On 1 December 2021, the Commonwealth Attorney-General’s Department released an exposure draft of the Social Media (Anti-Trolling) Bill 2021 (Bill), which arrives in the wake of the High Court’s recent decision in Fairfax Media Publications Pty Ltd v Voller [2021] HCA 27 (Voller). You can find our article on the judgment here.

In Voller, a majority of the Court determined that certain media companies were “publishers” of comments made by third parties on the companies’ public Facebook pages, notwithstanding the fact that the companies may not have been aware of the comments or intended their publication. In creating and administering public social media pages which allowed for third-party comments, the Court considered that the companies “encouraged and facilitated” publication of comments from third parties, and were thereby publishers of those comments.

The draft Bill seeks to address the ramifications of Voller and the impacts of online “trolling” more generally in several ways, including by:

  • overriding the common law position so that social media page owners are not liable as publishers of third-party comments;
  • shifting the burden onto social media service providers to identify anonymous commenters;
  • introducing limited protections for social media service providers by requiring them to implement and follow defamation complaints schemes in order to escape liability for publication themselves; and
  • allowing persons subjected to potentially defamatory comments to seek the contact details of anonymous commenters via a complaints scheme and/or court order.

There is a significant degree of uncertainty surrounding the future of the Bill, not least because a Federal election is coming up in the first half of 2022. Should the Bill enter into force, the proposed laws will have far-reaching consequences for social media service providers and users alike. The Bill remains open for public consultation until 21 January 2022.

Outline of the Bill

Liability shifts: who is a “publisher”?

The Bill clarifies that a person or company that maintains a social media page will not be a “publisher” of third-party comments on its page for the purposes of the general law of defamation. Effectively, the Bill supersedes the High Court’s decision in Voller by declaring that all businesses or individuals maintaining social media pages – so long as they are “Australian persons” as defined in the Bill – will not be “publishers” of potentially defamatory comments posted on their pages by third parties.

Instead, the Bill shifts liability onto social media service providers. The Bill employs the same definition of “social media service” provided for in the Online Safety Act 2021 (Cth). The definition is broad in its application, but excludes services that are not accessible to end-users in Australia. Further, the Bill stipulates that “providers” of social media services excludes carriage service providers and persons providing billing or fee collection services in relation to a social media service. Under the Bill, social media service providers will be considered “publishers” of third-party comments made in Australia, and the defence of innocent dissemination will not be available to them in defamation proceedings.

Safe harbour for social media service providers

The Bill makes available a new, albeit conditional, defence under defamation law, allowing social media service providers or related entities to avoid liability as a “publisher” if:

  • the comment was made in Australia;
  • the social media service provider has a complaints scheme which meets the prescribed requirements under section 16 of the Bill;
  • a complainant makes a complaint under the scheme and the social media service provider complies with the scheme when handling the complaint; and
  • the social media service provider:
    • is not subject to a complainant’s request for a commenter’s contact details or court-ordered disclosure; or
    • provides a commenter’s contact details following a complainant’s request; or
    • provides a commenter’s contact details and location data following court-ordered disclosure.

Complaints Scheme

In order to claim the defence outlined above, social media service providers will need to demonstrate that they have established a complaints scheme which meets the prescribed requirements under the Bill. Complaints schemes under the Bill are intended to deal with potential complaints from persons who have reason to believe they may have a right to obtain relief against a commenter in a defamation proceeding.

In order to receive the benefit of the defence, and assist complainants, social media service providers will be required to ascertain whether comments were made in Australia or otherwise. Providers will need to employ geolocation technology to determine correct country location data.

To comply with the Bill, complaints schemes will otherwise require providers to notify commenters when a comment is the subject of a defamation complaint and will permit providers to remove the comment with the consent of the commenter. Social media service providers may also disclose further end-user information such as “relevant contact details”, where disclosure is requested by a complainant and consented to by a commenter. Such details include a commenter’s name (or name by which they are usually known), email address and phone number.

With these details intended to be sufficient to effect substituted service in an Australian court, the accuracy of such information is a critical feature of the proposed regime and necessary for a social media service provider to rely on the defence. In order to take advantage of the safe harbour, the Bill appears to contemplate that providers will need to implement stringent verification processes and confirm the accuracy of such information over time, while denying social media users the option of remaining anonymous online.

It should be noted, however, that a provider is not required to undertake any actions in line with the above if they “reasonably believe” that a complaint or request for disclosure does not “genuinely relate to the potential institution by the complainant of a defamation proceeding”. It remains to be seen how providers will make this assessment given the limited evidence likely to be available to them as to the complainant’s motives or intent.

Court ordered end-user information disclosure

The Bill also establishes a mechanism for complainants to apply to a court for an “end-user information disclosure order”, regardless of whether they pursue a complaint through a social media service provider’s complaints scheme or not.

