Electronic Commerce Directive Research Articles

The Liability of Internet Service Providers in the Proposed Digital Services Act

The intent of the essay is to verify if the Proposal on a Single Market For Digital Services (Digital Services Act), in the part where it aims to define the provider’s liability for illegal activity or illegal content stored at the request of a recipient of the hosting service, ends up providing greater protection for the passive provider than the Electronic Commerce Directive. It is also the intent to examine to what extent the actual increased protection of the passive provider is compensated for by greater rigor in ruling out the possibility of the providers playing an active role in hosting.

Digital Platforms: Regulation and Liability in the EU Law

Abstract: This article discusses the approaches towards regulation and liability of digital platforms, focusing on the European Union perspective. It demonstrates that the current regulatory and scholarly perception of platform liability in the European Union has been framed by the EU Electronic Commerce Directive 2000/31 provisions on liability of information society service providers. Subsequently, in light of scholarly writings and regulatory developments, two main approaches towards platform liability are identified and discussed: On the one hand, the idea of general provisions on platform liability, exemplified by the Discussion Draft on Digital Platforms. On the other hand, sector-specific provisions that densely regulate business models based on digital platforms, exemplified by the new EU Package Travel Directive 2015/2302. Both approaches are evaluated as far as their potential for inspiring legislative activity is concerned.

Revisiting country of origin principle: Challenges related to regulating e-commerce in the European Union

The article analyses the country of origin principle of information society services in the light of harmonisation and unification efforts undertaken by the European lawgiver. Although the country of origin principle remains the key element of the construction of freedom to provide information society services, the principle itself suffers a number of both explicit and implicit restrictions which render its practical application a serious challenge. The difficulty is posed by the fact that the Electronic Commerce Directive fails to expressly specify both the scope of harmonisation as regards the principle, and the level of harmonisation of the directive itself. Furthermore, it is understood differently by private international lawyers. In the eDate Advertising case the ECJ ruled that the principle is not a conflict-of-laws rule, neither does it require implementation to the national legal systems in this shape. This is not to mean, however, that the debate over the function of the country of origin principle in private international law is over. Last but not least, there are many different types of country of origin principles applicable to various types of services provided via the Internet. This multitude of country of origin principles is perhaps the greatest weakness the regulatory approach adopted by the European lawmaker.

The fragmentation of intermediary liability in the UK

This article argues that the system for intermediary liability (for mere conduits, hosts and search engines) is splitting into a number of different systems. In the case of copyright, intermediaries (particularly mere conduits) have new duties. However, regarding defamation (and to a lesser extent privacy), new schemes are reducing the liability risk of hosts—under certain circumstances. The result is that the single system of the Electronic Commerce Directive is being replaced by a mixture of EU and national legislation, revived common law doctrines and specific provisions for particular areas of law.

JURISDICTION FOR CROSS-BORDER BREACH OF PERSONALITY AND DEFAMATION: EDATE ADVERTISING AND MARTINEZ

In the conjoined cases C-509/09 e-Date Advertising GmbH v X and C-161/10 Olivier Martinez and others v MGN Ltd,1 the Court of Justice of the European Union (CJEU) was required to determine the scope of applicability of both Article 5(3) of Regulation EC 44/2001 (the Brussels I Regulation)2 and Article 3 of Directive EC 2000/31 (the Electronic Commerce Directive). Both cases were concerned with defamation and breach of personality and image rights as a result of the publication of two newspaper articles which were accessible online via each of the defendants' websites. As readers will be fully aware, Article 5(3) of the Brussels I Regulation enables claimants to establish special jurisdiction in the case of a tort, delict or quasi-delict, in the courts of the Member State where a harmful event has occurred or may occur. The effectiveness of Article 5(3) as a ground of jurisdiction focuses on the locality of the event. The question that arose in both cases was, essentially, where could the claimants bring proceedings for breach of personality and defamation as a result of newspaper articles published online via websites,3 when those websites were accessible in multiple jurisdictions? According to an experienced legal practitioner in the United Kingdom, ‘more than 25 billion individual items of content are shared each month on Facebook alone.’4 There are increasing concerns regarding the dissemination of comments through the medium of ‘ubiquit(ous), converged and displace(d)’5 Web 2.0 communications technologies. Such communications increase the potential for criminal and civil consequences in numerous jurisdictions. The ability of injured parties (famous or not) to seek redress in the most appropriate forum for the purposes of protecting their private lives and reputations is acutely significant.6

