Tilburg Law School Tilburg Institute for Law, Technology and Society (TILT) Master Law & Technology (LL.M)
Master Thesis Liability of Internet Society Service Providers and the (upcoming) role of content recognition technologies
Name: Romy van Limpt ANR: 678380 SNR: U1254490 Supervisor: Mr. Ir. M.H.M. Schellekens Second supervisor: S. de Conca Table of Contents Table of Contents ...... 2 List of abbreviations ...... 3 1. Introduction ...... 4 1.1. Background ...... 4 1.2. Research questions ...... 6 1.3. Methodology ...... 7 1.4. Structure ...... 7 2. Terminology and Intermediary Liability ...... 8 2.1. Introduction ...... 8 2.2. Internet Society Service Providers ...... 9 2.3. Intermediary liability – current legal framework ...... 10 2.3.1. Liability exemptions ...... 11 2.3.2. No general obligation to monitor ...... 14 2.4. Copyright enforcement ...... 15 2.4.1. Notice and Take Down ...... 15 2.4.2. Content Recognition Technologies ...... 17 2.5. Conclusion ...... 21 3. Intermediary Copyright Liability and Compatibility ...... 22 3.1. Introduction ...... 22 3.2. The European Digital Single Market ...... 22 3.2.1. New EU Copyright Directive ...... 23 3.2.2. Practical consequences ...... 26 3.3. Fundamental compatibility ...... 29 3.3.1. Freedom to conduct a business ...... 29 3.3.2. Freedom of expression and information ...... 32 3.3.3. Right to protection of personal data ...... 33 3.4. Fundamental restrictions ...... 36 3.5. Conclusion ...... 38 4. Intermediary Copyright Enforcement in the future ...... 39 4.1. Introduction ...... 39 4.2. Vertical intermediary liability approach ...... 39 4.2.1. Fair balance test ...... 40 4.3. Compatible copyright enforcement system ...... 42 4.4. Notice and Action ...... 44 4.4.1. Notice and Notice System ...... 45 4.4.2. Notice Wait and Take Down System ...... 46 4.4.3. Notice and Stay Down system ...... 47 4.5. Conclusion ...... 48 5. Conclusion ...... 49 Bibliography ...... 52
2
List of abbreviations
AG: Advocate General CDA: Communications Decency Act Charter: Charter of Fundamental Rights of the European Union CRTs: Content Recognition Technologies DMCA: Digital Millennium Copyright Act (US) DSMS: Digital Single Market Strategy DSM: Digital Single Market EC: European Commission ECHR: European Convention on Human Rights ECtHR: European Court of Human Rights EP: European Parliament ECJ: European Court of Justice EU: European Union InfoSoc: Information Society ISP: Internet Service Provider ISSP: Information Society Service Provider NN: Notice and Notice (system) NSD: Notice and Stay Down (system) NTD: Notice and Take Down (system) NWTD: Notice Wait and Take Down (system) SLA: Second Level Agreement UCC: User Created Content UMG: Universal Music Group WP: Working Party
3
1. Introduction
1.1. Background Online service providers are playing an important role in the economic and social life of today. Think of search engines, e-commerce platforms, price comparison websites and social media. The providers are enabling information to consumers and creating interactions between users. The E-commerce Directive 1 makes a beginning with regulating online service providers by defining service providers in article 2(b) as ‘any natural or legal person providing an information society service’. Article 1(2) of the Technical Standards Directive 2 further defines these Information Society Service Providers (ISSPs), or intermediary service providers3. The article states that an Information Society Service is ‘any service normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of services’. With the growing importance of service providers and the amount of information and data on them, it is hard for the creators of copyright protected work to enforce and license their rights. In addition, it is difficult to seek remuneration for the online distribution of their works. 4 Copyright gives exclusive rights to the rightholders in order to protect their work and gain some income. One of the exclusive rights, is the right to communicate to the public, which means online sharing and disclosure of the protected work to the public.5 Usually, there is no agreement between the user and rightholder or between the platform and the rightholder when someone uploads copyright protected work on the platform. The options for the rightholders are mostly requesting an injunction6 or notifying the online platform to take down the content. The latter, called the Notice and Take Down (NTD) procedure, is provided in article 14(2) of the E- Commerce Directive. The ISSP takes down or prevents access to the information or activity once
1 Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (E-Commerce Directive), OJ L178/1. 2 Directive 98/34/EC of the European Parliament and of the Council of 22 June 1998 laying down a procedure for the provision of information in the field of technical standards and regulations (Technical Standards Directive), OJ L204/37. 3 Section 4 E-Commerce Directive. 4 European Commission, ‘Proposal for a Directive of the European Parliament and of the Council on copyright in the Digital Single Market’ COM (2016) 593 final, p. 3. 5 Art. 3(1) Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related right in the information society (InfoSoc Directive), OJ L167/10. 6 Ibid, art. 8.
4 notified about illegal content on their services. The European Court of Justice (ECJ) confirms that the procedure should be followed when a sufficiently precise and substantiated notice is sent to the ISSP.7 Reporting mechanisms should be available to the general public without needing to be signed-in as a user.8 In relation to this, the European Commission made a new EU Directive on Copyright in the Digital Single Market in which they want to address the ‘value gap’.9 This refers to the idea that revenues generated from the online use of copyright-protected content are unfairly distributed between the different players in the value chain of online publishing. 10 The new proposed Directive introduces an obligation for online intermediaries to filter uploads and to set up licencing agreements with the rightholders, in order to decrease the amount of illegal content and to solve the problem of the value gap. With the increasing responsibility and proposed liability for intermediaries, it is likely that intermediaries are forced to take measures to prevent copyright infringements. Different content recognition technologies (CRTs) can be used by intermediaries to avoid liability and to fulfil the obligation to implement measures to carry out a copyright check prior to the content being publicly available. Automatic tools and filters can be used to identify potentially infringing content, and third parties will not be able to notice the infringement. Automated technologies will be used to identify content by processing and comparing the content to discover a breach of copyright or licence agreement.11 Once there is a notice for a particular piece of content which is protected under copyright law, the system will be able to block any copy of that content from ever being uploaded to the platform again. However, citation of copyright protected material or the use of copyright protected material for education can be permitted under certain circumstances. With the use of technologies and algorithms it will be a challenging job to put information in context. Unless the fact that an option for counter-notice is in place, there will be a risk of removing legal content because of the
7 Case C-324/09, eBay vs. l'Oréal [2011] ECR I-06011. 8 European Commission, ‘Tackling Illegal Content Online Towards an enhanced responsibility of online platforms’ COM (2017) 555 final, page 9. 9 European Commission, ‘Proposal for a Directive of the European Parliament and of the Council on copyright in the Digital Single Market’ COM (2016) 593 final, p. 3. 10 Christina Angelopoulus, ‘EU Copyright Reform: Outside the Safe Harbours, Intermediary Liability Capsizes into Incoherence’ (2016) Kluwer Copyright Blog
5 lack of human involvement.12 For example, the educational use of a Jimi Hendrix cover has been taken down by YouTube, which was in the context of a Harvard Professor’s Copyright Lecture.13 YouTube also deleted ten thousands videos of war crimes on the internet by automated algorithms who were not being able to make a distinction between news articles, an archive or a call for jihadist struggles.14 Another example are the videos of the National Aeronautics and Space Administration (NASA), the independent agency of the federal government of the United States that has no copyrighted on their content. Their images, videos and files may be used without needing explicit permission of the NASA.15 With the permitted use of NASA material by TV programs who automatically ask copyright protection, the algorithms thought that NASA was infringing someone else’s copyright.16 NASA was, as a result of that, not able to publish their own content. These examples illustrate that CRTs do not always recognize the context of the copyright protected work on the internet completely. However, intermediaries may rely on these types of content recognition when their liability is at risk. This can lead to significant implications for the concerned parties which should be balanced against the interest of copyright protection.
1.2. Research questions Following on from the above discussion, the main research question is:
Should Internet Society Service Providers (ISSPs) be held liable for copyright infringements on their platform and in what way can content recognition technologies play a role in this?
12 European Commission, ‘Proposal for a Directive of the European Parliament and of the Council on copyright in the Digital Single Market’ COM (2016) 593 final, page 17. 13 Ernesto van der Sar, ‘YouTube Copyright Complaint Kills Harvard Professor’s copyright Lecture (Update)’ (TorrentFreak 2016)
6
To answer the main question, the following sub-questions will be a guidance: - What are Internet Society Service Providers (ISSPs)? And what kind of copyright enforcement technologies can be used by ISSPs? - How does the EU intermediary liability framework address copyright liability? - How do content recognition technologies fit within EU legal framework and what is the fundamental compatibility? - What is the ideal copyright enforcement system in the legal framework?
1.3. Methodology To answer the questions, a legal analysis of the existing legal framework on ISSP liability in the context of copyright infringement has to be made. The analysis includes an assessment of the E- Commerce Directive, the new EU Copyright Directive but also fundamental principles like the freedom of expression and right to protection of personal data. The analyses will be combined with relevant case law from the European Court of Justice (ECJ), documents and policies of European Institutions and literature. Since we will be focussing on the European perspective, the European framework has a central place in this thesis. However, the US Digital Millennium Copyright Act will come across to discuss the regulation of ISSP liability in another way. To understand the different ways of copyright enforcement, we will take a look at the meaning of different copyright enforcement techniques and describe their potential position within the legal framework in order to illustrate the fundamental compatibility.
1.4. Structure The research will be divided in different parts, all guided by the sub-questions as aforementioned. In the second Chapter, we will elaborate on the definition of ISSPs and copyright enforcement techniques will be investigated. It is necessary to understand how these techniques work, especially the technique of content recognition. The third Chapter sets out the legal framework regarding ISSPs’ copyright liability within the EU. Therefore, a close look at European legislation, the new EU Copyright Directive and case law is needed. The research concludes by assessing other copyright enforcement technologies within the European framework.
7
2. Terminology and Intermediary Liability
2.1. Introduction People are intensively using web shops, search engines and information tools on the internet. Intermediaries, the Internet Society Service Providers (ISSPs), are making sure that everyone has access to the internet, that users can upload information on the internet and that people can communicate with each other on the internet. The term ISSP is broad and subject to debate since the law and literature describe different definitions. This Chapter distinguishes and defines the different providers. The terms ISSPs and intermediaries, having the same definitions, will be used throughout this thesis and are not limited to the extent of internet access providers. This thesis will primarily focus on hosting providers, consisting of the storage of the information provided by a recipient of a service.17 The rules regarding ISSPs’ liability for copyright infringements can be found in the E- Commerce Directive, the Intellectual Property Rights Enforcement Directive18 and the InfoSoc Directive19. The E-Commerce Directive provides safeguards for intermediaries by differentiating between different providers: mere conduit, caching and hosting providers. Most EU Member States transposed these respective provisions literally. 20 The scope of these safeguards is horizontal, meaning that the exemptions cover various types of illegal content and activities and covers different kinds of liability. Some types of illegal content are copyright infringing content, defamation laws or unfair commercial practices for example. The different sorts of liability are criminal or civil liability, as well as direct or indirect liability.21 This thesis will focus on the intermediary liability regarding copyright protected material in the context of hosting platforms. And finally, this Chapter provides the current various means of copyright enforcement systems in order to assess the copyright enforcement systems in the current and future legal intermediary liability framework.
17 Art. 14(1) E-Commerce Directive. 18 Directive 2004/48/EC of the European Parliament and of the Council of 29 April 2004 on the enforcement of intellectual property rights (Intellectual Property Rights Enforcement Directive), OJ L195/16. 19 Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related right in the information society (InfoSoc Directive), OJ L167/10. 20 European Commission, ‘First report on the application of the Directive on electronic commerce’ COM (2003) 702 final, p.13. 21 Natali Helberger and others, ‘Legal Aspects of User Created Content’ (2009) IViR, p. 40.
8
2.2. Internet Society Service Providers The E-Commerce Directive defines ISSPs as ‘information society services’, which are further defined as ‘any service normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of services’.22 The Internet Service Provider (ISP) falls under the scope of that definition, mostly used as a synonym. Further explanation of the concept of ISSPs is needed since the definition is very broad and ambiguous.23 First of all, the term ‘at a distance’ means that the parties are not present for the provided service. The service is sent initially and received at its destination by means of electronic equipment for the processing and storage of data, and entirely transmitted, conveyed and received by wire, radio, optical means or other electromagnetic means by referring to the element ‘by electronic means’.24 In addition to that, the transmission of data on individual request is required by the words ‘at the individual request of a recipient of services’. The second element, ‘normally provided for remuneration’, is defined in recital 19 of Directive 98/48/EC25, which introduced the concept of information society services for the first time. The recital refers to article 50 of the EC Treaty.26 When we look at case law regarding article 50 of EC Treaty, we see that the ECJ explicitly said that some activities are not ‘normally being provided for remuneration’, like public education and services of the government.27 The ECJ clarified that an activity remunerated by a third party can also fall under remuneration. It is not necessary that the user pays himself, services relying on the income of advertisements will fall under the element too.28 And the last element which is important in the definition is ‘by electronic means’, meaning that the service is on top of the already existing infrastructure of networks. The service cannot consist of low-level signal transmission. The means of electronic equipment can be used for processing, digital compression and storage of data.29
22 Art. 2(a) and (b) E-Commerce Directive, with reference to art. 1 of the Technical Standards Directive. 23 Irini Stamatoudi and Paul Torremans (eds), EU Copyright Law: A Commentary (Edward Elgar Publishing, Cheltenham 2014), p. 507. 24 Christina Angelopoulos, ‘European intermediary liability in copyright: A tort-based analysis’ (2016) UvA Digital Academic Repository, p. 44. 25 Council Directive 98/48/EC of 20 July 1998 amending Directive 98/34/EC laying down a procedure for the provision of information in the field of technical standards and regulations, OJ L217/18. 26 Treaty establishing the European Community (TEC), OJ C325/1. 27 Case 263/86 Belgian State v. Humbel [1988] ECR 05365. 28 Case 352/85 Bond van Adverteerders v. the Netherlands [1988] ECR 02085. 29 Recital 17 and 18 E-Commerce Directive.
