EU public consultation on intermediary liability

EU Delegation to the US, Public Workshop on the Digital
Single Market Strategy, Consultation on Online Platforms, Cloud & Data, Liability
of Intermediaries, Collaborative Economy
2003 Directive: recital says that there’s no prohibition for
member states to come up w/codes of conduct for intermediaries or generalized
duties of care.  If you can or should
reasonably expect that an intermediary should have been aware of illegal
activity, you can impose certain responsibilities. Not a hands-off approach to
what’s on your system.  Problem: how
harmonized are these rules? Notice and action: that is harmonized.  But when we did 2010 assessment, practice on
how quickly to respond, which formats can be used, can notices come from
private parties was very widely diverging. Also risks of overreaction: parties
can send continuous notifications w/o even checking whether content is even
possibly illegal.  Puts intermediaries in
difficult permission.  Also intermediaries
continue to claim to be passive, but business model is based on processing data
(implication: that’s not passive).  There
is no conclusion yet about what we should do, if anything.  Difficult to get concrete information on what’s
actually happening. 
Sampling as monitoring: control procedures can be justified
if they sample because they catch illegal activity samples ex post, even if
they don’t catch every piece of bad activity. 
If we did ex post, how post should the ex post be?  Certain member states interpreted the
Directive on “expeditious” action on notification as 24 hours, while others
interpreted it as 6 months.  You can’t
have a common market with such huge differences.  There are certain requests from stakeholders—not
good policy/reasonable to expect we can simply say there’s no problem. Not fit
for purpose given the amount of data going out. 
We aren’t really talking about ©/IP—we’re talking about all kinds of
illegal content, including terrorist content, radicalization.
Q: if liability might exist for insufficient monitoring,
then why wouldn’t an intermediary be in trouble if it misses one thing? Why isn’t
that a general obligation to monitor, inconsistent w/the directive?
EU person: There are concerns that you can’t have a duty of
care w/o a general monitoring duty. 
Jonathan Band: Internet has space for ecommerce; but also
for competing values.  Emphasis should be
in favor of free expression. US goes further than ecommerce directive in
§230.  Bad ideas may come to the US here—right
to be forgotten, ancillary copyright.  Comments
RT: OTW: actually a nonprofit, with no business partners, hosting
user-generated content: That doesn’t mean small scale. 90 million pageviews per
week, approaching 2 million unique pieces of content, over 600,000 registered
users—writing skills, language skills, coding skills to mostly female users.  All volunteer, including our support and
abuse team, who are not lawyers.  A
standard that requires us to behave like YouTube, with automated scrutiny, or
with “staydown” to keep a piece of content down no matter who posts it, would
simply shut us down, despite all the benefits we provide.  Sampling is the same: would require us to
have a larger team of lawyers than we have support personnel to engage in legal
analysis—be clear on what that means. 
Then we’d get arguments about whether we should be sampling/auditing more
heavily in problem areas like audio—should it be random per work or within
categories—the internet is much bigger and more diverse than the sites that are
often focused on.  Civil society is more
than businesses and the inquiry should keep that in mind.
A: My personal idea is auditing, that is not an official
position of the EU, but important to consider.
Emma Llanso (sp?), CDT: Overblocking of lawful content is
inevitable when you try to impose these types of duties on intermediaries.  Intermediaries having to figure out what
content is illegal will be really dangerous. 
Takedown and staydown: also very clear that this can’t be accomplished
w/o monitoring obligations—inconsistent w/ ecommerce directive.
A: Note that we are open to different definitions of online
Q: note that monitoring duties harm smaller market entrants—works
against the EU.  US companies already
dominate the internet—how to replicate in the EU?  Excessive compliance costs in EU favor the
giants, who already have $.  Magical thinking
among non-programmers: humans write code; code can’t just scrutinize
everything. Imperfect algorithms & humans; at least you need a good faith
exception. No level of perfection will be obtained.  Circular: if you put in good faith, what
standard do you truly get? 
A: I like good faith effort (but I am not official EU
policy).  People have very bizarre ideas
of how software is built.  In European
legal system, we do have charter of fundamental rights, including freedom of
expression/access to information; equal status to right to security, privacy,
etc. Commission has not taken a position but should remember it’s part of our
system. We also can’t live in a world in which a court has to order every
Q: cybersecurity—risk-based approach could be modeled. 
Internet Ass’n: Startups. 
In US, bright line safe harbors have been instrumental in success of
many startups.  Driven investment capital
towards startups, which is also key.  If
goal is to foster climate in EU conducive to investment/startups, remember
success story of US.
A: You need to provide data on this, not just assertions,
when you answer the associated questionnaire for this inquiry.
Software & Info Industry Ass’n: Just b/c of lack of
legal liability, doesn’t follow that intermediaries/platforms should do
nothing. Socially responsible platforms do have programs in place to deal w/things
like revenge porn.  §230: a good
samaritan provision—giving them opportunity to take voluntary steps to deal
w/problematic content w/o incurring legal liability.  Sometimes these discussions elide
responsibility w/legal responsibility.
Wilson Center: conceptual slippage—implementation is on the
internet provider/self-regulating. But that’s different from enforcement. Would
this be decentralized enforcement or not? 
Code of conduct—corporate social responsibility model. Will also be
important who participates/draws that up. 
Hasn’t been much about what the EC can/can’t do. Complexity: ecommerce
& other directives have been around for 10 years or more. How much will the
role of ICT standards/Comm’n admin guidelines play? Will the EC do
administrative rulemaking? For small businesses & nonprofits, they’re
sometimes unaware of bulk of rulemaking taking place to flesh out the
A: There’s a clear push not to do hard legislation if at all
possible. The delay before Council/Parliament agreement, full regulation
(immediately applicable) or directive (must be transposed to member states)—average
is 7 years.  We know very well not to do
legislation unless clearly needed. Thus, rely on admin rulemaking and
US Chamber of Commerce: Not clear why ecommerce should be
treated differently than physical markets—especially when digital commerce is
the best way to enhance competition for easy startups. Should encourage more of
that instead of trying to pull down leaders, esp. w/o clear definition of the
problem we’re trying to solve?  Is
competition policy not doing the job?  What
are the barriers b/t states?  On the
cloud issues: mentions distrust of cloud computing—but we’re not clear where
that comes from.  Why are you worried
about it/who distrusts it?  You are asking
for data but we want to ask for the same thing from you.  Also: Data protection: must work w/digital
single market—not 28 different methods of enforcement.
Q: Many European startups simply pick up & move to the
US for access to customers, etc.  Data
flow regulation is a big part.
A: (In response to statement about EU targeting US companies
for competition investigation) Actually we target 80% EU companies; US
companies just tend to complain more in public whether they are targeted by EU
or US regulators—you didn’t hear EU banks whinging about being fined millions
of dollars in the US for behavior that was legal in the EU; you don’t hear the
German chemical sector whining about the constant investigations it’s under in
the EU.  EU is the most open market in
the world.  We are extremely transparent.

from Blogger

This entry was posted in Uncategorized and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s