Document Actions

No section

Standards for Duty of Care? Debating Intermediary Liability from a Sectoral Perspective

  1. Carsten Ullrich


The EU’s current regulatory framework for the content liability of online intermediaries was created in 2000 with the E-Commerce Directive (ECD). Already in those days, during the run-up to the ECD, there was an intense debate regarding whether a light-touch approach or more stringent content liability regime for intermediaries would be the appropriate way forward. 20 years later the debate is essentially led from the same angle, but has predictably, increased in complexity as the internet makes massive strides in transforming the “offline” world. There are those who argue that a purely horizontal approach in regulating internet intermediaries, or online platforms, remains sufficient. Others think the time has come to reflect the disruptive entrances online platforms made in various sectors of society in more vertical changes affecting substantive law. The EU Commission sits on the fence it seems, however. In its communication on online platforms and the digital single market, the Commission announced last year that it would leave the current intermediary liability regime as it is for now “while implementing a sectoral, problem-driven approach to regulation”. This paper will map out and critically evaluate some current sectoral (read vertical) regulatory developments, which may affect intermediary liability. It will look at recent, more top-down approaches proposed by the EU (e.g. in copyright), as well as self-regulatory efforts. This will be compared to less publicized developments, which have notably taken place in the area of product and financial regulation affecting ecommerce, such as for example efforts to combat the sale of fake medicines, unsafe products online, or anti-money laundering compliance. In these areas, it is argued that regulatory authorities have more proactively engaged online platforms, both on a legislative and practical level. A special focus in this context will be on the role of reasonable duties of care which intermediaries may be required to apply in order to detect and prevent infringements. Could these more “grassroots” developments and the convergence of online and offline worlds provide blueprints to encourage the development of a new content liability framework based on sectoral duties of care?


1. Introduction*

The debate over internet regulation began since the internet started to make an increasing impact on culture and the economy. As a purely illustrative example, a contribution from 1995 by Euan Cameron & Caitriona Hegarty  [1] argued that existing substantive law was apt to deal with the transformations introduced by the internet and that the main challenge would be one of enforcement. For copyright - which is one of the more prominent examples discussed - the paper submits that rights owners who take advantage of the new infrastructures should be left with the task of looking after enforcement challenges posed by new means of exploitation. The traditional distinction between service provider and facility user may be blurred by the internet - a smart prevision of the debate over the “neutral” and “passive” character of an information service provider, culminating in L'Oréal v eBay  [2] 15 years later. Finally, regulation, according to the paper, should be kept to a minimum to allow the internet to flourish. Self-regulation would be the most suitable means to facilitate experimentation and new possibilities of global connectivity and expression.

One could argue that this view was borne out in the EU E-Commerce Directive in 2000,  [3] which established general and horizontally available conditions under which an information service provider (ISP) could be held liable for content posted on its network.

Substantive law on copyright was indeed adapted to electronic communications developments in 1996, one year after the appearance of the above article, when the 1996 WIPO Internet Treaties  [4] introduced the public communication and distribution rights. These were then introduced into EU law by the InfoSoc Directive  [5] in 2001.

However, even those early days were not free from considerations of a more hands-on regulatory approach towards the information transmitted and hosted by online intermediaries. The reasons for this were principally based on a logic, which looked to retrospective responsibility in the absence of other suitable actors.  [6] It was based on the central role online intermediaries played as gatekeepers and infrastructure providers for various forms of content. The internet posed an entirely new regulatory challenge because it made matters of jurisdiction, detection and enforcement more complex. With the prospect of individuals’ prosecution being of small effect and perpetrators difficult to get hold of, intermediaries were the only “tangible” actors relatively easy to locate. On the other hand, those voices arguing for a lighter approach towards internet and intermediary regulation were also using economic and moral arguments and technical challenges of policing the internet as justification for a light-touch approach.  [7]

Over 20 years later the debate is essentially led from the same angle, but has predictably, increased in complexity as the internet makes massive strides in transforming the offline world and does indeed challenge some substantive legal concepts (e.g. copyright). There is still the view which cautions against moving away from the current horizontal approach in regulating intermediaries or online platforms, pointing towards largely consistent judgements by the CJEU as proof for the adequacy of the current regime.  [8] However, voices calling for a more robust regulatory approach - including mandating of a more proactive role of intermediaries or online platforms - in combating infringing content have become more frequent.  [9] The assumptions, which underpinned the original liability regime, have changed. First, the industry itself has come of age and is economically more viable. Secondly, intermediaries now engage in activities beyond pure data hosting. They directly benefit from hosting by gaining revenue through advertising add-on services such as display optimization or using traffic data. This puts a new perspective on the technical and automatic character of their activities. Finally, filtering technology has advanced in a way that makes effective monitoring for infringing content more feasible.  [10] These considerations can also be traced through CJEU case law, which sought to adapt to the evolving business models and technical activities of hosting providers when looking at the liability exemption for information service providers.  [11] Additionally, service providers, as economically viable and powerful gatekeepers of access to the internet, are increasingly charged with a moral obligation to act responsibly and apply duties of care on the lines of corporate social responsibility.  [12] As the intermediary landscape diversifies, those ethical norms may call for different kinds of sectoral duties of care depending on the area of infringement.  [13] The problem with these increased responsibilities is that private actors will be required to judge on the legality of a huge variety of content. This problem may negatively affect freedom of expression and information.

However, it seems that the EU Commission sits on the fence. In response to the results of the “Public Consultation on the Regulatory Environment for Platforms” launched in 2015, the Commission announced last year that it decided to leave the current intermediary liability regime of the ECD as it is for now "while implementing a sectoral, problem-driven approach to regulation".  [14] It still would review, however, in parallel the need for guidance on voluntary, good faith measures and Notice-and-Takedown (NTD) frameworks for online platforms.  [15] The consultation had found that 50% of respondents saw the current ECD liability regime as not fit for purpose, citing dissatisfaction with national case law.  [16] Moreover, the majority of respondents demanded that further categories of intermediary services be defined, as well as a more differentiated policy approach towards the type of illegal or infringing content.  [17] In addition, most intermediaries maintain that the national application of the concept of the E-Commerce Directive of a "mere technical, automatic and passive nature"  [18] of transmission of information by intermediaries needs to be clarified. The legal uncertainty surrounding the concept is inhibiting investment.

This paper will map out some recent sectoral (i.e. vertical) developments with regards to content hosted by online platforms or ISPs. In the second section, following the introduction, it will review a series of legislative proposals by the EU Commission affecting ISPs and look also at policy developments in the area of trademarks, where no equivalent proposals have been made so far. First, changes to the law that were recently proposed by the European Commission in the area of copyright will be reviewed. Second, sectoral regulatory trends with regard to child protection, hate speech, and fake news will be assessed; in particular, the recent draft proposal of the Audiovisual Media Services Directive (AVMSD)  [19] concerning video sharing platforms (VSPs). In addition, efforts to combat this kind of content on other types of platforms will be assessed. For these proposals, the impact on the liability exemption provisions in Articles 14 and 15 of the ECD will be assessed. The review will also include a short excursion into recent national attempts to regulate hate speech and fake news, notably in Germany. The paper will then look at the sectoral challenges with regards to trademark infringements; namely, the sale of counterfeit products on e-commerce sites, where so far no regulatory reform proposals have been made. Section III will then present other more "grassroots" sectoral developments, which have notably taken place in the area of product regulation affecting e-commerce. It will first review national and EU efforts to combat the online sale of fake medicines; secondly, regulatory and enforcement trends in online food retail; thirdly, non-compliant electronic products; and lastly look at anti-money laundering due diligence measures employed in the financial sector. The aim of this broader than usual review is twofold. First, the paper will investigate the impact of these developments on the ECD Articles 14 and 15, specifically the increasingly difficult distinction between specific infringement prevention (Article 14) and the preclusion of a general obligation to monitor (Article 15). Secondly, it will review the impact of these developments on efforts to define reasonable duties of care which intermediaries may be required to apply in order to detect and prevent infringements.  [20] It is submitted that developments in online market surveillance in the area of product regulation, with its strong focus on standardization and industry co-regulation, could serve as a useful example for developing standardized duties of care. Accordingly, a focus will be on EU and national efforts to promote industry self- and co-regulation.  [21] This idea will be taken up with a view to understand how far standardization across sectoral areas can help to bring about more codified, sectoral duties of care as a core element of a new regulatory approach towards intermediaries.

It should be mentioned that the sectoral outline offered here has its limitations. Given the restrictions of space, depth of coverage has succumbed to breadth. The review concentrates on the recent regulatory proposals and their impact on intermediary liability in the strictest sense. Therefore, a more thorough analysis with regards to substantive law (e.g. the right of communication to the public in the latest copyright directive proposal) and its impact on online platforms, or a more detailed review of applicable case law, has not been undertaken. Consequently, this paper will also not analyse the current regulatory framework, for example, in the area of copyright or audiovisual media services in deeper detail. It will concentrate on recent EU policy proposals and other sector developments in the area of ISP liability and offer a forward looking proposition to incorporate experience from the area of product regulation to define standardized duty of care regimes for ISPs.