9
Looking at the definition from the E-Commerce Directive, you will find that the definition is clearly linked to primary law, like article 57 of the Treaty on the Functioning of the European Union (TFEU), concerning free movement of services.30 The Court and the Advocate General (AG) gave a broader definition to the concept of ‘service’. The AG argued that ‘the requirement for pecuniary consideration laid down in article 57 TFEU does not mean that the service must be paid for directly by those who benefit from it.’31 With this, the AG meant that an economic activity might be covered as long as some indirect transactions are made. This can be interpreted as a form of consideration like the purchase of advertised goods or services. 32 The ECJ confirmed the approach of the AG by stating that ‘the cost of that activity is incorporated into the price of those (advertised) goods or services.33 At the same time it is noted that a mere economic character of an activity would not be sufficient to qualify an activity as a service; some additional circumstances have to be present.34 However, definition of a service might not be the same in every Member State. Domestic laws can extend safe harbours beyond the harmonised area of services ‘normally provided for remuneration’, in which situation there is no need to inquire about the limits of EU legislation.35
2.3. Intermediary liability – current legal framework Articles 12 to 15 of the E-Commerce Directive are providing a limited liability regime for the provision of certain ISSPs. The E-Commerce Directive applies to different kind of providers and areas of law, meaning that it has a horizontal approach. The European legislator considered the limitations on the liability of such internet users in the E-Commerce Directive to be ‘absolutely necessary’.36 This is in connection with the promotion of the free movement of goods and services in the field of electronic commerce, the reduction of costs and of such services, freedom of expression and legal certainty.37 Unlike the US approach38, the E-Commerce Directive does
30 Consolidated version of the Treaty on the Functioning of the European Union (TFEU), OJ C326/47. 31 Case C-484/14 Tobias McFadden v. Sony Music (ECJ 15 September 2016), Opinion of AG Szpunar, para. 43. 32 Martin Husovec, ‘Holey cap! CJEU Drills (yet) Another Hole in the E-Commerce Directive’s Safe Harbors’ (2017) JIPLP, p. 116. 33 Case C-484/14 Tobias McFadden v. Sony Music (ECJ 15 September 2016), Opinion of AG Szpunar, para. 42. 34 Ibid, para. 41. 35 Martin Husovec, ‘Holey cap! CJEU Drills (yet) Another Hole in the E-Commerce Directive’s Safe Harbors’ (2017) JIPLP, p. 116 and 117. 36 European Commission, ‘First report on the application of the Directive on electronic commerce’ COM (2003) 702 final, p. 14. 37 Recitals 3, 4, 40 and 46 E-Commerce Directive.
10 not specify the type of content that is illegal on platforms. It covers criminal, administrative and civil infringements. 39 Despite the fact that this thesis focuses on copyright liability, it will mention case law regarding other types of illegal content since it can provide guidance to the legal position of ISSPs. The current legal framework is providing comprehensive protection, regardless of whether it is a potential infringement of copyright, criminal law or defamation.40 Despite the current horizontal comparison, the EU is moving to a vertical approach. A horizontal approach will be difficult to regulate, mainly because of the size of the platforms and the ease with which they can expand.41
2.3.1. Liability exemptions There are three types of providers that can invoke a liability exemption from the E-Commerce Directive. Before explaining the hosting provider central in this thesis, we will discuss the two other providers that can invoke a liability exception. The first one is the mere conduit provider. An ISSP acts as a mere conduit when the it is passively involved in the transmission of information. For instance by e-mail, or when it is involved in providing access to a communications network. 42 This means that the conduit is not involved in the message or the substance of the communication parts. In cases where the service provider is involved in the transmission in modifying or selecting or when the receiver of the data is selected by the service provider, the liability exemption does not apply.43 The ISSP can claim the exemption to liability when the provider does not initiate the transmission, when it refrains itself from selecting the person receiving the information and when the provider does not select or modify the
38 Georgios N. Yannopoulos, ‘The Immunity of Internet Intermediaries Reconsidered?’ in Mariarosaria Taddeo and Luciano Floridi (eds), The Responsibilities of Online Service Providers (Springer International Publishing, Cham 2017), p. 45. 39 European Commission, ‘Online Platforms and the Digital Single Market Opportunities and Challenges for Europe’ COM (2016) 288 final, page 8; and European Commission, ‘Tackling Illegal Content Online Towards an enhanced responsibility of online platforms’ COM (2017) 555 final, page 6. 40 European Commission, ‘Online services, including e-commerce, in the Single Market’ SEC (2011) 1641 final, p. 25. 41 European Commission, ‘Online Platforms and the Digital Single Market Opportunities and Challenges for Europe’ COM (2016) 288 final, page 9; and European Commission, ‘Online Platforms Accompanying the document Communication on Online Platforms and the Digital Single Market’ SWD (2016) 172 final, page 3, 14 and 15. 42 Lilian Edwards (ed), The New Legal Framework for e-commerce in Europe (Hart Publishing, Portland 2005), p. 112. 43 Art. 12 E-Commerce Directive; and DLA Piper, ‘EU Study on the Legal Analysis of a Single Market for the Information Society; new rules of a new age?’ (2009)
11 transmission.44 This exception to liability is, however, subject to the condition that the ISSP may be required to impose certain restrictions on the subscription at a national level. This is a very different situation from when an ISSP will be held liable for not having checked for illegal content and not having exercised control over it, as we will see with the hosting provider.45 The second provider able to invoke a liability exemption, is the caching provider. This provider temporarily and automatically stores data in order to make the onward transmission of the information more efficient.46 Caching is transmitting information at the request of a recipient or storing that information for a short period.47 For immunity, the mere conduit provider cannot interfere with the information passing through the network by modifying it, and the ISSP should regularly update information with respect to terms of use in accordance with industry standards. The information copy must be identical to the original information. Further, the webserver may specify the maximum period for which copies can be stored on the server and the caching provider must remove the copies when it obtains knowledge of the fact that the original data is removed or that the access of the original data is blocked.48 The longer term storage will not be defined as caching but as hosting and will therefore be subject to a greater risk of liability.
The third provider able to invoke a liability exemption, and the main focus in this thesis, is the hosting provider. The definition of a hosting provider, included in article 14 E-Commerce Directive, is assigned to more types of providers than those that only offer access to the internet. A hosting provider can validly invoke this exemption from liability if knowledge of illegal activities or illegal stored information is lacking. The hosting provider can only benefit from the liability exemption when the service in question can qualify as an information society service, consisting of storage of information that is provided by the recipient of the information and while having no actual knowledge or awareness of the illegal nature of the information.49 It requires the
44 Thibault Verbiest, Gerald Spindler and Giovanni Maria Riccio, ‘Study on the Liability of Internet Intermediaries’ (2007) SSRN. 45 Chris Reed and John Angel (eds), Computer Law (Oxford University Press, Oxford 2003). 46 Art. 13 E-Commerce Directive. 47 Lilian Edwards, ‘The Fall and Rise of Intermediary Liability Online’ in Lilian Edwards and Charlotte Waelde (eds), Law and the Internet (Hart Publishing, Portland 2009), p. 64. 48 DLA Piper, ‘EU Study on the Legal Analysis of a Single Market for the Information Society; new rules of a new age?’ (2009)
12
ISSP to perform certain actions if it has become aware of the illegal activities and actions, such as the deleting the information. The storage of information means holding, keeping or storing data provided by the providers’ users50, on a server.51 The data is stored, specifically selected and uploaded by a user of the service and is intended to be stored for an infinite amount of time. The users are generating the content and placing it on the providers’ platform for the access by other users.52 Article 14 E-Commerce Directive covers a wide range of different activities and applies to a wide range of providers, such as online marketplaces and social media platforms.53 Typically, these types of providers are webhosting companies, providing web space to its users. If someone places anything on the service under the control of the ISSP, the exceptions to liability will lapse.54 The ISSP is thus exempt from material hosted by third parties until the ISSP was aware of the illegal content and has done nothing to remove it.
The E-Commerce Directive states that the liability exemption in article 14 E-Commerce Directive covers only cases ‘where the activity of the information society service provider is limited to the technical process of operating and giving access […] activity is of a mere technical, automatic and passive nature’.55 The ECJ clarifies the precise scope of this in case law. An important case in this respect is the L’Oreal v. eBay case56 in which the central question was whether article 14 E-Commerce Directive applies to the online marketplace eBay. The ECJ indicated that the operation of an online marketplace falls within the definition of an information society service.57 But the applicability of the article requires more than just the provision of a service containing the storage of information for users. There is only an ISSP within the meaning of the E-Commerce Directive if the provider limits itself to a neutral provision of the service by
50 Broder Kleinschmidt, ‘An International Comparison of ISP’s Liabilities for Unlawful Third Party Content’ (2010) International Journal of Law and Information Technology 18(4), p. 340. 51 Case C-236/08 Google France v. Louis Vuitton [2010] ECR I-02417, para. 111. 52 Giovanni Sartor and Mario Viola de Azevedo Cunha, ‘The Italian Google-Case: Privacy, Freedom of Speech and Responsibility of Providers for User-Generated Contents’ (2010) International Journal of Law and Information Technology 18(4), p. 370. 53 Case C-360/10 SABAM v. Netlog (ECJ 16 February 2012), para. 27. 54 Art. 14(2) E-Commerce Directive. 55 Recital 42 E-Commerce Directive. 56 Case C-324/09 L’Oréal v. eBay [2011] ECR I-06011. 57 Ibid, para. 109.
13 means of a purely technical and automatic processing of the data provided by its customers.58 The ECJ came to the same conclusion in the Google Adwords case.59 The ECJ ruled that ‘it is necessary to examine whether the role played by that service provider is neutral, in the sense that its conduct is merely technical, automatic and passive, pointing to a lack of knowledge or control of the data which it stores’.60 The fact that Google determines the terms of payment itself and provide the general information to the customers, does not mean that Google cannot invoke the exemption of liability in article 14 E-Commerce Directive. 61 Unfortunately, it is up to the national courts to assess whether the ISSP’s role corresponds to the role described by the ECJ. A case in which there was a direct infringement by an ISSP is the Brein v. Ziggo case.62 By managing the platform, Pirate Bay made the protected content available to the public and was not having a neutral role that could lead to a liability exemption.63
2.3.2. No general obligation to monitor According to article 15 E-Commerce Directive, Member States shall not impose a general obligation on online intermediaries to monitor the information that they transmit or store when they are performing one of the above mentioned type of services.64 Member States may also not require intermediaries to look for illegal activities from their users. This is a logical rule as otherwise it becomes impossible for providers to offer the services in a realistic and commercial way. The second paragraph of article 15 establishes a more specific obligation of the ISSP. The ISSP is obliged ‘to promptly inform the competent public authorities of alleged illegal activities’ of information provided by the ISSPs customers, or to ‘communicate to the competent authorities’. While article 15 E-Commerce Directive prohibits to impose a general obligation to monitor, is recital 48 E-Commerce Directive contradicting this by providing the possibility for Member States to establish a ‘duty of care, which can reasonably be expected from them and which are specified by national law, in order to detect and prevent certain types of illegal activities’. The recital explains the term ‘general’ from article 15 E-Commerce Directive. The interpretation has been left to the courts. ISSPs which are not subject to one of the liability
58 Case C-324/09 L’Oréal v. eBay [2011] ECR I-06011, para. 113. 59 Case C-236/08 Google France v. Louis Vuitton [2010] ECR I-02417, para. 114 and 120. 60 Ibid, para. 114. 61 Ibid, para. 116. 62 Case C-610/15 Stichting Brein v. Ziggo (ECJ 14 June 2017). 63 Ibid, para. 36 and 37. 64 Art. 12, 13 and 14 E-Commerce Directive.
14 exemptions are not subject to the general prohibition of monitoring. However, the duty is normally understood for activities which are concerning criminal and public law infringements and not for preventing copyright infringements.65 But in the Scarlet v. SABAM judgment66, the ECJ decided that the obligation to filter content for copyright protection, asked by SABAM, is contrary to article 15 E-Commerce Directive. Filtering entails the monitoring of all data from all customers for any future infringement of intellectual property, for an unlimited time.67
2.4. Copyright enforcement Different copyright enforcement systems currently used by ISSPs to avoid copyright liability are discussed below. The E-Commerce Directive forms the basis for the Notice and Take Down (NTD) procedure. Although intermediaries can gain knowledge or awareness with investigations undertaken on the intermediary’s own initiative68, the NTD procedure is the most common way of copyright enforcement in the current horizontal legal system. But, also the rise of technology in the prevention of liability is becoming increasingly popular. Not only because it saves high costs and energy, but also because the EU is slowly working towards the system in which a hosting provider will be liable for copyright infringements on its platform, regardless of its actual knowledge. This leads to a proactive system ensuring that the control takes place before an upload. In order to test the different forms of content recognition, an explanation of these systems is necessary.
2.4.1. Notice and Take Down Once a notification is sent to the hosting provider, the knowledge element is no longer lacking and the hosting provider should ‘act expeditiously’ to remove or disable the access to the illegal content. When the ISSP receives a complaint about unlawful or illegal content, the ISSP has to decide whether the information is illegal or unlawful, and if so, the ISSP has to remove it from the website or has to block the access to the illegal content.69 But although the NTD system contributes to copyright protection, there is a downside on this type of procedure. The copyright
65 Lilian Edwards, ‘Role and Responsibility of Internet Intermediaries in the field of Copyright and Related Rights’ (2011) WIPO, p. 10. 66 Case C-70/10 Scarlet Extended v. SABAM [2011] ECR I-11959. 67 Ibid, para. 40. 68 Case C-324/09 L’Oréal v. eBay [2011] ECR I-06011, para. 122. 69 Art. 4 E-Commerce Directive.
15 owners will often send a notice without actually carrying out careful research and ISSPs will probably remove the material immediately without further research in order to reduce the risk of liability. The removed material is likely to remain offline, regardless of whether or not the uploading was legal. The reason for this is the lack of proper investigation and the uploader itself that will usually not send a counter-notice to the ISSP. Recital 46 allows Member States ‘to establish specific requirements which must be fulfilled expeditiously prior to the removal or disabling of information’. As a consequence, the implementation of the NTC procedure is left to Member States and leading to Member States defining different procedures. However, the ISSPs should provide a ‘rapid and reliable procedure for removing and disabling access to illegal information’.70 In addition to the NTD system, Member States may establish the obligation for ISSPs to inform the competent public authorities of alleged illegal activities undertaken or information provided by recipients of their service. 71 If the ISSP ‘accidentally’ encounters certain indications that are illegal, the ISSP must report this to the competent authorities. However, this is not a logical measure, as the ISSP is obliged to block or to remove the material if it is certain that the content on the platform infringes copyright. In contradiction to the European framework, the US obligates hosting providers to implement the detailed and clear NTD system. The Digital Millennium Copyright Act (DMCA) 72 is enacted in 1998 and regulates copyright infringements on the Internet in the US through an NTD procedure. The US legislation makes a clear distinction between intermediary liability for copyright infringements and infringements within other jurisdictions.73 The notices have to fulfil certain formal requirements in the US and should include minimal content to impose a duty for the service provider to remove the material such as the name, address, electronic signature and sufficient information about the potential infringement. 74 The ISSP can ignore notices not meeting the formal requirements and must have a designated agent to receive notifications of the claimed infringement. 75 The DMCA protects ISSPs for unknowingly transmitting or storing copyright protected material, almost similar as the E-Commerce Directive but including the
70 Recital 40 E-Commerce Directive. 71 Art. 15(2) E-Commerce Directive. 72 US Digital Millennium Copyright Act (DMCA), Pub. L. No. 105-304. 73 Art. 512 DMCA and section 230 Communications Decency Act (CDA). 74 Section 512(c)(3)(A) DMCA. 75 Section 512(c)(3)(A) DMCA.
