Lilian EdwardsProfessor of Internet Law

University of Sheffield

OECD WorkshopIGF

September 2010

The policy issues before 2000 Uncertainty as to liability for emergent ISP sector from 91/96

on “Cleaning up” the Internet seen as vital both for

public interests – kids, industry, etc - and consumer confidence in ecommerce and Internet

ISPs are the natural gatekeepers to the Internet BUT Lack of effective practical control – volume of material Lack of legal control (privacy?) Inequity - “shooting the messenger” Consequences of unlimited liability – effect on ISP industry? See early US Prodigy/Compuserve debate – publishers,

distributors or common carriers? Some kind of immunity sought.

Two global model laws emerged EC Directive on Electronic Commerce 2002 “Horizontal effect” - exempts ISSP from

liability for all types of content, criminal or civil ;applies to Information Society Service providers (ISSPs)

Cf US Digital Millennium Copyright Act Copyright only; complemented by CDA s 230

(c) which gave total immunity from publication torts for service providers

Both divide liability up by functions - Mere conduit; Caching; Hosting

Limited liability “notice and take down” paradigm for hosted content became norm

As in pre-2000 world, enrolling ISPs to achieve policy goals now seen as increasingly vital Copyright and downloading – moves to enrol ISPs

in notice & disconnection; filtering; and DPI/monitoring

Child pornography and other unwanted material (terror, gambling, hate speech) – ISPs capable of stopping it by filtering , blacklisting?

Malware – enrolling ISPs to identify, isolate & disinfect bot subscriber computers?

In first two cases, state and commercial interests want prior filtering, not just post factum notice and takedown - harder for ISPs/hosts, and more dangerous for human rights/lack of transparency/scope creep

“Shooting the messenger” narrative no longer seen as true – some hosts seen as culpable or complicit in wrongdoing for profit, esp in web 2.0 world Eg US Viacom v YouTube litigation – though YT

won Eg eBay as site for selling counterfeit goods –

cases vary US/EU/UK as to whether “guilty” ISP and e-commerce industry no longer

seen as needing special protections to thrive?

Filtering is more, tho not very, practical But what of human rights eg privacy from

monitoring, freedom from censorship?

Do we still need special immunities for online intermediaries?

Is limited liability/NTD still sustainable? If not what rules should govern when/how

filtering can be mandated? Do “one size fits all” regimes like ECD still

have a place or do we need separate rules for copyright, porn, gambling etc?

Are new rules needed for “new” intermediaries eg search engines, SNSs, e-auction sites?

What human rights scrutiny can be applied to liability rules? Are international guidelines needed?

1. Rules of liability on intermediaries for libel/(c) clearly have chilling effect on speech – NTD and kneejerk take down

2. Graduated response policies for (c) go further, restricting basic right to access to Net on allegation, and possibly legal speech

Due process often invalidated by both 1 & 2

3. Rules mandating intermediaries to block adult or unwelcome content for child safety/public interest clearly invite scope creep & non transparent restrictions on speech

4. 2 and 3 both likely to involve monitoring obligations via DPI etc => breaches of privacy as well.

5. Enrolling of intermediaries to police malware may also lead to privacy violations.