2. Sectoral Review

2.1. Copyright

The EU Commission announced that as part of its sectoral, problem driven review of intermediary liability, it would first focus on copyright.  [22] This is not surprising. Intellectual property rights and copyright specifically, were the legal subject areas most rapidly and substantially affected by the arrival of the internet and online intermediaries. The digitization of cultural goods, such as music, literature and films, in connection with the ubiquitous nature of the internet, meant that copyrighted material can be multiplied, accessed and distributed widely, instantaneously and without loss in quality. Hence the early cross references between the ECD and InfoSoc Directives  [23] in 2001, and the IP Enforcement Directive (IPRED)  [24] in 2004. Since their inception, the ECD’s Articles 12 - 15 have been used to a vast extent to determine ISP’s liabilities with regards to intellectual property infringements online. This is played out in relevant case law, which deals overwhelmingly with the communication to the public and use of copyright protected works, or the illegitimate sale, advertisement, or use of trademark protected goods and services. Consequently, academic attention is also focussed on the interplay between ISPs and the enforcement of IP rights. For purely illustrative reasons, a keyword search (using Google scholar) returned 1,890 results when searching for “e-commerce directive” in conjunction with “copyright” and 777 results for “trademark”. By contrast, one obtains substantially fewer results when coupling “e-commerce directive” with “medicines” (127) and “product safety” (88) or “food safety” (37).  [25]

True to its communication, following the consultation on online platforms and the Digital Single Market (DSM), the EU Commission published its proposals for a new Directive on copyright in the Digital Single Market (DSM)  [26] in 2016. These proposals have attracted immediate criticism  [27] : 1) despite the announcement to the contrary, the provisions in Article 13 of the copyright directive would alter the current intermediary liability regime and impose stricter liability provisions on online platforms; 2) the proposals would be in conflict with Article 15 of the ECD, which precludes the imposition of general monitoring obligations on ISPs. For the purposes of this article, the analysis will be limited to the proposed Articles 13 of the new copyright directive, which relate specifically to Articles 12 – 15 of the ECD and its relevant Recitals  [28] concerning intermediary liabilities.  [29]

Draft Article 13 is contentious because it appears to have given consideration to industry pressure to use copyright as means to modify the safe harbour provisions through the backdoor.  [30] Recital 38 states that “where information society providers store and provide access to the public to copyright protected works… and performing an act of communication to the public, they are obliged to conclude licensing agreements with rights holders”  [31] unless they are covered by the liability exemptions of Art. 14 ECD. The text becomes more contentious when looking at the qualifying comments with regards to the role of the ISP. Recital 38 has an almost identical rendition of the judgement in L’Oréal v eBay,  [32] when it says that the ISP’s may acquire an active role by “optimising the presentation of the uploaded works or subject-matter or promoting them”.  [33] By contrast, the Commission’s add-on in the same sentence, that the means by which that optimisation is achieved shall be not taken into account, contradicts what had been said by the CJEU in that same judgement. At the time, the CJEU actually referred the matter back to the national court for an examination of the concrete circumstances to decide whether eBay had played such an active role.  [34] Unfortunately, the application by the UK High Court to which the case was referred back never occurred as the two parties settled in 2014.  [35] However, it seems that the Commission’s wording would now pre-empt any such assessment. The risk is that this potentially disqualifies ISPs providing structured and optimised content presentation for their content uploaders from the availability of the liability exemption in Art. 14. While it is true that recent case law may have failed to sufficiently assess the role played by ISPs in the way they structure their content and in particular combine it with advertisements,  [36] the blanket qualification offered by Recital 38 seems oversimplified. Despite its original announcement, this would actually alter the current liability regime afforded in the ECD and significantly narrow the availability of the hosting provider defence.

Draft Article 13 also focuses on the mandating of filtering technologies for the enforcement of the licensing agreements prescribed between rights holders and ISPs. It remains to be seen whether this article de facto invalidates Article 15 ECD,  [37] or whether it is “just” a very broad but specific obligation to prevent infringements (Article 14(3) ECD). CJEU case law has in the past been clear in allowing at a maximum the prevention of already notified infringements and rejecting any further general filtering of content uploaded to a hosting provider’s site.  [38] This has created a true conundrum which exemplifies the problem with the ECD. It was drafted in the last millennium when ISPs and the internet industry were of a different breed and filtering technology was far from what it is today. The changed nature of today’s online platforms has been alluded to above. However, with filtering technology becoming more sophisticated, the actual “tipping point of omniscience”  [39] for those intermediaries who employ it, is but a matter of time if it has not already been reached. National courts, meanwhile, had to be more pragmatic than the CJEU and the current Commission proposal and adapt to this reality as can be seen in rulings in Germany where courts have engaged in a very detailed evaluation over the kind of duty of care and prevention measures a video platform can be asked to engage in.  [40] It is therefore disappointing that the proposed Article 13 does not take account of these efforts but instead aggravates this unclear situation by further blurring the line between mandatory filtering and the rejection of any general obligation to monitor. It clearly backfires on the legislator that it did not encourage more explicitly, at an early stage, the development of “good Samaritan” efforts to proactively identify and remove infringing content.  [41] As it stands, the distinction between specific and general monitoring is becoming obsolete in practice.

By contrast, the Commission now insists on bringing ISPs and rights holders together to ensure an effective enforcement of the licensing agreements (Draft Article 13). However, the information flow is remarkably one-directional in that ISPs are tasked with providing most of the data on their activities. On the other hand, the detail of the new complaints and redress mechanisms remain patchy. Draft Recital 38 is even more intrusive in that it asks ISPs to share information at an excessive level. For many ISPs their filtering technology is proprietary, and may even be part of more holistic and sensitive fraud detection and investigation activities. It should not be shared with any external third parties, unless explicitly requested by courts and law enforcement authorities. In addition, expecting ISPs to share information on “the type of technologies used, the way they are operated and their success rate for the recognition of right holders' content” with rights holders, who may be also in contact with competing platforms and other third parties, goes very far. This formulation seems to be informed by rights holder interests and reflects frustration over not getting sufficient information on, for example, repeat infringers or the speed and extent to which intermediaries investigate.

Moreover, the Commission’s insistence on what appear to be private cooperation agreements between ISPs and rights holders can also be seen critically. Making ISPs, who are privately and commercially motivated actors with decisive power over access to speech and information into copyright enforcement agents for the entertainment industry,  [42] would be a step backward in the quest for an “open, user-centric, interoperable platform ecosystem”, which the internet is supposed to become in Europe.  [43]

2.2. Protection of minors, hate speech and fake news

The challenges of vertical legislation in the complex ecosystem in which today’s platforms operate become apparent when looking at the latest proposal to amend the redraft of the Audiovisual Media Services Directive (AVMSD).  [44] The Commission published a proposal to amend Directive 2010/13/EU concerning Provision of Audiovisual Media Services (AMSD) in May 2016 as part of its outcome from the public consultation on online platforms.  [45] While the above proposal on copyright clearly targets all kinds of ISPs, the intermediary liability provisions of Article 28a in the recently proposed re-draft of the AVMSD looks at the protection of minors and at hate speech on video-sharing platforms (VSPs). However, concerns over hate speech and access to material unsuitable for/or abusive towards children are not just an issue concerning video-sharing platforms, but also sites hosting news, blogs, pictures and social media in general. With a consistent sectoral approach the Commission could have targeted this kind of content (be it speech, static, moving images, or sound) across all platforms. For example, the EU Commission recently agreed on a (non-binding) code of conduct with major social media platform operators to combat hate speech and terrorist content.  [46] The press release contains a reference to the NTD mechanism, which resulted from the ECD. In the code of conduct the participating platforms commit, amongst others, to processes for effective notification, review, and removal of hate speech and incitement to violent content (within 24 hours) as well as information sharing on the NTD procedures. The corresponding measures in the AVMSD re-draft (Article 28a) applying to VSPs, are by far more detailed and prescriptive. First, the protection afforded through Article 14 ECD for VSPs is not clear. The Commission refers to the Article 14 (ECD) liability exemptions  [47] but specifies that where the VSPs have control over the organisation of the content, protective measures should apply to the organisation of that content and not to the content as such. This is ambiguous. In order to organize the content in the way specified in Article 28a (by applying age verification, parental control) the nature of the content would necessarily have to be monitored in some way, unless the platforms rely fully on the user to flag and categorize restricted content. It can be argued however, that in order to offer efficient protection, VSPs would need to accompany user-driven categorization by some due diligence measures, e.g. audits, spot checks. That in itself would involve - if done properly and effectively - analysing, i.e. filtering and screening content. As mentioned above, the proposal appears to not fully take into account the realities of what platforms may be able to do already as part of their risk management activities. In addition, as in the copyright directive proposal this is very close, if not congruent, with a general obligation to monitor, which is precluded by Article 15 (ECD). Thus, would this mean that only those VSPs which do not organize the content at all would be exempt from any of the measures listed in Article 28a? The complementation of the ECD, announced in the draft proposal  [48] would actually amount to a de facto modification of Article 14 for VSPs. This is even more complicated when considering that, while prescribing maximum protection measures for content that is harmful for minors and for content inciting to violence, Member States may impose stricter measures to combat illegal content if they comply with Articles 14 and 15 ECD.  [49] It is also not clear how any protection measures beyond the maximum set by the proposed directive and in the context of available technology would not result in general monitoring precluded by Article 15 ECD. If anything, these measures introduce more ambiguity and potentially more inequality compared to picture and news/text based platforms and systems. The Commission uses the European Regulators Group for Audiovisual Media Services (ERGA) (Article 30a) to facilitate co-regulation through establishing codes of conduct (Article 4(7)). The development of codes of conduct and standards drawn up under a co-regulatory approach could be seen as a step towards developing technology-based diligence processes. However, in view of the strict measures proposed in Article 28a, ISPs may be hesitant to volunteer any information about their true technical capabilities. Moreover, a truly sectoral approach would have looked at code of conduct for hate speech and child protection across the entire spectrum of intermediaries. It is understood that the Commission may only have had the AVMSD and its extension of scope to VSPs at hand as a legislative tool to quickly propose regulation in this area. However as it stands, a company like Facebook may now face different obligations and liability risks depending on whether hate speech is posted by video, or as a written article.

