Intermediaries

Updates

New York city officials passed the first US minimum pay rate for drivers who work for ride-hailing apps, including Uber, Lyft, Juno, Via and any other similar business model. Drivers are low paid, and the issue is related to the fact that they are independent contractors and not employees. Transportation sharing economies do not need to make sure that drivers earn the minimum wage. Having that in mind, the city council decided that drivers are entitled to make the equivalent of $17,22 an hour after expenses. The measure aims at increasing the quality of their lives. In New York, most drivers work full-time for ride-hailing apps and 18 percent of drivers have so low earnings that they qualify for food stamps. The new regulation attacks the core of transportation sharing economies, which relies on a large number of drivers to be available at any given time, meaning competition for rides is high and drivers must work long hours. The same regulation provides that out of town trips must include payment for returning; higher pay for drivers of wheelchair accessible vehicles and prohibition on underpaying drivers on certain trips as part of incentive schemes

New York District Court Judge awards $6.6 million in damages to the plaintiffs in case against BTV set-top boxes. The recent case led by a group of right holders in the USA was on the grounds of illegal broadcasting of their programming. Apart from the positive judgement for right holders, this case is important due to the broad injunction granted against any third party whose services are used in connection to this illegal activity. This injunction can be enforced on any third party such as back-end service providers, routing providers, CDN (content delivery network), Internet service providers (ISPs), domain name systems (DNS), and even social media platforms; requiring them to stop services that support illegal activity. This will be an important tool for right holders since their efforts nowadays are more focused on co-operating with intermediaries while fighting online piracy.

The United States-Mexico-Canada trade agreement (USMCA), replacing the NAFTA, is expected to be signed by the end of November 2019. The agreement provides robust intermediary liability protections to websites and online platforms. The article 19.17.2 of the agreement reflects the American Communication Decency Act at a large extent, providing that ‘no Party shall adopt or maintain measures that threat a supplier or user of an interactive computer service as an information content provider in determining liability for harms related to information stored, processed, transmitted, distributed, or made available by the service, except to the extent the supplier or user has, in whole or in part, created, or developed the information’. This provision, depending on how it will be integrated into Canadian law by the parliament, can impact the Canadian system of intermediary liabilities. Contrary to the US, Canadian law holds websites liable for third-party content, if they know that the content is illegal. The Supreme Court of Canada ruled that Internet service providers (ISPs) can become liable when they do not take action once given notice of an infringement, in two landmark cases, SOCAN v. Canadian Association of Internet Providers and Crookes v. Newton.

The EU has been working on a new copyright directive for the last few years. The proposals for article 13 were criticised by experts for potentially forcing platform intermediaries to implement content matching technology based on a database of copyrighted works to monitor users’ content. Members of the European Parliament, after extensive public pressure, re-debated many controversial aspects of the article. However, a recent Council of Europe (CoE) document revealed that the proposal does not explicit if the existing liability protection is valid under article 13, and that there are no clear exceptions for intermediaries that make an effort to prevent copyright infringements, but inadvertently admit copyrighted content on their platforms.

On 2 November 2018, the Delhi High Court held online marketplace Darvey.com liable for selling allegedly counterfeit Christian Louboutin products. The plaintiff claimed intellectual property rights, considering the platform used the name and image of Louboutin as meta-tags to attract traffic on their platform. Darvey.com claimed that they do not sell any product, but merely enablebooking of orders through their online platform. The ruling of the court observed that when an e-commerce platform is commissioned over unlawful acts, it is no longer a mere passive transmitter or online intermediary. In the same ruling, the court required Darveys.com to present the contact information of all sellers; request certificates from sellers that their products are not counterfeits; and to notify trademark owners before having products available on the platform. The case set a relevant precedent to make clear the extent of safe-harbour possibilities under the Information Technology Act. Since the Baazee.com case-related to the sale of obscene videos, e-commerce businesses have denied liability for products uploaded by users.  

