On 16 June 2015, the European Court of Human Rights delivered its final judgment in Delfi AS v. Estonia. By fifteen votes to two, the Grand Chamber ruled that there was no violation of Article 10 of the Convention of Human Rights (‘the Convention’ hereafter) despite the imposition of publisher liability for user generated content. Would the case have been decided differently if it had been referred to the Court of Justice of the European Union (CJEU) for assessment under the E-Commerce Directive? Aleksandra Kuczerawy and Pieter-Jan Ombelet of the KU Leuven Interdisciplinary Centre for Law and ICT (ICRI-CIR) analyse whether the Delfi ruling can be reconciled with existing CJEU case law regarding liability of internet intermediaries.

Facts

In 2006, Delfi’s online news portal published an article regarding a change in ferry routes delaying the opening of an ice road. The news story elicited several comments, some of which were abusive and defamatory. The Estonian domestic courts ruled that Delfi acted as a publisher and therefore was liable for the comments since it should have deleted them on its own initiative. Delfi was ordered to pay the injured person the equivalent of 320€ in compensation for non-pecuniary damage. On 10 October 2013, the First Chamber ruled that there was no violation of Article 10 of the Convention. Delfi asked for a referral to the Grand Chamber, claiming wrongful qualification as a publisher and arguing that the Estonian Supreme Court’s judgment had had a “chilling effect” on freedom of expression. The judgement of the Grand Chamber confirmed, however, that the imposition of publisher liability on Delfi did not constitute a violation of Article 10 of the Convention.

Reasoning of the European Court of Human Rights

The Estonian domestic courts had classified Delfi as a traditional publisher and not as an intermediary. On the basis of this classification, the Estonian domestic courts applied the Civil Code and the Obligations Act, rather than the E-Commerce Directive and the Information Society Services Act. The classification resulted in denying Delfi the protection of the safe harbour foreseen in Article 14 of the E-Commerce Directive.

While it is not the role of the European Court of Human Rights (ECtHR) to interpret EU law, the question may be raised whether Delfi would have been decided differently by the CJEU, had it been called upon to decide the case in light of the E-Commerce Directive. Specifically, the case is an excellent opportunity to assess whether the provider of hosting services must be neutral in order to benefit from the liability exemption in the E-Commerce Directive. In the final judgement, the Grand Chamber spent quite some time explaining why the domestic courts could reasonably have classified Delfi as a ‘publisher’. Apart from the economic interest factor (paragraph 128), the Grand Chamber pointed out that Delfi “exercised a substantial degree of control over the comments published on its portal” (paragraph 145). Said control was exercised by prohibiting comments with infringing or illegal content, and Delfi’s possibility to restrict the commenting option for those who violated the rules. Moreover, Delfi had the sole power to edit or remove the posted comments and installed an automated filtering mechanism, albeit not a particularly effective one. Delfi also relied on a notice-and-take down system and deleted comments upon notice.

In the case at hand, Delfi deleted the litigious comments less than 24 hours after receiving a notification about their illegal character. The notification, however, was sent only 6 weeks after the comments had been posted. Although measures taken by Delfi were fairly standard, the domestic courts considered them insufficient to prevent causing harm to third parties. They were sufficient, however, to qualify Delfi’s activities as being not “merely technical, automatic and passive in nature” (paragraph 146).

Active or passive: is that the question?

The requirement that an intermediary’s activities are of a mere technical, automatic, and passive nature is based on recital (42) of the E-commerce Directive. These properties of the service imply that the intermediary has neither knowledge of nor control over the information it transmits or stores. The wording of the recital, however, is problematic. While it purports to address all of the exemptions of the Directive, some argue that the scope of this recital should be limited to the transmission and access services identified in Articles 12 (mere conduit) and 13 (caching). As is further clarified in recital (43), not being involved in any way with the transmitted information is actually a condition for liability exemption for mere-conduit and caching services. The exemption for hosting in Article 14 of the Directive is not limited in scope to either transmission or access services. According to Van Eecke, Article 14 in fact does not require a passive role of the hosting provider in order for the protection regime to apply. A hosting provider can still be protected even if it is not completely passive – as long as it does not have knowledge or control over the data which is being stored. This approach is referred to as ‘storage but no knowledge’ test. Following this line of reasoning, active intermediaries such as Delfi could still benefit from the safe harbour offered by the E-Commerce Directive, providing that they do not have knowledge or control over the data which is being stored.

The restrictive interpretation of recital (42) is not commonly agreed on. In Google France, the CJEU held that recital (42) also applies to hosting services (paragraph 113-114). “[I]n order to establish whether the liability of a referencing service provider may be limited under Article 14 of Directive 2000/31, it is necessary to examine whether the role played by that service provider is neutral, in the sense that its conduct is merely technical, automatic and passive, pointing to a lack of knowledge or control of the data which it stores”.

In L’Oréal v. eBay, however, the CJEU seemingly reduced the standard by replacing the “neutrality” requirement with “lack of knowledge”. The CJEU ruled that Article 14 of the Directive applies to hosting providers if they don’t play an active role that would allow them to have knowledge or control of the stored data (paragraph 112-116). The main factor is how the service is designed or operated. The fact that the operator of a website sets the terms of its service, is remunerated for that service and provides general information to its customers cannot have the effect of denying it the exemptions from liability provided for by Directive 2000/31” (paragraph 115). These types of activities would not lead, in the CJEU’s opinion, to the knowledge or control of the stored information. Such effect could be achieved, however, if the service provider assisted customers in optimising the presentation of certain information, or promoted certain information (paragraph 116).

Actual vs. constructive knowledge

Article 14 of the E-Commerce Directive allows for liability exemption for third party content on condition that the service provider has not had “actual knowledge of illegal activity or information” and, as regards claims for damages, has not been “aware of facts or circumstances from which the illegal activity or information is apparent” (i.e. constructive knowledge). Upon obtaining such knowledge or awareness, the service provider has to act expeditiously to remove, or disable access to, the information. Apparent illegality occurs, according to CJEU in L’Oréal v. eBay, when “any diligent economic operator should have identified the illegality in question” (paragraph 120).

Delfi deleted the defamatory comments immediately upon obtaining actual knowledge of them. The question is whether Delfi’s attempts to keep its portal free of harmful comments could be interpreted as leading to constructive knowledge. The measures undertaken by Delfi included filtering mechanisms and the occasional deletion of comments on its own initiative. Despite the voluntary monitoring undertaken by Delfi, the comments remained on the platform for 6 weeks. The Grand Chamber noted that the establishment of the unlawful nature of the comments “did not require any linguistic or legal analysis since the remarks were on their face manifestly unlawful” (paragraph 117). The standard articulated by the Grand Chamber is actually not so different from the CJEU standard of “any diligent economic operator”. As a result, the same conclusion with regard to Delfi’s liability might be reached under the E-Commerce Directive.

In sum, the Delfi ruling does not appear to be entirely incompatible with Article 14 of the E-Commerce Directive. Even if Delfi did not have actual knowledge of the illegal information until it received notice, one could argue that Delfi acted in such way that a trier of fact might impute constructive knowledge. The effect on freedom of expression may nevertheless still be troubling. The decision could result in website operators shying away from any voluntary monitoring in fear of possible repercussions. Further guidance from CJEU on the scope of article 14 would be welcome to provide sufficient legal certainty.

This post gives the views of the authors, and does not represent the position of the LSE Media Policy Project blog, nor of the London School of Economics and Political Science.