Who is responsible for 'personal data' in cloud computing?--The cloud of unknowing, Part 2

In part one of this series, we considered what information is regulated as 'personal data' in the cloud. In this part two, we develop further the argument made in part one that it is not appropriate for infrastructure cloud providers, many of which are based outside Europe, to become subject arbitrarily to obligations under the EU Data Protection Directive due to choices made by their users. EU data protection responsibilities and liabilities are imposed primarily on the 'controller,' who may employ 'processors' to process data for it. We suggest, as with the concept of 'personal data,' the binary nature of the controller/processor distinction is no longer tenable. In today's environment of complex chains of actors, end to end accountability should replace the binary distinction. While cloud computing service providers are commonly considered processors or controllers, this paper further argues that many infrastructure cloud computing providers are not even 'processors,' but simply provide facilities and/or tools for use by the controller/cloud user. Infrastructure as a Service and Platform as a Service providers, and certain Software as a Service providers, who offer no more than utility infrastructure services, will often not know whether information stored or processed through their services is 'personal data' or not – hence, the 'cloud of unknowing.' Infrastructure cloud providers are qualitatively distinct from services such as social networking websites. We suggest that infrastructure cloud computing providers should be considered mere neutral intermediaries. Existing liability defences for certain service providers under the EU Electronic Commerce Directive, to help foster electronic commerce, are lost upon the provider having knowledge and control. Similarly, our proposed intermediary immunity from data protection obligations would be lost if the provider gains the requisite knowledge and/or the requisite access to such data. It may also behove cloud computing providers to develop appropriate common industry standards and best practices measures in order to help provide a clear boundary between this intermediary status and 'processor' (or even 'controller') status.

The Interim Digital Britain Report, File Sharing and the Emerging Role of Internet Service Providers

According to Lessig, “The fear is that cyberspace will become a place where copyright can be defeated.” The internet has witnessed an exponential growth in recent times and has generated new business models. The internet also made it possible to digitally disseminate copyright works and this has become one of the greatest challenges currently facing the copyright industry. Enter the peer-to-peer (p2p) “killer application”, the Napster judgment and the recent Pirate Bay decision from Sweden remains instructive on their use. All around Europe measures are been proposed to give Internet Service Providers (ISPs) a role in the enforcement of copyright laws in a networked environment, for instance, the controversial 3-strikes law recently adopted by the French parliament and in the United Kingdom, Action plan 13 of the Digital Britain Report seeks to enact legislation requiring Internet Service Providers (ISPs) to notify alleged copyright infringers that their conduct is unlawful, this legislation also seeks to create a process whereby ISPs are required to make available to the rights holders retained anonymised information of repeat offenders. At first glance these proposed measures seem to be heading for a direct conflict with the general obligations not to monitor created under the Article 15 of the Electronic Commerce Directive (e-CD). This paper examines three issues; the compatibility of the proposed measures with the obligation not to monitor under the e-CD, the determination of the extent of the protection afforded the copyright holder under the Information Society Directive and the possibility of these legislative solutions in achieving the desired results.

After the unfair Contract Terms Directive; Recent European Directives and English Law

This paper examines the implementation into English law of three recent EC Directives; the Consumer Sales Directive, the Electronic Commerce Directive and the Unfair Commercial Practices Directive – transposition of the latter currently at a consultative stage. Although English law copes remarkably well in accommodating alien concepts and rules within its doctrinal framework, nevertheless, these Directives have generated some significant conceptual and substantive adjustments in English contract law. The recently enacted Unfair Commercial Practices Directive adds a new dimension to the impact of EC legislative activity in the area of private law. Furthermore, the ensuing regulatory complexity and incoherence arising from UK implementation obligations is a cause for concern. Particularly in the light of the EC's current project on European Contract Law.

