p. 322) 2.2 Tort-Based Solutions
To supplement the intra-copyright solutions, the courts in all three countries have turned
to their general tort law provisions. Two main tort-based approaches can be discerned.
36
This can
37
nation to be found, a common design is necessary between the defendant and the primary
infringer, aimed at securing the infringement. As with authorization, mere facilitation will
not suffice to establish joint tortfeasance.38 The courts have generally been happy to find
joint tortfeasance in cases where services are offered that are used by others to
infringe.39
is held liable for the same tort as the primary infringer, in the multiple-faults model, she
tice, the basic tort principles of articles 1382 and 1383 of the French civil code, will be
employed for this purpose. These set out the general standard of conduct that requires
Page 6 of 23

sance (violation through omission). Specifically in the area of intermediary liability, the
is, the diligent and prudent intermediary. According to the case law, such an intermediary
will be expected to undertake all the reasonable measures (diligences appropriées) that a
prudent professional would take to avoid having its services used by (p. 323) third parties
to infringe the rights of others.40
right are scant. Relevant decisions date from before the introduction of the safe harbours
and concern other areas of law.41
English system as well, through the vehicle of the tort of negligence. Yet English tort law
has traditionally taken a much more restrictive approach to liability for omissions. It has
thus attempted to keep narrowly-defined the circumstances under which an affirmative
duty of care to take action to protect the interests of others and prevent wrongdoing by
third parties may be found.42 This makes the application of the tort to intermediaries in
copyright difficult.43
lawfully injures a legal right of another. At first sight, this resembles the French approach
ment of unlawfulness (Rechtswidrigkeit) sets the German system apart. A positive act
ure to satisfy the standard of care demanded by society; that is, the violation of a duty of
care (Verkehrspflicht). As intermediary liability will generally centre around omissions,
the same reluctance encountered in the UK thus re-emerges in Germany.
An alternative is offered by Article 830(1) of the BGB. According to this, if more than one
person has caused damage by a jointly committed tort, then each of them is responsible
for the damage. Article 830(2) of the BGB makes clear that instigators and accessories
least
ed it. Knowledge of the objective circumstances that form the main offence and (p. 324)
awareness of their unlawfulness are accordingly required.44 In Germany, this condition
has not usually been understood to be met by online intermediaries.
amine a notification of alleged infringements. Hence, a defendant may also be held liable,
Page 7 of 23

if she consistently violates duties of care over a longer period of time.45
amounting to an indication of intent.46
rent liability model is laxer, being satisfied with mere negligence.
2.3 Injunction-Based Solutions
tively stated, making active demands on national legal systems, it is unsurprising that this
solution is employed in all three examined jurisdictions.
The UK has implemented Article 8(3) with section 97A of the CDPA 1988. Litigation in the
cess providers, requiring them to block websites carrying infringing content.47
In France, article 6-I-8 of the LCEN48 enables injunctions against internet access
providers and host service providers. Article L.336-2 of the CPI further expands the reach
junctive orders have been internet access providers,49

50
The German system comes into its own in the area of injunctions. Germany mainly
(p. 325)
approaches intermediary liability through its distinctive Störerhaftung doctrine. Often
against persons who causally contribute to an infringement in violation of a reasonable

duty to review (Prüfungspflicht). Importantly, it is not possible to claim against a Störer
(interferer) for damages.
volving internet access providers,51
sonable if it would unduly impair the business of the alleged disturber.52 At the same
has been sent, the duty to review extends to all other infringements similar in their core
(Kern), including future infringements of an essentially similar nature.53 This has allowed
France.54
55
Page 8 of 23

3. Intermediary Liability and Tort Law

The examination of the national approaches to intermediary liability reveals both overlaps
and divergences. In order to help organize the messages emerging from the comparative
tious liability: fault and causation. Through associating the national intermediary liability
rules with the underlying tort norms of each respective jurisdiction, the forces shaping
those rules can be identified.
As the research showed, the affinity of English and German law for the concept of joint
tortfeasance can be explained through the concern both jurisdictions traditionally display
for controlling against the overexpansion of fault liability. This has led both countries to
set strict limits to liability for omissions.56 As shown previously, English (p. 326) tort law
be held liable for causing another damage through negligence, and taking a restrictive
approach to the finding of affirmative duties of care. Along similar lines, Germany relies
on the concepts of unlawfulness and Verkehrspflichten to achieve a similar effect.57
These solutions are supported by the conservative theories the two countries apply to
that damage is too remote to be attributed to the defendant if it is of such a kind that a
reasonable person could not have foreseen it). German law has elaborated complicated
least to significantly increase the chance that it will happen) or whether the damage falls
lated).58
ties.59
France stands apart, taking an expansive, unitary approach to both fault and causation.
Although in practice the French legal system also connects the violation of the standard
of reasonableness to the existence of an obligation to take action before liability for an
omission will be found, French legal theory in this area is much more flexible. Similarly,
the French courts are satisfied with a mere showing of conditio sine qua non60 in order to
stead, they can rely readily on the basic rules of negligence to support accessory liability.
cant, in practice the outcomes do not differ greatly. Indicatively, while France does not
embed liability-restricting norms into its tort law, in the area of intermediary liability, the
Page 9 of 23

ECD safe harbours have been applied to achieve roughly the same effect as in the UK and
Germany.61 EU influence additionally means that all three (p. 327)
wards a greater emphasis on injunctive relief. Thus, structure, rather than substance, is
what diverges.62
als. Promisingly, existing projects on the harmonization of European tort law show how
such structural harmonization can be achieved. The Principles of European Tort Law
(PETL), developed by the European Group on Tort Law,63 and the Draft Common Frame of
Reference (DCFR), compiled by the Study Group on a European Civil Code and the Acquis
Group, are particularly helpful in this regard.64
copyright liability can be grounded in strong theory derived from the general principles
for European tort law.
ary copyright liability were investigated in the research. It was concluded that what is
sult in such infringement and meant to engage in that behaviour.65 Where intent exists,
is diminished.66
Negligence depends on an assessment of reasonableness.67

ableness is found at the intersection between risk and care: if a defendant creates a risk
sures of care.68
ered: the knowledge of the defendant regarding the risk of damage and her ability to
avoid it. The defendant will only be unreasonable if she knew the risk or ought to have
known it and if she could have avoided the risk or ought to have been able to avoid it.69
(p. 328) As this demonstrates, the assessment of liability in European tort law turns on a
balancing exercise. Promisingly, this provides a connector with the fundamental rights-
Particular attention is necessary in cases of omissions. Omissions are central to accessory
omissions.70
mative duty to act. Such duties may exist in a variety of situations. While the DCFR folds
the issue of omissions into causation, making no distinction between positive actions and
omissions,71
tect others from damage may exist. For the purposes of intermediary liability, the most
relevant of these concern the creation and control of a source of danger and the ease of
addressing the danger.72
Page 10 of 23

73
This allows it to
74
systems.75
tion exists.76 On the other hand, the PETL follows the principle of conditio sine qua non.77
78
4.
pean Intermediary Liability in Copyright
right.
(p. 329)
79
fringement of another, but as the violation of a prohibition against behaviour supportive

of such infringements. The approach is well suited to EU harmonization, both because of
sary legal theoretical equipment for its application, even if they do not all choose to make
ble of delivering nuanced solutions appropriate for complex legal problems.
Pursuant to this approach, the investigation of whether an intermediary should be liable

fault; that is, how
pends on two fundamental elements: a conduct element, which examines the extent to
which the intermediary caused the infringement, and a mental element, which considers
whether the intermediary demonstrated the mindset of a reasonable intermediary that
found itself in the same circumstances. An optional third pillar of duties of care becomes
relevant depending on the severity of the mental element involved.
The conduct element

sive approach to the conduct element inspired by the straightforward French conditio
sine qua non
right infringement of another party.80
Page 11 of 23

feasance theories, imply an inherent mental dimension.81 Yet this should not be subsumed
ment. As all internet intermediaries will meet the requirement of causal participation as
soon as their services are used by another to commit a copyright infringement, it follows
that it is on the mental element that liability will turn.
The mental element

mediary intended an infringement, its behaviour must be understood to be unreasonable
thing to distribute technology that could be used to infringe in the hope that others will
use it legitimately. It is something else to distribute the same technology in the hope that
82
In this way, pleasingly to the fair-minded comparative
(p. 330)
ment, that infringement should be seen as its own and its liability should be no different
to that of the primary infringer.
The second type of mental element is knowledge. In line with CJEU case law,83
al and specific knowledge. It was similarly suggested that both actual and constructive
84
bility of negligence liability must be explored. This raises the question of identifying the
duties of care that burden the reasonable intermediary. While listing duties of care leads
to greater legal certainty, flexibility is necessary for law that can remain resilient in the
face of changing technologies. Laying out the process for determining the duties of care
tional approaches.
As noted previously, the behaviour of a reasonable intermediary (and thus the standard of
quired. This follows both from the principles of European tort law85 and from the Charter-
based approach taken by the CJEU.86 The research into European tort law revealed that
risk and care.87 In particular, the existence of a risk will depend on:
(1) the seriousness of the damage; and

(2) the probability of damage.88
Page 12 of 23

The height of the necessary care is assessed by reference to:

(3) the benefit of the conduct; and
(4) the burden of the precautionary measures.89
The latter two criteria should be examined in view of the following: (a) the interests of the
90
In addition to the above, European tort law teaches that two elements relating to
(p. 331)
the person of the defendant must also be considered:
(5) the knowledge of the defendant regarding the risk of damage; and
91
(6)
Finally, as the duties of care in question are affirmative, an extra criterion must be added
in the form of:
(7)
two key notions of risk and care. A responsibility can arise from:
(a) the type of knowledge of the risk that the intermediary has (i.e. the foreseeability
of the risk);
(b)
ability of the risk); and
(c) the existence of a special duty to take affirmative care (generally resulting from
the creation and control of the source of danger, see the PETL noted earlier).
The resultant system can be represented as shown in Figure 16.1:
Figure 16.1 The criteria of balancing
pushing in favour of liability (the risk and the responsibility of the defendant) and (p. 332)
those pushing against (the benefit of the conduct and the burden of the measures of care)
(see Figure 16.2).
Page 13 of 23

Figure 16.2 Antipodal balancing criteria
Source: image taken from http://

www.publicdomainpictures.net, © Karen Arnold.
Happily, analyses of balancing in the area of human rights appear to move in a strikingly
similar direction.92
cluded that the notification to the authorities, as well as obligations to issue general
well, although a court order may be necessary. Duties to identify primary infringers
should require a court order. Duties to filter content or otherwise generally monitor it
should invariably be considered out of bounds, even to courts.93
While the reliance on balancing may appear to make intermediary copyright liability a
moving target, the flexibility with which it imbues the framework should be understood to
be a feature rather than a bug. The provision of clear and appropriate factors creates
structure, which can help guide effective and targeted judicial reasoning. This allows for
a future-proof regime that can provide greater long-term legal certainty.
Lastly, the proposal suggested a proportionate liability approach. While solidary (i.e. joint
and several) liability has deep roots in European tort law,94 extracting equal (p. 333)
ity from both a primary tortfeasor and an accessory will not always lead to a fair result.
Instead, a proportionate distribution of liability should be considered, dependent on the
95
On this reasoning, the proposal
suggested that where the intermediary acts with intent, solidary liability should apply.
However, where there is mere negligence, restraint is necessary. Under the influence of
Page 14 of 23

recommends that, in such cases, only injunctive relief should be available.
5. Closing Remarks
Once a peripheral issue in copyright law, in recent years the liability of intermediaries for
the copyright infringements of their users has burst on to centre stage. The topic is a
high-stakes one, affecting the competing interests of high-powered stakeholders, as well
as those of the general public. Traditional answers developed in the Member States have
been stretched by modern fact patterns, while for a long time harmonization at the EU
level rested solely on the negatively stated immunities and the injunction-focused Article
8(3) of the ISD.
The CJEU has set the ball rolling towards a more comprehensive European solution. In its
case law, the Court has identified the heart of intermediary liability in the doctrine of a
96
ty. This approach appears appropriate. The challenging topic of intermediary liability
gal order. At the same time, a substantive solution cannot be found in the vague edicts of
als is best dealt with through the rules of tort law that have been developed for precisely
that purpose. Properly crafted, these should represent the mirror image of fundamental
rights, reflected from the other side of the private/public law divide.
Inspired from these starting points, the research on which this chapter is based sought to
develop a proposal for a harmonized EU framework for intermediary liability that takes
appropriate account of both areas of law. The objective was the development of (p. 334) a
well-grounded, principled solution that is informed by existing EU and national law on
ously improving on these sources, a sensitive and comprehensive system that allows for
fine distinctions and delivers clear definitions can be built. Instead of pursuing piecemeal
low such a principled approach.
Notes:
(2) For more detail please see Christina Angelopoulos, European Intermediary Liability in
Copyright: A Tort-Based Analysis
Page 15 of 23

merce, in the Internal Market (Directive on Electronic Commerce) [2000] OJ L178/1, Arts
(4
quested of the CJEU in pending case C-18/18 Facebook Ireland.
(6 Google France
C-324/09 [2011] ECLI:EU:C:
pending case C-500/19 Puls 4 TV GmbH & Co. KG v YouTube LLC and Google Austria
GmbH, request for a preliminary ruling from the Oberster Gerichtshof [Austrian Supreme
Court] lodged on 1 July 2019.
(7) The conditions for injunctions under Art. 8(3) ISD will be discussed by the CJEU in
pending cases C-500/19 (n. 6); C-682/18 LF v Google LLC, YouTube Inc., YouTube LLC,
Google Germany GmbH, request for a preliminary ruling from the Bundesgerichtshof
(Germany) lodged on 6 November 2018; and C-683/18 Elsevier Inc. v Cyando AG, request
for a preliminary ruling from the Bundesgerichtshof (Germany) lodged on 6 November
2018.
(8) See e.g. C-70/10 Scarlet Extended SA v Société belge des auteurs, compositeurs et
éditeurs SCRL (SABAM)
(9) See ibid. and C-360/10 Belgische Vereniging van Auteurs, Componisten en Uitgevers
CVBA (SABAM) v Netlog NV [2012] ECLI:EU:C:2012:85.
(10) See C-314/12 UPC Telekabel v Constantin Film and Wega [2014] ECLI:EU:C:
2014:192.
(11) See C-484/14 Tobias Mc Fadden v Sony Music Entertainment Germany GmbH [2016]
ECLI:EU:C:2016:689.
(12) See C-324/09 (n. 6).
(13
bel
Info. 87.
(14) See C-160/15 GS Media BV v Sanoma Media Netherlands BV and Others [2015]
ECLI:EU:C:2016:644, para. 24.
Page 16 of 23

(16) C-160/15 (n. 14) para. 49.
(17) See C-527/15 Stichting Brein v Jack Frederik Wullems [2017] ECLI:EU:C:2017:300
and C-610/15 Stichting Brein v Ziggo BV and XS4All Internet BV [2017] ECLI:EU:C:
2017:456.
(18
right at the EU level is expected in C-682/18 (n. 7) and C-683/18 (n. 7).
(19) For more detail see Angelopoulos (n. 2) Ch. 3.

Based Analysis European
Tort Law (OUP 2013) 102-2.
(21) CBS Songs v Amstrad [1988] UKHL 15 [604] (UK). See also Bankes and Atkin LJJ in
Falcon v Famous Players Film Co. Ltd
man in Amstrad.
(22) See Amstrad
(23
(24) See e.g. Newzbin (No. 1) [2010] FSR 21 [90] (UK) and Dramatico [2012] RPC 27 [81]
(UK).
(25) Although not the requirement of knowledge introduced by that case law.
(26) See e.g. Newzbin (n. 24) [125].
(27
tutes the means used to infringe, whether it is inevitable it will be used to infringe, the
(28) See Cour de cassation [Supreme Court] La société Google France v la société Bach
sation La société Google France v La société Bac films (Les dissimulateurs) [12 July 2012]
façon, fourniture de moyens et faute: perspectives dans les systèmes de common law et
civilistes à la suite des arrêts Grokster et Kazaa
Page 17 of 23

(29) Andrè Lucas, Agnès Lucas-Schloetter, and Carine Bernault,

téraire et Artistique
(30) These have been transposed into French law with art. 6 of Loi no. 2004-575 du 21
2004 on Confidence in the Digital Economy].
(31 Google Inc. v

Compagnie des phares et balises [14 January 2011] (Fra.); CA Paris (Pôle 5, chambre 2)
Google Inc. v Bac Films, The Factory [14 January 2011]; CA Paris (Pôle 5, chambre 2)
Google Inc. v Bac Films, The Factory, Canal+
bre 2) Google Inc. v Les Films de la Croisade, Goatworks Films [14 January 2011].
(32) See (n. 28); Les dissimulateurs (n. 28).
(33) Oberlandesgericht [Higher Court] (OLG) Hamburg [1 July 2015] 5 U 87/12 (Ger.). The
ing to the CJEU (C-682/18 (n. 7)).
(34) Bundesgerichtshof [Supreme Court] (BGH) marions-kochbuch.de [12 November

2009] I ZR 166/07 (Ger.).
(35) See also the subsequent case of RSS-Feed on the personality right, where the court
[17 December 2013] VI ZR 211/12, para. 19.
(36) SABAF SpA v MFI Furniture [2003] RPC 14 [59] (UK).
(37
(38) Lionel Bently and Brad Sherman, Intellectual Property Law

also Nicholas McBride and Roderick Bagshaw, Tort Law
(39) See Dramatico Entertainment v British Sky Broadcasting [2012] EWHC 268 (Ch) [83]
(UK); EMI Records v British Sky Broadcasting The
Football Association Premier League v British Sky Broadcasting [2013] EWHC 2058 (Ch)
[43] (UK); Paramount Home Entertainment International v British Sky Broadcasting
[2013] EWHC 3479 (Ch) [35] (UK); 1967 Ltd v British Sky Broadcasting [2014] EWHC
3444 (Ch) [23] (UK); Twentieth Century Fox Film Corp. v Sky UK [2015] EWHC 1082 (Ch)
[56] (UK); Football Association Premier League v British Telecommunications [2017]
EWHC 480 (Ch) [39] (UK).
(40
Générale 577.
Page 18 of 23

(41) See e.g. CA Versailles, SA Multimania Production v Madame Lynda L [8 June 2000].
For an analysis, see Agathe Lepage,
(42) This is usually considered to be the case where: (1) the defendant created the risk of
over the source of the damage; and (4) the defendant has a special relationship with the
third party that caused the damage. See Nicholas McBride and Roderick Bagshaw, Tort
Law
(43
(44
Festschrift für Dieter Reuter zum 70 Geburtstag am 16 Oktober 2010 (De Gruyter 2010)
1167.
(45
Hörspiel
File-Hosting
International Copyright Law and
Practice (Matthew Bender 2017), para. 8[1][c][i].
(46
(47
https://www.ivir.nl/projects/global-online-piracy-study
tionnaire United Kingdom).
(48
(49) See e.g. Tribunal de grande instance [High Court] (TGI) Paris
teurs de cinema (APC) et autres v Auchan Telecom et autres [28 November 2013] (Fra.)
and TGI Paris
ange [4 December 2014] (Fra.).
(50) See Cour de cassation

Google France [12 July 2012] no. 11-20.358 (Fra.).
(51) See e.g. BGH GEMA v Deutsche Telekom [26 November 2015] I ZR 3/14 (Ger.) and
BGH Universal Music v O2 Deutschland [26 November 2015] I ZR 174/14 (Ger.).
Page 19 of 23

(52) See Thomas Hoeren and Viola Bensinger,

(De Gruyter 2014) 366.
(53
(54) See e.g. BGH Rapidshare I [12 July 2012] I ZR 18/11 (Ger.); BGH Rapidshare III [15
August 2013] I ZR 80/12 (Ger.). See also OLG Hamburg [1 July 2015] 5 U 87/12 (Ger.).
(55
ing to the CJEU, obligations to monitor all of the information transmitted by an access
provider would be incompatible with the prohibition on general monitoring obligations. A
plored by the CJEU in C-18/18 Facebook Ireland.
(56) See Angelopoulos (n. 2) section 4.3.
(57) Christian Von Bar, The Common European Law of Torts (Clarendon Press 2000), Vol.
(58) See Angelopoulos (n. 2) section 4.4.1.
(59
through their psychological identification with it, see Walter van Gerven, Jeremy Lever,
and Pierre Larouche, Tort Law (Hart 2000) 430.
(60
that the injury would not have occurred but for that behaviour.
(61
(62
praesumptio similitudinis
sentially the same problems, and solves these problems by quite different means through
An Introduction to
Comparative Law (Clarendon Press 1998) 34.
(63) Available at <http://www.egtl.org>. See also European Group on Tort Law, Principles
(Springer 2005).
(64) See Christian von Bar, Eric Clive, and Hans Schulte-Nölke (eds),
tions and Model Rules of European Private Law: Draft Common Frame of Reference
Page 20 of 23

(DCFR), prepared by the Study Group on a European Civil Code and the Research Group
on EC private law (Acquis Group), Outline edn (Sellier 2009).
(65) See DCFR Art. VI.-3:101. See also Angelopoulos (n. 2) section 4.2.1.
(66
tion of Tort Law: Fault
tives on Causation (Hart 2011) 361.
(67) Consider e.g. DCFR Art. VI.-3:102 and PETL Art. 4:102(1). See also Angelopoulos (n.
2) section 4.2.2.1.
(68) See eg van Dam (n. 20) 805.
(69) See van Dam (n. 20) 805-2.
(70) Christian von Bar, The Common European Law of Torts (Clarendon Press 2000), Vol.
II, 203.
(71) See von Bar, Clive, and Schulte-Nölke (n. 64) 3423.
(72
tion, or when there is a special relationship between parties or when the seriousness of
(73) See DCFR Art. VI.-4:101.
(74
(75
hard Wagner (ed.),
(Sellier 2009) 254.
(76) See von Bar, Clive, and Schulte-Nölke (n. 64) 3445.
(77) See PETL Art. 3:101.
(78) See ibid. Art. 9:101(1)(a).
(79
Art. 1:101.
(80) For more details on this analysis, see Angelopoulos (n. 2) sections 5.1.1 and 5.2.
(81
491.
Page 21 of 23

(82
munications Tech. L. 233.
(83) See C-610/15 (n. 17) para. 45.
(84
(85) See e.g. van Dam (n. 20) 805.
(86) See Section 1.
(87
case law of the European Court of Human Rights on intermediary liability is also worth
examining, esp.: Delfi v Estonia [GC] App. no. 64569/09 (ECtHR, 16 June 2015); Magyar
Tartalomszolgáltatók Egyesülete and Index.hu Zrt v Hungary App. no. 22947/13 (ECtHR,
2 February 2016); Rolf Anders Daniel Pihl v Sweden App. no. 74742/14 (ECtHR, 9 March
2017).
(88) See van Dam (n. 20) 805-2.
(89) ibid. 805-2.
(90
actor, especially in liberty of action and in exercising his rights, as well as public interests
law
(91) See van Dam (n. 20) 805-2.
(92
so Angelopoulos (n. 2) section 5.4.2.
(93) For more details on this analysis, see Angelopoulos ibid. section 5.5.
(94
(95) For a broader discussion on proportionate liability, see W.V.H. Rogers, Winfield &
Jolowicz on Tort
(96) See e.g. C-160/15 (n. 14) para. 31.
Christina Angelopoulos
Page 22 of 23

Christina Angelopoulos is a Lecturer in Intellectual Property Law at the University of

Cambridge and a member of the Centre for Intellectual Property and Information
Law (CIPIL). Email: cja58@cam.ac.uk.
Page 23 of 23

A New Liability Regime for Illegal Content in the Digital Single Market
Strategy
tal Single Market Strategy

Maria Lillà Montagnani

This chapter reviews developments in the regulation of online platforms as a result of the
chapter unpacks the category of illegal content (copyright infringing content, harmful
content, and misleading content) and details for each type the obligations that have been
within the DSM strategy, analyses its main features, and addresses its coherence.
Keywords: Europe, digital single market, DSM, conditional liability, organizational liability, illegal content,
right infringement, harmful content, misleading content,
WITHIN the European Digital Single Market (DSM) strategy,1 online intermediaries, often
categorized as the gatekeepers of information,2
mission has issued a great number of documents that touch on illegal content online and
3
Newly adopted rules, or those currently under adoption, contribute to
the formation of an emerging liability regime for unlawful content that differs profoundly
from the regime of conditional liability exemption envisaged in the e-Commerce Directive
(ECD).4 Although the safe harbours adopted within the ECD (p. 296) remain in principle
intact,5 the context in which they apply is now enriched by a new Directive on Copyright
in the Digital Single Market (the DSM Directive),6 a revised version of the Audiovisual
Media Services Directive (the AVMSD),7 the extension to commercial platforms of the
obligations provided by the Unfair Commercial Practice Directive (the USPD),8 as well as
line.9
Page 1 of 20

Strategy
All these initiatives introduce an enhanced liability regime for online intermediaries for
10
which should complement the current safe harbour
though the ECD exemptions continue to be a key element of the European system, there
sures to prevent the upload of unlawful content and to design platforms in a way that
avoids consumers from being misled.
The conditional liability regime and its exemptions were introduced by the ECD as a
means for the development of online services and for enabling the information society to
flourish.11
12
caching, and hosting from liability for the unlawful conduct of third parties as long as
they are in no way involved with the information transmitted or, in the case of hosting
services, do not have knowledge or awareness of the illegal activities and, if acquired,
promptly act to stop them. In a different way, the liability regime that emerges as a result
of the new hard and soft law provisions adopted within the DSM strategy (p. 297) shields
intermediaries on the basis of the actions that they take in relation to the nature of the
ganization that the intermediaries have adopted. On the other hand, it also goes beyond a
vertical liability as it anchors the liability to the organization that a platform should have
ture that platforms should adopt in order to prevent illegal content from being uploaded,
or re-uploaded.
In order to show this shift from a conditional liability regime to an organizational one13
that is, a regime where liability depends on the organization adopted by the undertaking
legal content (copyright infringing contents, harmful content, and misleading content)
tures, and address its coherence.
1. The Issue of Illegal Content within the DSM

Strategy
In one of its first documents on the creation of a European Digital Single Market,14 the
EU Commission noted how the digital environment, while bringing about opportunities
erly faced and overcome. To this end, the DSM strategy places special emphasis on three
Page 2 of 20

Strategy
key pillars: (1) access for consumers and businesses to online goods and services across
Europe; (2) creating the right conditions for digital networks and services to flourish; and
(3) maximizing the growth potential of the digital economy.
The first two pillars are those touching particularly on the issue of liability for unlawful
content. Part of the first pillar is the aim of proposing EU legislation which will reduce the
differences between national copyright laws and allow for wider online access to works.
15
Similarly, in the context of optimizing digital networks and services, the Commission
pants in the marketplace.16

nors are protected from harmful content and that internet users are (p. 298) protected
from hate speech and misleading content. Such an enhanced responsibility was thus
deemed to have to be reflected in a review of copyright rules and of the other provisions
regulating content online.17
Following the statements of principle mentioned earlier, a public consultation was held in
net, including copyright-infringing content, hate speech, and terrorism-related content.18
were dedicated a section of their own, the responses did not reflect one uniform view due
to the vast differences between the type of respondents. For example, on the question of
fitness of the liability regime under the ECD, most individual users, content uploaders,
and intermediaries considered it fit for purpose, while rightholders, their associations,
and notice providers identified gaps and were unsatisfied with its effectiveness.19
rope and lays down the basis for a problem-driven approach to regulation, which has also
been followed in relation to unlawful content.20 Having mentioned that online platforms
21
the Commission stresses their rising importance as well as the
need for them to operate in a balanced regulatory framework.22 A framework in which,
sponsibility. Even here it is not completely clear how balanced a framework can be where
The same principles mentioned previously are confirmed in the following mid-term review
assessment of the progress towards the implementation of the DSM,23 where the issue of
illegal content online is tackled from a practical point of view, for example in relation to
Page 3 of 20

Strategy
the mechanisms and technical solutions necessary for its removal, which in turn must be
effective and, at the same time, fully respectful of fundamental rights.24
(p. 299)
munication on tackling illegal online content,25
hanced liability regime for intermediaries, which, by mediating access to content for most
internet users, carry a significant societal responsibility. Interestingly, the Commission
move illegal online content and not only limit themselves to reacting to notices which
26
vides a brief discussion of the principles to follow in order to comply with fundamental
rights and to implement the safeguards needed to limit the risk of removing legal online
content.27
parency and of adopting appropriate counter-notice mechanisms leading potentially to
restoring without undue delay content that has been removed.28
opment of automatic technologies to prevent the reappearance of illegal content online
keeps being strongly encouraged.29
As a follow-up to the Communication mentioned earlier, in March 2018 the Commission

issued a Recommendation on measures to effectively tackle illegal content online.30 Even
here the Commission, on the one hand, details the notice and action procedure and calls
for the adoption of proactive measures for all types of illegal content. On the other hand,
ner.31 In particular, when automation in removing illegal content is involved, effective and
appropriate safeguards should be established to ensure that decisions are accurate and
well founded.32 Human oversight and verifications should be in place whenever a detailed
assessment of the content is needed to establish its illegal nature.33
In comparison to the previous instruments, the Recommendation puts more emphasis on
tions the need to respect fundamental rights only in the recitals.34 Notwithstanding this
ing systems on intermediaries. The use of detection and filtering systems has an impact
on the distinction between active and passive hosting providers elaborated (p. 300) by the
ly linked the requirements of knowledge and awareness to the active
Page 4 of 20

Strategy
nical and automatic processing of data provided by users,35 to include cases in which the
provider operates in a way that triggers knowledge or control.36 In other words, adopting
proactive measures implying control may cause hosting providers to fall outside the
munication on tackling illegal content online states that such measures, when taken as
part of the application of the terms of services of the online platform, would not render
terial through automatic means.37 Moreover, Article 15 of the ECD expressly prohibits
ture and this is also a well-established principle developed in the CJEU case law,38 from
which the rules of new adoption seem to detach if not expressly, at least for the ex ante
nature of the obligations that they impose on online intermediaries.
2.
right in the DSM Directive
To provide an instrument that established a copyright market which would be efficient for
all parties involved and provide the right incentives for investment in, and dissemination
of, creative content in the online environment,39 in May 2016 the European Commission
presented as part of the copyright legislative package a draft Directive on Copyright in
the DSM.40 Among the goals of the proposal was also that of reinforcing the position of
rightholders to negotiate and be remunerated for the online exploitation of their content
by online services storing and giving access to content uploaded by their users,41
42
The rationale behind this (p. 301) was the
scription-based business model, do not obtain licences from rightholders for the works
they store on their platforms and that this would deprive rightholders from gaining the
revenues to which they are entitled. While theoretically the value gap may sound like a
ists to back it up.43
In order to tackle the issue of copyright-infringing content, the proposal encompassed the
strongly debated Article 13,44 now Article 17, which carved out a special regime for the
intermediaries hosting a large amount of works, and required them either to conclude
agreements with rightholders and implement measures ensuring the functioning of such
agreements or, in any case, to prevent the availability of copyright-infringing content. In
practice, Article 13 introduced a twofold duty on such providers to conclude licensing
tion with the service providers.45
Page 5 of 20

Strategy
content to identify and prevent copyright infringement, which has to be implemented via
appropriate and proportionate content-recognition technologies.
After two years of negotiations, in September 2018 the Parliament approved its version of
proved by the Parliament in March 2019.46 While licensing remains the main obligation
for the addressees of Article 17, the provision presents at least three main relevant
(p. 302) liability for works uploaded by the users of such online content sharing services in
47
cording to paragraph 4, letters a) and b) of Article 17, when rightholders do not wish to
conclude licensing agreements, online content-sharing service providers shall, in order to
The introduction of a form of direct liability on platforms for unlawful content posted by
Filmspeler48 and Ziggo49 cases both in 2017. In
these judgments, in the absence of the application of the safe harbour, the intermediaries
in question were indeed directly liable, even if the content was uploaded by their users.50
51
munication or making available to the public under Article 3 of Directive 2001/29/EC.52 In
content-sharing service providers are liable for communication or making available to the
fective and proportionate measures and provided that those services act expeditiously to
remove or disable access to the works on notification by rightholders. In this respect, the
ways been a pivotal element of the conditional liability exemption under Article 14 of the
ECD.53
(p. 303)
Page 6 of 20

Strategy
tional and scientific repositories, open source software-developing and-sharing platforms,

providers of electronic communications services as defined in Directive (EU) 2018/1972,
online marketplaces, business-to-business cloud services and cloud services that allow
54
tion is embraced.55 However, despite the exclusion of non-profit service platforms, the
question as to how large the amount of content stored by the service providers should be
to cause them to fall outside the boundaries of Article 17 remains unclear.
technological measures to be adopted by platforms in order to prevent infringing content

from being uploaded, Article 17 does not make any explicit reference to technology. While
ling illegal online content, any mention of envisaging technological measures or content-
recognition technologies is dropped. However, even though not explicitly, Article 17 also
tent, but also to prevent that content from being re-uploaded. As a matter of fact, such an
obligation can only be complied with through a system that filters the content that users
try to upload.56
regime with both Article 15 of the ECD and, more generally, with the safe harbour regime
remains. On the one hand, in fact, it is likely that when licensing agreements are not
available, in order to avoid direct liability for violation of the right of communication to
57
law on active and passive hosting providers. Specifically, platforms that do not comply
with the obligations mentioned above will lose the benefit of Articles 14 of the (p. 304)
mediary.58
scenario occurred, a case-by-case assessment would be needed, and it expressly referred
to the need to verify whether the online platforms played an active role before making
them liable.59 This raises the question as to how to reconcile Article 17 with the general
law on active and passive hosting providers.
More generally, if, in the absence of a compulsory licensing scheme,60

rect liability is by adopting a filtering system, there is the concrete risk that certain uses
fringement would no longer be available to their beneficiaries.61
Page 7 of 20

Strategy
ment.62 Some argue that this would be mainly due to the fact that platforms would resort
to cheaper filtering systems.63 However, it is highly doubtful whether any filtering system
currently in use, expensive or cheap, is sophisticated enough to draw the line adequately
laws.64
tion to copyright exception and limitations, which requires that, for filtering systems to be
tional exception regimes.
3.
Visual Media Service Directive
Between 6 July 2015 and 30 September 2015, a public consultation on the review of the
AVMSD was also undertaken, with the objective of making the European audiovisual
(p. 305) media landscape fit for purpose and aligned to the twenty-first century media
framework. In particular, the aim was to establish a level playing field among operators
and align rules valid for both traditional broadcasters and new video-on-demand
services.65
online platforms more responsible and to introduce an enhanced liability regime.66
On 2 October 2018, the European Parliament plenary session approved the revised
AVMSD as part of the DSM strategy.67
ment and the Council on 14 November 2018 to be implemented by the Member States
within the following 21 months.
To illustrate the new liability regime, it is first necessary to understand the definition of
they are also the specific addressees of several new obligations. Video-sharing platforms
are defined as commercial services addressed to the public, where the principal purpose
of the service (or an essential functionality of it) is devoted to providing programmes and
user-generated videos to the general public. The scope of such service must then be that
of informing, entertaining, or educating and the means adopted for it should be through
Page 8 of 20

Strategy
ing.68
The above-defined platforms fall within the regulation introduced by the newly-adopted
cle 28b69 brings in an obligation for Member States to ensure that appropriate measures
70
lence or hate speech,71 but also the latter from content the dissemination of (p. 306) which
72
tive, video-sharing platforms also have to respect certain obligations for the commercial
communications for which they are responsible and be transparent about commercial
ture.
tent in question, the harm it may cause, the characteristics of the category of persons to
73
74
and more
importantly should not lead to any ex ante control or upload-filtering of content insofar as
it does not comply with Article 15 of the ECD. In particular, appropriate measures include
reporting/flagging operation systems, operating systems through which video-sharing
platform providers explain to their users what effect has been given to the reporting and
and tools, and, finally, easy-to-use and effective procedures for handling and resolving
of the measures.75
Compared to the DSM Directive, the proposal to amend the AVMSD has prompted less
sion in the initial Communication on the DSM strategy,76 such as the protection of minors
monitoring obligations pursuant to Article 15 of the ECD77 since Article 28b clearly states
Page 9 of 20

Strategy
the issue of how to reconcile, in practice, the new duties with the ban imposed by Article
15 remains critical.
may impose on video-sharing platform providers measures that are more detailed or
(p. 307)
could be stricter than a notice-and-takedown procedure if not an ex ante

tion, which, however, is clearly banned as it is in violation of Article 15 of the ECD. This,
in order to establish a framework that is coherent.
4.
cial Practices Directive
Always with a view to increasing consumer confidence in the digital market and offer
more certainty, in May 2016 the Commission adopted a Communication on cross-border
e-Commerce, in which it outlines the strategies to undertake to stimulate and promote
it.78
plementation of the Unfair Commercial Practices Directive (UCPD Guidance),79 which
proceeds to clarify some concepts and provisions of the Directive itself and illustrates the
en the growing body of principles that derive from the decisions of the CJEU and several
national courts. More importantly, the UCPD Guidance clarifies that the rules on unfair
commercial practices (UCP) are also applicable to the new business models that develop
in a digital environment,80 for example online commercial platforms.81 Although this
should not, in principle, clash with the safe harbour established by the ECD, in practice
Article 2(b) of the UCPD on a case-by-case assessment. For example, a platform that,
while acting for purposes relating to its business, charges a commission on transactions
between suppliers and users, provides additional paid services, or draws revenue from
targeted advertising, can definitely be deemed to be a trader and falling within the scope
of the UCPD.
It derives from such qualification that, pursuant to Article 5(2) of the Directive, platforms
cial competence and attention that it is reasonable to expect from a professional towards
its consumers.82
quirements set out in Articles 6 and 7 of the UCPD, which entail that they refrain (p. 308)
Page 10 of 20

Strategy
from misleading actions and omissions whenever intermediating the promotion, sale, or
supply of a product to consumers.
line platforms must abide must coordinate with the exemption regime established by the
ed even if it violates consumer protection and constitutes an unfair commercial

practice.83
ments Community law applicable to information society services without prejudice to the
level of protection for, in particular, public health and consumer interests, as established
by Community acts and national legislation implementing them in so far as this does not
While in principle the ECD and the relevant consumer acquis communautaire concerning
the Union should apply in a complementary manner,84 in practice that is not always the
obligations, increases the number of clashes between platforms invoking Article 14 safe
vant third party traders to comply with EU consumer and marketing law requirements
and help users to clearly understand with whom they are concluding contracts. Such
measures could imply, for example, enabling relevant third party traders to indicate that
they act as traders; and letting all platform users know that they will only benefit from
protection under EU consumer and marketing laws in their relations with those suppliers
sites in a manner that allows professional third parties to present information to users of
ticular, when the information at stake amounts to the invitations to purchase referred to
in Article 7(4) of the Directive.85
ments, online platforms adopt measures such as those described earlier that make them
intervene on the content. This turns them into active hosting providers and makes them
tion, this kind of compliance also runs the risk of being in violation of Article 15 of the
same Directive. It seems thus that instead of being complementary, the UCPD and the
In other words, it is questionable how the liability exemption contained in Article

(p. 309)
14 of the ECD can be reconciled with the due diligence contained in Article 5 of the
general obligation to monitor or carry out fact-finding in turn. This on the one hand
makes the platform take on an active role and, on the other, violates Article 15 of the
same ECD.
Page 11 of 20

Strategy
vices sold or supplied by other parties for which it may be difficult to prove the liability
loaded misleading reviews; a duty that is clearly in conflict with the prohibition of actively
86
5. Final Remarks
the DSM strategy, in particular the Copyright in the DSM Directive, the AVMSD, and the
87
harbours, it does introduce a new set of obligations and duties of care, the coexistence of
which, with the ECD exemption regime, raises significant doubts.88
ties of care that weigh on online platforms. In line with the problem-driven approach
adopted in the Communication on the DSM,89 each of the hard and soft law instruments
analysed introduces obligations for online intermediaries targeted at content of a specific
and externally when these same obligations are to coordinate with the safe harbour
regime under the ECD and, more generally, with the overall acquis.
As far as the internal dimension is concerned, while the introduction of a duty of care is
not novel in this context,90
(p. 310)
ators to be in charge of self-regulating their actions within the general duties of care. The
several instruments adopted by the EU institutions often refer to the need for cooperation
and information sharing between platforms and rightholders, encourage best practice
sharing between both parties,91
ic case of the AVMSD can also be the result of co-regulatory processes.92 In particular, in
the area of hate speech and terrorist content regulatory efforts already rest on a (non-
binding) code of conduct between major social media platform operators, which is now in
its third round of monitoring.93 This call for more self-regulation generates a paradoxical
scenario. In a way, the EU institutions are aware that intermediaries should be involved in
94
To this end,
they have not entirely delegated to platforms the fight against and prevention of illegal
online content and within the DSM they have imposed statutory duties of care on them.
Page 12 of 20

Strategy
However, on the other hand, the vagueness of such duties of care requires intermediaries
to resort to self-regulation to implement them, recourse that is also recommended by the
EU institutions themselves. As a result, intermediaries end up once again taking into their
own hands the online enforcement of the EU rules against illegal content. This time not to
obligations newly adopted.
As for the external dimension, namely coordination between those duties of care and the
other provisions of the acquis
with the appropriate measures that are to be taken according to the Copyright in the
DSM Directive, the AVMSD, and the UCPD, on the one hand, and Articles 14 and 15 of
even via automatic means, to trigger the duty to remove illegal content,95 and the mere
principle, a real obstacle to imposing on intermediaries duties of care within the DSM
ciding when a specific infringement prevention becomes general and in deciding whether
amounts to an act of general monitoring.96
The emerging liability regime introduced within the DSM strategy raises further
(p. 311)
concerns also in relation to the way in which online intermediaries will behave in order to
and given their nature as economic agents, they will design their platforms in a way that
will make them ex ante compliant with all the obligations at issue. Besides modifying the
form97
98
Notes:
(1
192 final (6 May 2015).
(2
Tech. 253.
(3
ing liability regime under the e-Commerce Directive and the one that emerges as a result
of the legislative initiatives adopted within the DSM strategy. On the difference between
Page 13 of 20

Strategy
tonomy of Electronic Platforms: A Prior Study to Assess the Need of a Law of Platforms in
(4) See Directive 2000/31/EC of the European Parliament and of the Council of 17 July
(5
(7
ber 2018 amending Directive 2010/13/EU on the coordination of certain provisions laid
sion of audiovisual media services (Audiovisual Media Services Directive) in view of

changing market realities [2018] OJ L303/69.
(9
(10) ibid.
(11
(12
arosaria Taddeo and Luciano Floridi (eds), The Responsibilities of Online Service
Providers (Springer 2017) 325.
(13
Sheldon Zedeck (ed.), APA Handbook of Industrial and Organizational Psychology (APA
2011) 855.
(14) See DSM strategy (n. 1) 2.
Page 14 of 20

Strategy
(15) ibid. 8.
(16) ibid. 9.
(17) ibid. 11.
(18
sultation-regulatory-environment-platforms-online-intermediaries-data-and-cloud>.
(19
May 2016) 15.
(20) See European Commission (n. 5) 9.
(21) ibid. 2.
(22) ibid. 4.
(23
(24) ibid. 9.
(25
(26
(27
(28) ibid. 17.
(29) ibid. 19.
(30
(31) ibid. point 19.
(32) ibid. point 20.
(33) ibid.
(34
(35) C-324/09 [2011] ECLI:EU:C:2011:474, para. 113.
(36
Page 15 of 20

Strategy
(37
(38) ibid.
(39) ibid.
(40
https://ec.europa.eu/digital-single-market/en/modernisation-eu-
copyright-rules>.
(41
nal.
(42 http://www.ifpi.org/
value_gap.php>.
(43
(44) See Open Letter #2 from European Research Centres to Members of the European
https://www.create.ac.uk/blog/2018/04/26/
eu_copyright_directive_is_failing
the Max Planck Institute for Innovation and Competition on the Proposed Modernisation
https://www.ip.mpg.de/fileadmin/ipmpg/
content/stellungnahmen/MPI_Position_Statement_PART_G_incl_Annex-2017_03_01.pdf>;
Open letter to the European Commission by 40 academics (30 September 2017) <https://
medium.com/eu-copyright-reform/open-letter-to-the-european-
commission-6560c7b5cac0
Measures to Safeguard Fundamental Rights and the Open Internet in the Framework of
(45) See Art. 13 of the Proposal for a Directive of the European Parliament and of the
Council on copyright in the Digital Single Market, COM/2016/0593 final.
(46) See also Chapter 28.
(47
(48) See C-527/15 Stichting Brein v Filmspeler [2017] ECLI:EU:C:2017:300.
Page 16 of 20

Strategy
(49) See C-610/15 Stichting Brein v Ziggo BV [2017] ECLI:EU:C:2017:456.
(50
(51
http://www.consilium.europa.eu/media/
35373/st09134-en18.pdf> (hereafter Agreed Negotiating Mandate).
(52) See Directive 2001/29/EC of 22 June 2001 on the harmonisation of certain aspects of
tion Society Directive).
(53) For a complete analysis of the knowledge requirement, see Christina Angelopoulos,
(55) Agreed Negotiating Mandate (n. 51), recital 37a and b and Art. 2(5).
(56
ern J. of L., Tech. & the Internet.
(57
https://www.ivir.nl/publicaties/download/
study_fundamental_rights_limitations.pdf>.
(59
Page 17 of 20

Strategy
(60
https://www.create.ac.uk/wp-content/uploads/
2018/06/Academic_Statement_Copyright_Directive_29_06_2018.pdf>.
(61) See Information Society Directive (n. 52) Art. 5.
(62
(63) See Angelopoulos and others (n. 60) 3.
(64) See Directive 2001/29/EC (n. 52) Art. 5. On the fragmentation of the exceptions
(65
(66) ibid.
(67
tion of certain provisions laid down by law, regulation or administrative action in Member
States concerning the provision of audiovisual media services in view of changing market
(68) See Directive 2018/1808 (n. 7) Art. 1.
(69
obligations.
(70) See Directive 2018/1808 (n. 7) Art. 28b(3).
(71
(72) ibid. Art. 28a(1)(c).
(73) ibid. Art. 28(b)(3).
(74) ibid.
(75) ibid. Art. 28b(3).
(76
(77) See Ullrich (n. 11) 117.
(78
Page 18 of 20

Strategy
(79
(80) ibid. 5.
(81) ibid. 127.
(82) ibid. 128.
(83
(84
(85
https://ec.europa.eu/info/sites/info/files/
transparency_of_platforms-study-final-report_en.pdf>.
(86
(87
(88
and Competition Research Paper no. 17-12/2017 (2017) 99.
(89
(90
26(3) IJLIT 226, 234.
(92) See Directive 2018/1808 (n. 7) Art. 4a(1).
(93
http://ec.europa.eu/newsroom/just/item-
detail.cfm?item:id=612086>.
(94) See Angelopoulos and others (n. 57).
(95) See Montagnani and Trapova (n. 59) 309.
(96) See Ullrich (n. 90) 231.
(97
Page 19 of 20

Strategy
(98
Maria Lillà Montagnani
versity in Milan. Email: lilla.montagnani@unibocconi.it.
Page 20 of 20

Harbour to Liability
Oscillating from Safe Harbour to Liability

Danny Friedmann

dividual forces to assess their influence on intermediary liability regulation in China. On
infringing information can be removed, while the many laws and regulations involved in
gree of filtering requirements with the ongoing technological development of big data
tion and pressure for online service providers to take on more responsibility in China.
Keywords: China, intermediaries, safe harbour, liability, trade mark, copyright, big data, artificial intelligence
THERE are opposing forces that influence intermediary liability (IL) regulation in the
1 raises the standard
for knowledge before infringing information might be removed; while the many laws and
clude the possibility of ignorance.2 Moreover, developments in big data3

telligence4 have caught up with discussions about the desirability of safe (p. 278) harbours5
and the degree of filtering requirements.6 On the other hand, there is case law, codified in
2016 in guidelines for Beijing courts,7 which reinforces the duties of care. This chapter
applies a holistic approach by analysing the individual forces to assess their influence on
IL case law.
Since a growing part of copyrighted works and trade-marked goods in China is consumed
via network service providers,8
ly 2016, it was estimated that about 52 per cent of the population in China (721 million
people) had access to the internet.9
Page 1 of 21

forms, such as those of the Alibaba Group.10
billion in one day.11
China took notice of the introduction of the Digital Millennium Copyright Act (DMCA)12 in
the United States and the e-Commerce Directive13
phisticated. The regulation of IL copyright infringement led the way, followed by case law
in regard to trade mark infringement, which was applied by analogy. The big leap forward
promulgation of the Regulations for the Protection of the Right of Communication

through the Information Network in 2006 (Regulations 2006).14 (p. 279) The Regulations
2006 clarify which kind of network service providers are eligible for safe harbours, and
makes clear when immunities are lifted. In the case of trade mark law, China, for the first
time, issued an E-Commerce Law in 2017.15
Copyright law,16 which touches on the expressions of ideas, has always been politicized in
cused on unwelcome expressions that were deemed to endanger social harmony.17 Trade
mark law,18 instead, was considered apolitical and the filtering of counterfeit products
more or less a private affair.19 However, convergence between IL regulation for copyright
hensive and extremely ambitious Social Credit system that rewards moral and punishes
comes political.20
line conduct, depends on real-name registrations. Although the Chinese authorities have
tried real-name registrations since 2012, with little success,21 overcoming this challenge
would have far-reaching consequences for identifying direct infringers. This redirection
of liability away from intermediaries will probably be coupled with increased monitoring
obligations for intermediaries and foreshadows the end of safe harbours.22
Although the doctrine of internet sovereignty rules supreme in China, the country does
tion in 1984, and the 1971 Paris Act of the Berne Convention in 1992.23
tellectual Property Organization (WIPO) conventions were negotiated before (p. 280) the
digital revolution, and remain silent about the internet, the relationship between network
service providers, rightholders, and internet users. In 2001, with the digital revolution in
full swing, China became a member of the World Trade Organization (WTO). It thereby
accepted the 1994 Agreement on Trade-Related Aspects of Intellectual Property Rights
(TRIPs),24
ing the WIPO Internet Treaties (WIPO Copyright Treaty and WIPO Performances and
Phonograms Treaty). Section 512 of the Digital Millennium Copyright Act (DMCA) in the
Page 2 of 21

wards IL for copyright and trade mark infringement. In 2006, the State Council of China
promulgated the Regulations 2006,25 which prepared China to become a member in 2007
of the WIPO Internet Treaties.
fringement provides an indicator of the convergence of IL regulation in China. In doing

so, Section 2 deals first with the E-Commerce Law 2017. Then it will cover the historical
development of IL for trade mark infringement. Section 3 deals with IL legislation and
case law for copyright infringement; Section 4 provides the conclusion. Due to limited
space this chapter will not deal with the obligations for intermediaries to disclose the
al of their immunity.
1.
fringement
lectual property rights (IPRs),26 and endangering the safety and health of the public with
their supply of fake and substandard goods. By sending one or two packages at the same
time, counterfeiters remain under the criminal thresholds,27
ment of online trade mark infringement particularly challenging.
(p. 281) The Alibaba Group which includes Taobao, TMall, and Alibaba, was identified in
2010, and 2011 for facilitating the sale of counterfeit goods to consumers and businesses.
Assurances and measures taken against counterfeit products were the reason that Taobao
er, in 2016 Taobao returned to the list. Not only the USTR complained that Taobao was
istration and administration nationwide, made complaints in a 2015 White Paper.28

Subsequently, in 2016, the head of the SAIC, Zhang Mao, did so again in a TV interview
saying that the executive chairman of the Alibaba Group, Jack Ma, is not outside the law
and should take responsibility in regard to counterfeit products being traded on online
market platforms.29 On 13 April 2016, Alibaba became the first online market platform to
become a member of the International Anti-Counterfeiting Coalition (IACC). However, a
30
31
fered online are often of better quality and better priced than the genuine products.32
Page 3 of 21

crease the punishments for counterfeiters.33

line market platforms facilitating counterfeiting to direct infringers,34
first E-Commerce Law draft. In this E-Commerce Law draft,35 the emphasis seems to be
(p. 282) more on facilitating e-commerce than on regulating it. The draft can be perceived
36
Any obligations to take preventive measures have been removed. The draft also leaves
uncertainty about the role of administrative enforcement authorities such as the SAIC.37
commerce violates the provisions of Article 5338 and clearly
39
40
dard was already accepted in Article 27 of the Beijing Guidelines.41 Although formally this
opinion guides only Beijing courts, it can be seen as the accumulation and codification of
vide eight factors that indicate when a platform service provider knows that a network
vendor is infringing IPRs:42
(1) if the alleged infringing information is located on the front page of the website,
on the front page of a section, or in other obvious visible locations;
(2) if the platform service provider initiated the editing, selection, sorting, ranking,
recommendation, or modification of the alleged infringing information;
(3) if there is notification by the rightholder enabling the platform service provider
plemented through its network service;

(4) if the platform service provider did not take appropriate reasonable measures
even though the same network vendors repeated the infringement;
(p. 283) (5) if there exists information that the network vendor acknowledged that it
infringed rights;
(6)
able;
(7) if the platform service provider directly obtains an economic benefit from the
spread or transaction of the accused infringing information;
(8) if the platform service provider knows of the existence of an alleged infringement
from infringing behaviour on other trade mark rights.
Page 4 of 21

A ninth factor, that can be found in the case law but not in the guidelines, although it is
ods for notification and takedown.
Before the E-Commerce Law draft, there was no particular nationwide regulation for IL in
the case of trade mark infringement. In its absence, the horizontal43 General Principles of
Civil Law 198644 and the Tort Liability Law 200945 could be used to base an action
against online trade mark infringement. Article 118 of the General Principles of the Civil
ages be compensated.46
ment.47
The legislation and case law regarding IL for online copyright infringement was applied
by analogy in the case of online trade mark infringement. This was especially the case
with the notice-and-takedown and safe harbour provisions of Regulations 200648 and the
Tort Liability Law 2009. Article 36(1) of the Tort Liability Law 2009 imposes tort liability
on a network user or network service provider who infringes the civil rights or interests
of another person through the network.49
ty Law 2009 provides that the network service provider will be jointly and severally liable
if it fails to take the necessary measures in a timely manner, such as deletion, blocking, or
disconnection after being notified.50 The following case law answers the question of what
fringement of the Right of Dissemination through Information (p. 284) Networks of 2012,
51
sets out a range of factors for
ing counterfeiting.52
1.1 Establish Internal Procedures and Enforce Accordingly
Chinese courts have defined criteria for enforcement obligations by online platforms in
multiple cases of trade mark infringements brought to their attention. In turn, this has
Aktieselskabet AF v eBay Shanghai in 2006, the establishment of a procedure to notify
cause, according to the judge, not all advertised goods can be checked.53 In 2010, E-land
Fashion sued Taobao for contributory liability on the ground that it complained five times
censed to the plaintiff.54 However, the court held that Taobao had fulfilled its reasonable
Page 5 of 21

duty of care as a network service provider.55 In 2011, E-Land Fashion sued Taobao again,
line platform jointly liable with the counterfeiter for the first time in China.56 The court
decided that Taobao knew or should have known that its user was selling counterfeit
goods but nevertheless had not adopted effective measures to end the illegal activity. The
(p. 285) and notice-and-
here to its own rules.57
1.2
ment
In 2010, after seven complaints E-Land Fashion sued Du Guofa and Taobao for trade
58
even though
fringer, thus becoming guilty of contributory infringement according to Article 50(2) of

the Implementing Rules of the Trademark Law 2001. Taobao appealed to the Shanghai
nations and justifications) to Taobao concerning links on its online platform that offered
counterfeit goods from September to November 2009. Taobao deleted 117,861 infringing
links, and from February to April 2010 E-land Fashion filed another 153,277 complaints,
which resulted in 124,742 deletions. The sheer number of complaints and deletions, after
fringements, therefore the defendants should have put in place appropriate reasonable
measures for repeat infringement.59
In 2012, in Descente v Today Beijing City Info Tech

held that because the defendant was running a website for group purchasing it should
not only apply reactive but also proactive measures.60 In other words, depending on its
involvement in the services offered and the process used, its duty of care would increase
or decrease.
(p. 286) 1.3 Inferences
In 2005, Taobao was sued by the Swiss watch brands Longines, Omega, and Rado. The
Swiss watch brands argued that Taobao should have known of counterfeits because of the
large price differences between genuine and counterfeit watches offered on their online
platforms. The parties settled.61 In 2013, the Trademark Law was amended. Article 57(6)
Page 6 of 21

62
Compare this with the previous
provision in Article 52(5) of the Trademark Law 2001, which did not include the condition
63
quirement only appeared in Article 50(2) of the Regulations Implementing the Trademark
Law 2002.64 The inclusion of the intentionality language in the Trademark Law 2013,
65
2.
right Liability
work service providers which together with a direct infringer infringed on a copyright
(p. 287)
joint liability.66 This fault-based liability doctrine was applied in Music Copyright Society
of China v Netease & Mobile Communications in 2002.67 In that case, a distinction
emerged between primary and secondary liability. Allegedly, Netease would be primarily
liable for direct infringement of the right of communication to the public of the works, in
that instance ringtone files. Mobile Communications, instead, would be secondarily liable
ter being informed by the copyright holder, to stop the transmission of the infringed
work dissemination. It only received ringtones from Netease and forwarded them to its
trine is also called the passive conduit or transmission doctrine.68

tions 2006 would later codify this conduit or transmission defence.69
2.1 Non-Interference
The same non-interference principle can be observed in Go East Entertainment v Beijing

Century Technology in 2004.70
ChinaMP3.com by selecting and organizing various links to infringing third party sources,
demonstrated that it could discriminate between licensed and unlicensed recordings,
pated in the illegal dissemination of unlicensed recordings. This made ChinaMP3.com

jointly liable with the third party websites under Article 130 of the General Principles of
the Civil Law 1987.71 According to the court, it was irrelevant that the plaintiff had not
Page 7 of 21

sent any notice-and-takedown requests to enable the defendant to take the necessary
measures to remove the infringing links.
More specific regulation in regard to IL for online infringements was promulgated