16 prevention of future infringements as a condition to fall within the scope.76 The hosting service provider avoids liability when it blocks access to the material after notification.77
2.4.2. Content Recognition Technologies In practice, the use of content recognition technologies (CRTs) will mainly be accomplished by the existence of a database. As soon as users upload new content, the content will be compared to the already existing database. These types of Digital Rights Management (DRM) are based on digital technologies that describe and identify content. With the identification it is possible to enforce rules set by rightholders or prescribed by law for the distribution and use of copyright protected content.78 The use of CRTs is not new. For example, it is possible to use compare-by- hash to find out whether a file is the same as the original and screened work. A hash is a short digest of the original file and is able to determine the absolute equality of non-equality of files. During verification, the original file is hashed. If the file is changed, the hash value will change in a random manner and is totally different than the hash of the original file.79 The compare-by- hash technique is a predecessor of fingerprinting. 80 Another technique for tracing files is recording metadata like download data, the purchaser’s name, the author and the creation date. Combining the metadata technique with the digital fingerprinting can lead to opportunities by associating external information and automatic adding the metadata to different files. 81 The digital fingerprinting technique is often referred to as the digital watermarking technique. However, these two techniques are different as we will explain hereafter.
76 Michael Kevin Lemly, ‘Protecting Consumers from Themselves: Alleviation the Market Inequalities Created by Online Copyright Infringement in the entertainment industry’ (2002) Albany Law Journal of Science & Technology 13, p. 620. 77 Art. 512(c)(1) DMCA. 78 Lucie Guibault and Natali Helberger, ‘Copyright Law and Consumer Protection’ (2005) European Consumer Law Group Brussels 035(05), p. 9. 79 Stefan Katzenbeisser, Huajian Liu and Martin Steinebach, ‘Challenges and Solutions in Multimedia Document Authentication’ in Information Resources Management Association, Digital Rights Management: Concepts, Methodologies, Tools and Applications (IGI Publishing, Hershey 2012), p. 1587. 80 Sara Kudrle, ‘Media Fingerprinting: Managing Content, Security and Quality’ (2014) Grass Valley
17
The watermarking technique already exists for a long time. Paper was already watermarked in the thirteenth century by varying the thickness and density of certain parts of the paper. Creating an image was possible via consequential differential transmission of light. A well-known example for this is money.82 The paper watermarks inspired the digital area and therefore digital watermarking was a growing area in the late nineties. Digital watermarking embeds information into digital material that it is imperceptible to a human observer but easily detected by computer algorithm.83 Watermarking can either be visible or invisible and places an identifying mark on a file. An example of visible watermarking is a television station such as BBC, where you can see the logo in one of the corners on the screen. To identify the copyright data, like identifying the author of a copyright protected work, invisible watermarking is mostly used.84
Fig. 1: Structure of the watermarking-based system for content recognition85
The digital watermarking technique derives from steganography, which is the science of communication information while hiding the existence of the communication.86 By hiding the information, steganography ensures that the information cannot be discovered in any way. The advantages of digital watermarking are that it is almost impossible to remove a digital watermark
82 Jessica C. Lai and Christoph B. Graber, ‘Is Digital Text-Watermarking the Long-Desired User Friendly Digital Rights Management? Copyright and Fundamental Values from a Comparative Perspective’ (2015) i-call Working Paper 2, p. 11. 83 Juergen Seitz, Digital Watermarking for Digital Media (IGI Publishing, London 2005), p. 5. 84 Chun-Shien Lu (ed), Multimedia Security: Steganography and Digital Watermarking Techniques for Protection of Intellectual Property (IGI Publishing, London 2005), p. 6. 85 Civolution, ‘Automated Content Recognition: creating content aware ecosystems’ (2012) Civolution
18 and it applies to shortened files. On the other hand, it is a disadvantage that the digital watermarking system is not standardised. Using the same technique is not enough to read the watermark. An identification key is necessary.87 The use of digital watermarking, whether or not standardised, can be a major burden for intermediaries given the enormous amount of copyright protected work.
By using the digital fingerprinting technique, computer systems can filter out copyright protected material. Digital fingerprinting differs from digital watermarking by only analysing the media, instead of embedding information into the file. The watermark can be completely unrelated to the media, a fingerprint is an actual representation of characteristics of the file itself.88 The idea of fingerprinting is that audio files, images and video content can be identified by examining the characteristics of the file. The system has to recognise the content and therefore the system knows already the characteristics of the file. This requires a two-step process.89
Fig. 2: Structure of the fingerprinting-based system for content recognition90
87 Prabhishek Singh and R.S. Chadha, ‘A Survey of Digital Watermarking Techniques, Applications and Attacks’ (2013) International Journal of Engineering and Innovative Technology 2(9), p. 169. 88 Sara Kudrle, ‘Media Fingerprinting: Managing Content, Security and Quality’ (2014) Grass Valley
19
The fingerprinting technology is able to recognise the audio if it already exists. In contrast to hashing and digital watermarking, it is possible to identify re-recordings when using a digital fingerprinting system. Unlike the compare-by-hash technique, the digital fingerprinting technique is able to recognise the contents of files that are shortened, have a different resolution or are slightly modified.91 A major disadvantage that must be taken into account is the chance that a copyright protected work is used but falls under the exception for any use by, for example, criticising the work or making a parody of it. Even in this case, human work will therefore be required in order to make the test afterwards. Some hosting providers have been using the fingerprinting technique for some time now, including YouTube. By using the digital fingerprinting technique, YouTube shapes its Content ID system and tries to ensure that copyright protected work is prevented from uploading. Another very popular recognition system using digital fingerprinting is Shazam. Shazam has an extensive database with fingerprinting algorithms on the audio files. The user of the phone records a few seconds of a song and sends it to Shazam. When data packages are filtered, the traffic is identified so that a certain consequence can be linked. This form of filtering must be distinguished from the blocking system. Blocking can be used as preventing certain communications without inspecting data packets, for example by countering spam or harmful traffic for security reasons. This is in contrast with filtering techniques which are checking the content before blocking. Blocking has a completely different legal implication than filtering. AG Cruz Villalón stated this in the Scarlet case by saying that the filtering system is a condition of the effectiveness of the blocking system and that the two operations are very different with different consequences, although they are closely linked.92 In the two SABAM judgments93, the ECJ has taken a strong position against filtering. Prior to these judgments, it had become apparent at L’Oréal v. eBay that surveillance of ISSP customers’ data is prohibited by article 15 of the E-Commerce Directive. In the Scarlet v. SABAM judgment, the ECJ reiterated the conclusion from L’Oréal v. eBay but added that, even in the absence of article 15 E-Commerce Directive, an application to introduce a filtering system
91 Sara Kudrle, ‘Media Fingerprinting: Managing Content, Security and Quality’ (2014) Grass Valley
20 may also infringe certain fundamental rights of the parties involved.94 An example of this is the freedom to conduct business for an ISSP or the protection of personal data for the customer.95 In the Scarlet case, it was about an internet access provider. The ECJ made a few months after this case the same conclusion with regards to a hosting service provider in the SABAM v. Netlog case. 96 The rulings confirm the conclusion from the Promusicae judgment: the limits for enforcement of copyright infringements were not set in secondary legislation, but in primary legislation.97
2.5. Conclusion This Chapter discusses and analyses the horizontal liability regime of online intermediaries, in particular hosting providers. Hosting providers, falling under the scope of an Information Society Service Provider (ISSP) can rely on the liability exemption in the E-Commerce Directive if it is lacking actual knowledge of the illegal activities on their platform. The liability exemption and together with the prohibition of a general monitoring obligation, leads to the main use of a Notice and Take Down (NTD) system. Because ISSPs want to avoid liability, they often remove the information in question immediately upon receipt of a notification, without investigating the alleged infringement or weighing up the interests. Rightholders can make use of this by sending notifications without being sure of an alleged infringement. This, together with the fact that the internet is changing rapidly and the volume of data is increasing enormously, means that a new regulated and harmonised system for preventing copyright infringements in the EU is necessary. Techniques will be used in order to avoid copyright liability without having a sluggish system relying on the human being. There are two large different systems that can perform an automatic check and use a database. On the one hand you have the digital watermarking where a visible or invisible mark on certain works leads to its direct recognition by the computer. A second system is the analysis of the media by recognising characteristics. Whether these techniques will fit into the new legal system is discussed below.
94 Case C-70/10 Scarlet Extended v. SABAM [2011] ECR I-11959, para. 44. 95 Art. 8, 11 and 16 Charter of Fundamental Rights of the European Union (Charter), 2010 OJ C 83/02. 96 Case C-360/10 SABAM v. Netlog (ECJ 16 February 2012), para. 42. 97 Case C-275/06 Promusicae v. Telefónica de España [2008] ECR I-00271.
21
3. Intermediary Copyright Liability and Compatibility
3.1. Introduction In order to harmonise copyright legislation in the EU, increase transparency and balance the contractual relations between content creators and publishers or producers, the European Commission (EC) established a new EU Copyright Directive.98 The new Directive essentially enlists hosting providers to police content of their users. The idea is not novel, but the proposed obligations would go much further than before, and the role in the copyright enforcement process changes from reactive to proactive. 99 This Chapter shows how a new vertical intermediary liability system will look like. This will be examined on the basis of case law, in which the focus will no longer be on the legal system, but on the fundamental principles at stake. Intermediary liability is often leading to a dispute with conflicting fundamental rights and therefore discussed at the highest court levels of the EU. Before discussing the fundamental clashes arising in case law, we will look at the new vertical system proposed by the EC.
3.2. The European Digital Single Market The EU has put forward a new strategy for a joint legislative approach to technology and its developments: The Digital Single Market Strategy (DSMS). Member States encountered the same issues individually and had to solve them at national level.100 The EU wants to harmonise legislation, including on copyright. The EU’s ambition is to give access to all Member States, while ensuring fair competition, consumer protection and data privacy. This is proposed by focusing on three pillars: consumers and businesses that have better access to online goods and services, the infrastructure that allows digital services to thrive and investment and research that maximise the growth potential of the digital economy. As part of the EU’s Digital Single Market Strategy, the EC wants to implement a new EU Copyright Directive.101 In recent years, the European Commission already tried in several ways to come up with solutions to restrict illegal
98 ‘Questions and Answers – European Parliament’s vote in favour of modernised rules fit for digital age’ (European Commission 2019)
22 material on the Internet. With the new provisions on copyright protection, the European Commission wants to introduce vertical rules that replace the current horizontal liability rules for intermediaries.
3.2.1. New EU Copyright Directive The EC made an evaluation of the ISSPs liability regime. The evaluation concluded that the regime served its purposes. However, improving the implementation of the E-Commerce Directive was necessary to achieve the E-Commerce Directive’s full potential. 102 The EC presented a reform of the ISSPs liability regime regarding copyright in the Digital Single Market Strategy, which implements a sectorial, problem-driven approach and is implemented by the European Union (EU) in 2015.103 The new EU Copyright Directive talks about the obligations for service providers to prevent copyright liability when users are uploading infringing materials on their platforms. The European Commission expressed that the new Copyright Directive aims to ‘clarify the role of online services in the distribution of works and other subject-matter’.104 On February 2019, negotiators from the European Commission and the European Parliament published the final text of the new EU Copyright Directive after a long debate that lasted two years. The European Council approved the Directive in April 2019. The debate was mainly about article 17 of the EU Copyright Directive, an important article for this research and which will lead to the use of CRTs by ISSPs. Therefore, this article and its consequences for practice will be discussed in detail. Not only article 17 of the new EU Copyright Directive is raising eyebrows. The other article that has been the subject of much criticism, is article 15 of the Directive. It is stipulating that major ISSPs may have to pay publishers or showing snippets of news articles. Although the objections to article 15 EU Copyright Directive may be less extreme, there has been much discussion about this article. First of all, it is unclear what kind of material exactly needs to be licensed. Is it about fragments, headlines or just the snippets themselves? This would give more responsibility for social media platforms with regard to checking uploaded content. It could also make it more difficult to share content on Facebook for example.
102 European Commission, ‘A coherent framework for building trust in the Digital Single Market for e-commerce and online services’ COM (2011) 942 final, p. 5. 103 European Commission, ‘Online Platforms and the Digital Single Market Opportunities and Challenges for Europe’ COM (2016) 288 final. 104 Ibid, page 2.
23
Article 17 of the new Copyright Directive in the Digital Single Market (DSM)105 intends to tackle the value gap. The value gap refers to the idea that revenues generated from the online use of copyright-protected content are being unfairly distributed between the different players in the value chain of online publishing. 106 You can distinguish different platforms in this matter; platforms that are subscription-funded, like Spotify and Netflix, require consent of the copyright holders to operate legally. While other platforms like YouTube and Vimeo operate around user created content (UCC). The article applies to:
‘Information society services whose main or one of the main purposes is to store and give the public access to a large amount of copyright protected works uploaded by its users which it organises and promotes for profitmaking purposes’
The article is talking about Information Society Service Providers without giving a definition to it. Most likely the definition following from the E-Commerce Directive and described in Chapter 2 applies. The article does not apply to non-profit online encyclopaedias, non-profit educational and scientific repositories, open source software developing and sharing platforms, electronic communication service providers, online marketplaces and business-to-business cloud services and cloud services allowing users to upload content of their own use. These excluded services are still covered by the liability exemption from the E-Commerce Directive.107 The only clarity provided by the article regarding the definition of an information society service is the profit motive criterion. The providers are performing an act of communication to the public when they are giving the public access to a large amount of copyright protected works uploaded by its users. The limitation of liability established in article 14(1) of the E-Commerce Directive does not apply to such acts.
