2. Overview of Evolution of
Intermediary Liability
• Current law suffering an identity crisis:
• Law conflicting, unclear
• Minimal practical guidance.
Three Waves in Intermediary Liability
• First Wave: 1990s-2005 - finding our liability feet
• Second Wave: 2005-2011 - striving for nuance
• Third Wave: 2011-present – the collapse
• Next Wave? Back to basics.
3. Who are they and what do
they do?
Who are they?
• ISPs (access)
• Search engines (navigation)
• Hosts of UGC (SNPs)
• Hosts of other content, with or
without UGC (blogs,
newspapers), or services
(domain names), or storage
(cloud)
• Ecommerce platforms
• Payment systems.
What do they do?
• As gatekeepers, they can
control information as it
moves through a gate:
• Manipulate
• Channel;
• Delete;
• Store;
• Reveal.
• Facilitate
4. Two Questions and
Challenges
Questions
How should intermediaries
be regulated?
What do we expect of
intermediaries?
Challenge
• To the legal regime. State
capitalising on intermediary’s
capacity to regulate the
conduct of third parties.
• Do we expect intermediaries
to advocate on behalf of
consumers? What freedom do
they have to set their own
rules of conduct?
5. First Wave : 1990s-2005
• CDA v E-Commerce Directive
• Communications Decency Act 47 USC (1996), s.
230: blanket immunity.
• Led to cases like
• Zeran v AOL (1997) 4th Circ. (CA).
• Blumenthal v. Drudge (1997): immunity even where
the provider has an active, even aggressive role in
making the content available to others
6. First Wave
• E-Commerce Directive 2000/31/EC notice and take
down regime. Limitation of liability for:
• mere conduits (generally no liability);
• caching (no liability without actual knowledge and
if act expeditiously);
• Hosts: only escape liability if they did not know, nor
was it apparent, that the information was unlawful, or
if they obtained such knowledge, provided they act
expeditiously to remove or disable access to the
content.
• Early debates about blanket immunity versus notice
and take down.
7. Second Wave: 2005-2011
The search for nuance
• Two different levels: national/EU (driven by case
law) and EU/international (rights-based
discussions)
• Series of UK cases grappling with nuance.
• How involved in moderation do you have to be to lose your
exemption from liability? Kaschke v. Gray and Hilton (2009) QB:
• What qualifies as ‘notice’? Tamiz v Google [2013] CA, Davison v
Habeeb [2011 QB, L’Oreal v eBay Case C-324/09 (2011)
• What is an intermediary under the ECD?
8. Second Wave
• Conflicting results within the EU - Search Engines:
• Some European countries have specifically provided that search
engines are an ISS.
• Metropolitan International Schools Ltd. v. Designtechnica Corp.
(2009) Eady commented in obiter that Google did not qualify as a
mere conduit, cache or host of content under the Regulations.
• Google France, Google Inc. v. Louis Vuitton Malletier, C-236/08
(ECJ) (three conjoined cases C-236/08, C-237/08, and C-238/08):
ECJ held that Google is an ISS to whom the limitation of liability
provisions apply. [note held here that sale of trademarked Adwords
was not this and thus not an ISS under article 14 in that case].
9. Second Wave
• International context: states taking a hard line:
• Italy - three Google executives convicted for violating the Italian
data protection code for posting on YouTube (overturned 2013).
• Turkey:
• Law 5651– obligation to block access to content that i.e.
insults Ataturk.
• 2014 – law empowering telecommunications regulator to block
access to websites without court order. Blocked YouTube,
Twitter.
• Russia has blocked access to news sites for ‘calling for
participation in authorized rallies’.
• Saudi Arabia now requires a license to post content to YouTube.
• Struggle for nuance is accompanied with struggle for Internet
freedom and international standards (and conflicts).
10. Frank La Rue, Special Rapporteur on the promotion
and protection of the right to freedom of opinion and
expression, 2011 Report to the UN
• The emergence of rights-based analysis about the role of
intermediaries.