The current debate surrounding “fake news” on social media platforms not only illustrates the politicised environment in which today’s platforms operate but also how their influence and impact on information and news is perceived in society. While the actual effect of fake news in shaping political views and voting behaviour has not yet been proven, it still highlights the importance of social media as an information source.  [50] In fact, fake news may be much more motivated by underlying economics, enabled by a shift in advertising business models on the internet, than targeted misinformation.  [51] The phenomenon attracted the attention of legislators in EU Member States and the Commission.  [52] The German Government even proposed a draft “network enforcement” law to oblige social media platforms to delete “hate crime“ content which is “obviously infringing” within 24 hours following notification.  [53] Non-obvious infringing content must be decided on within 7 days. The draft defines “hate crime” as libel, defamation, and incitement to hatred, but also includes “punishable fake news”.  [54] It will be interesting to see how platforms will make the call on “obviously infringing” fake news if the draft enters into force. The law would apply to all social networks (defined by the law) which fall under the definition of service providers as defined per ECD Article 2(b). The draft makes due reference to Article 14 ECD, as well as Recitals 46 and 48 ECD about the possibility of member states to ask providers to prevent repeat infringements and to mandate that the providers apply reasonable duties of care.  [55] Following suit, the draft also mentions that this must not constitute general monitoring duties precluded under Article 15. Indeed, the draft law does not appear to mandate any measures that could be seen as proactive general monitoring. It appears to fix at a national level the code of conduct agreed earlier in the year between platforms and the Commission and a similar agreement concluded at national level,  [56] and prescribes detailed NTD obligations. For the notices, it relies on Government and industry based complaint mechanisms already in place, as well as user complaints. The mandating of regular reporting and the creation of a “responsible person” is in line with similar compliance requirements across other sectors.  [57]

It remains to be seen whether the law will pass in this form and prior to the federal elections in Germany in September 2017. However, these developments can be framed into the wider context over media pluralism and the power online intermediaries have gained as gatekeepers to information. It reflects a tendency to discuss more openly the responsibility of social media platforms, search engines, and platforms in general over the content hosted on their sites. In fact, the danger of “cheap, fluff speech on the internet undermining the economic basis of quality journalism was noted some time ago.  [58] First, the cost-competition offered by cheaper journalism (e.g. blogging – be it true or spun news) increases economic pressure on expensive, quality and fact-checking types of journalism, while distribution and availability to a mass audience remain the same. Secondly, the internet diverts advertising revenue away from traditional news media to cheaper online content, which in effect represents a redistribution of funding from traditional journalists to online news creators.  [59] Search engines and news aggregators would inevitably contribute to this trend.  [60]

More generally, there is an inherent bias when search engines, social media, or news aggregators filter, rank and display information and news to users. The algorithms governing the display and ranking of news and search results are composed from both ideological interests to remain relevant for users and economic interests to remain relevant for advertisers.  [61] The traditional measure of market power may not apply any longer for powerful intermediaries operating in multi-sided markets with intricate and not yet fully understood interdependencies.  [62] One proposed new regulatory approach would consider intermediaries as “digital utilities”, reflecting their role as gatekeepers for access to speech and information.  [63] The control they exercise over the kind of information (news, search results) displayed to users would make them content providers with direct liability for defamation or copyright infringement.  [64] A new regulatory approach could also involve mandated algorithmic accountability, or the ability of regulators to evaluate algorithmic models with regards to their impact on serving the public interest.  [65] This discussion shows how closely interrelated content and infrastructure are in today’s online platform economy. The organization and distribution of search results and newsfeeds is crucial for the economic success of various platforms. However for this to happen, algorithms will inevitably have to be able to analyse and recognise the content as well. The wide-reaching exemption that exists currently for these “mere conduits” or “hosts” who hold such sweeping gate-keeping powers may not be justifiable any longer. The concrete duties which flow from these powers and the balance that needs to be respected between combating illegal content and user rights  [66] need to be recalibrated by the EU legislator. However, the current proposals to tackle hate speech and content harmful for minors are fragmented and do not cover all content formats consistently. Secondly, by advancing the scope of preventive monitoring, the AVMSD proposal ignores the fact that the dividing line to general monitoring is in the process of vanishing. Instead of insisting on the mantra pitting Article 14 against Article 15, it is submitted that a formulation of morally and technically founded duties of care would be more appropriate. Thirdly, the AVMSD proposal outsources the decision making over content removal to agreements between powerful private actors, thus potentially limiting media pluralism and tightening the grip of large platforms over information provision. The latter is also a danger inherent in the code of conduct the EU Commission agreed with major social media platforms earlier in 2016.

2.3. Trademarks – the online sale of physical goods

In the analysis report of the Commission’s Public Consultation on the Regulatory Environment for Platforms, the sale of counterfeit goods via the internet was judged at least as problematic by businesses as the availability of copyright infringing material on the internet.  [67] Rights holders in both the copyright and trademark intensive industries have been similarly strong in their claims of damage caused by infringements caused through online commerce.  [68] However, the Commission did not initiate any legislative action with regards to combating trademark infringements on the internet as part of its self-professed problem driven approach, announced in the communication following the consultation on online platforms. It merely announced that it may consider the role intermediaries can play in protecting IPRs, notably with regards to counterfeit, in its upcoming review of the IPRED.  [69] However, if there is reason to act with regards to copyright and impose significant changes to the intermediary liability provisions through connected legislation, then inactivity in the area of trademarks could introduce even more inconsistency and legal fragmentation. This is even more surprising as key CJEU rulings on the availability of the liability exemption and reasonable duties of care are coming from the area of trademark law.  [70]

Perhaps the disparity in legislative activity between tackling digital copyright infringements and trademark violations for goods sold physically through the internet is due to the fact that infringement detection and prevention in both areas require different approaches. First, contrary to digitally distributed products, the production and delivery of physical goods happens in the traditional brick and mortar world. One could argue that detection and control of illegal activities in the physical supply chain would be more straightforward to conduct. Indeed, the disruption of the supply chain, from suppressing manufacturing, to seizures during shipping and distribution are the most commonly sought ways to deal with the phenomenon.  [71] Notwithstanding this fact, it is however much more difficult to ascertain from an online offering - where just a product picture may be available - whether it is indeed infringing a trademark. In order to ascertain the infringing nature of a product, detailed brand and product knowledge are needed. This would need to be combined with fact-finding through product inspection, involving specialised staff, and often in close co-operation with the rights-owner. This poses an additional challenge for online marketplaces, which list thousands or even millions products from a plethora of sellers potentially based worldwide.  [72] The difficulties in coming to a more decisive assessment of which reasonable duties of care can be expected from ISPs in order to prevent infringement, including repeat offences, have been considered in EU and national case law.  [73] In L’Oréal v eBay the CJEU found that although eBay could not be asked to monitor its entire traffic, according to Article 15 ECD and the balancing exercise required by Article 3 of the IPRED, it should act as a diligent economic operator.. It needed to identify the infringing party and prevent further infringements of the same kind.  [74] However, that guidance is broad, and technically the dividing line between this requirement and general monitoring is, once more, blurred. German courts had in the past been more inclusive towards the intermediary with regards to the duty of care that should be expected of them. In Internetversteigerung  [75] intermediary eBay had a duty to prevent any “clearly noticeable” trademark infringements relating to the Rolex products in general on its site. “Clearly noticeable” in that context relates to offers that have similar characteristics to the already notified infringements (same brand name and image, including different model numbers).  [76] Note the similar wording in the German draft law against hate speech asking social media platforms to take down “obviously infringing” content within 24 hours.  [77] In Kinderhochstühle  [78] II the Federal Supreme Court (BGH) imposed extended duties of care on eBay with regards to offers which it had enhanced by advertisement links from search engines.  [79] Reviewing product images and specifications provided by the seller will often remain the only tangible way of assessing the likelihood of infringement for the intermediary when confronted with a notice of takedown.