Facebook revealed it had discovered a security issue affecting millions of accounts on 25 September 2018. The attackers exploited a vulnerability in Facebook’s code that impacted 'View As', a feature that lets users see what their own profile looks like to someone else. When composing a birthday wish message with video, as of July 2017, the attacker could exploit the 'View as' option of the video uploader to get access to the profile of the user being looked up, including their login details. The access token was then available in the HTML of the page and extracted by the attackers who exploited it to login as another user. Facebook reset the access tokens of almost 50 million accounts thought to be affected, and temporarily disabled the 'View As' feature. On 12 October, Facebook announced hackers actually stole access tokens of about 30 million users, 20 million less than previously thought. For 15 million users, attackers accessed name and contact details (phone number, email, or both). For 14 million users, the attackers accessed name and contact details, as well as other details people had on their profiles, including username, gender, religion, birth date, etc. For 1 million users, the attackers did not access any information.

 

Intermediaries play a vital role in ensuring Internet functionality. In several Internet governance areas, such as copyright infringement and spam, Internet Service Providers (ISPs) are considered key online intermediaries. In other areas, such as defamation and the so-called right to be forgotten, the responsibility extends to hosts of online content and search engines.

ISPs main involvement is at a national level in dealing with government and legal authorities, and they are often the most direct way for governments to enforce legal rules online. At a global level, some ISPs, particularly from the USA and Europe, have been active in the WSIS/WGIG/IGF processes individually and through national and regional or sector-specific business organisations such as the Information Technology Association of America (ITAA), and others. Various regional ISP associations have been set up worldwide.

Hosts of online content and search engines typically operate as conduits for content, or bridges between content and Internet users. Although headquartered in one country (some having regional headquarters), their reach and user-base is likely to be global, and as a consequence, intermediaries are often exposed to jurisdiction in multiple countries.

 

 

Intermediary liability is often discussed at IGF meetings and in other fora. The OECD includes the role of intermediaries among its 14 principles for Internet policy-making (‘Limit Internet intermediary liability’), whereas the extent of intermediary liability is often the subject of court judgments (such as the Delfi case).

The following will discuss the role and responsibility of ISPs and hosts with regards to various issues.

Copyright infringement

One of the main issues is intermediary liability for copyright infringement. The international enforcement mechanisms in the field of intellectual property have been further strengthened by making ISPs liable for hosting materials in breach of copyright, if the material is not removed upon notification of infringement. This has made the previously vague IPR regime directly enforceable in the field of the Internet.

The approach taken by the US Digital Millennium Copyright Act (DMCA) and the EU directives is to exempt the service provider from liability for the information merely transmitted or stored at the direction of the users, and demand that the service provider act upon a notice-and-take-down procedure. This solution provides some comfort to ISPs as they are safe from legal sanctions, but also potentially transforms them into content judges and only partially solves the problem, since the contested content may be posted on another website, hosted by another ISP.

Child online protection

As with all other stakeholders involved in protecting children online, ISPs and hosts are instrumental in filtering certain types of illegal content (most notably, child sexual abuse images) as soon as they become aware of it. There are generally two main processes leading to the removal of illegal content:

  1. Via notice-and-take-down measures, which are typically the first line of defence. As soon as providers, such as ISPs, domain registrars, and web hosts are alerted that their services being used to host such content, many go on to remove it or close down the user’s account, within a short period of time.
  2. Via hotline reporting, through which ISPs can be notified of illegal content by its customers, members of the public, law enforcement, or hotline organisations. ISPs generally work hand-in-hand with law enforcement to ensure that the content is verified, and that steps are taken to identify and locate the criminals.

Other technical options may help prevent illegal content from being accessed. For example, a number of intermediaries around the world, including ISPs and search engines, restrict access to lists of URLs confirmed to contain illegal content.