(p. 288)
in 2000. This included the Regulation on Internet Information Services, which deals with
providing information services to online subscribers.72
tent forbidden by laws and regulations.73 Article 16 requires network service providers to
immediately terminate a transmission, keep a record of it, and report it to the relevant
authorities when it finds unlawful information.74
The Interpretation of Several Issues Relating to Adjudication of and Application to Cases
Court in 2000 to clarify IL for online copyright infringement.75
ment. Rule 5 also imposes joint liability if the intermediary obtained clear knowledge or
was warned by a rightholder based on solid evidence of copyright infringement.
After the above-mentioned Regulation on Internet Information Services, the copyright

statutes were updated in 2001. However, the copyright law reform of 2001 only prepared
76
Then, in 2006, the most important
tions 2006.77 These Regulations distinguish between the following categories of network
service providers: (1) those who provide automatic access to their subscribers;78 (2) those
who provide automatic storage of works, performances, and audiovisual recordings from
other network service providers to their subscribers;79 (3) those providing subscribers
with storage space to make works, performances, and (p. 289) audiovisual recordings
available to the public;80 and (4) those providing searching or linking services to their
subscribers.81 Network service providers in the first two categories cannot be held liable
if they did not interfere with their automatic access or storage processes. For the latter
efit from the protection of the safe harbour.
2.2 Removal after a Notice-and-Takedown Request
tice-and-takedown request82 from a rightholder should promptly remove or disconnect
ing.83 There case law is inconsistent on whether one notice can concern multiple works.
The court in Guangdong Mengtong Culture Development v Baidu in 2007 confirmed that
this was possible.84 Other courts, however, have demanded that each work should receive
its own notification.85
Page 8 of 21

Article 14 of Regulations 200686 states that when rightholders file a notice-and-takedown
request they must detail the contact information, information regarding the work, and
tion, the storage-space provider should promptly87 remove the alleged infringing (p. 290)
work, performance, or audiovisual recording otherwise it will be liable.88 If the network
service provider removes or disconnects a link to a work, performance, or audiovisual
recording that turns out to be non-infringing, the rightholder who requested the removal
will be held liable.89 Network service providers will replace or restore a link to the work,
performance, or audiovisual recording90
scriber in the case of evidence of non-infringement.91
2.3 Necessary Measures
Article 36(2) of the Tort Liability Law 200992 imposes obligations on the network service
provider to take necessary measures such as deletion, blocking, or disconnection after
notification by a rightholder or if it knows that a network user is infringing on the civil
rights or interests of another person through its network services.93
vice provider fails to take the necessary measures in a timely manner, it will be jointly
in the fifth and final version.94 The Tort Liability Law makes a distinction between direct
tort liability95 and indirect liability.96
2.4 No Financial Benefits
Article 22(4) of Regulations 200697 states that the safe harbour is not for network service
able. However, in China, in principle, a network service provider without control can still
be held liable. In practice, the specificity of the connection between the (p. 291) infringed
work and the financial benefit for the network service provider determines whether it will
lose the immunity provided by the safe harbour.98
2.5 Inducement and Contributory Liability
couragement or aid to the wrongdoer.99 Tortuous liability is created where the network
tivity that it has instigated or assisted.100
Page 9 of 21

Article 22(3) of Regulations 2006 states that a network service provider that provides
storage space is not liable if it does not know or has no reasonable grounds to know that
101
In other words, the network service provider will be held liable if
from the circumstances, as any reasonable person would do.102
103
ment. Therefore, a network service provider becomes liable if it has actual, constructive,
or apparent knowledge.104
(p. 292) 2.6 Non-Interference
A few norms provide general principles of non-interference. Article 22(2) of Regulations

2006 asserts that works, performances, or audiovisual recordings cannot be altered by a
network service provider that provides storage space, otherwise liability will be
incurred.105
vant Issues Related to the Trial of Civil Cases involving Disputes over Infringement of the
Right of Dissemination through Information Networks.106 Article 10 of these provisions107
clarifies that if a network service provider provides web services, by establishing charts,
ommends the latest film and television programmes that can be downloaded or browsed
or are otherwise accessible by the public on its web pages, that is an indication to the
court that the network service provider should have known that its users were
infringing.108
Article 12 of the same Provisions states that the court may determine that the network
service provider should know that uploaded content is infringing if popular films or TV
shows are posted on the homepage or other prominent web pages; or the hosting service
provider actively selected, edited, arranged, or recommended the topic of the work, or
109
The court will assume that the infringing nature of
the uploaded work could not have escaped the attention of the hosting service provider,
which nevertheless took no reasonable measures to stop the infringement.
3. Conclusions
In a complex interplay of successive laws, regulations, case law, judicial interpretations,
and guidelines, a convergence has evolved in the case law of China in regard to IL for
(p. 293) copyright and trade mark infringement. As a result, the Beijing Guidelines
2016,110 have successfully codified many trends in the IL case law. These guidelines have
only mandatory authority over Beijing courts, however their persuasive authority can also
Page 10 of 21

reach other courts. Eight factors are indicative for the determination of knowledge by the
platform service provider:
(1)
vice provider;
(2) the platform initiated the editing, selection, sorting, ranking, recommendation, or
modification of the alleged infringing information, indicating its interference;
(3)
form service provider of the alleged infringement;
(4)
vice provider has not taken appropriate reasonable measures;
(5) the existence of information that the network vendor acknowledged that it had
infringed rights;
(6) the sale or offering of goods or services at a price that is unreasonably low;
(7)
ing or transaction of the accused infringing information (this seems harsh without a
ever, with advanced technology full control becomes a reality);

(8) the platform service provider knows of the existence of the alleged infringement
from the infringing behaviour on other trade mark rights (the platform service
ing and preventive analytics, will be able to offer solutions).
lines: that platforms have not set up and implemented a system to enforce infringements
via notice and takedown.
China, with its multi-layered censorship regime, extensively uses human reviewers to find
dangers state security and social harmony. However, technology has passed a critical
threshold, whereby cost-effective computing power can be effectively used to filter
servers proactively against infringements. Platforms, such as Alibaba and Baidu, with
their wealth of data are best positioned to continuously teach their machines via deep
gence makes each platform omniscient, which will deal a fatal blow to the already weak
tion to take appropriate reasonable measures in the case of specific knowledge to an

obligation to take reasonable measures in the case of general knowledge. The implication
is (p. 294)
tensified and that they will gradually have to proactively monitor and cleanse their
servers.
Despite the censorship system and technological advancements, the pendulum has swung
back in the direction of weakening the duties of care in the E-Commerce Law draft. This
Page 11 of 21

flex of the Chinese government to prefer self-regulation, alternative dispute-resolution
power, and confidence that direct infringers can be detected and identified. However,
platforms, especially in China, which are now mature and financially powerful, are best
positioned to make full use of technologic advancements to filter what is on their servers.
crease for platforms to take on more responsibility.
Notes:
(1
riod ended on 26 January 2017. No drastic changes from the first draft are expected. See
NPC, 27 December 2016) <http://
www.npc.gov.cn/npc/lfzt/rlyw/node_31834.htm>.
(2
a harmonious society. The regulations are partly overlapping and fragmented in relation
tion Services. Subsequently, online service providers will receive lists of words that need
11.
(3 Alizila,
16 January 2017) <http://www.alizila.com/alibaba-launches-big-data-anti-counterfeiting-
alliance/>.
(4
Wired, 15 March 2016) <
nal-game-go-genius-lee-sedol/
The Atlantic, 16 February 2016) <http://www.theatlantic.com/technology/archive/
2017/02/china-artificial-intelligence/516615/>.
(5
(6) Online platforms use different kinds of digital fingerprinting systems to help content
creators to manage and enforce their copyrighted works; and provide systems to submit
complaints of copyright and trade mark infringement. Untitled (AliProtect, undated)
<http://legal.alibaba.com/index.htm?language_id=english>.
Page 12 of 21

(7
(13 April 2016) (Ch.) (hereafter Beijing Guidelines).
(8
fore, national champions have developed in China which, after first having imitated their
Trade Concerns in International Economic Law (Routledge 2016).
(9) Internet Live Stats; elaboration of data by the International Telecommunication Union,
World Bank, and United Nations Population Division.
(10) Taobao Marketplace is an online marketplace for consumer-to-consumer business;

Taobao Mall (TMall) for business-to-business, and Alibaba for business-to-business. They
are all part of the Alibaba Group in Hangzhou, Zhejiang.
(11 BBC News, 11 November 2016)

<http://www.bbc.com/news/37946470>.
(12) 17 USC § 512, 112 Stat. 2860 Pub. L. 105-304, 28 October 1998 (US).
(13) Council Directive 2000/31/EC of the European Parliament and the Council of 8 June
(14
tion Network promulgated by decree of the State Council no. 468, adopted at the 135th
Executive Meeting of the State Council on 10 May 2006 and coming into effect on 1 July
2006 (Ch.) (hereafter Regulations 2006).
(15) See E-Commerce Law (n. 1).
(16) See Copyright Law amended up to the Decision of 26 February 2010 by the Standing
(17
(ed.), Google and the Law: IT and the Law (TMC Asser 2012) 15.
(18) See Trademark Law (as amended up to Decision of 30 August 2013, of the Standing
(19) Although counterfeit products, threatening health and safety, can cause serious social
BBC News, 22 April 2004)
<http://news.bbc.co.uk/2/hi/asia-pacific/3648583.stm>.
(20
Page 13 of 21

ating the Construction of Social Sincerity, State Law no. (2016)33 of 30 May 2016 (Ch.),
original and translation at China Copyright and Media <http://
cerning-establishing-and-perfecting-incentives-for-promise-keeping-and-joint-punishment-
systems-for-trust-breaking-and-accelerating-the-construction-of-social-sincer/>. See also
Hong Kong Free Press, 3 January 2016) <http://www.hongkongfp.com/

2017/01/03/test-zone-proposed-for-chinas-orwellian-social-credit-system/?
utm:content=bufferc23d5&utm:medium=social&utm:source=linkedin.com&utm:campaign=buffer>.
(21
TechCrunch, 1 June 2016) <http://techcrunch.com/2016/06/01/china-attempts-to-
reinforce-real-name-registration-for-internet-users/>.
(22) See Friedmann (n. 5).
(23) See Berne Convention for the Protection of Literary and Artistic Works of 1886, last
amended in 1979.
(24) See Marrakesh Agreement Establishing the World Trade Organization, Annex 1C:
Agreement on Trade-Related Aspects of Intellectual Property Rights (15 April 1994) 1869
UNTS 299, 33 ILM 1197.
(25) See Regulations 2006 (n. 14).
(26) IL in the case of patent infringement is another important issue. See e.g. Zaigle v
TMall
tellectual Property, undated) <http://www.sbzl.com/index.php?

a=show&catid=10&id=166>.
(27
March 1997 (Ch.).
(28) The White Paper was retracted on 30 January 2015, two days after being issued. See
Reuters, 30 January 2015) <

cle/us-alibaba-group-saic-idUSKBN0L31S020150130>.
(29
Fortune, 11 August 2016) <http://fortune.com/2016/08/11/alibaba-counterfeit-
goods-regulator/>.
(30) Several brands had complained of its non-compliance; another reason was that there
was a conflict of interest for the IACC president who did not disclose that he had stocks
Page 14 of 21

Reuters, 13 May 2016) <http://www.reuters.com/article/us-alibaba-iacc-

idUSKCN0Y42LS>.
(31 CNBC, 16
May 2016) <
spite-iacc-membership-suspension.html>.
(32
Bloomberg Technology, 14 June 2016) <http://www.bloomberg.com/
news/articles/2016-06-14/alibaba-s-ma-fake-goods-today-are-better-than-the-real-thing>.
(33
SCMP, 7 March 2017) <http://www.scmp.com/business/china-
business/article/2076768/alibabas-jack-ma-calls-laws-counterfeiting-be-tough-those>.
(34) However, Art. 54 of the E-Commerce Law draft protects vendors against abuse of IP
rights, via a system of counter-notifications and imposing liability on the rightholder if he
causes losses to a vendor who was not selling counterfeit goods. See n. 1.
(35 China IPR

ber 2016) <http://chinaipr.com/2016/12/30/e-commerce-law-up-for-public-comment/>.
(36 Managing Intellectual

Property Magazine, March 2017).
(37) They have legal authority ex officio and/or inter partes and can request evidence held
by platforms and other parties, e.g. payment services and transport companies. See
SIPS Asia, 28 February 2017)
<http://sips.asia/knowledge/legislation-and-policy/draft-ecommerce-law-issued/>.
(38
tor infringes the IP rights within the platform, the online trade platform shall take the
cial media or search engines or domestic and international purchasers, is not yet known.
(39) ibid. Art. 88.
(40) See Tort Liability Law, adopted at the 12th Meeting of the Standing Committee of the
Art. 36 (Ch.); Trademark Law (n. 18) Art. 52.
(41) See Beijing Guidelines (n. 7) Art. 27.
(42) ibid.
(43) cf. the e-Commerce Directive, that works across all sorts of IPRs.
Page 15 of 21

(44
dent on 12 April 1986 (Ch.).
(45) See Tort Liability Law (n. 40).
(46) See General Principles of Civil Law (n. 51) Art. 118.
(47
(48) In Section 3, the Regulations 2006 will be dealt with more comprehensively.
(49) See Tort Liability Law (n. 40) Art. 36(2).
(50) ibid.
(51
Relevant Issues Related to the Trial of Civil Cases involving Disputes over Infringement of
the Right of Dissemination through Information Networks.
(52 China IPR, 27

January 2013) <https://chinaipr.com/2013/01/27/comments-on-the-prc-trademark-law-
amendments/>.
(53 Aktieselskabet AF v eBay Network

Info. Services (Shanghai) Co. [21 August 2006] 2005 no. 371 (Ch.) (deciding that it would
be sufficient for defendants to establish a reporting system to stop online IP violations.
chandise sold and even if the defendants had checked the products advertised online,
which might be genuine, then fake products could still be delivered offline).
(54 E-land Fashion (Shanghai) Trade Co. v

Taobao Network Co. & Xu [10 September 2010] (Ch.).
(55) ibid.
(56 E-Land Fashion (Shanghai) Trade Co.

v Taobao Network Co. & Du Guofa [25 April 2011] 2011 no. 40 (Ch.) affirming Shanghai
(57
mitted any act of infringement, Taobao could prevent the accused vendor from releasing
the goods, withdraw the disputed goods, make public announcements about the penalty,
cel the account concerned, etc.).
Page 16 of 21

(58
fa [19 July 2010] (Ch.) (where E-Land Fashion claimed compensation for its losses and a
public apology in newspapers from the defendants).
(59
would remove infringing links. In the eyes of the court, that was another indication that
Du Guofa was an infringer.
(60
fo. Tech. Co
[19 December 2012] 2012 no. 3969 (Ch.).
(61 Global Times, 22 July 2011) <http://www.china.org.cn/

>.
(62) Trademark Law (n. 18) Art. 57(6).
(63
(64) See Regulations for the Implementation of the Trademark Law, promulgated by State
Council Decree no. 358 of 3 August 2002, and effective as of 15 September 2002, Art.
(65) See Regulations for the Implementation of the Trademark Law, promulgated by State
providing such facilities as storage, transport, mailing, printing, concealing, business
(66
stigates or assists others to perform a tortuous act is joint tortfeasor, and shall bear civil
(67 Music Copyright Society of China v

Netease.com Inc. & Mobile Communications Corp. [20 September 2002] 2002 no. 3119
(Ch.).
(68) cf. Transitory Digital Network Communications in 17 USC § 512(a) (US).
Page 17 of 21

(69) See Regulations 2006 (n. 14) (under the conditions that the network service provider
fered only to its subscribers).
(70
ry Technology Co. Ltd [2 December 2004] no. 713 (Ch.).
(71
putes over Computer Network 2003 was the basis for the case. The 2006 version of the
Interpretation supersedes the previous one and the provision can be found in Art. 3.
(72) Regulation on Internet Information Services, promulgated by State Council Decree

no. 292 of 20 September 2000, Art. 2 (Ch.).
(73) ibid.
(74) ibid.
(75) See Interpretation of Several Issues Relating to Adjudication of and Application to

Cases of Copyright Disputes on Computer Network, adopted at the 1144th Meeting of the
fect on 21 December 2000.
(76
(77) See Regulations 2006 (n. 14). The Regulations were amended on 30 January 2013, by
tions 2006 and its 2013 amendment were promulgated by the State Council.
(78) See Regulations 2006 (n. 14) Art. 20. Cf. 17 USC § 512(a): Transitory Digital Network
Communications.
(79) See Regulations 2006 (n. 14) Art. 21 (providing that a network service provider
caching works, performances, and audiovisual recordings from another network service
ability to obtain information about use of the cached materials, and automatically revises,
deletes, or disables access to the materials where the originating network service
provider does the same). Caching links fall outside the scope of this safe harbour as
sia v Baidu Zhejiang Flyasia E-Business Co.
Ltd v Baidu Inc. [2007] no. 1201 (Ch.) (where Baidu provided on its own initiative access
to an archived copy and modified that copy). Cf. 17 USC § 512(b): System Caching.
Page 18 of 21

(80) See Regulations 2006 (n. 14) Art. 22. Cf 17 USC § 512(c): Information Residing on
Systems or Networks At Direction of Users.
(81 Court
held that search engines are prima facie not liable for referring to infringing resources
EMI Group Hong Kong Ltd

v Beijing Baidu Network Technology Co. Ltd [17 November 2006] no. 593 (Ch.). However,
sufficiently remove the infringing links after notification by the copyright holder. This was
able for removing only fifteen out of twenty-six allegedly infringing recordings, pursuant
tained infringing links to those recordings, and was thus negligent in not terminating all
Go East Entertainment Co. Ltd (HK) v
Beijing Alibaba Technology Co. Ltd [20 December 2007] no. 02627 (Ch.). Compare this
with 17 USC § 512(d): Information Location Tools.
(82) See Regulations 2006 (n. 14) Art. 22(1) (stating that the network service provider
that provides storage space to subscribers, should make this clear and indicate its name,
contact person, and network address; otherwise it will be held liable).
(83) See Regulations 2006 (n. 14) Art. 15.
(84) See Guangdong Mengtong Culture Dev. Co. Ltd v Baidu Inc. [2007] no. 17776 (Ch.).
(85) See e.g. Warner Music Hong Kong Ltd v Alibaba Info. Tech. Co. Ltd [2007] no. 02630
(Ch.).
(86) Regulations 2006 (n. 14) Art. 14.
(87
in five days. However, in the final Regulations 2006 draft, that definition was removed.
(88) See Regulations 2006 (n. 14) Art. 22(5).
(89) ibid. Art. 24.
(90) ibid. Art. 17.
(91) ibid. Art. 16.
(93) ibid. Art. 36(3) (noting that notice that the infringement of the civil rights or interests
of another person could concern copyright, trade mark, or patent infringement).
Page 19 of 21

(94
(96) ibid. Art. 36(2).
(98
ings may be taken into account in the determination of the fault of the ISP as the case
(99) Before Metro-Goldwyn-Mayer Studios Inc. v Grokster Ltd, 545 US 913 (2005) (US),
contributory liability could be used (defendant has knowledge of infringement by another
and materially contributed to the infringement) as well as vicarious liability (defendant
tions in the case of copyright infringement. Grokster

fendant acts with the object of promoting infringement by others) to the possible actions.
(100) Qiao Tao (n. 94) 5.
(102
http://journal.csusa.org/archive/v60-04-
YongWanCPY404.pdf>.
(103 Zhongkai Co. v Poco.com

professional video website, in its daily operation of the website, it must have known, or at
least should have known that the movie concerned was unauthorized by viewing the
Sohu v Tudou [2010] (Ch.).
(104
ing content recommended or ranked (apparent knowledge); any selection, organization,
ducted (constructive knowledge)).
Page 20 of 21

(106
tion 2012 no. 20 (passed on 26 November 2012 at the Trial Committee of Supreme
http://www.chinacourt.org/law/detail/2012/12/id/
146033.shtml> (original Chinese text). <http://chinacopyrightandmedia.wordpress.com/
2012/12/17/interpretation-concerning-some-questions-on-concretely-applicable-law-in-
tion-networks> (English translation) (hereafter Provisions 2012). See also Gabriela
Hogan Lovells, 5 February 2013) <http://www.lexology.com/library/

detail.aspx?g=09839f10-4ca7-4daf-92ca-a0e3264b6938>.
(107) See Provisions 2012 (n. 106) Art. 10.
(108
June 2014, which included a civil case concerning copyright infringement:
tional v Shanghai TuDou Network Tech. Co. Ltd
, 26 June 2014)
<http://supremepeoplescourtmonitor.com/2014/06/26/a-model-copyright-infringement-
case-a-bite-of-china/>.
(109) See Provisions 2012 (n. 106) Art. 12.
(110) See Beijing Guidelines 2016 (n. 7).
Danny Friedmann
Danny Friedmann is Visiting Assistant Professor of Law, Peking University School of

Transnational Law in Shenzhen. Email: ipdragon@gmail.com.
Page 21 of 21

dia, Japan, South Korea, Indonesia, and Malaysia
sia, and Malaysia

Kyung-Sin Park
This chapter compares the intermediary liability rules of six major Asian countries and
highlights how there seems to be confusion on their nature, although the commentators
of the US Digital Millennium Copyright Act. The chapter describes how China and South
Korea inadvertently created a liability-imposing rule instead of a liability-exempting rule.
vert the whole system into a liability-imposing one. However, that threat had an impact on
the jurisprudence with the 2013 Shreya Singhal decision making the Indian system one of
ing between a liability-imposing rule and a liability-exempting one in the light of other
copyright notice and takedown appears to follow the US model closely but has a structure
that allows the same misunderstanding made by South Korean regulators.
Keywords: China, India, Indonesia, Japan, Malaysia, South Korea, online intermediaries, safe harbour, liability
social media law sounds innocent to the extent that it obligates social media
so.1 However, the lessons from Asia where liability was imposed on failure to take down
notified unlawful content speak otherwise. Such an innocent-sounding rule has profound
to a damaging precedent for illiberal states to also regulate online speech in more drastic
2
Page 1 of 30

fore the power of the internet, an intermediary that cannot possibly know who posts what
mitted via third party content hosted on its services. If intermediaries (p. 252)
able for this unknown content, the intermediaries will have to protect themselves either
tions) or by approving all content prior to being uploaded. If that occurs, it can be said
it approval of the intermediary that was aware of the posting and yet did not block it. The
unapproved
should be considered the speaker or publisher of that content.3 Some think that went too
exempt from liability only content not known about. The EU did just that, although adding
a requirement to act on such knowledge in order to obtain immunity,4
intermediaries take down all content on notification regardless of whether the content is
illegal or intermediaries are aware of that fact.5 The DMCA, incentivizing intermediaries
into automatic takedowns, is often criticized6
munity to intermediaries who receive notification but are not convinced of its substance.
In any event, notice-and-takedown safe harbours have spread.7
8
of six major countries in Asia: China, India, Japan, South Korea,
tinent,9 and extremely high internet-penetration rates.10 Confusion abounds. (p. 253)
11
Maybe the truth lies in between as we shall discover.
1. China
1.1 Basic Laws and Regulations
diaries who have the requisite knowledge of infringing activity on their services will be
held jointly and severally liable. In addition to that general rule, Article 36 of the Law of
Tort Liabilities (LTL) controls intermediary liability in China.12 Article 36 paragraph 3 of
son whose rights are being infringed sends notification of that fact to the intermediary,
Page 2 of 30

tion, the intermediary is jointly and severally liable with the direct infringer to the extent
that any further damages have been caused by its inaction.13
14
from Regulation on the Protection of the Right of Communication Through Information

15
which was in turn a Chinese attempt to
16
adapt the DMCA safe harbour.
(p. 254) However, what is glaringly absent from the text of LTL 36 is that there is no
stances, which is the central predicate of section 512 of the DMCA. This may come as a
surprise to Chinese commentators who typically reason as follows:
Upon receiving notification, if the ISP expeditiously takes measures to disable the
allegedly infringing online material, it may be exempt from liability. For instance,
in Gengxin Chen et al v Baidu (Beijing) Network Tech Co Ltd,17 after receiving a
notification from the plaintiff, Baidu removed the defaming hyperlink from search
that the damage was not caused by Baidu and thus Baidu was not liable.18
mity with a normal description of DMCA-like notice and takedown, the truth is that there
even an attempt to create an elective safe harbour, let alone a mandatory one.
exempt from liability for removing the content on notification to the user who posted the
content.19
plainant for damages to restore the removed material or seek damages for removal.20
However, there is no obligation to inform the poster that the posting has been removed.
Although RCIN itself is properly phrased after the liability-exempting language of DMCA
down to emulating the rule whereby the exemption from liability to the poster is bartered
21
RCIN 14-17 is often interpreted (p. 255) as
a liability-imposing rule (or at least so that a failure to obtain a safe harbour directly
translates into a liability) as you will see in cases such as Fanya and Pomoho. This only
adds to the deep divergence between section 512 of the DMCA and LTL 36.
1.2 Liability-Imposing v Liability-Exempting
acted to specify when intermediaries would not be held liable. Therefore, the fact that an
intermediary does not take corrective action under the DMCA is in itself not a cause for
Page 3 of 30

liability.22 Its failure to take corrective action under the DMCA only starts a substantive
quired to take corrective action under the DMCA but, if and when they choose to do so,
ing content.
Court issued the Judiciary Interpretation for Statutory Application in Adjudicating Torts
to Personal Rights Through Information Networks of which Article 5 requires an (p. 256)
effective notification to include the following: (1) the identity of the complainant; (2) the
web address which is the target of remedial measures or the information necessary to
identify the infringing material; and (3) the grounds for removing the target material.23
ments was not considered sufficient to trigger the notice-and-takedown obligations.24
still held Baidu responsible for not requesting Fanya to produce the web addresses.25
Although Baidu v Fanya
no more lenient for personal rights than for copyright and it can be easily inferred that an
obligations under LTL 36 may be even more austere than under RCIN 16. In one instance,
even when an intermediary, on receiving an incomplete notice, did request a URL,26 the
court said that the intermediary should have taken earlier proactive measures to remove
the insulting comments even without the web address having been notified.
The impact of Fanya-like cases is clear: once intermediaries are held liable for content not
effectively notified, intermediaries will start to take down all notified content, regardless
of the substance or procedural efficacy of that notice. When intermediary liability rules
bility. Intermediaries not liable under general tort law (e.g. lack of previous knowledge)
may still be liable for not acting on notification and, conversely, compliance with notice
Page 4 of 30

and takedown does not guarantee that an intermediary will not be held liable. Under this
regime, intermediaries are bound to over-enforce.
Secondly, LTL 36 imposes liability not only in cases of non-response but also in cases of
has a red flag component whereby exemption for infringing content is not recognized
exemption. It does not, in itself, become a basis for liability as in the (p. 257) case of LTL
emption rule.
The liability rule may be a restatement of general tort liability but, as such, the end result
brings us back to face the perils of the pre-safe-harbour days: no matter how cautious
courts claim to be in finding constructive knowledge,27
stance, a video platform was held liable under RCIN for not proactively looking out for
the release of a famous film28
abling nude photographs of a popular celebrity alleged to be having an affair,29
out any notification from the rightholders.
no one cries foul, especially where so much information is automatically delivered to so
monitoring or pre-approval. It is difficult to maintain a happy medium since once some

level of editing begins, it is deemed that there is more capacity for editing, and eventually
liability will be incurred for third party content. Article 9 of the Judiciary Interpretation of
30
The more measures are taken to prevent unlawful
content, the more content an ISP will be held responsible for. Hence a liability trap.
Thirdly, even if LTL 36 clearly states that intermediaries will be held responsible only for
unlawful content and even if the requirements of knowledge and notification are carefully
guarded, it is very difficult for intermediaries to know in advance whether certain content
is unlawful, and they will seek shelter by taking down even lawful content.
(p. 258) Now, one may wonder about the practical consequences of this result. Even under
sen to benefit from the exemption provision. Under the LTL, they are also incentivized to
take down lawful content because they do not know in advance whether the content is
lawful or unlawful. In both scenarios, the intermediaries are incentivized to take down:
the key difference being that they choose
tively coerced
Page 5 of 30

ty rule will not have that leeway because being wrong about the lawfulness of the content
directly translates into liability.
1.3 Conclusions
The Chinese intermediary liability regime for defamation is neither strict liability nor a
true safe harbour. It is limited liability in a sense that intermediaries are held liable only
fication, unfairly holding intermediaries liable, and naturally incentivizing them into
preted, intermediaries are likely to act on lawful content as well as erring on the safe side
of deleting the notified content.
2. India
amended in 2008. Under section 79 of the IT Act, intermediaries can avail themselves of a
and they have complied with the various due diligence requirements promulgated by the
government in 2011 (hereafter Intermediary Guidelines 2011).31
(p. 259) (including a complaint from a user). In the landmark judgment of Shreya Singhal,
a court order by the intermediary.32 The court clearly stated that intermediaries should
not be made to take down content until they receive a judicial order requiring them to do
so.33 It is an anomaly to require knowledge to be established by a court order. We shall
see how this transpired in the following.
Some commentators seem to think that immunity and liability are co-extensive (e.g. the
context of online defamation depends on whether or not they qualify for immunity under
34
However, a close reading suggests otherwise.
Page 6 of 30

tion (2) and (3), an intermediary shall not be liable for any third party information, data,
or communication link made available or hosted by him. (2) The provisions of sub-section
formation contained in the transmission; (c) the intermediary observes due diligence
while discharging his duties under this Act and also observes such other guidelines as the
Central Government may prescribe in this behalf. (3) The provisions of sub-section (1)
on receiving actual knowledge, or on being notified by the appropriate Government or its

agency that any information, data or communication link residing in or connected to a
computer resource controlled by the intermediary is being used to commit the unlawful
act, the intermediary fails to expeditiously remove or disable access to that material on
that resource without vitiating the evidence in any manner.35
aries will not

third party content depends on whether it has obtained immunity under (p. 260) section
79 of the IT Act because there can be situations where the intermediary may fail to obtain
immunity and yet it is not held liable.
2.2 Liability-Imposing v Liability-Exempting
The problem arises from interpretation of the Intermediary Guidelines 2011, which state
in paragraph 3 as follows:
edge by itself or been brought to actual knowledge by an affected person in writing or

through email signed with electronic signature about any such information as mentioned
in sub-rule (2) above, shall act within thirty six hours and where applicable, work with
user or owner of such information to disable such information that is in contravention of
sub-rule (2). Further the intermediary shall preserve such information and associated
records for at least ninety days for investigation purposes.
Now, what makes this provision confusing is that section 79 of the IT Act merely seems to
state the requirement of immunity, not of liability. One such requirement is observance of
due diligence. Thus far, due diligence is not an obligation but a choice which is relevant
ary Guidelines 2011 may have their own binding force. One civil society commentator
Page 7 of 30

to the intermediary in deciding questions of fact and law, which can only be done by a
36
It is noticeable that the applicability of immunity does not decide whether intermediaries
aries will be held liable since it has yet to go through the pre-safe-harbour regular torts
analysis. The facts that disqualify the said intermediary from immunity may also help to
prove its liability. For instance, failure to take action after receiving notification will be a
factor contributing to its liability. However, failure to take action will be only one of the
will make sense only if intermediaries are held liable for getting it wrong (e.g. retaining
unlawful content and mistaking it for being lawful). The Intermediary Guidelines 2011 do
not impose a blanket requirement that intermediaries must remove all unlawful content
tion 79A of the IT Act only to intermediaries who (p. 261) remove all unlawful content
able for getting it wrong. In a sense, the prevailing view of the Intermediary Guidelines
2011 is that it is liability-imposing, not liability-exempting.
2.3 Dialectical Turn of Singhal
In an unexpected turn, the court in Singhal accepted the liability view of section 79 of the
IT Act and the Intermediary Guidelines 2011 and dissolved what they believed to be a
problem in the only relevant paragraph in the case as follows:
Section 79(3)(b) has to be read down to mean that the intermediary upon receiving actual
able access to certain material must then fail to expeditiously remove or disable access to
mediary is then to judge as to which of such requests are legitimate and which are not.
tance, Argentina being in the forefront.37 Also, the Court order and/or the notification by
the appropriate Government or its agency must strictly conform to the subject matters
ing down Section 79(3).38
Section 512 of the DMCA does not require takedown notices to come from courts. The
cide on the substantive legitimacy of takedown requests. As long as they comply with
them (and comply with restoration requests with the same level of automation), they will
Page 8 of 30

mediaries comply with the due diligence rule in the Intermediary Guidelines 2011 (i.e.
take down on notification), they will not be held liable for third party content.
does not make sense. Under a true safe harbour like section 512 of the DMCA, Facebook
and Google are not even supposed to try to decide whether the notified content is lawful.
They are expected to claim exemption for all content simply by complying with takedown
requests (and with restoration requests). Likewise, intermediaries under section 79 do
not have to decide whether notified content is unlawful: they can claim (p. 262) exemption
for all content simply by removing content they come to know to be unlawful. They do not
have to make any effort to try to be accurate because being inaccurate does not mean
that they will be held liable. The Intermediary Guidelines 2011 state that intermediaries
tion-rule view of section 79 correct.
The Singhal court may have taken a liability-rule view of section 79: that this provision
mediary Guidelines 2011. If so, they may have been right to be worried about private,
non-judicial notifications pulling intermediaries into liability. Of course, such a liability-
rule view is, however, contrary to section 512 of the DMCA which explicitly states that
failure of immunity does not mean liability39
tablished by the legislators.40
There are obviously differences between section 512 of the DMCA and section 79 of the
IT Act. One such difference concerning the Singhal
vides an incentive only in one direction: towards taking down as much as they can, while
section 512 of the DMCA provides incentives for reinstating content. The Singhal court
erating under the unidirectional incentive faced difficulty in deciding on the legitimacy of
content.
In the end what is important is that the Singhal court tried to undo what it believed to be
a problem and created one of the strongest safe harbours whereby intermediaries are
shielded from liability even if they refuse to take any action on all non-judicial takedown
requests. Indeed, the stories of platforms refusing to take down and not being held liable
until they are ordered to take down by the courts abound in relation to section 230 of the
US Communications Decency Act (CDA).
2.4 Conclusions
the enforcement rule of section 79 and the Intermediary Guidelines 2011 impose (p. 263)
affirmative obligations to take down prohibited content on notification. The Singhal court
may have been worried about the censorship-incentivizing effects of section 79 or may
strict the action-triggering notifications to court decisions only. The end result is one of
Page 9 of 30

thing unless the courts find the content to be unlawful. This is similar to section 230 of
the CDA where intermediaries do not have to take down anything unless ordered by a
court to do so.
3. Japan
The Diet passed the Provider Liability Law in 2001, which covers both copyright and non-
copyright law.41
technically feasible to take measure to prevent the transmission of infringing information
fringement; or (2) the intermediary knew the existence of the relevant information and
ment.
unknown content even if it is unlawful as long as the intermediary has neither actual
edge it takes down the content.42

cially appropriate since both laws are horizontal; that is, they cover all fields of (p. 264)
ability, although we are comparing all safe harbours across national and sectoral lines
anyway.) Japanese commentators are not satisfied:
[t]he ISP is faced with a delicate and hard choice

plaint that some statements posted on its bulletin board was defamatory, however,
fendant could assert immunity. As a result, for the fear that the ISP might be held
liable if it refuses to remove defamatory statements, it is likely to remove them
even if the defendant could not be held liable. Such an attitude of the ISP would
wipe out many protected speech from the Internet. The Provider Liability Law is, I
believe, unconstitutional so long as it subjects the ISP to liability when there is a
reasonable ground to believe that it should have known that the information it was
ISP to remove the defamatory statements from its bulletin boards, he or she
view the claim and decide whether the defendant would be likely to be held liable
before issuing an order to remove them.43
structive knowledge. The Act merely states that an intermediary will not be held liable if
Page 10 of 30

the response is not made in accordance with these Guidelines. Conversely, the provider,
etc. shall not be absolved from liability for damages even if the provider, etc. responds in
44
3.2 Comparison With Other Safe Harbours
There may be concern that even the liability-exempting safe harbour could unduly favour
takedown over retention45 but such a critique takes on the entire class of safe harbour
DMCA in the United States, albeit at differing degrees. The idea behind a safe harbour is
to create a balance away from section 230 of the CDA in order to make intermediaries do
something about known unlawful content, or at least to make (p. 265) intermediaries do
something without worrying that their actions will be used as evidence against them (e.g.
of their ability to take down content which will justify penalizing their inactions). Any
sorship activities of intermediaries beyond doing nothing. The three safe harbours (Art.
Limitation Act (PLL)) vary in their degree of incentivizing intermediaries into censorial
activities. Section 512 of the DMCA conditionally46 requires taking down all notified
content expeditiously and Article 14 of the e-Commerce Directive conditionally requires
intermediaries to take down only known content expeditiously. On its surface, section 3 of
aries which probably means that intermediaries should remove unlawful content as soon
as they have knowledge (or constructive knowledge). However, on closer inspection, the
sufficient to disqualify an intermediary from the safe harbour while in the EU only actual
knowledge of illegality or apparent illegality is sufficient for disqualification.
What is interesting is that the intermediary is also given exemption for removing
unknown content. At the same time, according to section 3(2) the intermediary shall not
culation of infringing information if: (1) such measures are reasonably necessary; or (2)
the intermediary received notification of infringement, then relayed it to the originator,
and did not receive any notice of non-consent within seven days of doing so. The reality is
that it is unusual for intermediaries to be held liable for removing content in any event,
with or without the PLL, so that there is little incentive for giving the originator notice of
the proposed takedown. This is unlike the Canadian notice-and-notice where notification
to the author of a post is mandatory.47
Page 11 of 30

3.3 Conclusions
Japan has a proper exemption-type safe harbour but it is narrower in scope than the EU
come a basis for disqualifying exemption. However, it is broader in scope than the
(p. 266) disqualify intermediaries from exemption, only failure to act on knowledge does
4. Indonesia
On 30 December 2016, the Ministry of Communication and Informatics released Circular
Letter 5 of 2016 on the Limitations and Responsibilities of Trade Platform Providers and
tent, its first evrer attempt at an intermediary safe harbour in any field of law.48
therefore it does not apply to all intermediaries, only those mediating the sale of goods
and services. The ministry intends to follow this circular with the Ministerial Regulation
tail than the 2016 circular. However, the Regulation has not yet been released. Prior to
that it will hold public consultations in order to collect input.
The circular on safe harbours aims to clearly distinguish the roles and responsibilities of
e-commerce platforms, users, and all other parties in the e-commerce ecosystem. It aims
to establish a safety and reporting protocol for e-commerce platforms, as well as defining
restricted content for both users and platforms, which includes (but is not limited to):
gal by other legislation); intimidating content (e.g. goods/services depicting gore, blood,
gal access to electronic systems; provision and/or access to drugs, addictive substances,
tected flora and fauna.49
The circular on safe harbour obligates e-commerce platforms to include a mechanism

which allows users to report discovered illegal goods and services. When a platform is
alerted of illegal goods and services, it is mandated to take it down within one, seven, or
tional security and human health must be taken down within one day, pornography within
seven days, and goods/services that infringe intellectual property rights within fourteen
days.50
(p. 267) E-commerce platform providers are also obligated under the circular to provide
tems.51
Page 12 of 30

tions) with the platform provider prior to the use of its services. Concerns about overuse
ance, and e-commerce platform providers are also not obligated to report illegal activity
to law enforcers. However, it is very likely that illegal activities by merchants and/or
tronic Transactions Law.52
tablish an advanced content-filtering system in their platforms.53

sian safe harbour also suffers from confusion over the distinction between a liability rule
and an exemption rule. It is unclear what is meant by the Circular Letter: Section V, titled
Limitation and responsibility of Platform Providers or Electronic System Providers and
Merchants in Trade Through Electronic Systems (Electronic Commerce) in the Form of
C. Obligations and Responsibilities of UGC [User-Generated Content] Platform Providers
ditions for using the UGC Platform which at least contains the following: 1) obligations
and rights of Merchants or Users to use the UGC Platform services; 2) the obligations and
rights of the Platform Provider in carrying out the UGC Platform business activities; 3)
ney. c. Acting on complaints or reporting on content, including

tion of the truth of the report and ask the reporter to complete the requirements and/or
include other additional information related to the complaint and/or reporting in the
event that is needed; 2) take action to remove and/or block the prohibited content; 3) give
notification to the Merchant that the content uploaded is Prohibited Content; 4) provide a
means for Merchants (Merchants) to argue that the content they upload is not Prohibited
content; 5) reject complaints and/or reporting if the reported content is not prohibited
content. d. Pay attention to the period of removal and/or blocking of (p. 268) reporting
gent including, but not limited to: i) Products of goods or services that are harmful to
hibited Content is not later than 7 (seven) calendar days from the report received by the
UGC Platform Provider; 3) Prohibited Content as mentioned in Roman Letter V Letter B
number 1 letter e, that is, content related to goods and/or services that contain content
Page 13 of 30

that violates intellectual property rights is not later than 14 (fourteen) calendar days
sions of the legislation. 2. Responsibilities of the UGC Platform Provider include: a. being
able, safe and responsible. b. The provisions of letter (a) above do not apply if there is an
error and/or negligence of the merchant or platform user.54
The impact of paragraph V.C.2 of the Circular Letter is unclear. Paragraph V.C.1 states the
down regime discussed in paragraph V.C.1, standing alone, reads as though it is liability-
imposing, meaning that platform operators must comply with the notice-and-takedown
process and their failure to remove the prohibited content on notification will directly
55
sian legal framework.
5. Malaysia
mediary liability for copyright infringement.56 The provisions are similar to the DMCA in
the United States whereby ISPs and content aggregators are provided with immunity
from liability for copyright infringement if they protect copyright owners by removing or
disabling access to infringing content.
(p. 269)
ing a user via a hyperlink, directory or search engine to an online location which makes
an infringing work available. Under the condition that the service provider: (i) does not
have actual knowledge that the electronic copy of the work or activity is infringing; is not
aware of the facts or circumstances from which the infringing activity is apparent, which
is the red flag requirement (contributory liability); (ii) that the service provider does not
receive any financial benefit directly attributable to the infringement of the copyright and
tivity (vicarious liability); (iii) that upon receipt of a notification of any infringement, the
service provider responds within the time specified to remove or disable access to the
material. If no notification is given the service provider shall not be held liable. (2) A test
Page 14 of 30

is given for vicarious liability, which includes taking into account any industry practice in
relation to charging of services by a service provider.57
Malaysian commentators seem content:58 in relation to the exemption for removal (s.
(5)), they are confident that the Malaysian safe harbour effectively implements section
512 of the DMCA.
vice provider to remove or disable any access to copyright infringing content, provided
that the copyright owner shall compensate the service provider or any other person
against any damages, loss or liability arising from the compliance by the service provider
of such notification. (2) The service provider shall remove or disable any access to work
that is infringing copyright within 48 hours after he received the notification.59
60
ate all the problems that the Chinese liability-imposing system has generated.
As to the defamation area, there is no separate liability safe harbour but the case of Kho
Whai Phiaw v Chong Chieng Jen [2009] 4 MLJ 103 discussed the liability of bloggers for
third party content, and ruled that bloggers are not to be considered publishers of the
defamatory comments where there is no specific knowledge of the comments
(p. 270)
even if the bloggers retain the ability to edit and control access to the blog space.
ly 2012 and deems all persons who act as owners, hosts, administrators, editors, or sub-
editors, or who facilitate to publish or republish any publication are to be presumed as
termediary liability will be tremendous but has not yet materialized in real cases.
6. South Korea
6.1 Introduction: Basic Laws and Regulations
in Japan and India which, albeit misunderstood, pointed to the risks of the Indonesian and
fact liability-imposing regimes by nature. In this section, we will look at South Korea
where a liability-imposing rule was established earlier and we will examine its impact on
intermediary behaviour.
Page 15 of 30

The theory to test runs as follows: pre-safe-harbour, intermediaries are liable for content
plies to a subset of these knowledge-laden cases where the intermediary has received a
terial. Technically, when it receives notification all it has is knowledge of the existence of
ever, the liability-imposing rule holds them immediately liable if they wrongly decide on
the illegality. Cornered by fear of liability, intermediaries tend to take down clearly lawful
content. Is this also the case in South Korea? Article 44-2 (Request to Delete Information)
tection of Information reads:
Anyone whose rights have been violated through invasion of privacy, defamation, etc., by
cation network may request the information communication service provider handling
that information to delete the information or publish rebuttal thereto by certifying the
fact of the violations. Paragraph 2. The information communication service provider, upon
receiving the request set forth in Section 1 shall immediately delete or temporarily blind,
or take other necessary measures on, the information and immediately inform the author
of the information and the applicant for deleting that information. The service provider
shall inform the users of the fact of having taken the necessary measures by posting on
tion 1, if the service provider finds (p. 271) it difficult to decide whether the rights have
been violated or anticipates a dispute among the interested parties, the service provider
may take
provider may reduce or exempt the damage liability by taking necessary actions set forth
in Paragraph 2.61
ry. This means that intermediaries will accept paragraph 2 obligations as mandatory, not
conditional.
Historically, the predecessors of Article 44-2 simply required the service provider to take
down content on the request of a party injured by that content and did not provide any
exemption.62
ing its responsibility under the previous law.63 The central idea that continued to remain
was that the intermediary must take action (temporary or not) on infringing content on
notification. Again, the general idea of holding intermediaries liable for identified
infringing content seems innocuous but the South Korean cases are compelling for why it
Page 16 of 30

should be abandoned.64 As you will see later, intermediaries respond by removing even
lawful content, and courts impose liability when the illegality is apparent only in hindsight
ty-exempting regime does not mean that the law directly incentivizes intermediaries into
taining the pre-safe-harbour status quo based on general torts joint liability. However, the
reality in Korea shows that such a half-baked attempt may worsen the situation.
6.2
tation
ings critical of their policy decisions, such as postings critical of a Seoul City (p. 272)
65
habits;66
ly ran an illegal brothel hotel;67
recent deaths of squatters and police officers in a redevelopment dispute;68
ing for immunity from criminal prosecution and civil damage suits on labour strikes;69
and a posting by an opposition party legislator questioning a conservative media
cide.70
mitted to an independent progressive intermediary were not accepted, and others were
restored after public scrutiny intensified.
aries though the Korea Communications Commission and revealed that they took down
60,098 postings in 2008, 96,503 in 2009, and 100,000 estimated for 2010 in November of
that year.71 MP Nam Kyung-pil obtained similar data on the top two content hosts Naver
and Kakao taking down 209,610 postings in 2011 and MP Shin Yong-Hyun reports
1,643,528 takedowns by Naver and 442,330 takedowns by Kakao between January 2012
and June 2017.72 Notice a possibility that the announced availability of legal recourse
diaries blindly comply with just to be safe.
The courts have worsened the situation by taken expansionist approaches in the same
way as the Chinese courts, which might be expected since both China and South Korea
are liability-imposing regimes. In a crushing judgment in 2009,73 the South Korean
Supreme Court held Naver, Daum, SK Communications, and Yahoo Korea liable for the
defamation of a plaintiff when user postings on those sites accused him of deserting his
ter which the girlfriend committed suicide. The court upheld judgments of 10 million won,
ing that:
Page 17 of 30

is
clear; (2) the provider was aware of the content; and (3) it is technically (p. 273)
awareness under (2) above: a) when the victim has requested specifically and individually
for the takedown of the content b) when, even without such request, the provider was
quest, it was apparently clear that the provider could have been aware of that content.74
yet were held liable for not removing them upon notifications. Only the courts, armed
mediaries will be forced to err on the side of deleting.
On top of that, the most renowned part of the judgment concerned what intermediaries
must do with content for which no notification is given at all. The conclusion of the court
This sets up probably one of the strictest intermediary liability regime because it imposes
with the Chinese Fanya
75
76
also does not apply to content
safe harbour provision. It merely says that the safe harbour will not apply in the event of
case of such knowledge or awareness. Furthermore, in 2012 the Constitutional Court

even interpreted Article 44-2 of the Network Act as requiring the takedown of unlawful
77
vice provider must
sites do not include the illegality of the content as shown in this paragraph asserting that
requiring intermediaries to blind lawful content is constitutional:
of the circulation or diffusion of the

ment is an appropriate means to accomplish the purpose.78
Page 18 of 30

6.3 Origins: Syntactical Error in Adopting Section 512 of the
(p. 274)
DMCA?
Interestingly, this gratuitous and possibly unconstitutional censorship obligation on lawful

content is often justified by reference to section 512 of the DMCA. Table 13.1 shows a
cross-jurisdictional comparison of the relevant provisions relating to third party postings
Page 19 of 30

(p. 276) Table 13.1 Takedown notices for third party postings
Liability
Europe: e- On obtaining On condition that N/A

knowledge or the provider acts
merce awareness of the expeditiously to
Dir., Art.
14(1) mation tent, the service
mation stored
United On obtaining If the service acts N/A

States: knowledge or expeditiously to
DMCA, s. awareness of
512(c) terial claimed to be
ing material or vice provider shall

not be liable
tification of
ment
Japan: N/A
Provider vant service cally possible to
Liability provider knew or
Law, Art. fringing content,
3(1) sonable grounds the service provider
for the provider to shall not be liable
know
curred from such
infringement
Page 20 of 30

If an OSP actually In the

knows of or has ately takes down event of a
right Act, the noticed posting, takedown
Arts 102 down notice and the intermediary request,
and 103 thereby learned shall not be liable the OSP
cumstances of an ment mediately

infringement take
down
(Art.
103(2)),
in order
to limit
ty (Art.
103(5))
As can be seen from Table 13.1

proximating the safe harbour provisions of the EU, the United States, and Japan, through
(p. 275)
ful content. The legislative intent was clearly not that seen in Article 103(5) which states
that any OSP engaging in notice and takedown will reduce its liability. The intent was to
replicate section 512 of the DMCA but in doing so the South Korean legislators broke
down one sentence into two as follows:
(1) When notice is

given, intermediaries
must take down.
(2) If intermediaries
do so, they will be
empt from liability.
Standing alone, Article 103(2) reads as if intermediaries have independent mandatory

obligations to take down lawful content when the DMCA, e-Commerce Directive, and PLL
obligations are all conditional (i.e. applicable if intermediaries seek exemption). The fact
does not help to prevent the misreading. See Table 13.2.
Page 21 of 30

Table 13.2 Takedown obligations
When notice is given,

intermediaries shall not mediaries must take down; if
intermediaries do so, they
tiously take down may reduce their liability
Europe Applicable N/A

(all
claims)
United Applicable N/A

States
right)
Japan Applicable N/A

(all)
South Applicable Applicable

Korea
right)
South N/A Applicable

Korea
tion)
More problematic is that many in South Korea overlooked Article 103 and believed the
ed in other areas such as defamation and privacy infringement, hence Article 44-2 of the
Network Act. This is very relevant to this discussion because the Malaysian Copyright Act
bility regime in South Korea. These provisions textually apply only to unlawful content
6.4 Conclusions
As with its Chinese counterpart, the South Korean safe harbour for defamation is not a
Page 22 of 30

7. Epilogue
liability-imposing regime despite their claims to create a safe harbour. Although they do
not explicitly impose intermediary liability for unknown
proval, the problem of contents known to exist but not yet known to be illegal, remains
there to incentivize intermediaries into deleting lawful contents through fear of liability.
This state of affairs is in a sense worse than the pre-safe-harbour general torts liability
because the existence of procedure invites more people to submit takedown requests. In
CA, Article 14 of the EU e-Commerce Directive, and section 3 of the Japanese PLL (and s.
79 of the Indian IT Act, which has grown stronger than its original mandate) should be
rate processes of legal cross-pollination. It will be beneficial not only for informing the
sources to review all notifications and trying to make decisions as accurate as possible79
but such a response becoming standard is not satisfactory because platforms not afforded
such resources will struggle under legal liability forming around that new standard and
continue the dominance of the current global giants, eroding the promise of ihe Internet
in another abysmal way.
Notes:
(1
zung in sozialen Netzwerken, NetzDG) (Ger.).
(2
Information Society Project (13 February 2018) <https://law.yale.edu/system/files/area/
center/isp/documents/beyond_intermediary_liability_-_workshop_report.pdf>.
(3) See the Communication Decency Act [1996] 47 USC § 230 (US).
(4) See Council Directive 2000/31/EC of the European Parliament and the Council of 8
June 2000 on certain legal aspects of information society services, in particular electronic
commerce, in the Internal Market (e-Commerce Directive) [2000] OJ L178/1, Art. 14.
Page 23 of 30

(5) See the Digital Millennium Copyright Act of 1998, 17 USC § 512(c) (US). Importantly,
the notice-and-takedown safe harbour is not applicable to content where intermediaries
have actual knowledge of its illegality even before and without notice being given by a
rightholder or any other person.
(6
https://www.eff.org/
takedowns
(7) See Daniel Seung, Comparative Analysis of National Approaches of the Liability of the
Internet Intermediaries (WIPO, 2010).
(8
(9) See World Population Review, Asia <http://worldpopulationreview.com/continents/asia-

population>.
(10) See Internet World Stats <https://www.internetworldstats.com/top25.htm>.
(11
(12
4 (Ch.) <http://english.gov.cn/archive/lawsregulations/2014/08/23/
content281474983043584.htm>.
(13
questing the latter to take necessary measures, such as deleting, screening, removing,
references or links to the online infringing material or activity. Where the service
provider upon receipt of the notification fails to take prompt measures, the service
provider shall be jointly liable for the harm resulted from this failure. Paragraph 3. When
does not take necessary measures, the service providers shall be jointly liable with the
user).
(14
https://www.law.uw.edu/media/1403/china-intermediary-liability-of-isps-
defamation.pdf>.
Page 24 of 30

(15) See Regulation on the Protection of the Right of Communication Through Information
tions issued by the executive branch State Council of the PRC are lower in standing than
lations are binding on all courts, provided that courts are able to disregard them in the
event that they find the Regulations contrary to higher laws.
(16
formance, or sound or video recording involved in the service of a network service
provider who provides information storage space or provides searching or linking service
work, performance, or sound or video recording has been removed or altered, the right
owner may deliver a written notification to the network service provider, requesting it to
remove the work, performance, or sound or video recording, or disconnect the link to
er; (2) the title and network address of the infringing work, performance, or sound or
video recording which is requested to be removed or to which the link is requested to be
disconnected; and (3) the material constituting preliminary proof of infringement. The
(17) See Jiangsu Province Nanjing City Interim Ct Gengxin Chen et al. v Baidu (Beijing)
Network Tech Co. Ltd (2014) (Ch.) (emphasis added).
(18) He (n. 14) 9.
(19) Judiciary Interpretation for Statutory Application in Adjudicating Torts to Personal
diciary Interpretation for Online Torts).
(20) ibid. Arts 7(2) and 8.
(21) See RCIN Regulation (n. 15) Art. 16 (a network service is not liable for damages by
reason of storage of works, performance, sound recordings/video recordings (collectively
through the information network, if the service provider meets the following conditions:
tact person, and its web address; (2) does not modify the stored material; (3) does not
know and has no reasonable ground to know that the stored material is infringing; (4)
does not obtain financial benefit directly from the user who make available to the public
the stored material; and (5) upon receiving notification from a copyright owner, deletes
Page 25 of 30

explanatory statement delivered by a service recipient, a network service provider shall

promptly replace the removed work, performance, or sound or video recording, or may
replace the disconnected link to such work, performance, or sound or video recording
vice recipient to the right owner. The right owner shall not notify the network service
excerpted from He (n. 14). Some commentators believe that Chinese judicial practice as
at Maastricht University, October 2016 <https://cris.maastrichtuniversity.nl/portal/files/

4737875/c5439.pdf>.
(22) See DMCA, s. 512(l).
(23) See Judiciary Interpretation for Online Torts (n. 19) Art. 5.
(24 Beverage & Food Co. Ltd

v Qihu (Beijing) Tech. Co. Ltd et al. [2015] [pkulaw.cn] CLI.C.4275913 (Ch.).
(25 Fanya e-Commerce Co. Ltd v Baidu (Beijing) Network Tech. Co.
Ltd [2009] [pkulaw.cn] CLI.C.1766439 (Ch.).
(26) See Nanjing City Gulou Dist Ct Chen Tangfa v Blog Information Tech. (Hangzhou) Co.
Ltd [2006] [pkulaw.cn] CLI.C.1436674 (Ch.).
(27) See Zhejiang Province Shaoxing City Dist. Ct

jing) Network Tech. Co. Ltd
edge on the part of the ISP must be assessed according to the cognizant capability of a
He (n. 14).
(28 Huayi Bros Media Group v Pomoho [2009]

