Document Actions

Book Reviews

Book Review: The responsibility of online intermediaries for illegal user content in the EU and in the US

  1. Prof. Dr. Gerald Spindler





The responsibility of Internet intermediaries has become “evergreen” in the international discussion, starting with the boom of E-Commerce and the Internet in the 90s until nowadays reaching a peak in legal reforms such as the new proposal of the EU-commission regarding a Digital Services Act and decisions of courts such as the CJEU concerning copyright infringements of platforms like YouTube. The author, Folkert Wilman, is like no other suited to treat this wide area of aspects in a comparative way by taking both the perspectives of the EU and the US into account. Wilman is a true “insider” as he is a member of the Legal Service of the EU-commission and has been involved in law-making process in the EU as well as representing the EU-commission in many cases brought to the CJEU regarding liability of internet intermediaries.


The book is divided into four parts, the first dealing with the lex lata situation in the EU, while the second looks at the legal framework in the US. The third chapter is dedicated to an in-depth analysis of interests, fundamental rights and private speech regulation and finally, the fourth looks to policy recommendations and conclusions. The book aims to assess whether the “old” balance being struck by the E-Commerce-Directive between interests of providers, users, and victims is still appropriate and fit for the situation today. Folkert Wilman restricts his analysis, however, to host providers, thus excluding similar questions for access providers as well as hybrid phenomena like search engines etc. which is justified according to the breadth of the topics which Wilman delves into.



The first part of the book is dedicated to an in-depth analysis of Articles 14 and 15 of the E-Commerce-Directive, the famous safe harbour privileges, and the prohibition of general monitoring obligations. Wilman scrutinizes in particular the jurisdiction of the ECJ like the L’Oréal case [1] or the Google-France [2] decision concerning the distinction of “active” and “passive” host providers (2.40 – 2.57). The author also deepens the interpretation of Article 14 E-Commerce-directive regarding the level of substantiation for notices in order to assume knowledge of the host provider. Unfortunately, Wilman does not take into account relevant jurisdiction on the national level, like decisions of the German Federal Court (Bundesgerichtshof) such as in Stift-Parfüm. [3] Moreover, the author deals intensively with the issues of notice-and-take-down procedures as well as duties of care, with special regard to the Communication of the EU-commission on Illegal content (COM(2018) 1177 final). However, from the perspective of member states an important point is missing in the analysis: the possibility of injunctions which open the floor for many courts to introduce duties of care concerning stay-down-obligations for future infringements. Wilman discusses these points more broadly in the following chapter dedicated to a thorough inspection of Article 15 E-Commerce-directive in relationship with recent measures and actions, such as the reform of the Audio-visual Media Directive, the new DSM-directive in copyright (here in particular Article 17 DSM-D) or anti-terrorism directive. The author lies stress on an interpretation of Article 15 E-commerce-directive based on fundamental rights such as user’s rights (3.25 – 3.34). Very clearly, Wilman states rightfully that the new directives constitute a more or less inconsistent change in policies at the EU level directed “towards the establishment of an EU-level duty of care” (3.88), creating a lot of legal uncertainty, thus also affecting fundamental rights of involved parties (3.86).


The second part turns to the legal framework of liability of internet intermediaries in the US, starting with Section 230 of the Communications Decency Act and the provisions on liability privileges for providers (which cannot be qualified as publishers) and in particular the “Good Samaritan” safe harbour for providers. Wilman impressively describes the broad interpretation of Section 230 of the CDA by US courts by shielding providers from liability even if victims have notified providers about illegal activities and even if providers obviously have taken an active role in disseminating and promoting illegal content. The next subchapter takes up the discussions on one of the most famous safe harbour privileges, Section 512 of the Digital Millennium Copyright Act which relies mainly—unlike the CDA—on notice-and-take down procedures. Even though these provisions have been analyzed to a large extent by previous authors, Wilman succeeds in giving a precise, yet concise overview of the actual legal conditions under which a provider can plead for liability exemptions by elaborating and using a wide range of US court decisions. From an European perspective (in particular with a view on Article 17 DSM-D) the critical assessment of Section 512 DMCA is of outmost interest and is reminiscent of the same discussion in Europe, such as the rightholders’ perspective. Namely, the view that the notice-and-take down procedures are too burdensome for the enforcement of the copyrights and that a notice-and-stay down obligation is missing (5.51 – 5.52) or on the other hand of the user`s perspective that there is an outright abuse of takedown notices (5.56). Moreover, the fact that “DMCA plus” agreements between intermediaries and rightholders in order to foster automated filtering mechanisms can be observed (however, also affecting user`s rights) (5.59 – 5.65) could be a blueprint for the “high industry standards” required under Article 17 (4) b) DSM-D concerning automated filtering mechanisms.