Secondly, the duties of care that can be expected of intermediaries will also depend on the specific business model and would need to be decided on a case-by-case basis by courts. A detailed consideration of this issue was done in YouTube v Gema.  [80] This changes somewhat the approach of courts towards duties of care compared to the sales of digital goods. For the latter, the reliance and indeed proposed mandating of content recognition technologies,  [81] seems to be more technically established than technology to identify trademark infringing use in e-commerce on online marketplaces.

Thirdly, the complexity of trademark law has only increased with the availability of goods online. While the CJEU has repeatedly absolved online platforms from primary liability for trademark infringement, the scope of protection afforded to trademark owners has extended beyond the function of indicating the origin of a product.  [82] Counterfeit is arguably the most clearly infringing issue as in this instance a person affixes a sign identical to that of a registered trademark to goods for which the trademark has been registered.  [83] In these double identity cases, the intention of the infringer is usually to straightforwardly imitate a trademark and the goods related to it. However, the CJEU has expanded the protection afforded by trademark owners to uses which are much more difficult to decide by platforms if faced with rights holder notifications. In Bellure  [84] and in Interflora  [85] the CJEU ruled that the unfair advantage taken by the use of a sign similar to a registered mark with a reputation does not need to be restricted to cases where there is a likelihood of confusion or a detriment to the reputation of the earlier mark.  [86] Although the rulings related to comparative advertising and the use of Adwords in search engines, there are many sellers on today’s marketplace platforms who may fall into the scope of these rulings. For example, a seller might offer stationery, clothing or other accessory products relating to what courts may identify as reputable car brands, thus riding on the attractive power of the car brand to boost its sales. Again, a correct judgement call by the marketplace when approached by brands with notices of infringement is far from evident. Another issue concerns the sale of goods not destined for the EU market – also called grey goods.  [87] In today’s global marketplace sellers can list and sell products across the globe and ship to users worldwide. Customs can only scratch the surface in checking and detecting shipments with such products. Furthermore, generic replacement consumables for OEM products, such as printer cartridges, water filters or even bin liners may pose an issue depending on how they are advertised on the site. These are some of the borderline cases happening on e-commerce platforms. Not all of these cases do necessarily restrict the trademark right of a brand owner. By contrast, they may be subject to abuse by brand owners and their agents themselves by providing abusive notices. Large platforms have responded mainly by entering the kind of private agreements with rights holders which in the long run could stifle competition. For example, Amazon has started to “gate” certain brands on their site, restricting the sale of the brand either to the brand owner themselves or to a pre-authorised selection of distributors.  [88] Meanwhile eBay operates takedowns for participants in its VERO programme, which gives brand owners the opportunity to identify allegedly infringing offers and notify them to the company.  [89]

In 2011 the EU Commission initiated a Memorandum of Understanding between rights holders and marketplace platforms to foster cooperation and the development measures to prevent infringements and act against repeat infringers.  [90] However, the 2013 progress report of the Commission did not show any notable progress and indeed hinted at difficulties in making stakeholders agree on a common approach.  [91] The renewed MoU  [92] of 2016 has remained unchanged in wording with the sole difference that stakeholders have agreed to some high level key performance indicators (KPIs) measuring the efficiency of the MoU. It should be noted that it took stakeholders 5 years to agree on a few basic metrics: showing the number of offers in selected product categories which lead to alleged counterfeit products; the number of listings removed following proactive platform measures and rights-owner notifications; and the number of restrictions imposed on sellers. It is submitted that the current unsatisfactory situation will lead to further gating style private agreements between platforms and rights holders which may further restrict competition and drive out smaller sellers with competitive and innovative offers. It appears the sector is far away from the development of any reasonable duty of care principles and also from the Commission making any legislative proposals.

3. An alternative approach towards standardized duties of care?

As mentioned earlier the fight against illegal, unsafe or other non-conforming products in e-commerce has received relatively little attention within the academic literature. In the following section, the paper presents efforts with regards to combating the online sale of infringing medicines, food, consumer electronics, as well as anti-money laundering due diligence. The idea is to present approaches adopted by market surveillance authorities and the industry and explore whether they could serve as an example for developing intermediary duties of care.

3.1. Fake medicines

The problem of substandard, spurious, falsely labelled, falsified and counterfeit (SSFFC) medical products has been recognised worldwide as an important public health risk which is only exacerbated by the internet.  [93] While in industrialized countries these products have rarely contaminated official supply chains, the increased importance of recreational drugs and other non-prescriptive medication has been capitalised on by online sellers posing as pharmacies in the Western world.  [94] In 2011, the EU took concrete policy action in view of this problem and passed legislation to prevent SSFFCs entering the supply chain.  [95] Under a new Directive, businesses or persons selling medicinal products at a distance need to notify and register with national authorities. They will then be awarded with a certificate identifying them as an approved online pharmacy, which they will need to display on each offer detail page. The logo links through to a public a register, proving the official status of the seller.  [96] The Directive provides a reference to the ECD, amongst others, by stating that persons not meeting these conditions but selling medicinal products at a distance shall be subject to “effective, proportionate and dissuasive penalties.”  [97] Moreover the Directive fosters standardisation by making the approval measures for online pharmacies and the logo subject to the procedures laid down in the Technical Standards Directive.  [98] While nothing is said in that Directive about the processes for online platforms which merely host offers from sellers of medicinal products, the measures appear to give e-commerce platforms a practical tool for checking the compliance of the seller during on-boarding. It is suggested that these measures could be part of reasonable duties of care, which can be expected from ISPs possibly also in other areas. In addition, they could facilitate the prevention and detection of infringing offers, by for example, creating a gated product category exclusively for certified pharmacies. Meanwhile, national market surveillance authorities such as the UK's MHRA have devoted resources and created specific capabilities to filter the internet for illegal offers. They cooperate with platform operators and law enforcement to withdraw and prevent infringing products.  [99] It could be argued that this co-regulatory cooperation to develop dialogue between platforms and authorities and incorporate technical standards into the process, are more suitable compared to purely self-regulatory models.

3.2. Online food retail

Sales of food via the internet have seen a rise in popularity. With delivery services becoming faster and more suited to consumer demand, online sales of food stuffs have seen a marked increase over recent years. The food industry and the entire supply chain are also subject to strict regulation. In 2011 the EU adapted its regulatory framework to the online world.  [100] For one, it introduced a new regulation on food information requirements to consumers by which food labelling in online shops was aligned to the labelling requirements for sales in physical shops. This now extends to ingredients lists, allergen warnings and certain nutritional information.  [101] Secondly, Regulation 852/2004 requires online food retailers to register with national authorities.  [102] Depending on the nature of the business, they may even need to apply for authorisation to operate. The surveillance and enforcement of compliance with applicable food legislation is to be performed by national market surveillance authorities.  [103] Finally, a host of additional provisions apply to the sale of food products, such as for example those with pharmacologically active ingredients, products with non-approved health claims, non-approved novel foods,  [104] and organic products.  [105] For a large e-commerce marketplace that hosts relevant offers, the prospect of a safe harbour in this context may come as a relief. However, this would not help solve the problem. A pilot study conducted in Germany in 2014  [106] searched for food stuffs containing the known hazardous food ingredient synephine in connection with caffeine. Using a search engine based filter software it identified 219 relevant hazardous products sold across 449 web shops across Europe. The chances that these shops also sell via large online marketplaces are high. This may not look massive but considering the complex list of food additives which are regulated in the EU  [107] and the international nature of sellers on the big marketplaces, the problem is likely to be greater. Authorities have long started filtering marketplaces on their own initiative. A project in Germany uses data from tax authorities to identify whether online shops with food offers have registered with the authorities. A web crawler operated by tax authorities has been modified to search for non-registered food businesses, as well as “high-risk” or borderline food. According to this study, 40% of food online retailers had not registered with authorities in 2014.  [108] Authorities took concrete action by agreeing with Germany’s major e-commerce trust mark certifiers that sellers who failed to register with authorities be denied certification indicating them as providing a safe shopping experience.  [109] While online marketplaces (ISPs) themselves may not qualify as food retailers in their own right, they potentially host hundreds or thousands of food offers by third-party sellers. With the existing legislation in place, a diligent marketplace operator could for example be asked to have verification processes in place to check such registration. This could become even more important where marketplaces take on distribution services such as storage and shipping for individual sellers, and therefore affect the supply chain of the products themselves (such as done by Amazon or eBay shipping programme, or other food delivery platforms). Linking seller recruitment (or on-boarding) to a verification of local registration and/or an official trust mark could be one way forward to proving due care. Moreover, given the detailed labelling and information requirements imposed by legislation, both in food and pharmaceutical online retail, it will be increasingly difficult for a diligent marketplace operator to claim no actual knowledge over the products that are sold on their platforms. A reputable online seller would demand from its content host and platform operator that their offer be optimised in a way that allows consistent display of legally required information. A diligent marketplace operator would need to give the seller the opportunity to display this information. Arguably, this would entail awareness of the kind of information that needs to be displayed in a given product category and ensue making decisions on the layout and display of the information online. This information would necessarily give the ISP more knowledge and tools to effectively audit for infringing offers, even in a highly automated context.