[pkulaw.cn] CLI.C.188931 (Ch.).
(29
tion Co. Ltd [2009] [pkulaw.cn] CLI.C.1765615 (Ch.).
(30
munication through information networks: (1) The nature of the Internet service involved,
Page 26 of 30

ed work of authorship, performance or video/audio recording; (4) Whether the ISP takes
reasonable measures to prevent infringement; (5) Whether the ISP designated convenient
procedures to receive notifications of infringement and to take expeditious measures to
from He (n. 14).
(31
(32) Shreya Singhal (decided May 2015) 12 SCC 73, s. 117 (Ind.).
(33
ty-of-isps-defamation.pdf>.
(34) ibid.
(35) IT Act, s. 79 (Ind.).
(36
loads/2012/07/eBook-IT-Rules.pdf>.
(37) See Argentinean Supreme Court

juicios (29 October 2014) R.522.XLIX (Arg.). One can only think that this case is what the
Indian Supreme Court had in mind but the Argentinean decision requires a court order as
a prerequisite for imposing liability, not for exempting it.
(38) Shreya Singhal (n. 32) 117.
(39) Falling outside the safe harbours does not incur liability for infringement. See 17 USC
(40
line environment, and does not create any new exceptions to the exclusive rights under
Page 27 of 30

ity specified in the bill, the service provider is not necessarily an infringer; liability in
these circumstances would be adjudicated based on the doctrines of direct, vicarious or
contributory liability for infringement as they are articulated in the Copyright Act and in
(41) See Act on the Limitation of Liability for Damages of Specified Telecommunications
Service Providers and the Right to Demand Disclosure of Identification Information of the
Senders, Act no. 137 of 2001, amended by Act no. 10 of 2013 (Jap.) <https://perma.cc/
XRQ4-HK5T
(42
tional law, it may be advisable to look at how Member State laws are shaped by the e-
Commerce Directive in the EU which resulted in national laws such as in Germany, which
sponsible for third-party information that they store for a user if (1) they have no actual
knowledge of illegal activity or information and, as regards claims for damages, is not
aware of facts or circumstances from which the illegal activity or information is apparent,
or (2) acts expeditiously to remove or to disable access to the information as soon as they
(43
South Korea, May 2015) (on file with the author) (emphasis added).
(44
2014) <https://perma.cc/MJL8-ETZP> (English translation).
(45
Paper 979836 (10 April 2007) <http://papers.ssrn.com/sol3/papers.cfm?
(46) ie. if intermediaries want exemption.
(47
Canada has already established section 230-type exemption for intermediaries in the area
of copyright. As well as and independent of this safe harbour, OSPs must comply with the
ment, the intermediary service provider does not have to remove the alleged infringing
Page 28 of 30

content, but must forward the notice to the alleged infringer (s. 41.26(1)(a)) on penalty of
an administrative fine.
(48
tions and Responsibilities of Trade Platform Providers and Merchants through Electronic
Commerce Systems in the Form of User-Generated Content (2016) <https://
jdih.kominfo.go.id/produk_hukum/unduh/id/558/t/surat+edaran+menteri+
+komunikasi+dan+informatika+nomor+5+tahun+2016+tanggal+30+desember+2016>
(Indonesian only) (hereafter Circular Letter).
(49) ibid.
(50) ibid.
(51) ibid.
(52) See Law no. 11 of 2008, Information and Electronic Transactions Law (Indon.).
(53
White and Case blog,13 March 2017) <https://www.whitecase.com/
forms>.
(54
(55
(56
(57) ibid. Part VIB s. 43E.
(58
ence Paper DOI: 10.1109/CITSM.2017.8089226 (August 2017).
(59) Copyright Act of 2012 (n. 56) Part VIB s. 43H.
(60) ibid. s. 43(I)(1)(iii).
(61
tion of Information, Art. 44-2 para. 1 (Kor.). South Korean legislation can be found at
<http://www.law.go.kr>.
(62
(63) See Law no. 8289 of 27 July 2007 (Kor.).
(64
the
Page 29 of 30

(65) See <http://blog.ohmynews.com/savenature/199381> (Korean only).
(66) The original posting now taken down was at <http://wnsgud313.tistory.com/156>

(Korean only).
(67) See <http://www.hani.co.kr/arti/society/society_general/300688.html> (Korean only).
(68) See <http://blog.jinbo.net/gimche/?pid=668> (Korean only).
(69) See <http://blog.jinbo.net/gimche/?pid=492> (Korean only).
(70) The original posting now taken down was at <http://bbs1.agora.media.daum.net/gaia/

do/debate/read?bbsId=D115&articleId=610524> (Korean only). See the following news
ZD Net, 15 April 2009) <http://www.zdnet.co.kr/view/?no=20090415133301>
(71) See <http://moonsoonc.tistory.com/attachment/

cfile23.uf@133D7F0F4CE1EF660D3B87.hwp> (Korean only).
(72) See <http://www.ggetv.co.kr/news/articleView.html?idxno=16781>, <http://

www.mediatoday.co.kr/news/articleView.html?idxno=143795> (Korean only).
(73) See Supreme Court 2008Da53812 (16 April 2009) (Kor.).
(74) ibid.
(75
(76) See DMCA (n. 5) ss. 512(c)(1)(A)(ii) and 512(d)(1)(A).
(77) Constitutional Court 31 May 2012 Decision 2010 Hun-ma 88 (Kor.).
(78) ibid.
(79
Governance Forum (Berlin), November 2019.
Kyung-Sin Park
Kyung-Sin Park is a Professor at Korea University Law School. Email:

kyungsinpark@korea.ac.kr.
Page 30 of 30

The Liability of Australian Online Intermediaries

Kylie Pappalardo Nicolas Suzor
termediary liability law across different doctrines. Different doctrines in Australian law
tions of a third party. So far, these primarily include cases brought under the laws of
defamation, racial vilification, misleading and deceptive conduct, contempt of court, and
ical contexts, and the courts have generally applied them in isolation. The chapter shows
fusing and, viewed as a whole, largely incoherent. The chapter shows how the principle
mediaries will not be held liable. The result is a great deal of uncertainty. It is argued
sibility, and that existing principles in tort jurisprudence and theory can help to guide and
unify the different standards for liability.
Keywords: Australia, intermediary liability, online, tort, jurisprudence, responsibility
1.
trant Wrongdoers
ONLINE intermediary liability law in Australia is a mess. The basis on which third parties
are liable for the actions of individuals online is confusing and, viewed as a whole, largely
incoherent. Australian law does not express a coherent or consistent articulation of when,
exactly, an online intermediary will be liable for the actions of third parties. There are
rate standards of responsibility on online intermediaries. Courts are struggling to adapt
Page 1 of 18

ing interests from within the confines of existing doctrines. The result is a great deal of
uncertainty for both plaintiffs and intermediaries.
Different doctrines in Australian law employ a range of different tests for determining
when an actor will be liable for the actions of a third party. So far, these primarily include
cases brought under the laws of defamation, racial vilification, misleading and deceptive
conduct, contempt of court, and copyright. These bodies of law have all developed largely
independently of each other. They are conceptually different and derive from different
pared at a detailed level. In some of these doctrines, like copyright, there is a separate
(p. 237) head of liability for secondary liability as distinguished from the underlying
wrongful act; in others, the actions of intermediaries operating on behalf of another are
assessed under the same tests of primary liability. It is useful, however, to take a broad
The easy cases are those most closely analogous to that of a mass media publisher who
exercises editorial control over the content of communications. Where the intermediary
moderates or selects the material to be published, courts have been able to draw a clear
analogy with, for example, newspaper editors, and are able to find wrongdoing relatively
easily. Under both defamation law and consumer protection law, for example, where the
untarily take on some responsibility to moderate have a greater legal risk of exposure
than those who do not exercise any editorial control.4
The law is much more complicated where online intermediaries do not directly exercise a
large degree of editorial control. Our common law has not yet developed a clear theory to
determine when a service provider who creates a technology or system that enables
tem is that there is usually no liability without fault. With few exceptions,5 the common
other against harm caused by third parties. This notion is most commonly expressed in
the rule that there is no general duty to rescue.6 This general rule reflects a (p. 238)
damental liberal commitment to autonomy:7 individuals are free to act as they choose so
long as those actions do not harm others.8
mon law of private obligations does not impose affirmative duties simply on the basis of
9
The common law emphasizes
personal responsibility; to require a person to help another simply because they have the
Page 2 of 18

10
iour.11
will generally only be responsible for a harmful outcome where his or her actions caused
the harm (causation) and where that person might have acted to avoid the harm but did
not (fault).12 As Justice Mason has stated, the notion of fault within the law can act as a
sponsible role in the occurrence of harm.13
These general principles, however, conflict with another basic principle: that for every
wrong, the law provides a remedy.14 In cases brought against intermediaries in Australia
and overseas, courts are often presented with a meritorious claim without a clear remedy,
spectively, Roadshow v iiNet15 and Google v ACCC,16

sion of existing doctrine to impose liability for large, general-purpose intermediaries.17
ity law is still one of confusion, both within and across doctrines. (p. 239) Across different
fact scenarios in consumer protection, defamation, racial vilification, contempt of court,
and copyright cases, mere knowledge of the content can lead to an inference that a third
party publisher adopts or endorses its continual publication and is responsible for the
harm that results. Across each of these doctrines, plaintiffs have sought to link an
capacity to do something about wrongdoing with a normative proposition
that they therefore ought
panded in a largely unprincipled way that has eroded the important connection between
liability and responsibility.
1.1 Consumer Protection Law
In Google Inc. v ACCC

ed a system to enable third parties to create advertisements that were reproduced on
on the basis that the content of the material was wholly determined by the advertiser and
published automatically by Google.18
tive conduct, or endorse or adopt
19
Liability for misleading and deceptive conduct is strict, but requires actual
leading was irrelevant.20

Google was likely to know that the material was likely to mislead or deceive,21 it was not
responsible for advertisements created by others.22
Page 3 of 18

The decision in Google v ACCC must be contrasted with the earlier Federal Court
(p. 240)
decision in Allergy Pathway (No. 2), where the respondents were found to have breached
their undertaking not to engage in misleading and deceptive conduct23 when they failed
to remove comments posted by third parties on their Facebook page.24 Allergy Pathway
was liable for contempt of court on the basis that it knew about the comments and failed
to remove them. The Federal Court relied specifically on defamation precedent25
26
Importantly, Google v ACCC was pleaded in a narrow way that alleged Google itself had
false claims. An alternative approach in similar circumstances could have seen the ACCC
third party content was likely to mislead or deceive consumers. This broader argument
produced by its industrial activities, centred on devising and operating systems used for
27
It is an argument to which at least some members of the High
Court were apparently sympathetic,28 and it is possible that a differently pleaded case on
similar facts could well turn out differently in the future.29
1.2 Defamation
defamatory material posted by others.30 For internet hosts that exercise some degree of
paper publishers31 or broadcasters32 who carry content created by others are liable. For
ties for others to post comments, liability will accrue as a subordinate publisher (p. 241)
once they know that the content they carry is likely to be defamatory.33 By contrast, it is
generally understood that an internet service provider (ISP) who merely provides a
34
ples to intermediaries who are more removed from the primary act of publication but
have more than a purely facilitative role in making material available. For search engines
and others who link to defamatory material, the limits to liability in defamation can be
the second is the defence of innocent dissemination, which applies where a secondary or
subordinate publisher does not have actual or constructive knowledge of the content of
defamatory material. Because the defence of innocent dissemination will not apply after
the content is explicitly drawn to the attention of the intermediary by a complaint, in
Page 4 of 18

many cases the most crucial limiting factor is the question of whether an intermediary
has actually published the content in the first place.35
tinction between active publishing and passive facilitation. In one case, Yahoo!7 conceded
that because at least one person had read an article, hosted on a third party website, by
article.36 This case may be an outlier; there is emerging authority in the UK37 and
Canada38
imputation.39 But where the line should be drawn is not clear. The established law is that
what might otherwise be a purely passive role in facilitating publication becomes an act
adopted, or promoted, or in some way ratified, the continued presence of that (p. 242)
40
account.41
in
2015, Google was found liable in the South Australian Supreme Court for publishing
defamatory material when its search engine presented links accompanied by an extract of
text that carried defamatory imputations.42 It was also liable in 2012 when its image
atory imputation.43 In a case brought more recently on very similar facts, the Victorian
ordinate publication of potentially defamatory content, but the case was not pleaded in
that way.44
The concept of publication is a relatively poor mechanism to delineate responsibility. The
45
ternet intermediaries may be beyond the scope of defamation law. Liability probably does
tive involvement with the content.46 Some Australian and UK courts have doubted
whether search engines can be liable for the outputs of automated systems designed to
identify third party content that matches search terms entered by (p. 243) the user,47 but
the decisions of the Victorian Court of Appeal48 and the South Australian Supreme
Page 5 of 18

Court49 referred to earlier explicitly reject this proposition at least from the time the
search engine is put on notice of the defamatory content.
1.3 Vilification
Like defamation, intermediaries who provide a forum for third party content can be liable
50
sions as to when a secondary actor will be liable for providing the facilities for another to
make vilifying comments. The uncertainty lies primarily in the intentional element of the
provision. As in defamation, courts agree that providing the facilities to enable others to
tion of the substance of those comments, at least once the operator has knowledge of the
comments.51
Silberberg, Gyles J
52
In Clarke v Nationwide News
given as much by the respondent in publishing the offensive comment as by the original
53
The court was able to infer that one of the reasons for the news
tions.54 Apart from emphasis placed on the act of moderation in Clarke, there is no easy
way to reconcile these two authorities.
(p. 244) 1.4 Copyright
duct of another.55
tion liability. For internet intermediaries, the difficult question is whether the developer of
ternet content will be taken to have authorized any resulting infringements. The limiting
principle was articulated in relation to mass media in Nationwide News v CAL
56
This principle has always been hard to apply in practice. The accepted legal meaning of
57
58
but narrower
59
tween those two points and, unsurprisingly, there is therefore considerable uncertainty in
60
Page 6 of 18

ty is UNSW v Moorhouse
vided in a library were used to infringe copyright. Different members of the High Court
emphasized different reasons for this conclusion: UNSW was liable either on the basis
that it had tacitly invited infringement61 or because it had some degree of control over
the technology that facilitated infringement in addition to knowledge that infringement
was likely.62
lish the bounds of the doctrine. In Cooper,63

ing a system that allowed users to post hyperlinks to other websites hosting infringing
MP3s for download. Justice Branson found that Cooper was liable in part because he
could have chosen not to create and maintain the website.64
(p. 245)
65
66
In Sharman, the
sions of users to share infringing files.67

sign the software differently, including developing warnings for users and interfering with
fringements of their users on the basis that it knew that infringement was prevalent on
the system,68 it took active steps to encourage infringement,69 and it failed to do anything
to limit infringement.70
In 2012, in iiNet, the High Court refused to extend liability to an ISP who, it found, had no
obligation to take action to restrict copyright infringement by its subscribers.71 Unlike
vided general purpose internet access services to its subscribers.72 Neither did iiNet have
rent system and could not monitor how it was used.73
ty.74
tions made against its users by rightsholders was better. That is to say, the High Court
left the way open for future cases to potentially base liability primarily on knowledge and
some ability to mitigate the harm, even without the fault elements of encouragement or
control.
2. Limiting Devices and their Flaws

There are few effective safe harbours for intermediaries in Australia. The copyright safe
harbour, designed to mirror the US Digital Millennium Copyright Act, was drafted to
(p. 246)
Page 7 of 18

search engines and content hosts that would most need to rely on the protection that safe
harbours provide.75 An amendment in 2018 extended the safe harbour to cover libraries,
cultural and educational institutions, archives, and organizations assisting people with
disabilities, but not general internet intermediaries.76 There are another set of copyright
soon as a provider is alleged either to have taken a positive step or to have failed to act to
77
The High
Court in Roadshow v iiNet
78
provider is put on notice, and therefore provide little protection for intermediaries who
are uncertain about the lawfulness of user-generated content that they host.79 The lack of
effective safe harbours means that the limiting factors within each body of law are critical
for establishing liability and mitigating risk for service providers.
Despite doctrinal differences, the liability of intermediaries often appears to turn on the
degree to which the intermediary is seen by the court to be an active participant in the
quires some active behaviour on the part of the intermediary to found liability. In cases
participate in the wrong from those that merely provide the infrastructure that facilitates
it.
The Australian case law demonstrates that when courts attempt to distinguish between
ferred, to determine whether the act of designing the system was morally wrongful. The
parate consequences. Where a court must choose to focus either on the initial positive act
of designing a system or the later passive act of merely facilitating an isolated instance of
harm, there is a great deal of uncertainty in the doctrine. This problem becomes worse
(p. 247) depends
on moral culpability at the time of designing the system. Intent is not an element of most
of the causes of action that apply to intermediaries; liability requires some volitional act,
ment of secondary liability where it does not otherwise exist.
cilitator can be transformed into an active wrongdoer once they know of the harm but fail
to respond appropriately. Liability in these types of cases comes in one of two ways. The
first is through editorial control. Where an intermediary actively moderates content on its
site, it is often taken to have assumed responsibility for content, and is accordingly liable.
Page 8 of 18

This is the most straightforward application of intermediary liability; unless there is some
statutory immunity, it is usually the case that principles of liability applied to broadcast
and print media transfer relatively easily to internet intermediaries who exercise direct
editorial control over (and therefore assume responsibility for) posts made by others. The
The danger with making knowledge central to liability is that the ambiguity that exists
pled with some ability to limit its impact, is sufficient to found liability. The big challenge,
tually does little to ground liability.80
tually cause or contribute to the wrong.81 Actual or constructive knowledge is being used
of each of the causes of action.82

tion of the Australian legal system that liability only follows fault.83
84
Thus, it is possible to argue
(p. 248) that without access to the internet, service, or platform, the user would not have
been able to post the content that has infringed copyright, defamed another, or otherwise
ty. Something more is always required, but the way in which the case law is developing
makes it very difficult to identify what exactly that means.
ment of whether an intermediary ought to act in response to the risk of harm with the
able person will take into account any special skills or knowledge that a person in the
85
trast, instead of treating knowledge as a factor that informs the standard of care in these
cases, the courts are treating knowledge (or allegations of harm) as a factor that informs
cate.
Page 9 of 18

ly to be used to cause harm, the court must come to some determination of what degree
of harm, or likelihood of harm, is sufficient.86 Meanwhile, when courts infer knowledge
from editorial control, they actively discourage moderation in a way that encourages,
assertion of wrongdoing and nothing more.87

substantive sense, requires more than mere awareness of potentially problematic content
ly only through an allegation of harm, and it is sometimes difficult for an intermediary to

evaluate whether a claim is likely to be made out. In defamation, for example, this may
require an evaluation of whether evidence of the truth of an (p. 249) imputation can be
gathered; in copyright, the existence of a fair dealing defence or a licence88
cult question of fact and law. If the notice relates to the transitory communications of
ly wrongful.89
3. Conclusions
This chapter has explored the principles by which online intermediaries are held liable for
third party actions across a range of legal areas in Australia: defamation, vilification,
ing by others, sometimes by designing systems that seek to prevent wrongful behaviour.
aries such as ISPs, search engines, website hosts, and technology developers to take
some responsibility for the acts of users that occur over their networks and services.
These questions are fundamentally about responsibility. However, the ways in which legal
rules and principles have developed to ascribe responsibility to online intermediaries
forcement and intermediary regulation has not been based on responsibility at all, but
do something when faced with knowledge that
wrongful acts from those that are not.
Page 10 of 18

come where his or her actions caused or contributed to the harm (causation) and where
harm was the foreseeable result of those actions such that the person might have acted to
avoid the harm but did not (fault).90 This is more than liability based on knowledge of
wrongdoing and a failure to act. It requires more active involvement than (p. 250)
normally, a clear and direct contribution to the resulting wrong. Our review of Australian
intermediary liability law across different doctrines reveals that often, in asking whether
intermediaries are liable, courts have been asking what intermediaries can do to prevent
causal role in the wrong to determine whether the intermediary indeed ought to be held
responsible. The result is that Australian law has sometimes ascribed liability without
first establishing fault.
Notes:
(1
(2) Visscher v Maritime Union of Australia (No. 6)

(Aus.); Australian Competition and Consumer Commission v Allergy Pathway Pty Ltd (No.
2) (2011) 192 FCR 34 [33] (Finkelstein J) (Aus.).
(3) Trkulja v Google Inc., Google Australia Pty Ltd VSC 533 [31] (Beach J) (Aus.).
(4) Part of the protections of the Communications Decency Act 1996, s. 230 (US) were
specifically designed to overturn Stratton Oakmont Inc. v Prodigy Services Co., 1995 WL
323710 (NY Sup. Ct. 1995) (US), which held that Prodigy was liable for the defamatory
(5) The first main exception at common law is where there is a non-delegable duty and a
oners. See Smith v Leurs (1945) 70 CLR 256 (Aus.); Commonwealth v Introvigne (1982)
150 CLR 258 (Aus.); Home Office v Dorset Yacht Co. Ltd
ond main exception applies where the defendant has had some role in creating the risk
Smith v Littlewoods Organisation Ltd
(6) See Dorset Yacht

the
Torts (OUP
Page 11 of 18

(7
(8) See John Locke, Two Treatises of Government On

Liberty (Start Publishing LLC 2012) Ch. IV: Of the Limits to the Authority of Society Over
the Individual.
(9) Denton (n. 6) 109.
(10
(11
(12
Oberdiek (ed.), Philosophical Foundations of the Law of Torts

35(2)
(13
(14 ubi jus ibi remedium Selection of Legal Maxims,

Classified and Illustrated (William S. Hein & Co. 1845) [91].
(15) See Roadshow Films Pty Ltd v iiNet Ltd (2012) 248 CLR 42 (Aus.).
(16) See Google Inc. v Australian Competition and Consumer Commission (2013) 249 CLR
435 (Aus.).
(17
fringers: Roadshow Films Pty Ltd v iiNet Ltd
(18) See Google Inc. v ACCC (2013) 249 CLR 435 [68] (French CJ, Crennan and Kiefel JJ)
request by displaying a sponsored link is wholly determined by the keywords and other
content of the sponsored link which the advertiser has chosen. Google does not create, in
(19) ibid [73] (French CJ, Crennan and Kiefel JJ) (emphasis added); Hayne J agreeing but
Page 12 of 18

what someone else has said accurately, and does not adopt it, there is nothing misleading
(20) See Google (n. 16) [68] (French CJ, Crennan and Kiefel JJ).
(21) At first instance, Nicholas J would have found that Google was likely to have actual or
brands. See Australian Competition and Consumer Commission v Trading Post Australia
Pty Ltd [2011] FCA 1086 [242] (Aus.). Intention, however, is not a relevant element of an
action for misleading or deceptive conduct. See Google
(22
152.
(23) The undertaking was given in the context of litigation brought by the ACCC:
tralian Competition and Consumer Commission v Allergy Pathway Pty Ltd [2009] FCA 960
(27 August 2009) [5] (Aus.).
(24) Note that the respondents were also found to have breached the undertakings
through material that they themselves had posted: Australian Competition and Consumer
Commission v Allergy Pathway Pty Ltd (No. 2) (2011) 192 FCR 34 (Aus.).
(25) ibid. [24].
(26
(27
(28) See Google
(29
15(9) Internet Law Bulletin 158.
(30) See Byrne v Deane [1937] 1 KB 818, 837 (UK).
(31) See Wheeler v Federal Capital Press of Australia Ltd [1984] Aust Torts Rep. para.
80-640 (Aus.).
Page 13 of 18

(32) See Thompson v Australian Capital Television Pty Ltd

596 (Aus.).
(33) No Australian courts have specifically considered this point in detail, but see Oriental
Press Group Ltd v Fevaworks Solutions Ltd [2013] HKCFA 47 (HK). See also Godfrey v
Demon Internet Ltd
nation, liability accrues from the point at which the intermediary acquires knowledge of
(34) See Bunt v Tilley
(35) See Oriental Press Group Ltd v Fevaworks Solutions Ltd [2013] HKCFA 47 (HK).
(36) See Trkulja v Yahoo! Inc. LLC
(37) See eg Metropolitan International Schools Ltd v Designtechnica Corp. [2010] 3 All ER
528 (UK); Tamiz v Google Inc [2012] EWHC 449 (UK).
(38) See Crookes v Newton [2011] 3 SCR 269 [42] (CA) (where a majority of the Canadian
schamps J would have found that linking directly to defamatory material would amount to
(39
Rev. 137.
(40) Urbanchich v Drummoyne Municipal Council

(Hunt J) (Aus.).
(41) See Visscher v Maritime Union of Australia (No. 6) NSWSC 350 [30] (Aus.) (Beech-
(42) See Duffy v Google Inc. [2015] SASC 170 (Aus.). Upheld on appeal in Google Inc. v
Duffy [2017] SASCFC 130 (Aus.).
(43) See Trkulja v Google Inc., Google Australia Pty Ltd [2012] VSC 533 (Aus.).
(44) See Google Inc. v Trkulja [2016] VSCA 333 (2016) [349], [357] (Aus.).
(45
Page 14 of 18

(46) A decision in the WA Supreme Court considered whether an individual was liable in
Douglas v McLernon [No. 3] [2016] WASC 319 (22 June

2016) [33] (Aus.). The case concerned a defendant that was very far removed from the
missing the action, Justice Martin turned to the established principles of tort to explain
tating of the tort) on the basis of involvement, simply because the person does not, as it is
(47) See e.g. Bleyer v Google Inc. LLC [2014] 311 ALR 529 (Aus.);
tional Schools Ltd v Designtechnica Corp. [2009] EWHC 1765 (QB) (unreported) (UK).
(48) See Google (n. 44) [352] (Ashley JA, Ferguson JA, McLeish JA).
(49) See Duffy v Google Inc Google (n.

42) [140], [151], [178] (Kourakis CJ), [536] (Peek J).
(50
be the doing of an act and a reference to an act includes a reference to such a refusal or
(51) See Silberberg v Builders Collective of Australia Inc. (2007) 164 FCR 475, 485 (Aus.);
Clarke v Nationwide News Pty Ltd (2012) 289 ALR 345 [110] (Aus.).
(52) Silberberg (n. 51) 486.
(53) Clarke (n. 51) [110].
(54
(55) See Copyright Act 1968 (Cth), ss. 36(1), 101(1) (Aus.).
(56) Nationwide News Pty Ltd v Copyright Agency Ltd (1996) 65 FCR 399, 422 (Aus.).
(57) University of New South Wales v Moorhouse and Angus & Robertson (Publishers) Pty
Ltd (1975) 6 ALR 193, 200 (Gibbs J), 207 (Jacobs J) (with McTiernan ACJ concurring)
(Aus.).
(58) Roadshow Films Pty Ltd v iiNet Ltd

JJ) (Aus.).
(59) ibid. [68] (French CJ, Crennan and Kiefel JJ), [125] (Gummow and Hayne JJ).
Page 15 of 18

(60
(61) University of New South Wales v Moorhouse and Angus & Robertson (Publishers) Pty
Ltd (1975) 133 CLR 1, 21 (Jacobs J) (Aus.).
(62
(63) Cooper v Universal Music Australia Pty Ltd (2006) 237 ALR 714 (Aus.).
(64) ibid. 723. A similar finding was reached in 2017 in the case of ,
where Redbubble was liable for authorizing copyright infringement (committed when
mon characters) in part because it had designed and operated the website that allowed
those sales. See [2017] FCA 1541 [58] (Pagone J)
(Aus.).
(65) Cooper
(66
(67) See Universal Music Australia Pty Ltd v Sharman License Holdings Ltd [2005] 222
FCR 465 (Aus.); Pokémon (n. 64).
(68
(69
(70) ibid. [411].
(71) See Roadshow (n. 58) [77] (French CJ, Crennan And Kiefel JJ), [143] (Gummow and
Hayne JJ).
(72
(73) ibid. [65] (French CJ, Crennan and Kiefel JJ).
(74) The High Court emphasized that the notices provided by AFACT were insufficiently
reliable to justify potential action by iiNet to suspend or ban subscribers. See ibid. [34],
and Hayne JJ).
(75
the Copyright Provisions of the US-Australia Free Trade Agreement: Lessons for US
Page 16 of 18

(76) See Copyright Amendment (Service Providers) Act 2018 (Cth) (Aus.).
(77) Copyright Act 1968 (n. 55) ss. 39B and 112E.
(78) Roadshow Films Pty Ltd v iiNet Ltd

nan and Kiefel JJ).
(79
(80
(81
Mens Rea
(82
(83
Judgements of
Responsibility: A Foundation for a Theory of Social Conduct
(84) See Chappel v Hart March v E. & M.H.

Stramare Pty Ltd
Causation in the Law (OUP 1985) 106, 114;
(85) See Imbree v McNeilly (2008) 236 CLR 510 [69] (Aus.); Heydon v NRMA Ltd (2000)
51 NSWLR 1, 117 (Aus.); Roe v Minister of Health [1954] 2 QB 66 (UK);
dra Hospital for Children (1990) Aust. Torts Rep. 81-000 (Aus.); Amanda Stickley,
tralian Torts Law
(86) See e.g. Universal Music Australia Pty Ltd v Cooper (2005) 150 FCR 1 [84] (Aus.);
Universal Music Australia Pty Ltd v Cooper (2006) 156 FCR 380 [149] (Aus.); Universal
Music Australia Pty Ltd v Sharman License Holdings Ltd
(Aus.).
(87) See e.g. Pokémon (n. 64) [54] (Pagone J).

Page 17 of 18

(88) See e.g. , 676 F.3d 19 (2d Cir. 2012) (US), where some
of the allegations of infringement turned out to be authorized; see further Zahavah
https://youtube.googleblog.com/2010/03/broadcast-
yourself.html>.
(89
(90
Kylie Pappalardo
Kylie Pappalardo is a Lecturer in the Law School at the Queensland University of

Technology (QUT) in Brisbane. Email: k.pappalardo@qut.edu.au.
Nicolas Suzor
gy in Brisbane. Email: n.suzor@qut.edu.au.
Page 18 of 18

Intermediary Liability in Africa: Looking Back, Moving Forward?
Intermediary Liability in Africa: Looking Back, Moving

Forward?
Nicolo Zingales
ument a trend of progressive diffusion of intermediary liability protections. At the same

time, the chapter highlights a parallel trend of increasing pressure on intermediaries to
promising the value of intermediary protections, creating an uncertain terrain for a wide
range of actors, and potentially affecting both technological progress and the creation of
sequences, this chapter reflects on the potential offered by the African Union in driving
phisticated model of intermediary protections in the region: the South African Electronic
Communications Act.
Keywords: Africa, intermediary liability, South Africa, Ghana, Zambia, Uganda, Malawi, Ethiopia, Kenya, interstate
cooperation
*
HOW far does the conventional discourse on the protection of intermediaries for third
ability protections running in parallel to an increasing pressure on intermediaries to fulfil

broad and open-ended public policy mandates. It is argued that the tension between
these two forces undermines the value of intermediary protections, creating an uncertain
terrain for a wide range of actors, and potentially affecting both technological progress
and the creation of local content in one of the most underdeveloped regions of the world.
This is seen against the backdrop of the great potential offered by the African Union in
termediary protections in the region: the South African Electronic Communications Act.
Page 1 of 25

1. The Slow Rise of the Intermediary Liability

Discourse in Africa
Limitations of intermediary liability for third party content have not traditionally taken
centre stage in discussions about the regulatory framework for information technology
(p. 215)
net access (or the lack thereof), the use of technology for developmental purposes,1 and
ly late compared to other jurisdictions around the world. By way of illustration, a series of
studies2 conducted by the Association for Progressive Communications (APC) between
2012 and 2013 on intermediary liability in Nigeria, Kenya, South Africa, and Uganda
showed that only half of the surveyed countries provided for some sort of limitation, one
of which of fairly recent introduction (Uganda, in 2011). Note that this was more than ten
nium Copyright Act (DMCA) and the Communication Decency Act (CDA) in the United
States.
ers in Europe and the United States had been discussing intermediary liability across the
3 4
ternet hindered not only the developmental potential of African markets, but also the
hosting of African internet sites (mainly based in the United States and Europe)5 and the
ability of intermediary services in the region to make substantial profits. This, along with
a perception of less reliable enforcement of laws across the continent6 and a widespread
use in international contracts of exclusive jurisdiction clauses electing forum outside the
African region, may well have served as sufficient deterrent to the unfolding of important
intermediary liability battles. On the other hand, precisely in the light of the crucial role
of internet service providers (ISPs) in delivering connectivity across the region, one could
structure investments in the region amounts to a glaring omission from a policymaking

perspective. Understanding the net value of intermediary protection legislation requires
an appreciation of the realpolitik of liability in each jurisdiction, which goes beyond the
scope of this chapter. However, an analysis (p. 216)
diary liability provides an interesting picture of this evolving framework.
Page 2 of 25

2. First-generation Liability Limitations

2.1 South Africa
Whatever the reason for the slow emergence of the concept of intermediary liability in
the continent, it is apparent that South Africa was at the forefront of this discussion. As
early as July 1999, just about the time the EU legislator was finalizing the drafting of the
nications issued a Discussion Paper on E-Commerce.7
tent of the websites that may be hosted on their facilities.9 The discussion teased out in
the paper led to another document for public consultation, the Green Paper on Electronic
Commerce for South Africa, which raised a number of fundamental questions about the
nature of enforcement in an intermediated environment.10
nated in the enactment in 2001 of the Electronic Communications and Transactions Act
diary liability in Africa.11 The present section illustrates that framework in detail.
ECTA was above all a legislation designed to enable the growth of e-commerce in South
munications and transactions in the Republic; promote legal certainty and confidence
(p. 217) in respect of electronic communications and transactions; ensure that electronic
age investment and innovation in respect of electronic transactions in the Republic.12
In line with those aims, ECTA devoted an entire chapter (Part XI) to limitations of liability
ta messages between or among points specified by a user and the processing and storage
enough to capture four different types of activity, mimicking the corresponding categories
strued to require a service to monitor the data which it transmits or stores, or to actively
ject to the proviso that the Minister of Communications may, in accordance with section
14 of the Constitution (which enshrines the right to privacy), prescribe procedures for
Page 3 of 25

tion of recipients of their service. Thus, it is important to clarify from the outset that the
though this power has never been used to date.
tal-clear what happens if a notification did not follow the specified takedown procedure,
specifically as it may be sufficient to trigger actual or constructive knowledge on the
provider. Conceivably, traditional common law standards apply. For example, the common
law of defamation finds negligence sufficient to trigger liability of the media.13 Similarly,
in the field of copyright South African courts have defended the idea that indirect liability
is triggered when a copyright owner suffers an economic loss that was foreseeable by a
defendant who was under a legal duty to prevent it;14
ed on pleaded ignorance over the illegality of the works being distributed through the
services of the ISP, finding sufficient the notice of facts that would (p. 218) suggest to a
reasonable person that a copyright infringement was being committed.15
tutes knowledge will thus vary depending on the type of content in question, a point of
difference with the US (copyright-focused) framework and which creates some problems
in the overlap between ECTA and other regimes.16
An even more distinct peculiarity of the South African model of intermediary protections
(2) adoption and implementation of the corresponding code of conduct.17

fies that such recognition can only be obtained upon application to the minister, provided
that (a) members of the representative body under examination are subject to a code of
conduct; (b) membership is subject to adequate criteria; (c) the code requires continued
adherence to adequate standards of conduct; and (d) the representative body is capable
of monitoring and enforcing the code of conduct adequately.
The proportionality of the first requirement has been questioned, particularly for small
service providers,18 as the imposition of upfront costs in that regard may effectively chill
conduct that would otherwise benefit from the liability limitations, including speech and
business activity that would be protected in other legal regimes.19 The third requirement,
20
and the ministerial approval the government is able to subordinate liability limitations to
the fulfilment of minimum standards of conduct, encourage the attainment of
ing principles.21
Page 4 of 25

their websites. The Guidelines point out that this procedure needs to be in line (p. 219)
with the requirement set out by section 77(1) of ECTA, which specifies the particulars a
complainant has to provide in order to notify a service provider or its designated agent of
bility for wrongful takedowns in response to a notification, but imposes such liability on
any person who has made material misrepresentations leading to damages.
However, the absence of detailed provisions in the Guidelines creates a situation where
ISPs are free not
lowing the user to respond to the allegations of infringement and request to restore the
procedure.22 This was under the spotlight in 2012 since the Minister of Communications
proposed, in the Electronic Communication Transaction Act Amendment Bill of 2012, the
low for the right of reply in accordance with the principle of administrative justice and
the audi alteram partem rule. However, the mechanism by which it endeavoured to do so
vene in the process by making representations before the ISP. Further, the proposed
amendment did not foresee any kind of consequence for the ISP for failure to respond to
tion of the response by the ISP, he considers that the matter has not been resolved to his
plainant to decide whether something should be removed by the ISP, much to the dismay
of the principle of due process. An additional problem with the proposed amendment is
that the genuineness of the adversarial process may be undermined by the misalignment
fected by the threat of liability for failure to remove potentially illegal content, but also
given the aforementioned flaws, the proposal has never made it into law, with the result
less been crucial in setting a standard for the development of similar laws in the region.
ary liability, three examples of jurisdictions that followed South Africa are provided below.
Page 5 of 25

(p. 220) 2.2 Ghana
Equivalent liability limitations where introduced in 2008 with the Electronic Transactions
Act (ETA), which lists in its article 1 all the aforementioned ECTA objectives and follows a
carve-outs for contractual liability and compliance with orders imposed by a court or a
competent authority (art. 95).23
ferring inter alia to obligations imposed under licensing or other regulatory regimes or
diary liability protections, even without being required to follow a specific procedure as
prescribed in ECTA.
There are two more important nuances which make ETA different from ECTA. The first
concerns the liability of service providers for wrongful takedowns, which is specifically
ages providers to consider the merits of a claim before proceeding to content removal. It
thus reduces the well-known chilling effects connected with the notice-and-takedown
process,24 whereby providers respond to one-sided incentives to avoid liability for failure
lation, by envisaging the possibility of the establishment of a voluntary industry code to

deal with any matter provided for in the Act;25 contrary to ECTA, however, it refrains from
imposing as a condition for enjoying liability limitations membership of a representative
larly from the perspective of small to medium-sized enterprises, while on the other hand
lessening the ability of regulators to nudge compliance with other public policies.
2.3 Zambia
tical title of the implementing act, the Electronic Communications and Transactions Act
of 2009. The objectives listed in the preamble to the Act differ only slightly from those of
the South African ECTA.26
ity concerns the liability for wrongful takedown. Perhaps due to the conflict in that
(p. 221) regard between the South African model and its first implementer (Ghana), the
drafters of the Zambian ECTA decided to leave that matter outside the safe harbour, as is
currently the case in many jurisdictions around the world. This means that service
providers may in principle be subject to liability under common law with respect to any
damages arising from wrongfully executed takedowns, although as a matter of fact it
a consequence of wrongful third parties notices. For that purpose, it may be relevant to
examine the due diligence of a provider in affording aggrieved parties an opportunity to
Page 6 of 25

ing applicable statutory defences.27
2.4 Uganda
communications and transaction, titled the Electronic Transaction Act28 and bearing a
great resemblance to the South African ECTA. In the interest of time, let us skip over the
objectives, which are by and large identical to those identified in ECTA, and zoom in on
three notable differences between the two Acts.
First, an important peculiarity exists in the wording of the conduit safe harbour here
which unlike the South African model explicitly provides shelter against both civil and
criminal liability.29 It also differs from that model (and from international practice) as it
of
purpose of providing access.
thing to the contrary in any written law, such courts have the power to impose a (p. 222)
gerously opens the door to the imposition of liability under the Act even in circumstances
falling within the safe harbours.
3.
gion: Implications for Intermediary Liability
table absence of intermediary liability protection in a number of African states, it is useful
tion. The history of regional interstate cooperation in Africa began in 1963, when thirty-
poses of the OAU included the promotion of the unity and solidarity of African states; the
defence of their sovereignty, territorial integrity, and independence; and the eradication
of all forms of colonialism from Africa.30 From the outset, there was an understanding
that social and economic issues would be part of the purview of the OAU: the Assembly of
the Heads of States and Governments, the OAU supreme organ, established a specialized
Page 7 of 25

ministerial commission to deal with social and economic issues. The OAU set its goal in
riers which led, for instance, to the Economic Community for West African States in 1975,
the Preferential Trade Area for Eastern and Southern Africa in 1981,31
tion among African states has been given since 1958 by the United Nations Economic
Commission for Africa.
It was only in the 1980s that the scope of cooperation expanded to encompass human
fettered state sovereignty on which the OAU had been based,32 conferring oversight and
the OAU in June 1998 and came into force on 25 January 2004.33
(p. 223) The Charter provides a strong foundation for the protection of fundamental rights
ments for the protection of human rights, it does not contain (with limited exceptions) a
list of circumstances under which each right may be interfered with. Instead, it contains a
with due regard to the rights of others, collective security, morality and common
34
ing from the strict necessity test applicable under other human rights frameworks, which
spirit of the right.35
expression shall be provided by law, serve a legitimate interest and be necessary and in a
36
However, the Declaration merely serves as a recommendation,
37
cy: this included the Assembly, the Executive Council, the pan-African Parliament, the
Commission, the Permanent Representatives Committee, and most importantly the
African Court of Justice to settle legal disputes among member states. The aims of the
AU, which administers a number of treaties amongst its fifty-five member states, include
Page 8 of 25

harmonize the policies between the existing and future regional economic communities
38
To accomplish those goals,
the AU does not need to go as far as adopting interstate treaties (p. 224) or agreements:
the Pan-African Parliament can propose model laws for the consideration and approval by
the Assembly (composed of the heads of state).39
Unfortunately, the only fully fledged initiative taken to date directly relating to electronic
communications is the AU Convention on Cyber Security and Personal Data Protection.
and which adheres to the legal and regulatory requirements on electronic transactions,
seminate or make available in any form writings, messages, photographs, drawings and
any other representation of ideas or theories of racist or xenophobic nature through a
40
tions rather than limitations of liability: it requires states parties to ensure that, in the
case of offences committed through a digital communication medium, the judge can hand
down additional sanctions;41
gal persons can be held criminally responsible for the offences listed in the Convention,
without excluding the liability of natural persons who are perpetrators or accomplices.42
4. Second-generation Liability Limitations: the

Rise of Hybrid Instruments
ly has no binding value: it has only received ratification by three AU Member States, as
opposed to the fifteen required to enter into force.43
ous to ignore the awareness-raising effect triggered by the whole process that led to the
adoption of the Convention, which has put cybersecurity and the protection of personal
data on the agenda of several AU Member States. This has also provided states with the
opportunity of introducing liability limitations into their legal frameworks, sometimes
amined in Section 2. The present section thus offers a snapshot of recent (p. 225)
Page 9 of 25

mediaries.
4.1 Malawi
In 2016, Malawi introduced comprehensive legislation, the Electronic Transactions Act,44
ing to cybersecurity concerns.45
tems, namely child pornography, cyber harassment, offensive communications, cyber

stalking, hacking, unlawfully disabling a computer system, spamming, and the broader
categories of illegal trade and commerce and attempting, aiding, and abetting a crime. As
for the AU Convention, some of those offences lend themselves to an interpretation that
would create intermediary liabilities: for instance, the distribution and transmission of
any pornographic material through an information system,46 knowingly permitting any
electronic communications device to be used for cyber harassment,47 and aiding and
abetting any other person to commit any of the offences under the Act.48
At the same time, the Act devotes its Part IV
tween these different themes, Part IV

munication, along with a closed list of exceptions.49 While these carve-outs may be used
scribed above, perhaps most concerning is the open-endedness of the last exception: its
even where this may be in conflict with the liability protections enshrined in the Act. This
virtually nullifies the value of the intermediary liability in section 100, according to which
The remainder of Part IV
court
order. Unlike other frameworks, however, Part IV includes in the safe harbours (p. 226)a
tual or constructive knowledge50

tion.51
bours remains unclear.
Page 10 of 25

4.2 Ethiopia
Also from 2016 is the Ethiopian Computer Crime Proclamation,52

53
Some of the crimes established
by the Proclamation could conceivably be committed by an intermediary: for example, the
distribution of a computer device or computer program designed or adapted exclusively
for the purpose of causing damage to a computer system, computer data, or network;54 or
the distribution of any picture, poster, video, or image through a computer system that
depicts a minor or a person appearing to be a minor engaged in sexually explicit
conduct;55
seminating any writing, video, audio, or any other image;56 or the dissemination of any
writing, video, audio, or any other picture that incites violence, chaos, or conflict among
people.57 However, unlike other jurisdictions introducing cybercrimes, the prohibitions
ability in the absence of specific knowledge of the nature of the intermediated speech. At
priate measures,58
59
when seen in conjunction with the blanket duty of retention of computer
traffic data for one year.60
nal liability of a service provider under sections 12 to 14 of the Proclamation (and, thus,
nated through its computer systems by third parties if: (1) it was directly involved in the
dissemination or edition of the content/data; or (2) upon obtaining actual knowledge that
the content data was illegal, failed to take any measure to remove or to disable (p. 227)
cess to the content data; or (3) failed to take appropriate measure to remove or to disable
thorities. In principle, this is the opposite of a safe harbour, as there is no guarantee in

the Act that the intermediary will be shielded from liability by engaging in the opposite of
the proscribed conduct. As a matter of practice, however, one can expect that the specific
stances in which secondary criminal liability can be imposed. Nevertheless, the flip side
of having some sort of liability limitation (rectius, clarification) in that law is that its focus
on criminal responsibility potentially leaves intermediaries wide open to other types of
claim, including civil liability, administrative orders, and injunctions.
4.3 Kenya
Kenya adopted its cybersecurity law, called the Computer Misuse and Cybercrimes Act, in
2018.61
Page 11 of 25

briefly mentioned at the end.
In addition to more conventional cybercrimes, the Act captures some of the most recent
concerns such as the publication of false information with the intent that the data will be
considered or acted on as authentic,62 its aggravated form when it is calculated to result
utation of a person,63 cyber harassment,64 wrongful distribution of obscene or intimate

images,65 and cyber-terrorism66
fully subordinated to the existence of intentionality, which should in principle rule out the
bility protection is strengthened by section 56, which provides a tripartite framework of

liability limitation:
first, a service provider shall not be subject to any civil or criminal liability, unless it
is established that it had
tent, and not merely through omission or failure to act
tated, aided, or abetted the use by any person of any computer system controlled or
managed by a service provider in connection with a contravention of the Act or any
other written law;
secondly, a service provider shall not be liable under the Act or any other law for
maintaining and making available the provision of their service;
thirdly, a service provider shall not be liable under the Act or any other law for the
disclosure of any data or other information that the service provider discloses only
(p. 228)
ers under Part IV
It should be noted that the first type of limitation represents the opposite extreme of the
safe harbour provided by the Ethiopian framework, parsing out the circumstances under
which the provider incurs no liability. Furthermore, all three limitations ostensibly reach
beyond the scope of cybercrime, excluding all types of civil and criminal liability and in
tion on how overlapping liability could be coordinated between different regimes.67 At the
clear, and the last condition has nothing to do with the legality of third party content. The
obvious explanation for such an expanded understanding of the liability of intermediaries,
matching equivalent provisions on data retention and interception in other cybercrime
laws, is that the ultimate goal was the establishment of an infrastructure permitting the
ness of content intermediation.
Page 12 of 25

4.4 South Africa
In 2017, South Africa introduced a Cybercrime Bill68 that aligns with the agenda set by
nancial institutions to assist in the investigation and reporting of cybercrimes.69

Prohibited acts in the Bill include unlawful distribution via a computer system of a data
message which incites damage to property or violence;70
ution of a data message containing an intimate image without consent;71 and unlawful
and intentional distribution of a harmful data message, which includes messages that
lence, encourage self-harm or harm others, and are inherently false in nature and aimed
at causing mental, psychological, physical, or economic harm to a specific person or a
group of persons.72
edge. However, the Bill does not foresee a specific mechanism whereby providers (p. 229)
certainty compared to the existing scenario under ECTA.
In contrast, the Bill envisages the creation of a specific mechanism, to be defined by the
cabinets of the minister responsible for policing and of the minister responsible for the
stitutions to report to the South African police without undue delay (and in any event
within seventy-two hours of becoming aware) the fact that their system is involved in the
commission of any category or class of offence identified by those cabinets.73 Similar to
ECTA, the Bill contains the caveat that it cannot be interpreted to impose on electronic
communication service providers and financial institutions any obligations to monitor the
transmitted or stored data or actively to seek facts or circumstances indicating unlawful
activity.74
formation that may be of assistance to law enforcement are backed up with an offence
and the imposition of a fine for failure to comply (R50,000).75
Inevitably, entry of the Bill into law would impact the regulatory environment concerning
lation, particularly in the light of the prominent role they play in South African society. In
lic of South Africa is founded. Such high importance is attributed to the rights to equality
and human dignity, contained in articles 9 and 10, that they are both considered non-
derogable even under the exceptional circumstances of a state of emergency identified in
section 37.
Page 13 of 25

tion of Equality and Prevention of Unfair & Discrimination Act (PEPUDA) of 2000. The
further details on the more general notion of unfair discrimination.76
ic, and scientific inquiry, fair and accurate reporting in the public interest, or the exercise
tion, advocacy, or communication of words based on one or more of the prohibited
goes beyond the narrow notion of hate speech carved out from the protection (p. 230) of
77
As written,
the prohibition poses a potentially very significant challenge for content moderation by
that it constitutes a bona fide engagement in one of those acts necessarily requires a
careful appreciation of the context of a communication.
The significance of this legislation is even greater considering that the anti-discrimination
law not only concerns civil liability. According to section 10(2) of the Act, the equality
courts retain discretion to forward the matter to the Director of Public Prosecutions for
the institution of criminal proceedings. In addition, in 2000 the Ad Hoc Joint Committee
er approved; however, in 2013 the Department of Justice and Constitutional Development
78
The Framework resulted in the Prevention and Combating of Hate Crimes
and Hate Speech Bill,79 which retains a prohibition identical to that contained in the
or makes available an electronic communication which that person knows constitutes

hate speech through an electronic communications system which is accessible by any
member of the public or by a specific person who can be considered a victim of hate
Page 14 of 25

ful nature of the speech is certainly welcome, one can expect that courts will construct
the provision to include both actual and constructive knowledge. An expansive reading of
this type of legislation would pose a threat to legal certainty for internet intermediaries,
and potentially undermine the effectiveness of the liability limitations. Unfortunately, the
cient to avert those consequences, as measures adopted in relation to the categories of

unprotected speech listed (p. 231) in article 16(2) do not require the fulfilment of the
stringent necessity test devised by section 36.80
In contrast, such a test would be applicable for other types of liability, for example for
South Africa under the common law notion of actio injuriarum
good name and reputation.81 The common law initially alleviated complainants from the
need to prove intentionality (animus injurandi) in the case of the media, thereby imposing
strict liability on newspapers owners, printers, publishers, and editors.82 However, later
judgments established that such strict liability had a significant chilling effect on the free
flow of information, and thus in line with section 36 a valid claim of defamation to trigger
a presumption of animus injurandi would need to show at least negligence on the part of
the media.83
tence of animus injurandi based on the circumstances of the case.84
The section 36 test also applies to the obligations imposed by the Film and Publication
Act (FPA), a law passed in 1996 with the objective of regulating the creation, production,
possession, and distribution of films, games, and certain publications in order to allow
turbing and harmful material, as well as to make the use of children in and the exposure
of children to pornography punishable.85 The FPA identifies a number of categories of
tion, and authorization by the Film and Publication Board (FPB), which must be complied
with by anyone intending to exhibit, distribute, publish, broadcast, or otherwise make
86
Section 36 provides solid ground for constitutional challenges to this legislation.