Consumer Protection Laws vs. Growth in M-Commerce

One of the main differences between PC-based and mobile services is the size of the user interface, i.e. the screen available to the user. While PCs usually offer quite large screens, mobile devices, like cell phones, have screens which compared to PCs can be considered peepholes only owing to the main characteristic of mobile devices, i.e. portability. However, the applicable European legislation such as the Distant Selling Directive of 1997 (Directive 1997/7/ EC of 20 May 1997), the Electronic Commerce Directive of 2000 (Directive 2000/31/EC of 17 July 2000) and the Electronic Communication Data Protection Directive of 2002 (Directive 2002/58/EC of 12 July 2002) that together form a large part of the legal basis of the corresponding German legislation, were framed and implemented with a PC-oriented mind-set. While, in principle, this legislation equally applies to the mobile environment made up of portable and thus small-scale end user devices, certain concepts do not appear to suit the particularities of these devices. In particular, the extensive and detailed information requirements designed for consumer protection in the field of e-commerce prove to be cumbersome, if not impossible to comply with in a mobile environment. Taken into account this pre-eminent difference, this article focuses on five particular aspects of consumer protection: First is the question on whether and how to incorporate general terms and conditions of the Mobile Commerce Provider (,,MCP) into the underlying contractual relationship with the consumer (I.). Secondly, the requirements of the consumer's right of withdrawal that have lately been amended will be analysed in light of mobile markets (II.). The article will then deal with the strict and extensive information requirements applicable to any electronic business or distant selling as specifically outlined in the German Civil Code (BGB), the Ordinance on Information Requirements under the German Civil Code (BGB-InfoV) as well as in the Tele Services Act (TDG) (III.). Furthermore, certain additional action requirements will be discussed (IV.). Finally, this article will offer a short overview of and comment on the relevant data protection requirements applicable to mobile services (V.).

From Gambelli to Placanica to a European framework for remote gaming

This article reviews the difficulties facing national courts in respect of the regulation of online gambling activity in the wake of two recent decisions of the European Court of Justice that, in mixed messages, may be moving towards liberalization of the European gaming market. More than a year after the Gambelli and Lindman decisions of the European Court of Justice (ECJ) and the first report of the European Commission on the application of the electronic commerce Directive, the impact of these recent European (r)evolutions for the gaming industry has not always been very clear. In the Netherlands and Belgium, existing jurisprudence was confirmed in the so-called post-Gambelli decisions. In Germany, where most of the competences to regulate gaming activities have been attributed to the autonomous Länder, some courts have recognized that, in the absence of a consistent gaming policy, the imposed restrictions on the cross-border provision of gaming services could not be justified by the imperative reasons of public order. In Spain, the Loterías y Apuestas del Estado (LAE) is maintaining its position that it has the exclusive right to offer and promote games on the Internet. In Italy, a regional court has had to refer a gaming case to European Court of Justice (ECJ). The conclusion of one year post-Gambelli case-law is that the Gambelli and Lindman requirements are applied in a very diverging manner. In the Dutch Betfair appeal case, it was even insinuated that Gambelli was not relevant! Before commenting on these national decisions, the Gambelli and Lindman decisions will be reviewed again.

Web services and the EU

The EU's Electronic Commerce Directive (ECD) is far reaching in its implications. Stephen Smith-López explains what it means for web services developers.

UK E-commerce liability: Ignorance is bliss

Despite the collapse of the dot.com financing bubble, the rapid growth and commercial development of the Internet continues. Technologies such as peer to peer networking, Microsoft’s .net initiative and widespread broadband connectivity are driving new business models. These changes in turn create new legal challenges. As usual, policymakers and legislators around the world are struggling to keep up. The latest legislative initiative in the UK is the Electronic Commerce (“EC Directive”) Regulations 2002 1 1 (SI 2002/2013) laid before Parliament on 31 July 2002 which came into effect on 21 August 2002. (the “Regulations”), which transposed the majority of provisions of the Electronic Commerce Directive 2 2 Directive 2000/31/EC on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (Directive on electronic commerce). (the “Directive”) into UK law.