3.3. Non-conforming electronic products

Consumer electronics are usually subject to CE marking as a sign that the product conforms with necessary technical and safety standards. Without such CE marking products may not be placed on the EU market. The primary liability for product conformity and safety lies with the entity that places the product on the EU market. Depending on the kind of product, consumer electronics may be subject to the Low Voltage Directive (LVD), the Radio Equipment Directive (RED), or the Electromagnetic Compatibility (EMC) Directives,  [110] which all require CE Marking.  [111] Apart from that, the products are subject to the provisions of the General Product Safety Directive (GPSD).  [112] The GPSD was enacted in 2001, only one year after the ECD and did not contain any cross reference to the latter. However the ECD in Recital 11 applies without prejudice to the public health and consumer interests laid down in the (predecessor of) the GPSD.  [113] When looking at the roles platforms play in enabling making product offers available to a wider public, it could be argued that they would fall within the scope of what the GPSD defines as a distributor.  [114] According to the GPSD, a distributor would need to “act with due care to help to ensure compliance with the applicable safety requirements, in particular by not supplying products which they know or should have presumed, on the basis of the information in their possession and as professionals, do not comply with those requirements”.  [115] This throws up a potential conflict with the liability provisions in ECD Articles 12-14. It is complicated by the fact that Recital 21 ECD excludes from the scope of the coordinated field “Member States' legal requirements relating to goods such as safety standards, labelling obligations, or liability for goods”. In today’s context this is confusing if one considers the role platforms play in providing technical means for optimising the display of information on products. In fact, marketplace platforms have been approached by market surveillance authorities with requests to assist in the identification and removal of non-compliant products in various regulated product groups.

As indicated above, there is a strong link between counterfeit products and safety risks. Typical counterfeit products which pose a risk to safety are for example chargers for portable devices such as mobile phones or tablet PCs, or mobile phones with non-compliant lithium batteries. However, genuine products may also be subject to safety and conformity problems, due to manufacturing errors. Furthermore, there are also products that are straightforwardly illegal for example due to their capacity to interfere with the operation of other devices (i.e. radio jammers). Consumer electronics are a very difficult market to control: for one, the regulatory requirements are often specific and technical; secondly, the product variety is immense which complicates regulatory risk assessment; thirdly, technical innovation and fashion trends foster frequent product replacement; and lastly there are a number of high value OEM brands which have facilitated a very lucrative accessories market. This lends itself to legitimate cheap and innovative competition, but also to counterfeit and non-compliant products. In the EU market surveillance authorities have stirred into action with regards to the sale of consumer electronics online. In the UK, Ofcom, the telecoms regulator, in connection with Trading Standards the local market surveillance authority, regularly monitors the sites of major online marketplaces for products in violation of the RED and EMC Directives and they work with these platforms on the removal of these products.  [116] In Germany, the Federal Network Agency (BNetzA), which enforces the EMC and RED Directives evaluated and withdrew over 988,000 products sold via the internet in 2016 alone.  [117] Where it cannot make a decision from simply viewing the offer on online marketplaces, such as eBay or Amazon, it conducts test purchases. Subsequently, it requests takedowns of the offer and may enforce directly against the seller by requesting information from the marketplace. The new focus on online sales has been reflected in the recently recast EMC and RED Directives. Both Directives included a new Recital, which explicitly mentions that they should apply to all forms of supply, including distance selling. Other recent EU product regulation appears to include e-commerce more systematically in its scope: in contrast to its earlier version, the recast Waste Electrical and Electronic Equipment  [118] (WEEE) now clarifies that distance sellers are subject to the same recycling and takeback obligations as offline businesses. It rectifies the first WEEE Directive, that had caused disparity in the law across member states and unequal treatment between online and offline retailers.  [119] Meanwhile the also recast Directive specifying energy consumption labelling and information for energy-related products now explicitly imposes information and labelling requirements on internet based sellers.  [120] While these measures concern a priori sellers, and not platforms, the effect on the latter is obvious. As has been shown, surveillance authorities use large marketplace operators due to their position as gatekeepers and enablers to enforce the law and follow up on non-compliant offers and sellers. For some of the mandatory information and labelling requirements, platforms would inevitably act as facilitators of compliance by providing the technical means allowing the seller to display statutory information online (as demonstrated above for labelling requirements with regards to food or energy consumption labelling). Cooperation in this area could provide a useful basis for developing technical quality standards and due diligence process for the on-boarding of sellers. In addition, it is possible to make it mandatory for sellers to display information required by law and install processes to screen out non-compliant offers at an early stage.

In 2007, an EU Commission sponsored study on the Liability of ISPs recommended using standardisation based on the “New Approach” co-regulatory model in the area of product safety to tackle the challenge of content liability on online platforms. According to this the EU could mandate standardisation committees to develop due diligence standards based on available filtering technology, dependent on the area of infringement. Rights holders and ISPs would conjointly develop these standards. ISPs using these standards could eventually rely on liability defences, while the others could face “comprehensive filtering injunctions”.  [121] Economic efficiency theory would see ISPs, which are nearest to the technical information and most apt to control access to it, as the “cheapest cost avoider” and therefore most suitable to administer prevention technologies based on agreed industry standards.  [122]

Based on this logic, Helman and Parchomovsky advocated for “best available technology standards” in the area of copyright infringement prevention. It would serve as a “technological safe harbour”  [123] if used by ISPs and it would entirely replace current safe harbour provisions.  [124] Alternatively, third party copyright clearing houses could be employed to maintain and develop filtering technology and offer their services to ISPs.  [125]

Apart from the economic reasoning, however, it also makes sense from a purely moral standpoint to involve ISPs more in the infringement prevention and developing standards for duty of care. As noted above, their growing role as information gatekeepers has led to calls for a definition of specific corporate responsibilities and an ethical framework for ISPs.  [126] Duty of care principles based on sector specific standards, it is submitted, could be one cornerstone of such moral responsibilities.

3.4. Horizontal anti-money laundering compliance

The above assertions can be backed up by yet another development in the area of due diligence, which touches on e-commerce companies. In the recent public consultation on the enforcement environment of IPRs, rights-holders criticised a poor implementation of Article 5 ECD citing a lack of know-your-customer (KYC) obligations applied to intermediaries.  [127] While Article 5 ECD refers only to the information Member States may require of ISPs, it appears rights holders lament the fact that intermediaries do not sufficiently verify the identity of their customers (merchants, users, uploaders). The comment appears to relate to a horizontal obligation that already applies to financial institutions in the EU and across the OECD as part of anti-money laundering (AML) legislation. In the EU, financial and credit institutions are obliged to apply due diligence measures to customers by verifying their identity through document checks, establishing beneficiary ownership and conducting ongoing transaction and client status monitoring using a risk-based approach.  [128] Electronic payment services, some of which are owned by or closely connected to leading online platforms,  [129] are covered by this legislation and hence would perform these due diligence measures already when on-boarding merchants. There is so far little official appreciation or experience in linking due diligence measures used in AML with risk management in for example counterfeit detection. However, large e-commerce platforms may manage the entire payment transaction process for sellers or content providers or charge them service or transaction fees using payment card service providers such as MasterCard or VISA.  [130] Linking KYC due diligence from the AML area with duty of care in the area of e-commerce for physical goods, where infringement prevention is particularly tricky, could prove a useful tool to bolster duty of care standards.

4. Conclusion

There is a correct recognition on the part of the EU that ISPs will need to be asked to bear more responsibilities for the content they host, especially when they derive economic gains from it. Both from an economic and moral perspective this claim seems justified. The EU legislator is trying to tackle the challenges posed by the platform economy and infringing content through a problem-driven, sectoral approach, while leaving the current intermediary liability regime of the ECD intact.

The legislative proposal in the area of copyright however, is ill fitted to achieve this. Article 13 of the copyright directive proposal risks undermining the current liability regime by potentially disqualifying a large number of ISPs from the hosting defence available under Article 14 ECD. Meanwhile, the quasi mandating of filtering technology just pays lip service to the general monitoring preclusion of Article 15 ECD. With filtering technology becoming indeed increasingly potent, it is moreover questionable whether it is worth insisting on the difference between specific preventive filtering and general monitoring. Then forcing information sharing duties on intermediaries, which risk exposing company confidential data, would do more to alienate stakeholders rather than bringing them together. Nowhere in this draft can we find the formerly promoted self- or co-regulatory approach to form codes of conduct or standards. An alternative and forward looking proposal, it is submitted, would replace the current liability regime with a technology based duty of care standard which could serve as a safe harbour.  [131]

In the area of child protection, hate speech and fake news, the EU risks fragmenting its approach by focussing on VSPs with a similarly restrictive legislative proposal, while promoting purely self-regulatory efforts for non-audiovisual content. The newly proposed Article 28a engages in a similar squaring of the circle attempt with regards to infringement prevention as does the proposed copyright directive. The risk is that the majority of VSPs lose their hosting liability exemption. Technology, it is suggested, is about to erase the dividing between specific and general prevention. The use of ERGA may help to promote new codes of conduct and standards, but the efforts need to cover the entire ISP sector in the area of hate speech and child protection in a consistent form. It will be even more effective if ISPs are encouraged to share their knowledge through the propagation of “Good Samaritan” principles.