(p. 232)
Shortly after the introduction of the FPA, in De Reuck,87 the Constitutional Court initially
condoned the authorization regime of child pornography in recognition of the importance
of the accompanying exemptions. A few years later, however, in Print Media South
Africa,88 the court reached the opposite conclusion with regard to the broader category of
cause the legislator could have imposed less severe restrictions of freedom of expression,
Page 15 of 25

which to date includes cyber-cafes) to register with the Board and take reasonable steps
to prevent the use of their services for hosting or distributing child pornography.89 This is
despite the fact that failure to comply constitutes an offence punished with a fine and/or
90
4.4.1
The framework described previously complicates the picture initially painted for the
change for liability limitations.
However, the main problem with the implementation of that idea is that the Guidelines
developed by the Ministry of Communication left ample discretion for IRBs in the design
of such a procedure, resulting in a lack of certainty over the effective fulfilment of the
codes of conduct of the ECTA requirements: for example, while they list requirements
letter of Chapters 7 and 8 of ECTA and the obligations imposed by Chapters 3, 4, and 5 of
PAIA. Of course, section 79 of ECTA makes clear that violations of other laws would not
be shielded under the liability limitations offered by Chapter 11
means that liability will for instance not be escaped for failure to remove, or wrongful
that, while it is possible for an IRB or an ISP to establish more demanding liability
regimes, there is at the outset no coordination between ECTA and other laws.
(p. 233) of
spect to the requirements set out by the FPA on child pornography,91

quire ISPs to conduct packet inspection92 to verify the content of the communications.
However, the enhanced clarity is only apparent insofar as the guidance fails to refer to
monitoring which is de facto required for ISPs to avoid liability under the Equality Act.
In conclusion, the regime just described only appears
nately fails to provide the much-needed security, both because of its limited scope and the
lack of clarity of some of its key features: first, unlike many other regimes around the
duct of their users. Secondly, immunity from liability does not apply horizontally across
the board, but leaves intact liability under specific legislations such as the FPA or the
Equality Act. And, thirdly, the immunity conferred is deficient as ISPs could still be found
Page 16 of 25

cient under common law. Finally, as mentioned earlier (Section 2), the legal framework
users and ISPs.
Similar problems were detected in the observation of intermediary liability regimes in
ments of any other written law.
In Ethiopia, the insertion of liability limitations in the context of a cybercrime law was
myopically focused on the criminal responsibilities arising from the offences established
tions can be asserted in a proactive manner, preventing the attachment of liability under
93
ly, promises to be a valuable tool to prevent inconsistent frameworks both nationally and
across the region.
5. Conclusion: The Role of the African

(p. 234)
Union and the Promise of the South African

Model
This section concludes our brief overview of intermediary liability developments in the
African territory. After a reflection in Section 2 on the peculiarities of the African context,
Section 3 illustrated the success of South Africa in exporting its model throughout the
continent in a first wave of diffusion of intermediary liability protections, lasting for about
a decade from the early 2000s. Section 4 documented the emergence of a second wave
tion 4 also explained that the AU has not yet played the significant role that it could play
to promote regional harmonization on cyber-legislation, although the efforts undertaken
for the establishment of the AU Convention have proven influential in the region. It is
therefore natural to suggest that similar efforts could be made to create a shared notion
of intermediary liability limitations, and develop a consistent answer to the all-important
question of their relationship to obligations imposed on intermediaries in other statutes.
tions for the establishment of an African baseline model.
Page 17 of 25

ture is the Joint Declaration on Freedom of Expression and the Internet adopted in 2011
by the Special Rapporteur on Freedom of Expression and Access to Information of the
special rapporteurs.94
duits, searching, and caching providers in the absence of intervention in the content;95
and calls for minimum safeguards with regard to other intermediaries, including the no
monitoring principle and takedown procedures offering sufficient protection for freedom
of expression.96
tive tool for redressing harmful speech.97 This can usefully be read in conjunction with
section IX of the Declaration of Principles on Freedom of Expression in Africa, (p. 235)
ceiving complaints for violations of freedom of expression in the media, goes on to state
The bottom line in these declarations is not

tion. Rather, the suggestion is that the effectiveness of self-regulation can be harnessed
98
Co-regulation can be implemented in different forms and certainly within
In it and its Guidelines, the State imposed on intermediaries respect of certain principles
through a powerful incentive (the liability limitations) and yet left them with a discrete
margin of manoeuvre in how respect for those principles is embedded in the design and
spect of minimum standards of protection in different domains, including cybercrime,
tiveness.
However, when such responsibilities are passed on to private entities it is crucial not only
to maintain close supervision of enforcement, but also to craft the overarching framework
in a way that is consistent with the obligations contained in other legislation and ensures
TA and its Guidelines: they fail to address coordination with other legislation and causes
of action, and neglect the consideration of important fundamental rights (e.g. due
process) that remain conspicuously absent in the code of conduct adopted by the only
recognized IRB. While these problems could be tempered by a flourishing of parallel IRBs
sponsible entity for creating an environment conducive to such competition or otherwise

for ensuring fair and effective enforcement of digital rights. In that light, this chapter has
Page 18 of 25

ments and model laws, and thereby to promote human rights and economic development
across the region.
Notes:
(*) The author would like to acknowledge the support of the Fundação Getulio Vargas and
the CyberBRICS project, in the context of which he was hosted at the FGV Law School in
January and February 2019. See <https://cyberbrics.info/>.
(1
gramme in the World Bank Group that supports growth-oriented entrepreneurs through
velopment goals by building local capacity. See <http://www.infodev.org>.
(2) The entire collection of APC papers on this theme can be found at <https://
www.apc.org/en/node/15623>.
(3
Union on 21 March 1994 <http://vlib.iue.it/history/internet/algorespeech.html>.
(4
COM(94) 347 (1994).
(5
African Studies Centre (2000) <http://www.africa.upenn.edu/Urgent_Action/
apic-102900.html>; and the periodic status reports at <http://www.oafrica.com/articles/
reports>.
(6
<https://data.worldbank.org/indicator/IC.LGL.CRED.XQ>.
(7) See Department of Communications Republic of South Africa, Discussion Paper on

Electronic Commerce Policy (1999) <http://www.dpsa.gov.za/dpsa2g/documents/
acts&regulations/frameworks/e-commerce/ecomm-paper.pdf>.
(8) ibid. 29.
(9) ibid.
(10
tronic Commerce for South Africa (2000) <https://www.gov.za/sites/default/files/
gcis_document/201409/electroniccommerce1.pdf>. (It included the following questions:
ing copies (transient copies) of copyrighted works by the mere act of viewing them on
property rights with the need to promote use of e-commerce and cyberspace publishing?
Page 19 of 25

ation of digital paths linking two or more websites) an infringement of copyright? 5. How
(11) Electronic Transactions and Communications Act (ECTA) no. 25 of 30 August 2002 (S.
Africa).
(12
the facilitation and regulation of electronic communications and transactions; to provide
for the development of a national e-strategy for the Republic; to promote universal access
to electronic communications and transactions and the use of electronic transactions by
vent abuse of information systems; to encourage the use of e-government services; and to
(13) See s. 4(4).
(14) See Arthur E. Abrahams & Gross v Cohen and others [1991] (2) SA 301 (S. Africa).
(15) See Gramophone Co. Ltd v Musi Machine (Pty) Ltd and others [1973] (3) SA 188, 188
(S. Africa); Paramount Pictures Corp. v Video Parktown North (Pty) Ltd [1986] (2) SA 623
(T), 251 (S. Africa).
(16) See s. 4(4).
(17) See ECTA (n. 11) s. 72.
(18
ty in Africa Research Papers 3/2012 (2012).
(19) Fees for membership of the Internet Service Provider Association (which has for a
number of years been the only IRB) are not negligible, amounting to a minimum of a
monthly R5,250.00 + R735.00 VAT (more than US$400 in total). Actual rates depend on
http://ispa.org.za/
membership>.
(20) Government Notice, Gazette 14 December 2006, no. 29474.
(21) Minimum requirements, e.g., require: the adoption of professional conduct; the use of
standard terms with a commitment not to spam or infringe intellectual property; the
promise of reasonably feasible service levels; the protection of copyright, minors, and
against spam and cybercrime; the availability of a complaint procedure, a disciplinary
els of commitment under those categories.
(22) See ISPA, Take Down Procedure v 3.2 <http://ispa.org.za/code-of-conduct/take-down-

procedure>.
Page 20 of 25

(23) See Electronic Transactions Act (ETA) of 2008 no. 772 of 2008 (Ghana).
(24
(25) See ETA, s. 89 (Ghana).
(26
tre for the interception of communications.
(27) The existence of a duty to consider such defences was affirmed in the United States
by the Ninth Circuit Court of Appeals in Lenz v Universal Music Corp. 801 F.3d 1126 (9th
Cir. 2015) (US).
(28) Electronic Transaction Act, Act Supplement no. 4 of 18 March 2011, Uganda Gazette
no. 19 Vol. CIV of 18 March 2011 (Ug.).
(29
criminal liability in respect of third-party material which is in the form of electronic
making, publication, dissemination or distribution of the material or a statement made in
(30) See OAU Charter of 25 May 1963, Art. 2.
(31
(32
(33
als.
(34
October 1986), OAU Doc. CAB/LEG/67/3 rev. 5, 21 ILM 58 (1982), Art. 27.
(35
Human Rights and Development in Africa
(36) African Commission, Declaration of Principles on Freedom of Expression in Africa of

2002, Art. 2.
(37) ibid. Art. 16.
(38) Constitutive Act of the African Union of 11 June 2000, Art. 3(c), (h), (j), and (k).
Page 21 of 25

(39) ibid. Art. 8 (relating to the Pan-African Parliament).
(40) AU Convention on Cyber Security and Personal Data Protection of 27 June 2014, Art.
29(a) and (e).
(41) ibid. Art. 31(2)(a).
(42) ibid. Arts 31(2)(a) and 30(2).
(43) ibid. Art. 36.
(44) Electronic Transactions Act (ETA) no. 33 of 2016 (Mal.).
(45) ibid. Preamble.
(46) ibid. s. 85(2)(e) (emphasis added).
(47) See ibid. s. 86(c).
(48) See ibid. s. 93(2).
(49
phobia or violence, and justification for crimes against humanity; the promotion of human
der and national security, the facilitation of technical restrictions to conditional access to
online communication; and the enhancement of compliance with the requirements of any
other written law.
(50) See ETA, s. 25(1) (Mal.).
(51) ibid. s. 25(4).
(52) Ethiopian Computer Crime Proclamation no. 958 of 2016, Official Gazette, 22nd Year
no. 83, 91904 (Eth.).
(54) ibid. s. 7(2).
(55) ibid. s. 12(1).
(56) ibid. s. 13.
(57) ibid. s. 14.
(58) ibid. s. 27.
(59
Page 22 of 25

ca Belli and Nicolo Zingales (eds), Platform Regulations. How Platforms are Regulated
and How They Regulate Us (Fundação Getulio Vargas Press 2017).
(60) Computer Crime Proclamation, s. 24 (Eth.).
(61) Law no. 5 of 2018, entered into force 30 May 2018 (Ken.).
(62) ibid. s. 22.
(63) ibid. s. 23.
(64) ibid. s. 27.
(65) ibid. s. 37.
(66) ibid. s. 33.
(67
right infringement. See <https://ipkenya.wordpress.com/tag/isp-liability>. However, the

amendment was never adopted into law.
(68) See Cybercrime and Cybersecurity Bill B6-2017, published in Government Gazette no.
40487 of 9 December 2016 (S. Africa).
(70) ibid. s. 16.
(71) ibid. s. 18.
(72) ibid. s. 17.
(73) ibid. s. 52(1) and (2).
(74) ibid. s. 52(4).
(75) ibid. s. 52(3). On 28 January 2019, that amount was equivalent to US$3,658.
(76) See Promotion of Equality and Prevention of Unfair Discrimination Act no. 4 of 2000,
s. 14 (S. Africa).
(77) ibid. s. 16.
(78
Sun Hotel, 25 August 2013) <http://www.justice.gov.za/m:speeches/2013/20130825-hate-
speech.html>.
(79) Bill published in Government Gazette no. 41543 of 29 March 2018 (S. Africa).
Page 23 of 25

(80
law of general application to the extent that the limitation is reasonable and justifiable in
to account all relevant factors, including: (a) the nature of the right; (b) the importance of
the purpose of the limitation; (c) the nature and extent of the limitation; (d) the relation
(81) See Van Zyl v Jonathan Ball Publishers (Pty) Ltd [1999] (4) SA 571 (W) (S. Africa);
tional Media Ltd v Bogoshi [1998] (4) SA 1196 (A) (S. Africa).
(82) Pakendorf and Others v De Flamingh [1982] ZAENGTR 1 (31 March 1982) (S. Africa).
(83) See e.g. National Media Ltd v Bogoshi [1998] 4 All SA 347 (A) (S. Africa).
(84) See Khumalo & Others v Holomisa [2002] (5) SA 401 (CC) (S. Africa). The factors that
ture and tone of the report; (2) the nature of information on which the allegations were
to publish. See also, most recently, Sayed v Editor, Cape Times [2004] (1) SA 58 (c) 73 (S.
Africa).
(85) See Film and Publication Act (FPA) (1996) s. 2 (S. Africa).
(86
(87) See De Reuck v Director of Public Prosecutions [2003] (12) BCLR 1333 (S. Africa).
(88) See Print Media South Africa v Minister of Home Affairs [2012] (6) SA 443 (CC) (S.
Africa).
(89) See FPA (n. 85) s. 27A(1) (S. Africa).
(90) ibid. s. 27A(4).
(91
(92
lows monitoring at a lower layer.
(93) See Information Technology Act no. 21 of 2000, s. 79 (Mal.).
Page 24 of 25

(94
eration in Europe (OSCE) Representative on Freedom of the Media, the Organization of

American States (OAS) Special Rapporteur on Freedom of Expression and the African
http://www.osce.org/fom/78309?download
=true>.
(95) Or if they refuse to obey a court order. See ibid. s. 2(a).
(96) ibid. s. 2(b).
(97) ibid. XI.
(98) For an in-depth illustration of this concept, see Chris Marsden,

tion: European Law, Regulatory Convergence and Legitimacy in Cyberspace (CUP 2011).
Nicolo Zingales
ate Scholar at Stanford Center for Internet and Society, and a Research Associate at
nomics Centre. Email: nicolozingales@gmail.com.
Page 25 of 25

The Marco Civil da Internet and Digital Constitutionalism
ism
Luiz Fernando Marrey Moncau Diego Werneck Arguelhes
Between 2009 and 2014, Brazilian civil society groups and government engaged with and
cific rules, that articulate rights and limitations on the exercise of power on the internet.
ered a landmark for the constitutionalization of the digital environment? This chapter, in
order to address those questions, will review the intermediary liability regime before the
tice. Finally, it will analyse the MCI in the light of digital constitutionalism theories.
Keywords: Brazil, Marco Civil da Internet, immunities, online intermediaries, digital constitutionalism
*
THE
tions in shaping the digital world, by empowering or limiting private and state actors, by
of their users, these rules can even shape business models, and well-crafted intermediary
In Brazil, the landmark statute on the liability of internet intermediaries is Law

12.965/2014 which has been labelled the Civil Rights Framework1 for the Internet (Marco
Civil da Internet, or MCI).2 The MCI was enacted by Congress in 2014, with enormous
support from both civil society entities and internet companies, and it was (p. 191) praised
er human rights.3
Page 1 of 27

In substance, the MCI shifted the balance of power between private and state actors. It
enforcement authorities and internet access providers, while also creating the obligation
for the latter to retain certain types of data that would allow the identification of users
procedures and conditions that, if followed by OSPs, limit their civil and criminal liability
for acts committed by their users. In doing so, the MCI reduced the incentives for OSPs to
police the online activity of its users, for example by removing controversial content
shared by its users so as to avoid liability.
While it adopts specific rules on liability, the MCI also establishes broad principles and
expansive guidelines, and expressly affirms the protection of freedom of expression and
privacy in the digital sphere, against both public and private actors. These and other
traits of the MCI (e.g. the high level of civil society mobilization around its drafting and
4
Indeed, as we will see later, the MCI does embody
5
plaining how different business, government, and civil society actors pushed for and
shaped this law. We will then engage with the substance of the MCI, focusing specifically
on its main intermediary liability provisions and how they are being applied in practice,
so far, by Brazilian courts. In exploring the contrast between the formal provisions and
ties the MCI grants them and the requirements for a valid court order targeting illegal
content, depending on the kinds of user activities.
1.
(p. 192)
ternet
1.1
source of legal uncertainty that was harmful to internet platforms, as both companies and
legal content online.
An early example of such pre-MCI measures was the judicial decision on the Cicarelli
case,6 which led to the blockage of the video-streaming platform YouTube for almost
forty-eight hours. The famous model and TV host Daniela Cicarelli and her boyfriend sued
YouTube and demanded the removal of an unauthorized video, as well as damages for the
Page 2 of 27

inary injunction to remove the videos from YouTube. Although the request was denied by
peals of the State of São Paulo, which required YouTube to block online access to the
videos.7
nal video kept resurfacing on the platform. Considering the potential damages to the
bone companies, the Court of Appeals of São Paulo reversed the blocking and said that its
original decision had been misinterpreted. The court clarified that the original blocking
fore should not reach the video platform in its entirety.
The case was dismissed at trial level in 2007. In ruling favourably for YouTube, the judge
considered that no privacy rights had been violated, since the intimate scenes had been
ing warning and ultimately punishing all users who re-uploaded the video. The court also
set a daily fine in case of non-compliance with the decision. In 2015, the Superior Court
of Justice (STJ), in a new appeal on that case, reviewed the amount of damages (p. 193)
awarded to the plaintiffs in the lower courts, and eventually decreased them from almost
100 million reais (in total) to 250,000 reais for each plaintiff.8
lustrate the legal uncertainty around the liability of internet intermediaries in the pre-
MCI era.
On one of the first occasions that the STJ assessed the liability of internet intermediaries,
the court ruled favourably for state prosecutors from the Brazilian state of Rondônia
dering Google to remove and to prevent the re-uploading of defamatory content against
vent the re-uploading of similar content, leading the Rondônia State Court to impose a
the STJ, arguing that it had no technical means for pre-screening or monitoring all the
moving the illegal content was not enough, and that Google should be held jointly liable
(together with its users) in case new, similar content was posted.9
Page 3 of 27

The same court, however, pointed in a different direction in a December 2010 decision,
also involving Orkut.10 In that case, the Third Chamber of the STJ developed an argument
to set aside the strict liability rule required by the Consumer Protection Code. Although it
service Google provided. Therefore, the service should not be considered defective. The
strict liability rule. Instead, OSPs such as Google would be required simply to promptly
remove the content on notice and to adopt measures to allow the identification of its
ities.11
The same rationale would then be used to decide one of the first cases against the Google
search engine, but with two important twists. In a case dealing with the de-indexation of
defamatory content, the STJ moved beyond its previous decisions in affirming that, as the
plaintiff had been able to identify the precise URL to be delisted, she could be expected to
have been able to identify the original publisher of the harmful content. If that was the
case, reasoned the court, then it would be more appropriate for the plaintiff to bring an
action against the original publisher and not against the search (p. 194) engine, which
would only index publicly available information. In other words, the decision indicated
that search engines cannot be compelled to remove content from their indexes, even
when that content is deemed illegal.12 In a case decided in December 2013, however, the
court crafted an exception to that rule, affirming that the search engine could be sued
even if the original content had been removed or altered in the original source, as long as
it still appeared as a search result. Therefore, the decision indicated that a search engine
can be compelled to update its cache memory to reflect the current, actual state of the
original source.13
In 2011, another case involving Orkut was decided by the Fourth Chamber of the STJ. The
plaintiff requested the platform to exclude all defamatory content against him, as well as
move, within forty-eight hours, all negative topics relating to the plaintiff. The trial court
reached the Superior STJ after an appeal by Google. The STJ affirmed that the platform
should be able to filter uncontroversially defamatory content. In its decision, the STJ said
(1) that even if automated filtering was impossible in the case of controversial speech, the
company should bear responsibility for assessing the content and keeping it online at its
tentially offensive message as soon as it is posted, regardless of notification by the person
Google to proactively monitor and remove the content from the Orkut social network.14
Page 4 of 27

ed. In the Dafra

ment due to a parody of a commercial of Dafra (a motorcycle manufacturer) that made
takedown request. However, Dafra filed a lawsuit requesting YouTube to actively prevent
act title as the first video and regardless of which user had uploaded it. The plaintiff also
sought to identify the user who posted the parody and asked YouTube to pay monetary
odies are among the exceptions to copyright protection in Brazilian copyright law.15
Moreover, the decision affirmed that after being formally notified by the plaintiff,
YouTube had an obligation to remove all existing videos with the same title, despite the
(p. 195) precise identification of the URL.16 The opinion of Judge Luis Felipe Salomão (in
loaded to the platform. However, the opinion also emphasized that, because this issue had
not been raised by the plaintiff, it was beyond the scope of the appeal. The obligation to
indicate the URL of the content to be removed was eventually settled in a different case
ber 2013, the Court stated that the specific URL is an essential requirement for a court
order to determine the removal of content.17
forms should bear the full risks of illegal activities by their users. As detailed in the next
fairs, bringing more legal certainty for internet users and intermediaries.
However, even today, some important pre-MCI cases are still pending in the Brazilian
18
A high school teacher, Ms Aliandra
ing defamatory comments. As Orkut refused to take the community down, Ms Vieira filed
a lawsuit against the company before a small claims court in the state of Minas Gerais,
requesting an injunction to take down the community, as well as damages from Google for
peal to the Court of Appeals of Minas Gerais was repealed, and the court affirmed that
the company should indeed be considered strictly liable for user-posted content. Google
docket. The STF has so far only recognized its jurisdiction on the case by recognizing that
pended.
As these and other cases made their way through the Brazilian courts, the media, and the
legal community, legislative debates in Congress were pushing for the enactment of a
Page 5 of 27

statute regulating the activities of internet intermediaries. Among many such legislative
Senator Eduardo Azeredo.19

tions as a move to censor online speech and to strengthen the protection of IP rights.
(p. 196) It triggered reactions from different social sectors and led to a public campaign
come clear that innovation and protection of human rights online would depend on the
enactment of a civil rights framework for the internet.
1.2 The MCI Legislative Process
20
Almost at the same time, the
Brazilian Congress was facing mounting pressure from organized civil society groups
aimed to create a national legal framework for preventing and fighting cybercrime. His
proposal was largely inspired by the Budapest Convention, a controversial international
treaty sponsored by the Council of Europe and approved in 2001, shortly after the 9/11
attacks in United States.21 The Azeredo Bill raised serious concerns about privacy and
surveillance among Brazilian internet activists. It established mandatory data retention,
for a period of five years, for all internet service providers (ISPs) active in the country.
Furthermore, public interest groups voiced concerns that the Bill could be employed to
criminalize common and widely accepted behaviours by internet users, as well as to
strengthen the enforcement of IP rights online.22
tion.
The process began with public debates on the general principles that should govern the
internet (broadly inspired by the CGI Charter of Principles for the Governance and Use
(p. 197) of Internet).23
tation.
The level of public engagement with the consultations24

dividual users and governmental and non-governmental entities submitted more than
over 2,000 contributions, and the substance of that input was in many ways reflected in
Page 6 of 27

the final text of the Bill. One of the main changes adopted during the public consultations
ty by a set of safe harbour rules, by which intermediaries would be liable only if they
failed to comply with a direct court order requiring the removal of infringing content.
The final draft was presented to Congress on 24 August 2011.25
during the consultation process, the proposal was stopped in its tracks in Congress.
ers lobbied against any change that could amount to making copyright more flexible; and
public authorities lobbied for longer data retention periods and reduced safeguards and
scape, re-energizing public support for increased control on how power can be exercised
tion revealed by the leaks, President Dilma Rousseff issued a message endowing the MCI
26
tice, this meant that each of the two legislative chambers, the Chamber of Deputies and
the Federal Senate, would have forty-five days to vote on the Bill. The urgency procedure
hastened deliberations in the Chamber but several points in the text had to be negotiated
between political leaders before the Bill was finally approved by the Deputies on 25
bly made things faster in the Senate, where the Bill was quickly discussed and approved
on 22 April and officially converted into law during the Meeting on 23 April 2014.
(p. 198) 2.
ernance such as data retention, network neutrality, privacy, and jurisdiction and conflict
of laws issues, as well as defining the rights and principles for the internet in Brazil.
2.1 General Provisions of the MCI
Data retention
tory data retention for internet intermediaries. The MCI has more moderate provisions to
nectivity services is only one year.27 Due to lobbying and public pressure by the federal
months).28 The provision was criticized due to the risks it poses to privacy. However, it
provided a clear answer to the question of the obligations of internet intermediaries to
Page 7 of 27

provide information to authorities investigating users engaging in illegal activities online.

Moreover, it created an important privacy safeguard in establishing that the authorities
can only access the data thus retained by means of a court order.
Net neutrality. Before the MCI, debates in Congress around the Azeredo Bill considered
requiring intermediaries to proactively and pre-emptively monitor their networks and
platforms, as well as to secretly inform authorities of potentially illegal activities by their
users. This was a highly demanding obligation for ISPs, and it expressed how cybercrime
tion at that point. In contrast, the net neutrality provision adopted in the MCI expressly
rejects such an obligation. Article 9, § 3º establishes that access providers cannot block,
monitor, filter, or analyse the content of data packets flowing through their networks,
net service itself.29 The rule may provide an important defence against judicial decisions
poses.
(p. 199) However, there are ongoing lobbying efforts by copyright holders to promote new
30
Privacy. In Brazil, as elsewhere, the Snowden revelations brought privacy concerns to the
fore, in addition to the freedom of expression concerns that had typically characterized a
previous generation on internet governance debates.31 A small number of explicit privacy
about how their personal data is being collected and processed, and a right not to have
collected.32
ject to their specific consent.33
Other rights and principles. Article 7, IV of the MCI also establishes a right of internet
34
This means, in practice, that the MCI forbids
law enforcement policies or agreements between private actors that would allow for the
cussed in the early 2000s).35
2.2 Intermediary Liability Rules
36
37
Article 19 establishes the
intermediary liability rules for application providers, stating that an application provider
Page 8 of 27

38
The MCI, therefore, does not take into account whether the intermediary was aware of
the existence of infringing content on its platform. Requiring a court order means (p. 200)
rejecting using such awareness as a standard to make OSPs liable. Moreover, it makes it
spective is further developed in the first paragraph of article 19, which states that the
court order must provide a clear identification pointing to the specific infringing content,
39
If the court order standard
toring of content, the specific and clear identification of the infringing content prevents
40
An important exception, however, can be found in the second paragraph of article 19.
equally to all types of illegal content. However, lobbying efforts from copyright holders
and broadcasters led to the creation of this specific provision, which explicitly states that
copyright infringement is an exception to the general rule of article 19.41 As the current
down regime for copyright infringement, following the model established in the United
tive.42
During the MCI debates in Congress, members of parliament were concerned with the
possibility that illegal and harmful content would stay online for long periods before
courts could issue a decision determining its removal. In this sense, the third paragraph
creased speed, simpler procedural requirements, and in which parties could represent
themselves (i.e. without having to hire a lawyer) under certain conditions.43 Paragraph
four of article 19 also allows judges to issue preliminary injunctions that may pave the
44
45
Following the general rule of article 19, the
(p. 201)
46
Page 9 of 27

2.3 Intermediary Liability Beyond the MCI
While the copyright exception in the MCI is not included in copyright laws, other statutes
47
and child protection laws48
mediary liability and address the question of online content removal. In the electoral
sphere, after public debates on whether removal of content that violates electoral law
quirement, thus reconciling electoral laws with the general rule of the MCI. Brazilian
electoral laws are updated before each election. Law 9.504 states that promoted content
on the internet can only be removed after a specific court order.49 The Superior Electoral
50
Article
33 also establishes other details, such as that court orders must point to the URL of the
infringing content; that such orders must not require the removal of content in less than
ders will cease after the end of the electoral period.51
The Child and Adolescent Statute (ECA) criminalizes the act of offering, trading, making
available, distributing, or publishing by any means photographs, videos, or any records of
sexual nature involving children or adolescents.52
ment which can be applied to anyone who provides the means or services for access to
able when the service provider, once notified, does not disable access to the infringing
content.53
tices to avoid criminal liability under the ECA.
(p. 202) 3. The MCI in Practice

3.1 The Brazilian Justice System
The Brazilian federation has a dual judicial system, with both state and federal courts.54
ae: all cases in which one of the parties is the federal government, one of its agencies, or
one its companies must be litigated before the federal courts.55 Moreover, the Brazilian
justice system is further divided into specialized branches with separate labour courts,
es arising under federal law. In the case of the MCI, litigation typically takes place in the
state court system, unless the federal government or one of its entities is a defendant or
plaintiff.
Page 10 of 27

the Supremo Tribunal Federal, which has jurisdiction over appeals and abstract review
lawsuits in which a constitutional question is raised, and the Superior Tribunal de
Justiça.56 Appeals on cases involving the MCI typically reach the STJ as the third and last
instance for appeals. However, in Brazilian legal practice it is not particularly hard to
ample, it can be argued that the (mis)application of the MCI in a given case violates free
terms, decisions on MCI-related issues are expected to come more often from the STJ
than from the STF.
lower courts is a complex issue in Brazilian law. Formally, there is no system of binding
precedent. When a high court decides a concrete case, the conventional, traditional view
is that such a ruling is binding only for the litigating parties; Brazilian judges have been
tion as persuasive, non-binding authority. This scenario has changed considerably since
the 1990s, and especially since the Judicial Reform of 2005 and the Civil Procedure
Code of 2015.57 These most recent rules create many mechanisms by which high
(p. 203)
courts can quickly dismiss appeals that are in tension with their established case law. In
58
Regarding the timing of the decisions, judicial developments on the MCI are shaped by a
very long proceedings. It is not rare for appeals at the STJ and STF to take several years
dicial custom in place constraining these judicial actors in that regard.59
This arrangement means that, in spite of the very large backlog, some cases are selected
for a quick decision, while others will linger in the docket for years and sometimes
sies involving new statutes, such as the MCI, will be settled by the STJ or perhaps the
there is no reliable way of estimating when they will be decided.
3.2 Relevant Decisions in High Courts
Page 11 of 27

towards or away from the idea of safe harbours for internet intermediaries that promptly
removed illegal content, when requested to do so, and that provided the means to identify
users engaged in illegal activities.60 The MCI was drafted, among other reasons, precisely
pressly created a safe harbour provision as a general rule. The law became an important
trench not only for protecting internet companies but also for freedom of expression.
(p. 204)
aries have been issued by the STJ. In a recent official compilation of its decisions on the
aries: (1) are not strictly liable for user-generated illegal content; (2) cannot be compelled
to pre-emptively filter information uploaded by users; (3) must remove infringing content
as soon as they are made aware of illegal content on their platforms, and have to pay
damages if they fail to do so; and (4) must develop and maintain minimally effective
mechanisms to enable the identification of their users.61
The STJ decisions also seem to assert, as a general rule, that those seeking the removal of
URLs to clearly identify the infringing content to be removed is a safe, objective criteria
62
the indexing of content publicly available on the internet. As mentioned in Section 2.1,
the pre-MCI decisions by the STJ had asserted that search engines would not be liable for
the content indexed by their services. However, the court maintained the same position
even after enactment of the MCI, in a case decided in December 2016. Following the pre-
pelled to remove infringing contents from its index.63
However, this position is not settled within the court. In a case in May 2018 involving a
64
the same Third Chamber decided, by a majority, that
Google had to delist from its search engine page of results a number of links pointing to
proved (and still not in force) Brazilian Data Protection Law, which created a legal
(p. 205) framework in Brazil very similar to the current European laws on data
protection.65
sion, including (and most importantly) the legal grounds that would justify the delisting
from search engines of content that could be considered perfectly legal.66
Page 12 of 27

3.3 Cases Pending Before the Federal Supreme Court
In addition to the pre-MCI Aliandra case (discussed in Section 2.1), three relevant cases
are still pending before the STF. In the first case (Recurso Extraordinário no. 1.037.396),
67
Two
68
other cases (ADI 5527 and APDF 403/2016)
tion requested by authorities during the course of criminal investigations.
. In a case originally brought before the

small claims courts of São Paulo, the plaintiff requested the exclusion of a fake profile
dress of the computer used to create and manage the profile.69 The trial judge agreed
considered that Facebook had acted promptly after the court ordered the removal of the
(Colégio Recursal) decided that Facebook was liable for not removing the fake profile and
for not providing the proper tools to remove the content. The judges decided that article
shrined in the Brazilian Constitution and the Consumer Protection Code, and awarded the
plaintiff 10,000 reais in damages.70 On appeal, Facebook requested the STF to affirm the
constitutionality of article 19, dispelling the alleged conflict between the (p. 206) MCI and
the consumer protection rules. The STF has so far only determined that the constitutional
ed to decide the case.71

sue of intermediary liability, and the fate of the safe harbour regime adopted in article 19
. Since WhatsApp arrived in Brazil, trial

judges have ordered the suspension of the messaging application (owned by Facebook) on
four different occasions, three of which resulted in the complete blocking of the service
ta about investigated individuals. As some of the cases were not public, it is not entirely
der the MCI (e.g. application logs), or if they involved the actual content of WhatsApp
conversations, which would be protected by end-to-end cryptography. The blockages were
tional review lawsuits directly before the STF. In ADI 5527,72 filed by the Partido da
73
tido Popular Socialista (PPS), the plaintiff asked the STF to declare the same provisions
Page 13 of 27

tional measure. At the time of writing, the cases are still pending before the STF.74
4. The MCI and Digital Constitutionalism
tiatives that sought to articulate a set of political rights, governance norms, and (p. 207)
75
ting to specific rights and legal principles that must shape online interactions between
citizens, companies, and the state.76
77
the normative commitments they express.78
In one influential attempt to map the state of DC initiatives globally, Redeker and others
nance for both state and private actors online, and laying down limits to state power; (2)
stitutional norm; (4) they are, at least on some level, comprehensive efforts, in the sense
that they favour broad principles instead of focusing on specific policy issues; (5) they
79
Evaluated against these criteria, the MCI arguably stands out as a particularly intense
manifestation of DC. Out of the thirty-two documents compiled by Redeker and other, the
MCI is the only one that currently has the status of a formal statute. Most examples of DC
ed by legislatures.80
originating from the government, and while it is true that the executive branch (p. 208)
played an important role in shaping and promoting the proposal, the MCI was enacted by
the Brazilian Congress after a high level of participation and engagement by civil society
tant role, the final text was hailed in the Brazilian political community as a landmark
ward.81
Page 14 of 27

ments and traditional constitutional concerns, arguments, ideas, and texts. It includes
tional language and aspirations in attempting to regulate the internet, focusing on broad
ed. In the most recent version of their study, Redeker and others acknowledge that,
private actors.82
tion to the fact that, in contemporary societies, and especially on the internet, individual
rights are put at risk by private actors as often as (if not more than) by state or quasi-
state actors.83
Private power is typically exercised online by corporations that control, in many ways, a
84
tions increasingly became the central arena for the challenge of controlling power and
protecting rights online.85 In this scenario, beyond noting descriptive regularities in such
movements for protecting rights online, some commentators have adopted a normative
dimension and proposed specific versions of constitutionalist ideology for the virtual
world.86 In doing so, they make the claim that we should
(p. 209)
realm where the enjoyment of powers is very much threatened by private companies that
hold the resources and tools to shape our online lives.87
criticized for simply affirming, on the internet, the applicability of the same rights as
those enjoyed outside the virtual sphere.88 But this, in itself, is a consequential legislative
decision, with implications beyond the specific rights affirmed. Asserting the applicability
vate governance of the internet. Moreover, in certain legal communities it might also
vate actors, such as OSPs, of freedom of expression, access to information, privacy, and
property, among other fundamental rights.
ing the rights to privacy and freedom of expression in communications is a precondition

89
90
These broad principles are
override contractual clauses that purport to regulate those matters differently.91
Page 15 of 27

though falling short of articulating a complete data protection regime, the MCI mandates
that OSPs clearly inform their users of how their personal data is collected and
processed, and users have the right not to have such data employed for purposes other
than that for which consent was originally given.92 Moreover, article 10 and its provisions
sonal data and the content of private communications, must be stored and made available
(p. 210) the
the content of communications can only be made available by means of a court order.93
Secondly, as already mentioned, article 7, IV of the MCI affirms the right of internet users
not to be disconnected from the internet, except when the disconnection of the service is
due to a debt directly originating from its use.94 Within the MCI framework, access to the
ed to the internet is designed to be enforceable against some private parties (access
95
The wording of these
provisions and the legislative history of the MCI leave no doubt that this limited right to
internet access is enforceable against private companies.96 Beyond judicial enforcement,
net.
Thirdly, is the issue of protecting freedom of expression against private parties. While the
MCI states that freedom of expression will be protected online,97 it does not explicitly
extent that state actors are bound. However, in article 19 the MCI seems to at least hint
in that direction. Before laying out the rules for (conditional) intermediary liability, article
98
Indeed, at least some trial and appellate court decisions that have treated article 19 as a
the Third Chamber of Santa Catarina Court of Appeals (TJSC), for example, confirmed a
trial court decision affirming that in the absence of a specific court order, Google could
not remove content posted by a user after receiving notification by a third party claiming
that there was a copyright violation. In their reading of article 19, the judges stated that
99
The majority opinion
(p. 211)
gard, and therefore should not be enforced.100
cedural concerns in the way OSPs deal with removal requests.101 That is, even when the
Page 16 of 27

MCI authorizes content to be removed, it establishes a procedure for user participation

and defence that must be followed. Still, neither of the two high courts (the STF and STJ)
tecting rights in a virtual world shaped and governed by private actors.102
5. Concluding Remarks
nario of legal uncertainty, it attempted to define a clear regime for intermediary liability,
balancing freedom of expression, privacy, and due process concerns as well as affirming a
connection between access to the internet and citizenship.
The MCI includes several provisions affecting the activities of internet intermediaries,
rower, conditional immunity to other OSPs. As a general rule, application providers will
ders its removal. The only two exceptions crafted by the law are copyright violations and
By requiring such a court order, the MCI repeals strict liability regimes and
(p. 212)
proactive monitoring of content. Moreover, requiring specific and clear identification of
form or service).103
In practice, however, other laws may come into play in such cases, depending on the type
vide a clear identification pointing to the specific
Electoral laws, however, go beyond the MCI in defining that content removal orders must
cases). The Child and Adolescent Statute (ECA) also established a specific framework for
content removal, by defining crimes relating to distributing or publishing by any means,
photographs, videos, or any records of a sexual nature involving children or adolescents.
Page 17 of 27

In practice, this means that service providers must respond to takedown notices to avoid
criminal liability under the ECA.
courts and three important cases are pending before the STF. The most important case
vestigations.
As these cases illustrate, the MCI rights and principles will have to be interpreted by
ternet in Brazil. Formally, the MCI is simply an ordinary federal statute; it does not have
has conferred on international human rights norms.104 The MCI can thus be superseded
by future legislation, and new rounds of legislation are expected on related issues such as
copyright, trade mark, and publicity and image rights.
Moreover, on these topics, it is still debatable whether even a more recent statute like the
MCI has successfully displaced, in the judicial mindset and judicial decisions, older
(p. 213) statutes of the same rank, for example the Civil Code or the Consumer Protection
strict its scope by giving greater weight to rules emanating from different legal regimes.
That is not to say that the MCI is in a particularly vulnerable position. In Brazil, many
high-profile, landmark statutes are in the same situation as the MCI: the Civil Code, the
dinary statutes that, considering how much thought, effort, and (in the case of the MCI)
ent whole, for longer than a few legislatures. But this normative aspiration of scholars
and
cific domain, is always a matter to be decided and shaped by judicial decisions.
At least in its first half-decade of existence, however, and in spite of permanent lobbying
efforts by business sectors, the MCI has so far resisted significant change, either through
new rounds of legislation or through judicial interpretation. While this resilience remains
Page 18 of 27

ered political and doctrinal relevance beyond its formal status as an ordinary federal law
Notes:
(*) We would like to thank Clara Iglesias Keller and the editor of this Handbook for helpful
comments, and Renan Medeiros de Oliveira for excellent research assistance. Brazilian
legislation can be found at <http://www.planalto.gov.br> and case law at <http://
www.stj.jus.br>, <http/://www.tse.jus.br>, and <http://www.omci.org.br>.
(1
Marco
Civil da Internet
(2) See Marco Civil da Internet 2014 (BR) (hereafter MCI 2014).
(3
ONUBR, 9 April 2014) <https://nacoesunidas.org/projeto-
brasileiro-de-marco-civil-da-internet-e-modelo-internacional-diz-relator-da-onu/>.
(4
World Wide Web Foundation, 26 March 2014) <http://webfoundation.org/
2014/03/welcoming-brazils-marco-civil-a-world-first-digital-bill-of-rights/>. On a more
rights that already exist in Brazil (albeit in a latent or vague form), rather than creating
(5
(6) For additional details and documents and an overview of the case in English, see
Bloqueios.info, 9 January 2007) <http://bloqueios.info/en/casos/non-compliance-

with-judicial-requests-for-content-removal/>.
(7 ConJur,
28 September 2006) <https://www.conjur.com.br/2006-set-28/
justica_confirma_veto_video_cicarelli_internet>.
(8) See Superior Tribunal de Justiça [Superior Court of Justice] (STJ)

zoni Filho v Google and Youtube [2015] REsp 1492947 (Bra.).
Page 19 of 27

(9) See STJ Ministério Público do Estado de Rondônia v Google [2010] REsp 1.117.633/RO
(Bra).
(10) See STJ I P DA S B v Google [2010] REsp 1.193/764/SP (Bra.).
(11) ibid.
(12) See STJ Maria da Graça Xuxa Meneghel v Google [2012] REsp 1.136.921-RJ (Bra.).
(13) See STJ Segunda Turma Recursal dos Juizados Especiais Cíveis e Criminais do Estado
do Acre v Google [2013] REcl 5072-AC (Bra.).
(14) See STJ Tiago Valenti v Orkut [2011] REsp 1.175.675-RS (Bra.).
(15) See Copyright Law, art. 47 (Bra.).
(16
WILMap, 24 March 2014) <
tries/superior-court-justice-fourth-panel-google-brazil-v-dafra-special-appeal-
no-1306157sp>.
(17) See Acre v Google

cond Section of the STJ in a case concerning copyright infringement on the platform
Orkut. See STJ Botelho Indústria e Distribuição Cinematográfica Ltda v Google
sp 1.512.647-MG (Bra.).
(18 Aliandra v Orkut WILMap, 9 April

2012) <https://wilmap.law.stanford.edu/entries/aliandra-v-orkut-are-660861>.
(19
in the Brazilian House of Representatives. For a full record of the procedures in the
House, see <
cao=15028>.
(20
mittee Principles for the Governance and Use of the Internet <
coes-2009-003-en/>.
(21) See Budapest Convention <

vention>.
(22
http://bibliotecadigital.fgv.br/ojs/index.php/rda/article/view/4102>.
IDEC, 28 July 2011) <https://idec.org.br/em-acao/artigo/pl-azeredo-a-contramo-dos-

direitos-e-liberdades-na-internet>.
Page 20 of 27

(23) See CGI.br, Principles for the Governance and Use of the Internet <https://
www.cgi.br/resolucoes-2009-003-en/>.
(24) See Ministério da Cultura, Cultura Digital, Online Public Consultation for the Marco
Civil da Internet <http://culturadigital.br/marcocivil/>. See also the public consultation
mentation of the MCI. See Ministério da Justiça, Pensando o Direito, Public Consultation
on the MCI 2014 Decree <http://pensando.mj.gov.br/marcocivil/>.
(25) For further information about the Bill and its amendments in Congress, see Câmara
dos Deputados, PL 2126/2011 <
tacao?idProposicao=517255>.
(26) See Dilma Rousseff, Message 391/2013 <https://www.camara.leg.br/proposicoesWeb/

prop_mostrarintegra?codteor=1132586&filename=MSC+391/2013+
%3D%3E+PL+2126/2011>.
(27
tion to the internet, the duration thereof and the IP address used by the terminal to send
regarding the date and time of use of a particular internet application from a particular
(28) ibid. art. 15.
(29) ibid. art. 9, s 3.
(30
https://iipa.org/files/uploads/
2018/02/2018_SPECIAL_301.pdf>.
(31
Gazette 311.
(32) See MCI 2014 (n. 2) art. 7, VI and VIII.
(33) ibid. art. 7, IX.
(34) ibid. art. 7, III.
(35
Info Justice, 25 March 2014) <http://
infojustice.org/archives/32527
Page 21 of 27

ternet Policy Rev. <https://policyreview.info/articles/analysis/brazilian-approach-internet-

intermediary-liability-blueprint-global-regime>.
(36) See MCI 2014 (n. 2).
(37) ibid. art. 18.
(38) ibid. art. 19.
(39) ibid. art. 19(1).
(40) For the different types of notice and action mechanisms, see Chapter 27.
(41) See MCI 2014 (n. 2) art. 19(2).
(42) See the Digital Millennium Copyright Act of 1998, 17 USC § 512 (US); Directive (EC)
tion society services, in particular electronic commerce, in the Internal Market [2000] OJ
L178/1.
(43) See MCI 2014 (n. 2) art. 19(3).
(44) ibid. art. 19(4).
(45) ibid. art. 21.
(46) ibid. art. 21(1).
(47) Brazil holds elections every two years. During the election period, many requests to
remove content are addressed by intermediaries. This can be clearly observed on the
<https://transparencyreport.google.com/government-removals/by-country/BR?
country_request_amount=group_by:reasons;period:;authority:BR&lu=country_request_amount>.
A broad account of lawsuits seeking content removal based on the electoral law can be
found in the Ctrl-X project <http://www.ctrlx.org.br>.
(48) See lei no. 8.069 de 13 Julho 1990 [Child and Adolescent Statute (ECA) of 1990]
(Bra.).
(49) See lei no. 9.504 de 30 Setembro 1997, art. 57-B(4) (Bra.).
(50) Superior Electoral Court (TSE) resolution no. 23.551/2017, art. 33(1) (Bra.).
(51) ibid. art. 33 (3, 4, 6).
(52) See MCI 2014 (n. 2) art. 241-A.
(53) ibid. art. 241-A(1).
Page 22 of 27

(54
Am. 291.
(55) See Constitution 1998, art. 109(I) (Bra.).
(56) While all trial judges and the majority of appellate judges in both state and federal
courts are career professionals, who enter the judiciary by means of a public examination
Office (Ministério Público), state courts of appeals, and federal courts of appeals.
(57
(58
Global Stud. L. Rev. 99.
(59
mechanisms at the level of the STF).
(60) See e.g. STJ IP DA SB v Google [2010] REsp 1.193.764-SP (Bra.).
(61
Superior Tribunal de Justiça Noticias, 17 September 2017) <http://
www.stj.jus.br/sites/STJ/default/pt_BR/Comunica%C3%A7%C3%A3o/noticias/
Not%C3%ADcias/Provedores,-redes-sociais-e-conte%C3%BAdos-ofensivos:-o-papel-do-
STJ-na-defini%C3%A7%C3%A3o-de-responsabilidades>.
(62) See e.g. STJ Cristiane Leal de Oliveira v Google

cision mentions that, without the specific URL, the intermediary would have to monitor
all the content. As mentioned earlier, prior to the MCI different panels of the STJ (the
ty of identifying the URL of the infringing content. The requirement of URL identification
and fourth chambers of the court) in REcl 5.072/AC, decided on December 2013. The
fringement on the Orkut platform (REsp 1.512.647-MG, decided May 2015).
(63
search results that would violate her privacy. See STJ SMS v Google [2016] REsp
1.593.873-SP (Bra.).
Page 23 of 27

(64) See STJ Denise Pieri Nunes v Google [2018] REsp 1.660.168-RJ (Bra.).
(65
tection Regulation (the GDPR) [2016] OJ L119/1 or Directive 95/46/EC on the protection
of individuals with regard to the processing of personal data and on the free movement of
such data [2016] OJ L119/1.
(66) Other issues would include the public nature of the plaintiff (a public prosecutor, in
which does very little to provide legal certainty of the existence and applicability of a
right to be forgotten in Brazilian law. For a discussion of recent developments around the
right to be forgotten in Brazil and in the region, see Diego Werneck Arguelhes and Luiz
Roberto Gargarella (eds), The Oxford Handbook of Constitutional Law in Latin America
(OUP 2020).
(67
WILMap, 4 April 2018) <http://wilmap.law.stanford.edu/entries/lourdes-
pavioto-correa-v-facebook-do-brasil-ltda>.
(68
WILMap, 19 April 2016) <https://
wilmap.law.stanford.edu/entries/supreme-court-arguicao-de-descumprimento-de-preceito-
fundamental-4032016>.
(69) See Delgado Busnello (n. 67).
(70) ibid.
(71) ibid.
(72
Bloqueios.info, 18 November 2016)
<http://bloqueios.info/en/adi-5527-and-appblocks-a-problem-in-the-wording-of-the-law-or-
in-its-interpretation/>.
(73
Bloqueios.info, 21 November 2016) <http://bloqueios.info/
en/adpf-403-in-stf-are-whatsapp-blockings-constitutional/>.
(74) A timeline of all service blocks in Brazil and case materials is available at <http://
bloqueios.info/en/timeline/>.
(75
Page 24 of 27

(76
(77
so noting that there is no consensus among the analysed scholars on the aim of digital
constitutionalism).
(78) See Celeste ibid. for a useful critical review of the literature, as well as a proposal to
organize the debate in conceptual terms.
(79
and values that underlie those documents are, from that perspective, more important
than their formal status in the legal system. See Redeker, Gill, and Gasser (n. 31) 303.
(80) See Padovani and Santaniello (n. 75) 298.
(81
net
harder to see this document as a potential blueprint for affirming online rights in other
contexts).
(82
may aim limit the power of both public authorities and private corporations through the
(83
where private actors emerge beside nation states as potential infringers of fundamental
(84
(85) Redeker, Gill, and Gasser (n. 31) 314.
(86) See e.g. Suzor (n. 83) (for a specific analysis/application of constitutional, rule of law
values to the governance of online platforms).
Page 25 of 27

(87
(88 Marco Civil da Internet
(89) See MCI 2014 (n. 2) art. 8.
(90
(91
munications is a condition for the full exercise of the right to access to the internet. Sole
Paragraph: Contractual clauses that are in breach of the provision [caput] above are void
cy of private communications over the internet; or
(92
(93
court order, in the cases and in the manner established by law, and in compliance with
(94) See MCI 2014 (n. 2) art. 7(IV).
(95) ibid. art. 7(V).
(96) There is a Constitutional Amendment Proposal (PEC 185/2015) in Congress that, if
tion as an explicit, specific fundamental right. The proposal can be found at <http://
www.camara.gov.br/proposicoesWeb/fichadetramitacao?idProposicao=2075915>.
(97) See MCI 2014 (n. 2) art. 3(I) and 8.
(98) ibid. art. 19.
(99
Jota, 9 April 2018) <https://www.jota.info/coberturas-especiais/
liberdade-de-expressao/parodia-youtube-google-condenado-09042018> (a case involving
Page 26 of 27

the removal, by YouTube, of a parody of a copyrighted song that had been posted on the
platform).
(100) ibid. Note that the MCI includes a provision stating that art. 19 claims that involve
copyright violations will be covered by specific rules, to be enacted in the future. See MCI
infringement of copyright or related rights is subject to a specific legal provision, which

must respect freedom of speech and other guarantees provided for in art. 5 of the Federal
(101
Tribunal de Justiça do Estado de São Paulo, 3 May 2018) <http://
www.tjsp.jus.br/Noticias/Noticia?codigoNoticia=50999
TJDFT, 30 July 2018) <http://
www.tjdft.jus.br/institucional/imprensa/noticias/2018/julho/turma-mantem-condenacao-
do-facebook-por-desativar-pagina-de-deputado>.
(102) The provisions mentioned earlier can still be considered limited, in their scope, if
measured against a more ambitious normative vision of digital constitutionalism. E.g. the
MCI contains very little in terms of procedural guarantees and decision-making rules that
can shape how the platforms themselves are governed. See Suzor (n. 83) for an outline of
such a proposal. It prohibits them from violating certain substantive rights of their users,
but it does not establish specific procedures on how their norms of governance must be
created, changed, and enforced.
(104
Luiz Fernando Marrey Moncau
Luiz Fernando Marrey Moncau is a Non-Residential Fellow at the Stanford Center for
Internet and Society and a PhD from Pontifícia Universidade Católica of Rio de
Janeiro. Email: mailto:luizfmmoncau@gmail.com.
Diego Werneck Arguelhes
ucation and Research, São Paulo, Brazil. E-mail: DiegoWA@insper.edu.br.
Page 27 of 27

The Impact of Free Trade Agreements on Internet Intermediary Liability in
Latin America
termediary Liability in Latin America

Juan Carlos Lara Gálvez Alan M. Sears
tries. However, these provisions are controversial, and whether they drive the internet
economy or create a more restrictive online space is a matter of debate. This chapter
analyses the impact of such provisions in Latin American countries and the state of their
tion and proposed implementation of the DMCA model in Chile, Costa Rica and other
ic Partnership Agreement to create new intermediary liability rules and how the same
language was ultimately included in the revision of the North American Free Trade
Keywords: Latin America, safe harbours, DMCA, intermediary liability, bilateral agreements,
ments, FTAs
FREE trade agreements (FTAs) signed by the United States in the current century have
consistently included provisions attempting to harmonize copyright provisions, including
the regulation of liability for internet intermediaries for online copyright infringement.1
The regulation in those agreements follows the model established in domestic federal law
lates certain conditions for liability exemptions for internet intermediaries for acts of
copyright infringement taking place over the internet.2
The DMCA was a largely innovative piece of legislation when it became effective
(p. 173)
in 1998, and was enacted as part of the implementation of two international agreements
tion (WIPO) in 1996: the WIPO Copyright Treaty (WCT) and the WIPO Performances and
Page 1 of 21

Latin America
work so as to be able to address novel issues brought about by the information age.3
The DMCA took the broad provisions of the WIPO Internet Treaties and implemented
as
tries. However, these are controversial, and whether they drive the internet economy or
create a more restrictive online space is a matter of debate. In this chapter, the impact of
such provisions in Latin American countries will be analysed.
1. Background: Notice and Takedown in the

Dmca
The DMCA introduced a system that classifies obligations for different online service
cations (§ 512(a)); system caching (temporary storage services, § 512(b)); information

storage at the direction of users (hosting, § 512(c)); and information location tools (search
engines and directories, § 512(d)). Of these, the most important provisions in practical
terms are those aimed at hosting services (§ 512(c)).4
leged infringement,5
fringers,6 and implement measures that accommodate standard technical measures that
prevent the access or reproduction of copyrighted works.7
tification system to address challenges to takedown decisions.8
(p. 174) Safe harbours from liability for third party or UGC provide a mechanism whereby
gered by removing or blocking the allegedly infringing content from their systems, after
receiving a notice that infringing content is made available on their networks. Section
512(c) provides that OSPs are not liable for copyright infringement when they satisfy the
following legal conditions: (1) they do not receive a financial benefit directly attributable
to the infringing activity; (2) they are not aware of the presence of infringing material or
know any facts or circumstances that would make infringing material apparent; and (3)
move the purported infringing material.
ability exemption is triggered by (a rightholder) providing knowledge through ([effective]
Page 2 of 21

Latin America
ceiving a mere private communication, even an electronic one. This has led to a large
number of notifications,9 and the automation of both the notification and the removal
processes.10 As a result, both purposeful or inadvertent notifications have resulted in
some criticism of actors abusing automated processes to remove or block non-infringing
content.11
The DMCA system is, in effect, the set of rules under which platforms that disseminate
UGC, such as YouTube or Facebook, have functioned for a long time in the United States,
with content removals based on private notices of infringement happening every second,
ship in the United States and abroad has criticized the DMCA provisions. The criticisms
can be categorized as either general criticisms of the legal framework or criticism of its
practical application,12 including the transparency and accountability regarding the legal
merit of the requests, leading to unfair removal of lawful content en masse.13 Many, if not
most, of these takedowns are automated, and are in fact generated (p. 175) by bots,14
which may have contributed to the dramatic increase in takedown notices seen over
time.15
ternet companies, as a balanced approach to internet regulation.16 Moreover, there are

arguments that it is not a sufficiently strict model to prevent or deter infringement, and
that more tools for copyright holders are needed.17 Its adoption, twenty years after its
passage, is still a matter of debate.
2.
down Provisions
The DMCA model for notice and takedown was exported through FTAs signed between
the United States and many other countries, including several in Latin America.18
clusion of intellectual property frameworks is a reflection of the overall strategy of the US
government to use FTAs to further its goals.19
other forum, the World Trade Organization, a less egalitarian venue for participating
countries. These negotiations happened shortly before the WIPO Internet Treaties, and
led to the signature of the Agreement on Trade-Related Aspects of Intellectual Property
Rights (TRIPs) in 1994. But after developing countries demanded flexibility to implement
ment protection agreements and FTAs.20
Page 3 of 21

Latin America
What could not be obtained in multilateral fora could be achieved through FTAs.
(p. 176)
To that end, the Bipartisan Trade Promotion Authority Act of 2002 was passed,21
ilar to the earlier Trade Act of 1974,22
ment to negotiate and sign FTAs as congressional-executive agreements (which need the
majority vote of each house of Congress)23
proval of two-thirds of the US Senate, as mandated by the US Constitution).24
own industries.25
ated several FTAs later signed by the US government, all of them containing intellectual
property provisions that mirrored US law to varying degrees of detail, including internet
ed States signed such agreements with Chile (2003), CAFTA-DR (Costa Rica, El Salvador,
Guatemala, Honduras, Nicaragua, and the Dominican Republic, 2004), Peru (2006),
Colombia (2006), and Panama (2007). Although the agreements are currently in force,
their complete implementation in most cases is pending.
the power of the executive to promote trade through 2021, with slight additions to the
visions.
3.
ty Provisions in Latin America
Provisions demanding the implementation of rules similar to those of the DMCA already
ica. However, because these agreements usually cover large portions of each (p. 177)
fact that even intellectual property revisions include a large range of subject matter (e.g.
ment mechanisms and penalties), intermediary liability provisions are generally not
among the aspects of implementation given priority.
Page 4 of 21

Latin America
Notwithstanding the amount of detail that the FTAs include for the regulation of these
cussed further later, more recent efforts by the USTR have attempted to prevent such
visions without further delay. One of the most frequent tools of pressure by the USTR is
its annual Special 301 Report, published since 1989, that reviews intellectual property
enforcement in foreign countries, in order to highlight those that in its view do not offer
enough protection for intellectual property holders from the United States, and to explain
26
3.1 A Comparison of Provisions on Effective Notice in FTAs with Latin

American Countries
diary liability provisions appear as virtually identical to those in the DMCA: the OSP must
expeditiously remove the materials upon notification, there must be a publicly designated
representative to receive notifications, the OSP must adopt a policy for repeat infringers
tor copyright infringement, among other obligations. The text in all of the provisions is
low in Table 9.1.
gotiating parties, included text with a slight variation even more in line with US law. The
TPP, which included Chile, Mexico, Canada, the United States, and eight other countries
around the Pacific Ocean, represented an attempt by the United States to establish rules
ment.27 The internet intermediary liability provisions were strongly promoted (p. 178)
(p. 179) by the USTR ever since entering the negotiations on behalf of the United States in
sion of the text.35 The TPP had a long, controversial history, including harsh indictments
of its internet intermediary liability provisions.36
tion,37
lectual property provisions, as discussed in the following section. Notwithstanding the
failure of the TPP to create new intermediary liability rules, the same language was again
38
Page 5 of 21

Latin America
Table 9.1 Provisions on actual knowledge of infringement in free trade

agreements with the United States
Chile (c) With respect to functions (b)(iii) [hosting] and (iv)

[search engines], the limitations shall be conditioned on
work upon obtaining actual knowledge of the infringement

or becoming aware of facts or circumstances from which
tive notifications of claimed infringement in accordance

with subparagraph (f) [minimum notice requirements];
28
(v) With respect to functions referred to in clauses (i)(C)

TA-DR [hosting] and (D) [search engines], the limitations shall be
removing or disabling access to the material residing on

its system or network on obtaining actual knowledge of
stances from which the infringement was apparent, such

as through effective notifications of claimed infringement
29
Peru (v) With respect to functions referred to in clauses (i)(C)

[hosting] and (D) [search engines], the limitations shall be


30
Page 6 of 21

Latin America

bia [hosting] and (D) [search engines], the limitations shall be


31

ma [hosting] and (D) [search engines], the limitations shall be


32
TPP (a) With respect to the functions referred to in paragraph

(2016) 2(c) [hosting] and paragraph 2(d) [search engines], these
conditions shall include a requirement for Internet Service
fringement is apparent, such as through receiving a notice

of alleged infringement from the rightholder or a person
33
(a) With respect to the functions referred to in paragraph

CA 2(c) [hosting] and paragraph 2(d) [search engines], these
conditions shall include a requirement for Internet Service
fringement is apparent, such as through receiving a notice

of alleged infringement from the rightholder or a person
34
Page 7 of 21

Latin America
guage in prior trade agreements is the explicit specification of the source of the effective
notice in the TPP and the USMCA. While previous agreements did not mention where the
notice could come from (thus allowing for flexibility to, for instance, require a judicial or
administrative notice), the TPP and the USMCA make it clear that such a (p. 180) notice
cause of this small but important change in the position of the USTR might be explained
ca, examined later.
3.2 Completed Implementation
Only two countries in Latin America have completed the process of implementing their
FTA obligations concerning intermediary liability for copyright infringement: Chile and
Costa Rica.
3.2.1 Chile
In Chile, safe harbour for online copyright infringement was implemented in May 2010
through Law No. 20,435, which modified large portions of the existing copyright law. The
draft bill, introduced in April 2007, was perceived by the executive (in charge of drafting
ber of limitations and exceptions to copyright claims along with new rights and tools for
rightholders.39
With regards to internet intermediary liability, Chilean law mostly follows the structure
cludes an obligation for service providers to actively monitor content.40
sively as intermediaries from liability.41
ing on whether the entity is: (1) transmitting, routing, or connecting; (2) caching through
tion tools (search engines), including hyperlinks and directories.42 In general, (p. 181)
caching and hosting providers are required to establish a policy to terminate the service
of repeat infringers, not interfere with technological protection measures, and not be in
formation to receive copyright infringement notices.
Page 8 of 21

Latin America
CA model, lies in the triggers for secondary liability exemption.43
mented, as must be the copyright holder, infringing content, type of infringement, and its
quired to expeditiously remove or block content from its systems only when such judicial
court order to remove or block content is received.44
cation.
tation, but they do not hold nearly as much weight as in the United States. Private notices
45
but it does not create a legal obligation to either
remove content or stop providing services to the alleged infringer.46
gress, where alternative models to judicial enforcement were rejected.47 After its entry
ficient way to protect the interests of copyright holders. Since 2010, the USTR has kept
48
clusions of the Special 301 Report or dismissed it as a unilateral instrument, outside the
dialogue mechanism created in the FTA.49
(p. 182) A compromise was reached on the TPP that could redirect to an implementation
taken as a success by Chile to retain its system (as Canada also did in Annex 18-E),50 it
must be noted that the language does not make it explicit that the current law in Chile is
seen as a sufficient implementation of the bilateral FTA.
3.2.2 Costa Rica
tation of the internet intermediary liability provisions by approving Executive Decree No.
36,880 in December 2011.51 Interestingly enough, its validity as an act implementing
CAFTA-DR is troubling for two reasons. First, as an executive order, it does not have the
hierarchical status of a law within the Costa Rican system, and it was not the subject of
Congressional debate. Secondly, the Decree limits its own reach from the outset. Article 2
Page 9 of 21

Latin America
limits its applicability to the service providers that voluntarily submit themselves to its
rules, while also establishing measures to address potential copyright infringement.
tinguishing between providers of services of connection and routing, caching, hosting,

and linking or referencing (including search engines).52 It does not require monitoring of
infringing activities, notwithstanding those ordered by a court of law or those made
through use of technological protection measures.53 It establishes general conditions for
liability exemptions, and requires, inter alia, the service provider: (1) to have a policy to
erencing services).54
tion. Liability limitations apply to hosting providers and search engines that expeditiously
remove or block access to allegedly infringing content, at the time of:
obtaining actual knowledge of the infringement or noticing the facts [or circumstances,
ceived according to Article 11 [containing notice requirements within a collaborative
moval of content or blocking of access to it.55
In other words, actual knowledge comes either by fact or circumstances that stem from a
court order (as in Chile) or from a private notice (somewhat similar to the United (p. 183)
cial enforcement and a collaboration procedure.
The first system in the Decree resembles proper judicial enforcement. The rightholders or
tent and form of infringement, as well as its location on the networks or systems of the
propriate measures such as cancelling the account, removing or blocking the content
identified as infringing, or other measures deemed necessary as long as they are the least
costly option for the service provider.56
In the second of these schemes, the collaboration procedure, rightholders can send a
written sworn statement to the service provider (for caching, hosting, and indexing) if
their rights under copyright law are infringed. The service provider has up to fifteen days
to determine whether it requires additional information from the copyright holder. After
this period, the service provider must send a notice to the content provider (the user)
within thirty days of the first notice. The content provider has fifteen days to voluntarily
remove the infringing content or file a counter-notice to the copyright holder. If the user
Page 10 of 21

Latin America
system.57
given a chance to file a counter-notice, unless the rightholder has informed the service
provider it will commence judicial proceedings against the alleged infringer.58
rounding the upload.
3.3 Pending Implementation
Of all the other Latin American countries with FTA obligations for internet intermediary
liability provisions, only Colombia has officially attempted to pass an implementation act.
(p. 184)
subject of several failed attempts to implement copyright-related provisions. Each one of

59
The USTR objected to
(OECD), because of its outstanding and unimplemented copyright obligations.60
The first attempt to implement the internet intermediary liability provisions of the CTPA
came through Bill No. 241 of 2011.61 The Bill contained language largely similar to that
found in the FTA. The sponsors of the Bill attempted a quick turnaround in Congress, and
an open public discussion of its contents was avoided.62
lowed the DMCA model of notice and takedown, with a private notice required to trigger
removal of content and activate limitation of liability for intermediaries. After a quick
committee discussion and approval, some criticism over its likely unconstitutionality, and
strong public outcry,63 the Bill was archived in November 2011. Subsequent attempts at
parts of the law and did not include internet intermediary liability provisions.
The USTR attempted to reduce flexibility in the intermediary liability framework of the
CTPA. A side letter signed on 22 November 2006, the same date as the signature of the
64
both parties (represented by the USTR and the Colombian Minister of Commerce) to be
65
The commitment under the CTPA to adopt the necessary legislation was scheduled to be
completed by May 2013. As a result of this failure in implementation, the USTR placed
Page 11 of 21