E-COMMERCE DIRECTIVE — UK IMPLEMENTATION: ELECTRONIC COMMERCE (EC DIRECTIVE) REGULATIONS 2002 — WORTH THE WAIT?

This article examines the UK government’s approach to implementation 1 1 This article does not examine the HM Treasury’s implementation of the Directive in the specialised area of financial services. of the key provisions of the Electronic Commerce Directive 2 2 Directive 2000/31/EC on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (Directive on electronic commerce). (the Directive).

E-Commerce — UK: UK CONSULTATION ON THE IMPLEMENTATION OF THE ELECTRONIC COMMERCE DIRECTIVE

At the end of August 2001, the Department of Trade & Industry, the Communications and Information Industries Directorate, published their consultation document on implementation of the Electronic Commerce Directive. 1 1 Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (Directive on electronic commerce) (OJ L 178, 17.7.2000, p.1) This is timely, since Member States are supposed to have implemented the Electronic Commerce Directive into national laws by 16 January 2002. The UK Government plans to implement the requirements of the Directive by means of secondary legislation under Section 2(2) of the European Communities Act 1972 and under specific sectoral legislation where appropriate. Section 2(2) is a general enabling power to pass legislation to implement European legislation. In the light of the responses to the consultation document, the DTI will be producing draft regulations. What follows is a summary of the consultation. It should be noted that, in order to ensure effective implementation in the specialized area of financial services, a separate consultation document will be published by HM Treasury. A summary of the DTI's proposal is on the Department of Trade & Industry website at: http://www.dti.gov.uk/cii/ecommerce/europeanpolicy/ecommerce_directive.shtml. The full consultation paper is also available from the website and, helpfully, the consultation document itself contains numerous useful website details and useful links to enable one, for example, to print off a copy of the e-commerce directive to read it in conjunction with the consultation paper. The consultation document is split into seven chapters:

INFORMATION SOCIETY SERVICES: INFORMATION SOCIETY SERVICES: WHAT ARE THEY AND HOW RELEVANT IS THE DEFINITION?

The term ‘Information Society’ and the closely linked concept of ‘Information Society services’ appear regularly in the European Commission’s announcements, literature and, in the text of Directives in the European Union’s legislation. The Commission has a dedicated office, the Information Society Project Office, established to coordinate the various Directorates General with a website devoted to the Information Society. 1 1 http://www.europa.et.int/comm/information_society/index_en.htm. Most recently of course the term ‘Information Society services’ has appeared in the Electronic Commerce Directive 2 2 Directive 2000/31 EC on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (Directive on electronic commerce) (the Electronic Commerce Directive). and, prior to that, it was used in the Conditional Access Directive. 3 3 Directive 98/84 EC on the legal protection of services based on or consisting of conditional access (the “ Conditional Access Directive”). But in both the Electronic Commerce and Conditional Access Directives, Information Society services are defined by reference to Article 1 of the earlier Transparency Directive 4 4 Directive 98/48 EC amending Directive 98/34 EC laying down a procedure for the provision of information in the field of technical standards and regulations (the Transparency Directive). which states that Information Society services are “any service normally provided for remuneration, at a distance, by electronic means and at the individual request of the recipient for services”. This article considers the scope and legal background to that definition.

The Electronic Commerce Directive

On 4 May 2000 the European Parliament approved the Electronic Commerce Directive, followed by the European Parliament without amendment on 28 February, perhaps persuaded that speed was imperative. Publication in the Official Journal followed on 17 June, and member states must implement the Directive into national law before 17 January 2002. The Department of Trade and Industry has already indicated that the UK will need to take a number of actions to ensure compliance with the Directive. The DTI expects to conduct an internal government consultation on the options for implementation of the Directive in summer–autumn 2000 before launching a public consultation exercise later this year.