Meanwhile political developments appear to drive national policy action in the area of fake news and hate speech. This area demonstrates the change in perception of the role online platforms play as gatekeepers and power brokers when it comes to access to information and speech. Political voices have been blunter when pinning down the responsibilities and threatening enforcement action against platforms failing to react quickly to remove and prevent infringing content regarding hate speech and so-called fake news. Although the true impact of fake news is not proven, it is encouraging that codes of conduct are being defined and that third party, independent co-regulatory mechanisms are used to screen online content. However, asking platforms to react independently to “obviously” infringing content in addition, and without detailed recourse mechanisms in place, risks giving way to private censorship. The same risk applies to all of the sectoral areas mentioned above, as it is not clear how codes of conduct (if at all encouraged) are being reviewed and tested for their impartiality. This is even a greater risk for the area of trademark infringements, where, despite the EU’s self-professed problem-driven approach, no concrete policy action has been proposed. The current self-regulatory effort promoted through the Memorandum of Understanding on the sale of counterfeit goods via the internet has so far brought little progress. In an area where infringement detection is particularly difficult to master, a firmer grip by the EU Commission to promote and develop technical standards and risk management approaches would be welcome. Experience could be gained from the area of anti-money laundering compliance where mandated customer due diligence obligations exist.

The area of product regulation serves as a good example for the kind of independent, third party monitoring and standard setting that could help building knowledge and develop duty of care technical standards for combatting infringements. For example, the development of certification for online pharmacies gives market platforms a concrete tool they can apply when on-boarding new sellers and preventing the sale of fake medicines. Similarly, standards for labelling, online product display, and company registration in various areas (food, electronic products) can constitute means for platform operators to apply due diligence in seller on-boarding and product verification. These could develop into concrete Government and industry mandated due diligence standards. However, overly relying on self-regulatory industry agreement between rights-owners and powerful platforms risks restricting rather than promoting diversity and expression on online platforms.

It is submitted that a new approach, recognising the moral and economic arguments for increased responsibilities of ISPs is needed, resulting in an ethical framework or corporate social responsibilities for information gatekeepers.  [132] The cat and mouse game of ex-post versus ex ante and specific versus broad monitoring provisions could be replaced by technology based duty of care safe harbours which relate to specific areas of infringement. As online platforms transform more and more areas of previously offline economy sectors, it may be time to take some lessons from the offline world regarding regulation and apply them to ISPs. It could be a way to achieve the EU’s vision of a “responsible behaviour of platforms to protect core values”.  [133] Coming back to 1995, the thread of standardisation certainly needs to be taken up, but it could be that internet intermediary regulation itself may fade into sector specific rules, with just an overarching, horizontal commitment towards using the best code available as a standard to contain risk.

* By Carsten Ullrich, LLM (Edinburgh), PhD candidate in Law under the supervision of Prof. Mark Cole at the Doctoral Training Unit on Enforcement in Multi-Level Regulatory Systems (DTU REMS), Faculty of Law, Economics and Finance (FDEF), University of Luxembourg.

This paper was prepared for the 2017 Annual Conference of the British and Irish Law, Education and Technology Association (BILETA) held in April 2017 at the University of Minho, Braga, Portugal, where it won the award of the BILETA Executive Committee .

[1] Caitriona Hegarty and Euan Cameron, ‘Case for Minimal Regulation of Electronic Network Communications’ accessed 3 January 2017.

[2] L’Oréal (UK) Ltd v eBay International AG, eBay Europe SARL, eBay (UK) Ltd and others, C-324/09 [2011] ECLI:EU:C:2011:474 (CJEU).

[3] Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market, OJ L 187 2000.

[4] WIPO Copyright Treaty (WCT) and WIPO Performances and Phonograms Treaty (WPPT) (1996), in particular Art. 8 WCT.

[5] Directive 2001/29/EC, OJ L 167, 22/06/2001 (InfoSoc Directive), Art 3; This gives authors or right holders the exclusive right to communication of their works to the public including making it available “in such a way that members of the public may access them from a place and at a time individually chosen by them.”

[6] Anton Vedder, ‘Accountability of Internet Access and Service Providers – Strict Liability Entering Ethics?’ (2001) 3 Ethics and Information Technology 67, 69–70.

[7] Graham Pearce and Nicholas Platten, ‘Promoting the Information Society: The EU Directive on Electronic Commerce’ (2000) 6 European Law Journal 363, pp. 370-376, Lilian Edwards, ‘The Fall and Rise Of Intermediary Liability Online’, Law and the Internet (3rd ed, Hart Pub 2009) 84–87.

[8] See for example Eleonora Rosati, Why a Reform of Hosting Providers’ Safe Harbour Is Unnecessary under EU Copyright Law (Zenodo 2016)., and Giancarlo Frosio F, ‘Reforming Intermediary Liability in the Platform Economy: A European Digital Single Market Strategy’ [2017] Northwestern University Law Review Online.

[9] See the more holistic argumentations of Frank Pasquale, ‘Platform Neutrality: Enhancing Freedom of Expression in Spheres of Private Power’ (2016) 17 Theoretical Inquiries in Law 487., Robin Mansell, ‘The Public’s Interest in Intermediaries’ (2015) 17 info 8., and specifically related to infringing content Peggy Valcke, Aleksandra Kuczerawy and Pieter-Jan Ombelet, ‘Did the Romans Get It Right? What Delfi, Google, EBay, and UPC TeleKabel Wien Have in Common’ accessed 2 March 2017. Or Mariarosaria Taddeo and Luciano Floridi, ‘The Debate on the Moral Responsibilities of Online Service Providers’ (2016) 22 Science and Engineering Ethics 1575.

[10] D Friedmann, ‘Sinking the Safe Harbour with the Legal Certainty of Strict Liability in Sight’ (2014) 9 Journal of Intellectual Property Law & Practice 148, pp. 152–153.

[11] See the consideration of the CJEU in Google France, Google Inc v Louis Vuitton Malletier, C-236/08 CJEU [2010] ECLI:EU:C:2010:159 (CJEU). L’Oréal v eBay (n 2)., through to the recent ruling in GS Media BV v Sanoma Media Netherlands BV, Playboy Enterprises International Inc, Britt Geertruida Dekker, C‑160/15, [2016] ECLI:EU:C:2016:644 (CJEU)., Delfi AS v Estonia, no 65469/09 (ECtHR (Grand Chamber)).

[12] Taddeo and Floridi (n 9).

[13] Valcke, Kuczerawy and Ombelet (n 9). who analyze the duty of care considerations in the recent CJEU and ECtHRs judgements in this area.

[14] EU Commission, ‘Online Platforms and the Digital Single Market Opportunities and Challenges for Europe COM(2016) 288 Final’ p. 9.

[15] Ibid.

[16] EU Commission, ‘Synopsis Report on the Public Consultation on the Regulatory Environment For Platforms, Online Intermediaries and the Collaborative Economy’ accessed 29 March 2017. p. 15.

[17] Ibid. p.16.

[18] Ibid. pp. 15-16, and as stated in Recital 42 of ECD, 2000/31.

[19] Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL amending Directive 2010/13/EU on the coordination of certain provisions laid down by law, regulation or administrative action in Member States concerning the provision of audiovisual media services in view of changing market realities, COM(2016) 287 final 2016.

[20] Ibid. Recital 48.

[21] Hegarty and Cameron (n 1). p. 7.

[22] EU Commission, ‘COM(2016) 288 Final’ (n 14).

[23] Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society, OJ L 167 2001. Recital 16.

[24] Directive 2004/48/EC of the European Parliament and of the Council of 29 April 2004 on the enforcement of intellectual property rights, OJ L 157 2004. Art. 2.

[25] Search conducted on 03/03/2017.

[26] Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on copyright in the Digital Single Market, COM(2016) 593 final 2016.

[27] See the responses by Frosio (n 8)., European Copyright Society, ‘General Opinion on the EU Copyright Reform Package’ (24 January 2017) https://europeancopyrightsocietydotorg.files accessed 3 March 2017., Sophie Stalla-Bourdillon and others, ‘An Aca-demic Perspective on the Copyright Reform’ (2017) 33 Computer Law & Security Review 3.

[28] The relevant ECD Recitals are: 42, 45 – 49. Recital 42 ties the availability of the liability exemptions to the “mere technical, automatic and passive nature” of the ISPs activity. Recitals 45 – 49 concern the preventive infringement measures member states can impose on ISPs, while precluding the obligations of general monitoring. They also mention the possibility to require service providers to duties of care for detecting and preventing infringements and to develop voluntary codes of conduct.