In the above cases, the extent of ISPs' and hosts' liabilities may vary from country to country. In some frameworks, a legal obligation is imposed; in many other cases, ISPs and hosts voluntarily develop and adopt processes to help protect children online.

Spam

ISPs are commonly seen as the primary entities involved with anti-spam initiatives. Usually, ISPs have their own initiatives for reducing spam, either through technical filtering or the introduction of anti-spam policy. The ITU’s report on spam states that ISPs should be liable for spam and proposes an anti-spam code of conduct, which should include two main provisions:

  • An ISP must prohibit its users from spamming.
  • An ISP must not peer with ISPs that do not accept a similar code of conduct.

Content policy

Under growing official pressure, ISPs, hosts and search engines are gradually, albeit reluctantly, becoming involved with content policy. In doing so, they might have to follow two possible routes. The first is to enforce government regulation. The second, based on self-regulation, is for intermediaries to decide on what is appropriate content themselves. This runs the risk of privatising content control, with ISPs taking over governments’ responsibilities.

In recent months, the courts have also imposed rules on intermediaries, most notably with respect to the right to be forgotten, and in respect of comments posted on online portals.

Right to be forgotten

In 2014, following the decision of the Spanish data protection authority to uphold a Spanish citizen’s request for the removal of the links from Google search results, the Court of Justice of the European Union imposed upon search engines the obligation to consider all right-to-be-forgotten requests.

Although many argued that this right represents only a right to be de-listed, the obligation imposed upon search engines – and not only to Google, as claimant in the case Google Spain SL, Google Inc. v Agencia Española de Protección de Datos, Mario Costeja González – triggered major debates.

Offensive comments posted on news portal

In 2013, the European Court of Human Rights confirmed a ruling by the Estonian courts which found the news portal Delfi liable for offensive comments posted on its website. In June 2015, the Grand Chamber of ECHR confirmed the 2013 judgment: the Estonian courts’ decision was justifiable and proportionate, as the comments were extreme and had been posted in reaction to an article published by Delfi on its professionally managed news portal run on a commercial basis. (The judgment does not however concern other online spaces where third-party comments can be disseminated, such as an Internet discussion forum, a bulletin board or a social media platform.)

Each of the topics above are explained in more detail on dedicated sections: copyrightchild safetyspam, and content policy.

Events

Actors

(WIPO)

WIPO has developed, together with the

...

WIPO has developed, together with the Internet Corporation for Assigned Names and Numbers, the Uniform Domain Name Dispute Resolution Policy (UDRP). Under this policy, WIPO’s Arbitration and Mediation Centre provides dispute resolution services for second level domain name registrations under generic top-level domains (gTLDs). The Centre also administers disputes under a specific policies adopted by some gTLD registries (e.g. .aero, .asia, .travel). In addition, the Centre offers domain name dispute resolution services for over 70 country code top-level domains (ccTLDs). WIPO has developed a ccTLD Program, with the aim to provide advice to many ccTLD registries on the establishment of dispute resolution procedures.

(CJEU)

In recent years, the CJUE has adopted important rulings on Internet intermediary liabilities.

...

In recent years, the CJUE has adopted important rulings on Internet intermediary liabilities. In particular, CJUE’s case law focused for instance on the liability of a service provider in an online marketplace (McFadden v Sony Music Entertainment Germany, 2016), the liability of operators of internet marketplaces (L'Oréal v eBay, 2011), the liability of search engine operators (Google Spain case, 2014) and on the tension between data protection and online enforcement (Promusicae v Telefonica, 2008).

(OECD)

Convergence is one of the digital policy issues that the OECD is paying attention to, especially in relation t

...

Convergence is one of the digital policy issues that the OECD is paying attention to, especially in relation to the challenges this phenomenon brings on traditional markets, and the need for adequate policy and regulatory frameworks to address them. In 2008, the organisation issued a set of policy guidelines for regulators to take into account when addressing challenges posed by convergence. In 2016, a report issued in preparation for the OECD Ministerial Meeting on the Digital Economy included new recommendations for policy-makers. Digital convergence issues have been on the agenda of OECD Ministerial meetings since 2008, and are also tackled in the regular OECD Digital Economy Outlook report.

