According to the Court of Justice of the European Union, the e-Commerce Directive does not preclude national courts from ordering hosting services providers such as Facebook to remove identical and equivalent comments previously declared to be illegal (provided that such operation does not require the host provider to carry out an independent assessment).
In addition, EU law does not preclude such court injunctions from producing effects worldwide, within the framework of the relevant international law (which Member States must take into account).
On 3 October 2019, the Court of Justice of the European Union (“CJEU”) delivered its ruling in the case Glawischnig-Piesczek v Facebook (C-18/18). The case concerns the interpretation of Directive 2000/31/EC of 8 June 2000 (the “e-Commerce Directive”) and in particular the specific provisions of the Directive relating to the liability of hosting services providers, i.e. Articles 14 and 15 of the Directive.
The facts of the case and the legal context
Ms Eva Glawischnig-Piesczek, who was a member of the Nationalrat (National Council of Austria), chair of the Austrian Green Party and federal spokesperson for that party, sued Facebook Ireland before the Austrian courts. She is seeking to obtain a court injunction ordering Facebook Ireland to remove (a) a comment published by a user on that social network that she considered to be harmful to her reputation (and which could be accessed by any Facebook user) and (b) allegations that were identical and/or of equivalent content.
The case was ultimately brought before the Oberster Gerichtshof (the Supreme Court of Austria), which decided to stay the proceedings and to refer a series of questions to the CJEU regarding the interpretation of the e-Commerce Directive and, in particular, Articles 14 and 15 of the Directive.
Article 14 of the e-Commerce Directive provides that a hosting services provider is not liable for stored information if it has no knowledge of its illegal nature or if it acts expeditiously to remove or disable access to that information as soon as it becomes aware of it. Such an exemption does not, however, preclude a court (or administrative authority) from ordering the host provider to terminate or prevent an infringement, including by removing the illegal information or by disabling access to it. However, Article 15 of the e-Commerce Directive prohibits any requirement that would result in imposing on the host provider a general obligation to monitor the information it stores or to actively seek facts or circumstances indicating illegal activity.
In this context, the referring court sought, in particular, clarification as to whether the e-Commerce Directive must be interpreted as meaning that it precludes a court of a Member State from ordering a host provider to remove information which it stores, the content of which is identical/equivalent to the content of information which was previously declared to be illegal, or to block access to that information, and from extending the effects of that injunction worldwide.
The ruling of the CJEU
As a preliminary point, the CJEU first confirms that Facebook Ireland provides the services of a hosting services provider for the purposes of Article 14 of the e-Commerce Directive. This conclusion is in line with the previous case law of the CJEU, which makes clear that the owner of a social network platform which stores on its services information provided by the user of that platform, relating to their profile, should in principle be considered as a hosting services provider within the meaning of Article 14 of the e-Commerce Directive (see, in particular, CJEU, 16 February 2012, SABAM v Netlog, C‑360/10, para 27).
The CJEU acknowledges that Article 15 of the e-Commerce Directive implies that the objective of a court injunction consisting, inter alia, of effectively protecting a person’s reputation and honour against defamatory content published on a social network platform, may not be pursued by imposing an excessive obligation on the host provider.Turning to the questions of the Oberster Gerichtshof, the CJEU however considers that the e-Commerce Directive, which seeks to strike a balance between the different interests at stake, does not preclude a court of a Member State from ordering a host provider:
- to remove information which it stores, the content of which is identical to the content of information which was previously declared to be unlawful, or to block access to that information, irrespective of who requested the storage of that information;
- to remove information which it stores, the content of which is equivalent to the content of information which was previously declared to be unlawful, or to block access to that information, provided that the monitoring of and search for the information concerned by such an injunction are limited to information conveying a message the content of which remains essentially unchanged compared with the content which gave rise to the finding of illegality and containing the elements specified in the injunction, and provided that the differences in the wording of that equivalent content, compared with the wording characterising the information which was previously declared to be illegal, are not such as to require the host provider to carry out an independent assessment of that content (thus, the host provider may have recourse to automated search tools and technologies);
- to remove information covered by the injunction or to block access to that information worldwide within the framework of the relevant international law (and Member States must take that law into account).
The ruling of the CJEU confirms that a host provider such as Facebook can be ordered, in the context of a (court) injunction, to remove, from its platform, specific content that is identical or equivalent to the content considered as illegal by the court.
With a view to avoid imposing general monitoring obligations (prohibited by Article 15 of the e-Commerce Directive), the CJEU however specifies that the protection of the person subject to defamatory statements should not be provided by means of an excessive obligation being imposed on the host provider, so that the monitoring of and search for information which it requires are only limited to information containing the elements specified in the injunction, and its defamatory content of an equivalent nature does not require the host provider to carry out an independent assessment (the latter having only recourse to automated search tools and technologies).
In light of this, the CJEU ruling does not necessarily seem to depart from its previous case law regarding the ban on general monitoring obligations (see, in particular, the Scarlet v SABAM (C‑70/10) and SABAM v Netlog (C-360/10) cases). The CJEU makes indeed clear that (court) injunctions will only be considered as compliant with Article 15 of the e-Commerce Directive where they are sufficiently targeted and do not require the host provider to carry out an independent assessment, whereas injunctions imposing the implementation of a filtering system requiring active monitoring of all the data stored by the host provider (such as the one described in the previous case law of the CJEU) should be considered as prohibited by Article 15 of the e-Commerce Directive.
In this respect, it should also be noted that imposing a filtering system through the adoption of general measures of a legislative nature should in principle be considered as prohibited per se by Article 15 given that such a measure will almost systematically require an independent assessment by the host provider (as it will generally not be limited to specific content but will apply to an #ff0000 amount of information/data and require the implementation of a filtering mechanism that will generally not be based on purely automated search tools and technologies).