105 European Commission, ‘Proposal for a Directive of the European Parliament and of the Council on copyright in the Digital Single Market’ COM (2016) 593 final. 106 Christina Angelopoulos, ‘EU Copyright Reform: Outside the Safe Harbours, Intermediary Liability Capsizes into Incoherence’ (2016) Kluwer Copyright Blog
24
The article provides for different requirements. With regards to all platforms covered by article 17 of the EU Copyright Directive, providers must make best efforts to license all copyright protected works uploaded by its users and the service make best efforts to take down works upon notice from the rightholders. ISSPs cannot know what their users will upload, requiring them to license almost all copyright protected work that may be capable of being uploaded. The vast majority of creators of copyright protected work will be disinterested in licensing. As a result, these ISSPs run a very high risk of liability because they will no longer be covered by article 14 E-Commerce Directive. The likely impossibility for ISSPs to obtain licenses for all works has often been discussed in the preparations for the new law. The mitigation measures have been included in article 17 EU Copyright Directive108 and will be discussed hereafter. The ISSP will be able to influence the material coming online by means of an automatic process and will therefore have no knowledge or control over it. If the measure qualifies as an active role of the ISSP, the liability regime for ISSPs radically changes. They will not only be held liable for errors but will be objectively responsible.109 First of all, the ISSPs, covered by article 17 of the EU Copyright Directive, must make every effort to obtain a license for all copyright protected works that may be uploaded by their users. It is unclear how this will be interpreted in practice and when the best possible efforts will be made for ISSPs. Unless it concerns a large provider, it will be impossible to conclude a license with many rightholders. This may also lead to expensive legal advice. With regards to providers covered by article 17 EU Copyright Directive having more than five million visitors per month, the ‘notice and stay down requirement’ is applicable. Services must make best efforts to prevent their future uploads of works that have bene taken down after a notice from the rightholders. And finally, platforms covered by article 17 EU Copyright Directive being more than three years old and having more than 10 million euros in yearly revenue, are required to insert a form of CRT. Services must make best efforts to ensure the unavailability of specific works for which the rightholders have provided the service provider with the relevant and necessary information and to prevent future uploads of works that have been taken down after a notice from rightholders. The use of SLAs will only be a solution between major ISSPs and
108 Art. 17(4) EU Copyright Directive. 109 Giancarlo F. Frosio, ‘From horizontal to vertical: an intermediary liability earthquake in Europe’ (2016) JIPLP 12(7), p. 565.
25 high-profile copyright owners. For small copyright owners and smaller ISSPs it will be difficult to engage in agreements because of their lack of influence.110 Many ISSPs will therefore end up with the obligation to insert CRTs because of the lack of power to agree upon SLAs with the copyright owners.
3.2.2. Practical consequences The obligation in article 17 EU Copyright Directive to license copyright protected work that can be uploaded on the platform is likely to result in a tension between ISSPs and their users.111 The pre-emptive licenses acquired by the ISSPs are defined as second level agreement (SLA). The copyright owner authorises the use of specified works by the platform’s users in return for royalties, company stakes, or ad revenue share.112 The agreements resulting from the new EU Copyright Directive will probably result in standardised agreement. With the use of these SLAs, the user’s interest tend to be neglected and will be more in favour to copyright owners than the platform users.113 An example for this is the development of the YouTube’s Content-ID system. Before 2012, YouTube’s users could file a dispute and then the copyright owner was able to make the decision and claim the video. The copyright owner’s decision made the dispute to an end.114 The process is now very biased in favour of the copyright owners. Because of the notice and takedown system, the right to defence the claim has been further eroded for YouTube’s users. Moreover, the SLAs are vulnerable for changing. An example for this is the termination of the agreement between Universal Music Group (UMG) and YouTube in 2009. UMG could not reach an agreement for prolonging the cooperation with YouTube, with a termination of the agreement as a result. UMG signed a new contract with Sevenload, who was the competitor of YouTube.115 But by the time of termination, UMG already had given many users permission to upload videos
110 Yafit Lev-Aretz, ‘Second Level Agreements’ (2012) Akron Law Review 45, p. 171 and 172. 111 Jie Wang, ‘Regulating hosting ISPs’ responsibilities for copyright infringement: The freedom to operate in the US, EU and China’ (2016) Maastricht University, p. 233. 112 Ibid, p. 152. 113 Abigail R. Simon, ‘Contracting in the Dark: Casting Light on the Shadows of Second Level Agreements’ (2014) William & Mary Business Law Review 305, p. 308; and Benjamin Boroughf, ‘The Next Great YouTube: Improving Content ID to Foster Creativity, Cooperation, and Fair Compensation’ (2014) Albany Law Journal of Science and Technology, p. 16. 114 Abigail R. Simon, ‘Contracting in the Dark: Casting Light on the Shadows of Second Level Agreements’ (2014) William & Mary Business Law Review 305, p. 325. 115 Holger Schmidt, ‘Die Antwort auf Youtube: Universal-Musikvideos jetzt auf Sevenload’ (Frankfurter Allgemeine 2009)
26 with integrated music from UMG. After the termination, it was unclear what the procedure would be with the already uploaded videos. 116 With the use of SLAs, the copyright claim mechanism may be abused. Rightholders need to have exclusive rights to the materials, they just cannot claim third party content or content being fairly used. But with the use of CRTs, some people are able to claim public domain content because of the front-end ownership verification.117 Some game companies were experiencing these false claims. They had to ask users of the game to contest the matches and then they found out who was claiming the content.118 Fairly uploaded content is vulnerable to be monetised or blocked by copyright owners, as the technologies will not be able to make the distinction between fairly uploaded content and content that is infringing copyright.119 Furthermore, there is some legal risk when ISSPs will use CRTs. Instead of letting users agree with the terms of service that are exempting them from the content of uploads, they are responsible for infringing uploaded material. They will derive some public pressure to ensure the measures will protect Internet users’ interest and measures that can prevent taking fairly used material offline. With YouTube’s new Content ID system in 2012, YouTube announced that it will support its users in defending their rights, up to one million dollars.120 With this YouTube wanted to reduce the increasing distance with the necessary users. It is therefore important, especially because of the obligation for many large hosting platforms, that users will feel supported in situations where a human judgment will be necessary. The second drawback is Facebook and Google probably being the only ones able to implement CRTs, due to the high costs and the required capacity. This can have several major consequences. First of all, it will be more difficult for companies to fight the dominant position of the major platforms with a negative impact on innovation and less freedom of choice for consumers as a result. Secondly, the independent creators of copyright protected content such as musicians and vloggers, the group for which the new EU Copyright Directive should be most advantageous, can only publish their work on one or just a few platforms. This is bad for their
116 Yafit Lev-Aretz, ‘Second Level Agreements’ (2012) Akron Law Review 45, p. 172 and 173. 117 Benjamin Boroughf, ‘The Next Great YouTube: Improving Content ID to Foster Creativity, Cooperation, and Fair Compensation’ (2014) Albany Law Journal of Science and Technology, p. 9. 118 Tripp Papineau, ‘Industry fights back as YouTube begins mass cull of game videos’ (E:Info Games 2013) < http://einfogames.com/news/industry-fights-back-youtube-begins-mass-cull-game-videos%E2%80%8F/> accessed 6 April 2019. 119 Benjamin Boroughf, ‘The Next Great YouTube: Improving Content ID to Foster Creativity, Cooperation, and Fair Compensation’ (2014) Albany Law Journal of Science and Technology, p. 12. 120 P.H. Madore, ‘YouTube Will Pay Up To $1 Million in Legal Fees For Qualifying Users’ (Hacked 2015)
27 freedom of choice and will weaken their negotiation position. The use of CRTs restricts their freedom of choice, will weaken their negotiation position and is an attack on the freedom of expression as the major intermediaries have the dominant position in the public debate. It is necessary that all the information can be freely exchanged and that everyone can discuss urgent and important social issues. In 2018, several times blocking certain content has led to information and debate being restricted online. For example, YouTube deleted the account of the non-profit organisation Women on Waves, which wants to raise awareness of abortion laws. YouTube removed the account 30 days before the Irish abortion referendum because the non- profit organisation had violated the ‘community guidelines’, according to YouTube. Videos about safe abortion and reliable medical information were taken offline. No details about the deletion were published and no response from YouTube to Women on Waves’ objection is received. After a while it turned out that the guidelines had not been violated, but after the account was online for a while, videos were later taken offline again by YouTube.121 The removal of content will most likely be anything but reserved. CRTs cannot separate illegal content from content that is recognised by the system, but may be uploaded on the basis of the copyright exceptions that apply to the use of copyright protected work, such as the creation of a parody. Intermediaries will ensure limited liability by removing too much content rather than removing too little content. With the new EU Copyright Directive, ISSPs can choose not to block the content on the basis of the law because they will then have to meet all kinds of requirements, but on the basis of the general conditions. If they have to comply with the law, they would have to build complex software and set up a complicated and time-consuming complaints procedure costing a lot of money. By translating the legislation into general terms and conditions and community guidelines, intermediaries can ensure that they remove content based on their guidelines, not based on the law designed to protect the users. An example of this is the US’ recent adoption of a law, making intermediaries responsible for sex work advertising.122 As a result, the intermediaries modified their terms and conditions by referring to sexual acts and stating that content related to that may not be uploaded. This means a restriction of the freedom of expression in the US, without the safeguards from the law.
121 ‘YouTube censors lifesaving abortion information’ (Women on Waves 2018)
28
3.3. Fundamental compatibility The Charter of Fundamental Rights (Charter) is binding as from 1 December 2009, when the Treaty of Lisbon entered into force. 123 The provisions of the Charter are applicable for institutions, bodies and agencies of the European Union and to Member States.124 Member States must find a fair balance between the various fundamental rights when interpreting and applying European legislation, including when transposing the new EU Copyright Directive. The Charter is very important for analysing intermediary liability and all EU secondary legislation and national legislation falling within the scope of the EU must be interpreted in light of the Charter.125 The European Commission stated that platforms mediating access to content for most internet users, have a significant social responsibility in terms of protecting users and society from illegal content on their platform. And with that in mind, they have to balance the fundamental rights at stake.126 The ECJ even acknowledged that article 15 of the E-Commerce Directive is enshrined in articles 8 and 11 of the Charter on protection of personal data and of freedom of expression and information.127 The ECJ did not declare the right of intellectual property inviolable.128
3.3.1. Freedom to conduct a business The right to conduct business is recognised in 1974129 and incorporated in article 16 Charter. The provision is very brief and formulated in a relatively vague manner:
‘The freedom to conduct a business in accordance with Community law and national laws and practices is recognised.’
123 Charter of Fundamental Rights of the European Union (Charter), 2010 OJ C 83/02. 124 Art. 51(1) Charter. 125 Koen Lenaerts, ‘Exploring the Limits of the EU Charter of Fundamental Rights’ (2012) European Constitutional Law Review 8(3), p. 376. 126 European Commission, ‘Tackling Illegal Content Online Towards an enhanced responsibility of online platforms’ COM (2017) 555 final, page 2 and 3. 127 Case C-360/10 SABAM v. Netlog (ECJ 16 February 2012), para. 48 and Case C-70/10 Scarlet Extended v. SABAM [2011] ECR I-11959, para. 50. 128 Case C-360/10 SABAM v. Netlog (ECJ 16 February 2012), para. 41 and Case C-70/10 Scarlet Extended v. SABAM [2011] ECR I-11959, para. 43. 129 Case 4/73 Nold v. Commission of the European Communities [1975] ECR 00985.
29
The freedom to conduct a business is an absolute right and therefore cannot be subject to legitimate restrictions.130 The right should be balanced against the right to property131 and other Charter rights. The Charter distinguishes between the freedom to conduct a business and the right of establishment in another Member State. 132 The right of establishment protects the freedom to move within the EU when you want to set up a new business. The freedom to conduct a business applies in all situations that fall under the scope of application of EU law and is therefore not restricted to such a context. It does not matter if there is a trans-border element or not.133 Freedom to conduct business includes the right to exercise economic and commercial activities in freedom134, the freedom to contract135 and free competition.136 It covers the freedom to conclude contracts that allow companies to choose who to do business with and who not. According to this right, companies also have the freedom to make use of economic, financial and technical means.137 Content recognition technologies will affect the right to conduct business because ISSPs will be obliged to cooperate with the person who has the exclusive rights over the protected work. This means that the rightholders of copyright protected works ultimately have a great influence, without the ISSP ultimately having the opportunity to make a choice in the persons with whom it wishes to collaborate. As a result, rightholders are able to set high standards than may be necessary. The ISSP is obliged to cooperate with these rightholders. This will not only affect the freedom of contract, but can also have major financial consequences for the ISSP. These high financial requirements are accompanied by the technology that ISSPs have to deploy and can impose a high financial burden on ISSPs, especially on those platforms that are less large and have less financial resources. The changing liability regime of ISSPs leads to the use of content recognition systems. The current ways of Internet management, as discussed in Chapter 2, shall be limited to those systems being able to check the content on copyright protected material prior to publishing. ISSPs will only have the choice in technological systems that can entail high costs. In the
130 Hugh Collins (ed), The forthcoming EC Directive on Unfair Commercial Practices (Kluwer Law International 2004), p. 91-92. 131 Art. 17 Charter. 132 Art. 15(2) Charter. 133 Case C-426/11 Alemo-Herron v. Parkwood Leisure (ECJ 18 July 2013), Opinion of AG Cruz Villalón, para. 51. 134 Case 4/73 Nold v. Commission of the European Communities [1975] ECR 00985, para. 14. 135 Case 151/78 Sukkerfabriken v. Ministry of Agriculture [1979] ECR 00001, para. 20. 136 Art. 119 TFEU. 137 Case C-314/12 UPC Telekabel Wien v. Constantin Film (ECJ 27 March 2014), para. 49.
30
SABAM v. Netlog case, the Court emphasised that it can constitute a complex process that requires an expensive system. The system leads, according to the Court, to a restriction of the freedom to conduct business because it imposes an obligation to use a complicated, costly and permanent system. 138 An evidence for this is for example SoundCloud that implemented a content recognition system by spending 5 to 10 million euros on the development of the system. In addition to that, SoundCloud also employed 12 fulltime employees for the development of that content recognition system. The use of such systems will lead to a large financial burden on companies. Especially for smaller platforms, the use of those systems can form an attack on the company’s activities. This is not in line with the ECJ’s view that compulsory measures, including an obligation to check third party generated user’s content beforehand, should not be too expensive.139
In the preliminary ruling procedure Scarlet SA v. SABAM, the ECJ answered the question of whether the relevant EU legislation on intellectual property rights in the information society interprets as precluding an order to an ISSP to put in place an electronic communications filtering system to prevent the exchange of copyright infringing files. In doing so, the ECJ struck a balance between the rights to property of persons affected by measures taken by an ISSP under article 17, sub 2, of the Charter and the right to conduct business. The high costs of purchasing a complex and expensive computer system in order to protect the copyright of rightholders is thus a disproportionate balance with the right to conduct business. A court order to implement a filtering system would not strike the right balance between the protection of copyright holders and the right to freedom to conduct a business of ISSPs. A similar case is the UPC case, where the ECJ had to strike a balance between the right to conduct business and the Internet users’ right to freedom of information. The central question was whether ISSPs’ freedom to conduct business precludes an order imposed on ISSPs to block its customers’ access to a website that has copyright protected content online. The ECJ has confirmed that such an injunction does restrict the right to conduct business since it obliges ISSPs to take measures. According to the ECJ, these measures can have a major impact on ISSPs because they not only entail significant costs, but
138 Case C-360/10 SABAM v. Netlog (ECJ 16 February 2012), para. 46. 139 Case C-324/09 L’Oréal v. eBay [2011] ECR I-06011, para. 139.
