Introduction to Cyberlaw handout 3 – ISP Liability Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (Directive on electronic commerce) Article 12 "Mere conduit" 1. Where an information society service is provided that consists of the transmission in a communication network of information provided by a recipient of the service, or the provision of access to a communication network, Member States shall ensure that the service provider is not liable for the information transmitted, on condition that the provider: (a) does not initiate the transmission; (b) does not select the receiver of the transmission; and (c) does not select or modify the information contained in the transmission. 2. The acts of transmission and of provision of access referred to in paragraph 1 include the automatic, intermediate and transient storage of the information transmitted in so far as this takes place for the sole purpose of carrying out the transmission in the communication network, and provided that the information is not stored for any period longer than is reasonably necessary for the transmission. 3. This Article shall not affect the possibility for a court or administrative authority, in accordance with Member States' legal systems, of requiring the service provider to terminate or prevent an infringement. Article 13 "Caching" 1. Where an information society service is provided that consists of the transmission in a communication network of information provided by a recipient of the service, Member States shall ensure that the service provider is not liable for the automatic, intermediate and temporary storage of that information, performed for the sole purpose of making more efficient the information's onward transmission to other recipients of the service upon their request, on condition that: (a) the provider does not modify the information; (b) the provider complies with conditions on access to the information; (c) the provider complies with rules regarding the updating of the information, specified in a manner widely recognised and used by industry; (d) the provider does not interfere with the lawful use of technology, widely recognised and used by industry, to obtain data on the use of the information; and (e) the provider acts expeditiously to remove or to disable access to the information it has stored upon obtaining actual knowledge of the fact that the information at the initial source of the transmission has been removed from the network, or access to it has been disabled, or that a court or an administrative authority has ordered such removal or disablement. 2. This Article shall not affect the possibility for a court or administrative authority, in accordance with Member States' legal systems, of requiring the service provider to terminate or prevent an infringement. Article 14 Hosting 1. Where an information society service is provided that consists of the storage of information provided by a recipient of the service, Member States shall ensure that the service provider is not liable for the information stored at the request of a recipient of the service, on condition that: (a) the provider does not have actual knowledge of illegal activity or information and, as regards claims for damages, is not aware of facts or circumstances from which the illegal activity or information is apparent; or (b) the provider, upon obtaining such knowledge or awareness, acts expeditiously to remove or to disable access to the information. 2. Paragraph 1 shall not apply when the recipient of the service is acting under the authority or the control of the provider. 3. This Article shall not affect the possibility for a court or administrative authority, in accordance with Member States' legal systems, of requiring the service provider to terminate or prevent an infringement, nor does it affect the possibility for Member States of establishing procedures governing the removal or disabling of access to information. Article 15 No general obligation to monitor 1. Member States shall not impose a general obligation on providers, when providing the services covered by Articles 12, 13 and 14, to monitor the information which they transmit or store, nor a general obligation actively to seek facts or circumstances indicating illegal activity. 2. Member States may establish obligations for information society service providers promptly to inform the competent public authorities of alleged illegal activities undertaken or information provided by recipients of their service or obligations to communicate to the competent authorities, at their request, information enabling the identification of recipients of their service with whom they have storage agreements. In Joined Cases C-236/08 to C-238/08 (Google Adwords) B – The liability of the referencing service provider 106 By its third question in Case C‑236/08, its second question in Case C‑237/08 and its third question in Case C‑238/08, the Cour de cassation asks, in essence, whether Article 14 of Directive 2000/31 is to be interpreted as meaning that an internet referencing service constitutes an information society service consisting in the storage of information supplied by the advertiser, with the result that that information is the subject of ‘hosting’ within the meaning of that article and that the referencing service provider therefore cannot be held liable prior to its being informed of the unlawful conduct of that advertiser. 120 It follows that the answer to the third question in Case C‑236/08, the second question in Case C‑237/08 and the third question in Case C‑238/08 is that Article 14 of Directive 2000/31 must be interpreted as meaning that the rule laid down therein applies to an internet referencing service provider in the case where that service provider has not played an active role of such a kind as to give it knowledge of, or control over, the data stored. If it has not played such a role, that service provider cannot be held liable for the data which it has stored at the request of an advertiser, unless, having obtained knowledge of the unlawful nature of those data or of that advertiser’s activities, it failed to act expeditiously to remove or to disable access to the data concerned. In Case C-324/09 (eBay) 6. Article 14(1) of Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (‘Directive on electronic commerce’) must be interpreted as applying to the operator of an online marketplace where that operator has not played an active role allowing it to have knowledge or control of the data stored. The operator plays such a role when it provides assistance which entails, in particular, optimising the presentation of the offers for sale in question or promoting them. Where the operator of the online marketplace has not played an active role within the meaning of the preceding paragraph and the service provided falls, as a consequence, within the scope of Article 14(1) of Directive 2000/31, the operator none the less cannot, in a case which may result in an order to pay damages, rely on the exemption from liability provided for in that provision if it was aware of facts or circumstances on the basis of which a diligent economic operator should have realised that the offers for sale in question were unlawful and, in the event of it being so aware, failed to act expeditiously in accordance with Article 14(1)(b) of Directive 2000/31. In Case C-70/10 (Scarlet) Directives 2000/31/EC (...), 2001/29/EC (...), 2004/48/EC (...), 95/46/EC (...), 2002/58/EC (...) read together and construed in the light of the requirements stemming from the protection of the applicable fundamental rights, must be interpreted as precluding an injunction made against an internet service provider which requires it to install a system for filtering – all electronic communications passing via its services, in particular those involving the use of peer-to-peer software; – which applies indiscriminately to all its customers; – as a preventive measure; – exclusively at its expense; and – for an unlimited period, which is capable of identifying on that provider’s network the movement of electronic files containing a musical, cinematographic or audio-visual work in respect of which the applicant claims to hold intellectual-property rights, with a view to blocking the transfer of files the sharing of which infringes copyright. UN: A/HRC/17/27 D. Disconnecting users from Internet access, including on the basis of violations of intellectual property rights law 49. While blocking and filtering measures deny access to certain content on the Internet, States have also taken measures to cut off access to the Internet entirely. The Special Rapporteur is deeply concerned by discussions regarding a centralized “on/off” control over Internet traffic.33 In addition, he is alarmed by proposals to disconnect users from Internet access if they violate intellectual property rights. This also includes legislation based on the concept of “graduated response”, which imposes a series of penalties on copyright infringers that could lead to suspension of Internet service, such as the so-called “three- strikes-law” in France34 and the Digital Economy Act 2010 of the United Kingdom.35 50. Beyond the national level, the Anti-Counterfeiting Trade Agreement (ACTA) has been proposed as a multilateral agreement to establish international standards on intellectual property rights enforcement. While the provisions to disconnect individuals from Internet access for violating the treaty have been removed from the final text of December 2010, the Special Rapporteur remains watchful about the treaty’s eventual implications for intermediary liability and the right to freedom of expression.