EU Court Guidance - How much control do you have over your online reputation?
Quoting The Social Network, the Attorney General has reminded us that the internet’s not written in pencil, it’s written in ink.
The European Union created rules in 2000 for online service providers around defamatory and illegal information that is posted online, generally imposing no sort of obligation on service providers to monitor information or confirm that such information is lawful and factually correct.
However, these rules have recently been interpreted by the Attorney General in a case before the Court of Justice of the European Union (CJEU), regarding a request from Austria to clarify certain points of law, and it seems that Facebook once again may have been relying on a very wide interpretation of the rules.
European Rules on Online Information
Directive 2000/31/EC (the “Directive”) creates transparency rules and information requirements for online service providers, which includes “host providers” and therefore operators of social network platforms, such as Facebook. The Directive sets out that Member States cannot hold online service providers responsible for the information that they store as long as they do not have actual knowledge of illegal activity (Article 14(1)(a)). This means that online service providers are not liable for the information stored on their servers by third parties if they are not aware of the illegal nature of that information. As such, platforms such as Facebook cannot be placed under a general obligation to monitor the information it stores, nor be bound by a general obligation actively to seek facts or circumstances indicating illegal activity.
However, if online service providers do become aware of illegal activity that is being carried out they must act expeditiously to remove or block access to the information (Article 14(1)(b)). Member States can impose no obligation to monitor the information that is being transmitted or to actively seek facts or circumstances that might indicate illegal activity (Article 15).
Austrian Rules on Online Defamation
The Austrian Civil Code allows anyone who has sustained actual harm or loss of profit owing to an injury to their “honour” to claim compensation, and if this harm has not actually occurred yet, they are nonetheless entitled to a publication denying the information that could cause a loss to their “honour”, or seek the removal of such information if it is still available (Allegmeines Bürgerliches Gesetzbuch, Paragraph 1130(1)).
Furthermore, copyright law in Austria does not allow images to be distributed online of a person if this could harm their legitimate interests, or if they have not authorised the publication of the pictures (Urheberrechtsgesetz, Paragraph 78(1)).
Austrian law also follows the guidance of EU law that there is no obligation to monitor imposed on online service providers (E-Commerce-Gesetz, Paragrpah 18(1)).
Defamatory Information Posted Online
Facebook has found itself in a legal battle once again, this time being sued by a member of the National Austrian Council from die Grünen party (the Greens).
When a Facebook user shared a news article on their personal profile about the Greens party, it was displayed on their page as a reduced thumbnail of a photograph of the Greens party member only and was accompanied by the Facebook user’s defamatory comments about that member of the Greens.
When the Greens party member requested that Facebook delete the defamatory post and it refused, she obtained an injunction from the national Austrian court which required that, following the Austrian rules on defamation and honour, the post be removed. The Oberster Gerichtshof (the Austrian Supreme Court) held that the information had been posted with the intention to damage her reputation, to insult her and to defame her.
When it received this order, Facebook removed the post in Austria but kept it public and accessible to the rest of the world. Austria turned to the European Court for advice, asking if Facebook could be obligated to remove the information worldwide since it had been decided that it was illegal in Austria.
The Advocate General’s Opinion
Despite the no obligation to monitor principle, Advocate General Maciej Szpunar has issued an Opinion stating that the Directive’s accommodating rules do not prevent a Member State from obligating Facebook to seek and identify all information posted by any user which is identical to the information that the Austrian Court has characterised as “illegal”.
Furthermore, in his Opinion, Advocate General Maciej Szpunar stated that Facebook can be obligated to find any similar or equivalent information that the same user has posted, and delete it.
The Advocate General reached this opinion by considering the obligations and rights of both parties on either side of the argument.
The Advocate General sees that this approach fairly balances the fundamental rights of the person involved - the protection of private life and personality rights - and the rights that Facebook (s an online service provider) is arguing for - the freedom to conduct a business and the protection of freedom of expression and information.
To expect Facebook to delete every identical post by all users and any equivalent posts by the same offending user is considered to be fair, since it does not require sophisticated technology or techniques that might be burdensome for Facebook.
Considering how easy it is to reproduce information on the internet, the Advocate General considers that this is necessary in order to ensure protection of individual privacy and personality rights. That said, the Attorney General also reiterated that any Member State court making such order must weigh up the fundamental rights involved and take account of the principle of proportionality so as to protect freedom of expression and the right to information and to avoid issues of censorship.
The Directive does not expressly limit the geographical application of its provisions to apply to Member States only. Of course, given the borderless nature of our online and internet environment, it is important to consider the extra-territorial reach of the applicable rules.
As such, the Advocate General noted that whilst the Directive does not regulate the territorial scope of an obligation to remove information disseminated via a social network platform, it does not prevent a host provider from being ordered to remove such information worldwide.
The situation remains unclear, as the question of the extra-territorial application of an injunction imposing a removal obligation and whether the rules should apply on a worldwide basis will need to be further analysed in light of relevant international law provisions.
The Advocate General’s opinion is not binding on the CJEU, and we await the final decision. However, since it is the responsibility of the Advocate Generals to propose a legal solution to the European court and offer advice, it is rare that the CJEU does not follow such guidance.
The CJEU has begun its deliberations and a final decision will be given at a later date. In accordance with procedure of the CJEU, it will then be for the Austrian courts to review the decision and decide how to proceed with the matter going forward, on the basis of the facts of the case of the Greens party member.
For now it seems that the Directive, while imposing no specific obligation to monitor information generally, does not give online service providers a carte blanche to refuse to remove information worldwide once it has been decided by the courts of one Member State that the information is illegal.
If you have any questions about the responsibility of online service providers and your online reputation in the meantime, or if you would like advice on any other legal matters, please don’t hesitate to get in contact.
Article by Charlotte Gerrish, Founder and Lily Morrison, Legal Consultant @ Gerrish Legal, July 2019