The third part sheds light on the different involved interests, fundamental rights and private speech regulation. Within this framework Wilman also stresses the fact that often direct infringers can be identified and thus, introducing intermediary liability gives a strong incentive for victims to concentrate on intermediaries rather than on the direct infringers (6.25 – 6.26). The author carves out that a compromise has to be found between the extreme positions (strict liability of providers versus total exemption of liability of providers); however, Wilman stops at this point by stating that the compromise should be a matter of policy decision and legal context (6.49 – 6.55). The next subchapter is dedicated to the related fundamental rights, starting with the freedom of expression, particularly the chilling effects of liability provisions (7.10 – 7.24). Wilman of course takes other fundamental rights such as the freedom to conduct business, intellectual property rights, and data protection into account. In sum, the author stresses the different impact of freedom of expression in the US and the EU, as courts in the EU are striking a balance between freedom of expression and other fundamental rights which contrasts the US where freedom of expression has an overriding importance (7.68 – 7.81). Wilman also delves into a deeper analysis of the decisions of the European Court of Human Rights in the cases Delfi v. Estonia (64569/09) and MTE v. Hungary (22947/13). He concludes rightfully that extreme solutions, be it favouring too one-sidedly freedom of expression or be it intellectual property rights are not tenable under EU law. The final subchapter of this part turns to different phenomena of private speech regulation such as the “privatization” of enforcement by placing intermediaries in the role of a judge, content moderation, and knowledge and control. Wilman discusses here at length the use of automated means (filtering technology) and its limits (8.40 – 8.50) by pointing out that context dependence of content restricts the use of such automated means; meanwhile, the author concludes that despite these limits the growing capacities of enterprises to monitor user-generated content also leads to a need for filtering technology, or in other terms, leads to a potential knowledge of providers of user-generated content (8.50). Wilman also mentions the chilling effects to newcomers on the market generated by obligations to use automated means (8.59). The conclusion that the author draws from these developments is not an abolishment of the safe harbour privileges rather than a careful evolution.


Regarding this evolution of liability privileges Wilman turns in his last part to the assessment of arguments, recommendations and conclusions. The author formulates five requirements, starting with the need for a balanced approach between different interests, then the effectiveness in tackling with illegal content, the need for a clear regime, for safeguards and transparency, and finally a proportionate and workable system. Whereas Wilman deems the EU liability system based on knowledge to be balanced and effective, he also stresses injunctions (9.18 – 9.19); as mentioned already, Wilman unfortunately does not go beyond pointing out that injunctions are left to member states. As the German example proves, injunctions are widely used and impose obligations to providers to monitor illegal activities in the future (as part of notice-and-stay-down procedures). With good reasons Wilman criticizes Article 14 E-Commerce-directive as lacking safeguards and transparency (9.29) with regard, in particular, to missing notice-and-counter-notice procedures. He, however, argues strongly for retaining the knowledge-based liability scheme for providers (9.34 – 9.42) as well as the prohibition of general monitoring obligations (9.43 – 9.53). However, Wilman also identifies two shortcomings: first, the system`s effectiveness in tackling content which can entangle serious public harm and second (as already mentioned), the lack of binding rules on notices and takedown procedures including counter-notice procedures.