31 also require difficult and complex solutions. These solutions will have to be technical in nature and have a major impact on the organisation and activities of an ISSP. However, the ECJ found that there is no conflict with the essence of the right to conduct business. The ECJ wants to have national rules for the ISSPs to be able to challenge the right to conduct business in the national courts. In addition to that, the implementation of such systems is also in the interest of the ISSP itself, according to the ECJ. This is because this way prevents (future) liability of the ISSP.
3.3.2. Freedom of expression and information Furthermore, a content recognition system will be unable to distinguish between lawful and unlawful content and can therefore potentially undermine the freedom of expression and information.140 Freedom of expression and information is enshrined in article 11 of the Charter and derived from article 10 ECHR. The provision is essential for the democratic EU and reads:
‘Everyone has the right to freedom of expression. This right shall include freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers’
The right includes the freedom to have ideas, the freedom to have an opinion and to express it to others. This right, too, is not an absolute right and must be balances with other legitimate aims. The content of the right can therefore be limited. However, there is no case law on how far this right extends, but there is case law that balances other fundamental rights. A discussion of these cases follows in the next paragraph.
An example where a restriction on the right to property was justified is the judgment of the General Court (GC) of the ECJ in the FIFA cases.141 FIFA and UEFA had submitted to the GC that the British and Belgian rules prohibiting exclusive television rights to certain events such as the European Championships and World Championships would infringe the freedom to provide
140 Lilian Edwards (ed), The New Legal Framework for eCommerce in Europe, (Hart Publishing, Portland 2005), p. 74. 141 Case T-385/07 FIFA v. European Commission [2011] ECR II-00205 and Case T-68/08 FIFA v. European Commission [2011] ECR II-00349.
32 services and competition. FIFA and UEFA considered that not all events had a significant social interest, as the GC claimed. The GC responded by saying that the broadcasting of an event based on a substantial interest for society may result in it constituting an obstacle to the right to property.142 The right to information was thus more important in this case than the right to exclusive rights, which is the right to property. On the other hand, Advocate General (AG) Jääskinen in the L’Oreal v. eBay case143 and the ECJ in the Telekabel Wien case144 are taking a different approach in this. According to the AG’s opinion, freedom of expression and information does not infringe intellectual property rights because the Charter protects intellectual property rights too.145 In the Telekabel Wien case, the ECJ allows measures to block certain content, if safeguards are in place.146 Notwithstanding the foregoing, in this case ECJ determines that this should not affect users of the service who use the service in an appropriate manner.147 The cases concerned the blocking of websites instead of blocking files or texts themselves. Despite the difference, it follows that a requirement prohibiting access to copyright protected work is not unlawful with regard to the freedom of expression and information. Making a balance between the different fundamental rights will lead to the prevention of an infringement, together with the provision of guarantees for users. It is unclear whether there are measures in place that can prevent an infringement of a copyright and at the same time do not affect freedom of expression. Because automatic content recognition technologies cannot distinguish between lawful and unlawful communication, the use of content recognition technologies will affect the substance of the freedom of expression and a proportionate balance is missing.
3.3.3. Right to protection of personal data Article 8 of the Charter governs the right to protection of personal data and reads as:
‘Everyone has the right to the protection of personal data concerning him or her.’
142 Case T-385/07 FIFA v. European Commission [2011] ECR II-00205, para. 143 and Case T-68/08 FIFA v. European Commission [2011] ECR II-00349, para. 139. 143 Case C-324/09 L’Oréal v. eBay [2011] ECR I-06011, Opinion of AG Jääsken. 144 Case C-314/12 UPC Telekabel Wien v. Constantin Film (ECJ 27 March 2014). 145 Case C-324/09 L’Oréal v. eBay [2011] ECR I-06011, Opinion of AG Jääsken, para. 158. 146 Case C-314/12 UPC Telekabel Wien v. Constantin Film (ECJ 27 March 2014), para. 47. 147 Ibid, para. 56.
33
According to the provision, processing of personal data is only possible when it is for specific purposes and has a legitimate basis in the law. Under article 52 sub 1 of the Charter and article 8 sub 2 ECHR, the right to protection of personal data may be restricted if it protects the rights and freedoms of others. The protection of personal data is also included in the GDPR since May 2018. This regulation is a very important source to get a clear understanding of the right to protection of personal data. Content recognition technologies are processing information from the uploader to identify the content and the uploader himself. In both the SABAM cases, the ECJ stated that a filtering system requires the ‘identification, systematic analysis and processing of information’ of users of the service in question.148 Most ISSPs require you to enter an email address to create an account. If in the future the user wants to put certain information online on the platform in question, it is possible for the ISSP to use a filter system to link the uploaded information to the correct account, and therefore also to the person behind it. Through the email addresses, ISSPs can identify the user and therefore personal data is involved.149 It is also possible for an ISSP to find out who put a file online without the user creating an account. ISSPs are able to store the IP addresses of the visitors. Despite the fact that the ISSP cannot trace the person directly, the ECJ determined that IP addresses could be qualified as personal data.150 One way or another, with IP addresses you can identify users.151 Article 29 Working Party (WP), the Working Party on the protection of individuals with regard to the processing of personal data, states that when ISSPs process IP addresses to identify copyright infringers, the information regarding the IP addresses is personal data since the addresses are unique identifiers.152 With the information, you can identify each individual. It therefore qualifies as personal data processing.153 The use of CRTs will probably lead to identification of users through the processing of IP addresses. The processing needs to respect the principles for data processing and requires a legal basis.154
148 Case C-70/10 Scarlet Extended v. SABAM [2011] ECR I-11959, para. 51 and Case C-360/10 SABAM v. Netlog (ECJ 16 February 2012), para. 49. 149 Art. 4 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR), OJ L119/1. 150 Case C-275/06 Promusicae v. Telefónica de España [2008] ECR I-00271, para. 45 and Case C-582/14 Patrick Breyer v. Bundesrepublik Deutschland (ECJ 19 October 2016), para. 49. 151 Case C-70/10 Scarlet Extended v. SABAM [2011] ECR I-11959, para. 51. 152 Art. 29 WP, ‘Opinion 4/2007 on the concept of personal data’ WP 136, p. 16. 153 Art. 4 GDPR. 154 Art. 5 and 6 GDPR.
34
A right balance is necessary between the right to property on the one hand, and the right to data protection on the other. The first case in which the ECJ made a balance between these rights is the Promusicae case.155 More specifically, the issue at stake in this case was the extent to which ISSPs can be required to give identifying data of their users to copyright holders’ societies. A Spanish Internet access provider, Telefónica, refused to disclose personal data of certain users to Promusicae, a non-profit organisation of music producers and musical publishers. Promusicae wanted this information in order to start civil proceedings against the persons who used a file exchange program in which the Promusicae members owned the exploitation rights of the program. The ECJ concluded that the Member States must take care of a fair balance between the different fundamental rights.156 Member States are not required to oblige ISSPs to provide personal data of the Internet user to third parties in the context of civil proceedings.157 However, when striking the right balance between the different fundamental rights, the ECJ considers such an obligation permissible. The ECJ does not give a clear direction to Member States and says that Member States can come up with a solution themselves. In the similar Bonnier Audio case158, the Swedish judge asked for a preliminary ruling from the ECJ. The applicants in this case are publishers of audio books. These publishers own various audio books. An ISSP, called ePhone, made these audio books accessible to the public by making a broadband connection available. The applicants demanded the name and address details of the user of the broadband connection. ePhone did not comply with this request, invoking the Data Retention Directive159. The ECJ ruled that the Data Retention Directive did not prevent the disclosure of data of an infringing user of a service.160 However, as in the Promusicae case, the ECJ does stress the need to strike the right balance between the various interests. It is irrelevant whether a Member State has actually implemented the Data Retention Directive.161 This case merely repeats and confirms the Promusicae ruling. There is no clear direction given for Member States here either, and no
155 Case C-275/06 Promusicae v. Telefónica de España [2008] ECR I-00271. 156 Ibid, para. 68 and 70. 157 Ibid, para. 54 and 60. 158 Case C-461/10 Bonnier Audio v. Perfect Communication (ECJ 19 April 2012). 159 Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC (Data Retention Directive), OJ L105/54. 160 Case C-461/10 Bonnier Audio v. Perfect Communication (ECJ 19 April 2012), para. 36, 55 and 56. 161 Ibid, para. 61 and 65.
35 solution is given in the event of a conflict between the right to protection of personal data on the one hand and the right to property on the other. Another case where the battle with data protection came to the fore is the Digital Rights Ireland case. It discussed the Data Retention Directive and identified it as a serious invasion of privacy. The Directive requires communication services to retain data relating to the privacy and communications of individuals. The ECJ found that it exceeds the proportionality limit in article 52 of the Charter. As a result, the Directive is ultimately declared invalid. The use of content recognition technologies can therefore result in a violation of users’ privacy rights. If ISSPs want to limit liability and automatically check content, there is a good chance that users’ privacy rights will be violated.
3.4. Fundamental restrictions Art. 52(1) Charter sets out the scope of the fundamental rights in the Charter. In the Kjell Karlsson case, the ECJ decided that ‘restrictions may be imposed on the exercise of fundamental rights, in particular in the context of a common organisation of the market’.162 As discussed above, the use of content recognition technologies may lead to an infringement of fundamental rights. These infringements must meet cumulative requirements for a limitation to be justified. Therefore, the requirements should all be met for a fair limitation.163 Any limitation on the exercise of the rights and freedoms of the Charter must be provided by law and respect the essence of those rights and freedoms. In addition to that, and subject to the principle of proportionality, limitations may be made only if or when in need to protect the rights and freedoms of others.164 The limitation must be provided by law, either by national law165 or by EU legal acts166. The law should be accessible and foreseeable. An act is accessible if it is properly published, for instance in the EU Official Journal. Foreseeability requires an act to be formulated with sufficient precision to enable the individual to adapt his or her behaviour to the provided provision. He or she must be able to foresee, to a reasonable degree, the consequences that an act entails. The scope of any discretion conferred on the competent authorities implementing the law
162 Case C-292/97 Kjell Karlsson and others v. Sweden [2000] ECR I-02737, para. 45. 163 Paul Craig and Gráinne de Búrca, EU Law Text, Cases and Materials, (Oxford University Press Inc, New York 2011), p. 397. 164 Art. 52(1) Charter. 165 Case C-650/12 Thierry Delvigne v. Commune de Lesparre Médoc and Préfet de la Gironde (ECJ 6 October 2015), para. 47. 166 Case C-190/16 Werner Fries v. Lufthansa CityLine GmbH (ECJ 5 July 2017), para. 37; and Case C-601/15 J.N. v. Staatssecretaris van Veiligheid en Justitie (ECJ 15 Februari 2016), para. 51.
36 should also be indicated with sufficient clarity.167 By checking whether or not the essential content168 of the right at issue is affected, it could be determined whether the limitation respects the essence of the fundamental rights at issue. An example for this is the Schrems case.169 In this case, there was an impairment of the essence of fundamental rights to privacy170 and the effective judicial protection171. The ECJ considered that legislation not providing any possibility for an individual to pursue legal remedies in order to have access to personal data relating to him, or to obtain the rectification or erasure of such data, does not respect the essence of the right to effective judicial protection.172 Furthermore, in order to ensure limitations are proportionate, the disadvantages of the limitation must not be disproportionate to the aim, the general interest, pursued.173 The limitation should not impose a disproportionate and excessive burden on the persons concerned by the limitation in relation to the objective pursued.174 When there are several rights and fundamental freedoms at issue, the assessment of the possible disproportionate nature of a provision must be carried out with a view to reconciling the requirements of the protection of those different rights and freedoms and a fair balance between them. 175 Measures may not exceed the limits of appropriateness and necessity in order to attain the objectives legitimately pursued by the legislation in question. When there is a choice between different appropriate measures, recourse must be had to the least onerous, and the disadvantages caused must not be disproportionate to the aims pursued.176 In the Sky Österreich case177, the question was about the necessity of the measure limiting the fundamental right of intellectual property 178 . the ECJ ruled that Sky
167 Sunday Times v. United Kingdom (App no 6538/74) ECHR 26 April 1979, para. 49; and Malone v. United Kingdom (App no 8691/79) ECHR 2 August 1984, para. 68. 168 The ECJ also uses expressions like ‘actual substance’, ‘the very principle’ and ‘the very substance’; see for example Joined Cases C-379/08 and 380/08 Raffinerie Mediterranee and Others v. Ministero dello Sviluppo economico and Others (2010) ECR I-02007, para. 88. 169 Case C-362/14 Schrems v. Data Protection Commissioner (ECJ 6 October 2015). 170 Art. 7 Charter. 171 Art. 47 Charter. 172 Case C-362/14 Schrems v. Data Protection Commissioner (ECJ 6 October 2015), para. 94 and 95. 173 Joined Cases C-92/09 and C-93/09 Volker and Markus Schecke v. Land Hessen (2010) ECR I-11063, para. 76 and 77. 174 Case C-258/14 Eugenia Florescu and Others v. Casa Judeteaña de Pensii Sibiu and Others (ECJ 13 June 2017), para 58. 175 Case C-283/11 Sky Österreich v. Österreichischer Rundfunk (ECJ 22 January 2013), para. 60; and Case C-275/06 Promusicae v. Telefónica de España [2008] ECR I-00271, para. 65 and 66. 176 Case C-134/15 Lidl v. Freistaat Sachsen (ECJ 30 June 2016), para. 33; and Case C-283/11 Sky Österreich v. Österreichischer Rundfunk (ECJ 22 January 2013), para. 50. 177 Case C-283/11 Sky Österreich v. Österreichischer Rundfunk (ECJ 22 January 2013). 178 Art. 17 Charter.
37
Österreich, as exclusive broadcasting rightholder for Europa League soccer matches, must grant the right to gain free access to the satellite signal to make short news reports of these matches. Article 15(6) of the Audiovisual Media Services Directive179, obligating broadcasting providers of giving other broadcasting providers access to material of high interest for the public without being able to seek remuneration, was forming a limitation on the fundamental right. Although a less restrictive measure could have been implemented, the provision of the Audiovisual Media Services Directive was considered to be necessary. 180 Nonetheless, the ECJ ruled in Tele2 Sverige that legislation is not justified when it exceeds the limits of what is strictly necessary. The preventive measure in this case, the retention of traffic and location data for the purpose of fighting serious crime, should be restricted to what is strictly necessary. Meaning that there should be minimum safeguards in place with sufficient guarantees, while the legislation indicates under what circumstances the data can be retained.181
3.5. Conclusion As part of the Digital Single Market Strategy and to harmonise the current intermediary liability system, the European Commission established a new EU Copyright Directive. The value gap should be tackled with the new article 17 EU Copyright Directive. Large platforms such as Google and Facebook will be subject to a different vertical liability system in two years' time. Unless the ISSPs in question have licenses with rightholders, a pre-upload check will have to take place in order to avoid liability. Given the impossibility to license all content, ISSPs are forced to switch to CRTs not able to make a proper distinction between the unlawful use of copyright-protected work and its use on the grounds of the copyright exceptions, such as the right to parody or to criticize. CRTs will affect the right to conduct a business, the right to freedom of expression and the right to protection of personal data.