[29] As mentioned above a review of changes in substantial copyright despite of the effect on the scope of copyright protection and extended potential liabilities shall not be undertaken here. The focus of this article is on infringement prevention and duties of care.

[30] Augustin Reyna, ‘A Tale of Two Industries: The “Value Gap” Dilemma in Music Distribution’ accessed 3 June 2017.

[31] See Copyright Directive Proposal (n 26)., Recital 38.

[32] L’Oréal v eBay (n 2). Para [116].

[33] Ibid.

[34] L’Oréal v eBay (n 2). Para [117].

[35] Alex Lawson, ‘L’Oreal, eBay Strike Pact To End Counterfeit Goods Scuffle’ Law360 (15 January 2014) accessed 7 March 2017.

[36] Matthias Leistner, ‘Copyright Law on the Internet in Need of Reform: Hyperlinks, Online Platforms and Aggregators’ [2017] Journal of Intellectual Property Law & Practice jpw190, 7. With a specific reference to recent German case.

[37] Which precludes member states from obliging ISPs to monitor information stored and transmitted on a general basis.

[38] Belgische Vereniging van Auteurs, Componisten en Uitgevers CVBA (SABAM) v Netlog NV, C-360/10, ECLI:EU:C:2012:85 (CJEU 2012).at [101].

[39] Friedmann (n 10). p. 150.

[40] Haftung der Internetvideoplattform Youtube für rechtswidrige Uploads, 5 U 87/12 (Hanseatisches Oberlandesgericht Hamburg 5 Zivilsenat). Paras, [363, 364, 370, 477, 481] and a detailed consideration of the Content ID software paras [482-485].

[41] Leistner (n 36) p. 6.

[42] Enrico Bonadio, ‘File Sharing, Copyright and Freedom of Speech’ (2011) 33 E. I. P. R 619, 628.

[43] EU Commission, ‘COM(2016) 288 Final’ (n 14) p. 4.

[44] ‘Proposal for a directive of the European parliament and of the Council Amending Directive 2010/13/EU on the Coordination of Certain Provisions Laid down by Law, Regulation or Administrative Action in Member States Concerning the Provision of Audiovisual Media Services in View of Changing Market Realities, COM(2016) 287 Final’ (2016).

[45] Proposed AVMSD amendment (n 19).

[46] ‘European Commission and IT Companies Announce Code of Conduct on Illegal Online Hate Speech’ accessed 9 March 2017. and ‘Code of Conduct on Countering Illegal Hate Speech Online’ (2016) accessed 9 March 2017.

[47] Proposed AVMSD amendment (n 19).

[48] Ibid 5.p.3.

[49] Proposed AVMSD amendment (n 19). Recital 30, and Article 28a (5). The measures mentioned in Art 28a are maximum measures only with regards to content harmful for minors and content inciting to violence and hatred. Stricter measures may apply for illegal content, but they must comply with Articles 14 and 15 ECD.

[50] Hunt Allcott and Matthew Gentzkow, ‘Social Media and Fake News in the 2016 Election’ (Na-tional Bureau of Economic Research 2017) accessed 10 March 2017. They argue that fake news are mainly part of a long history of conspiracy theory based information and that the actual impact on voting outcomes in the 2016 US Federal Elec-tions is irrelevant. and: Emma Goodman, ‘How Has Media Policy Responded to Fake News?’ accessed 30 March 2017.

[51] Damian Tambini, ‘How Advertising Fuels Fake News’ ac-cessed 30 March 2017. Demonstrates how the change in advertising models on the internet which enables publishers worldwide, with no or little adherence to professional ethical princi-ples or journalistic standards, to use platforms to publish news and to benefit financially from its spread. In addition, platforms profit financially too from attracting traffic to their sites.

[52] The UK Parliament opened an inquiry into “Fake News” in early 2017: UK Parliament, Culture, Media and Sport Committee, ‘“Fake News” Inquiry Launched’ (30 January 2017) accessed 30 March 2017., and the EU Commission also reacted to the phenomenon with heightened atten-tion: EU Observer, ‘EU Raises Alarm on Fake News and Hacking’ (11 January 2017) accessed 30 March 2017.

[53] Bundesministeriums der Justiz und für Verbraucherschutz, ‘Entwurf Eines Gesetzes Zur Ver-besserung Der Rechtsdurchsetzung in Sozialen Netzwerken’ accessed 15 March 2017. p. 7.

[54] Ibid. p.10.

[55] Ibid. p.12.

[56] Ibid., Apart from the EU initiative, the German Government had agreed one year earlier non-binding measures to tackle hate speech with Facebook, Google and Twitter, amongst others: Bundesministeriums der Justiz und für Verbraucherschutz, ‘Together against Hate Speech - Ways to Tackle Online Hateful Content Proposed by the Task Force against Illegal Online Hate Speech’ accessed 30 March 2017.

[57] The concept of “responsible” or “competent” persons and statutory reporting can be traced through data protection, financial compliance, or occupational health and safety regulation.

[58] Neil Weinstock Netanel, ‘New Media in Old Bottles? Barron’s Contextual First Amendment and Copyright in the Digital Age’ (2008) 76 Geo. Wash. L. Rev 952, pp.965, 977-980.

[59] C Edwin Baker, Media Concentration and Democracy: Why Ownership Matters (Cambridge University Press 2007). In: Netanel (n 58).pp.977-980.

[60] Annabelle Gawer and others, Online Platforms: Contrasting Perceptions of European Stake-holders a Qualitative Analysis of the European Commission’s Public Consultation on the Regu-latory Environment for Platforms: Final Report. (Publications Office 2014) accessed 13 March 2017.

[61] Paško Bilić, ‘Search Algorithms, Hidden Labour and Information Control’ (2016) 3 Big Data & Society 205395171665215.

[62] Damian Tambini and Sharif Labo, ‘Digital Intermediaries in the UK: Implications for News Plurality’ (2016) 18 info 33. pp.34-35.

[63] Pasquale, ‘Platform Neutrality’ pp. 493-494.

[64] Ibid.

[65] Julie E Cohen, ‘The Regulatory State in the Information Age’ (2016) 17 Theoretical Inquiries in Law 369. pp.385, 403-404.

[66] Taddeo and Floridi (n 9) 1585–1586.

[67] Gawer and others (n 6o). pp.14-16.

[68] Ibid.

[69] EU Commission, ‘COM(2016) 288 Final’ (n 14) p. 8.

[70] Google France v Louis Vuitton (n 11)., and L’Oréal v eBay (n 2).

[71] See Roudaut, Mickaël R., ‘From Sweathsops to Organized Crime’, Criminal enforcement of intellectual property: a handbook of contemporary research (Edward Elgar 2012). for a more detailed description of the supply chain and the breadth of counterfeiting.

[72] For example as of 2014 over 2 active million 3rd part sellers were registered on the Amazon platform (‘Amazon’s Third-Party Sellers Ship Record-Breaking 2 Billion Items In 2014, But Merchant Numbers Stay Flat’,, 5 January 2015, ) shipping over 2 bn units during that year. In December 2017, Amazon listed 330 million physical product offers on its worldwide marketplaces. With 8% unit growth during that month an estimated 880K new products would have been uploaded on average every day worldwide, with the large majority coming from 3rd part sellers (‘How Many Products Are Sold on Amazon.Com – January 2017 Report’ [2017] ). The content recognition technologies for checking physical goods sold online are less sophisticated than those available to digital products.

[73] Google France v Louis Vuitton (n 11). L’Oréal v eBay (n 2). Maceo v eBay International AG, (Tribunal de grande instance de Paris, 3ème chambre, 1ère section).

[74] L’Oréal v eBay (n 2).at [120]-[122], [139]-[142], [144].

[75] Internetversteigerung III (Rolex v, Az I ZR 73/05 [2008] MIR06/2008 (BGH).

[76] Ibid. at [51] – [55].

[77] Bundesministerium der Justiz und für Verbraucherschutz (n 53).

[78] Copyright Directive Proposal (n 26). Article 13, Recital 39.

[79] Kinderhochstühle im Internet II, I ZR 216/11 [2013] MIR 2013 Dok 077 (BGH).

[80] Haftung der Internetvideoplattform Youtube für rechtswidrige Uploads, 5 U 87/12 (n 40). Hanseatisches Oberlandesgericht Hamburg 5. Zivilsenat, At [370].

[81] Copyright Directive Proposal (n 26).

[82] Ilanah Simon Fhima, ‘Trademark Law and Advertising Keywords’, Research Handbook on EU Internet Law (Edward Elgar 2014). pp.146-151.

[83] See the definition in the Agreement On Trade-Related Aspects Of Intellectual Property Rights (TRIPS) 1994. (TRIPS Agreement), Article 51, Footnote 14.