A complainant who reasonably believes they would be able to obtain relief against a commenter in a defamation proceeding may apply for disclosure of the commenter’s relevant contact details, country location data or both if the complainant has otherwise not been able to ascertain those details themselves. Upon the making of such an order, a social media service provider will be compelled to disclose that information. Notably, the consent of the commenter is not a condition precedent of disclosure, as required when seeking details under a complaints scheme.

In addition to the court’s existing powers to refuse to make an order, the Bill also provides that a court may refuse to make an information disclosure order where the disclosure is likely to present a risk to the commenter’s safety. The Explanatory Note to the Bill cites a commenter having previously been the subject of intimate partner violence at the hands of a complainant as a circumstance in which a court could decline to make an order.

Intervention by the Attorney-General

Under the draft Bill, the Commonwealth Attorney-General may intervene in defamation proceedings relating to a comment made on a social media service before a court exercising federal jurisdiction, and to which a social media service provider is a party. The Attorney-General may also intervene in proceedings for matters arising under the Bill, such as proceedings concerning end-user information disclosure orders.

Of particular note, where the Attorney-General has intervened in proceedings, the Bill authorises the Commonwealth to pay a complainant’s reasonable costs incurred in relation to the proceedings, if the proceedings concern:

  • an uncertain area of Commonwealth law; or
  • would resolve an important question under Commonwealth law that affects the rights of a socially or economically disadvantaged section of the public.

Australian focus

Despite the international nature and reach of social media, the Commonwealth Government’s focus in the Bill is to protect Australians from online harm connected with Australia. Liability under this Bill is only enlivened in relation to comments made in Australia (as determined through geolocation technology deployed by social media service providers). Equally, disclosure requirements under complaints schemes will only apply if comments are made in Australia.

The Bill compels social media service providers with a substantial Australian presence to nominate as agent an Australian entity capable of satisfying the complaints scheme requirements. Foreign entities with 250,000 or more Australian account users will need to adhere to this condition, ensuring that the nominated entity is incorporated and has an office in Australia.

Key Takeaways

As the Explanatory Note to the Bill expressly states, the proposed laws seek to ensure that complainants have at least one defendant to bring defamation proceedings against, be that the originator of a comment or the provider of the social media service on which the comment is made.

While the Bill does not explicitly mandate that all social media service providers must have a complaints scheme, it effectively incentivises providers to establish and follow such schemes to gain access to the new defence and avoid liability. However, there are a number of matters that providers should remain mindful of in implementing the proposed process.

First, it is unclear how, practically, a social media service provider should decide whether or not to take action under a complaints scheme. As noted above, providers are not required to take action if they reasonably believe that a complaint or request is not genuine. However, this places a heavy burden on providers and their employees who will inevitably be processing the complaints or requests, in circumstances where a decision to not take action could expose providers to proceedings themselves. Indeed, providers may be compelled to assume that every allegation is genuine in light of the potentially litigious consequences. Providers should consider how this decision-making process will be executed and by who, and how high volumes of complaints may be dealt with within the timeframes set out in the Bill.

Second, a provider only gains the benefit of the new defence where they follow, and actually provide details under, the complaints scheme. The Bill does not provide any comfort where a commenter does not consent to disclosure of their details or where a provider simply does not have them. However, this is likely by design to fulfil the intent of the Bill, ensuring that a complainant can at least pursue a claim against a provider where a commenter’s details are not available.

Third, the Bill is also silent as to the implications of fraudulent details being provided, with the Explanatory Note merely noting that fake or inaccurate details will not satisfy the definition of “relevant contact details”. If the Bill comes into effect, providers may need to implement or improve identification verification processes, which will in turn expose providers to associated privacy risks. Providers will need to be wary of:

  • the new types of personal information they may need to collect;
  • the ways in which such data is gathered, stored, updated and accessed;
  • maintaining the currency of contact information, where users may change their phone numbers or email addresses; and
  • how to deal with existing users whilst the relevant details are collected (for example, should users be locked out of their accounts until their details are verified?).

It is debatable whether the Bill’s authorisations and protections from civil liability in relation to providers disclosing location data and relevant contact details will sufficiently address the potential privacy and safety implications for providers.

Finally, the Bill and its explanatory materials also do not appear to consider the use and effect of virtual private networks (VPNs) which can be used to disguise a user’s online identity and location, circumventing geolocation technology deployed by providers.

Watch this space!

This Bill is part of a larger suite of reforms in Australia, in line with the Commonwealth Government’s commitment to protect Australians from online harm. These reforms are intended to protect individuals and assist with dispute resolution, while also balancing the right to free speech in a free society.

Concurrently, further changes are expected with the Stage 2 review of the Model Defamation Provisions (MDP) at the State and Territory level. You can view our previous article on the MDP amendments arising from the Stage 1 review here. Focusing on similar issues to those in the Bill, the Stage 2 review will examine the liability of digital platforms as well as other issues relating to criminal conduct reports. The Discussion Paper for Stage 2 can be found here.