Latin America
provisions,66
(p. 185) A similar situation occurred in Peru
tween the parties that would in essence become part of the agreement.67 The same text
appeared years later in the February 2011 text of the TPP, as part of the proposal by the
United States for an ISP Side Letter. Almost identical content may be found in similar side
letters additional to FTAs already signed with Singapore (2003), Australia (2004), Bahrain
(2004), Morocco (2004), and Oman (2006). However, the PTPA framework, including its
intermediary liability rules therein. By the end of 2018, there had been no movement
through legislative or executive action to implement those FTA provisions.
troduced draft bills in their respective legislatures, nor signed new executive decrees.
isting FTA commitments, and whether those efforts will face resistance.
3.4 The Current Promotion of the DMCA Model in FTAs
nents. It was initially signed by Chile, Peru, and Mexico, and another nine countries.68 At
the time Peru joined the negotiations for the TPP, it had yet to implement the DMCA-like
provisions included in its earlier FTA with the United States. Mexico, on the other hand, it
did not have any pre-existing obligations despite being a signatory to NAFTA with the
United States. The TPP may have represented a renewed effort by the United States to
clude Mexico.
The withdrawal of the United States from the TPP in early 2017 was thought to derail the
deal; it was the largest party in the agreement and a force driving the negotiations.69
cific Partnership (CPTPP), which notably suspended Article 18.82: Legal (p. 186)
dies and Safe Harbours.70

terest in joining the agreement,71
Page 12 of 21

Latin America
gotiation of the TPP within NAFTA presented the US government with an opportunity to
promote its DMCA system among its neighbours. The DMCA model had already been
representatives promoting its inclusion in the revised NAFTA.72 Although it appeared that
the United States was willing to move forward on a bilateral trade deal with Mexico that
included provisions on intermediary liability,73 Canada was able to agree to terms in late
74
The final version
dies and Safe Harbors.75

ty provisions,76 only Mexico must implement this article within three years of the
77
The USMCA marks a return to a mandatory counter-notice (and put-back) provisions

found in the bilateral FTAs,78 whereas under the TPP it was optional.79
takenly removed or disabled, the service provider must restore material upon receipt of a
ates civil judicial proceedings within a reasonable amount of time.80 Under the (p. 187)
TPP, this provision applied only if a state party already had a similar system for counter-
notices in domestic law.
Mexico has ratified the agreement, while Canada and the United States have yet to do so.
While the ratification of the agreement in the United States was in a state of flux,81 after
a number of amendments, the agreement is set to be ratified, and Canada is expected to
follow suit.82
4. The Convenience of the Dmca Approach for

Notice and Takedown in Latin America
ests of copyright holders, as well as the users uploading that content, and the public in
general.83 The liability model established by the DMCA relies on a safe harbour system in
ary in order to see content removed from the internet, so that the service provider can be
exempted from secondary liability for copyright infringement on its network or systems.
ly in Latin American countries, but also in the rest of the world. The first reason is the
ican countries, which have very different concerns, economies, and development goals
than the United States.84
guage, well beyond the WIPO Internet Treaties framework), while advancing the interests
of US industries, have effectively limited the potential of national policies in broad areas
such as intellectual property.
Page 13 of 21

Latin America
nisms, and the legitimate interests of internet users that may be affected. In other
(p. 188) words, DMCA-like rules would come to establish rules for easy content removal,
pen through trivial acts not covered by balancing provisions such as copyright limitations
and exceptions or the fair use doctrine, which are not equally promoted in FTAs.85
Enhancing exclusive rights and enforcement mechanisms, without counterweights in the
mate purposes such as expression or education.
This criticism of the DMCA shows that it remains a controversial piece of legislation. As
man rights principles. Otherwise, its transposition into very different legal and cultural
counting for national context or input from local stakeholders.86
Participation in these negotiations and implementation processes remains a sore point.
bate in the United States, whereas the growing demands for certain provisions through
FTAs leaves little room for input from local stakeholders or different interest groups, both
in FTA closed-door negotiations and in their implementation by legislatures. The strong
sion of the viewpoints of relevant stakeholders and public interest representatives,87

while interest groups from the US intellectual property industries had far more access to
the negotiators.88 This lack of transparency not only creates problems for the substance
of internet intermediary liability provisions, but for democratic debate itself as the source
of the rules that govern societal relations.
Finally, the importance of the need for balance cannot be downplayed. Beyond copyright
cise, via the internet, of fundamental rights recognized in international human rights law
demands a higher level of participation, democratic debate, and risk-assessment analysis
to allow for better informed public policy.
Page 14 of 21

Latin America
CA. However, it is questionable whether implementing the DMCA model is ideal for Latin
American countries, and whether it should form part of future FTAs.
of the supposed damage to the copyright industries in the countries where this rhetoric is
promoted. In addition, there is no consensus as to whether the DMCA is the best model
bate opens questions regarding the legitimacy of the democratic processes that might be
intermediary liability regime were implemented in the same manner as in the United
States.
Notes:
(1) These include free trade agreements with Chile (2004), Singapore (2004), Bahrain
(2006), Morocco (2006), Oman (2006), Peru (2007), Costa Rica, El Salvador, Guatemala,
Honduras, Nicaragua, and the Dominican Republic (2005), Panama (2012), Colombia
(2012), and South Korea (2012).
(2) The DMCA also regulates the circumvention of controlled access to copyrighted
works. Third party content posted online, outside copyrighted material, continues to be
acted shortly before the DMCA with the explicit goal of promoting internet development.
Section 230 of the CDA gives internet intermediaries complete immunity for third party
or user-generated content (UGC), immunizing ISPs and internet users from liability for
torts committed by others using their website or online forum, even if the provider fails to
take action after receiving actual notice of the harmful or offensive content. It also gives
technical means to restrict access to that material, without receiving requests to do so.
(3
Minnesota Legal Studies Research Paper 30/09 (2009) <
stract=1433848>.
(4) For a detailed analysis of the characteristics and trends of the notice-and-takedown
system, with a close view of the content of the notices, see Jennifer Urban and others,
2755628 (2017) <https://ssrn.com/abstract=2755628>.
(5) 17 USC § 512(c)(2) (US).
(6) ibid. § 512(i)(1)(A).
(7) ibid. § 512(i)(1)(B).
(8) A counter-notification system would be put in place to contest the removal of content,
in order to restore it, if the original uploader challenges the content of the notice.
Page 15 of 21

Latin America
(9) See Urban and others (n. 4).
(10
(11) A database of exemplary cases of content removal, with a large portion of cases of
non-infringing content removed on copyright grounds, is the Lumen Database, which can
be found at <https://www.lumendatabase.org>.
(12
Paper no. 2757197 (2016) <https://ssrn.com/abstract=2757197>.
(13
lion notices sent by one submitter, 99.97 per cent of the related URLs were not in
Michaelgeist.ca, 22 February 2017) <http://

www.michaelgeist.ca/2017/02/bogus-claims-google-submission-points-to-massive-fraud-in-
search-index-takedown-notices/>.
(14) See Urban and others (n. 4).
(15
1: Takedown Notices by Recipient and Year).
(16
Wired, 27 October 2008) <https://www.wired.com/2008/10/ten-years-later>.
(17
similar debate has occurred in Europe, resulting in the passage of a Copyright Directive
The Verge, 26 March

2019) <https://www.theverge.com/2019/3/26/18280726/europe-copyright-directive>.
(18 https://
ustr.gov/trade-agreements/free-trade-agreements>.
(19
of US Initiatives in Latin America, the Asia-Pacific Region, and the Middle East and North
(20
The Wealth of the Commons
(Levellers Press 2012).
Page 16 of 21

Latin America
(21) See 19 USC c.24 (US).
(22) See 19 USC § 2101.
(23
Congressional Research Service, 15
April 2013) <https://fas.org/sgp/crs/misc/97-896.pdf>.
(24) See US Constitution, Art. II, Section 2(2).
(25) See Vivencio Ballano, Sociological Perspectives on Media Piracy in the Philippines
and Vietnam
(26) See USTR, 2018 Special 301 Report <

ports/2018%20Special%20301.pdf
rious IPR deficiencies that warrant increased attention concerning the problem areas,
International Trademarks and Copyright:

Enforcement and Management (ABA 2004) 20.
(27
(35
Keionline, 10 March 2011) <https://
www.keionline.org/21511>.
(36
(37
New York Times, 23 January 2017). <
tics/tpp-trump-trade-nafta.html>.
(38) This agreement is known as CUSMA in Canada, and T-MEC in Mexico.
(28
(29
DR), Art. 15.11, subsection 27.
(30
(31
(32
(33) Trans-Pacific Partnership Agreement, Art. 18.82, subsection 3.
Page 17 of 21

Latin America
(34
thentication.
(39
ment Policy Brief 12 (2011) <http://ictsd.org/i/publications/120938>.
(40) See Law no. 17, 336, Art. 85 P (Chile).
(41
Bertoni (ed.), Towards an Internet Free of Censorship: Proposals for Latin America
(Centro de Estudios en Libertad de Expresion y Acceso a la Informacion (CELE) 2011) 18.
(42) It should be noted that the same provider could fall under any one of the categories,
so long as the activity at the time fits the description.
(43
(44) See Law No. 17,336, Art. 85 Ñ (Chile).
(45) The International Federation of the Phonographic Industry sent such notices to be
forwarded by the thousands in 2013, explicitly mentioning Art. 85 U of the Intellectual
FayerWayer, 30 July 2013) <http://www.fayerwayer.com/2013/07/ifpi-envia-4-000-

notificaciones-por-usar-p2p-a-usuarios-de-internet-en-chile>.
(46) See Law No. 17,336, Art. 85 U (Chile).
(47) See Cerda Silva (n. 43).
(48) See USTR (n. 26) 62.
(49
<https://www.direcon.gob.cl/2016/04/declaracion-oficial>.
(50
Stuart Trew (eds), (Lorimer
(51
sponsabilidad de los proveedores de servicios por infracciones a Derechos de Autor y
Conexos de Acuerdo con el Artículo 15.11.27 del Tratado de Libre Comercio República
Page 18 of 21

Latin America
(52) ibid. Art. 7.
(53) ibid. Art. 5.
(54
(55) ibid.
(56) ibid. Art. 18.
(57
Freedom of Expression (OSRFE), Freedom of Expression and the Internet (31 December
2013) § 109 <https://www.oas.org/en/iachr/expression/docs/reports/
2014_04_08_internet_eng%20_web.pdf>. This system is already in place in Canada and
down provisions present in both the failed TPP and in the USMCA.
(58) Executive Decree 36880 (n. 51) Art. 15 (CR).
(59
plementing obligations against the circumvention of technological protection measures

that prevent access to or reproduction of copyrighted works.
(60 Financial Times, 25 May

2018) <https://www.ft.com/content/1f685c14-6031-11e8-ad91-e01af256df68>.
(61) See Proyecto de Ley 241 de 2011 (Col.).
(62) See Marcela Palacio Puerta, Derechos de autor, tecnología y educación para el siglo
XXI: El tratado de libre comercio entre Colombia y Estados Unidos
(63
Paper 4/2013 (2013) <https://www.karisma.org.co/wp-content/uploads/2013/04/

Paper1ElCasoLeyLlerasResumen.pdf>.
(64
ments/fta/colombia/asset_upload_file491_10144.pdf>.
(65) ibid.
(66) See USTR (n. 26) 10.
(67 https://ustr.gov/sites/default/files/uploads/agreements/
fta/peru/asset_upload_file437_9548.pdf>.
Page 19 of 21

Latin America
(68) The original parties were Australia, Brunei, Canada, Chile, Japan, Malaysia, Mexico,
New Zealand, Peru, Singapore, Vietnam, and the United States.
(69 CNBC, 3 April 2018) <https://www.cnbc.com/

2018/04/03/what-is-the-tpp.html>.
(70) See Comprehensive and Progressive Agreement for Trans-Pacific Partnership, Annex
7(k) <
ment-for-Trans-Pacific-Partnership-CPTPP-English.pdf>. It should be noted that the treaty
needs six ratifications to come into effect, and currently there are only three.
(71 BBC News, 13 April 2018) <https://

www.bbc.com/news/business-43747211>.
(72
(2017) <https://internetassociation.org/wp-content/uploads/2017/06/Modernizing-NAFTA-
White-Paper.pdf>.
(73
Wall Street Journal, 25 September 2018) <https://www.wsj.com/articles/nafta-deal-
could-move-ahead-with-only-mexico-according-to-u-s-trade-representative-1537888570>;
Agreement <https://ustr.gov/about-us/policy-offices/press-office/fact-sheets/2018/august/
united-states%E2%80%93mexico-trade-fact-sheet-1>.
(74
CBC News, 30 September 2018) <https://www.cbc.ca/news/
politics/nafta-finale-sunday-deadline-trump-1.4844623>.
(75) See USMCA, Art. 20.J.11, subsection 3(a).
(76) See Canada meets the requirements of Annex 20-A to be exempt.
(77) See USMCA, Art. 20.90, subsection 3(g).
(78
29(b)(x).
(79) cf. USMCA, Art. 20.J.11, subsection 4 with the TPP, Art. 18.82, subsection 4.
(80) This time period is determined according to domestic laws or regulations.
(81
CNBC, 21 November 2019) <https://www.cnbc.com/2019/11/21/pelosi-
neal-and-lighthizer-do-not-reach-deal-on-trump-uscma-agreement.html?
&qsearchterm=usmca
Washington Post, 29 March 2019) <https://
Page 20 of 21

Latin America
winds-on-capitol-hill/2019/03/29/ef5b0d0c-5178-11e9-88a1-ed346f0ec94f_story.html>.
(82
https://
www.washingtonpost.com/us-policy/2020/01/16/senate-approves-new-usmca-trade-deal-
with-canada-mexico/>.
(83) See Cerda Silva (n. 43).
(84) See Pedro Roffe and Maximiliano Santa Cruz,

tainable Development: A Survey of Major Issues (Economic Commission for Latin America
and the Caribbean 2007).
(85
Scholarly Paper no. 2689251 (2015) <https://ssrn.com/abstract=2689251>. In the TPP, it

was only after a high level of public pressure that some degree of balance was introduced
to the text of the agreement. However, its length and detail is minuscule compared to the
provisions enhancing the rights of IPRs.
(86) See e.g. Cecilia Lerman, Impact of Free Trade Agreements on Internet Policy, a Latin
America Case Study (Internet Policy Observatory 2015) 25 <http://repository.upenn.edu/
internetpolicyobservatory/12>.
(87
Public Citizen, 4 March 2013) <https://www.citizen.org/our-work/globalization-
and-trade/more-400-civil-society-groups-write-congress-tpp-and-fast>.
(88
Juan Carlos Lara Gálvez
juancarlos@derechosdigitales.org.
Alan M. Sears
Law and Digital Technologies. Email: a.m.sears@law.leidenuniv.nl.
Page 21 of 21

Immunity
Eric Goldman
States. In particular, it reviews 47 USC § 230, which says that websites and other online
quences for the internet and our society. After reviewing pre-section 230 law and case
in
how section 230 compares to some foreign counterparts.
Keywords: United States, section 230, online intermediaries, immunities, freedom of speech
47 USC § 230 says that websites and other online services are not liable for third party
traordinary consequences for the internet and our society. This chapter provides an
overview of section 230 and how it compares to some foreign counterparts.
1. Pre-Section 230 Law
inator is not legally responsible for third party content it had to disseminate.1 In contrast,
tion, choose to publish.
Page 1 of 19

With respect to third party content, many online intermediaries do not closely resemble
either common carriers or traditional publishers. Unlike offline publishers, many online
intermediaries do not have humans pre-screen online content before disseminating it.
(p. 156) The volume of content often makes pre-screening too expensive or slow;3 and pre-
screening is effectively impossible for real-time content like live-streamed video. At the
same time, most online intermediaries are not legally defined as common carriers,4 and
regulators expect them to routinely refuse services that support abusive, objectionable,
or criminal outcomes.5
ity principles? Before Congress enacted section 230, two cases addressed this issue.
The first was Cubby v CompuServe, a 1991 case from the Southern District of New York.
At the time, CompuServe provided its subscribers with dial-up access to its network plus
scribers per minute they were online, and CompuServe could share a portion of those
subscriber charges as licence fees to content publishers.
CompuServe had a licensing arrangement to carry a third party newsletter called

morville. Rumorville
servers. CompuServe employees did not pre-screen these uploads.
Perhaps not surprisingly (given its name), Rumorville was accused of defamation. The
plaintiff sued CompuServe and others. The court dismissed CompuServe,6 holding that
Rumorville, not as the
publisher, and therefore could be liable only if it knew or had reason to know of the
defamatory content. Due to Rumorville
scienter.
able for third party content whenever it knew, or should have known, of the defamation.
where aggrieved individuals can easily remove content by making unfounded allegations
of defamation.7 Cubby also left unresolved what should happen with claims other than
defamation or when humans pre-screen third party content before publication.
Nevertheless, the Cubby

line intermediaries chose to take a light-handed approach to moderating or removing
cipient of third party content.
The second pre-section 230 ruling shook up that practice. The 1995 New York
(p. 157)
state court case of Stratton Oakmont v Prodigy involved the online message boards of
Prodigy, a CompuServe competitor. A subscriber allegedly posted defamatory remarks
about Stratton Oakmont, an investment bank subsequently depicted unfavourably in the
Page 2 of 19

movie Wolf of Wall Street.8 The investment bank sued Prodigy for $100 million. The court
move objectionable content from its message board. The court said that collectively these
content and exposed it to liability.9
1.1
pornography.10 Congress wanted and expected online intermediaries to aggressively

screen out pornography and other objectionable content.11 It would be counterproductive
for the law to deter online intermediaries from taking these socially valuable steps.
Arguably, the Stratton Oakmont ruling did exactly that. According to Stratton Oakmont,
ing legal exposure for each and every missed item.
12
Stratton Oakmont
mediaries to choose between:
moderate or remove user content to promote a safe or family-friendly environment,
vice will manage by aggressively screening/removing third party content to mitigate
do as little as possible to manage user content, in which case it can argue that it does
escape legal exposure for that content.
cause it would lead to more children being exposed to pornography online. However,
(p. 158) following the Cubby and Stratton Oakmont cases, many online intermediaries
able content.
tion 230 was intended to overrule Stratton Oakmont

which have treated providers and users as publishers or speakers of content that is not
13
Page 3 of 19

2.
treated as the publisher or speaker of any information provided by another information

14
This translates into three prima facie elements of the immunity.
(1)
15
tions of CompuServe, Prodigy, America Online, and other mid-1990 services that
packaged dial-up internet/server access with access to proprietary content. However,
able through the internet.16

should, in theory, cover everyone who is a customer of a provider.17 This means, in
practice, that everyone online should satisfy this first element.
(2)
18
ally read this element more broadly so that it applies regardless of whether the
courts find this element satisfied whenever the plaintiff seeks to hold the defendant
responsible for third party content, regardless of which specific causes of action the
plaintiff actually asserts, unless the claim fits into one of the statutory exceptions.19
(3)
of content into first party and third party content, and defendants are (p. 159)
nized only for the latter. Sometimes, the division between first party and third party
tent;20 user-submitted content normally qualifies as third party content. However,
fairly obviously third party content.
A recap of these three prima facie elements: typically, section 230(c)(1) applies to anyone
connected to the Internet for any claim (other than statutorily excluded claims) that is
based on third party content. In other words, websites and online services are not liable
for third party content.
content that we have seen in the copyright context with the Digital Millennium Copyright
21
fendant does human pre-screening or post-publication reviews of third party content. This
Page 4 of 19

means section 230(c)(1) is equally available to a service that exercises the same level of
al publishers and common carriers. Section 230(c)(1) says that online intermediaries can
function like traditional publishers but receive the favourable legal treatment of common
carriers. As you can imagine, this counterintuitive result frequently baffles plaintiffs and
occasionally baffles judges.
ued by defendants for its procedural benefits.22 Frequently, section 230(c)(1) defendants
win on a motion to dismiss. In those situations, the case ends quickly and at relatively low
not work, so creative plaintiffs cannot artfully plead past a motion to dismiss. Contrast
the quick and easy section 230(c)(1) dismissals with the often-arduous defence wins in
section 512 cases.23
dants.
(p. 160) Online intermediaries also can benefit from the section 230(c)(2) safe harbour.
24
structions (e.g. providing anti-spam or anti-spyware software).25 Compared to section

230(c)(1), online intermediaries take advantage of section 230(c)(2) relatively rarely for
several reasons.
ware vendors.26 This functionally eliminated lawsuits by software manufacturers who

were aggrieved that their software had been classified as spyware.
tent item will not be significant enough for an aggrieved uploader to sue, but there are
exceptions. For example, if a record label puts a lot of money behind marketing the
ments may be wasted.27
sions such as termination for convenience, a disclaimer of any obligation to publish (or
and more. Section 230(c)(2) could be a helpful complement to the contract

protections,28 but it is rarely essential.
Unlike section 230(c)(1), section 230(c)(2) considers whether the defendant acted in
even if the plaintiff does not actually have any evidence to back up the allegation.
These unsupported allegations increase the odds that the case will survive a motion to
Page 5 of 19

suming proposition. If defendants can find a way to defeat the lawsuit on a motion to
2.1
Section 230 has four statutory exclusions where it is categorically unavailable.
(p. 161)
(1)
on the Electronic Communications Privacy Act or state law equivalents.29
taneously violate the ECPA and qualify for section 230.

(2)
30
is more complicated than it might appear.

In Perfect 10 v CCBill,31 the Ninth Circuit held that the exclusion only applied to
eral IP claims, so section 230 pre-empted all state
clude state trade mark claims, state copyright claims, trade secret claims, publicity
right claims, and possibly others. Thus, in the Ninth Circuit, the CCBill precedent has
been used numerous times in lawsuits predicated on third party state IP claims.32
Courts outside the Ninth Circuit do not agree with the CCBill ruling,33 so state IP
claims are still viable in those jurisdictions despite section 230.
All courts agree that federal IP claims, such as federal copyright and federal trade
mark claims, based on third party content are clearly excluded from section 230.
However, Congress expressly said the Defend Trade Secrets Act (DTSA), the federal
trade secret law, is not an IP law, so any DTSA claims based on third party content
are immunized by section 230.34
(3) Federal criminal prosecutions. Prosecutions of federal crimes are not immunized
by section 230.35 The US Department of Justice (DOJ) rarely pursues websites for
third party content, but the exceptions are noteworthy. For example, in 2007, Google,
Yahoo, and Microsoft paid a total of $31.5 million to settle complaints about running
illegal gambling ads.36 In 2011, Google paid $500 million to settle complaints about
running ads for illegal pharmacies.37
tence.38
While federal criminal enforcement is excluded from section 230, civil claims based
on federal criminal law are pre-empted to the extent they are predicated on (p. 162)
third party content.39
tent.40
Page 6 of 19

(4) FOSTA. In 2018, Congress created several new exceptions to section 230 in the
Fight Online Sex Trafficking Act (FOSTA). Those exceptions are beyond the scope of
this chapter.41
3.
dia. Indeed, section 230 is the quintessential exceptionalist statute from the mid-1990s
exceptionalism peak.42
example:
Scenario A
letter contains defamatory statements. The newspaper publishes the letter in its
the letter author.43
Scenario B: the same author submits the same letter to her local newspaper, but
the local newspaper only publishes the letter in its online edition, not in its print
edition. The author will still be liable, but section 230 protects the newspaper
from liability.
tains the exact same content, by the exact same author, disseminated by the exact same
publisher, yet the liability results diverge. As the maxim goes, the medium matters.44
line publishers over offline publishers by giving online publishers more favourable legal
tion costs and post-publication financial exposure. These legal and financial (p. 163)
nopolies in their local communities45 and many online publishers of third party content
were small hobbyists.46 But in the modern era, where internet giants like Google and
Facebook are among the most highly valued companies in the world47
pers are struggling to survive,48
terintuitive.
level of editorial control to reflect the needs of their community. Other services can adopt
tions for authors and readers. More importantly, new marketplace entrants do not need to
make the same upfront investments into content moderation that Google and Facebook
make. If new entrants had to develop industrial-grade content moderation procedures
Page 7 of 19

Google and Facebook.
ants like Google and Facebook, but they are completely mistaken. Google and Facebook
can afford to accommodate new regulatory obligations in ways that new entrants cannot.
enhances
ist privilege,49
benefit from.
Another common complaint is that section 230 legally authorizes online intermediaries to
do nothing about problematic content, which is what every profit-maximizing (p. 164)
vice will choose to do. Accordingly, the critics believe section 230 facilitates the creation
50
that is, services that solicit, and profit from, anti-social content.
It is true that section 230 protects all services from liability for third party content, even
tion. Why?
As a practical matter, cyber cesspools tend to quickly fail in the market, despite section
51
More recently, Yik
52
It turns
ments. People will always keep trying to build them, but section 230 does not ensure their
survival.
In contrast, any reputable service will invest in content moderation efforts as part of
building trust with their users. These services will not just do the minimum.
mate online intermediaries voluntarily undertake socially valuable efforts to screen out
ciety-wide increase in anti-social behaviour due to the services that opt for the do-nothing
approach.53
Page 8 of 19

option.
online services and hold online services liable for all third party content they publish. This
matically reduce the level of anti-social content, but it also would eliminate many of the
For example, imagine how Twitter might work with human-pre-screened tweets. If
(p. 165)
Twitter could even afford to stay in business due to the labour costs, all tweets would
have a delay of minutes, hours, or longer. There might still be some social role for a time-
vices we enjoy daily that would not make any sense financially or functionally if humans
had to pre-screen each item of content, with a substantial time delay to publication.
tion 230 strikes a balance between promoting innovation and motivating industry players
to voluntarily undertake socially valuable screening efforts. Its results are stunning: aided
in large part by section 230, the internet has grown into an integral part of our society,
companies have created trillions of dollars of economic wealth and millions of new jobs,
and we have benefited from new services and content that never would have emerged
with a different liability regime. Most people benefit from section 230-protected internet
services on an hour-by-hour or even minute-by-minute basis.
4. Comparative Analysis
Canada Agreement (USMCA)), agreed to in 2018, requires Canada and Mexico to adopt
section 230-like protections.54 This creates the possibility that North America will move in
a direction opposite to the rest of the world. This section contrasts section 230 with some
4.1
In the 2014 Costeja case, the Court of Justice of the European Union (CJEU) concluded
55
This means search engines are required to
comply with the 1995 European Data Privacy Directive (95/46/EC).
Page 9 of 19

(p. 166) 56
tion remains on the third party website, and even if the third party lawfully published the
information.
nomic interest of the operator of the search engine but also the interest of the general
57
58
figure it out. Google59
60
for other search keywords could still display those search results. Meanwhile, even if
Google de-indexes the search result, the original source material will remain online. Thus,
if an online newspaper article is subject to a de-indexing request, Google might remove
line newspaper.
cent of searchers would find an information item irrelevant but 1 per cent of searchers
would find it exceptionally relevant, what should Google do?
mation at a different time.61
(p. 167) about an article referencing him that was published in a traditional newspaper.
to its audience). Yet, the CJEU said that level of public interest was not sufficient.
Page 10 of 19

speech and free press clauses.62
clude information in its search index is almost certainly unconstitutional.63 Furthermore,
section 230 (both (c)(1) and (c)(2)) statutorily immunize search engines for their indexing
decisions, including their refusal to de-index content (even if that content is tortious).64
Collectively, US law makes it clear that search engines, including Google.com, cannot be
legally compelled to implement a right to be forgotten (RTBF).65
4.2 EU Electronic Commerce Directive
14). The provisions parallel the DMCA online safe harbours, in part because the Directive
was enacted shortly after the DMCA and modelled on it.
ing safe harbour in several key ways. First, the Directive requires EU Member States to
enact a law consistent with the Directive, but Member States are not required to (p. 168)
follow this provision identically. As a result, there are national differences in the
down system applies to all claims asserted pursuant to all legal doctrines, including those
plates that hosts may be liable without ever receiving a takedown notice. In practice,
courts in the EU find hosts liable in the absence of takedown notices more frequently
than we see with section 512(c) cases. Fourthly, unlike section 512(c)(3), the Directive
does not define what constitutes a proper takedown notice, so web hosts are more likely
to take action in response to any notice submitted by anyone.
Section 230 provides dramatically more protection for web hosts in the United States
than the Electronic Commerce Directive provides for European hosts. Accordingly, US
ly screen and remove third party content in Europe using more rigorous standards than
been left untouched in the United States.
4.3 The UK Defamation Law
enter pre-takedown notice.
Page 11 of 19

For web hosts to qualify for this safe harbour, they must be able to identify the offending
nates unattributable user content in the UK.66 Any web host that wants to qualify for the
safe harbour (and who would not?) must know enough about their users to turn them
over to anyone who complains about their posts. The postings themselves can be publicly
presented anonymously or pseudonymously, but users will know that their identity will be
revealed effectively on request and that may act as a deterrent to posting. To the extent
ty.
(Note also that the attributability of user-generated content only relates to a safe harbour
(p. 169) Overall, the UK Defamation Act is worse for web hosts than section 230 in at least
tice. Secondly, section 230 applies even if the web host does not know who is doing the
attributed basis, which may encourage a more robust public discourse.
4.4
In 2017, Germany enacted the Network Enforcement Act (Netzwerkdurchsetzungsgesetz,
make various public reports about content removals. The law imposes substantial fines of
The NetzDG supplements the EU Directive in important ways, all in ways that section 230
would forbid. First, it provides a specific turnaround time for takedowns. Secondly, it
operations. Thirdly, it requires the production of reports about complaints received and
specifies penalties that can be punitive in practice, which surely will spur the regulated
services to over-remove content.
4.5
67
Page 12 of 19

ed to non-consensual pornography are subject to a notice-and-takedown regime.
By generally deferring intermediary liability until a court order, the Marco Civil more
closely resembles section 230 than the European notice-and-takedown rules. Still, it does
not go as far as section 230. For example, a court cannot order a US web host to remove
user-generated content; any lawsuit directly against the web host is pre-empted (p. 170)
by section 230, and a court order in any other lawsuit cannot reach the web host due to
Federal Rules of Civil Procedure 65(d)(2).68
4.6 Section 230 and Foreign Judgments
In 2010, Congress enacted the SPEECH Act.69 Among other provisions, the law says that
sult would have violated section 230 if litigated in a US court; and unsuccessful plaintiffs
laws are less protective of web hosts or other intermediaries than section 230, a foreign
70
5.
In 2018, Congress enacted FOSTA,71
tive immunity in twenty-two years. While FOSTA is bad policy,72
they too can get specific exceptions to section 230 for their situation; and other critics
ceptions.
Furthermore, a number of senators have prominently criticized section 230. For example,
Senator Ted Cruz (R-TX) repeatedly (but completely falsely) claims that section 230 only
73
and thus should not protect any service that removes
conservative-leaning contributions. Separately, Senator Mark Warner (D-VA) wrote a
white paper of policy proposals, including eviscerating section 230.74 (p. 171)
ship ordinarily leads to gridlock.
Also, section 230 is inextricably linked to the widespread regulatory antipathy towards
Thus, section 230 appears to be quite imperilled. Yet, amid this doom and gloom, the
Page 13 of 19

ly. USMCA was the first time in over two decades that the expansion of internet immunity
other countries would seem to represent a major endorsement of its policy outcomes.
So which way will section 230 go? Are we near the end of its functional life? Or are we on
Notes:
(1) See e.g. Restatement (Second) of Torts s. 612 cmt. g (1977) (US).
(2) See Rodney Smolla, 1 Law of Defamation (Thomson Reuters 2018) s. 4:87.
(3) e.g. in 2015, YouTube got 400 hours of new uploaded video every minute. See Statista
<https://www.statista.com/statistics/259477/hours-of-video-uploaded-to-youtube-every-
minute>.
(4) See e.g. Religious Technology Center v Netcom On-Line Communication Services, 907
F.Supp. 1361 (ND Cal. 1995) (US).
(5 TechCrunch, 23 August 2018)

<https://techcrunch.com/2018/08/23/the-consequences-of-indecency>.
(6) See Cubby Inc. v CompuServe Inc., 776 F.Supp. 135 (SDNY 1991) (US).
(7) See Zeran v America Online Inc., 129 F.3d 327 (4th Cir. 1997), cert. denied, 524 US
(8) See The Wolf of Wall Street (2013).
(9) See Stratton Oakmont Inc. v Prodigy Services Co., 1995 WL 323710 (NY Sup. Ct.
1995) (US).
(10 Time, 3 July 1995) <http://

content.time.com/time/magazine/article/0,9171,134361,00.html>.
(11
centives for the development and utilization of blocking and filtering technologies that
(12
Studies Research Paper no. 13/2017 (2017) <https://ssrn.com/abstract=3038632>.
(13) HR 104-458 (1996).
(14) 47 USC § 230(b)(4).
Page 14 of 19

(15) 47 USC § 230(f)(2).
(16) See Ian Ballon, 4 E-Commerce & Internet Law
(17) See Barrett v Rosenthal, 40 Cal. 4th 33 (2006) (US).
(18) See Smolla (n. 2) s. 1:34.
(19) See Ballon (n. 16) 37.05[1][C].
(20) But see Delfino v Agilent Technologies Inc., 145 Cal. App. 4th 790 (Cal. App. Ct. 2006)
(US) (employer qualified for s. 230 immunity for employee activity).
(21
Korea U. L. Rev. 103.
(22
Notre Dame L. Rev. Online (forthcoming) < https://papers.ssrn.com/sol3/papers.cfm?
(23) See e.g. UMG Recordings Inc. v Shelter Capital Partners LLC, 667 F.3d 1022 (9th Cir.
2011) (US) (Veoh went bankrupt defending its eligibility for the safe harbour).
(24) 47 USC § 230(c)(2)(A).
(25) ibid. § 230(c)(2)(B).
(26) See e.g. Zango Inc. v Kaspersky Lab Inc., 568 F.3d 1169 (9th Cir. 2009) (US).
(27 Darnaa v Google LLC,

2018 WL 6131133 (9th Cir. 2018) (US); Kinney v YouTube LLC, 2018 WL 5961898 (Cal.
App. Ct. 2018) (US); Song Fi v Google Inc., 2018 WL 2215836 (ND Cal. 2018) (US);
Bartholomew v YouTube LLC, 17 Cal. App. 5th 1217 (Cal. App. Ct. 2017) (US); Lancaster
v Alphabet Inc., 2016 WL 3648608 (ND Cal. 2016); Lewis v YouTube LLC, 244 Cal. App.
4th 118 (Cal. App. Ct. 2015) (US).
(28
2 U. C. Irvine L. Rev. 659.
(29) See 47 USC § 230(e)(4).
(30) ibid. § 230(e)(2).
(31) See Perfect 10 Inc. v CCBill LLC, 488 F.3d 1102 (9th Cir. 2007) (US).
(32) See Ballon (n. 16) 37.05[5].
Page 15 of 19

(33) See e.g. Atlantic Recording Corp. v Project Playlist Inc., 603 F.Supp.2d 690 (SDNY
2009) (US).
(34
(35) See 47 USC § 230(e)(1).
(36 Wall Street Journal

cember 2007) <https://www.wsj.com/articles/SB119809595072840253>.
(37
US DOJ, 24 August 2011) <https://www.justice.gov/opa/
line>.
(38) See US v Ulbricht, 858 F.3d 71 (2d Cir. 2017) (US).
(39) See Doe v Bates, 2006 WL 3813758 (ED Tex. 2006); Jane Doe No. 1 v Backpage.com
LLC, 817 F.3d 12 (1st Cir. 2016) (US).
(40
http://
(41
(42
Adam Marcus (eds), The Next Digital Decade: Essays on the Future of the Internet
(TechFreedom 2011) 165.
(43) See Smolla (n. 2) s. 3:87; New York Times Co. v Sullivan, 376 US 254 (1964).
(44) cf. Marshall McLuhan, Understanding Media: The Extensions of Man (MIT Press
1964).
(45 The Media Landscape <https://transition.fcc.gov/osp/

inc-report/INoC-1-Newspapers.pdf>.
(46) Such as bulletin-board services (BBSes), which were often run as non-commercial or
(47
dia, 20 October 2018) <https://www.investopedia.com/articles/active-trading/111115/
why-all-worlds-top-10-companies-are-american.asp>.
Page 16 of 19

(48 Journalist.com, 13 June 2018)
<http://www.journalism.org/fact-sheet/newspapers>.
(49) See e.g. Fair Housing Council of San Fernando Valley v Roommates.com LLC, 521 F.
communication that could easily be smothered in the cradle by overzealous enforcement
(50) See e.g. Saul Levmore and Martha Nussbaum (eds), The Offensive Internet: Speech,
Privacy, and Reputation (HUP 2012).
(51
Chronicle of Higher Education, 5 February 2009) <
cle/JuicyCampus-Shuts-Down/1506
Washington Post, 10 June 2009) <http://
www.washingtonpost.com/wp-dyn/content/article/2009/06/09/AR2009060903199.html>.
(52
New York Times, 27 May 2017) <https://www.nytimes.com/2017/05/27/style/yik-
yak-bullying-mary-washington.html>.
(53
Clara U. Legal Studies Research Paper no. 17/2017 (2017) <https://papers.ssrn.com/sol3/
papers.cfm?abstract_id=3079193>.
(54
Technology & Marketing Law Blog, 3 October 2018) <https://
tion-230-like-internet-immunity.htm>.
(55) See C-131/12 Google Spain SL and Google Inc. v Agencia Española de Protección de
Datos and Mario Costeja González
ter 25.
(58) ibid.
(59
ing requests submitted to all search engines.
(60) See European Privacy Requests Search Removals FAQs, Google, <https://
support.google.com/transparencyreport/answer/7347822?hl=en>.
Page 17 of 19

(61
shour/politics/see-four-months-of-brett-kavanaughs-calendar-from-1982>) appeared to be
Senate confirmation hearings for his appointment to the US Supreme Court.
(62) See US Const. Amend. 1.
(63) See e.g. Search King Inc. v Google Technology Inc., 2003 WL 21464568 (WD Okla.
2003) (US); Langdon v Google Inc., 474 F.Supp.2d 622 (D. Del. 2007) (US); Zhang v
Baidu.com Inc., 10 F.Supp.3d 433 (SDNY 2014) (US); Google Inc. v Hood, 96 F.Supp.3d
584 (SD Miss. 2015) (US) (vacated on other grounds); e-ventures Worldwide v Google
Inc
https://
papers.ssrn.com/sol3/papers.cfm?abstract_id=2055364>. See also Martin v Hearst Corp.,
777 F.3d 546 (2d Cir. 2015) (US) (publication cannot be obligated to remove article about
an expunged arrest).
(64) See e.g. Maughan v Google Technology Inc., 143 Cal. App. 4th 1242 (Cal. App. Ct.
2006) (US); Murawski v Pataki, 514 F.Supp.2d 577 (SDNY 2007) (US); Shah v MyLife.Com
Inc., 2012 WL 4863696 (D. Or. 2012) (US); Merritt v Lexis Nexis, 2012 WL 6725882 (ED
Mich. 2012) (US); Nieman v Versuslaw Inc., 2012 WL 3201931 (CD Ill. 2012) (US);
Getachew v Google Inc., 491 Fed. Appx. 923 (10th Cir. 2012) (US); Mmubango v Google
Inc., 2013 WL 664231 (ED Pa. 2013) (US); ., 831 F.3d 352 (6th Cir.
2016) (US); Fakhrian v Google Inc., 2016 WL 1650705 (Cal. App. Ct. 2016) (US); Despot v
Baltimore Life Insurance Co., 2016 WL 4148085 (WD Pa. 2016) (US); Manchanda v
Google Inc., 2016 WL 6806250 (SDNY 2016) (US).
(65
websites to let minors remove posts they have made. See Cal. Bus. & Profs. Code §
22580-82. This law has not been subject to a constitutional challenge, but it may violate
Forbes Tertium Quid Blog, 24 September 2013) <http://

www.forbes.com/sites/ericgoldman/2013/09/24/californias-new-online-eraser-law-should-
be-erased
content posted by a minor; the statute explicitly says that the minor cannot remove any
third party content.
(66
Forbes Tertium Quid, 9 May 2013)
<
celerate-the-death-of-anonymous-user-generated-content-internationally>.
Page 18 of 19

(68) See e.g. Blockowicz v Williams, 630 F.3d 563 (7th Cir. 2010) (US); Giordano v Romeo,
76 So.3d 1100 (Fla. Dist. App. Ct. 2011) (US). See also Hassell v Bird, 5 Cal. 5th 522
(2018) (US) (Yelp cannot be compelled to honour a removal injunction).
(69
(70) See e.g. Trout Point Lodge Ltd v Handshoe, 729 F.3d 481 (5th Cir. 2013) (US).
(71) See Allow States and Victims to Fight Online Sex Trafficking Act of 2017, HR1865
(72) See Goldman (n. 41).
(73
FoxNews.com, 11 April 2018) <https://
servative-speech-for-years>.
(74
https://assets.documentcloud.org/documents/4620765/
PlatformPolicyPaper.pdf>.
Eric Goldman
Eric Goldman is a Professor of Law at Santa Clara University School of Law, where
egoldman@gmail.com.
Page 19 of 19

Intermediary Liability and Fundamental Rights

Christophe Geiger , Giancarlo Frosio , and Elena Izyumenko
This chapter sets the stage for considering the tension between intermediary liability and
fundamental rights with special emphasis on the European legal framework. Competing
fundamental rights, such as freedom of expression, privacy, freedom of business, and the
right to property are entangled with the intermediary liability conundrum. Policymakers
ulation that might address the miscellaneous interests of all stakeholders involved, with
enforcement technologies, which will be the topic of further review in multiple chapters
mental rights are heavily undermined.
Keywords: human rights, fundamental rights, intellectual property, freedom of expression,

formation, privacy, freedom of business
THE ethical implications of the role of Online Service Providers (OSPs) in contemporary
garding OSPs.1 It is actually a trifecta of competing fundamental rights in tension with
ity.
rights, such as freedom of expression, freedom of information, and the right to privacy
tions dealing with blocking and sanitization of a vast array of allegedly infringing content
online that affect IP rightholders and creators. Finally, imposing too strict or expansive
sible curtailment of their freedom to conduct business.
Page 1 of 19

(p. 139)
quences for society at large, yet there is limited understanding of these processes.2 In
this context, tensions have been highlighted3 between algorithmic enforcement and the
European Convention on Human Rights (ECHR) and the Charter of Fundamental Rights
of the European Union (EU Charter),4 with special emphasis on filtering, blocking, and
and other fundamental rights.5

gered by the effects of intermediary liability and regulation on competing fundamental
rights both of users, OSPs, and IP owners.
1.
obligations imposed on them that change the way in which users enjoy online services.
(p. 140) 1.1 Freedom of Information and Internet Access
The right to freedom of expression, as protected by Article 10 ECHR and Article 11 EU

Charter, benefits from a privileged position in the European constitutional order and is
7
This right, which guarantees
not only the right to impart information but also the right of the public to receive it,8 has
9
The human rights
10
11
The Council of Europe has specifically
noted, also in response to three-strike legislation proposals, that access to the internet is
12
In a decision of 10 June 2009 on the first HADOPI law, the French
nication services and the importance of the latter for the participation in (p. 141)
cy and the expression of ideas and opinions, [the right to freedom of expression] implies
13
Since then, the fundamental right nature of access to the internet has been stressed by
several international and national bodies, such as the UN Human Rights Council,14 the
ITU-UNESCO Commission,15
cess essential to the exercise of fundamental rights,16 or the Finnish government officially
making broadband a legal right.17 In Europe, a survey carried out by the European Court
Page 2 of 19

of Human Rights (ECtHR) of the legislation of twenty Member States of the Council of
Europe revealed that:
the right to Internet access is protected in theory by the constitutional guarantees

applicable to freedom of expression and freedom to receive ideas and information.
es the right for each individual to participate in the information society and the
obligation for States to guarantee access to the Internet for their citizens. It can
pression that a right to unhindered Internet access should also be recognised.18
ternet engages the responsibility of the state under Article 10 ECHR.19
abled information and (4) whether the alternatives to accessing such information (p. 142)
were available. Under certain circumstances, it will further be pertinent to consider (5)
cerned. The European Commission stressed a similar point by noting:
though operators need to manage Internet traffic in order to ensure the proper
functioning of the networks (including managing network congestion, security
threats, etc.), there are many instances when unjustified blocking and throttling
occurs.20
law, in accordance with which:
ter of general interest.21
The Court referred to its earlier findings in

viction in France of three fashion photographers for copyright infringement by taking
is interested in fashion in general and haute couture fashion shows in particular, it could
not be said that the applicants took part in a debate of general interest when restricting
Page 3 of 19

22
In the
portant question of general interest.
mation the blocking might not be justified in terms of Article 10 ECHR. It is (p. 143)
table that the general public interest in information is not reduced to political context. In
effect, such interest had previously been recognized by the Court in the information on,
for example sporting matters23 or performing artists,24
sue related to the moral position advocated by an influential religious community.25 The
26
Similar issues have also been raised in connection with the right to be forgotten and,
more broadly, data protection rights in the internet.27 In 2014, the Court of Justice of the
European Union (CJEU) ruled that an internet search engine operator is responsible for
the processing that it carries out of personal data which appear on web pages published
by third parties.28
move links to web pages containing personal data. The recognition by the EU of a so-
right to be forgotten would endanger freedom of expression and access to information.29

According to a Communication from the Organization for Security and Co-operation in
man rights should not undermine the principal role of freedom of the media and the right
30
As Floridi and Taddeo noted:
[s]triking the correct balance between the two is not a simple matter. Things
change, for example, depending on which side of the Atlantic one is. According to
the European approach, privacy trumps freedom of speech; whereas the American
ing the responsibilities of OSPs with respect to the right to be forgotten turns out
(p. 144)
tal rights as well as considering the debate on the national versus international
governance of the Internet.31
terest of the general public in finding that information upon a search relating to the data
32
However, the CJEU also noted that this general rule should not apply if
33
On 26 November
ing Party (WP29) adopted guidelines on the implementation of the Google Spain
judgment.34 They include common criteria to be used by national DPAs when addressing
Page 4 of 19

ity of the data and the interest of the public in having access to that information.35
cantly greater.36
ual rights to freedom of expression and access to information will be very limited. When
terest overrides the rights of the data subject.37 The guidelines also contain thirteen key
criteria which the national DPAs will apply to handle complaints following refusals of
38
Following in the footsteps of
WP29 clarifications and criteria, European national courts and privacy authorities further
operated the necessary balancing between personal privacy interest and public interest
in access to information by noting that the Costeja
39
mation about an individual that will remain relevant,40 users cannot obtain the delisting
of search results of recent news with a relevant public (p. 145) interest,41 or, again, the
prevalent interest in promoting market transparency and protecting third parties.42
1.2 Freedom of Expression
Freedom of expression as freedom to impart information must also be considered among

the counterposing rights that must be balanced within the intermediary liability dilemma.
In Google v Louis Vuitton
marks. Instead of being able to prevent, through trade mark protection, any possible use
including, as has been observed, many lawful and even desirable uses
context of illegal damage to their trademarks.43
According to this argument, a negligence-based system would better serve the delicate
balance between protection of IP rights, access to information, and freedom of expression
tice-and-take-down procedure is one of the essential mechanisms through which the
44
Page 5 of 19

ly requires the hosting provider to respect the principle of freedom of expression when
deciding a takedown request.45
aries to actually consider the infringing nature of the materials before deciding whether
to take them down.
(p. 146) In contrast, an ex ante mechanism based on filtering and automatic infringement-
damental rights, as consistent jurisprudence of the CJEU has highlighted.46 At the

present level of technological sophistication, false positives might cause relevant chilling
mated systems cannot replace human judgment that should flag a certain use as fair or
falling within the scope of an exception or limitation, in particular since the boundaries of
termine whether a particular use is infringing.47 Also, complexities regarding the public
tion technologies. In the own word of the CJEU, these measures:
other. In addition, in some Member States certain works fall within the public domain or
may be posted online free of charge by the authors concerned.48
Following approval by the European Parliament of Article 17 of the Directive on copyright

and related rights in the Digital Single Market,49 the implications of an increase in the
to expression and information.50
Some courts have also recognized that website blocking engages the freedom of
(p. 147)
expression of the internet service providers (ISPs).51

Opinion in Telekabel
52
In support of this contention, the
Advocate General referred to an established body of ECtHR case law, in accordance with
53
According to the ECtHR, although
Page 6 of 19

54
unusual in the practice of the ECtHR. In the Delfi AS
ing infringing content generated by its users.55

cle 10 was established. That said, in a recent judgment on a similar issue the Court found
pression.56 On the national level, it was also highlighted in a series of UK cases that ISPs
57
58
1.3 Right to Privacy and Data Protection
ported, all practiced in the worldwide web with substantially increased damage (p. 148)
59
Again, upholding the
seminated like never before, worldwide, in a matter of seconds, and sometimes remain
60
On the other hand, courts have highlighted that the unqualified deployment of filtering
cy by concluding that:
requiring installation of the contested filtering system would involve the identification,
systematic analysis and processing of information connected with the profiles created on
ed personal data because, in principle, it allows those users to be identified.61
In Scarlet and Netlog
when a mechanism requiring the systematic processing of personal data is imposed in the
62
According to the ECtHR, which tends to
be critical of systems that intercept communications, secrecy of communication or the
right to respect for private life63
pecially when those systems monitor the content of communications.64
Page 7 of 19

2. OSPs, Freedom of Business, and Innovation

Apart from freedom of expression, another fundamental right related to balancing when
imposing obligations on OSPs is the freedom to conduct their business as per Article 16
EU Charter.65 In contrast to the long constitutional tradition of freedom of expression, the
freedom to conduct a business is not known to any other international (p. 149) human
ness a relatively young right.66

67
Both the textual context and the judicial
history of Article 16, therefore, point to its lack of qualification, and allow the state a wide
power to interfere with it.68 69
70
line intermediaries might be called on to develop and deploy costly technology to cope
with legal requirement and obligations. The CJEU has emphasized the economic impact
out any limitation in time, directed to all future infringements of existing and yet-to-be-
71
quire the ISP to install a complicated, costly, and permanent system at its own expense.72
In addition, according to the CJEU, this obligation would be contrary to Article 3 of the
73
3. IP Owners and Property Rights

Another important fundamental right implicated by intermediary liability and regulation
is the right to property of IP holders. This is also the right against which the rights
(p. 150) mentioned in the previous sections need to be balanced. In Europe, this balancing
is predetermined by the fundamental-right status of IP as per Article 17(2) EU Charter

and (somewhat implicitly) Article 1 Protocol No. 1 ECHR, as well as by considerations of
how effective an enforcement of this fundamental right must be. The latter, in turn, would
ing the copyright-holders, the Court would stress that intellectual property benefits from
74 Consequently,
Page 8 of 19

75
mined by a number of prior developments on both judicial and legislative levels. First of
all, the EU Charter, unlike the ECHR, expressly enshrined the protection of the right to IP
in its catalogue of rights under Article 17(2).76
taining a specific IP clause, has been interpreted by the Strasbourg Court as extending its
Article 1 Protocol No. 1 protection to the entire range of traditionally recognized IP
rights.77 The most indicative in this regard is an oft-quoted Anheuser-Busch case, which
trade marks.78
tion of IP interests vis-à-vis other fundamental rights involved in balancing, including the
79
However, the reach of the (human) right to property protection for IP should not
(p. 151)
be overestimated. As noted by the CJEU in Telekabel
80
Article 17(2) EU Charter
could then be considered to be nothing more than a simple clarification of Article 17(1),
81
Likewise, the first paragraph of Article 1 First Protocol
deems necessary to control the use of property in accordance with the general interest
82
This limited nature of the right to property was clearly envisaged by the drafters of
the ECHR and the EU Charter. As the preparatory works of the First Protocol to the
83
A similar logic, clearly
84
This approach also matches the traditional construction of Article 27(2) of the Universal
Declaration of Human Rights (UDHR) and Article 15(1)(c) of the International Covenant
on Economic, Social and Cultural Rights (ICESCR), both of which secure for authors the
porteur in the field of cultural rights, although it is tempting to infer from the wording of
these provisions that Article 15(1)(c) recognizes a human right to (p. 152)
85
Page 9 of 19

rights and the human rights protection given to creators in accordance with Article 15(1)
(c).86
mittee it cannot be interpreted as guaranteeing IP rights or as elevating IP to the human
rights regime.87
4. Conclusions
tions relating to the preservation of the fundamental rights of users, OSPs, and IP
rightholders. The tension between competing freedom of expression, property, privacy,
and freedom of business rights leads to unavoidable constriction of some rights against
ing competing rights, interests, and players involved in intermediary liability regulation
lege some of the relevant interests against others, increasingly resorting to mandatory or
voluntary promotion of filtering, monitoring, and automated enforcement technologies,
courts have often found middle grounds based on a case-by-case analysis, thus securing a
served and could lead policymakers to reflect on adopting rules that allow the judiciary to
adapt to the specific situation of a case, while also reflecting on other implementing legal
tions.88
Notes:
(1
Common Principles of European

Intellectual Property Law
Intellectual Property and
Human Rights
(2) This very much recalls a previous lively discussion that emerged in the context of the
2001 Copyright Directive regarding technical protection measures (TPM) protected by
that legislation sometimes at the expenses of limitations and exceptions foreseen by the
same Directive. In that context, it was the technique not the law which could decide what
could or could not be used, leaving the balance of copyright law in the hand of technical
erated strong criticism from academia. History seems to have repeated itself. See on the
Page 10 of 19

(3
Graziella Romeo (eds),

tal Rights and Constitutional Adjudication in Europe (Routledge 2016); Akdeniz v Turkey
App. no. 20877/10 (ECtHR, 11 March 2014); C-314/12 UPC Telekabel Wien [2014]
ECLI:EU:C:2014:192; C-360/10
gevers CVBA (SABAM) v Netlog NV
forcement, human rights protection and the responsibilities of internet service providers
(4) See Charter of Fundamental Rights of the European Union, 2012 OJ (C 326) 391.
(5) See Chapter 29.
(6) See Charter (n. 4) Arts 8, 11. The concept of user rights has received the most explicit
development in the recently rendered CJEU judgments in Funke Medien and
line (C-469/17 Funke Medien NRW GmbH v Bundesrepublik Deutschland [2019]
Spiegel Online GmbH v Volker Beck [2019]
ECLI:EU:C:2019:625, para. 54). For further discussion of copyright user rights in the case
law of the CJEU, including in the context of the judgments in Funke Medien and Spiegel
Online, see Chapter 29
tionalization of Intellectual Property Law in the EU and the Funke Medien, Pelham and
ternational Intellectual Property Studies (CEIPI) Research Paper No. 2019-09, available
at <https://ssrn.com/abstract=3472852> or <http://dx.doi.org/10.2139/ssrn.3472852>;
IIC (forthcoming 2020).
(7
(Paris Litec
2004) 166.
(8) See e.g. Times Newspapers Ltd (Nos 1 and 2) v United Kingdom App. nos 3002/03 and
23676/03 (ECtHR, 10 March 2009) para. 27; Ahmet Yildirim v Turkey App. no. 3111/10
(ECtHR, 18 December 2012) para. 50; Guseva v Bulgaria App. no. 6987/07 (ECtHR, 17
February 2015) para. 36; Cengiz and Others v Turkey App. nos 48226/10 and 14027/11
Page 11 of 19

New Directions in Copyright Law

(Edward Elgar 2007), Vol. 5, 24.
(9
Constitutional Rights: Recognizing the Essential Role of Internet Access for the Freedom
(10
Human Rights and
the Internet (Macmillan 2000) 211.
(11
Chinese students in Shanghai, as released by the White House (CBS News, 16 November
2016) <http://www.cbsnews.com/news/transcript-obamas-town-hall-in-china>.
(12
IPWatch BBC News, 8
March 2010) <http://news.bbc.co.uk/2/hi/technology/8548190.stm>.
(13) Conseil constitutionnel [Constitutional Council], Decision no. 2009-580 DC of 10 June
ment of that right must be strictly limited.
(14
26/L.24. Prior to that, the right to internet access was only implicitly considered by the
laration of Human Rights (10 December 1948) 217 A (III), Art. 19.
(15
IPWatch, 10 May 2010).
(16 Nacion, 8 September 2010) <http://

www.nacion.com/2010-09-08/ElPais/NotasSecundarias/ElPais2514038.aspx>.
(17 BBC News, 1 July 2010) <http://

www.bbc.co.uk/news/ 10461048>.
Page 12 of 19

(18) Ahmet Yildirim v Turkey App. no. 3111/10 (ECtHR, 18 December 2012) para. 31.
(20
the Document Proposal for a Regulation of the European Parliament and of the Council
tions and to achieve a Connected Continent, and amending Directives 2002/20/EC,
SWD (2013) 331 final, s. 3.4.
(21) Akdeniz
Intellectual Property and the Judiciary (Edward Elgar 2018) 9.
(22) Ashby Donald and Others v France App. no. 36769/08 (ECtHR, 10 January 2013) para.
39, translation from French published in (2014) 45(3) IIC 354. For an extensive comment,
316, trying to extract guidelines of the of the case law of the ECtHR for an Art. 10 ECHR
scrutiny of copyright enforcement measures.
(23) See Nikowitz and Verlagsgruppe News GmbH v Austria App. no. 5266/03 (ECtHR, 22
Colaço Mestre and SIC
App. nos 11182/03 and
11319/03 (ECtHR, 26 April 2007) s. 28 (an interview by the president of the sports club);
Ressiot and Others v France App. nos 15054/07 and 15066/07 (ECtHR, 28 June 2012)
para. 116 (doping practices in professional sport).
(24) See Sapan v Turkey App. no. 44102/04 (ECtHR, 8 June 2010) para. 34 (a book about a
Turkish pop star).
(25) See Verlagsgruppe News GmbH and Bobi v Austria

cember 2012) para. 76.
(26) See David Harris and others,

Convention on Human Rights (OUP 2009) 457.
(28) See C-131/12 Google Spain SL and Google Inc. v Agencia Española de Protección de
Datos (AEPD) and Mario Costeja González [2014] ECLI:EU:C:2014:317.
(29
Page 13 of 19