179 Directive 2010/13/EU of the European Parliament and of the Council of 10 March 2010 on the coordination of certain provisions laid down by law, regulation or administrative action in Member States concerning the provision of audiovisual media services (Audiovisual Media Services Directive), OJ L95/1. 180 Case C-283/11 Sky Österreich v. Österreichischer Rundfunk (ECJ 22 January 2013), para. 57. 181 Joined Cases C-203/14 and C-698/14 Tele2 Sverige v. Post-och and Secretary of State (ECJ 21 December 2016), paras. 105, 106 and 107.
38
4. Intermediary Copyright Enforcement in the future
4.1. Introduction From a policy perspective, the economic consequences of a mandatory provision imposing CRTs must be taken into account. These techniques are not only entailing high costs that are unsustainable for start-ups and small ISSPs, but are also having limited effectiveness as they are easy to circumvent and not able to identify exemptions for using copyright protected material.182 Over the past five years, Europe has been working on the Digital Single Market mainly from an economic perspective. One might wonder, however, whether we in Europe are now running up against the purely economic limits. The European Parliament (EP) stresses that the limited liability of intermediaries is essential to the protection of the openness of the internet, fundamental rights, legal certainty and innovation. 183 In the previous Chapter, the friction between the new EU Copyright Directive and fundamental rights in the EU was discussed. The main problem following from that discussion, is the need to strike a proportionate balance between the different rights at stake. It is a risk to rely on CRTs preventing copyright protected works from uploading. For this reason, a number of suggestions are given hereafter that could possibly be used to supplement or amend the new system. But firstly, we will explain why the current horizontal system of the E-Commerce Directive is outdated. This is contrary to the EP’s opinion, considering the E-Commerce Directive to be future-proof and technologically neutral.184 After discussing the necessary vertical liability system and the need for a fair balance assessment, different copyright enforcement systems are suggested in order to come to an appropriate copyright enforcement system in the future legal framework.
4.2. Vertical intermediary liability approach The current horizontal approach used in the European legal framework is outdated. This system uses a one-size-fits-all solution, leading to the main use of the NTD procedure regarding copyright infringements. With the new EU Copyright Directive entering into force, the intermediary liability system is slowly changing towards a vertical system. Given the
182 Giuseppe Colangelo and Mariateresa Maggiolino, ‘ISPs’ Copyright Liability in the EU Digital Single Market Strategy’ (2017) International Journal of Law and Information Technology, p. 10. 183 European Parliament, ‘Towards a Digital Single Market Act’ (2016) Resolution C11/55, para. 73. 184 Ibidem.
39 jurisprudence and the emphasis of both the ECJ and the ECtHR on the need to strike a fair balance between the rights at stake, a calibrated system would be more appropriate. The case law shows that a fair balance is the judicial tool for assessing fundamental rights clashes. There are two reasons for this. The ECJ has indicated that intermediary liability cases are not about a conflict between absolute rights, but between rights of a relative nature. The rights in question can be limited by countervailing rights.185 The ECtHR complemented this by saying that there is no hierarchy between the different relative fundamental rights. These rights should be treated equally.186 Although the current system is horizontal in nature, it follows from European case law that there is a great need for more flexibility with regard to intermediary liability. A solution lies in a legal system in which the changing circumstances and the appropriate jurisdiction, in this case intellectual property law, are taken into account in the assessment of potential liability for hosting providers with regards to user generated content. With the renewal of the rules on the liability of intermediaries, the EU has chosen a path towards a vertical system. This is a good development because, in view of the aforementioned fair balance test, the current horizontal system is obsolete. The question that follows is the kind of copyright enforcement system would best fit into the vertical legal system and whether the new EU Copyright Directive fits into the ideal system. The current EU legal system already provides some guidance on the legal system that can strike a balance between the different rights and interests of the parties involved in relation to intermediary liability. For example, the E-Commerce Directive187 and the case law of the ECJ188 have shown that a general monitoring obligation on intermediaries is not able to lead to a fair balance of fundamental rights.
4.2.1. Fair balance test The solution for intermediary liability must be found in the theory of fair balance, because the highest European courts rely on it again and again. Despite the fact that case law speaks of the need for a fair balance, these judgments are also criticised. In some judgments the courts are vague and give little meaning to the legal system of intermediary liability. In the important
185 Case C-360/10 SABAM v. Netlog (ECJ 16 February 2012), para. 41-43 and Case C-70/10 Scarlet Extended v. SABAM [2011] ECR I-11959, para. 43 and 44. 186 Delfi AS v. Estonia (App no 64569/09) ECHR 16 June 2015, para. 138 and 139. 187 Art. 15 E-Commerce Directive. 188 Case C-70/10 Scarlet Extended v. SABAM [2011] ECR I-11959, para. 48; Case C-360/10 SABAM v. Netlog (ECJ 16 February 2012), para. 50; and Case C-314/12 UPC Telekabel Wien v. Constantin Film (ECJ 27 March 2014), para. 47.
40
Promusicae case discussed in Chapter 3, the ECJ determined that it is up to the Member States to find a fair balance between different conflicting fundamental rights. 189 In addition, there is criticism in the literature on rulings in which the fair balance between the different rights is constantly being invoked without giving a clear explanation of the concept fair balance in any case, so that the concept remains an empty slogan.190 The concept of fair balance is, without further explanation, vacuous and unhelpful. 191 The fair balance tool in key jurisprudence determining intermediary liability is therefore the main reason for opting for a vertical system, as it means that different actions cannot be assessed by a single system to determine possible liability of the intermediary. The ECJ has previously ruled in the Telekabel Wien case that safeguards should be put in place that contribute to a fair balance of the different rights and interests of the different parties. All the parties have to accept that not all fundamental rights can be fully defended because there are different parties involved, such as the users, the provider, the rightholders and third parties. Respecting a balance between the different interests and rights means that the measures taken to avoid liability should avoid unnecessary infringement of fundamental rights.192 The ECJ has imposed on the ISSP the obligation to strike a balanced balance in this case.193 As a result, contrary to the principle that human rights duties are intended for the Member States themselves194, the intermediary has been given the duty by the ECJ itself to make a fair balance of interests. Member States cannot escape from the obligation to strike a fair balance by giving the obligation to the ISSPs.195 An absolute immunity for ISSPs cannot be given. The very substance of the fundamental rights should be kept in place196 and a balance must be struck that retains the essence of the fundamental rights.197 Following case law, it is difficult to formulate a clear meaning for this fair balance because it has a changing character in view of changing circumstances and social developments. In the
189 Case C-275/06 Promusicae v. Telefónica de España [2008] ECR I-00271, para. 68. 190Tuomas Mylly, ‘The Constitutionalization of the European Legal Order: Impact of Human Rights on Intellectual Property in the EU’ in Christophe Geiger (ed), Research Handbook on Human Rights and Intellectual Property (Edward Elgar Publishing, Cheltenham 2015), p. 130. 191 Jonathan Griffiths, ‘Constitutionalising or Harmonising? The Court of Justice, the Right to Property and European Copyright Law’ (2013) European Law Review 38, p. 72. 192 Case C-314/12 UPC Telekabel Wien v. Constantin Film (ECJ 27 March 2014), para. 64. 193 Ibid, para. 55-64. 194 David Harris (ed), Law of the European Convention on Human Rights (Oxford University Press, Oxford 2014), p. 23. 195 Fanny Coudert and Evi Werkers, ‘In the Aftermath of the Promusicae Case: How to Strike the Balance?’ (2010) International Journal of Law and Information Technology 18, p. 71. 196 Case C-314/12 UPC Telekabel Wien v. Constantin Film (ECJ 27 March 2014), para. 51. 197 Delfi AS v. Estonia (App no 64569/09) ECHR 16 June 2015, para. 110.
41
L’Oreal v. eBay case198, the ECJ ruled that ISSPs may be subject to infringements of intellectual property rights, in this case trademarks. This is regardless of the liability that already rests on these ISSPs. The injunctions issued in that case must be ‘effective and dissuasive’ and the national rules applicable to it must be ‘designed in such a way that the objective pursued by the Directive may be achieved’. 199 At the same time, the measures imposed should be ‘fair, proportionate and not prohibitively expensive’. 200 They must also ‘not create barriers to legitimate trade’.201 For an explanation of the fair balance between different rights and interests, the Promusicae judgment can be relevant.202 There was a conflict between fundamental rights to property and the right to effective judicial protection on the one hand and the protection of personal data and private life on the other. In doing so, the ECJ has provided that ‘the authorities and courts of the Member States must not only interpret their own national law in a manner consistent with (the European) directives but also make sure that they do not rely on an interpretation of them which would be in conflict with those fundamental rights or with the other general principles of Community law, such as the principle of proportionality’.203
4.3. Compatible copyright enforcement system The ECtHR has already given an opinion in important court cases in which it indicates that the NTD procedure is a system that in many cases could be an appropriate tool to weigh up different rights and interests, if accompanied by effective procedures allowing for rapid response.204 A NTD system, which is now the main actor in the horizontal liability regime, could lead to the required balance being struck if it could be applied quickly. As described earlier, such a system is a low-cost solution, but there is a good chance, particularly in the field of copyright, that dubious notices can be sent to the hosting provider.205 The ISSP then has little motivation to defend or challenge the rights of users and may suffer a major disadvantage if such notices are
198 Case C-324/09 L’Oréal v. eBay [2011] ECR I-06011. 199 Ibid, para. 136. 200 Ibid, para. 139. 201 Ibid, para. 140. 202 Case C-275/06 Promusicae v. Telefónica de España [2008] ECR I-00271. 203 Ibid, para. 68 and 70. 204 Delfi AS v. Estonia (App no 64569/09) ECHR 16 June 2015, para. 159 and Magyar Tartalomszolgáltatók Egyesülete (MTE) & Index v. Hongary (App no 22947/13) ECHR 2 Februari 2016, para. 91. 205 Wendy Seltzer, ‘Free Speech Unmoored in Copyright’s Safe Harbor: Chilling Effects of the DMCA on the First Amendment’ (2010) Harvard Journal of Law & Technology 24, p. 178.
42 ignored. This will lead to the follow-up of the messages of the rightholders and therefore the content will usually be removed, without a fair balance of the different rights and interests.206 The use of CRTs prior to uploading will lead to a continuous discussion about the definition of ‘reasonable’. Ultimately, the decision will be left to national courts to determine what can reasonably be expected from ISSPs. The new EU Copyright Directive does not provide much guidance on this. However, if we look at the jurisprudence already discussed, there are a few things that can be noted in this respect. After all, ISSPs are already obliged to, if necessary in the context of other fundamental rights, cooperate with the relevant rightholders.207 A strict monitoring obligation which is unfair, disproportionate or costly, cannot be compulsory.208 If they interfere too much with the content online, a direct infringement with full liability will result.209 Nevertheless, ISSPs will have to take all possible measures. In doing so, they have to ensure that the measures do not unnecessarily deprive internet users of the possibility of lawfully accessing information. The measures should have the effect of preventing unauthorised access to the protected subject-matter. Or the measures should, at least, discourage ISSPs’ users from accessing the subject-matter that has been made available to them in breach of the copyright.210 The result will be, despite the new EU Copyright Directive, an endless discussion about of what can ‘reasonably’ be expected from ISSPs. 211 Should ISSPs share and pay their revenues, including through advertisements, to the rightholders, or will they have to choose to take preventive measures by means of CRTs? And not only will that be a discussion point. If ISSPs choose to block and remove content, there has to be a fair balancing test with the fundamental rights at stake and the balancing act cannot be done by a computer itself. There should be better rules on the problems arising from the use of CRTs by ISSPs. For example, the new EU Copyright Directive does not contain any rules on the protection of personal data in the event of unnecessary processing of personal data. But even if such procedures were harmonised, there is a good chance that a harmonised procedure should also be
206 Ibid, p. 205 an 206; and Gregory R. Hagen, ‘Modernizing ISP Copyright Liability’ in Michael Geist, From ‘Radical Extremism’ to ‘Balanced Copyright’: Canadian Copyright and the Digital Agenda (Irwin Law, Toronto 2010), p. 638. 207 Case C-275/06 Promusicae v. Telefónica de España [2008] ECR I-00271, para. 70. 208 Case C-360/10 SABAM v. Netlog (ECJ 16 February 2012), para. 34 and Case C-70/10 Scarlet Extended v. SABAM [2011] ECR I-11959, para. 36. 209 Case C-610/15 Stichting Brein v. Ziggo (ECJ 14 June 2017), para. 47. 210 Case C-314/12 UPC Telekabel Wien v. Constantin Film (ECJ 27 March 2014), para. 63. 211 Dirk J.G. Visser, ‘Trying to understand article 13’ (2019) SSRN, p. 11.
43 called into question. An example of this is the Lenz case in the US212, where a NTD system is harmonised by law213. Lenz uploaded a video of her dancing son to a Prince song, which lasted less than half a minute. Universal Music was the rightholder of this music and sent a notice to YouTube. Lenz protested because she felt that the use of the music amounted to fair use. In this situation, the central question was whether one could require copyright holders to check for themselves whether or not using the music falls under the provision of fair use. According to the judge, it is not too much to ask the rightholder to decide for himself whether or not there is fair use. In addition to that, a solution should be offered to the potential conflict between other fundamental rights. A human person should be included to carry out a kind of a ‘second opinion’ on files identified as infringing content. A human being can then determine whether the infringement has actually taken place. By motivating blocking or removing decisions and with implementing redress mechanisms, it will increase the trust and reduce the imbalance between the parties. A useful addition to this is enabling users to require intermediaries to reconsider their decision in the context of a fair trial. This means that providers have to come up with more elements in order to remove alleged infringing content and users have sufficient rights to challenge the intermediaries’ decisions to remove or block content. This would prevent intermediaries from casually removing content to avoid liability and simply always trust the CRTs or algorithms.
4.4. Notice and Action The main problem will be the need to strike a proportionate balance between the different rights at stake. It is a risk to rely on the technique itself. For this reason, a number of suggestions are given that could possibly be used to supplement or replace the new EU Copyright Directive. In the current system, the ISSP has one option after a notification; taking it down. In the vertical legal system, the ISSP has distinct actions which it can adjust to the relevant information and legal system in question, thus enabling it to better meet the requirement of a fair balance.
