The Grand Chamber of the European Court of Human Rights ruled last week that the Estonian news site, Delfi, can be held liable for defamatory comments made by its users, without this violating Delfi’s freedom of expression rights under Article 10 of the European Convention of Human Rights (“the Convention”). This intriguing judgment at first glance appears to cut across the principles of the EU Ecommerce Directive, which – amongst other provisions – give online intermediaries a safe harbour exemption from liability for hosting unlawful third-party content.
Delfi operates one of the most popular and largest news sites in Estonia and publishes up to 330 articles a day. On each article page, users have the option to add their own comment. A particular article (“SLK Destroyed Plan Ice Road”) gathered 185 comments, a number of which were abusive. Delfi had in place a notice-and-take-down policy and, once notified of the offensive nature of some of the comments, acted quickly to remove them from the site, albeit, six weeks after initial publication. Company L (being the company mentioned in the article) brought a complaint against Delfi and sued for damages for defamation. Delfi won the initial case and the County Court found that the news site was protected by the Estonian implementation of the Ecommerce Directive 2000 hosting protection. The court considered that Delfi could not be considered a publisher of the comments nor did it have any duty to monitor them.
The claimant appealed and won. The Court of Appeal found that hosting protection did not apply, as Delfi had “integrated the comment environment into its news portal and invited users to post comments”. The Court of Appeal held that Delfi was a provider of content services, rather than an internet intermediary. This decision was upheld by Estonia’s Supreme Court, which ruled that Delfi should have removed the unlawful comments from its site as soon as they were published, rather than waiting to receive notice or a complaint. Delfi appealed to the European Court of Human Rights (“ECHR”), alleging that the decision of the Estonian courts had violated its Article 10 Convention rights. Following a ruling from the ECHR First Chamber on 10 October 2013, the case was referred to the Grand Chamber of the ECHR, which issued its ruling on 16 June 2015.
The general regime
EU Member States, in common with many other jurisdictions – operate a “safe harbour” regime for internet intermediaries. For example, in the US, the Digital Millennium Copyright Act 1998 (“DMCA”) provides online service providers with a safe harbour against copyright infringement claims, provided that the service provider: (i) did not have actual knowledge that the content or any use of that content on the system or network was infringing; (ii) was not aware of any facts of circumstances that made such infringement apparent; and (iii) once it became aware of infringing activity or content, took swift action to remove or disable access to that content.
The European safe harbour regime – contained in the Ecommerce Directive – goes further than the DMCA, in that EU Member States must ensure that their national laws provide intermediaries with immunity from all liability arising from hosting, transmitting or caching unlawful third party content. Europe’s safe harbour regime therefore covers not only copyright infringement, but also trademark infringement, defamation and any other type of liability related to third party content.
There are certain conditions that have to be satisfied for the safe harbour regime to apply to internet hosts:
- The intermediary’s role must be technical, automatic and passive in nature so that it does not have knowledge or control over the unlawful content. The Court of Justice of the European Union (“CJEU”) – Europe’s highest court in relation to the interpretation of European Directives – explored this concept in the case of L’Oréal v eBay, Case C-324/09) where it was highlighted that one example of playing an “active” role would be optimising or promoting user-generated infringing content (in that case, eBay users’ offers for sale). Internet intermediaries are therefore cautious about monitoring, editing or promoting hosted third party content for fear of being deemed to be “active” and losing their immunity.
- It is essential that internet hosts operate effective notice-and-take down procedures. This is because if an internet host has actual or “constructive” knowledge of the unlawful nature of third party content and fails to act expeditiously to remove or disable access to it, then it will not be protected by the safe harbour regime.
The Ecommerce Directive also prohibits EU Member States from imposing a “general” obligation on an internet intermediary to monitor content that it stores or transmits on its networks. CJEU rulings clarify that a “general” monitoring obligation would include a requirement for an intermediary to actively monitor content. (See our previous commentary on the CJEU decisions in Scarlett Extended, Case C-70/10 and Netlog, Case C-360/10).
The Grand Chamber of the ECHR’s decision
Delfi argued that, by classifying Delfi as a publisher rather than as an intermediary, and by effectively requiring Delfi to monitor content on its site, the Estonian Courts had failed properly to apply Estonian national law implementing Europe’s safe harbour regime; but the Grand Chamber refused to rule on whether the Estonian Courts had erred on this point. The Grand Chamber said that its role was not to take the place of domestic courts or to apply domestic law. It could only examine whether the Estonian national court’s application of Estonian law (here, Estonia’s Obligations Act) was a lawful interference with Delfi’s right to freedom of expression under Article 10 of the Convention. The Grand Chamber therefore did not consider the impact of the safe harbour regime or applicable case law of the CJEU.
The Grand Chamber concluded that the Estonian Court’s interference with Delfi’s Article 10 rights was proportionate. It took into account that the comments posted on the website were of an extreme nature, the website was run on a commercial basis and that Delfi had insufficient measures in place to remove swiftly after publication comments that amounted to hate speech and speech inciting violence. The Grand Chamber also noted generally that “the rights and interests of others and of society as a whole may entitle Contracting States to impose liability on Internet news portals, without contravening Article 10 of the Convention, if they fail to take measures to remove clearly unlawful comments without delay, even without notice from the alleged victim or from third parties.”
It is unfortunate, that in in the context of assessing Delfi’s Article 10 rights, the Grand Chamber made remarks that do not sit comfortably with recent CJEU rulings on intermediary liability. For example, the Grand Chamber said that it agreed with the ECHR First Chamber’s finding that Delfi “must be considered to have exercised a substantial degree of control over the comments published on its portal”. The Grand Chamber also said that the Estonian Supreme Court had established sufficiently that “[Delfi’s] involvement in making public the comments on its news articles on the Delfi news portal went beyond that of a passive, purely technical service provider.” This “control”, the Grand Chamber said, flowed from the fact that:
- Delfi is a large commercial site;
- The comments were posted in response to articles published by Delfi. In other words, Delfi steered the agenda, by determining the subject matter of the articles on its site and inviting users to comment on them.
- Delfi determined the site rules for posting comments, and could remove comments that breached those rules. (The court placed some weight on the fact that this was in contrast to users, who could not remove or edit their own comments, once published.)
- Delfi had a commercial interest in comments posted on its site as it profited from the advertising revenue generated by high levels of comments.
The Grand Chamber’s remarks – particularly those concerning the factors that played into the court’s assessment of Delfi’s “control” over user-generated comments -– risk causing confusion. However, it is important to emphasise they were not made as part of any analysis of the safe harbour rules or the application of those rules to Delfi. The Grand Chamber’s starting point was to accept the Estonian Supreme Court’s finding that Delfi was a “publisher” and not an intermediary under Estonian law. On that basis, the various CJEU rulings on intermediary liability, including L’Oréal v eBay, Scarlett Extended, and Netlog continue to hold good. The learning from the Grand Chamber decision, as our colleague Stephan Zimprich points out on our sister IP blog, is that a national or European law which imposes liability on an intermediary does not necessarily violate Art. 10 of the Convention.
 Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (‘Directive on electronic commerce’).
 L’Oréal SA and Others v eBay International AG and Others, (2011), Case C-324/09