New York Times,

14 May 2014) <http://www.nytimes.com/2014/05/15/opinion/dont-force-google-to-
forget.html?_r=0>.
(30 on
Open Journalism, 29 January 2016, 2 <http://www.osce.org/fom/219391?
download=true>.
(31
(32) C-131/12 (n. 28) para. 81.
(33) ibid
(34
lines) <
ommendation/files/2014/ wp225_en.pdf>.
(35) ibid. 2.
(36) ibid.
(37) ibid.
(38
(39) Rechtbank [District Court] Amsterdam [2014] ECLI:NL:RBAMS:2014:6118 (Neth.), as
Freedom of Speech, Less Right To Be Forgotten For Criminals ( , 27

September 2014) <https://inforrm.wordpress.com/2014/09/27/dutch-google-spain-ruling-
more-freedom-of-speech-less-right-to-be-forgotten-for-criminals-joran-spauwen-and-jens-
van.-den-brink>.
(40) ibid
(41) See Garante per la Protezione dei Dati Personali [Data Protection Authority], Decision
no. 618 (18 December 2014) (It.) <
display/docweb/3736353>.
(42) See C-398/15 Camera di Commercio, Industria, Artigianato e Agricoltura di Lecce v

Salvatore Manni [2016] ECLI:EU:C:2016:652, Opinion of AG Bot.
(43
ECLI:EU:C:
Page 14 of 19

(44
(45
monisation of certain aspects of copyright and related rights in the information society
[2001] OJ L167, recital 46.
(46) See C-360/10 (n. 3) para. 52.
(47) Furthermore, in the EU the manner in which the Member States implement even the
Franciska Schönherr, Frequently Asked Questions (FAQ) of Consumers in relation to

Copyright, Summary Report (EUIPO 2017) <
servatory/observatory-publications
(48) See C-360/10 (n. 3) para. 50.
(50
Research Paper no. 3367219 <https://ssrn.com/abstract=3367219>.
(51
ter 29 in this Handbook.
(52) C-314/12 UPC Telekabel Wien [2013] ECLI:EU:C:2013:781, Opinion of AG Villalón,

para. 82.
(53) Öztürk v Turkey App. no. 22479/93 (ECtHR, 28 September 1999) para. 49.
(54) ibid.
(55) See Delfi AS v Estonia App. no. 64569/09 (ECtHR, 16 June 2015).
Page 15 of 19

22947/13 (ECtHR, 2 February 2016).
(57) See Twentieth Century Fox Film Corp. & Others v British Telecommunications Plc
[2011] EWHC 1981 (Ch), [200] (UK);
ing Ltd & Others [2013] EWHC 379 (Ch), [94] (UK).
(58) See Twentieth Century Fox (n. 57) [200]; EMI Records (n. 57) [107].
(59) Delfi (n. 55) para. 110.
(60) Google Brazil v Dafra, Special Appeal no. 1306157/SP (Superior Court of Justice, 24
March 2014) <https://cyberlaw.stanford.edu/page/wilmap-brazil>.
(61) C-360/10 (n. 3) para. 49.
(62
(63) See EU Charter (n. 6) Art. 7.
(64
(65
(66) Note, however, that some national constitutions provided for the protection of the
freedom to conduct a business long before these supranational developments. See e.g.
stitution of 1990, Art. 49; and Slovenian Constitution of 1991, Art. 74.
(67) C-426/11 Mark Alemo-Herron and Others v Parkwood Leisure Ltd [2013] ECLI:EU:C:
2013:82, Opinion of AG Villalón, para. 49.
(68) See C-283/11 Sky Österreich GmbH v Österreichischer Rundfunk [2013] ECLI:EU:C:
2013:28, para. 46; T-587/13 Miriam Schwerdt v Office for Harmonisation in the Internal
Market [2015] ECLI:EU:T:2015:37, para. 55.
(69
Sionaidh Douglas-Scott and Nicholas Hatzis (eds), Handbook on EU Law and Human
Rights EMI Records (n. 55) [107].
(70) See C-314/12 (n. 3) para. 49.
(71) C-360/10 (n. 3) para. 46.
(72) ibid.
Page 16 of 19

(73
forcement of intellectual property rights [2004] OJ L157, Art. 3.
(74) Neij and Sunde Kolmisoppi v Sweden App. no. 40397/12 (ECtHR, 19 February 2013)
para. 10. See also Geiger and Izyumenko (n. 22) 316.
(75) Neij and Sunde Kolmisoppi (n. 74) para. 11. See also Akdeniz (n. 3) para. 28; Ashby
Donald (n. 22) para. 40.
(76
tual Property Shall be Protected!? Article 17(2) of the Charter of Fundamental Rights of
pean Intellectual Property: Achievements and New Perspectives (Edward Elgar 2012) 75
ff.
(77) See in the field of copyright: Akdeniz (n. 3); Neij and Sunde Kolmisoppi (n. 74); Ashby
Donald (n. 22); Balan v Moldova App. no. 19247/03 (ECtHR, 29 January 2008); Melnychuk
v Ukraine App. no. 28743/03 (ECtHR, 5 July 2005); Dima v Romania App. no. 58472/00
(ECtHR, 26 May 2005). In the field of trade marks: Paeffgen Gmbh v Germany App. nos
25379/04, 21688/05, 21722/05 and 21770/05 (ECtHR, 18 September 2007); Anheuser-
Busch Inc. v Portugal App. no. 73049/01 (ECtHR, 11 January 2007). In the field of patent
law: Lenzing AG v United Kingdom App. no. 38817/97 (ECommHR, 9 September 1998);
Smith Kline & French Lab. Ltd v Netherlands App. no. 12633/87 (ECommHR, 4 October
1990).
(78
IIC 714, 717.
(79
Research Handbook on the Future of EU Copyright,
(ed.), Methods and Perspectives in Intellectual Property

lining that the property aspects protected at a constitutional level refer to a property of a
Page 17 of 19

special kind
ing, IP has to be considered as having a more limited nature than the right to physical
property, which should be taken into account when balancing it with other fundamental
parison with other rights.
(80) C-314/12 (n. 3) para. 61.
(81) ibid.
(82) ibid.
(83
(84
(85
rights, Farida Shaheed, Copyright Policy and the Right to Science and Culture, Human
tellectual Property and Access to Science and Culture: Convergence or Conflict? (CEIPI/
ICTSD 2016) (including a Foreword by the Special Rapporteur).
(86
2006) E/C12/GC/17.
(87
ing Intellectual Property Provisions in Human Rights Instruments: Towards a New Social
(88
Research Handbook on the
Cross-Border Enforcement of Intellectual Property (Edward Elgar 2014) 704; Christophe
ly, see Joao Pedro Quintais,

tion Systems in EU Law
under European copyright law via the introduction of the open-ended flexible exception to
Christophe Geiger
Page 18 of 19

Christophe Geiger is Professor of Law and Director of the Research Department of
versity. Email: christophe.geiger@ceipi.edu.
Giancarlo Frosio

gcfrosio@ceipi.edu.
Elena Izyumenko
al Intellectual Property Studies (CEIPI), University of Strasbourg. Email:

elena.izyumenko@ceipi.edu.
Page 19 of 19

The Civic Role of OSPs in Mature Information Societies
Mariarosaria Taddeo
Over the years, the discussion concerning the responsibilities of online service providers
(OSPs) has gone from defining measures that OSPs should deploy to correct their market
bias and ensure a pluralistic web, to the impact that OSPs have on the internet, on the
flourishing of democratic values, and on societies at large. The debate spans different
tions of intermediary liability. First, it describes the debate on the moral responsibilities
ses the role and the nature of the responsibilities of OSPs in mature information societies.
sponsibilities the civic role of OSPs entails and how they should discharge them.
Keywords: moral responsibility, ethics, civic role, access to information, human rights, information society
ONLINE service providers (OSPs) have gone from offering connecting and information-
tions that facilitate digital expression, interaction, and the communication of information.
This evolution put OSPs in a peculiar position, for they design and provide key services on
which information societies depend. This raises questions as to what role they have in our
societies, what moral responsibilities this role entails, and how OSPs should discharge
these responsibilities.
Over the years. the discussion concerning the responsibilities of OSPs has gone from
ic values, and on societies at large.1 The debate spans different fields, from information
and computer ethics, corporate social responsibilities, and business ethics, to computer-
Page 1 of 19

mediated communication, law,2 and public policy. Topics of analyses range from biases
and skewing of information indexed by search engines,3 the protection of (p. 123)
privacy4 and security,5 to the impact of OSPs on democratic processes,6 and their duties
with respect to human rights.7 Elsewhere,8 I have analysed the relevant literature on the
cerning: (1) expectations about the conduct of OSPs; (2) an increasing consensus about
ples that should inform their conduct. I shall deal with points (2) and (3) in the second
iours of OSPs underpin much of the debate on their role and moral responsibilities.
Users, but also scholars and policymakers, often expect OSPs to align their goals with the
needs of our societies.9 OSPs are expected to perform their tasks well and according to
principles of efficiency, justice, fairness, and respect of current social and cultural values
(emphasis added).10
As Shapiro stresses:
obligation as trustees of the greater good.11
However, what these obligations may be remains open question. These range from
protection of the public interest and respect for basic democratic principles, for example
fied in the 2011 G8 Deauville Declaration.12

cultural contexts in which OSPs operate complicate the definition of their obligations,
(p. 124) for it requires an ethical framework able to square the different ethical views and
spect to managing access to information (Section 1) and human rights (Section 2). I will
then analyse the role and the nature of the responsibilities of OSPs in mature information
societies (Section 3).13 soft ethics
sider what responsibilities the civic role of OSPs entails and how they should discharge
them (Section 4).
1. Managing Access to Information

The organization and management of the access to information available online raises
problems concerning the way in which OSPs select and rank such information.14
gence of the Web 2.0, social networks and news aggregators also became objects of
Page 2 of 19

ment of a pluralistic democratic web.15

tion as a guarantee of the fairness of information-filtering processes and the democratic
development of the internet.16
panies running indexing and ranking algorithms can jeopardize both these aspects.
In addition, Introna and Nissenbaum compare search engines to conventional publishers
(p. 125)
erful actors.17 18
Namely, websites
include links to popular websites in order to be ranked higher by search engines which
makes the popular site even more well-known and, thus, ranked even higher. Conversely,
this system makes less known those websites that are already poorly linked and hence
ranked lower. This vicious circle eventually leads to expunging niche, less renowned
sources of information from the web, thus endangering the plurality and diversity of the
ness as well as [a] suite of values represented by the ideology of the Web as a public
19
rithms used by the search engines.
The call for transparency of the search and ranking algorithms is not uncontroversial,20
as disclosing the structure of the algorithms could facilitate malicious manipulation of
search results, while not bringing any advantage to the average non-tech-savvy user. It is
ty of information sources. On the contrary, Granka maintains that in a market-regulated

environment companies will devote their attention to the quality of the search results,
which will have to meet the different needs and expectations of each single user, thereby
ers. Search engines:
rithm, whereas traditional news media makes case-by-case decisions.21
ercise some editorial control over their systems. In turn, this editorial control will
create some bias.22
Page 3 of 19

ture in the web and bias search results towards websites with economic power,23 it also
(p. 126) advocates that the correction of search bias will follow from the fine-tuning of the
to OSPs in that respect. A similar position has also been expressed by Lev-On and
Manin.24 Their articles suggest that, given the huge set of data filtered by search engines,
unintentional exposure to information conveying diverse and non-mainstream information
cannot be excluded.
The issue then arises as to whether incidental exposure to diverse information suffices to
ed by OSPs and foster the diversity of the sources and the information circulating in the
web. This is, for example, the argument proposed by Goldman.25
dia to tamper with US presidential elections, for example, has shown the concrete risks
that personalization can pose to democratic processes.26
sults challenges the affirmation of deliberative democracies, insofar as it undermines the
possibilities of sharing different cultural backgrounds, view, and experiences and reduces
port or convey different world views. Several analyses have raised this issue. 27
dynamics to shape information access and communication:
it is much too simple to say that any system of communication is desirable if and
chosen exposures, shared experiences are important too.28
29
in which each individual is isolated in her or his
30
mational bubble,
ilar argument, stressing that the personalization of access to online information (p. 127)
promotes the emerging personal informational ecosystems that undermine the emergence
and fostering of democracy and pluralism.31
The combination of personalization of information with artificial intelligence (AI)-based

profiling and nudging techniques has made the risks highlighted by Pariser and Sunstein
ibility and influencing power:
also exert its influencing power beyond our wishes or understanding, undermining
Page 4 of 19

our control on the environment, societies, and ultimately on our choices, projects,
identities, and lives. The improper design and use of invisible AI may threaten our
fragile, and yet constitutive, ability to determine our own lives and identities and
keep our choices open.32
AI may empower OSPs to do more things, from preventing suicide33
ernance and defining the moral responsibilities of OSPs are necessary steps for ensuring
that possible misuses34 of AI, alongside the other services that OSPs offer, will not trump
the proper uses of this technology.
2.
net Censorship
In a commentary, Vinton Cerf touched directly on the role of OSPs in preventing harmful
uses of the web, stating that:
right to expect freedom (or at least protection) from harm in the virtual world of
the Internet. The opportunity and challenge that lies ahead is how Internet Actors
will work together not only to do no harm, but to increase freedom from harm.35
tion of harmful material may be desirable. However, this also raises further problems
(p. 128)
vidual rights, such as freedom of speech and information.36
information is problematic. While OSPs should be held responsible for respecting it, it
should not be their duty to define arbitrarily and independently the balance and decide,
tion of the judging power and poses issues of transparency and accountability.37 Consider,
38
with respect to the decision of the
Court of Justice of the European Union on the right to be forgotten.39 To avoid that risk, it
is crucial to separate the responsibilities of OSPs from the duties and authority of the
with respect to human rights.
At the moment, however, the debate focuses on whether OSPs have any responsibilities
with respect to human rights. The discussion was reignited in late 2018 when it became
clear that Google was considering entering into the Chinese market again,40 and before
Page 5 of 19

as a human right. This right calls on states to promote and foster access to the internet
and to ensure that the rights to freedom of expression and information, as presented in
Article 19 of the Universal Declaration of Human Rights, would be upheld online as well
as offline.41 In the same vein, a report released by the UN in 2011 stressed that:
(p. 129)
man rights, combating inequality, and accelerating development and human

progress, ensuring universal access to the Internet should be a priority for all
States.42
Some authors, such as Chen,43 have argued that OSPs, and in particular social networks,
ity of their role on the web and of their knowledge of the actions undertaken by other
agents, for example governmental actors, in the network.
At the same time, both the Universal Declaration of Human Rights and the Resolution on
sible for respecting and fostering human rights.44 This problem not only concerns OSPs;
it also involves several other private actors, especially those working in the international
market,45 making this issue a central topic in the literature on business ethics. Consider,
for example, the case of human rights violation reported by Human Rights Watch which
46
Santoro47 and Brenkert48 stress the need to consider the context in which companies act
sess the moral responsibilities of multinational companies complying with the requests of
an authoritarian state. According to that theory, the responsibilities for respecting and
ny. In particular, Santoro poses two conditions for evaluating the capabilities of private
companies and ascribing responsibilities: (1) it has to be able to make the difference, that
is, change local government policies; and (2) it has to be able to withstand the losses and
damages that may follow from diverting from local government directions and laws.
(p. 130)
rights, as they can be used to support both sides of the argument. For example, major
OSPs may have the means to effect change and they could withstand the consequences of
point, stating that:
49
Page 6 of 19

At the same time, however, condition (1) offers a justification for any private company
ing or complying with a local government directive. Condition (2) is at best too generic,
since it justifies breaches of (possibly any) human rights when respecting them would
Other scholars support a different view and hold private actors morally responsible for
protecting and fostering human rights.50 The Preamble to the Universal Declaration of
Human Rights is often mentioned to support this point. It states that:
every individual and every organ of society, keeping this Declaration constantly in
mind, shall strive by teaching and education to promote respect for these rights
51
The responsibility of all members of societies to promote human rights is mentioned and
further elaborated in the Declaration of Human Duties and Responsibilities (the so-called
Valencia Declaration),52 which focuses on the moral duties and legal responsibilities of
the members of the global community to observe and promote respect for human rights
vate companies are also expressly mentioned as responsible for promoting and securing
the human rights set out in the Universal Declaration of Human Rights and in (p. 131) the
Preamble to the UN Norms on the Responsibilities of Transnational Corporations and
Other Business Enterprises.53
One of the cases about the moral responsibilities of OSPs and respect of human rights
(freedom of speech in particular) that has been most debated in the relevant literature
concerns compliance by some OSPs, such as Google, Microsoft, and Yahoo!, with requests
sponded in different ways. Some, like Google (in 2010) and Yahoo! (in 2015), decided not
to comply with the requests and withdrew from the Chinese market. Others refer to the
so-called consequentialist argument to justify their business in China or in a context in
which human rights are under a sharp devaluative pressure.54
The argument was first used by Google to support its initial compliance with the Chinese
I believe we have a responsibility to the millions of people in these countries who
Page 7 of 19

voices would be muted, and whatever content the government believed was illegal
would be blocked anyway.55
Those who maintain that private companies ought to comply with human rights, because
ment.
fect, especially when those rights are of the most fundamental sort.56
57
(p. 132)
[t]his would occur when a business follows laws or regulations of a government to

act in ways that support its activities that intentionally and significantly violate
58
The notion rests on the idea of permissible moral compromise. This is the compromise
that agents make with themselves to forgo or even violate some of their moral principles
sorship face conflicting responsibilities towards different stakeholders, not just users but
also local employees and shareholders. For that reason, those OSPs may be justified in
ment of more important objectives.
whether an OSP may be in a position to violate its moral principles or universal rights.
fied in such cases.
sessment of the moral responsibilities of a company depends on the scope of the context
being considered. If one focuses on the immediate context, for example a specific country
en in consideration, for example the global reputation of the company and the impact that
Page 8 of 19

man rights.
ble to their employees and shareholders.59 This is a point highlighted, for example, in the
report of the Special Rapporteur on freedom of expression to the Human Rights Council,
David Kaye, who stressed that:
(p. 133)
ment and implementation of transparent human rights assessment procedures.

They should develop and implement policies that take into account their potential
impact on human rights.60
At the same time, the specification of the responsibilities of OSPs requires contextualizing
the role of OSPs within the broader changes brought about by the information revolution
and the role that they play in mature information societies.61 This will be the task of the
next section.
3.
tion Societies
Floridi defines mature information societies as societies whose members have developed
an unreflective and implicit expectation to be able to rely on information technologies to
perform tasks and to interact with each other and with the environment.62 Over the past
two decades, we have witnessed a growing reliance on these technologies for developing
a number of tasks, ranging from individual daily practices to matters relating to public
gence, we have started to rely on computing technology to take sensitive decisions,

rather than just performing tasks ranging from medical diagnosis to the administration of
justice.63 As the main designers and developers of information technologies, OSPs play a
central role in mature information societies. Some contributions to the literature identify
this role as information gatekeeping.64
frastructure that are crucial for societies.65 The notion of gatekeepers has been studied in
business ethics, social sciences, and legal and communication studies since the 1940s.
For example, in 1947 Lewin famously described mothers and wives as gatekeepers, as
they were the ones deciding and managing the access and consumption of food for their
families.
(p. 134)
Page 9 of 19

(a) controls access to information, and acts as an inhibitor by limiting access to or

restricting the scope of information; and (b) acts as an innovator, communication
channel, link, intermediary, helper, adapter, opinion leader, broker, and
facilitator.66
tory function. The private nature of gatekeepers, along with the responsibilities entailed
sponsibilities.67
In our societies, OSPs would be information gatekeepers as they control access to and
flows of data and information.68 As gatekeepers, OSPs exercise a regulatory function69
which entails moral responsibilities towards the public good. Framing the discussion of
role, and explains the expectations that users and regulators have with respect to their
behaviour.
quired in our societies and hence the responsibilities that they bear. OSPs increasingly
play a more central role in public and policy debate, working to influence national politics
and international relations.70 In this respect, they differ quite radically from other
transnational corporations.71 Broders and Taylor argue that OSPs behave as political
agents and thus they should bear corporate political responsibilities:
OSPs exercise power over their users and are a counter power to state power in
72
of OSPs in the international arena and disregards their central role as designers of the
(p. 135)
tion revolution.73 The blurring of the line dividing real and virtual is one of those changes.
This blurring has been noted and analysed by social scientists74 and psychologists,75 as
well as by philosophers.76 Before the information revolution, being real was tantamount
to (coupled with) being tangible, perceivable, and physical in the Newtonian sense. The
information revolution decoupled real and tangible and coupled real and virtual. Reality
in the information age includes virtual entities and environments along with tangible
77
(physical) ones, making
Think, for example, of the way in which Alice and her grandfather Bob enjoy their music:
Bob may still own a collection of his favourite vinyl, while Alice simply logs on to her
favourite streaming service (she does not even own the files on her computer). E-books,
movies, and pictures all serve as good examples of the case in point. This decoupling and
Page 10 of 19

recoupling process has widened the range of what we consider real and has also blurred
the very distinction between online and offline environments. As Floridi put it:
eties.78
One difference still stands, though; that is, that online environment is designed, shaped,
and developed by humans more than the physical one and tech companies, including
OSPs, often lead this process. The services that enable our access to, and which shape
keepers or political actors. For, through their services, they shape our affordances. They
contribute to inform the space of opportunities in which individuals and societies can
act with each other and with the environment.
As leading designers of online environments, OSPs make decisions that impact private
and public lives, social welfare, and individual well-being. For this reason, (p. 136) OSPs
play a civic
ties with respect to the way they conduct their business. These responsibilities require
OSPs to consider the impact of their services and business models on the societies in
which they operate and to take into account potential ethical benefits and risks. Ethical
considerations need to become a constitutive part of their design process and business
models. OSPs can discharge this civic responsibility by ensuring that:
Social acceptability or, even better, social preferability

ples for any [digital innovation] project with even a remote impact on human life,
to ensure that opportunities will not be missed.79
OSPs face. Human rights and other principles80 offer guidance as to what fundamental
sion-makers) need to develop appropriate analyses to consider opportunities to harness

ethical risks or to avoid or mitigate them. The civic role of OSPs requires them to develop
nance of their services.
Page 11 of 19

4. Conclusion: The Duty of Ethical Governance

Ethical governance of the digital should not be confused with the legal regulations in
place to shape the design and use of digital technologies, nor is this something that
erodes the space of legal compliance. Floridi distinguishes between hard ethics and soft
ethics.81 If hard ethics is what enables us to shape fair laws or to challenge unfair ones,
soft ethics goes over and above legal compliance. In some corners of the world, where
(p. 137) laws respect and foster fundamental values, the governance of the digital is a
matter of soft ethics. As he put it:
[C]ompliance is necessary but insufficient to steer society in the right direction.

Because digital regulation indicates what the legal and illegal moves in the game
are, so to speak, but it says nothing about what the good and best moves could be
82
At least when operating in open and democratic societies, the responsibilities of OSPs
pertain to the ethical governance of the digital and soft ethics is essential to discharge
them. OSPs need to embed ethical83 considerations in the design and development of
quences, and seize the cost of missed opportunities.84

sight analyses,85 which will offer a step-by-step evaluation of the impact of practices or
gies.
This will bring a dual advantage. As an opportunity strategy, foresight methodologies can
ceptable. This will lower the opportunity costs of choices not made or options not seized
for lack of clarity or fear of backlash. Ethical governance of the digital is a complex, but
necessary, task. The alternative may lead to devaluation of individual rights and social
values, rejection of OSPs, and missing the opportunities that digital technologies bring to
the benefit of societies.
Notes:
(1
http://
link.springer.com/10.1007/s11948-015-9734-1>.
(2
Page 12 of 19

(3
(2006) <http://papers.ssrn.com/abstract=222009
(4
(5
Ethics 1.
(6) See Eli Pariser, The Filter Bubble: What The Internet Is Hiding From You (Penguin
2012); Cass R. Sunstein, Republic.Com
1.
(7
and Luciano Floridi (eds), The Responsibilities of Online Service Providers (Springer
(8) For a more extensive analysis of the debate on the moral responsibilities of OSPs, see
Taddeo and Floridi (n. 1).
(9
Media Performance: Mass Communication and the Public Interest (Sage 1992) 47.
(10) McQuail (n. 9) 47.
(11) Granka (n. 3) 365.
(12) See 2011 G8 Deauville Declaration <

sion_2010-2014/president/news/speeches-statements/pdf/deauville-g8-
declaration_en.pdf>.
(13) See Floridi (n. 6).
(14) See Nicholas Negroponte, Being Digital (new edn, Coronet Books 1996).
(15) See Introna and Nissenbaum (n. 3).
(16) Other relevant contributions on the diversity of the sources and information available
ies, law, and public policy. The interested reader may find useful the following articles:
Page 13 of 19

ternational Conference on Very Large Databases
per no. 888327 (2006) <http://papers.ssrn.com/abstract=888327
Michael Zimmer (eds), Web Search
http://eprints.rclis.org/
17232/>.
(17) See Introna and Nissenbaum (n. 3).
(18) See Bernardo Huberman,

tion (MIT Press 2003).
(19
World 30.
(20) See Granka (n. 3).
(21) ibid. 365.
(22
(23
(24
Online Deliberation:
Design, Research and Practice
Spink and Zimmer (n. 16).
(25) Goldman (n. 22).
(26
racy 63.
Page 14 of 19

(27) Concern for the implication that filtering of information may have for participative
democracy and the nature of the web have also been expressed in Lawrence Lessig,
Code: And Other Laws of Cyberspace (Basic Books 1999).
(28) Sunstein (n. 6) 131.
(29) Negroponte (n. 15).
(30) Pariser (n. 6).
(31) ibid.
(32
361 Science 751, 752.
(33
(34
chines 689.
(35) Cerf (n. 5) 465.
(36) Internet censorship and freedom of speech have also been at the centre of a debate
focusing on the balance between individual rights and state power. The topic does not fall
(37
Sale of Goods: Lessons for the Internet from OECD and CISG and Sacking Google as the
(38 Telegraph,
14 July 2014) <http://www.telegraph.co.uk/technology/google/10967211/Google-is-the-
judge-and-jury-in-the-right- to-be-forgotten.html>.
(39
Philadelphia Enquirer, 2015) <http://articles.philly.com/2012-03-05/news/
31124410_1_new-privacy-policy-facebook-search-terms
Perspectives Quarterly 24.
(40
Page 15 of 19

Bloomberg, 8 November 2018) <https://www.bloomberg.com/news/

features/2018-11-08/google-never-stopped-trying-to-go-to-china>.
(41
(42
<http://www2.ohchr.org/english/bodies/hrcouncil/docs/17session/A.HRC.17.27_en.pdf>.
(43
(44
(45) See Geraint Anderson, Just Business (Headline 2012).
(46) See Human Right Watch, The Enron Corporation: Corporate Complicity in Human
Rights Violations (Human Rights Watch 1999) <http://www.hrw.org/reports/1999/enron>.
(47) See Santoro (n. 19).
(48
Business Ethics 453; Santoro (n. 19).
(49) Mark Zuckerberg (Facebook, 16 March 2015) <https://m.facebook.com/story.php?

story_fbid=10101974380267911&id=4&p=30>.
(50
(eds), The Oxford Handbook of Business Ethics (OUP 2010); Wettstein (n. 41).
(51) Universal Declaration of Human Rights (adopted 10 December 1948) UNGA Res 217
A(III) (UDHR) Preamble.
(52) Declaration of Human Duties and Responsibilities (1998) (DHDR).
(53) The document was approved on 13 August 2003 by the UN Sub-Commission on the
Promotion and Protection of Human Rights. See UN Norms on the Responsibilities of
Transnational Corporations and Other Business Enterprises (2003) E/CN.4/Sub2/2003/12/
Rev2 <
ness-human-rights-explanatory-materials>.
Page 16 of 19

(54
Bonaventure (eds), Traffic Monitoring and Analysis (Springer 2015).
(55) Zuckerberg (n. 49).
(56) Thomas Donaldson, The Ethics of International Business (OUP 1992) 68.
(57
Business Ethics 219.
(58
Business Ethics 453, 459.
(59
(60
<http://www.ohchr.org/EN/Issues/FreedomOpinion/Pages/
Privatesectorinthedigitalage.aspx>.
(61
Philosophy & Technology 1.
(62) ibid. 1.
(63
Propublica, 2016) <https://www.propublica.org/article/how-

we-analyzed-the-compas-recidivism-algorithm
Grand Challenges of Science Robotics
(64) See Taddeo and Floridi (n. 7).
(65
(66
tion Science and Tech (ARIST) 111.
(67
http://
papers.ssrn.com/abstract=165988
rent Legal Problems 103.
Page 17 of 19

(68) See Craig J. Calhoun (ed.), Dictionary of the Social Sciences (OUP 2002); Andrew
Shapiro, The Control Revolution: How the Internet Is Putting Individuals in Charge and
Changing the World We Know
(69) Metoyer-Duran (n. 66) 111.
(70) See Broeders and Taylor (n. 7).
(71
a Globalized World: A Review of a New Perspective on CSR and Its Implications for the
(72) See Broeders and Taylor (n. 7) 322.
(73) See Luciano Floridi, The Fourth Revolution, How the Infosphere Is Reshaping Human
Reality (OUP 2014).
(74) See Monroe E. Price, Media and Sovereignty: The Global Information Revolution and
Its Challenge to State Power (MIT Press 2002).
(75) See Uwe Hasebrink,
2009)] (EU Kids Online 2008) <http://www.eukidsonline.net/>.
(76) See Diana Coole and others, New Materialisms: Ontology, Agency, and Politics (Duke
(77) See Luciano Floridi, Ethics of Information (OUP 2013).
(78) Luciano Floridi,

(Springer 2014) 61.
(79
(80
3198732 (2018) <https://papers.ssrn.com/abstract=3198732>.
(81
& Technology 1.
(82) ibid. 4.
Page 18 of 19

(83
ing Sciences <https://doi.org/10.1098/rsta.2016.0360>.
(84
(85) Floridi (n. 84).
Mariarosaria Taddeo
Mariarosaria Taddeo is a Researcher Fellow at the Oxford Internet Institute and

Deputy Director of the Digital Ethics Lab. Email: mariarosaria.taddeo@oii.ox.ac.uk.
Page 19 of 19

Empirical Approaches to Intermediary Liability

Kristofer Erickson Martin Kretschmer
termediaries and, a fortiori

ply for the wider issue of platform regulation? This chapter evaluates the performance of
so-called intermediary liability safe harbours, which have been operating for almost two
decades in multiple jurisdictions. The chapter also tackles the problem of transparency of
ity during the twenty-year period from 1998 to 2018, drawing on the Copyright Evidence
Wiki
survey of this body of research, the chapter identifies and discusses five key sub-fields of
tices; the potential for over-enforcement or abuse; transparency of the takedown process;
and the costs of enforcement borne by different parties. Finally, the chapter identifies
some of the gaps and limitations in this existing body of scholarship, and offers a number
of recommendations for future research.
Keywords: intermediary liability, empirical evidence, Copyright Evidence Wiki, safe harbours, takedown request,
takedown notice, over-enforcement, transparency, costs
LEGAL
bilities of online intermediaries. Our co-contributors to this Handbook have identified a
wide range of contested issues, from due process to costs to extraterritorial matters. This
chapter considers what empirical evidence may contribute to these debates. What do we
need to know in order to frame the liability of intermediaries and, a fortiori, what does
lation?
While the liability of online intermediaries first surfaced as a technical issue with the
emergence of internet service providers (ISPs) during the 1990s, recently the focus has
shifted to the dominance of a handful of global internet giants that structure everything
Page 1 of 21

ing to child protection, security, or fake news).
The allocation of liability in this context becomes a key policy tool. But we know very little
crecy about the rules under which platforms operate internally. As online users, we are
governed by processes and algorithms that are hidden from us. If the rules are the result
selves may not fully understand why decisions are made. Still, platforms see their rules of
decision-making as key to their competitive advantage as firms. We live in what has been
1
So how can we as researchers open the box to let in some empirical air? There is
(p. 105)
a global trend towards increased reporting requirements for platforms. Most prominently,
with at least two million registered users in Germany to remove obviously illegal content
within twenty-four hours of notification.2 There are obligations to report every six months
ceived a total of 1,704 takedown requests and removed 362 posts (21.2 per cent), Google
(YouTube) received 214,827 takedown requests and removed 58,297 posts (27.1 per
cent), and Twitter received 264,818 requests and removed 28,645 (10.8 per cent). These
are much lower numbers than were expected.3
There are also a number of antitrust inquiries that have extracted sensitive data from
competition law.4
forms inquiry is considering the establishment of a new platform regulator with wide-
ranging information-gathering and investigative powers. The regulator would monitor
trolling whether they are engaging in discriminatory conduct, for example by predatory
cally integrated businesses.5
new regulatory regimes, and a new framework for online intermediary liability, have been
selected. We appear to be in the midst of a paradigm shift in intermediary (p. 106) liability,
moving from an obligation to act once knowledge is obtained to an obligation to prevent
ing,6
Page 2 of 21

their users.7
This chapter evaluates what we already know after almost two decades of operation of
one liability regime: the so-called safe harbour introduced in the United States by the
Digital Millennium Copyright Act (DMCA), and in a related form in EU Member States
with the e-Commerce Directive.8
tion 512 of the US Copyright Act (as amended by the DMCA 1998). Section 512 specifies
right owners to remove material. Rightholders who wish to have content removed must
half of the owner of an exclusive right that is allegedly infringed. The practice is known as
instatement.
Under the EU Directive on Electronic Commerce (2000/31/EC), hosts of content uploaded

by users will be liable only on obtaining knowledge of the content and its illegality. The
mation, not only copyright materials. But unlike the DMCA, the e-Commerce Directive
does not regulate the procedure for receiving the necessary knowledge. This is left to the
9
digm for organizing liability of online intermediaries. This is for at least two reasons: (1)
jurisdictions that do not have safe harbour laws;10 (2) copyright liability affects a far
wider range of user practices than, for example, defamation, obscenity, and other
(p. 107)
forms of illegal use. So, the lessons from the operation of the notice and takedown regime
location, and freedom of expression.
ty during the twenty-year period from 1998 (the year that the DMCA was passed) to
pers drawn from the Copyright Evidence Wiki

11
wards in time among those articles to identify further published research. The sample is
ments.
Page 3 of 21

Based on our survey of this body of research, we identify five key sub-fields of empirical
inquiry pursued so far. These relate to: the volume of takedown requests, the accuracy of
notices, the potential for over-enforcement or abuse, transparency of the takedown
process, and the costs of enforcement borne by different parties (see Table 5.1). Each of
(p. 108) these areas are discussed in further detail in the remainder of the chapter. We
ship on intermediary liability for copyright, and offer some recommendations for future
research.
Table 5.1 Thematic foci of empirical research on notice and takedown

and key studies
Policy issue Key studies
Volume of use
of notice and is and Urban (2015); Cotropia and Gibson (2016);
takedown Strzelecki (2019)
Urban and Quilter (2006); Seng (2015); Bar-Ziv

tices and Elkin-Koren (2017); Urban, Karaganis, and
Schofield (2017)
Ahlert and others (2004); Nas (2004); Urban,

ment/abuse Karaganis, and Schofield (2017); Bar-Ziv and
Elkin-Koren (2017); Erickson and Kretschmer
(2018); Jacques and others (2018)
Transparency/ Seng (2014); Perel and Elkin-Koren (2017); Fiala

due process and Husovec (2018)
vation/costs ban, Karaganis and Schofield (2017)
1. Volume of Notices
ceived 734 notices between March 2002 (when the Chilling Effects12 database started
collecting Google reports) and August 2005, the cut-off date of their study.13 The majority
sion in the quantity of DMCA section 512 notices sent by rightholders to online service
ately after the introduction of the DMCA and e-Commerce Directive; rather, this uptake
Page 4 of 21

took nearly a decade and accelerated from 2010 onwards.14

tions for this increase, ranging from rightholder frustration following rejection of the Stop
Online Piracy Act (SOPA),15 to new technical affordances introduced by Google to receive
down processes can, at the very least, be considered successful in terms of uptake and
aries viewed as important for commercial innovation.16 However, the volume of notices
may also produce challenges for OSPs in terms of cost of compliance, with implications
for other thematic areas such as due process. Several empirical studies have examined
these issues in significant detail.17
A 2014 study by Seng used data obtained from the Chilling Effects repository and from
vices which report to the database. The dataset consisted of 501,286 notices and some
(p. 109) 56,991,045 individual takedown requests.18 The dataset covered the period from
2001 to 2012 including the period of significant increase in volume. Seng notes that the
increase not only affected Google, but other OSPs as well, lending support to his view
that legislation was key to explaining the increase. For example, Twitter submitted less
lowing year in 2011, and more than 6,000 in 2012.19
Seng found that a large majority of notices were sent by industry associations, collecting
societies, and third party enforcement agencies. The British Phonographic Industry (BPI)
was the top issuer of notices in the study, with 191,790 notices sent, or 38 per cent of the
total sample. Agents such as Degban and WebSheriff also made up a significant portion of
the total volume of notices sent.20 The music industry accounted for the largest share of
total notices sent, by sector, with nearly 60 per cent of the total notices.
Seng observed an increasing concentration among the top issuers of notices over time.
The top 50 issuers accounted for 23.9 per cent of notices in 2010, but reached 74.7 per
cent of notices in the dataset for the year 2012.21
ganizations, such as BPI and RIAA, generated the bulk of notices, skewing the average.
Most providers identified in the dataset issued only one notice. Industry organizations
and enforcement agents also crammed more claims and requests (sometimes numbering
in the thousands) into each notice, while individual claimants tended to include fewer
claims and requests together in the same notice.
cial institutions such as universities and academic libraries. Both groups receive fewer
takedown requests than commercial internet companies, but empirical studies show
changing practices over time and concern about possible volume increases in future.
ties in the United States.22 They sent the survey to 680 institutions that had a DMCA
agent registered with the US Copyright Office. The presence of registered DMCA agents
was skewed towards large, higher ranked institutions. Among the 532 institutions that
Page 5 of 21

sponse rate of approximately 15 per cent (or 80 responses).23 The average number of
takedown requests received per institution was 200 (std deviation 329.35). The majority
quests, but most institutions (62 per cent) reported spending 50 hours or less.24
jority of DMCA notices received (67.6 per cent) related to cases in which students used
(p. 110) networks to download copyright infringing material onto personal
computers (falling under the transitory communications safe harbour under section
512(a)).25
ban and co-authors.26

work logins, port banning/firewalls, packet shaping, bandwidth throttling, and monitoring
duced the number of DMCA notices received.27
The findings were limited by the low response rate and the potential for response bias
ta offer original and unique insight into the sophistication of legal representatives within
tions have developed to confront these challenges.
2. Accuracy of Notices
One important focus for empirical investigation has been the accuracy of notices received
moving actually infringing content. Since the volume of takedown requests being sent has
increased substantially, the problem of accuracy is potentially amplified. Directly studying
accuracy of notices is challenging without access to the notices themselves and, ideally,
the targeted work. The Chilling Effects (now Lumen) database has been used extensively
as a source of data for empirical research on accuracy.28
One finding consistent across studies is that a small number of issuers are responsible for
quences for accuracy of notices. Bar-Ziv and Elkin-Koren found that 65 per cent of their
sample of takedown notices were sent by a single entity,29
down notices in their separately collected sample.30 The concentration of issuers appears
Page 6 of 21

gence of third party services which aggregate and work on behalf of rightholders. In fact,
only 1 per cent of the copyright notices analysed by Bar-Ziv and Elkin-Koren were filed by
private individuals, while 82 per cent of the requests were filed by third party (p. 111)
forcement services.31
ing the number of steps between actual rightholders and recipients of takedown notices
may contribute to a greater number of inaccuracies observed in bulk requests sent by
32
In his 2015 study of notice accuracy, Seng observed some improvements in accuracy
rates since earlier studies, but worrying issues related to the substantive content of
claims remained. He analysed 501,286 notices for the presence or absence of formalities
ment of authorization to act on behalf of a copyright owner. Seng found an extremely low
quantity of errors among the notices analysed, decreasing over time: the error rate for
formalities measured in 2012 was less than 0.1 per cent.33 This can be explained by
complete fields and provides instructions on how to complete them before sending.
itself. In order to do this, he collected notices where the name of the copyright owner had
imate. He identified three specific cases in which an employee of a company (rather than
the copyright owner herself) was erroneously identified in the request. Since individual
notices can contain thousands of requests, these three systematic errors amounted to a
total of 380,379 takedown requests, of which Google complied with over 90 per cent.34 As
magnitude, frequency and systematic nature of
these errors, which remained undetected and uncorrected for months on end. While we
35
Seng reports that his findings represent a
lower bound in the error rate, since he was unable to test accuracy in other ways, such as
by observing removed content directly. Direct observation is rendered difficult by the
swiftness with which requests are processed and content taken down.
Overall, it appears on one hand that accuracy has been improved via automated systems,
tured web forms, clear instructions, and negative consequences (revoked membership in
36
ly tied to rightholders, can introduce and amplify errors affecting significant quantities of
works.
Page 7 of 21

(p. 112) 3. Over-Enforcement and Abuse

Over-enforcement occurs when non-infringing material is removed, for example because
the content has been erroneously identified (e.g. a false positive), or because either the
sender or receiver of a notice has not sufficiently considered exceptions such as fair use.
ence of both infringing and non-infringing uses on the same platform, and the high legal
37
In the first major qualitative study of notice and takedown, Urban, Karaganis, and
Schofield assessed the potential for over-enforcement by interviewing twenty-nine OSPs
music hosting services, search providers, file storage services, e-commerce sites, web
38
Data were
cedures were taken seriously by both OSPs and rightholders. OSP respondents stated
viding a stable framework for managing liability. On the other hand, some OSPs claimed
that the fear of liability might lead them to over-enforce, as they struggled to decide what
to do about inaccurate or invalid takedown requests.
quests from single rightholders and dealt with them using human review.39 However,
some service providers received massive amounts of takedown notices (more than 10,000
40
quests, and made these tools available to rightholders. These OSPs were not always able
ther steps to limit the upload of content that might trigger notices, at the same time as it
offered more direct automated tools to rightholders to manage the detection and removal
of potentially infringing content.41 Like the second group, these providers were unable to
conduct human review of all requests, leading to issues of transparency, accuracy, and
over-enforcement.
cus for research has been protection of legitimate reuse of material, such as provided
(p. 113) by fair use in the United States, and by specific copyright exceptions in the UK
ingly strong incentives for platforms to over-comply with requests, there is potential that
limitations and exceptions to copyright could be eroded in this system.
In one study of copyright exceptions, Erickson and Kretschmer longitudinally examined a

dataset of user-generated parody videos hosted on YouTube, recording at yearly intervals
Page 8 of 21

whether the videos had been taken down.42 The research was conducted in collaboration
ered a dataset of 1,839 videos between 2011 and 2016. The overall takedown rate across
downs attributable to copyright requests.43 Parodies varied in terms of uploader skill,
cal works varied in terms of genre, territory, size of publisher, and commercial success. A
dy would be taken down. The findings showed that parodist technical skill and production
values were significant in reducing the odds of a takedown. More popular parodies with
more views also had lower odds of being removed.44
Rightholder behaviour varied significantly by music genre: rock music rightholders were
significantly more tolerant of parodies than hip-hop and pop music rightholders.45 The
significance of borrowed sound recordings in predicting a takedown, while controlling for
other aspects, suggests that algorithmic detection techniques such as Content ID are
shaping rightholder behaviour. The availability of a parody exception to copyright in the
ing from the United States were significantly more tolerant of parodies than their UK
counterparts.
In a related study, Jacques and others found that the diversity of content is potentially
harmed by automated takedown. Using the same dataset of 1,839 parodies, the authors
checked to see whether music video parodies had been manually removed or blocked via
the Content ID automated system. Differences in the way that YouTube informs would-be
viewers of these missing videos allowed the researchers to distinguish between regular
takedowns and Content ID blocking.46 The researchers attributed 32.1 per cent of the
down.47
(p. 114)
sured in terms of what viewers actually choose to watch.48 They used the Simpson Index
centration of availability of certain expressions, before and after takedowns are detected.
pop songs and specific parodies. This finding mirrors other research on the concentration
49
Interestingly, the authors find that the
application of automated takedown also reduces the effective number of parties in the
curred.50 However, the effect of automated content blocking on diversity is overwhelmed
Page 9 of 21

by the built-in lack of diversity in demand (which occurs due to algorithmic sorting and
tent ID] removes the most popular parody, would the next most popular simply replace it,
51
sibility is that malicious actors could use the copyright claims to remove content they find
politically disagreeable, or for other arbitrary reasons unrelated to copyright. In one pair
fore acting. These studies each created simulated web pages containing non-infringing
content, and then sent notices to ISPs asking for it to be removed.52
On Liberty, while the experiment by Sjoera Nas

used a work by Eduard Douwes Dekker dating from 1871. The researchers sent takedown
In the two cases tested by Ahlert and others (one UK and one US ISP), the UK web host
acted immediately to block the test web page, while the US ISP appeared willing to take
action, but asked the researchers for further information before removing the content.
(p. 115)
mation contained in the takedown notice was accurate.53 The researchers decided not to
periment using web pages created on ten Dutch ISPs. Of those, seven removed or blocked
the web page containing public domain material by Dekker, sometimes before notifying
the owner of the website. A further two ISPs ignored the requests, while one ISP refused
to take the material down because it correctly determined it to be in the public domain.
a
54
are limited in certain important respects.
Employees of the targeted ISPs, having various levels of subject-area expertise, could not
be expected to consistently identify a literary text in the public domain, even a well-
known one. Because they targeted a limited number of ISPs using a controlled scenario,
down mechanisms, which would considerably extend the usefulness of this research.
However, both studies suggest that placing legal requirements on notice issuers (e.g.
Page 10 of 21

4. Due Process and Transparency

Procedural justice, in particular relating to the interests of users, is an issue that surfaces
in a number of chapters in this Handbook.55 This has also been investigated empirically in
relation to notice and takedown.
moval of content and under-use of the counter-notification mechanism among users.56
idence, [notice and takedown] leads to many false positives due to over-notification by
57
To investigate the causes of under-use of counter-notification, the
authors designed a laboratory experiment to model the relationship between service
providers (platforms) and content creators. In the experiment, players were given the
task of evaluating whether or not a maze had a valid solution, in a 15-second time limit.
This was intended to simulate the real-world decision by platform providers about
whether to comply with a takedown request. Creators were given more time to study the
maze, simulating their familiarity with their own work. A subsequent round allowed the
condition simulated a hypothetical dispute-resolution process in which creators

(p. 116)
were given more power and financial incentive to dispute incorrect decisions by
providers. The authors ran the experiment with eighty subjects drawn from university
students in the Netherlands, and used real payouts.
The researchers found that unlike the baseline condition in which providers tended to
tion for creators overall.58
downs from 35 per cent to 19 per cent.59
Another problem for transparency in the notice and takedown process is the presence of
dictable as they adapt to changing conditions over time. As Perel and Elkin-Koren write,
mains a black box. It is unknown what decisions are made, how they are made, and what
60
Page 11 of 21

system react to various inputs. The authors did this by gathering data on the behaviour of
ing at the moment of upload, to receipt and handling of takedown notices, to the removal
of content and notification of the uploader. To accomplish this, they uploaded and tracked
searchers obtained ethical approval for the study from their university ethics committee,
periment. They found that 25 per cent of video-sharing websites and 10 per cent of the
image-sharing websites tested in Israel made use of some ex ante filtering technology at
the point of upload.61
tent on receipt of a notice, while only 12.5 per cent of the image-sharing websites did so.
After removing content, all of the video-sharing websites tested did notify the uploader
about the removal, while only 11 per cent of the image websites did so.62
The wide variation in practices between online platforms suggests problems with
(p. 117)
procedural justice in the Israeli setting observed by the researchers. They also noted the
cedures.63
termediaries may often need to overcome different contractual barriers imposed by the
64
searchers about how they process and handle takedown requests, probably because they
are wary of increased scrutiny from rightholders and regulators, or because the technical
filtering mechanisms are a source of competitive advantage. In fact, none of the studies
reviewed in this chapter obtained data with the cooperation of private companies, other
than those made available via the Chilling Effects/Lumen database, or independently
through experimentation such as by Perel and Elkin-Koren.
5. Balancing of Responsibilities and Costs
quest takedown of infringing material, recent policy discussions have brought focus to re-
moval).65 Legislation adopted in Europe in 2019 would add a licensing obligation that
may lead service providers to filter content at the point of upload.66
portant empirical question relates to understanding how costs of enforcement have been
Page 12 of 21

distributed so far, and what the effects of rebalancing those costs may be for internet
companies, rightholders, and users.
In a study of the market for out-of-commerce musical works, Heald proposed that notice
and takedown regimes, in tandem with automatic detection systems, may create a market
for previously unavailable works.67 The labour of digitizing, uploading, and disseminating
the work is borne by the uploader, while the rightholder, once notified, (p. 118)
ply select to monetize the work and collect advertising revenue from it. Heald examined a
dataset consisting of ninety songs which reached number one on the pop music charts in
Brazil, France, and the United States between 1930 and 1960, and an additional set of
385 songs dating from 1919 to 1926 (which should be out of copyright in the United
States).68
ed States were monetized by a rightholder, with a lower rate of monetization in France
(62 per cent) and Brazil (39 per cent).69
tized, while older uploads, particularly those with a higher number of views, were more
likely monetized.70 Similarly to findings by Erickson and Kretschmer, Heald found that
uploader creative practices were important in determining rightholder response. Videos
consisting of straight recordings were more likely to be monetized by rightholders than
amateur creative videos or cover performances.71
ied by territory: French rightholders monetized a higher proportion of amateur videos
and a lower proportion of straight recordings.
In general, Heald found that there were similarly high rates of availability of older in-
copyright works (77 per cent had an upload on YouTube) and public domain copyright
songs from 1919 to 1926 (with 75 per cent availability on YouTube).72 This rate is high
compared to other mediums such as books, for example, where only 27 per cent of New
York Times
chase.73 The higher availability of in-copyright works on YouTube, despite the availability
of takedown to rightholders, leads Heald to conclude that the Content ID system creates
an efficient form of licensing which reduces transaction costs and enables uploaders to
communicate market demand to rightholders.
appears that the vulnerability of smaller OSPs to the costs of implementing large-scale
notice and takedown systems and adopting expensive DMCA Plus practices can police
74
Respondents cited the high costs involved, for
third party fingerprinting services such as Audible Magic which was quoted as costing up
to $25,000 per month.75 The ability of larger incumbent firms such as Google to monetize
all kinds of user-generated content via AdSense and share that revenue with rightholders
via Content ID was also seen as a competitive advantage from the perspective of smaller
OSPs. Rather than provide rightholders with the option of leaving such content on their
Page 13 of 21

tirety in response to takedown requests.
In addition to differences between large and small commercial enterprises, there

(p. 119)
are also concerns about the costs of complying with notice and takedown procedures for
non-commercial institutions. For example, Schofield and Urban analysed the effects of
DMCA and non-DMCA takedown requests on the practices of academic digital libraries.
sions, and since public repositories increasingly allow contributions from user-uploaders,
76
At the same time, libraries and
academic repositories are not typically equipped with resources to handle large volumes
of takedown requests such as those received by internet companies.
Schofield and Urban surveyed respondents about institutional practices (how libraries
dealt with notices once received, whether they forwarded to other departments, etc.), the
right). In total, eleven libraries returned surveys and an additional five interviews were
carried out.77 Since 2013, libraries had noted an increase in notices received, and some
ed that handling DMCA notices put pressure on staff time. Some libraries stated that a
lack of legal confidence and a requirement to protect their reputation added uncertainty
to their roles. Some erroneous takedown requests were reported to have been received.
stated after careful review (the article was in the public domain).78 Overall, the authors
found that librarians were more confident dealing with non-copyright removal requests.
These included concerns about privacy, sensitivity, and security. Librarians had developed
institutional norms over time to deal with these matters, but had not yet accomplished
this in the realm of digital copyright. This, combined with the high degree of scrutiny and
attention paid to evaluating DMCA notices, made institutions potentially vulnerable to an
increase in costs related to handling takedown requests.
6. Conclusion: Limitations, Gaps, and Future

Research
A number of studies reviewed here used data contained in the publicly accessible Chilling
Effects/Lumen database.79
base could skew empirical findings in the direction of a small group of intermediaries who
share their data (e.g. Google) and focus attention on particular units of observation
(p. 120) (individual notices and claims). A wider range of publicly accessible datasets on
takedown would enrich the possibilities for more diverse empirical work. As noted in this
Page 14 of 21

dled in settings such as universities and public libraries by seeking out data directly from
those organizations.
The empirical studies reviewed here also demonstrate that the study of copyright notice
and takedown is a moving target: patterns of behaviour measured by Urban and Quilter
sion in quantity and diversity of takedown requests and adoption of new practices by both
intermediaries and issuers. Even if the current legal regime remains stable, it is likely
that practices will continue to shift: new business models may emerge, and rightholders
that were once keen users of notice and takedown procedures may drop off as new users
appear. For example, the adoption of subscription-based revenue models by firms such as
Microsoft and Adobe may result in waning investment in enforcement focused on piracy
centration of takedown notices directed at Google Search and YouTube might also change
if new platforms become dominant, or if new practices of sharing potentially infringing
material emerge.
Empirical analysis of such trends is held back by a lack of access to data. As we have
revealed by experimental approaches. However, standardized and transparent automated
ulators that are tasked with overseeing new obligations and duties on platforms imposed
fore changes to the liability regime were enacted.
The current state of evidence suggests that, despite its flaws, the notice and takedown
regime is working. A significant (and after 2013, vast) number of takedown notices are
being sent by rightholders of various types, and processed expeditiously by service
abling a mechanism for rightholders to protect their copyrights, appears to be achieving

its purpose. Links to infringing materials are being pushed out of the top search results,
infringing videos are being removed from sharing websites, and institutions are removing
infringing materials hosted on their networks.
The problems, as outlined in this review, remain significant. They relate to redressing
contextual imbalances between differently situated intermediaries, holding rightholders
ing meaningful due process for users whose content is removed. These shortcomings may
be addressed through tweaking, rather than overhauling, the safe harbour regime.
gating regulatory functions (e.g. monitoring and filtering) to platforms themselves. The
machine learning, AI, and computer vision technology and their (p. 121) 30,000 human
content moderators?80
Page 15 of 21

imentation, exploring new liability rules and new powers for regulatory agencies at the
digm established two decades ago.
abling empirical assessment of changes to the liability regime. A range of regulatory
sues, or has it run its course?
Notes:

ey and Information (HUP 2015). See also Chapter 35.
(2
zung in sozialen Netzwerken, NetzDG) (Ger.), s. 3(2)(2). The obligation to remove and
munications between individuals (this is designed to exempt professional networks, sales

platforms, games, and messaging services).
(3
<https://www.ceps.eu/system/files/RR%20No2018-09_Germany%27s%20NetzDG.pdf>.
(4
Google Search (AdSense)) (20 March
2019) <http://europa.eu/rapid/press-release_IP-19-1770_en.htm>; European Commission,
Google Android) (18 July 2018) <http://europa.eu/rapid/press-

release_IP-18-4581_en.htm
Google Search (Shopping)) (27 June

2017) <http://europa.eu/rapid/press-release_IP-17-1784_en.htm>.
(5
quiry (intermediary report, published 10 December 2018) <
cus-areas/inquiries/digital-platforms-inquiry/preliminary-report
forms. See Department for Digital, Culture, Media & Sport and Home Department, Online
Harm (White Paper, Cp 59, 2019) <https://www.gov.uk/government/consultations/online-
harms-white-paper/online-harms-white-paper-executive-summary--2>.
Page 16 of 21

(6
merce Directive and the case law of the Court of Justice of the European Union (CJEU).
See also Chapter 28.
(7) See Directive 2019/790/EU of the European Parliament and the Council of 17 April
(8) See Digital Millennium Copyright Act, Pub. L. no. 105-304, 112 Stat. 2860; Directive
2000/31/EC of the European Parliament and the Council of 17 July 2000 on certain legal
aspects of information society services, in particular electronic commerce, in the Internal
Market [2000] OJ L178/1.
(9) cf. Chapter 27.
(10
ties, regardless of whether the country in which the request was filed prescribed those
notices of alleged copyright infringement. The form of notice we specify in our web form
is consistent with the Digital Millennium Copyright Act (DMCA) and provides a simple
ate the process to remove content from Search results, a copyright owner who believes a
URL points to infringing content sends us a take-down notice for that allegedly infringing
material. When we receive a valid take-down notice, our teams carefully review it for
<https://transparencyreport.google.com/copyright/overview>.
(11) See Copyright Evidence Wiki

tre, University of Glasgow <http://CopyrightEvidence.org>.
(12) The Chilling Effects (now Lumen) database was founded by Wendy Seltzer in 2001
vard University. The project website <www.lumendatabase.org> collects and enables

analysis of takedown requests received by online intermediaries.
(13
ta Clara Computer and High Tech. L.J. 621.
(14
(15
https://
Page 17 of 21

(16
right Soc. 371.
(17
(18) See Seng (n. 14) 382.
(19) ibid. 444.
(20) ibid. 448.
(21) ibid. 393.
(22
Research Paper no. 2846107 (2016) <https://ssrn.com/abstract=2846107>.
(23) ibid. 4.
(24) ibid. 12.
(25) ibid. 13.
(26) See Urban, Karaganis, and Schofield (n. 16) 382.
(27) See Cotropia and Gibson (n. 22) 14.
(28) See Lumen (n. 12).
(29
(30) See Urban, Karaganis, and Schofield (n. 16) 99.
(31) See Bar-Ziv and Elkin-Koren (n. 29) 26.
(32) Seng (n. 15) 48.
(33) ibid. 19.
(34) ibid. 36
(35) ibid. 37.
(36
(37
Dame L. Rev. 319.
Page 18 of 21