• “The Special Rapporteur believes that censorship measures should
never be delegated to a private entity, and that no one should be held
liable for content on the Internet of which they are not the author.
Indeed, no State should use or force intermediaries to undertake
censorship on its behalf”. (para 43)
• Of concern (para 42).
• subject to abuse by state and private entities.
• Risk of liability causes intermediary to err on side of taking content
down.
• Lack of transparency on decision making practices obscures
discriminatory practices or political pressure affecting their decisions.
• Companies shouldn’t be making the assessment of legality of
content.
11. Second Wave
• Scarlet v SABAM 2011(CJEU) (followed by Sabam v Netlog 2012
Case C-360/10).
• Held that an ISP cannot be ordered to install a filtering system
of all electronic communications and blocking certain content.
• Basis of decision: Charter of Fundamental Rights and Freedoms
• Compare with 2010 European Commission report (on the IPR
Enforcement Directive):
“[G]iven intermediaries' favourable position to contribute to the
prevention and termination of online infringements, the
Commission could explore how to involve them more closely.”
12. Third Wave: The Collapse
The search for nuance has had three effects:
1. Fragmented intermediary liability into subject-specific
pockets of analysis.
• Copyright:
• Immunity for conduits such as ISPs, art. 12 ECD met with s.
97A CDPA allowing injunctions against ISPs:
• 20th Century Fox v BT (No1) [2011] EWHC 1981 (Ch)
• Dramatico v BSkyB and others [2012] 268 (Ch)
• Similar restrictions now in Ireland, the Netherlands, Italy, Denmark
and Belgium
• USA: DMCA:
• Garcia v Google: Innocence of Muslims video – 9th circuit CA
ordered Google to take down video (performers rights of actor
based on 5 seconds of a 13 minute video).
13. Third Wave: The Collapse
• Defamation:
A Combination of the following: Section 1 Defamation Act 1996; New Sections
5 and 10 Defamation Act 2013; Draft Regulations for Operators of Websites
• DA 2013: s. 5 - It is a defence for the operator to show that it was not the
operator who posted the statement on the website. Defeated if the claimant
shows that —
a) the person who posted the statement is anonymous;
b) the claimant gave the operator a notice of complaint in relation to the
statement, and
c) the operator failed to respond to the notice of complaint in accordance with
any provision contained in regulations.
14. Third Wave: the Collapse
• Revenge Porn/Cyber-bullying
• Space to watch. Not about formalised liability frameworks
but about political and other pressure.
• USA: s. 230 preempts state law BUT:
• rogue decisions like: Toups v. Godaddy.com, No. D-
130,018-C, slip op. at 1, (D. Tex. Apr. 17, 2013) – denied
motion to dismiss based on s. 230 (case against revenge
porn host for explicit pictures of identifiable women shown
without their permission).
• Washington state Bill 6251 (liability for sites that host
explicit content or content with minors) enjoined from
enforcement: Backpage.com v. McKenna, No. C12-954
RSM, 2012 WL 4120262, at *2 (W.D. Wash. Sept. 18,
2012)
15. Third Wave: the Collapse
• What about rash of cyber-bullying bills across US
and Canada?
• Canada has no equivalent to CDA or ECD.
• New notice-and-notice provisions for copyright.
• Through the back door? Bill C-13.
• Allow ISPs to voluntarily give customer information to
police without civil or criminal liability
• C-13 gives police greater access to metadata.
16. Third Wave: the Collapse
2. Cases so fact sensitive that it is hard to draw a line of
authority from them to advise businesses.
- Not new to law –Tort law - standard of care, nuisance.
• Is intermediary liability moving in this direction of fact-
sensitivity where the law is simply a guide to the risk of
liability?
• Problematic where engage fundamental rights and private
companies are both targets and adjudicators.