(ECHR)

The European Court of Human Rights deals with privacy through the prism of Article 8 of the

...

The European Court of Human Rights deals with privacy through the prism of Article 8 of the Convention for the Protection of Human Rights and Fundamental Freedoms. It adjudicates on cases brought on against Council of Europe member states accused of being in violation of one or more articles of the Convention. The ECHR has a broad view of what it deems to be protected as ‘personal data’ as any information related to a person (identified or identifiable), which falls under the ‘private life’ part of Article 8. Its most recent high-profile case on the issue found the Hungarian government in breach of Article 8, due to its broad surveillance law.

(APC)

The Association for Progressive Communications regularly participates at the UN Human Rights Council,

...

The Association for Progressive Communications regularly participates at the UN Human Rights Council, to defend the freedom to use encryption technology and to communicate anonymously. One of APC’s strategic priorities for 2016-2019 is to ensure civil society actors and human rights defenders have the capacity to confidently use the Internet and ICTs, by means of privacy-enabling technologies.

(ETNO)

The European Telecommunications Network Operators' Association aims to contribute, through advocacy activities

...

The European Telecommunications Network Operators' Association aims to contribute, through advocacy activities, to shaping the most appropriate regulatory and commercial environment for the telecom sector at the national and European level. As part of its activities, the association publish position papers, reports and studies on a wide range of issues related to intermediaries. ETNO also co-organise annually the ETNO-MLex Regulatory Summit, which gathers key stakeholders to discuss ongoing and future EU regulatory issues, in particular for intermediaries.

Instruments

Judgements

Google Spain SL and Google Inc. v Agencia Española de Protección de Datos (AEPD) and Mario Costeja González Case - Court of Justice of the European Union (2014)

Recommendations

Other Instruments

Resources

Publications

Internet Governance Acronym Glossary (2015)
An Introduction to Internet Governance (2014)

Papers

Jurisdiction on the Internet: From Legal Arms Race to Transnational Cooperation (2016)
Encouraging the Participation of the Private Sector and the Media in the Prevention of Violence Against Women and Domestic Violence: Article 17 of the Istanbul Convention (2016) (2016)
Comparative Analysis on National Approaches to the Liability of Internet Intermediaries for Infringement of Copyright and Related Rights (2014)

Reports

One Internet (2016)
2015 In Retrospect (Vol. 4) (2016)
OECD Digital Economy Outlook 2015 (2015)
The Impact of Online Intermediaries on the EU Economy (2013)
Study on the Liability of Internet Intermediaries (2007)

GIP event reports

Realizing Rights Online: From Human Rights Discourses to Enforceable Stakeholder Responsibilities (2017)

Other resources

Harmonizing Intermediary Immunity for Modern Trade Policy (2014)

Processes

Click on the ( + ) sign to expand each day.

13th IGF 2018

UNCTAD 2018

WSIS Forum 2018

12th IGF 2017

WSIS Forum 2017

IGF 2016

IGF 2015

IGF 2016 Report

 

Several sessions at IGF 2016 explored who should bear responsibility for dealing with illegal or harmful online content: governments, or rather the intermediaries whose platforms are used for dissemination? While there was no definitive answer to this question, it was underlined that, unwillingly, Internet companies are increasingly taking a juridical role. Google, for example, accepts approximately half of the requests for the right to be forgot- ten. Among other – refused – requests, there are some that could open many legal Pandora-type boxes: procedural matters, basis of judgement, right to appeal, etc. (The 'Right to Be Forgotten' and Privatized Adjudication - WS28). 

 

The GIP Digital Watch observatory is provided by

in partnership with

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top