(38) Urban, Karaganis, and Schofield (n. 16) 376.
(39) ibid. 379.
(40) ibid. 382.
(41
John Rothchild (ed.), Research Handbook on Electronic Commerce Law (Edward Elgar
2016).
(42
(43) ibid. 83.
(44) ibid. 86.
(45) ibid. 87.
(46
(47) ibid. 298.
(48) ibid. 292.
(49) See Matthew Hindman, The Myth of Digital Democracy (Princeton U. Press 2008).
(50) See Jacques and others (n. 46) 299.
(51) ibid. 303.
(52
<http://pcmlp.socleg.ox.ac.uk/wp-content/uploads/2014/12/liberty.pdf
https://www-old.bof.nl/docs/
researchpaperSANE.pdf>.
(53) Ahlert, Marsden, and Yung (n. 52) 21.
(54) Nas (n. 52) 6.
(55) See in particular Chapters 34 and 35.
(56
<https://ssrn.com/abstract=3218286>.
Page 19 of 21

(57) ibid. 1.
(58) ibid. 15.
(59) ibid. 17.
(60
(61) ibid. 208.
(62) ibid. 209.
(63) ibid. 210.
(64) ibid. 215.
(65
(66) See Directive 2019/790/EU (n. 7) Art. 17.
(67
(68) ibid. 314.
(69) ibid. 316.
(70) ibid. 319.
(71) ibid. 322.
(72) ibid. 324.
(73
Legal Studies 829.
(74) Urban, Karaganis, and Schofield (n. 16) 64.
(75) ibid. 64.
(76
(77
(78) ibid. 138.
(79) See Lumen (n. 12).
Page 20 of 21

(80
The Verge, 25 February 2019) <https://www.theverge.com/
2019/2/25/18229714/cognizant-facebook-content-moderator-interviews-trauma-working-
conditions-arizona>.
Kristofer Erickson
sity of Leeds. Email: K.Erickson@leeds.ac.uk.
Martin Kretschmer
Martin Kretschmer is Professor of Intellectual Property Law at the School of Law,
omy Centre. Email: Martin.Kretschmer@glasgow.ac.uk.
Page 21 of 21

sign of Intermediary Liability
Remedies First, Liability Second: Or Why We Fail to

Agree on Optimal Design of Intermediary Liability
Martin Husovec
This chapter discusses remedies for online intermediary liability with special emphasis on
remedies for intellectual property (IP) infringement. The chapter describes damages and
ticular, this chapter highlights how IP scholars in the area of intermediary liability have
now spent over two decades trying to answer when an intermediary should be liable for
the second-order issue of optimal design? Can that question be answered without first
knowing what an intermediary is or should be obliged to perform as a consequence of
sign of intermediary liability should reflect an inverse order of inquiry in order to elicit
useful insights.
Keywords: intermediary liability, remedies, reasons, damages, injunctions, costs
*
OVER the last years, attention in the literature has largely focused on analysing how
courts decide about the conditions
tive in all areas of intellectual property (IP) law.1

er, is the question of the consequences that these legal qualifications entail. I am not
aware of an in-depth comparative or empirical study that would try to map the extent of
damages awarded, the scope and type of injunctions granted, the allocation of burden of
proof, or similar highly practical issues. Angelopoulos gets the closest.2
For legal scholarship, very often establishing the liability itself is an end-station. It is
somehow implicitly assumed that intermediaries cannot recover and will simply shut
down their services if held liable. This is striking, as it basically presupposes a world
(p. 91)
bate overly dramatic when it does not have to be. While some of the recent developments
Page 1 of 16

tions,3 it seems to me that scholarly review is still lagging behind when considering the
system in its entirety.
to the limitations of the e-Commerce Directive, human rights safeguards and increasing
ulation of remedies. In other words, what is more European then when. Despite this, most
of the work on intermediary liability tackles the question of when to trigger consequences
rather than what consequences to trigger.
1. Three Legal Pillars

IP scholars studying intermediary liability often distinguish between primary and
ondary liability. While the first is delineated by the statutory exclusive rights, the second
is shaped by doctrines which come to expand those rights. These doctrines are often
grounded in general tort law. The basic notion is that while the primary infringers are
fringers only become wrongdoers when they contribute, in some relevant way, to other
relevant differs substantially across the
ments in copyright law4 and trade mark law testify.5
ondary liability cannot be divorced from (and indeed must be informed by) the scope of
primary liability or other legal devices by which the conduct of service providers (p. 92) or
6
ondary liability are important, they cannot be simply studied in isolation. Classification by
either of them is made on the basis of our understanding of the breadth associated with
each of them. Therefore, primary infringement and its scope cannot be uninformed by the
scope of secondary infringement, and vice versa. In this chapter, I try to emphasize that
sequences.
sociated trade-offs of scope, but also to EU integration. Because the CJEU has no explicit
jurisdiction over non-harmonized domestic secondary liability laws, if it wants to assert
bility, or (2) outside it, by creating an additional layer of protection drawing on national
traditions of accessory liability. What we have been observing in the last couple of years
in EU copyright law could be explained in both ways.7 Only the future will tell how the
Court will eventually conceptualize its own case law on communication to the public
Page 2 of 16

when facing further national requests for clarification.8 Similarly, some national doctrines
that are dressed as primary liability in fact incorporate policy considerations of secondary
liability, and hence would be more appropriate to be studied as such.9
Secondary liability doctrines differ across the globe. However, in IP scholarship, the term
arious liability incorporate this policy space.10 In the UK, it is liability of accessories.11 In
Germany, it is liability of aiders and abettors, but also reaching into case law concerning
12
omissions.13 All these doctrines consider different circumstances relevant.
In the last decade, we have also witnessed developments that create a third pillar
(p. 93)
of liability, that of injunctions against innocent third parties, in our context,

termediaries.14
tions on parties that engage in no wrongdoing themselves. These injunctions are often
not grounded in tortious actions, although they can relevantly cross-reference to tort law.
For instance, the English concept of injunctions against innocent third parties is based on
tection in property law.15 Both are dependent on wrongdoings by someone, however not
by the person held responsible.16 In other countries, these instruments take the form of
new statutory provisions,17 or a separate administrative regulation.18 Whatever the legal
wrongdoing, and rather try to impose obligations due to considerations of efficiency or

fairness. They treat intermediaries as accountable (for help), but not liable. While harm is
quences clearly differ. Obligations are imposed on the services by courts or legislators
without trying to attribute to them liability for individual instances of user-triggered
harm.
their application might overlap. Although an intermediary who is a secondary infringer

should not also be a primary infringer for the same set of facts, the courts might test both
grounds of liability in parallel to strengthen their decisions.19 Intermediaries in a (p. 94)
mediaries when rightholders think it is easier not to discuss their wrongful contributions,
and focus only on preventive steps to be imposed by injunctions. Given these dynamics,
the extent to which the remedies can actually compete among each other when more of
them potentially apply should not be underestimated. Remedies are tools given to the
so taking into account their costs and expected benefits, and the practical difficulties in
Page 3 of 16

too much pressure, and thereby costs, on players who are innocent, as opposed to real
wrongdoers.20
2. Distinguishing Reasons from Consequences

Primary and secondary liability tests both end with classifying the implicated persons as
some type of infringer; that is, wrongdoer. Despite this, the legal consequences cannot be
said to be identical. Different consequences match different policy situations that these
doctrines try to resolve. Primary infringement is concerned with those who harm by their
own behaviour. Secondary infringement is concerned with those who harm by relying on
the behaviour of others to achieve the harmful outcomes.
ters of precaution-levels and activity-levels.21 These essentially refer to the quality and
iour, such as checking authorship before reusing content, or blocking third party content
on notification.22 Activity then refers to the decision to participate in an event that may
generate harm, such as uploading the content or providing a service altogether.23 The
mal levels of care so that harm is avoided at a reasonable cost for society. Hence, the law
requires diligence of users and intermediaries when dealing with copyright content
aries to avoid inducing others to use protected subject matter without authorization or to
remove it once they are notified of its existence on their services. If actors (p. 95) adopt a
their activities.
dies, and their role in solving liability scenarios.24 First of all, the prevention of damage in
online space is typically multilateral because the behaviour of at least three parties needs
usual scenario of bilateral damages, the parameters of activity-level (quantity) and care-
level (quality) are not necessarily vested in all the parties equally.25
IP rightholders cannot really directly influence the quantity of infringement, as they can
er.26 Indirectly, however, by setting the prices and conditions of legitimate access to their
ty-level of the users. Intermediaries are mostly unable to directly influence the quantity of
the infringements posted by their users. Indirectly, however, by creating a certain culture,
or setting incentives, they might produce some outcomes. At the same time, by exercising
rectly influence the number of infringements. However, unless they shut down the service
Page 4 of 16

or pre-moderate completely, they can never entirely control the infringing posts of their
users.
which means that this ecosystem can be sustained by independent unrelated services
ent use and communities. Similarly, two rightholders with identical access and pricing
strategies might attract different infringement patterns. Both intermediaries and
where minds of an intermediary and its users are aligned in intentional wrongdoing, does
27
Wrongdoing users are not (p. 96)
couraged or incentivized, but still exercise their own will.
In a primary liability scenario, damages are imposed on the addressee to compensate the
an infringement but are imposed on an addressee who did not carry out the infringement
through its own activity. Damages are usually imposed on the ground that the addressee
ity). However, this is different in intentional inducement scenarios, where the problem is
ing legislation.
3. Typology of Consequences
To demonstrate some of these differences in practice, in the following sections, I will
briefly look at some of the consequences of applying each of the pillars to intermediaries.
gregation; (3) the scope and goal of injunctions; and (4) their associated costs.
Page 5 of 16

3.1 Scope of Damages
Damages come with a different scope in each of the three pillars. To begin with, damages
lar).28 With regards to infringers

ondary) infringers differ. While primary infringers exploit the protected subject matter
ploitation. In between the two are situations of intentional inducement, which act as an
perspective, there is a single harm caused by the availability of their protected subject
matter.
Against the primary infringers, the rightholders might often invoke two basic types of
damage: (1) losses suffered by rightholders, and (2) illicit profit obtained by the primary
(p. 97) infringer. Sometimes the damages are supplemented by licensing analogies, or
quences. In the European system, damages are generally meant to put the rightholder in
ly to compensate for the loss actually suffered.29 However, some other countries such as
the United States also opt for statutory damages in order to emphasize deterrence.30
The actions of infringing actors and their intermediaries are not always easy to dissect. In
the relationship of actions between an actor and an intermediary, however, the relevant
wrongful contribution may often cover different parts of the resulting harm, or even be
limited to one of them. For instance, imagine a negligent intermediary operating under a
notice-based liability regime who becomes liable for not taking down a video after being
notified. Such an intermediary acted lawfully during the entire period before
tion, however its actions became wrongful after a reasonable period of time to process
the notification had elapsed. The wrongful action of an intermediary and its relevant
harm then covers the period after failing to act, which takes place after notification, and
not the pre-notification period. If the video was online for two years before being notified,
fication) can differ substantially. Similar situations might arise more often in instances of
fringer ab initio is not present. In cases of intentional tortfeasorship, this might perhaps
pose less significant problems, as the intention of both parties often covers identical harm
from the outset.31 Therefore, an intermediary that intentionally induces others to do
cation does not trigger the wrongful behaviour and is thus irrelevant.
ondary infringers is unlikely to exist and therefore to provide a benchmark price. Thus, a
Page 6 of 16

tions, especially if the cases are factually too complicated.32 Therefore, as Ohly suggests,
targeting part of the illicit profit might be the most realistic way forward,33 (p. 98) at least
for negligent secondary infringers. Although, admittedly, estimating such profits is not
without problems and equally lends itself to considerable judicial discretion.
3.2 Aggregation of Damages
vidual debts and interlinks them at the performance stage; for example, an obligation to
gelopoulos reports34 in her comparative survey of France, Germany, and the UK, existing
European tort law usually favours solidary liability for any type of secondary liability. This
fringers themselves, the practical relevance of this is questionable. Since intermediaries
tle prospect of recovering anything from their users who infringed. Does solidary liability
therefore always make sense from a policy standpoint in the realm of IP infringements?35
Two key issues merit further consideration.
ios, litigation usually involves hundreds of cases of primary wrongdoing. This raises the
stakes very high for every instance of such litigation. Secondly, the online environment is
ing them can be practically impossible not only due to the transactions costs involved in
mass torts, but also due to the anonymity of the primary infringers.
To think of alternatives, the level of aggregation of damages could depend on the sub-
type of secondary liability. Especially in cases of intentional aiding and abetting,36
ondary infringers into a solidary debtorship. However, the reason for doing the same for
negligence-based secondary infringers is less clear, especially when one considers the
hibitory injunctions.37 This is why not only the calculation of the secondary (p. 99)
Page 7 of 16

mary infringers cannot be neglected either.
Overlooking the issue of aggregation can drive suboptimal policy outcomes for the design
of secondary liability doctrines. Davies, for instance, argues that it is precisely the issue
ry tort liability in the UK. The worry is that a small proportion of their fault could expose
them to the much larger damages of primary wrongdoers.38 And since they are more
readily available, they might become easy targets for collecting the entire damages
claims, with barely any recourse to the primary wrongdoers. He also points out that some
jurisdictions, such as the United States, are already moving away from solidary liability
towards a system of proportionate apportionment of liability.39
ing any liability conditions without considering the effects of aggregation skips some very
important questions.
3.3 Scope and Goals of Injunctions
Injunctions have different scopes
behaviour by adjusting their own. Clearly, secondary infringers cannot usually completely
pletely. They cannot coerce others into choices they do not want to make.40 If this fact is
fringer is prohibited from engaging in lawful acts. Even worse, there may be no second
chance for these players, and any finding of liability will simply mean the (p. 100) end of a
service or a firm. Some courts are aware of this,41
junctions is particularly difficult. Lemley and Weiser even argue that, for these reasons,
we should favour damages over injunctions in such cases.42 Angelopoulos, on the other
tions of negligence-based secondary liability.43
An excellent example of how problematic it can be to issue an injunction is the well-

known Napster case in the United States, which continued after the decision of the Ninth
Circuit44
had to decide on the form of the injunction.45 The District Court first enjoined Napster
from copying, downloading, uploading, transmitting, or distributing copyrighted sound
recordings, but the plaintiffs were obliged to provide titles of their works, the names of
the artists, and one or more files on the Napster system, and a certification of ownership.
der to also prevent misspelled and similar infringing files from appearing on the network.
Page 8 of 16

So, Napster purchased access to a database of song titles with common misspellings, and
nition software based on fingerprinting technology from Relatable. Even though
46
As a consequence, Napster shut
quiring super-optimal care.47

sign injunctions that are not de facto terminal. Discussions would be less dramatic had
we known that the defendants would simply need to learn their lesson, internalize the
costs, and move forward.
Compared to the previous two categories, innocent third parties are subject only to a
cial type of injunction. This can come in the form of orders to assist enforcement by
blocking, filtering, degrading, or providing information. As the European system shows,
the target of such orders is not full prohibition of the illegal behaviour of the addressee,
but rather some form of positively defined assistance in enforcement. In other words,
(p. 101)
tion is the core goal of the measures. In Tommy Hilfiger

can the intermediary be required to exercise general and permanent oversight over its
tribute to avoiding new infringements of the same nature by the same market-trader from
48
I have argued elsewhere49 that if we were to accept that an injunction against innocent
clusive rights, since an injunction would put otherwise abstractly allowed acts under the
courts, seem to be aware of this. The CJEU stresses that these measures are of different
nature. The UK and Germany, despite different legal traditions, seem to converge on the
consensus that these measures should prescribe positive actions, and not be worded or
interpreted as prohibitory edicts.50
3.4 Costs of Injunctions
A related question concerns the costs structure associated with the remedies. By costs, I
mean both compliance and procedural
rying out orders granted by the courts. If those costs are incurred by infringers, there is
bility outcomes too.
Page 9 of 16

However, the situation is different for innocent third parties that are exposed to the third
pillar of accountability for assistance, that of injunctions against innocent third parties.
These parties are asked to assist in enforcement and not to respond for their own actions.
It is therefore more understandable that policy should relieve them from procedural
costs, and even compensate them for the inconvenience of compliance. In the absence of
dressees, this creates a perverse incentive to also choose it as a cause of action in cases
where the tortfeasors are known and could potentially be more appropriate candidates to
(p. 102)
flate the aggregate costs of the compliance of parties that had never themselves acted
wrongfully.
For these and other reasons, some countries distinguish the costs structures of actions
against intermediaries as infringers and as innocent third parties. The courts in the UK
and Canada recognized a need for compensation for compliance for the latter.51 On the
other hand, the French Cour de cassation rejected the idea.52
cided to intervene by immunizing some types of providers from out-of-court and pre-trial
costs, although not offering any compensation for compliance.53
4. Putting the Cart before the Horse
bility of intermediaries. Perhaps we should use these components to inform our design of
sory liability is resolved well through domestic laws, and offers the best starting point for
European (and perhaps global) convergence.54 At the same time, her work shows that it is
ty.
A reason for this maybe has less to do with the factors triggering such liability, rather
tems each assigning a different gravity of consequences are less likely to agree on when
to trigger liability even if they have the same policy outlooks and goals. An agreement is
slowed down by the fact that where one scholar anticipates damages subject to solidary
liability with primary infringers, the other thinks of stand-alone compensatory damages
subject to proportionate apportionment.
To provide a metaphor, agreeing on when policemen in two countries should use their
guns is hard when those guns are pre-loaded with different projectiles. Hitting a man
with a plastic or bean-bag bullet is not the same as using a dum-dum bullet. Similarly, a
firm hit with two different sanctions will internalize them differently. Discussing when
without clarifying what then seems very confusing and, at the very least, incomplete. To
facilitate convergence, we should, as a first-order policy question, understand the (p. 103)
Page 10 of 16

tors of such individual consequences.
ciples? In parallel, we might unpack the situation of negligent secondary infringers. Are
they all the same? What kind of damages should they be asked to pay? Do we really want
to aggregate their own obligation to pay damages with that of primary wrongdoers? If
not, what alternatives can we work out? If yes, under what circumstances? And how do
we design injunctions against them? Is it even possible to come up with injunctions that
tem of injunctions against innocent third parties, how should they differ and interact with
the previous two? Who should bear the costs of what? And should burdens of proof differ
across all three pillars? These all seems like very pressing questions to answer before we
can design optimal conditions triggering anything.
5. Conclusions
Adopting a consequences-based approach might help to achieve convergence of different
models. To utilize this approach, the comparative work first needs to recognize the basic
vocabulary
lars of liability. Not all countries will rely on the same mechanisms, or offer them in the
same form; however, a common vocabulary will allow us to more clearly communicate
and discuss their contents and the policy-goals behind them. I do not think we are far
from accepting such a vocabulary.
ship under disgorgement of illicit profits) with their ability to tackle specific challenges
within each liability mechanism (e.g. compensation for inducement, design of injunction
for negligence). This will allow us to better see the regulatory toolkit, and thus respond
more sensibly to any questions in the liability design. Only as a third step should we try to
quirements triggering them. This way, the what and when questions are interconnected,
could become more conducive to establishing a comparative consensus.
Notes:
(*) I would like to thank Christina Angelopoulos, Giancarlo Frosio, and Miquel Peguera for
their valuable comments on the earlier draft of this chapter. All mistakes are solely mine.
Page 11 of 16

(1
na Angelopoulos, European Intermediary Liability in Copyright: A Tort-Based Analysis

The Liability of Internet Intermediaries (OUP
2016); Paul Davies, Accessory Liability (Hart 2015); Graeme Dinwoodie (ed.), Secondary
Liability of Internet Service Providers (Springer 2017); Mark Bartholomew and Patrick
(2) See Angelopoulos (n. 1).

countable, But Not Liable?
(4) See C-348/13 BestWater v Mebes and Potsch [2014] ECLI:EU:C:2014:2315; C-279/13
C. More Entertainment AB v Sandberg [2015] ECLI:EU:C:2015:199; C-160/15 GS Media
BV v Sanoma Media Netherlands BV [2016] ECLI:EU:C:2016:644; C-610/15 Stichting
Brein v Ziggo BV and XS4All Internet BV [2017] ECLI:EU:C:2017:456.
(5) In the area of trade mark law, the typical example is trade mark use by Google in its
keyword advertising, which is infringing in the EU but allowed in the United States. See
Secondary Liability of Internet Service Providers

(Springer 2017) 13. Another example is the emerging question about use of trade marks
by Amazon on its platform. See C-567/18 discussed also in this Handbook by Richard
Arnold in Chapter 20.
(6) See Dinwoodie (n. 5) 4.
(7
(8) See e.g. pending case C-753/18.
(9
ondary liability).
(10
Page 12 of 16

(11) See Paul Davies, Accessory Liability (Hart 2015) 177 ff.
(12
ment the EU system of injunctions against innocent intermediaries, on the other. See
Franz Hofmann and Franziska Kurz (eds), Law of Remedies (Intersentia 2019).
(13) Accessory liability in German private law is generally based on the provision of s.
cessory as well as of the main tortfeasor have to be intentional. See Mathias Habersack
and others, Münchener Kommentar zum BGB (6th edn, C.H. Beck 2013) s. 830(2) para.
ducement can lead to tortfeasorship. See BGH Cybersky
primary liability. See BGH Marions-kochbuch.de [2009] I ZR 166/07 (Ger.); BGH [2016] VI
ZR 34/15 para. 17 (Ger.); Posterlounge [2015] I ZR 104/14 para. 48 (Ger.). In contrast, in
patent law a different senate accepted negligence-based tortious liability for omissions.
See BGH MP3-Player-Import [2009] Xa ZR2/08 (Ger.).
(14
to
<http://www.europarl.europa.eu/RegData/etudes/IDAN/2017/614207/
IPOL_IDA(2017)614207_EN.pdf>; see also Richard Arnold in Chapter 20.
(15) See Husovec (n. 3) 145 ff.
(16
ciples.
(17) In Australia, the Copyright Amendment (Online Infringement) Act 2015, effective 27
Page 13 of 16

(19) See Twentieth Century Fox Film Corp. & Anor v Newzbin Ltd [2010] EWHC 608 (Ch)
(UK) (Justice Kitchin finding Newzbin service liable under the doctrines of direct liability,
joint tortfeasorship, and the copyright-specific tort of authorization).
(20) See Husovec (n. 14) ss. 44 ff.
(21) See William Landes and Richard Posner, The Economic Structure of Tort Law (HUP
1987) 66; Steven Shavell, Economic Analysis of Accident Law (HUP 1987) 25; Stephen
ways very sharp).
(22
Rev. 977, 981.
(23) ibid.
(24
(25
901, 912.
(26
that intermediaries can only indirectly influence users).
(27) This would amount to direct liability as those who assisted by not knowing would be
considered instruments used to wrong, and thus innocent agents free of liability of their
own. See, for common law, Paul Davies, Accessory Liability (Hart 2015) 68 ff.
(28) However, uncompensated compliance with injunctions leads to monetary costs.
(29) See C-367/15

ców Polskich [2017] ECLI:EU:C:2017:36, para. 31.
(30
(31) Hence it is also less problematic to apply to it any type of damages aggregation (see
later).
(32) A related issue is a question of allocation of the burden of proof. It is not exceptional
for tort law to presume the form of fault on the side of an alleged tortfeasor. Doing so for
fringers, is not the usual situation but rather an exception to it.
Page 14 of 16

(33
satzanspruch bestehen, der in der Höhe durch den aus der Vermittlung erzielten Gewinn
(34) Angelopoulos (n. 1) 328 ff (asking the same).
(35) ibid. (asking the same).
(36) ibid. 488.
(37
http://
(38) See Davies (n. 27) 216.
(39) See American Law Institute,

ty ( 1999) s. 17.
(40) In this regard, consider the Daimler case, in which the CJEU held that lack of control
Daimler
[2016] ECLI:EU:C:2016:134, para.
(41) See Oberster Gerichtshof [Austrian Supreme Court] (OGH) [2014] 4Ob140/14p
(Aust.) (arguing that an accessory can only be prohibited from carrying out those that are
wrongful).
(42
tects only the underlying right rather than also enjoining noninfringing conduct provides
(44) See A&M Records Inc. v Napster Inc., 239 F.3d 1004 (9th Cir. 2001) (US).
Page 15 of 16

(45) See A&M Records Inc. v Napster Inc., 2001 US Dist. LEXIS 2169 (ND Cal. 5 March
2001) (US).
(46 Cnet
News, 12 July 2001) <http://news.cnet.com/Court-Napster-filters-must-be-foolproof/
2100-1023_3-269837.html>.
(47
(48) C-494/15 Tommy Hilfiger Licensing LLC and Others v Delta Center as [2016]
ECLI:EU:C:2016:528, para. 34 (this builds on the earlier case law, in particular C-324/09
[2011] ECLI:EU:C:2011:474).
(49
(50) For the UK, see Chapter 20. For Germany, see analysis of case I ZR 64/17, para. 57 in
Husovec (n. 12).
(51) In the UK, this was outcome of the Cartier Cartier International AG and others
(Respondents) v British Telecommunications Plc and another (Appellants) [2018] UKSC
28 (UK). In Canada, a similar principle was postulated in the Rogers Rogers
Communications Inc. v Voltage Pictures, LLC, 2018 SCC 38 (Can.). Both decisions relate
to the so-called Norwich Pharmacal jurisdiction.
(52) The Cour de cassation rejected compensation of such costs. See Cour de cassation,
Civil Chamber 1 [2017] Case no. 16-17.217 16-18.298 16-18.348 16-18.595 (Fra.).
(53) For description of the current German approach, see Husovec (n. 12).
(54) See Angelopoulos (n. 1).
Martin Husovec
Martin Husovec is Assistant Professor at the University of Tilburg (Tilburg Institute

for Law, Technology and Society & Tilburg Law and Economics Center) and Affiliate
Scholar at Stanford Law School Center for Internet and Society. Email:
martin@husovec.eu.
Page 16 of 16

A Theoretical Taxonomy of Intermediary Liability

Jaani Riordan
This chapter aims to provide a taxonomy of the different types of liability which may be
imposed upon internet intermediaries, and a theoretical framework for talking about
problems of liability. This taxonomy is intended to situate each of these areas within an
overall framework for analysing legal responsibility and the different ways in which it
may be imposed upon facilitators of harm. First, this chapter begins by considering what
with widespread assumptions about moral agency and individual responsibility. Secondly,
sions of others, noting a distinction between two models of responsibility which may be
the functions and policy justifications for imposing liability onto intermediaries for the
acts or omissions of others. Finally, this chapter provides an overview of the main kinds of
wrongdoing for which intermediaries may, in principle, be liable, by reference to English
and EU law, several of which are discussed in more detail elsewhere in this work.
Keywords: intermediary liability, internet intermediary, tort, primary liability, secondary liability,
ty, strict liability, negligence, joint tortfeasor, safe harbour, injunctions, remedies, enforcement costs, copyright,
defamation, hate speech, online harms, privacy, fundamental rights, disclosure
GIVEN the rapid emergence of internet technologies in modern life and commerce, it is
trines, procedures, and remedies have something to say about internet intermediaries
derstanding of the many forms it may take, the policy levers it may serve, and the areas
in which liability may arise. This is an essentially cartographic exercise, as it involves
mapping the legislative, judicial, and regulatory landscape to identify and classify legal
norms of relevance to internet wrongdoing.
Far from being a lawless wasteland or ungovernable dominion, it is now well recognized
lenges, many of which are discussed elsewhere in this Handbook: most acutely, how to
Page 1 of 38

develop liability rules which properly encourage intermediaries to avoid harmful uses of
their technologies without creating disproportionate or chilling effects; and how to craft
effective remedies that are scalable to meet swifter and more widespread forms of online
wrongdoing. Meeting these challenges also requires a degree of sensitivity on the part of
nologies and nascent industries, often in unpredictable ways.
In all of this, it is beneficial to have a conceptual architecture within which to analyse and
cy objectives that may be served by imposing (or excluding) liability of different kinds.
This is far from a simple task, both for the myriad forms that liability rules may take and
contexts.
This chapter therefore aims to provide a taxonomy of the different types of liability
(p. 58)
which may be imposed upon internet intermediaries, and a theoretical framework for
talking about problems of liability. This taxonomy is necessarily modest: it is not intended
to provide an exhaustive description of the diverse areas of civil and criminal wrongdoing
which may give rise to liability, but rather to situate each of these areas within an overall
deavour to propose a theoretical account which is of wider application.
different forms that it may take, consistently with widespread assumptions about moral
agency and individual responsibility. Secondly, this chapter analyses how liability may be
attributed or imputed for the acts and omissions of others, noting a distinction between
ter provides an overview of the main kinds of wrongdoing for which intermediaries may,
in principle, be liable, by reference to English and EU law.
1.
for a legal formula which refers to the obligation imposed (or recognized) by a court or
administrative authority of competent jurisdiction to supply a prescribed remedy, or take
(or cease taking) a prescribed action, in response to an event.1 That event is usually, but
need not always be,2 characterized as a legal or equitable wrong, or breach of some other
Page 2 of 38

legal duty owed by D. The consequence of holding D liable is that C can go to court and
obtain an order for a remedy against D.
bility upon which most instances of liability are founded. This section then analyses the
able for civil wrongdoing: monetary and non-monetary liability.
(p. 59) 1.1 Moral Agency and Individual Responsibility
In common law systems, the traditional function of tort law was to determine which
events generated remedial obligations and which did not.3 Liability rules could be used to
4
In these and most other western legal systems, liability is traditionally
premised on the fundamental assumption that a natural or legal person is responsible for
her (and only her) own voluntary acts and omissions, subject to limited exceptions. The
traditional principle was articulated by Lord Sumner in Weld-Blundell v Stephens:
In general (apart from special contracts and relations and the maxim respondeat
superior), even though A is at fault, he is not responsible for injury to C which B, a
stranger to him, deliberately chooses to do.5
6
Actions (or, it might be added, inactions) by
others are not ordinarily our responsibility; they are theirs to bear alone. This may be
thought of as the basic principle of moral agency on which liability is ordinarily founded.
moral agent whose conduct may be assessed against the applicable liability rules.7
sions of others, absent something more.
for the activities of another moral agent for whom they share fault or responsibility.9 It is
ty for the acts and omissions of others.
(p. 60)
metonymy denoting a much wider spectrum of liability rules. Thus, it is typical to speak of
Page 3 of 38

To avoid falling into this trap, it is helpful to disambiguate liability into its constituent
tary. Monetary liability may be further divided along a spectrum comprising four main
standards: strict liability; negligence or fault-based liability; knowledge-based liability;
hibitory and mandatory obligations.
1.2 Monetary Liability
First, remedies for liability can be monetary, as in the case of orders to pay compensatory
damages or to disgorge profits.10 Such orders enforce secondary duties to correct losses
or gains resulting from the breach of a primary duty. These obligations to pay are backed
ognize an obligation on the legally responsible party to pay money.11 The preconditions
trum from absolute liability to total immunity, and grouped under four headings.
1.2.1 Strict Liability

Strict liability requires intermediaries to internalize the cost of user misconduct without
proof of fault. By requiring intermediaries to pay for the social harms of third party
their activities to reduce wrongdoing to an optimal level.12

tage of being simple for courts, intermediaries, and claimants to assess, thereby allowing
efficient ex ante pricing decisions. However, although strict primary liability rules are
common, strict secondary liability rules are rare, mainly because it is unfeasibly costly for
cause strict secondary liability would pose a more direct challenge to the principles of
moral agency and individual responsibility considered earlier.
1.2.2 Negligence-Based Standards
stances in which an intermediary is said to owe a legal duty of care. For example, such a
(p. 61) duty may require intermediaries to act reasonably to prevent, deter, or respond to
primary wrongdoing. This would ordinarily represent a lower level of monitoring than a
rule which requires a website or platform operator to remove defamatory postings within
a reasonable period.13
mediary is under a duty to seek it out or prevent its reappearance, or imposing liability
Page 4 of 38

for conduct of which an intermediary is wholly unaware on the basis of a duty to control
the wrongdoer.
1.2.3 Knowledge-Based Standards
spond to wrongdoing only once they receive sufficient information to reach a threshold
net content regulation: notice and takedown. Less wrongdoing must be internalized,
which encourages optimal ex post enforcement. To prevent wilful blindness, knowledge
usually incorporates an objective measure, by which an intermediary is taken to know
tor standing in its shoes.14 In this way, liability rules which are premised on a standard of
state was objectively culpable.
1.2.4 Immunity
At the other end of the liability rule spectrum, intermediaries can be partially or wholly
exempted from monetary liability. Immunity has the advantages of certainty, subsidizing
15
but has been
heavily criticized by some scholars as removing any incentives for least-cost avoiders to
intervene in enforcement, even where that might be the most efficient way to prevent
wrongdoing or bring it to an end,16
Conversely, immunity may serve to uphold countervailing public policy objectives, such
(p. 62) as constitutional protections for freedom of expression.17
nity in respect of monetary liability is conferred within three classes of passive, neutral,
and technical activities (hosting and caching, and transmission).18
1.3 Non-Monetary Liability
A second set of liability outcomes imposes non-monetary obligations upon intermediaries,

most commonly an injunction to do, or refrain from doing, certain acts (mandatory and
prohibitory injunctions, respectively). Such obligations may arise in circumstances where
sist a victim of wrongdoing, or uphold the administration of justice. Most commonly, this
use of their services, when requested to do so.19
Page 5 of 38

notional kind. It was not a legal duty in the ordinary sense of the term. Failure to supply
the information would not give rise to an action for damages. The concept of duty was
simply a way of saying that the court would require disclosure.20
nized legal wrongdoing to have occurred, to impose non-monetary liability only requires
21
ing accountability without liability,22 though of course both monetary and non-monetary
liability may flow from the same wrongful activity.
Liability in this second, non-monetary sense is both broader and narrower than monetary
liability: as noted earlier, it can be imposed without proof of wrongdoing on (p. 63) the
part of the intermediary, but it only protects limited categories of interests and enforces
limited types of duties. Further, at least in Europe, injunctive remedies are impervious to
diary.23 Finally, while they may not impose a direct obligation to compensate a claimant or
disgorge profits, injunctions are enforced, ultimately, by the criminal law of contempt and
the associated machinery of incarceration and, in some jurisdictions, monetary penalties.
2. Classifying Liability
common features and underlying assumptions. A further distinction lies between liability
accessory) liability.24
ty which is at least partly conditioned upon proof of prima facie wrongdoing by a third
party.
mediaries accountable for harms that are caused or contributed to by third parties when
the intermediary has a normatively and causally significant relationship with primary
wrongdoing, typically constituted by an assumption of responsibility for the primary
ular or responsive means of regulating their obligations and business models.
Page 6 of 38

2.1 Primary Liability
son may engage in wrongful activity by his or her own acts or omissions. Such conduct is
intended and directed by that person, who carries it out personally. This type (p. 64) of
who engages in it; in other words, there is strict identity between actor and acts. This
ings of moral agency or personal responsibility.
Breaches of primary duties owed by intermediaries are properly treated as primary

wrongs. Common to these instances is that the definition of primary liability is sufficiently
tracting party (perhaps under its terms of service or a distance contract entered into with
a consumer),25 as a party that has assumed responsibility for the safety or security of its
users or their data,26 to prevent harm which is likely to occur,27 for injury caused by
something or someone that the intermediary has a duty to control,28 or under a statutory
data protection scheme.29 Other attempts to impose liability raise more difficult questions
concerning the scope of primary wrongdoing; for example, whether an act of reproducing
a copyright work which occurs when a user uploads an infringing video to a video-sharing
30
tinct. This is most apparent in areas such as copyright, where the right of communication
tionally thought of as the province of secondary liability.31

pend on how widely the relevant primary wrong is defined, and may become blurred at
tinct concepts.
(p. 65) 2.2 Secondary Liability
mann explained in OBG Ltd v Allan

32
ondary in the sense that it is secondary, or supplemental, to that of the third party who
33
A more precise definition may be that secondary liability
is liability having as one of its conditions a finding of at least prima facie wrongdoing by a
third party. For example, liability for authorizing copyright infringement requires proof of
actual infringement by the party so authorized.34 By contrast, liability for breaching a
contract is primary, as it does not matter whether any third party has also breached it.
Page 7 of 38

come legally responsible for primary wrongs perpetrated by others, even though they do
not independently satisfy the definition of primary wrongdoing. Their operation begins at
the penumbra of primary liability and ends at the limits of the connecting factors through
inition of a primary wrong, whose boundaries can be adjusted to encompass a wider or

narrower range of conduct within it.
Secondary liability is not harmonized within the EU and national approaches tend to
sponsibility.35
terns of attribution in private law and reflect shared policies about the proper limits of
36
defined, inconsistent, or misleading terminology. This significantly complicates the task of

discerning common structural principles.
In the most general terms, secondary liability may be thought of as attaching to acts or
omissions by A, the secondary actor, which (1) are not independently a primary wrong,
but either: (2) cause B, a primary wrongdoer, to engage in primary wrongdoing against C
lationship between A and B within the scope of which B engages in primary wrongdoing
systems are: (i) when will harm caused by A to C fall within a recognized category (p. 66)
of duty or otherwise be sufficiently culpable to justify imposing secondary liability; and

(ii) what relationships are sufficiently proximate to justify treating A as responsible for
the actions of B? Different legal systems understandably formulate distinct answers to
these questions, and draw the line in different places.
In English law, these principles are reflected primarily in doctrines of joint tortfeasorship
37
However, with limited exceptions, English courts
38
Partly this reflects terminological confusion,39 and partly the
hold in different areas of law.
swer for the wrongs of others where it has by its own conduct become so involved as to
40
In other words, these parallel criteria determine
whether a secondary actor has voluntarily assumed responsibility for the primary
Page 8 of 38

41
Collectively, these doctrines operate as limited exceptions to the
doing.
2.2.1 Causative Secondary Liability

Under English law, to establish secondary liability in tort requires the claimant to show
42
OBG.43
(p. 67)
necting factor. This specifies a threshold of causative participation and knowledge which
44 The two most common
categories are procurement and participation in a common design. However, these are
non-exhaustive and it would, as Bankes LJ observed in The Koursk
45 Despite some
confusion,46 these connecting factors are alternatives.47

tions when a sufficient nexus exists between secondary and primary wrongdoers to justify
mented by statutory forms of secondary liability, most notably in the case of copyright.48
2.2.1.1 Procurement
49
conduct must cause

50
51
On the basis of this case law, in
International AG, Arnold J held that eBay had not procured infringements by sellers who
offered for sale and sold counterfeit goods on its platform.52
duce the primary wrongdoer to act wrongfully. Ordinarily, A must intend B to engage in
wrongful conduct in a particular way, which requires knowledge of at least the existence
of the primary right to be interfered with and the acts to be performed, while possessing
(p. 68) any mental element necessary for primary liability.53
es fault-based procurement liability from primary liability, which may be strict (as in the
case of most infringements of intellectual property rights and torts such as defamation).
Page 9 of 38

diary is passive and neutral, because it is unlikely to have induced, still less intended, the
commission of the primary wrong.
2.2.1.2 Common Design
54
This requires consensus between an
intermediary and another party to cause wrongdoing, and participation, in the sense that
55 In other words, secondary liability
56
Common design is a broader category than procurement, since
consensus is more easily demonstrated than inducement.57
ty.58
Like procurement, common design comprises physical and mental elements. The required
59
press or implicit, which includes within its scope the tortious act or omission.60 However,
mere sale of goods does not entail such an agreement without more, as the House of
Lords held in CBS v Amstrad.61
cause Amstrad did not decide the purpose for which its cassette recorders should be
used; purchasers did, without any agreement between them and the vendor. Secondly,
there must be action
62 This requires that the secondary party actually take part in the plan to
de minimis 63
stituting the primary wrong occurred,64 and additionally meets any state of mind required
of a primary tortfeasor.65 As Davies has argued, this sets a high bar, and courts (p. 69)
CBS 66
cludes wilful blindness, it does not extend to reckless or negligent failures to know.67 By
analogy, only a specific subjective intention to bring about the acts constituting the wrong
will suffice.
2.2.1.3 Criminal Accessory Liability

It is also possible to impose criminal liability upon intermediaries as accessories where
they participate in criminal wrongdoing (subject to the effect of safe harbour
protection).68
69
Page 10 of 38

tively they may be thought of as another example of causative secondary liability, since
they define ways in which an intermediary may contribute to the commission of criminal
wrongdoing.
2.2.2 Relational Secondary Liability
ployers and principals liable for wrongful acts and omissions of their employees and
agents that are carried out within the scope of their employment or agency.70
ting, it is the status of the secondary actor and the proximity of its relationship with the
primary wrongdoer which justifies the imposition of liability, rather than the materiality of
ment or agency to A; unauthorized wrongdoing carried out by B but subsequently ratified

by A;71 and primary wrongdoing done on premises controlled by A.72
Relational attribution encompasses all tortious conduct that occurs within the scope of
the relationship. It is not restricted by medium and could in theory apply to internet
(p. 70) intermediaries where primary wrongdoing is carried out by an employee or agent.
This makes the boundaries of the employment relationship of considerable importance,

particularly in the context of online platforms which function as marketplaces for services
dation services.73
3. Justifying Intermediary Liability
aries are made liable for unlawful material uploaded or transmitted by third parties over
gories.
ability rules as methods of attributing blame to secondary actors who have in some way
assumed responsibility for primary wrongdoers or their actions. This account is entirely
Page 11 of 38

forcement costs and encouraging optimal policing by secondary actors who are likely to
be least-cost avoiders.
3.1 Normative Justifications
sponsibility for acts or omissions which interfere with the rights of others in prescribed
ways.74 Primary tortious liability reflects the violation of an obligation not to
75
Thus, as Goldberg and
(p. 71)
76
if they
course. Either victims of wrongdoing have an entitlement to relief against parties who
embed additional rights against secondary wrongdoers. Theoretical responses to this
stead, they supply related but distinct explanations for extending responsibility.
3.1.1 Holding Causes of Harm Accountable
personal responsibility for the consequences. As Hart and Honoré argue, to instigate or
77
tial difference between primary and secondary wrongdoers: while both contribute to
wrongdoing, only secondary wrongdoers make their contribution through
doers.78 This explains why primary wrongdoing must be a sine qua non of secondary
wrongdoing.79 Superfluous, ineffectual, or inchoate contributions are ignored. Similarly,
contributions which might have been effective, but which do not ultimately eventuate in
wrongdoing, are forgotten. Causation thus offers a normative justification for imposing
tortious liability upon a secondary party: if we are morally responsible for our voluntary
duct causes.80
81
However, the romanticization of wrongs as
billiard balls, which follow deterministic paths of cause and effect, hides a great deal of
complexity, and fails to supply ready answers to problems involving intermediaries. First,
causation does not always appear necessary for civil secondary liability: ratification may
occur after the tortious conduct and have no effect on its occurrence; relational doctrines
argues that only procuring requires a causal link82

(p. 72) harm by
Page 12 of 38

clothing the primary wrongdoer in authority or giving a plan the legitimacy of consensus.
Secondly, causation is an incomplete explanation, since merely causing or contributing to
primary harm is never sufficient for secondary liability. Instead, as Hall observes, further
which
83
countable for causing.
ined earlier) ultimately rest on normative claims about justice, personal responsibility,
and the allocation of losses which cannot be defended using causation alone.
3.1.2 Fictional Attribution to Secondary Wrongdoers

Some scholars argue that secondary liability rules attribute actions to the secondary
wrongdoer, as expressed by the maxim qui facit per alium facit per se.83
tion, secondary wrongdoers are held responsible for conduct they are deemed to carry
the acts of any participant in a common design are to be imputed to all other participants,
or of employee to employer.84 Some theorists have embraced this fiction to explain joint
85
This amounts to an agency-based explanation: it treats primary wrongdoers as implied
86
sent that the primary wrongdoer should act on behalf of the secondary actor insofar as he
unlawfully causes loss to others.87
pute liability for the wrong of the primary wrongdoer.88
Further, it cannot be that acts constituting primary wrongdoing are literally attributed to
joint tortfeasors; otherwise there would be two
ers of the same tort 89 Given that there is a single tort, it must be that joint tortfeasors
are liable separately and together for the same act of wrongdoing, rather than liable for
the notional acts of two people. This explains the requirement that the secondary actor
(p. 73) wrong
elements inherent in primary duties.90
Page 13 of 38

3.1.3 Upholding Primary Duties

A third set of justifications argues that secondary liability rules are necessary to protect
the integrity of an underlying primary right, such as a promise, fiduciary relationship, or
property. Such rules prevent secondary actors from devaluing primary rights by removing
pre-emptive reasons for compliance. This ensures that moral lacunae do not arise where
91 92
93 thereby protecting the
trines of secondary liability operate throughout private law, so it cannot easily be said
protection afforded by secondary remedies is incomplete; for example, it would not make
conceptual sense to require the secondary party to disgorge profits retained only by the
primary wrongdoer.
ondary duties may be seen to arise which require the intermediary to take reasonable
doing and an injunction against an intermediary is a proportionate remedy to protect

them. In these circumstances, one may think of the resulting duty to assist claimants to
of his or her rights.
3.1.4 Upholding Duties Voluntarily Assumed
nently to large internet platforms, by putting themselves in a position to regulate, and in
(p. 74) which is
94
Attribution is justified where responsibility stems
from a person voluntarily undertaking an obligation which can properly be upheld.95
Secondary liability may actually promote the concept of individual responsibility and the
wrongdoers with whom they share a nexus of causation and responsibility. (In this regard,
voluntary assumption of responsibility shares considerable overlap with causation-based
justifications.)
ondary wrongdoer wishes to avoid rather than assume responsibility for the primary
Page 14 of 38

96
this may in itself be insufficient for monetary liability, it justifies some level of blame. As
choices by imposing liability:97
larity: to say that the secondary actor is liable because she owes (or has assumed) a duty
exists is the very issue to be determined. Ultimately, the answer is a function of tort law
ing activity,98 giving advice,99 or exercising control100

tor sufficient for secondary liability to arise.
3.2 Practical Functions
ternalization of wrongdoing, thereby deterring wrongs and lowering both individual and
ments are valid normative justifications for imposing liability in particular cases, at
(p. 75)
ment costs by conscripting least-cost avoiders; secondly, encouraging innovation; and,

thirdly, regulating communications policy. These parallel streams inform and are shaped
by the considerations of fault and personal responsibility considered previously.
3.2.1
Enforcement against secondary parties is cheaper than suing primary wrongdoers if the
aggregate costs of identifying each primary wrongdoer, proving liability, and recovering
judgment outweigh the total costs of recovery against enabling intermediaries. Without a
way to target facilitators, inducers, and conspirators, claimants face the Sisyphean task
of suing every tortfeasor. Moreover, without the cooperation of secondary actors,
exploit natural enforcement bottlenecks and reduce overall costs.101
vent optimal private ordering between claimants and wrongdoers. Such rules encourage
creasing service prices, or policing wrongdoing.102
sponding increases in any social benefits which those rights were designed to incentivize
ing, which may reduce related social harms (for example, by increasing the quality of
Page 15 of 38

timal precautions.103
recting breaches of primary obligations. Consequentialists regard secondary liability as
ties caused by restricting non-tortious conduct.104
sion, innovation, and privacy.
Insofar as it offers a descriptive account, this view is difficult to reconcile with the fault-
(p. 76) do
and effectiveness of enforcement.105 Yet even least-cost avoiders are not liable to pay a
rized, or conspired in wrongdoing. This reflects the reasonable assumption that ignorant
intermediaries are often unable to prevent wrongdoing without high social costs; fault is,
lish and European law are not solely concerned with efficient detection and prevention of
primary wrongdoing; indeed, in eBay, secondary liability was refused notwithstanding the
could feasibly do more to prevent wrongdoing. Conversely,
not account for these additional normative thresholds and therefore offers only a partial
3.2.2 Encouraging Innovation
gation is disproportionately costly, while recognizing that intermediaries are unlikely to

be least-cost avoiders unless they are actually aware of wrongdoing.106
though ex ante monitoring may carry excessive social costs, intermediaries are usually
more efficient at ex post removal than primary wrongdoers.107 When Parliament or courts
intervene to impose or limit secondary liability, they use a retrospective mechanism to
nological innovators. These interventions reflect an assessment of net social welfare that
ture inefficient investments.108
Page 16 of 38

aries may act without fear of potential liability.109
nologies. Further, they reduce the need for secondary actors to make decisions (p. 77)
about primary wrongdoing, which reduces the risk of pre-emptive over-enforcement.110
tious activity or incur the social costs of excessive enforcement.111
tion. However, safe harbours may not go far enough, since the marginal utility derived
112
ondary liability embody a compromise between strict and fault-based responsibility that
reflects wider considerations of social policy and market forces.
3.2.3 Regulating Communications Policy
tions policy and enforcing rights in and against information, since they have always been
gatekeepers crucial for its reproduction and dissemination.113
dustries, to minimizing consumer search costs.114 Secondary liability rules are one
method of regulating the interface between each generation of disseminating industries
gies, deciding whether, on balance, they should be immunized or face extended

liability.115 Following this assessment, Parliament may intervene to reverse or codify an
emergent policy.
That tort law specifies high thresholds for secondary liability reflects an underlying policy
of entrusting regulation to market forces unless the harms of new technology clearly
ic compromises, this reflects the contested nature of modern communications policies.116
odically rebalance wider interests of competition and economic policy, (p. 78) human
rights, innovation, regional and international trade policy,117 and the complex incentive
structures underlying primary legal norms.
Page 17 of 38

4. Types of Wrongdoing
bility rules may take, the relationship between primary and secondary wrongdoing, and
the justifications for extending liability to intermediaries. Having done so, we can now
complete the cartography of intermediary liability by identifying the main areas in which
national legal systems have sought to impose duties upon intermediaries. Although this
eye view of the territory which will be explored elsewhere in this book, and to situate
each area within the conceptual taxonomy of primary and secondary liability developed
earlier.
4.1 Copyright Infringement
Traditional business models of copyright industries have been challenged by new forms of
online distribution enabled by peer-to-peer protocols, user-generated content platforms,
tent creators and publishers have sought to use copyright norms to regulate the activities
licensed exploitation of copyright works. In so doing, copyright has proven to be one of

the hardest fought battlegrounds for intermediary liability.
The predominant focus of copyright owners has been the imposition of monetary liability
upon intermediaries who were obviously complicit in, or directly responsible for, the most
bility upon website directories of infringing content,118

fringing content,119 and transmission protocols that induce infringement by their users
and are overwhelmingly used to transmit infringing content.120
In most such cases, both primary and secondary liability are alleged, which reflects their
increasingly indistinct boundary in copyright law. For example, in Twentieth (p. 79)
ry Fox Film Corp. v Newzbin Ltd,121 the operator of a Usenet binary storage service was
ence to the outcome in this case whether liability was classified as primary or secondary.
A second strand of cases has sought to impose monetary liability upon intermediaries
ertheless facilitate or enable infringing transmissions to occur: chiefly, internet service
ondary liability (typically under the guise of authorization liability) upon ISPs and other
missions of their subscribers.122 Similarly, in
Page 18 of 38

lic Relations Consultants Association Ltd,123 the liability of an online news aggregator
service was to be decided solely by reference to a question of primary liability: namely,
whether the service engaged in acts of reproduction in respect of news headlines, and
whether those acts satisfied the temporary copying defence.
Claims against platforms have produced more equivocal outcomes: in the United States,
litigation against YouTube was settled out of court after two first instance judgments in
which summary judgment was granted in favour of YouTube on the basis of statutory safe
harbours,124 a successful appeal against summary dismissal, and findings upon remission
that YouTube had no actual knowledge of specific infringements or any ability to control
what content was uploaded by users.125 In another decision, the online video platform
Veoh was held not to have sufficient influence over user-uploaded video content to fix it
with liability for infringement:126
127
Both these
claims appear to have been focused solely on secondary liability standards.
sults, which appear to stem from confusion concerning the proper boundaries of primary
liability rules. In the United Kingdom, an app that allowed users to upload clips taken
communicating to the public a substantial part of the broadcast works, and could not rely
on the hosting or mere conduit safe harbours insofar as the clips were (p. 80) subject to
editorial review.128 In Germany, the Bundesgerichtshof did not consider it acte clair
whether a platform such as YouTube performs an act of reproduction or communication
to the public where infringing videos are uploaded by a user automatically and without
any prior editorial review by the platform operator, so referred several questions to the
CJEU.129 Previously, the Oberlandesgericht Hamburg had held that, as a host, YouTube
could avail itself of safe harbour protection irrespective of the answer to that question.130
Meanwhile, in Austria, a television broadcaster has reportedly succeeded in a claim for
infringement against YouTube on the basis that YouTube could not rely on the hosting
safe harbour.131
ucts of using primary liability concepts to conceal differing value assessments of these
More recently, copyright owners and their licensees have shifted their focus towards non-
dom, sections 97A and 191JA of the Copyright, Designs and Patents Act 1988 create
statutory blocking remedies consequent upon a finding that a third party has infringed
injunctions which give effect to the obligation recognized by Article 8(3) of Directive
2001/29/EC.132 These remedies are discussed in more detail later in this book.133 Their
growing use reflects a perception that injunctions of this kind can be significantly more
der made against a British ISP,
Page 19 of 38

cations plc, related to the Newzbin platform, which (despite the liability judgment in
Newzbin
being blocked that, finally starved of visitor traffic and advertising revenue, the platform
eventually shut down in late 2012.134
(p. 81) 4.2 Trade Mark Infringement
Google France SARL v Louis Vuitton Malletier SA
signs for trade mark purposes.135
136
gine, as such advertisements were not used by Google. However, the Court did advert to
the possibility of liability attaching under domestic secondary liability rules.137
land, at least, this seems unlikely as a result of the combined effect of eBay and CBS
ject to the possibility of non-monetary liability under Article 11 of Directive 2004/48/EC.
In eBay
and should do more to prevent infringement.138 The starting position was that tort law
139
feasor is the consequence of failing to discharge a duty (not to procure or participate in a

tortious design), and not the source of such a duty. It followed that if eBay was under no
duty to act, then whether or not it failed to take reasonable steps was irrelevant. The
ticle 11.140
(p. 82) As Aldous LJ observed in British Telecommunications plc v One in a Million Ltd,
Page 20 of 38

141
However, despite the inherent flexibility of such rules, cases like
eBay suggest that secondary liability rules embed within them a default policy choice to
exonerate passive or neutral intermediaries who play no intentional role in wrongdoing,
despite knowingly facilitating it for profit, or making it a necessary or inevitable part of
their business models.
Like copyright, English courts have recognized the availability of blocking injunctions to
prevent trade mark infringement by third parties.142 While these remedies are potentially
tising and selling such goods, they are less obviously available against general purpose
platforms such as eBay (on which are also advertised a vast array of lawful goods) due to
ing material.
4.3 Defamation
The tort of defamation proved one of the earliest battlegrounds for intermediary liability,
as claimants sought to impose monetary liability upon hosts of Usenet newsgroups,143
online news publishers,144 social networks,145 bloggers,146 and ISPs147
ed to encompass certain categories of secondary publishers whose contribution to the
ty. This process shares many parallels with earlier developments in the law of defamation
tion within established patterns of primary liability (for example, telegraphy and radio).
ability, which asks whether the intermediary is to be considered a publisher at common
ers from liability; and safe harbours, which immunize passive and neutral publishers who
would otherwise be liable. The common law approach to prima facie liability has evolved
rapidly in a series of judicial decisions involving intermediaries. By (p. 83) analogy with
cases involving offline intermediaries, English courts developed a test premised upon
knowledge of defamatory material coupled with a failure to remove it within a reasonable
period, from which an inference of publication could be drawn.
Early cases reasoned that an intermediary is to be treated as a publisher (and therefore

within the scope of primary liability for defamation) where tortious material is uploaded
by a third party to facilities under its control, the intermediary has been put on notice of
the unlawfulness of the material, and fails to remove it within a reasonable period despite
having the capacity to do so.148
volving offline intermediaries in which consent to publication was inferred from an
there.149
Page 21 of 38