212 Lenz v. Universal Music Corp., 801 US F.3d 1126 (2015). 213 Art. 512(c)(1) DMCA.
44
4.4.1. Notice and Notice System The first suggestion to the problem could be a so-called Notice and Notice (NN) system, already implemented in Canada in 2012 with the aim of addressing copyright infringements while protecting the interests of the platform users.214 The NN system differs in an important point from the NTD system because the ISSP is not required to act quickly and remove or block the alleged infringing content on the platform. The NN system is a good solution to the current problem and avoids a major burden for intermediaries. The system can make sure that ISSPs are not inclined to remove the content immediately after each notice in order to avoid liability. The rightholder on a particular work sends a notice of an alleged infringement to the ISSP, designating the person who committed the alleged infringement on the platform. This obliges the ISSP to forward the notice to this alleged infringer electronically and to inform the rightholder of this forwarding. The user who, according to the owner of the copyright, commits the alleged infringement, is not obliged to respond to such a notification. Such a notification does not necessarily mean that an actual infringement has taken place. The intermediaries keep the user’s data for six months after the notification of the infringement. This period extends to a period of one year if the rightholder decides to take legal action in the meantime. The ISSP cannot share the data of the rightholder himself, unless the rightholder has a court order to do so.215 However, the advantage is the system allowing individuals to take down content without initiating court proceedings. This can be effective for the younger users, not always being aware of their illegal actions.216 The focus is no longer on the intermediary involved, but on the person who actually committed the infringement. Self-regulation, the great danger with the use of content recognition systems, is moderated by such a procedure and the enforcement can eventually take place through the courts. In addition, ISSPs will fall into their natural role of an intermediary and the system will meet the threshold of the Telekabel Wien case, namely that it serves a discouraging purpose.217
214 Section 47 Canadian Copyright Modernisation Act (CCMA) of 29 June 2012 amending the Canadian Copyright Act, S.C. 2012 c. 20. 215 Federica Giovanella, ‘Online Service Providers’ Liability, Copyright Infringement and Freedom of Expression: Could Europe Learn from Canada?’ in Mariarosaria Taddeo and Luciano Floridi (eds), The Responsibilities of Online Service Providers (Springer International Publishing, Cham 2017), p. 234-237. 216 Zingales N., ‘Internet Intermediary Liability: Identifying Best Practices for Africa’ (2013) Association for Progressive Communications, p. 20 and 21. 217 Case C-314/12 UPC Telekabel Wien v. Constantin Film (ECJ 27 March 2014), para. 62.
45
4.4.2. Notice Wait and Take Down System ISSPs will probably feel compelled by the use of content recognition technologies to use extra caution in order to avoid liability. Also, claims will not always be clear and a NTD system will often rely on a notice without further investigation. A system that uses a moment of reflection seems to be very suitable for reaching a compromise and a balance of interests. The Notice Wait and Take Down (NWTD) system is a softer form of the NTD system and is already playing a major role in Japan.218 The system requires ISSPs to pass on any notification of the alleged infringement to the person who uploaded the content online. If the uploader does or does not agree to the notification or if it does not respond, the ISSP may take the content offline.219 In this way, the user is given the opportunity to react before immediately blocking the content. The system will limit the removal of lawful, non-infringing material. It also gives the uploaders a chance to respond to it, which can prevent legal proceedings. The NWTD system is even being distributed in Europe. For example, the British defamation law of 2013 already includes a similar approach that applies to website operators.220 Contrary to the horizontal Japanese approach, these rules are only limited to defamation. In Lithuania, a system has also been implemented whereby the legal obligations for the ISSP remain in place. For example, a slightly modified system has been introduced in Lithuania. Users only have three days to reply, but the ISSP has thereby the authority to ask for an opinion from the relevant control body before verifying the validity of a justification provided by the user.221 Judgments making clear that the NWTD system can be an outcome, are the European Court of Human Rights (ECtHR) Delfi v. Estonia case222 and MTE v. Hungary case223. These cases were about ISSPs’ liability for defamatory content, posted by users under news articles on their ISSPs’ platform. Despite the fact that these cases were not about copyright liability and that there are differences with the ECJ’s rulings, a balance of interests is weighed up and a fair
218 Art. 3(2)(ii) Japanese Act on the Limitation of Liability for Damages of Specified Telecommunications Service Providers and the Right to Demand Disclosure of Identification Information of the Senders of 30 November 2001, unofficial translation available at
46 balance is sought between fundamental rights in the context of infringing user generated content. The ECtHR believes that this balance extends to different areas of law. All data subjects’ rights are therefore relevant to the scope of the measures that can be imposed on ISSPs. The ECtHR has also opted for a more structured approach in these rulings, including four specific factors: the context of the content, the measures taken by the ISSPs, the liability of the actual uploader’s content, ant the consequences for the platform or the victim. Despite the application of the same factors, the ECtHR came to different judgments. In the Delfi case, the news site Delfi was held liable for the comments and the site had to proactively remove them. In the MTE case, however, the ECtHR decided otherwise and ruled that allowing unfiltered comments could not be a reason to hold the site liable, even if the site should have realised that the comments might be unlawful. According to the ECtHR, such a rule would undermine the freedom to provide information on the internet. These statements about similar situations therefore show that the search for a fair balance between fundamental rights is subject to change and that a suitable solution must be found. Nevertheless, the cases are providing points of departure for determining when an ISSP should be held liable for unlawful user generated content. A NWTD system therefore seems, partly on the basis of these matters, to be the right alternative and can introduce a moment of reflection. With this, a compromise can be reached by persons having the opportunity to respond.
4.4.3. Notice and Stay Down system The Notice and Stay Down (NSD) system can ensure that an ISSP not only deletes or blocks the information for which a rightholders’ notice has been sent, but will also take additional measures. For example, the ISSP can use such a system to prevent the information from being re-posted by a user. This system is already very popular in Germany and in France there are positive reactions on the system.224 In fact, it is already been discussed by the EC in the run-up to the new EU Copyright Directive.225 However, one could say that despite the great advantage of such a system ensuring an appropriate balance, it will give an enormous burden to ISSPs. It will also ensure that taking illegal information offline requires the filtering of the entire content. Just as the use of CRTs for prior checking, the NSD system can lead to a violation of fundamental rights and will impose a burden on ISSPs.
224 Christina Angelopoulus, ‘Beyond the Safe Harbours: Harmonising Substantive Intermediary Liability for Copyright Infringement in Europe’ (2013) Institute for Information Law 11, p. 24. 225 European Commission, ‘Towards a Modern, More European Copyright Framework’, COM (2015) 626 final.
47
4.5. Conclusion The interfaces with different fundamental rights require a fair balance between blocking information by CRTs and the possible infringement of other fundamental rights that may result from it. The jurisprudence at the highest European levels tells us that the ultimate judicial tool is a fair balance between the different fundamental rights. A vertical system is necessary. More regulation is needed regarding a clear detailed and appropriate copyright enforcement system that can weigh up different interest. A first suggestion would be the NN system in which the ISSP is free of self-regulation. However, given the conclusion that the ISSP should carry some responsibility, this is not the right system in a vertical framework. A second possibility is the NWTD system. This is comparable to the NTD procedure, but ensures that a moment of reflection takes place and that a notification is not followed up by the ISSP without a substantive assessment. The final suggestion lies in the NSD system. It is similar to the NTD procedure but the ISSP can put an addition in place by using CRT to prevent a similar upload of a person in the future, once it is clear that it is an infringement. A combination of the latter two seems to be the most appropriate solution. In this way, fundamental rights are not directly affected, there is a moment of reflection and the technology can be used to assess the large amount of data and to promote speed.
48
5. Conclusion The hosting provider falls under the definition of an Internet Society Service Provider (ISSP) and is normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient. The growing importance of hosting providers, such as YouTube and Facebook, and the amount of information and data on them, leads to difficulty for creators of copyright protected work to enforce or license their rights and seek remuneration for it. Revenues generated from copyright protected content are unfairly distributed between the different players, defined as the value gap. Hosting providers are now covered by the horizontal legal system with a one-size-fits-all solution, whereby, independently of the jurisdiction in question, the provider is only liable of copyright infringements if it. This leads to the main use of the Notice and Take Down (NTD) system. As soon as a notification of a potential copyright infringement is sent to the hosting provider, the provider has actual knowledge and cannot rely on the liability exemption deriving from article 14 E-Commerce Directive anymore. Many notifications, even dubious, are sent because the hosting provider will often remove the information immediately without further assessment or weighing the interest and rights at stake in order to avoid liability. This current legal intermediary liability framework is therefore, together with the need to tackle the value gap, subject to lots of discussed modifications and moving to a vertical liability system. This will result in the use of content recognition technologies (CRTs) using a database to check online content. The computer will be able to recognise the information immediately and will remove or block the information on the basis of a possible recognition. Different types of CRTs can be used. A digital watermark gives information a unique brand, requiring a certain not standardised key to understand it. The digital fingerprinting technique recognises characteristics of the information in a standardised way. Looking at case law and the various techniques to prevent liability for copyright infringements, suggestions are made in this study to arrive at assessing the new framework regarding intermediary liability and come up with the right copyright enforcement system. As part of the Digital Single Market Strategy and to harmonise the current intermediary liability system, the European Commission established a new EU Copyright Directive. The value gap should be tackled with the new article 17 EU Copyright Directive. Large platforms like Google and Facebook will be subject to a different liability system in two years time. If there is content on their platform that is protected by copyright, they are liable. In contrast to the current
49 system, this is a major change. An important element, that the hosting provider must have knowledge of the alleged infringement, is thus removed. Unless the ISSPs in question have licenses with rightful claimants, a pre-upload check will take place in order to avoid liability. Given the impossibility to license all content, ISSPs are forced to switch to CRTs. However, the use of CRTs in the new vertical system does have many drawbacks. For example, an ISSP will take too much rather than too little information offline and it is difficult to appeal against the blocking or deleting as a user. A few examples of the use of YouTube's Content ID system show that it is impossible for CRTs to make a proper distinction between the unlawful use of copyright protected work and the use of copyright protected work on the grounds of the exceptions, such as the right to parody. CRTs will affect the right to conduct a business. Licenses are needed, which will give the rightholders a lot of influence and offer them the opportunity to set high standards. Together with the high costs of implementing such a system, the freedom to start a business will be limited. As the ECJ also indicated in the L'Oreal v. eBay case, mandatory measures should not be expensive. It will also be possible to restrict the freedom of expression right. Information cannot be shared through multiple channels, people will be restricted in their freedom of choice and ISSPs can decide what information will be showed. Even if someone wants to give an opinion about copyright protected work, the computer will often not be able to distinguish the difference between the right to give your opinion and an infringement of the work. And finally, the right to protection of personal data may be in danger with the use of CRTs. In the SABAM cases, the ECJ stated that the use of filtering techniques requires identification and analysing all content in order to avoid copyright liability. The uploaded content can be identified via the account of the uploader itself. The interfaces with different fundamental rights require a proper balance between the blocking of information by CRTs and the possible infringement of other fundamental rights that may result from it. The jurisprudence at the highest European levels tells us that the ultimate judicial tool is a fair balance between the different fundamental rights. In view of this, the horizontal system is obsolete. A copyright enforcement system that can move with new circumstances and technological changes that can be weighed up, is therefore necessary. The NTD system is not an appropriate system in view of the abuse and inertia. The prior blocking of content by CRTs is also considered undesirable. It is impossible for an ISSP to be the one who
50 decides what will or will not come online by means of a computer. That is why more regulation is needed regarding a clear and appropriate copyright enforcement system. A first suggestion would be that a Notice and Notice (NN) system in which the ISSP is free of a duty of care with regard to a necessary balancing of interests. The rightsholder sends a notification which is forwarded to the uploader. As a result, self-regulation by ISSPs has been prevented and hosting providers fall into their natural role, whereby users will be discouraged from committing a copyright infringement. A second possibility is the Notice Wait and Take Down (NWTD) system. This is comparable to the NTD procedure, but ensures that a moment of reflection takes place and that a notification is not followed up by the ISSP without a substantive assessment. As a result, the user will not be restricted in his freedom to upload information and has the opportunity to respond to this. This will prevent the rightholders from gaining a dominant position in the vertical legal system. And a final suggestion lies in the Notice and Stay Down (NSD) system. The ISSP can use the use of a CRT to prevent a similar upload of a person in the future, once it is clear that it is an infringement. In conclusion, a hosting provider will have to be partly responsible for the content online because it generates revenue, partly belonging to the rightholders. A vertical liability system is necessary, but given the infringement of fundamental rights and the practical consequences of CRTs checking and blocking content before it is uploaded, it is undesirable. As long as the technology does not work optimally, the new EU Copyright legislation should be amended and a less intrusive copyright enforcement system should be chosen. A fair balance can be sought in a system in which a moment of reflection takes place in order to assess whether or not a certain right should be restricted. A combination of the NWTD and the NSD procedure is therefore desirable. In this way, technology can help to ensure that the large amounts of information can be assessed and that there is speed in the removal of other infringements, without forgetting to weigh up the interests at stake.
51
Bibliography
Literature Angelopoulus C. (2013) Angelopoulus C., ‘Beyond the Safe Harbours: Harmonising Substantive Intermediary Liability for Copyright Infringement in Europe’ (2013) Institute for Information Law 11.
Angelopoulus C. (2016) Angelopoulus C., ‘EU Copyright Reform: Outside the Safe Harbours, Intermediary Liability Capsizes into Incoherence’ (2016) Kluwer Copyright Blog
Angelopoulus C. (2016) Angelopoulos C., ‘European intermediary liability in copyright: A tort-based analysis’ (2016) UvA Digital Academic Repository.
Beer de J. and Clemmer C.D. (2009) Beer de J. and Clemmer C.D., ‘Global Trends in Online Copyright Enforcement: A Non-Neutral Role for Network Intermediaries?’ (2009) Jurimetrics 49(4).
Belli L. and Bergen van M. (2013) Belli L. and Bergen van M., ‘Protecting Human Rights through Network Neutrality: Furthering Internet Users’ Interest, Modernising Human Rights and Safeguarding the Open Internet’ (2013) CDMSI Misc 19.
Boroughf B. (2014) Benjamin Boroughf, ‘The Next Great YouTube: Improving Content ID to Foster Creativity, Cooperation, and Fair Compensation’ (2014) Albany Law Journal of Science and Technology
52
Colangelo G. and Maggiolino M. (2017) Colangelo G. and Maggiolino M., ‘ISPs’ Copyright Liability in the EU Digital Single Market Strategy’ (2017) International Journal of Law and Information Technology.
Coudert F. and Werkers E. (2010) Coudert F. and Werkers E., ‘In the Aftermath of the Promusicae Case: How to Strike the Balance?’ (2010) International Journal of Law and Information Technology 18.