Taking up these challenges in the following chapter, Wilman elaborates certain recommendations for more precise notices and the requirements of substantiation (10.14 – 10.15), including the concept of trusted flaggers (10.16 – 10.25). Much of what the author describes reminds the reviewer of what is now enshrined in the proposal of the Digital Services Act of the EU commission, in particular the role of trusted flaggers and safeguards against misuse of notices. Wilman then discusses possible measures regarding injunctions, such as a “right to reply” (10.44); however, as already mentioned, Wilman unfortunately restricts his analysis to a purely EU level, not taking into consideration developments in the member states which provide many cases regarding specific measures and counter-notice procedures (just as recently stated by the German Federal Court concerning an injunction against Facebook, judgement of 29.07.2021 -III ZR 192/20). Wilman also strengthens the importance of public oversight empowering public authorities to issue injunctions against providers, in order to overcome gaps in enforcement. Moreover, he stresses a necessary modification regarding the introduction of a good-Samaritan principle and eliminating disincentives for providers to voluntarily tackling illegal content.


Finally, Wilman concludes that a “double-sided duty of care” is required (Chapter 11) to complement the knowledge-based liability system in the EU. The author, however, restricts these duties of care to very serious and manifestly illegal online content, such as child sexual abuse material, racist and xenophobic speech, and terrorist content. Once again, this chapter reflects the approach taken by the EU-commission in its proposal of a Digital Services Act, by only imposing certain obligations on very large online platforms which disseminate content (and not only store it). These obligations should, according to Wilman, consist in using a combination of automated means and human oversight as well as the prohibition of illegal content in the terms and conditions, and finally in cooperating with authorities through reporting schemes and retaining and disclosing relevant information. Also, the “other” side of duties of care can be found in the Digital Service Act, as Wilman proposes safeguards for user interests ensuring that providers do not block content automatically and that users have access to quick, effective and impartial means of redress. However, Wilman does not deal with Article 17 DSM-D and the balancing of automated filtering technology which quite certainly deviates—as the author stated himself—from the knowledge-based liability scheme. Moreover, whereas the notion of “manifestly illegal content” can be applauded it remains to be seen how criteria can be established in order to specify what is “manifestly illegal”.


Wilman summarizes in the last chapter his findings by pleading for complementary measures to be added to the E-Commerce-directive, as already mentioned.



Wilman has written a great and overwhelming book that can without doubt be qualified as a landmark in the discussion of liability of providers. The book contains a thoughtful analysis which is clearly structured and brings many debates to a precise point. Where one wants to criticize the analysis, there are only some minor points which do not alter the overall impression of an analysis that should be read by everyone who is doing research in this area. These criticisms refer mainly to the concentration on the EU-Level and the jurisdiction of the CJEU and the European Court of Human Rights; Wilman here, unfortunately, does not take into account the numerous cases at the member state level, in particular regarding injunctions and safeguards. Moreover, his analysis is mainly restricted to host providers; however, as we can observe in practice, access providers are being attacked on grounds of injunction, such as in the famous UPC Telekabel-case of the CJEU (which is of course mentioned by Wilman). Finally, regarding the main conclusions and recommendations of Wilman, it is arguable what the view of Wilman would be finally with regard to Article 17 DSM-D, which deviates from the knowledge-based liability by introducing duties of care. As copyright infringements cannot be qualified as causing public harm such as child sexual abuse or terrorist content Article 17 DSM-D does not fit into the scheme developed by Wilman.


In sum, Wilman has written a great book which should be used widely, and obviously reflects many views shared by the EU commission, enshrined in the proposal of the Digital Services Act.


by Gerald Spindler, University of Goettingen




[1] ECJ Case C-324/09 L’Oréal v eBay [2011] EU:C:2011:474.

[2] ECJ Joined Cases C-236/08 to C-238/08 Google France [2010] EU:C:2010:159.

[3] BGH MMR 2012, 178.



Any party may pass on this Work by electronic means and make it available for download under the terms and conditions of the Digital Peer Publishing License. The text of the license may be accessed and retrieved at

JIPITEC – Journal of Intellectual Property, Information Technology and E-Commerce Law
Article search
Extended article search
Subscribe to our newsletter
Follow Us