This approach was further developed in Tamiz v Google Inc., which concerned defamatory
with, or to have made itself responsible for, the continued presence of [the defamatory]
150
The Court emphasized
blogs and comments, setting the terms and policies for the platform, and determining
ipation in publication. This suggests an approach which is consistent with principles of

moral agency and individual responsibility, albeit one founded upon a failure to act after
notification.151
Conversely, in Metropolitan Schools v DesignTechnica, the claimant alleged that Google
fence of innocent dissemination and safe harbours, though ultimately it needed neither
since it was held not to be a publisher of the material at common law, and therefore did
not face even prima facie liability.152
ed that a mere hyperlink is not publication of the material to which it leads.153 Australian
courts have been slower to reach the same conclusion: in Trkulja v Google LLC,154
ample, the High Court of Australia held that the question was not amenable to summary
155
In so holding, the Court appears to have (p. 84) disagreed with the
proposition that a search engine can never
cluded in search results or autocompleted queries.
Intermediaries who are further removed from the defamatory material are intrinsically
less likely to face primary liability. For example, in Bunt v Tilley the ISP defendant was
rials from third party website operators to its subscribers.156
materials, which would be necessary to impose legal responsibility.157

sion would appear likely to exonerate other mere conduits, without any need to rely on
defences or safe harbours.
The hosting safe harbour is most commonly relied upon by intermediaries to shield
against monetary liability for defamation.158 In McGrath v Dawkins, the retailer
Amazon.co.uk was immunized against claims of liability for allegedly defamatory reviews
159
Similarly, in Karim v
Newsquest Media Group Ltd, a claim against a website operator arising from defamatory
postings made by users was summarily dismissed on the basis of safe harbours.160
Page 22 of 38

pears to be encouraged by the English courts: if an intermediary receives two competing
161
It
also appears to be the case that intermediaries will not be required to accept complaints
parent.162
prive an intermediary of the hosting safe harbour.163
The Defamation Act 2013 (UK) introduced a new defence of exhaustion, which requires
tionship of subsidiarity between primary and secondary liability for defamation: a court
cannot hear a defamation claim against a secondary party unless the court is satisfied
that it is not reasonably practicable for the claimant to proceed against the (p. 85)
ry party.164 In defamation claims, a successful claim against a secondary publisher (such
as a service provider) is usually treated as an example of primary liability for a second
and distinct publication, even though it is derivative from another wrong (the original
publication).
4.4 Hate Speech, Disinformation, and Harassment
Discussion continues in the United Kingdom about how best to regulate and deter online
intermediaries (especially social networks and media-sharing platforms) to take a more

active role in policing content accessible on their platforms.165 A series of recent cases
from Northern Ireland demonstrates how social networks can face non-monetary liability
to remove materials which constitute unlawful harassment or otherwise interfere in an
XY v Facebook Ireland Ltd
ing Facebook to remove the page in question (designated by URL), but refused to order it
to monitor the site to prevent similar material from being uploaded in the future due to
the disproportionate burden and judicial supervision that would entail.166 However, no
out any discussion that Facebook owed a duty to prevent interferences with the
167
Conversely, in Muwema v Facebook Ireland Ltd

quiring Facebook to identify the author of a Facebook page, but refused injunctive relief
because Facebook could avail itself of statutory defences and because it would be
futile.168
Page 23 of 38

public electronic communications network.169 Service providers have not been targeted
directly, and it is difficult to envisage a situation in which an intermediary would possess
the necessary mens rea
ondary liability standards, it seems likely that some form of sui generis
tion would be necessary if policymakers wish to impose duties onto (p. 86)
cial networks, and other intermediaries involved in the dissemination of harmful
material.170
4.5 Breach of Regulatory Obligations
Liability can also arise pursuant to statutory provisions that impose specific duties upon
intermediaries in particular contexts. Intermediaries now face primary regulation in fields
as diverse as network neutrality,171 network and information security,172 access to online
pornography,173 and data protection.174
ties and enforcement notices from regulators through to private claims for breach of
statutory duty. These are most conventionally thought of as forms of primary liability,
since they attach to breaches of primary duties owed by intermediaries under the terms
of the relevant legislation.
tion of metadata by service providers, under various conditions and procedures, to assist
in the detection and investigation of crime. Under the Investigatory Powers Act 2016
ceive a valid request are obliged to grant access to the requested data, enforceable by
gence-sharing by GCHQ and other agencies, public debate has ignited about whether
these capabilities are lawful, necessary, or desirable, and what conditions and safeguards
are needed to uphold fundamental rights. In the meantime, intermediaries continue to be
subject to primary duties to store communications metadata and to provide targeted and
bulk access to law enforcement authorities.
(p. 87) 4.6 Disclosure Obligations
Most legal systems recognize an obligation to give disclosure of information needed to

bring a viable claim against an actual or suspected wrongdoer. In common law systems,
disclosure of this kind is a discretionary equitable remedy that has been developed by
Page 24 of 38

courts of equity.175
en against the primary wrongdoer; and (4) that disclosure would, in the circumstances,
be proportionate. Whether disclosure by an intermediary is proportionate will depend on
a number of factors, including the nature and seriousness of the primary wrongdoing,176
177
whether the
private,178 whether the disclosure would only affect the personal information of arguable
wrongdoers,179
es indicate that it is exceedingly rare for disclosure to be outweighed by the fundamental

rights of an intermediary or their anonymous users.
The nature of the legal duty recognized in these cases is relatively limited, and such
claims give rise only to non-monetary secondary liability of the most nominal kind. The
180
However, reflecting their status as a legally innocent
ance costs and legal costs of responding to the claim for disclosure.181
ders against ISPs may be abused by claimants for the collateral purpose of extracting
monetary settlements from subscribers accused of copyright infringement. In one
case,182 the Court commented critically on the use of disclosed information to perpetrate
a scheme in which parties were given no realistic prospect but to submit to a demand of
(p. 88)
183
5. Conclusions
ther classified along a spectrum of liability rules. Additionally, all forms of liability may be
described as either primary or secondary, where the latter is reserved to derivative
wrongdoers whose conduct meets certain causal, relational, and normative thresholds.
Page 25 of 38

tional accounts of moral agency and individual responsibility in private law. This chapter
argued that doctrines of secondary liability can be best explained, at least in the context
tain secondary actors may be appropriate targets of loss-shifting. Although economic
ing many intermediary liability rules, the agnosticism of enforcement cost analysis offers
few clear answers to underlying questions of fault, responsibility, and fundamental rights.
taken by major platforms and search engines. For example, by the end of March 2019,
Google had processed over 4 billion requests to de-index copyright-infringing URLs from
search results,184 which is many orders of magnitude greater than any conceivable claims
for injunctions or damages. Secondly, the norms and practices which intermediaries
hood of tortious material being posted, transmitted, or accessed.185

ty of liability may cause intermediaries to internalize at least some of the harms caused
by their services even if they are not under a strict legal duty to do (p. 89) so.186 Finally,
terested behaviour, may incentivize greater self-regulation,187

diaries to develop new capabilities which are later available to be deployed in aid of legal
remedies.188
quence of imposing liability.
olds of intervention required for secondary liability suggest that these rules are unlikely
pean law, examined elsewhere in this book, further entrench the principle that faultless
wrongdoing.
tive of English law, which will be further analysed in specific areas elsewhere in this
book.
Page 26 of 38

Notes:
(1
(2) Robert Stevens, Torts and Rights

junction which prohibits lawful conduct).
(3) Oliver Wendell Holmes, The Common Law (first published 1881, 1963 Belknap Press
edn) 64. Now, of course, the constellation of statute often displaces, codifies, or abrogates
earlier common law rules.
(4) H.L.A. Hart and Tony Honoré, Causation in the Law (OUP 1985) 65.
(5) [1920] AC 956, 986 (Lord Sumner).
(6) John Mackie, Ethics: Inventing Right and Wrong (Penguin Books 1977) 208.
(7) Ronald Dworkin, (HUP 1986) 174.
(8) Lloyd Weinreb, Natural Law and Justice (HUP 1987) 200. This assumption appears to
be common to many philosophical discussions of individual responsibility: see e.g. Isaiah
Berlin, Liberty (Cohen 1995) 6; Emmanuel Kant, The Metaphysics of Morals
(9) Dworkin (n 7) 170.
(10) See Attorney General v Blake
(11) See John v MGN Ltd
(12
(13) Cf. Emmens v Pottle

nation).
(14
ly 2000 on certain legal aspects of information society services, in particular electronic
commerce, in the Internal Market [2000] OJ L178/1, Arts 13(1)(e), 14(1)(b).
(15
(16) See e.g. Directive 2001/29/EC of the European Parliament and the Council of 22 May
Page 27 of 38

(17) See, inter alia, Chapters 7, 27, and 29.
(18) See, inter alia, Chapters 15 and 16.
(19) See e.g. Cartier International AG v British Sky Broadcasting Ltd [2014] EWHC 3354
(20) Singularis Holdings Ltd v PricewaterhouseCoopers

tion JSC) (UK) (citations omitted).
(21) Ashworth General Hospital Ltd v MGN Ltd [2002] 1 WLR 2033 [26] (Lord Woolf CJ)
(UK).
(22
Tilburg Law & Economics Research Paper Series, Discussion Paper No. 2016-012 (2016).
(23
rective) Regulations 2002 (SI 2002/2013), reg. 20(1)(b), (2).
(24
ferred here for its neutrality and ability to capture the range of standards according to
which intermediaries may be held liable.
(25) See e.g. Directive 2011/83/EU of the European Parliament and of the Council of 25
tracts); Directive 2013/11/EU on alternative dispute resolution for consumer disputes,

Art. 2(a) (online dispute resolution).
(26
LSE Media Policy Project Blog, 8 May 2018) <
apolicyproject/2018/05/10/reducing-harm-in-social-media-through-a-duty-of-care/>.
(27) See by analogy Dorset Yacht Co. Ltd v Home Office [1970] AC 1004, 1030 (Lord Reid)
(28) See by analogy Haynes v Harwood [1935] 1 KB 146 (driver for bolting horse) (UK);
Newton v Edgerley
(29) As in the case of an intermediary who is a data controller vis-à-vis personal data. See
Regulation 2016/679/EU of the European Parliament and of the Council of 27 April 2016
on the protection of natural persons with regard to the processing of personal data and
on the free movement of such data, and repealing Directive 95/46/EC [2016] OJ L119/1
Page 28 of 38

(30) See e.g. National Rugby League Investments Pty Ltd v Singtel Optus Pty Ltd [2012]
platform).
(31) See e.g. C-160/15 GS Media BV v Sanoma Media Netherlands BV [2016] ECLI:EU:C:
2016:644 (provision of hyperlinks to infringing content); C-527/15 Stichting Brein v Jack
Frederik Wullems
es).
(32) [2008] 1 AC 1 [27] (Lord Hoffmann) (UK).
(33) ibid. [59] (Lord Nicholls).
(34) As there is no liability for attempted or inchoate copyright infringement, it would
ment.
(35) See e.g. French Civil Code (2016 French Ministry of Justice edn, Cartwright et al.
(36
(Butterworths 1992) 55, 100.
(37
Cambridge L.J. 491, 502.
(38) Claire McIvor, Third Party Liability in Tort (Hart 2006) 1.
(39) Confusingly, secondary wrongdoing can often lead to primary liability. For example,
tortious secondary liability is primary in the sense that all wrongdoers are jointly liable
(40) Sabaf SpA v Meneghetti SpA [2003] RPC 264, 284 (Peter Gibson LJ) (UK).
(41) Cf. Caparo Industries plc v Dickman
ity).
(42) Revenue and Customs Commissioners v Total Network SL [2008] 1 AC 1174, 1255
(Lord Walker) (UK).
(43) OBG (n. 32) [31] (Lord Hoffmann).
(44) Glanville Williams, Joint Torts and Contributory Negligence.A Study of Concurrent
Fault in Great Britain, Ireland and the Common Law Dominions (Stevens and Sons 1951)
2.
Page 29 of 38

(45) The Koursk [1924] P 140, 151 (Bankes LJ) (UK). For example, some scholars argue
bility in tort: see further Patrick Atiyah, Vicarious Liability in the Law of Torts
(46) See e.g. CBS Songs Ltd v Amstrad Consumer Electronics plc [1988] 1 AC 1013, 1058
and procures and shares a common design
MCA Records Inc. v Charly
Records Ltd [2002] FSR 26 [424] (Chadwick LJ) (UK) (treating the test as disjunctive).
(47) Unilever plc v Gillette (UK) Ltd [1989] RPC 584, 595 (Mustill LJ) (UK).
(48) For example, in the UK statutory authorization liability extends the scope of primary
liability for copyright infringement, and impliedly abrogates common law authorization as
a connecting factor. See Copyright, Designs and Patents Act 1988 (n. 11) s. 16(2).
(49) CBS
(50) Allen v Flood
(51) Belegging-en Exploitatie Maatschappij Lavender BV v Witten Industrial Diamonds Ltd
(52)
ter 20.
(53
(54) Fish & Fish Ltd v Sea Shepherd UK [2014] AC 1229 [21] (Lord Toulson JSC) (UK).
(55) Glanville Williams, Joint Torts and Contributory Negligence (Stevens and Sons 1951)
10.
(56) The Koursk (n. 45), 155 (Scrutton LJ).
(57) eBay
(58) See Credit Lyonnais Bank Nederland NV v Export Credits Guarantee Department
[2000] 1 AC 486, 500 (UK).
(59) The Koursk (n. 45), 156 (Scrutton LJ); Credit Lyonnais (n. 58), 493, 499 (Lord Woolf
MR).
(60) Unilever v Gillette (n. 47) 608 (Mustill LJ).
(61) CBS
(62) Unilever plc v Chefaro Properties Ltd [1994] FSR 135, 138, 141 (Glidewell LJ) (UK).
(63) Sea Shepherd (n. 54) [57] (Lord Neuberger PSC).
Page 30 of 38

(64) See CBS (n. 46) 1058 (Lord Templeman).
(65) C. Evans & Son Ltd v Spritebrand Ltd [1985] 1 WLR 317, 329 (Slade LJ) (UK).
(66) See Davies (n. 24) 403.
(67) OBG
(68
conduct falling within the mere conduit, caching, and hosting safe harbours).
(69) Accessories and Abettors Act 1861, s. 8 (UK). See also Serious Crime Act 2007, ss.
(70) See generally Lister v Hesley Hall Ltd [2002] 1 AC 215 (UK).
(71) See Eastern Construction Co. v National Trust Co. [1914] AC 197 (UK).
(72) See e.g. Famous Music Corp. v Bay State Harness Racing and Breeding Association
Inc., 554 F.2d 1213 (1st Cir., 1977) (US) (imposing liability for infringing performances on
ry duty to take reasonable steps to prevent land from causing harm to others: see Leakey
v National Trust for Places of Historic Interest or National Beauty
(Megaw LJ) (UK).
(73) See e.g. Uber BV v Aslam
portation business and workers).
(74
Rights and Private Law (Hart 2012)
251, 263.
(75) ibid. 268.
(76) ibid. 273 (emphasis added).
(77
(78) See e.g. John Gardner, Offences and Defences: Selected Essays in the Philosophy of
Criminal Law
(79) See e.g. K.J.M. Smith, A Modern Treatise on the Law of Criminal Complicity (OUP
(80
Page 31 of 38

(81) See Philip James and David Brown, General Principles of the Law of Torts (4th edn,
Butterworths 1978) 356.
(82) See Stevens (n. 2) 254.
(83
(83) He who employs another to do it does it himself.
(84) See e.g. Launchbury v Morgans [1973] AC 127, 135 (Lord Wilberforce) (UK).
(85) Stevens (n. 2) 245.
(86) Tesco Supermarkets Ltd v Nattrass
(87
(88) See
Nicholls), 245 (Baroness Hale), 248 (Lord Brown) (UK).
(89) Credit Lyonnais (n. 58) 549 (Lord Woolf MR) (emphasis added).
(90
(91) Davies (n. 24) 404, 409.
(92
668.
(93) OBG (n. 32) [27] (Lord Hoffmann).
(94
says in Jurisprudence (OUP 2000) 131, 148.
(95 Donoghue v Stevenson

Stovin v Wise [1996] AC 923, 935 (Lord
Nicholls) (UK).
(96
(97 Mens Rea
(98
(99) See e.g. Hedley Byrne & Co. Ltd v Heller & Partners Ltd
Morris), 487 (Lord Reid) (UK).
(100) See e.g. Dorset Yacht (n. 27) 1030 (Lord Reid).
Page 32 of 38

(101
(102
(103) See Guido Calabresi, The Costs of Accidents: A Legal & Economic Analysis (Yale U.
(104) See William Landes and Richard Posner, The Economic Structure of Intellectual
Property Law
(105
(106) See Rustad and Koenig (n. 16) 391.
(107) See European Commission, Report on the Application of Directive 2004/48/EC (22
December 2010) 9.
(108
(109
(110) See Mann and Belzley (n. 105) 274.
(111
(112
(113
(114
(115
(116) ibid. 356.
(117
(118) See e.g. Cooper v Universal Music Australia Pty Ltd

son J) (French J agreeing) (Aus.).
Page 33 of 38

(119) See e.g. Twentieth Century Fox Film Corp. v Newzbin Ltd [2010] EWHC 608 (Ch)
[125] (Kitchin J) (UK); [2010] FSR 21.
(120) See e.g. Metro-Goldwyn-Mayer Studios Inc. v Grokster Ltd, 545 US 913, 937 (2005)
(US).
(121
mary liability).
(122) See e.g. Roadshow Films Pty Ltd v iiNet Ltd (No. 3) (2012) 248 CLR 42 (Aus.).
(123) [2013] RPC 19. See also C-360/13 Public Relations Consultants Association Ltd v
Newspaper Licensing Agency Ltd and Others [2014] ECLI:EU:C:2014:1195.
(124) See Digital Millennium Copyright Act 1998, s. 512(c) (US).
(125) See Viacom International Inc. v YouTube Inc., 676 F.3d 42 (2d Cir., 2012) (US);
com International Inc. v YouTube Inc
NY 2013) (Stanton J) (US).
(126) See UMG Recordings v Shelter Capital Partners LLC, No. 10-55732, 2013 WL
1092793, 12, 19 (9th Cir., 2013) (US).
(127) Capital Records Inc. v MP3Tunes LLC, 821 F.Supp.2d 627, 635 (SDNY 2011) (US).
(128) See England and Wales Cricket Board Ltd v Tixdaq Ltd [2016] EWHC 575 (Ch)
liable for infringing acts committed by users: see ibid. [94] (Arnold J).
(129) See Bundesgerichtshof [Supreme Court] (BGH) LF v Google LLC & YouTube Inc. [13
September 2018] case no. I ZR 140/15 (Ger.); C-682/18 LF v Google LLC, YouTube Inc.,
YouTube LLC, Google Germany GmbH [2019] Request for a preliminary ruling from the
(130) See Oberlandesgericht [Higher Court] (OGH) Hamburg, GEMA v YouTube II

ber 2015] case no. 5 U 87/12 (Ger.).
(131) See Handelsgericht [Commercial Court] Vienna, ProSiebenSat.1 PULS 4 GmbH v

YouTube LLC
APA-OTS, 6 June 2018) <https://www.ots.at/presseaussendung/
OTS_20180606_OTS0177/puls-4-gewinnt-prozess-gegen-youtube>.
(132) See e.g. Twentieth Century Fox Film Corp. v British Telecommunications plc (No. 1)
Newzbin2 Football Association
Premier League Ltd v British Telecommunications plc (No. 1) [2017] EWHC 480 (Ch)
(UK), in the context of live sports broadcasts.
Page 34 of 38

(134 BBC
vember 2012) <https://www.bbc.co.uk/news/technology-20540853>.
(135 Google France SARL v Louis Vuitton Malletier SA [2010] ECLI:EU:C:
(136) ibid. para. 57. The CJEU clearly had in mind national rules of secondary liability, as
(137) ibid. para. 57.
(138) eBay (n. 52) [370] (Arnold J).
(139) ibid. [375] (Arnold J).
(140
(141) [1998] EWCA Civ 1272; [1999] FSR 1 [486] (Aldous LJ).
(142) See e.g. Cartier International AG v British Sky Broadcasting Ltd [2014] EWHC 3354
(Ch) (UK); British Telecommunications plc v Cartier International AG [2018] UKSC 28;
[2018] 1 WLR 3259 (UK).
(143) See e.g. Godfrey v Demon Internet Ltd [2001] QB 201 (UK).
(144) See e.g. Dow Jones & Co. v Gutnick

McHugh, Gummow, and Hayne JJ) (UK).
(145) See e.g. Richardson v Facebook UK Ltd [2015] EWHC 3154 (QB) [28], [48] (Warby J)
(UK) (noting obiter that the defendant could not be held to be a publisher).
(146) See e.g. Bunt v Tilley [2006] EWHC 407 (QB) (UK).
(147) See e.g. Kaschke v Gray
(148) See Godfrey (n. 143) 209, 212 (Morland J).
(149) See Byrne v Deane [1937] 1 KB 818, 830 (Greene LJ) (UK).
(150) [2013] EWCA Civ 68 [34] (Richards LJ) (Lord Dyson MR and Sullivan LJ agreeing)
(UK).
(151) See also Pihl v Sweden
tion rights).
(152) [2009] EWHC 1765 (QB) [124] (Eady J) (UK).
Page 35 of 38

(153) See Crookes v Newton [2011] SCC 47 (Can); [2011] 3 SCR 269 [42] (Abella J), [48]
(McLachlin CJ and Fish J) (CA) (UK).
(154
(155) ibid. [39].
(156) See Bunt v Tilley
(157) ibid. [22] (Eady J); cf. McLeod v St Aubyn [1899] AC 549, 562 (Lord Morris) (UK).
(158
(159) [2012] EWHC B3 (QB) (UK).
(160) [2009] EWHC 3205 (QB) [15] (Eady J) (UK).
(161) See e.g. Davison v Habeeb [2011] EWHC 3031 (QB) [66] (HHJ Parkes QC) (UK).
(162) Tamiz
(163) eBay (n. 52) [122].
(164
ternet disputes involving anonymous primary defendants.
(165) See e.g. Digital, Culture, Media and Sport Committee, Final Report: Disinformation
(166
(167) See also AB Ltd v Facebook Ireland Ltd

(UK).
(168
(169) See e.g. Chambers v Director of Public Prosecutions [2012] EWHC 2157 (UK).
(170) The Final Report (n. 165) recommended the creation of a statutory body responsible
for enforcing a Code of Ethics against intermediaries, including by requiring the removal
(171) See Regulation 2015/2120/EU of the European Parliament and of the Council of 25
November 2015 laying down measures concerning open internet access and amending
nications networks and services and Regulation (EU) No. 531/2012 on roaming on public
mobile communications networks within the Union [2016] OJ L/310.
(172) See Network and Information Systems Regulations 2018 (SI 2018/506) (UK).
Page 36 of 38

(173) See Digital Economy Act 2017, ss. 14, 20, 23 (UK).
(174) See Regulation 2016/679/EU (n. 29).
(175) See Norwich Pharmacal Co. v Customs and Excise Commissioners [1974] AC 133
(UK).
(176) See Sheffield Wednesday Football Club Ltd v Hargreaves [2007] EWHC 2375 (QB)
(UK).
(177) See Clift v Clarke [2011] EWHC 1164 (QB) (UK).
(178) See Totalise plc v The Motley Fool Ltd [2002] 1 WLR 1233 [30] (Aldous LJ) (UK).
(179) See
gogo Ltd) (in liq.) [2012] 1 WLR 3333 [43], [45] (Lord Kerr JSC) (UK).
(180) ibid. [15]; Cartier (n. 142) [10] (Lord Sumption JSC) (UK).
(181) See Totalise (n. 178) [29] (Aldous LJ); see Cartier (n. 142) [12] (Lord Sumption JSC).
(182) See Media CAT Ltd v Adams (No. 2)
(183) Golden Eye (International) Ltd v Telefónica UK Ltd [2012] EWHC 723 (Ch) [146]
(184
port (March 2019) <https://transparencyreport.google.com/copyright/overview>.
(185 Help Center, 2019) <https://

help.twitter.com/en/rules-and-policies/twitter-rules>.
(186 https://pages.ebay.co.uk/vero/about.html>;
YouTube Help, 2019) <https://
support.google.com/youtube/answer/2797370>.
(187
Facebook Business, 29 November 2018) <https://www.facebook.com/business/
news/updates-to-our-ad-transparency-and-authorization-efforts> (noting a change to
(188
sponse to government pressure).
Jaani Riordan
Jaani Riordan is a barrister at 8 New Square, London. Email: jr@8newsquare.co.uk.
Page 37 of 38

Page 38 of 38

Who are Internet Intermediaries?

Graeme Dinwoodie
gory of online intermediaries. It does so by acknowledging important scholarly efforts to

produce a detailed taxonomy of online intermediaries. An analysis of positive law in a
native legal categories of online actors that might be seen as subsets of, or overlapping
cal reality of how actors behave in constructing categories. But those legal categories are
what more conceptual approach, this chapter hopes to develop understandings that will
allow debate about the liability of online intermediaries across borders and across time,
ly evolving.
Keywords: online intermediaries, platforms, online service providers, taxonomy, definition
AS this Handbook plainly attests, much has been written in recent years on the liability of
1
standing of the term (probably meaning they are not passive neutral conduits)2
ferent than most legal scholars.3
tures) there is little consensus or clarity. As Jaani Riordan has explained:
be used to describe many entities which seem to share little in common, other
difficulties partly explain their tendency to elude precise definition.4
Page 1 of 24

gory of online intermediaries. It does so by acknowledging important scholarly efforts

(p. 38)
be nigh impossible to improve.5
ing of the term, as well as alternative legal categories of online actors that might be seen
ies for internet intermediaries.6 And more recent legislative innovations in Europe have
ital Single Market.7 By and large, these are technical statutory definitions adopted for
tinctions among internet intermediaries.
This chapter also pursues a more typological approach to the classification question,
others) might play.8
line intermediaries across borders and across time, given that the technological features
and social role of online intermediaries are constantly evolving.
1.
tional treaties.9 (p. 39)
instruments. For example, Article 11 of the EU Enforcement Directive and Article 8(3) of
holders are in a position to apply for an injunction against intermediaries whose services
10
For the purpose of
11
ly failed. Thus, an internet access provider is an intermediary.12

ketplace, a social network, and the operator of an open wireless network.13
Drawing on recital 59 of the Information Society Directive, the Court of Justice suggested
14
in Telekabel
Page 2 of 24

(p. 40)
they are necessary but insufficient causes when online wrongdoers utilize their services
15
reasoning appears to impose few limits. The suggestion in Tommy Hilfiger Licensing LLC
v Delta Center
service capable of being used by one or more other persons in order to infringe one or
16
In Hilfiger
tricity were intermediaries, but the language admits of this possibility.17 Scholars have
ment or anonymizing services, domain name authorities, search engines, VPN providers,
18
ingly clear that the underlying concept has very little to do with any intermediary role.
The generous protective hand of injunctions basically extends to everyone who engages
in an economic activity, in course of which he or she is in a position to prevent third party
wrongdoing. Any definitional exercises seem to be by now a mere window-dressing for
19
(p. 41)
tivated in large part by the context of online exploitation,20 the parallel provision in the
Enforcement Directive has not been limited to the online context.21 Thus, in
figer Licensing, the tenant of market halls who sublet the various sales points situated in
meaning of Article 11 of the Enforcement Directive.22 The Court of Justice declined to

draw any distinction between an online and physical marketplace.
its recitals.23 15),
24
ation, at a distance, by electronic means and at the individual request of a recipient of

25
This is a broad definition but does exclude some commercial actors such as
internet cafés (because not provided remotely) and broadcasters (who, rather than the
user, determine when and what transmissions occur). And although the safe harbours to
which such providers can have recourse apply only to economic operators rather than
Page 3 of 24

non-commercial services, English courts have held unequivocally that personal websites,
such as blogs and discussion fora, which have no profit motive or revenue model, may
qualify for protection.26
is serving as a proxy for intermediaries that the e-Commerce Directive has in its sights,
27
And in the context of (p. 42) the
e-Commerce Directive, unlike the Enforcement Directive, we are talking about internet
intermediaries.
aries, but also classifies them in a way that might suggest a taxonomy; at the very least,
these classifications have legal consequences. Thus, the e-Commerce Directive creates
immunity for service providers:
(1)
thored and initiated by others (Art. 12);
28
(2) and
(3)
29
As we shall see later, EU legislation picks up three of the four safe harbours found in US
copyright law, as enacted by the Digital Millennium Copyright Act (DMCA).30
ally, the types of intermediary activity protected by the safe harbours vary slightly among
jurisdiction.31 But there is a core commonality that identifies, inter alia, access providers
diary.
Article 14 of the e-Commerce Directive, which provides a hosting safe harbour not unlike
that found in section 512(c) of the US Copyright Act, has received the greatest attention
vides that:
1.
formation provided by a recipient of the service, Member States shall ensure that the
service provider is not liable for the information stored at the request of a recipient
of the service, on condition that:
(a) the provider does not have actual knowledge of illegal activity or information
and, as regards claims for damages, is not aware of facts or circumstances from
which the illegal activity or information is apparent; or
(p. 43) (b)
ditiously to remove or to disable access to the information.
2. Paragraph 1 shall not apply when the recipient of the service is acting under the
authority or the control of the provider.
Page 4 of 24

The Court of Justice interpreted this provision in Google France v Louis Vuitton Malletier
and .32
33
actor. The Advocate General in eBay
dressing another provision (the conduit safe harbour).34 But the Court of Justice adopted
the requirement in both Google France and eBay.35
keywords.36
and make it vulnerable to loss of immunity under Article 14. Likewise, in eBay
37
On the contrary,
information to effect the advertising, offering for sale, exposing for sale and sale of goods
38
The Court of Justice found first that eBay was potentially entitled to the benefit of Article
14 as an information society service provider. Whether eBay was such a provider within
the protection afforded by the safe harbour would as a threshold matter depend on how
active it was in the allegedly illegal activity.39
presentation of the offers for sale in question or promoting those offers, it [would] be
(p. 44)
40
Determination of that question was,
41
however, left to national courts.
Secondly, by the terms of Article 14, even if an intermediary was insufficiently inactive to
alised that the offers for sale in question were unlawful and, in the event of it being so
42
Google could invoke Article 14 only if it disabled ads
43
upon receiving notice.
44
The Court of Justice has not finally decided on the availability of the EU safe harbour for
tional courts. In decisions handed down on similar facts to , the French
cause it had played too active a role by assisting sellers in the promotion and fostering of
sales.45 In contrast, the Madrid Court of Appeals has held that Google (as the owner of
Page 5 of 24

YouTube) was acting as a host under Article 14 in the context of a copyright infringement
case.46 The Italian courts have reached similar outcomes regarding YouTube.47 Variations
clearly remain at the national level within Europe.48 The issue is now before the Court of
Justice.49
(p. 45) 2. Alternative Terms

The literature discussing online intermediaries frequently uses alternative terms that are
most be without limit.50
tory definitions.
Each of these terms has in recent years received some legislative definition (along with
yet other synonyms) in provisions creating safe harbours, or immunity from liability, for
such actors.51 Just before the EU adopted the e-Commerce Directive, the United States
enacted the DMCA (and two years before that the Communications Decency Act). Section
230 of the Communications Decency Act provides the strongest and most unconditional
52
ply to federal intellectual property claims. Instead, the DMCA introduced a detailed set of
provisions into section 512 of the Copyright Act establishing a series of immunities from
53
aries benefit. The parallels with the e-Commerce Directive are obvious, even though the
DMCA is formally restricted to copyright law.54
Each safe harbour under the DMCA (e.g. access vs hosting vs caching) has its own
(p. 46)
specific requirements that vary slightly.55 Immunity as an access provider requires, to
Moreover:
the event must be initiated by a third party;
tion of the material by the service provider;

the service provider must not select recipients of the material except as an automatic
response to the request of another person;
Page 6 of 24

tem in a manner ordinarily accessible to anyone other than anticipated recipients or
sion of connections; and

the material is transmitted through the system or network without modification of its
content.
The crucial hosting immunity in section 512(c) of the Copyright Act is based on inter alia
the operation of a notice-and-takedown system by the intermediary. Section 512(c) is an
tivity using the material is infringing, is not aware of facts or circumstances from which
infringing activity is apparent, and upon obtaining such knowledge or awareness, it acts
rectly attributable to the infringing activity.56
Most importantly, where an ISP receives a takedown notice alleging infringement that
chestrates in precise terms the actions that the ISP must take to preserve its immunity,
including how it must respond to any counter-notice that it receives from any person in
response to its good-faith disabling of access to, or removal of, material.57 The counter-
notice procedure of the DMCA is intended to preserve some balance between the rights
of the customers of the ISP, who might have valid grounds for believing that their conduct
is not infringing, and those of the copyright owner (with whose notice the ISP is (p. 47)
tent or direct liability to a customer for removing what turns out to be lawful material.
But the benefits of compliance are so strong that the conditions in the statute function as
a form of business regulation.
3. A Functional Taxonomy
The Organisation for Economic Co-operation and Development (OECD) has described
gether or facilitate transactions between third parties on the Internet. They give access
to, host, transmit and index content, products and services originated by third parties on
58
As with the statutory definitions noted earlier, this is hardly limited. And it risks treating
quite diverse actors as one monolith. In The Liability of Internet Intermediaries
Page 7 of 24

59
er services provide the basic infrastructure necessary for communication; network layer
services are responsible for data being routed from one IP address to another;60
61
Riordan consciously sought to offer a more nuanced classification than one could find in
tury view of internet intermediaries. The separation between access providers and hosts,
and our expectation of what each category of intermediaries does or should do has moved
on. Many intermediaries now straddle these classifications. And those classifications also
group together actors who might in sometimes important ways differ dramatically from
each other. More nuance can only help.
egory there is a remarkable range of different actors performing different roles. The legal
regimes operate with a far smaller number of categories, as is not surprising (and surely
appropriate for enforcement costs reasons).62 Secondly, one actor can perform (p. 48)
more than one type of service; indeed, this has become evident even in working with the
bours to immunize different parts of their operation.
It must be understood that perfecting the taxonomy is an essentially empirical task. Given
the fast-changing and diverse nature of online intermediaries, there might appear to be a
risk in placing too much analytical weight on a (2016) technical description of the role
and capacity of current actors. And it is an open question whether that empirical reality
should be hardwired into legal doctrine, or even given dispositive weight at the moment it
is assessed. The dynamic between technological form and legal liability has ebbed and
flowed over the years. For example, the US Supreme Court has recognized the relevance
of design choice to determinations of copyright inducement liability when combined with
other evidence.63
trine to secure a clean bill of health.64
As long as this potential for evolution is understood and the functional features of today
do not become embedded in fixed legal doctrine, this effort at taxonomy is valuable.65
There is a need for greater granularity in this debate. This sensitivity would be valuable,
bility doctrine might seem to allow.66 Indeed, such flexibility is also necessary to account
for the different demands that might be imposed on smaller entities without the capital or
sophistication of eBay.67
To give just one example of where a factual taxonomy might inform legal analysis, there
remains disagreement among national courts in Europe whether web-blocking orders
must as a matter of proportionality be sought first from host providers before actions are
brought against access providers. The Court in Telekabel did not address (p. 49)
Page 8 of 24

rant the infringers or the host ISP being pursued first.68 But if such a form of analysis
were pursued then courts would need to be informed about the different roles played by
different intermediaries (and potential defendants).
That is to say, while resisting subservience to technical function as determinant of how to
ability.69
ticular conduct turns on its technological capacity to do so.70
Definition by exemplar might also be useful, so it is worth briefly setting out the types of
amples.71
gies for infringements caused by those who use their equipment,72 purveyors of peer-to-
peer file-sharing software for the activities of those who download material without
73
and social media sites (such as YouTube) that host allegedly
infringing clips from copyrighted audiovisual works.74
tions brought against online auction sites, each essentially alleging that the auction site
could have done more to stop the sale of counterfeits or other allegedly infringing items
by third parties on its website; and claims brought against search engines alleging (p. 50)
that the sale of keyword advertising consisting of the trade marks of parties other than
the mark owner resulted in infringement (normally, by causing actionable confusion).75
In defamation or libel law, websites (e.g. the retailer Amazon.co.uk) have been sued
product page.76
the claimant,77
lated the privacy of individuals to whom the personal data related (even if the data is not
78
This illustrates the wide variety of internet intermediaries pursued as liable for enabling
wrongs perpetrated by others, but core ISPs, such as companies providing access to the
internet or web-hosting services, are also potential defendants in any of these
scenarios.79
Page 9 of 24

ments have also been sued for facilitating unlawful transactions,80 and companies merely
providing customers with access to the internet have been required to block websites in
other countries where allegedly infringing content resides.81
4. Typological Considerations
4.1 Intermediaries in Distinct Fields
Some of the definitions of intermediary noted earlier are drawn from regimes regulating
sion has been made for the treatment of intermediaries. Insofar as the concept is defined
for a particular field of law, it will almost inevitably come to be shaped by the (p. 51)
pose of that field. The capacity of an intermediary to avoid confusion (and thus further
the goals of trade mark law) might differ from its capacity to prevent reproduction (and
mine the purpose of the regime in question in ways that vary among regimes.
This consideration has to inform some of the debate surrounding whether to develop
schemes of liability for intermediaries that are tied to particular legal claims or regimes.
There may be pragmatic reasons for doing so. Overlapping and inconsistent regulation
can increase costs and uncertainties and undermine the proper functioning of a legal
viding the necessary certainty for electronic commerce.82 In some countries, immunity
markably complex matrix of immunity.83 Most claims are covered by section 230 of the
Communications Decency Act.84 Copyright claims are covered by the DMCA. But trade
mark claims are encompassed within neither US safe harbour regime;85
lated in Inwood v Ives86 and applied in eBay v Tiffany.87
(p. 52)
lar type of legal claim in respect of which that status results in legal consequences.88 It
89
90
monizing the concept because it wanted the provisions in Articles 8(3) and 11 to apply to
as broad a category of providers, and that applying the understandings developed for
Page 10 of 24

haviour) would unduly restrict those orders.91
But, as a descriptive matter, one can read

ders a provider something other than an intermediary; rather, it would be one not entitled
to immunity under Article 14, just as an access provider against whom an order is not
made under Article 8(3) is no less an intermediary. The Court found first that eBay was
potentially entitled to the benefit of Article 14 as an information society service
provider.92 Whether eBay was such a provider within the protection afforded by the safe
harbour would as a threshold matter depend on how active it was in the allegedly illegal
activity.93
question or promoting those offers, it [would] be considered not to have taken a neutral
emption.94
priately be broader than those addressed in the safe harbour immunities, because the
safe harbours shield intermediaries from monetary liability. Under prevailing standards
for liability, it is hard to imagine plausible liability (as opposed to accountability) claims
against many of the actors potentially susceptible to orders under Article 8(3) or 11.
But perhaps there is merit in trying to articulate the concept apart from the susceptibility
of a particular actor in a particular setting to be the subject of an accountability order or
the beneficiary of safe harbour immunity?
(p. 53) 4.2 Status as a Measure of Legal Applicability
As this last comment suggests, to some extent the apparent variation in decisions as to
cause the definition of those actors who are potentially immune may implicitly contain
some of the conditions for availing oneself of immunity.95 Strictly, these conditions do not
define who is a service provider but rather whether the service provider is acting in a way
that will allow them to take advantage of the immunities conferred.96 Thus, for example,
the Italian courts have developed a distinction between passive and active intermediaries
tive will be available (and given greater weight than anticipated by the Court of
Justice).97
tor with a particular legal consequence or immunity.98
sive in another. Likewise, and relatedly, statutes providing immunity for different kinds of
Page 11 of 24

detail.99 Both are intermediaries, but what we expect them to do might differ. Should we
define intermediaries by reference to what they do or by what we want them to do (or by
the legal exposure to which we wish to subject them)?
One sees an inversion of this, in fact, in the way that the conduct of actors who might as a
cating primary liability. For example, search engines such as Google have been formally
search results for the claimant because they were not a publisher of the material.100
(p. 54) They were merely intermediaries. Similarly, the analysis of the US Court of Appeals
for the Second Circuit in Rescuecom v Google turned on the question of the extent to
duct or was itself trade mark use.101 Here, the classification is being used to trigger a
particular form of analysis, rather than analysis resulting in a classification. To the extent
that these cases expand the elements of primary liability, they are distorting what we
has been a stretch, prompting Stacey Dogan to label the Rescuecom-endorsed cause of
102
But these legal assessments do not (and perhaps should not) define the outer boundaries
the recital from which that justification is gleaned suggests that there will be some
intermediaries who are not best placed.) One could
concept to mere recognition of the legal consequence prevents the concept itself doing
not in another despite performing precisely the same role.103
assist in preventing infringement under the two provisions in question.
4.3 The Directive on Copyright in the Digital Single Market
do
or by what we want them to do (or by the legal exposure of which we wish to (p. 55)
104
These obligations will, however, be imposed only on a certain subset
Page 12 of 24

105
106
ries, open source software-developing and -sharing platforms, [access providers], online
marketplaces, business-to-business cloud services and cloud services that allow users to
Moreover, Article 17(6) provided exemption from some of the obligations imposed on
OCSSPs. Thus:
Member States shall provide that, in respect of new online content-sharing service
providers the services of which have been available to the public in the Union for less
ly substantiated notice, to disable access to the notified works (p. 56) or other subject
matter or to remove those works or other subject matter from their websites. Where the
average number of monthly unique visitors of such service providers exceeds 5 million,
calculated on the basis of the previous calendar year, they shall also demonstrate that
they have made best efforts to prevent further uploads of the notified works and other
tion.
5. Conclusions
find little consensus. It is perhaps thus appropriate to adopt as broad a view as possible
so as to admit of the greatest possibility of legal intervention. But the breadth of the term
the different actors who are encompassed by the term. Essentialist taxonomies may well
assist in supplying us with important facts that feed into the development of legal policy
or the resolution of legal disputes. But we must not become hostage to that essentialism,
both because it is static and because law need not be purely responsive to technology. But
non that we seek to regulate.
Page 13 of 24

Notes:
(1) See e.g. Jaani Riordan, The Liability of Internet Intermediaries (OUP 2016); Martin
Husovec, Injunctions Against Intermediaries in the European Union: Accountable But not
Liable? (CUP 2017).
(2
198; see also Tarleton Gillespie,
tion, and the Hidden Decisions that Shape Social Media (Yale U. Press 2018).
(3
man Sanders (eds),

diaries
those who have played an active role in the transaction, providing an essential element
(4) See Riordan (n. 1) s. 2.12, at 29.
(5
(6
(7) See ibid.
(8) Different disciplines comprehend taxonomies and typologies in different ways. Without
more conceptual groupings along a number of variables that should inform how we treat
internet intermediaries.
(9) But see Comprehensive Economic and Trade Agreement Between Canada of the One
ber 2016 [CETA], OJ L/11 (14 January 2017) 23, Art. 20.11 (mandating safe harbours for
recognise the importance of facilitating the continued development of legitimate online

services operating as intermediaries and, in a manner consistent with Article 41 of the
TRIPS Agreement, providing enforcement procedures that permit effective action by right
renegotiated the agreement upon US withdrawal. See Comprehensive and Progressive

Agreement for Trans-Pacific Partnership, 8 March 2018 <https://international.gc.ca/
Page 14 of 24

trade-commerce/trade-agreements-accords-commerciaux/agr-acc/cptpp-ptpgp/texttexte/
index.aspx?lang=eng>.
tive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the
ciety [2001] OJ L167/10, Art. 8(3).
(11
21, which makes some sense
ECLI:EU:C:2014:192; C-557/07
chutzrechten GmbH v Tele2 Telecommunication GmbH [2009] ECLI:EU:C:2009:107, para.
vices which users make use of, provide a service capable of being used by a third party to
infringe a copyright or related right, inasmuch as those access providers supply the user
(13) See C-324/09 [2011] ECLI:EU:C:2011:474, para. 113;

C-360/10 SABAM v Netlog NV [2012] ECLI:EU:C:2012:85; C-484/14 Tobias McFadden v
Sony Music [2016] ECLI:EU:C:2016:689 (discussing free public wi-fi offered by small
business).
(14) See C-314/12 (n. 12) para. 30 (emphasis added). The Court further elaborated that
in any transmission of an infringement over the internet between one of its customers
and a third party, since, in granting access to the network, it makes that transmission
an order against such an intermediary when the order relates to the provision of services
with which its customer would potentially access an infringing site. Cf. Jaani Riordan,
woodie (ed.), Secondary Liability of Internet Service Providers (Springer 2017) 275, 278
(15) See Riordan (n. 1) s. 2.03, at 27.
Page 15 of 24

(16) See C-494/15 Tommy Hilfiger Licensing LLC v Delta Center [2016] ECLI:EU:C:
2016:528, para. 23. If Art. 11 of the Enforcement Directive is read as encompassing a
number of conditions before an order is issued, one of which being that the defendant is
[2014] EWHC 3354 (Ch)
(17) See C-494/15 (n. 16) para. 28. Sir Richard Arnold has suggested that certain types of
search engine might be an intermediary within the meaning of Art. 11 but others would
not. See Arnold in Chapter 21. If this were true, it would highlight the important point
ticular context rather than status in the online ecosystem.
(18
whom we might think of as intermediaries but also to highlight the important differences
ders should be issued against them, and what the nature of any relief should be. That is,
tion.
(19
(20
lar, the services of intermediaries may increasingly be used by third parties for infringing
(21
online marketplace or a physical marketplace such as market halls is irrelevant in that
connection. It is not apparent from Directive 2004/48 that the scope of the directive is
(22) See ibid.
Page 16 of 24

2000 on Certain Legal Aspects of Information Society Services, in Particular Electronic
Commerce, in the Internal Market [2000] OJ L178/1, recitals 14, 40, and 50.
(24
tions issued under the e-Commerce Directive. Cf. Directive 2001/29/EC (n. 10) Art. 8(3);
Copyright, Designs and Patents Act 1988, s. 97A; Electronic Commerce (EC Directive)
Regulations 2002 (SI 2002/2013), reg. 2.
(25) See Directive 2000/31/EC (n. 23) recital 17.
(26) See Riordan (n. 1) s. 12.63, at 390.
(27
(28
and for the sole purpose of making onward transmission more efficient. Service providers
will lose protection if they do not act expeditiously to remove cached information upon
dered by a competent authority. See Directive 2000/31/EC (n. 23) Art. 13.
(29
(30
tive apply horizontally to tort claims under national law as well as trade mark or unfair
nal wrongdoing, subject to a number of exclusions set out in Art. 3.
(31) For example in New Zealand there are storage and caching safe harbours, along with
a provision (which arguably serves as immunity for a mere conduit) affirming that service
provider liability cannot be based on mere use of its facilities by a primary infringer. See
Austin (n. 19).
(32 Google France SARL v Louis Vuitton Malletier SA [2010]

ECLI:EU:C:2010:159, para. 20; C-324/09 (n. 13) para. 113.
(33
stores offers for sale on its server, sets the terms of its service, is remunerated for that
(34
(35
(36) See C-324/09 (n. 13) para. 119.
Page 17 of 24

(37) [2009] EWHC 1094 (Ch) [437] (UK).
(38) ibid.
(39
ty. Cf. Lenz v Universal, 815 F.3d 1145 (9th Cir. 2016) (US) (amending opinion to reflect
Colum. J. of L. & Arts 525, 532 (noting the majority position in German case law that has
treated suggestions proffered by operation of algorithms as being within the protection of
Art. 14).
(40) C-324/09 (n. 13) para. 116.
(41) ibid. para. 117.
(42) ibid. para. 124 (quoting Art. 14 of the e-Commerce Directive).
(43) See ibid. para. 120.
(44
(45) See Cour de cassation [French Supreme Court] eBay Inc v LVMH, Parfums Christian
Dior
lantic Antitrust & IPR Developments <

lantic-antitrust-and-ipr-developments-issue-no-32012-june-21-2012> (discussing the
and Google France decisions).
(46) See Audiencia Provincial Sentencia [APS] [Provincial Appellate Court Sentence]
Madrid Gestevision Telecinco, SA v YouTube, LLC [14 January 2014] no. 11/2014 (ES)
YouTube v Telecinco
& Comm Watch, 14 February 2014) <http://www.hlmediacomms.com/files/2014/02/
Telecinco-v-Youtube_EN.pdf>.
(47
Lexology, 10 June 2014) <http://www.lexology.com/library/detail.aspx?
g=ec9e1298-7367-4f0a-a263-0cbaff076e29> (reporting on similar outcomes in Italy on
similar grounds in Tribunale Torino [Ordinary Court of First Instance of Turin] Delta TV
Programs srl v Google Inc [23 June 2014] Docket no. 38113/2013 (It.) <http://
www.ipinitalia.com/Ordinanza%20Youtube%20Torino.pdf >).
(48
Page 18 of 24

(49) See C-682/18 LF v Google LLC, YouTube Inc., not yet decided.
(50
(51) The terms make more fleeting appearances outside this context, primarily in defining
ly or mainly of access to the internet, where an IP address is allocated to each subscriber
(52
user of an interactive computer service shall be treated as the publisher or speaker of any
(53) 17 USC § 512 (2000).
(54) It is on occasion improperly used to further different claims.
(55
(56) ibid. § 512(c).
(57) ibid. § 512(g).
(58
(59) See Riordan (n. 1) s. 2.02, at 26.
(60) In this category, Riordan creates sub-classes of ISPs (akin to access providers); hosts;
cloud services; domain name controllers; and certificate authorities. See Riordan (n. 1) s.
2.46, at 38.
(61) See Riordan (n. 1) s. 2.57, at 40. Riordan splits this last extremely diverse category
into platforms, gateways, and marketplaces. See ibid.

Based Analysis (Wolters Kluwer 2016) s. 1.3.2, at 18 (noting that the oversimplification of
Page 19 of 24

categories might have been appropriate in the early days of the internet, but might now
be questioned).
(63) See MGM Studios Inc. v Grokster Ltd
(64
bia Law and Economics Working Paper no. 480 (29 May 2014) <http://dx.doi.org/10.2139/
ssrn.2443595>.
(65
37.
(66
which to recognize the different culpability of a range of intermediaries even though all
operate dual-purpose technologies).
(67
that might have prompted the lack of responsiveness of the defendant in Louis Vuitton
Malletier SA v Akanoc Solutions Inc., 658 F.3d 936 (9th Cir. 2011) (US)). In Louis Vuitton
v Akanoc
ing business that leased, inter alia, server space to customers trafficking in counterfeit
goods. In that case, the defendant (a small company) failed to respond expeditiously to
takedown requests, and thus fell afoul of Tiffany because it had received actual notice.
See ibid.
(68
in a contractual relationship with the operator of the copyright-infringing website. As a
tion, but the originator must, as a matter of priority, so far as is possible, claim directly
Providers) Decision of the Federal Supreme Court (Bundesgerichtshof) 26 November
(69
Page 20 of 24

(70
(71) cf. Sea Shepherd v Fish & Fish [2015] UKSC 10 [40] (Lord Sumption dissenting) (UK).
(72) See e.g. Sony Corp. of Am. v Universal City Studios Inc., 464 US 417 (1984) (US).
(73) See e.g. Metro-Goldwyn-Mayer Studios Inc. v Grokster Ltd, 545 US 913 (2005) (US);
A&M Records Inc. v Napster Inc., 239 F.3d 1004 (9th Cir. 2001) (US); see generally Jane
577.
(74) See Viacom International Inc. v YouTube Inc., 676 F.3d 19 (2d Cir. 2012) on remand
940 F.Supp.2d 110 (SDNY 2013) (US).
(75
Free Kick Master LLC v Apple Inc., 2016 WL 77916 (ND Cal. 2016) (US) (app store sued
for trade mark infringement with respect to apps sold by third parties in its app store).
(76) See McGrath v Dawkins [2012] EWHC B3 (QB) (UK).
(77) See e.g. Metropolitan Schools v DesignTechnica [2009] EWHC 1765 (QB) (UK); A v
Google New Zealand Ltd [2012] NZHC 2352 (NZ).
(78) See Case C-131/12 Google Spain SL, Google Inc. v Agencia Española de Protección de
Datos (AEPD), Mario Costeja González [2014] ECLI:EU:C:2014:317.
(79) See e.g. Louis Vuitton v Akanoc (n. 67).
(80) See e.g. Gucci Am Inc. v Frontline Processing Corp., 721 F.Supp.2d 228 (SDNY 2010)
(US) (allowing secondary infringement claim to proceed against credit card processing
companies who provided services to online merchant allegedly selling counterfeit goods);
but cf. , 494 F.3d 788 (9th Cir. 2007) (US) (affirming
dismissal of actions against credit card companies).
(81) See e.g. [2016] EWCA Civ 658; [2018]

UKSC 28 (UK).
(82
tion of the claims asserted against them).
(83) ibid. (calling for rationalization of the matrix).
(84
Page 21 of 24

(85) Some have argued for a DMCA-like system of notice and takedown, tied to immunity,
and Schwimmer (n. 67) 265. The ISP community is split. See the comments of Etsy,
Foursquare, Kickstarter, Meetup, Shapeways,
tellectual Property Enforcement (16 October 2015) (asking for consideration of trade
mark safe harbour).
(86) See Inwood Labs Inc. v Ives Labs Inc., 456 US 844 (1982) (US).
(87) See Tiffany (N.J.) Inc. v eBay Inc., 600 F.3d 93 (2d Cir. 2010) (US). In the United
tributor of newspaper, magazine, or electronic communication from liability for trade

mark infringement based on use in paid advertising matter against liability for damages);
see also 15 USC § 1125(c)(3) (defence against dilution liability based on facilitating fair
use, although the use facilitated was fair it is hard to see much need for this provision).
Some scholars have seen s. 32(2) as possessing the potential for operating as a general
reason to apply s. 32(2). Cf. Hendrickson v eBay Inc., 165 F.Supp.2d 1082 (CD Cal. 2001)
(US). Domain name registrars also benefit from provisions drafted in ways that confer
limited immunity from liability for trade mark infringement under US law. See 15 USC §
tion or maintenance of a domain name for another absent a showing of bad faith intent to
Lockheed
Martin Corp. v Network Solutions, Inc., 141 F.Supp.2d 648 (ND Tex. 2001) (US).
(88) The scope of the immunity provision in a particular country will not necessarily map
to the scope of the secondary liability standard. Nor logically must it do so.
(89
www.ssrn.com/
abstract/=2025075>.
(90) See Husovec (n. 1) 88.
(91) ibid.
(92
Page 22 of 24

electronic equipment for the processing and storage of data, at the individual request of a
(93) ibid. paras 113 and 115.
(94) ibid. para. 116.
(95) Even within a single jurisdiction, different safe harbours may also contain different
specific conditions. Thus, a service provider may be protected under one safe harbour but
not another. See Viacom (n. 74) (discussing immunity under the different safe harbours of
the e-Commerce Directive).
(96
pose of imposing regulatory obligations. Thus, the UK Digital Economy Act only required
(97) See Dinwoodie (n. 44).
(98
platforms actually do and provide, and their exact involvement in, or relationship with,
(99
come within the scope of the copyright infringement immunity conferred by § 512(a) on
access providers).
(100) See e.g. Metropolitan Schools v DesignTechnica [2009] EWHC 1765 (QB) (UK); A v
Google New Zealand Ltd [2012] NZHC 2352 (NZ).
(101) See Rescuecom Corp. v Google Inc., 562 F.3d 123, 129 (2d Cir. 2009) (US). On this
latter point, the Second Circuit distinguished between the practice of the defendant in
1-800 Contacts, which had sold advertising keyed to categories of marks (e.g. selling the
gories), and that of Google (which sold advertising tied directly to single marks). See ibid.
(102
(103) Recital 59 of the Information Society Directive explains Art. 11 orders as flowing
Page 23 of 24

well as policy preferences. Thus, we might think that intermediaries are lowest cost
avoiders, but that assessment will depend on what items of cost are to be included in the
some extent, the proportionality analysis conducted by courts before issuing orders
should function to bring these assessments together.)
(104) See Directive 2019/790/EU of the European Parliament and of the Council of 17
rectives 96/9/EC and 2001/29/EC [2019] OJ L130/92, Art. 17(4)(b).
(105
mation society service of which the main or one of the main purposes is to store and give
cyclopedias, not-for-profit educational and scientific repositories, open source software-

developing and -sharing platforms, [access providers], online marketplaces, business-to-
business cloud services and cloud services that allow users to upload content for their
(106
tive should target only online services that play an important role on the online content
market by competing with other online content services, such as online audio and video
(63) The assessment of whether an online content-sharing service provider stores and
gives access to a large amount of copyright-protected content should be made on a case-
by-case basis and should take account of a combination of elements, such as the audience
of the service and the number of files of copyright-protected content uploaded by the
users of the service.
Graeme Dinwoodie
Graeme Dinwoodie is the Global Professor of Intellectual Property Law at Chicago-

Kent College of Law. Email: gdinwoodie@kentlaw.iit.edu.
Page 24 of 24

Oxford Handbook of Online Intermediary Liability

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Oxford Handbook of Online Intermediary Liability

Uploaded by

Copyright:

Available Formats

Mapping Online Intermediary Liability

Mapping Online Intermediary Liability

Abstract and Keywords

ronment. The Oxford Handbook of Online Intermediary Liability

Keywords: intermediary liability, online, mapping, trends, international, subject-specific, enforcement,

tiple scholarly perspectives and promoting a global discourse through cross-jurisdictional

Subscriber: Waseda University; date: 06 February 2022

Guiding Principles on Business and Human Rights.13

Subscriber: Waseda University; date: 06 February 2022

Several initiatives have looked into notice-and-takedown procedures in order to highlight

(p. 6) 1. Mapping Fundamental Notions

Graeme Dinwoodie sets the stage by defining a taxonomy of online intermediaries in

proach unbounded by ephemeral technological references. The present debate on the

Subscriber: Waseda University; date: 06 February 2022

bility may be further divided into prohibitory and mandatory (p. 7)

defamation, hate speech, breach of regulatory obligations, and disclosure obligations.

In Chapter 4, Martin Husovec completes this preliminary mapping exercise with an

Subscriber: Waseda University; date: 06 February 2022

from an obligation to act once knowledge is obtained to an obligation to prevent harmful

unaccountable privately-run algorithms.21

nundrum. Policymakers are still in search of a balanced and proportional fine-tuning of

Subscriber: Waseda University; date: 06 February 2022

2. Mapping International Fragmentation:

From Safe Harbours to Liability

intermediary liability conundrum.

In the mid-1990s, after an initial brief hesitation,22

mediaries from liability for the speech they carry.23

ment under more stringent requirements.24

Subscriber: Waseda University; date: 06 February 2022

Similar resistance to providing immunities for intellectual property infringement is also

bersecurity, and personal data protection, in particular with a dedicated AU

Subscriber: Waseda University; date: 06 February 2022

wrong, therefore establishing fault first and liability later.

Subscriber: Waseda University; date: 06 February 2022

ing with unlawful third party content.38

costs of online enforcement by shifting the burden of sanitization of allegedly illegal

opments of intermediary liability regulation can be identified as consistently emerging in

crease in vertical regulation often launched without pondering potential inconsistencies

Subscriber: Waseda University; date: 06 February 2022

3. Mapping Subject-Specific Regulation

tions and liabilities for defamation, hate, and dangerous speech.

bility in copyright in order to plot a path for

cluded by the CJEU in The Pirate Bay case.52

Subscriber: Waseda University; date: 06 February 2022

cially in the EU.

ropean developments might lead to reconsideration of the traditional balance of interests

ments of the Digital Millennium Copyright Act.54 In discussing

the international level for online trade mark infringement. In Chapter 19

ey approaches, registry systems, advertising codes of practice preventing advertisements

damental rights, such as freedom of competition, freedom of expression and information,

Subscriber: Waseda University; date: 06 February 2022

ing and monitoring obligations.

main. The Cartier

Online intermediary liability can also arise as a consequence of infringements of rights

Subscriber: Waseda University; date: 06 February 2022

ed information offer than the traditional mass media.63

In Free Expression and Internet Intermediaries: The Changing Geometry of European

Subscriber: Waseda University; date: 06 February 2022

tainable alternatives. At the same time, additional obligations of uncertain applicability,

lowing the Google Spain ruling.68

ducted with the use of servers located in Russia.71

Subscriber: Waseda University; date: 06 February 2022

tering generally. In the aftermath of the CJEU Google Spain

dered by a court or in a few specific cases of obviously infringing content.72 Bertoni, in