“‘Hosting’ is the provision of space to users for content, such as websites, news groups or bulletin boards.” (Copinger and Skone James on Copyright 18th Ed.).

From the beginning of the millennium, the USA and the EU Member States have created and implemented legislation intended to provide limited exceptions to hosts’ liability when illegal or infringing content has been uploaded by Internet users.

This was an important protection against liability when users uploaded images which infringed copyright or trade mark rules.

However, in the past few years, there has been a distinct move away from the exemption (known as the ‘safe harbour rule’) in relation to internet hosts (and ISPs more generally).

Hosts are now subject to much more liability in relation to copyright but, as things currently stand, the safe harbour rule still applies for ISP’s where a user infringes a trade mark.

ISP liability generally

An Internet Service Provider (“ISP”) (which includes hosts) is generally liable for copyright and trade mark infringement carried out directly by the ISP.

However, at the turn of the century and as internet use started to grow at an exponential rate, it was acknowledged around the globe that something had to be done in order to prevent ISPs being held liable for the illegal activity or infringements that had been carried out by their users.

Consequently, the ‘safe harbour rule’ was introduced in the late 1990’s in the US, which was closely followed by the introduction of the E-Commerce Directive in the EU. These rules were in place to provide exemptions for ISPs when a third party uploaded illegal material.

At the time, it was not considered fair that the ISPs should be punished for something in which they had no control over.

EU Law and the Hosting Defence

The E-Commerce Directive was implemented into UK Law by the E-Commerce Regulations in 2002, with Regulation 19 specifically applying to hosts.

Essentially, where liability would usually occur for a party who was not an internet host, the host would be exempt from any liability if they:

  • do ‘not have actual knowledge of unlawful activity or information’ or;
  • in relation to a claim of damages, if the host is ‘is not aware of facts or circumstances from which it would have been apparent to the service provider that the activity or information was unlawful’.

Further, there is an obligation on a host intending to rely on this defence: ‘upon obtaining such knowledge or awareness’ the host must act ‘expeditiously to remove or to disable access to the information’.

This regulation goes beyond the wording of the Directive and also insists that ‘the recipient of the service’ (e.g. the user) ‘was not acting under the authority or the control of the service provider’ when the content was uploaded.

This provides quite a limited exception for hosts and is conditional on the fact that the host ‘has not played an active role of such a kind as to give it knowledge of, or control over, the data stored’ (Google France Sarl v Louis Vuitton Malletier SA (C-236/08) [2011] Bus. L.R. 1).

A change in approach as ISP’s grow – what liability do they face from users uploading illegal content?

It is clear that, in relation to copyright, the EU is in the process of taking a significant move away from the safe harbour rule through the implementation of the Digital Single Market Copyright Directive (which will not apply in the UK).

Essentially, under Article 17 of the Directive, ISPs will have to obtain authorisation from content rights holders when images protected by copyright are uploaded to their website by users. If that authorisation is not given, the ISP will be held liable for the infringement unless they can show that they have satisfied the criteria set out in Article 17(4).

The above shows a move away from the safe harbour rule as hosts will be held liable for copyright infringement unless they obtain a licence or satisfy one of the objections above. It is clear that the bigger the host, the more stringent their obligations.

Poland has also appealed against Articles 17(4) (b) and (c) as they argue that these infringe on the right to freedom of expression provided for by Article 11 of the EU Charter of Fundamental Rights.

Cases referred to the ECJ

Further the YouTube and Cyando cases, which have recently been referred to the ECJ and will be decided upon this month, show that member states continue to resist this move away from the safe harbour rule.

Here the Advocate General seemed to stick with the old rules by suggesting that, as YouTube and Cyando did not play an active role in the uploading of the user-generated content, they could not be held liable in respect of the data that is uploaded.

He also noted that they could not have been playing an ‘active role’ if they did not have ‘intellectual control of the content’. This analysis seems to be in line with the previous Copyright Directive and it will be interesting to see how the CJEU interprets this case when it decides upon this case this month.

In contrast, the CJEU has not yet said that ISP’s will be directly liable for trade mark infringement together with their users in any circumstance.

However, recent case law in the UK (Cartier International AG & Ors v British Sky Broadcasting Ltd & Ors [2014] EWHC 3354) has suggested that courts have the power to impose website blocking orders on ISPs where the operators of the website are infringing a trade mark and they have actual knowledge of this infringement.

ISPs in this regard can rely on the safe harbour rules as described above, but a recent case which has been referred to the CJEU may provide some clarification on this point (Louboutin, C-148/21).

The question has been referred by the Belgian courts after the first instance court decided that Amazon was directly liable for the infringement of the Louboutin trade mark when it displayed counterfeit goods in third party adverts on the Amazon Marketplace. This decision was reversed by the Brussel’s Court of Appeal.

It is interesting to note that, in another Belgian case (Coty Germany v Amazon) the Advocate General considered that, if a platform actively contributes to the distribution of goods, then they could be directly liable for trademark infringement as this could constitute an ‘integrated store’ where Amazon contributes to the selling of the goods.

What happens next?

The above questions to the CJEU definitely show a change of approach to ISP liability in relation to the widespread view that the can rely on the safe harbour rule.

As the internet, ISPs and therefore hosts continue to grow and have more capacity to protect against such infringements, it seems as though the emerging approach is that they should take on more responsibility in relation to the content uploaded on their websites.

It will be interesting to note the CJEU view on the above points and whether that will have any impact on how the UK courts will interpret these rules.  This is a key moment in relation to whether the laws on copyright and trade mark will diverge from the EU law on the same in a post-Brexit world.

It is important to note that the UK government has noted on its website that “The government is committed to upholding the liability protections now that the transition period has ended.

For companies that host user-generated content on their online services, there will continue to be a ‘notice and take down’ regime where the platform must remove illegal content that they become aware of or risk incurring liability.”

Therefore, the safe harbour rule will apply to UK hosts for now, but it will be interesting to see the developments in this area in the future.

An increasing divergence in approach between the EU and UK courts will present a growing headache for hosts whose business takes little cognisance of national boundaries.

Practical tips on pursuing online copyright and trademark infringements:

  • If a host attempts to rely on the defence provided by the E-Commerce Regulations:
    • Check that the infringer claiming the defence is actually a host;
    • Investigate the process in which the user has to go through in order for the content to be uploaded:
      • If this involves the ISP playing any kind of active role in the uploading of the content, they will not be able to rely on the defence;
      • If they are completely passive when the information is uploaded, it is likely that they would be able to rely on the defence
    • Be mindful that the rules may change following the above EU cases and that the defence afforded to hosts is likely to become even more limited.
    • Ensure that your trade marks are properly registered following Brexit (there is no copyright registration process in the UK).