• More than being fact sensitive, we have decisions coming
out the courts that are bewildering:
• Delfi AS v Estonia [2013] ECtHR
17. Delfi AS v Estonia
(2013)(Application no. 64569/09)
• Facts: Defli published article on controversial decision of ferry company
SLK to change its routes. 185 comments, 20 insulting/threatening of
SLK majority shareholder (‘L’). Comments up for 6 weeks. L demands
that Delfi remove the comments and pay damages of 500k kroons.
Comments removed on the same day as the complaint, refused to pay
damages.
• Reasoning:
• Delfi should have exercised caution because there was a greater risk
of comments that were insulting or hate speech.
• On anonymity: By allowing comments to be made by non-registered
users, Delfi had assumed a certain responsibility for them.
• Notice and Takedown: filter for vulgar words deemed insufficient and
Delfi ‘was in a position to know about an article to be published, to
predict the nature of the possible comments prompted by it and,
above all, to take technical or manual measures to prevent
defamatory statements from being made public.’
18. Delfi AS v Estonia
• No consideration of ECD, international standards (La Rue), work of
European Commission.
• Risky precedent: forces pre-approval of comments or blocking of
content the least bit controversial.
• ECtHR has referred case to the Grande Chamber at the request of
Delfi.
• Problem: trying to regulate the slippery slope. Who is responsible for
the slippery slope of a message board?
• Godwin’s law: As an online discussion grows longer, the probability
of a comparison involving Nazis or Hitler approaches 1.
19. Opt-In Agreement for
Pornography
3. Agreements outside formal legal frameworks capitalising on
their intermediary role. Sleep-walking into censorship state?
• Opt-in agreement between UK government and major ISPs.
• access to content that is pornographic is blocked unless a
broadband user “opts in” with its provider to access such
sites;
• The Government has also stated its intentions to extend the
opt-in filter to extremist sites.
• Companies such as BT have implemented such filters under
the framework of parental controls, where new users now
must opt-in to a variety of content, ranging from obscene
content, to content featuring nudity, drugs and alcohol, self
harm and dating sites.
20. Fourth Wave: Back to
Basics?
European Commission COM(2011) 942
• Four types of uncertainty highlighted in European
Commission Communication COM(2011) 942:
• Definitions;
• Conditions (actual knowledge)
• Notice and takedown
• Obligations to monitor
• Suggests a horizontal framework for notice and
takedown procedures across Europe.
• Purpose is to address diverging approaches across Europe
(industry, statutory and case-law).
21. Fourth Wave: Back to
Basics?
• Key Issues:
• Too much regulation from too many directions all with slight
variations on the standard of liability.
• A struggle between soft forms of governance (via agreement,
voluntary commitment) and targeted regulation.
• On a more fundamental level, intermediary liability is at once
its own subject/legal regime and a subset of various legal
subjects:
• how do you identify the line when there is such variation in
scenarios, offenses, communication mediums, technology.
• The pursuit of uniformity, transparency.
22. Fourth Wave: Back to
Basics?
• Specific issues for notice and takedown regimes:
• What does notice mean?
• Knowledge?
• Moderation?
• Host?
• Notion of intermediary as neutral party: What does neutrality mean (is
automation neutral?)- and how does that impact how one frames their
liability/obligations.
• Where we are going? Movement away from CDA and ECD to more
nuanced forms of governance:
• Notice and notice: general immunity for hosts where have not modified
content, pass on complaints to alleged wrongdoer, remove content only
at request of court or wrongdoer.
• Defamation Act website operators defence (flawed but evolving).
23. Fourth Wave: Back to
Basics?
• Back to Basics?
• Look at how the slippery slope and community notions of
responsibility have been explored elsewhere.
• Slippery slope examined by i.e. Eugen Volokh
• Human rights perspective:
• HR allow flexibility in determining obligations that flow from them.
• Draw from normative and moral underpinnings of rights to address
administration of conflict by intermediaries.
• Due process:
• Private Dispute Resolution for e-commerce disputes to inform
content-based disputes?
• Understand intermediary liability as its own subject matter.
• International framework? Soft law standards or treaty?