[84] L’Oréal SA, Lancôme parfums et beauté & Cie SNC, Laboratoire Garnier & Cie v Bellure NV, Malaika Investments Ltd, trading as ‘Honey pot cosmetic & Perfumery Sales’, Starion International Ltd, C‑487/07 [2009] ECLI:EU:C:2009:378 (CJEU).

[85] Interflora Inc, Interflora British Unit v Marks & Spencer plc, Flowers Direct Online Ltd, C‑323/09 [2011] ECLI:EU:C:2011:604 (CJEU).

[86] Bellure (n 84). At [50], [58] and Interflora (n 85). At [60] – [95].

[87] Robert W Payne, ‘Unauthorized Online Dealers of “Genuine” Products in the Amazon Marketplace and beyond: Remedies for Brand Owners’ [2014] J Internet Law 3.

[88] Ari Levy, ‘Amazon’s Plan to Fight Counterfeiters Will Cost Legit Sellers a Ton’ CNBC (29 August 2016) accessed 16 March 2017.

[89] Lilian Edwards, ‘The Role of Internet Intermediaries in Advancing Public Policy Objectives Forg-ing Partnerships for Advancing Policy Objectives for the Internet Economy, Part II’ accessed 30 March 2017. p. 70.

[90] ‘Memorandum of Understanding on the Sale of Counterfeit Goods over the Internet, 2011’.

[91] EU Commission, ‘REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL on the Functioning of the Memorandum of Understanding on the Sale of Coun-terfeit Goods via the Internet /COM/2013/0209 Final’ COM/2013/0209 final accessed 17 March 2017. See Articles 3.1 and 3.8 in particular.

[92] ‘Memorandum of Understanding on the Online Sale of Counterfeit Goods, 2016’ accessed 17 March 2017.

[93] World Health Organisation, ‘Medicines: Spurious/Falsely-Labelled/ Falsified/Counterfeit (SFFC) Medicines, Fact Sheet N°275’, January 2016, .

[94] Hans-Georg Koch, ‘Strategies against Counterfeiting of Drugs: A Comparative Criminal Law Study’, Criminal enforcement of intellectual property: a handbook of contemporary research (Edward Elgar 2012).

[95] Directive 2011/62/EU of the European Parliament and of the Council of 8 June 2011 amending Directive 2001/83/EC on the Community code relating to medicinal products for human use, as regards the prevention of the entry into the legal supply chain of falsified medicinal products 2011. Recitals 2, 21.

[96] Ibid. Article 85c.

[97] Ibid. Article 85c (6).

[98] Directive (EU) 2015/1535 of the European Parliament and of the Council of 9 September 2015 laying down a procedure for the provision of information in the field of technical regulations and of rules on Information Society services 2015. see Art 85 c (1) Directive 2001/83/EC (n 95).

[99] Medicines and Healthcare products Regulatory Agency, UK, ‘Falsified Medical Products Strate-gy 2012-2015’ accessed 17 March 2017. pp. 26-29.

[100] Lomme Van de Veer, ‘Food Online: Radical Changes to the Digital Ship Window’ [2014] Eur. Food & Feed L. Rev. 78. pp. 87-90.

[101] Regulation (EU) No 1169/2011 of the European Parliament and of the Council of 25 October 2011 on the provision of food information to consumers 2011. Article 14 (1).

[102] Peter Kranz, Hannes Harms and Claudia Kuhr, ‘Kontrolle der im Internet gehandelten Erzeugnisse des LFGB und Tabakerzeugnisse (G@ZIELT)’ (2015) 10 Journal für Verbraucherschutz und Lebensmittelsicherheit 13. P.14, Regulation (EC) No 852/2004 of the European Parliament and of the Council of 29 April 2004 on the hygiene of foodstuffs 2004.

[103] Clemens Comans, ‘Onlinehandel Mit Lebensmitteln – Mit Den Projekten „ELKE“ Und „G@zielt“ Auf Dem Weg Zu Einer Funktionierenden Überwachung Des Onlinehandels’ (2015) 10 Journal für Verbraucherschutz und Lebensmittelsicherheit 109. p. 109.

[104] For a more detailed description, see: Alexandra Krewinkel and others, ‘Concept for Automated Computer-Aided Identification and Evaluation of Potentially Non-Compliant Food Products Traded via Electronic Commerce’ (2016) 61 Food Control 204.

[105] Council Regulation (EC) No 834/2007 of 28 June 2007 on organic production and labelling of organic products and repealing Regulation (EEC) No 2092/91. Article 28.

[106] See for a detailed description in Krewinkel and others (n 104). pp.207-209.

[107] ‘EU Food Additives Database’ accessed 27 March 2017. and Regulation (EC) No 1333/2008 of the European Parliament and of the Council of 16 De-cember 2008 on food additives. Annexes IV and V.

[108] Peter Kranz and others, ‘G@ZIELT – Erfahrungen aus zwei Jahren Kontrolle des Onlinehandels von Lebensmitteln, Futtermitteln, Bedarfsgegenständen, kosmetischen Mitteln und Tabak’ (2015) 10 Journal für Verbraucherschutz und Lebensmittelsicherheit 231. p. 232.

[109] Kranz, Harms and Kuhr (n 102).

[110] Directive 2014/35/EU of the European Parliament and of the Council of 26 February 2014 on the harmonisation of the laws of the Member States relating to the making available on the market of electrical equipment designed for use within certain voltage limits (recast) 2014., Directive 2014/53/EC of the European Parliament and of the Council of 16 April 2014 on the harmonisation of the laws of the Member States relating to the making available on the market of radio equipment and repealing Directive 1999/5/EC 2014., Directive 2014/30/EU of the European Parliament and of the Council of 26 February 2014 on the harmonisation of the laws of the Member States relating to electromagnetic compatibility (recast) 2014.

[111] Specific requirements relating to CE Marking are laid out in Regulation (EC) No 765/2008 of the European Parliament and of the Council of 9 July 2008 setting out the requirements for accreditation and market surveillance relating to the marketing of products and repealing Regulation (EEC) No 339/93 2008.

[112] Directive 2001/95/EC of the European Parliament and of the Council of 3 December 2001 on general product safety 2001.

[113] Council Directive 92/59/EEC of 29 June 1992 on general product safety 1992.

[114] GPSD (n 112). Article 2 (f) defines a distributor as any professional in the supply chain whose activity does not affect the safety properties of a product.

[115] Ibid. Article 5 (2).

[116] Department for Business, Energy & Industrial Strategy, ‘UK National Market Surveillance Pro-gramme January 2016 - January 2017’ accessed 17 February 2017. p. 20.

[117] Bundesnetzagentur, ‘Statistik Der Marktüberwachung 2016’ accessed 20 March 2017. pp.6-9.

[118] Directive 2012/19/EU of the European Parliament and of the Council of 4 July 2012 on waste electrical and electronic equipment (WEEE) Text with EEA relevance 2012.

[119] Ibid. see for further detail Recital 7.

[120] Directive 2010/30/EU of the European Parliament and of the Council of 19 May 2010 on the indication by labelling and standard product information of the consumption of energy and other resources by energy-related products 2010.; Article 7 specifically relates to energy label information provided through Distance selling and other forms of selling.

[121] Thibault Verbiest and others, ‘Study on the Liability of Internet Intermediaries, Markt 2006/09/E’. pp. 20-23.

[122] Ibid.

[123] Lital Helman and Gideon Parchomovsky, ‘The Best Available Technology Standard’ [2011] Columbia Law Review 1194.

[124] Ibid. Note the authors apply this to the US safe harbour in section 512 of the Digital Millennium Copyright Act of 1998.

[125] Ibid. Note that the proposal also tackles the issue of fair use.

[126] See Taddeo and Floridi (n 9)., Valcke, Kuczerawy and Ombelet (n 9)., Vedder (n 6)., Pasquale (n 9).

[127] EU Commission, ‘Summary of Responses to the Public Consultation on the Evaluation and Modernisation of the Legal Framework for IPR Enforcement’, 14 September 2016, accessed 25 August 2017. p.17.

[128] Directive (EU) 2015/849 of the European parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing 2015. Article 13.

[129] Amazon Payments Europe is registered as an electronic money institution and Paypal Europe as a credit institution with the Luxembourg financial market regulator (CSSF), while Google Payment Ltd has an E-Money issuer license with the UK Financial Conduct Authority.

[130] J Bruce Richardson, ‘With Great Power Comes Little Responsibility: The Role of Online Pay-ment Service Providers with Regards to Websites Selling Counterfeit Goods’ (2014) 12 Canadian Journal of Law and Technology accessed 20 March 2017.

[131] As for example suggested in Verbiest and others (n 121).

[132] Taddeo and Floridi (n 9).

[133] EU Commission, ‘COM(2016) 288 Final’ (n 14). p. 5.



Any party may pass on this Work by electronic means and make it available for download under the terms and conditions of the Digital Peer Publishing License. The text of the license may be accessed and retrieved at

JIPITEC – Journal of Intellectual Property, Information Technology and E-Commerce Law
Article search
Extended article search
Subscribe to our newsletter
Follow Us