Civolution (2012) Civolution, ‘Automated Content Recognition: creating content aware ecosystems’ (2012) Civolution
Craig P. and De Búrca G. (2011) Paul Craig and Gráinne de Búrca, EU Law Text, Cases and Materials (Oxford University Press Inc, New York 2011), p. 397.
Collins H. (2004) Collins H. (ed), The forthcoming EC Directive on Unfair Commercial Practices (Kluwer Law International 2004).
DLA Piper (2009) DLA Piper, ‘EU Study on the Legal Analysis of a Single Market for the Information Society; new rules of a new age?’ (2009)
Edwards L. (2005) Edwards L. (ed), The New Legal Framework for e-commerce in Europe (Hart Publishing, Portland 2005).
53
Edwards L. (2009) Edwards L., ‘The Fall and Rise of Intermediary Liability Online’ in Edwards L. and Waelde C. (eds), Law and the Internet (Hart Publishing, Portland 2009).
Edwards L. (2011) Edwards L., ‘Role and Responsibility of Internet Intermediaries in the field of Copyright and Related Rights’ (2011) WIPO.
Frosio G.F. (2016) Frosio G.F., ‘From horizontal to vertical: an intermediary liability earthquake in Europe’ (2016) JIPLP 12(7).
Giovanella F. (2017) Giovanella F., ‘Online Service Providers’ Liability, Copyright Infringement and Freedom of Expression: Could Europe Learn from Canada?’ in Taddeo M. and Floridi L. (eds), The Responsibilities of Online Service Providers (Springer International Publishing, Cham 2017).
Griffiths J. (2013) Jonathan Griffiths, ‘Constitutionalising or Harmonising? The Court of Justice, the Right to Property and European Copyright Law’ (2013) European Law Review 38.
Guibault L. and Helberger N. (2005) Guibault L. and Helberger N., ‘Copyright Law and Consumer Protection’ (2005) European Consumer Law Group Brussels 035(05).
Hagen G.R. (2010) Hagen G.R., ‘Modernizing ISP Copyright Liability’ in Geist M., From ‘Radical Extremism’ to ‘Balanced Copyright’: Canadian Copyright and the Digital Agenda (Irwin Law, Toronto 2010).
54
Harris D. (2014) Harris D. (ed), Law of the European Convention on Human Rights (Oxford University Press, Oxford 2014).
Helberger N. and others (2009) Helberger N. and others, ‘Legal Aspects of User Created Content’ (2009) IViR.
Herre J. (2003) Herre J., ‘Content based identification (fingerprinting)’ in Becker E. and others (eds), Digital Rights Management: Technological, Economic, Legal and Political Aspects (Springer Verlag, Berlin Heidelberg 2003).
Husovec M. (2017) Husovec M., ‘Holey cap! CJEU Drills (yet) Another Hole in the E-Commerce Directive’s Safe Harbors’ (2017) JIPLP.
Kuczerawy A. (2018) Kuczerawy A., ‘EU Proposal for a Directive on Copyright in the Digital Single Market: Compatibility of Article 13 with the EU Intermediary Liability Regime’ (2018) Centre for IT & IP Law (CiTiP).
Katzenbeisser S., Liu L. and Steinebach M. (2012) Katzenbeisser S., Liu L. and Steinebach M., ‘Challenges and Solutions in Multimedia Document Authentication’ in Information Resources Management Association, Digital Rights Management: Concepts, Methodologies, Tools and Applications (IGI Publishing, Hershey 2012).
Kleinschmidt B. (2010) Kleinschmidt B., ‘An International Comparison of ISP’s Liabilities for Unlawful Third Party Content’ (2010) International Journal of Law and Information Technology 18(4).
55
Kudrle S. (2014) Kudrle S., ‘Media Fingerprinting: Managing Content, Security and Quality’ (2014) Grass Valley
Lai J.C. and Graber C.B. (2015) Lai J.C. and Graber C.B., ‘Is Digital Text-Watermarking the Long-Desired User Friendly Digital Rights Management? Copyright and Fundamental Values from a Comparative Perspective’ (2015) i-call Working Paper 2.
Lemly M.K. (2002) Lemly M.K., ‘Protecting Consumers from Themselves: Alleviation the Market Inequalities Created by Online Copyright Infringement in the entertainment industry’ (2002) Albany Law Journal of Science & Technology 13.
Lenaerts K. (2012) Lenaerts K., ‘Exploring the Limits of the EU Charter of Fundamental Rights’ (2012) European Constitutional Law Review 8(3).
Lev-Aretz L. (2012) Yafit Lev-Aretz, ‘Second Level Agreements’ (2012) Akron Law Review 45.
Lu C. (2005) Lu C. (ed), Multimedia Security: Steganography and Digital Watermarking Techniques for Protection of Intellectual Property (IGI Publishing, London 2005).
Mylly T. (2015) Mylly T., ‘The Constitutionalization of the European Legal Order: Impact of Human Rights on Intellectual Property in the EU’ in Geiger C. (ed), Research Handbook on Human Rights and Intellectual Property (Edward Elgar Publishing, Cheltenham 2015).
56
Reed C. and Angel J. (2003) Reed C. and Angel J. (eds), Computer Law (Oxford University Press, Oxford 2003).
Sartor G. and Azevedo Cunha de M.V. (2010) Sartor G. and Azevedo Cunha de M.V., ‘The Italian Google-Case: Privacy, Freedom of Speech and Responsibility of Providers for User-Generated Contents’ (2010) International Journal of Law and Information Technology 18(4).
Seitz J. (2005) Seitz J., Digital Watermarking for Digital Media (IGI Publishing, London 2005).
Seltzer W. (2010) Seltzer W., ‘Free Speech Unmoored in Copyright’s Safe Harbor: Chilling Effects of the DMCA on the First Amendment’ (2010) Harvard Journal of Law & Technology 24.
Simon A.R. (2014) Abigail R. Simon, ‘Contracting in the Dark: Casting Light on the Shadows of Second Level Agreements’ (2014) William & Mary Business Law Review 305.
Singh P. and R.S. Chadha (2013) Singh P. and Chadha R.S., ‘A Survey of Digital Watermarking Techniques, Applications and Attacks’ (2013) International Journal of Engineering and Innovative Technology 2(9).
Stamatoudi I. and Torremans P. (2014) Stamatoudi I. and Torremans P. (eds), EU Copyright Law: A Commentary (Edward Elgar Publishing, Cheltenham 2014).
Verbiest T., Spindler G. and Riccio G.M. (2007) Verbiest T., Spindler G. and Riccio G.M., ‘Study on the Liability of Internet Intermediaries’ (2007) SSRN.
57
Visser D.J.G. (2019) Visser D.J.G., ‘Trying to understand article 13’ (2019) SSRN.
Wang J. (2016) Wang J., ‘Regulating hosting ISPs’ responsibilities for copyright infringement: The freedom to operate in the US, EU and China’ (2016) Maastricht University.
Yannopoulus G.N. (2017) Yannopoulos G.N., ‘The Immunity of Internet Intermediaries Reconsidered?’ in Taddeo M. and Floridi L. (eds), The Responsibilities of Online Service Providers (Springer International Publishing, Cham 2017).
Zingales N. (2013) Zingales N., ‘Internet Intermediary Liability: Identifying Best Practices for Africa’ (2013) Association for Progressive Communications.
58
Legislation
• Canadian Copyright Modernisation Act (CCMA) of 29 June 2012 amending the Canadian Copyright Act, S.C. 2012 c. 20.
• Charter of Fundamental Rights of the European Union (Charter), 2010 OJ C83/02.
• Consolidated version of the Treaty on the Functioning of the European Union (TFEU), OJ C326/47.
• Council Directive 98/48/EC of 20 July 1998 amending Directive 98/34/EC laying down a procedure for the provision of information in the field of technical standards and regulations, OJ L217/18.
• Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (E-Commerce Directive), OJ L178/1.
• Directive 98/34/EC of the European Parliament and of the Council of 22 June 1998 laying down a procedure for the provision of information in the field of technical standards and regulations (Technical Standards Directive), OJ L204/37.
• Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related right in the information society (InfoSoc Directive), OJ L167/10.
• Directive 2004/48/EC of the European Parliament and of the Council of 29 April 2004 on the enforcement of intellectual property rights (Intellectual Property Rights Enforcement Directive), OJ L195/16.
• Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC (Data Retention Directive), OJ L105/54.
• Japanese Act on the Limitation of Liability for Damages of Specified Telecommunications Service Providers and the Right to Demand Disclosure of Identification Information of the
59
Senders of 30 November 2001, unofficial translation available at
• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR), OJ L119/1.
• The UK Defamation (Operations of Websites) Regulations of 2 December 2013, Statutory Instruments 2013/3028.
• Treaty establishing the European Community (TEC), OJ C325/1.
• US Digital Millennium Copyright Act (DMCA), Pub. L. No. 105-304.
• US Stop Enabling Sex Traffickers Act (SECTA) S. 1693 (115th Congress).
Case Law
• Case 4/73 Nold v. Commission of the European Communities [1975] ECR 00985.
• Case 151/78 Sukkerfabriken v. Ministry of Agriculture [1979] ECR 00001.
• Sunday Times v. United Kingdom (App no 6538/74) ECHR 26 April 1979.
• Malone v. United Kingdom (App no 8691/79) ECHR 2 August 1984.
• Case 263/86 Belgian State v. Humbel [1988] ECR 05365.
• Case 352/85 Bond van Adverteerders v. the Netherlands [1988] ECR 02085.
• Case C-292/97 Kjell Karlsson and others v. Sweden [2000] ECR I-02737.
• Case C-275/06 Promusicae v. Telefónica de España [2008] ECR I-00271.
• Case C-236/08 Google France v. Louis Vuitton [2010] ECR I-02417.
• Joined Cases C-379/08 and 380/08 Raffinerie Mediterranee and Others v. Ministero dello Sviluppo economico and Others (2010) ECR I-02007.
• Joined Cases C-92/09 and C-93/09 Volker and Markus Schecke v. Land Hessen (2010) ECR I-11063.
• Case T-385/07 FIFA v. European Commission [2011] ECR II-00205.
60
• Case T-68/08 FIFA v. European Commission [2011] ECR II-00349.
• Case C-324/09 L’Oréal v. eBay [2011] ECR I-06011.
• Case C-70/10 Scarlet Extended v. SABAM [2011] ECR I-11959.
• Case C-461/10 Bonnier Audio v. Perfect Communication (ECJ 19 April 2012).
• Case C-360/10 SABAM v. Netlog (ECJ 16 February 2012).
• Case C-426/11 Alemo-Herron v. Parkwood Leisure (ECJ 18 July 2013).
• Case C-283/11 Sky Österreich v. Österreichischer Rundfunk (ECJ 22 January 2013).
• Case C-314/12 UPC Telekabel Wien v. Constantin Film (ECJ 27 March 2014).
• Delfi AS v. Estonia (App no 64569/09) ECHR 16 June 2015.
• Case C-362/14 Schrems v. Data Protection Commissioner (ECJ 6 October 2015).
• Case C-650/12 Thierry Delvigne v. Commune de Lesparre Médoc and Préfet de la Gironde (ECJ 6 October 2015).
• Case C-601/15 J.N. v. Staatssecretaris van Veiligheid en Justitie (ECJ 15 Februari 2016).
• Case C-134/15 Lidl v. Freistaat Sachsen (ECJ 30 June 2016).
• Magyar Tartalomszolgáltatók Egyesülete (MTE) & Index v. Hongary (App no 22947/13) ECHR 2 Februari 2016.
• Case C-582/14 Patrick Breyer v. Bundesrepublik Deutschland (ECJ 19 October 2016).
• Joined Cases C-203/14 and C-698/14 Tele2 Sverige v. Post-och and Secretary of State (ECJ 21 December 2016).
• Case C-484/14 Tobias McFadden v. Sony Music (ECJ 15 September 2016).
• Case C-258/14 Eugenia Florescu and Others v. Casa Judeteaña de Pensii Sibiu and Others (ECJ 13 June 2017).
• Case C-610/15 Stichting Brein v. Ziggo (ECJ 14 June 2017).
• Case C-190/16 Werner Fries v. Lufthansa CityLine GmbH (ECJ 5 July 2017).
• Lenz v. Universal Music Corp., 801 US F.3d 1126 (2015).
61
Documents
• Article 29 WP, ‘Opinion 4/2007 on the concept of personal data’ WP 136.
• BEREC, ‘A view of traffic management and other practices resulting in restrictions to the open Internet in Europe’ BoR (2012) 30.
• BEREC, ‘Summary of BEREC positions on net neutrality’ BoR (2012) 146.
• European Commission, ‘A Digital Single Market Strategy for Europe’ COM (2015) 192 final.
• European Commission, ‘First report on the application of the Directive on electronic commerce’ COM (2003) 702 final.
• European Commission, ‘Online Platforms Accompanying the document Communication on Online Platforms and the Digital Single Market’ SWD (2016) 172 final.
• European Commission, ‘Online Platforms and the Digital Single Market Opportunities and Challenges for Europe’ COM (2016) 288 final.
• European Commission, ‘Online services, including e-commerce, in the Single Market’ SEC (2011) 1641 final.
• European Commission, ‘Proposal for a Directive of the European Parliament and of the Council on copyright in the Digital Single Market’ COM (2016) 593 final.
• European Commission, ‘Tackling Illegal Content Online Towards an enhanced responsibility of online platforms’ COM (2017) 555 final.
• European Commission, ‘Towards a Modern, More European Copyright Framework’, COM (2015) 626 final.
• European Council, ‘Legal issues on Article 13 and recital 38 of the Proposal’ COD (2017) 13140.
• European Parliament, ‘Towards a Digital Single Market Act’ (2016) Resolution C11/55.
62
Websites
• ‘Automated Content Recognition (ACR)’ (Gartner IT Glossary)
• Madore P.H., ‘YouTube Will Pay Up To $1 Million in Legal Fees For Qualifying Users’ (Hacked 2015)
• Masnick M, ‘How Google’s ContentID System Fails At Fair Use & The Public Domain’ (TechDirt 2012)
• ‘Media Usage Guidelines’ (NASA)
• ‘Questions and Answers – European Parliament’s vote in favour of modernised rules fit for digital age’ (European Commission 2019)
• Sar van der E, ‘YouTube Copyright Complaint Kills Harvard Professor’s copyright Lecture (Update)’ (TorrentFreak 2016)
• Schmidt H., ‘Die Antwort auf Youtube: Universal-Musikvideos jetzt auf Sevenload’ (Frankfurter Allgemeine 2009)
• SyrianArchive, ‘Survey of social media channels removed by @YouTube machine learning and restored w/ help by @witnessorg.’ (Twitter 2017)
• ‘YouTube censors lifesaving abortion information’ (Women on Waves 2018)
63