Content, particularly content that is shared or streamed on online platforms, is currently the subject of legal and regulatory change in the EU, both in the area of copyright and media legislation. These changes supplement the existing legal and regulatory regime by creating specific liability and/or licensing regimes, targeting specific providers in the market, creating mechanisms to promote EU audio-visual works as well as targeting harmful content online.
Copyright Infringement and Licensing
Currently, liability for the hosting and transmission of copyright protected content online in the EU is determined by the regime transposed into national laws pursuant to the Directive on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (2000/31/EC) (E-Commerce Directive). In addition, the Directive on the harmonisation of copyright in the information society (2001/29/EC) (InfoSoc Directive) specified a number of exceptions and limitations to liability for infringement of the reproduction right held by authors and rightsholders, which Member States could implement in national laws, including any use for the purpose of caricature, parody or pastiche.
In essence, the E-Commerce Directive sought to balance the rights of rightsholders with the information age online by introducing three exceptions:
- the “mere conduit” exemption for the transmission of content where the service provider does not initiate the transmission and is not involved in the selection of the content or its recipient;
- the “caching” exemption for the automatic and temporary caching of content for the sole purpose of transmission; and
- the “hosting” exemption where the service provider has no actual knowledge of the illegal activity or information, facts or circumstances from which the illegal activity is apparent.
In all cases, the exemptions preserve the power of the courts to grant injunctive relief, where appropriate and, in addition, the caching and hosting exemptions are subject to a “notice and takedown” regime meaning that the relevant service provider is only exempt provided it removes or disables access to content on being put on notice of the infringement. There is, under these exemptions, no obligation on providers to actively monitor their platforms and services for infringing content. This regime remains unchanged for content whose removal is being sought for reasons other than copyright infringement via online content sharing platforms, summarised below.
New Liability Regime for Online Content Sharing Service Providers (OCSSPs)
The Copyright and Related Rights in the Digital Single Market Directive ((EU) 2019/790) (DSM Directive), which was published on 17 May 2019 and is due to be transposed by Member States by June 2021, will radically alter the liability regime for online content sharing platforms. The implementation of the DSM Directive, specifically Article 17, will mean a transition from a “notice and takedown” regime towards a “notice and staydown” regime for infringing content, but may also necessitate the use of filtering technologies to prevent the upload of infringing content to such platforms. Article 17 imposes a much more onerous liability regime for copyright infringement on OCSSPs than the system under which they currently operate. It requires that OCSSPs take active measures to obtain the “authorisation” of rightsholders whose works are made available to the public on the OCSSP site. This authorisation will generally take the form of a licensing agreement (if the relevant rightsholders agree to so licence). If licences are not concluded, these platforms must make their “best efforts” to ensure that content not authorised by the rightsholders is not available on their website. We have previously summarised this new regime in the following briefing: Online content sharing – pay to play?
Practical implementation of the new OCSSP liability regime
The European Commission has stated that the “best efforts” obligation “does not prescribe any specific means or technology”. Furthermore, the DSM Directive itself states that the application of Article 17 “should not lead to any general monitoring obligation”.
However, many academics and stakeholders contend that a practical interpretation of Article 17 imposes a filtering obligation on OCSSPs, such that they must put in place a system to determine whether the works that are made available to the public on their site are copyright-protected, and actively seek out the consent of rightsholders before publishing such works online.
This incentivisation to use and develop upload filters triggers a necessary consideration of the lawfulness of such technology under other legal principles and how to balance these new obligations with the ‘fair use’ exemptions under copyright legislation.
In addition, the DSM Directive states that the processing of personal data (both with respect to rightsholders and users) carried out within the framework of the DSM Directive shall be carried out in compliance with the Directive concerning the processing of personal data and the protection of privacy in the electronic communications sector (2002/58/EC) (e-Privacy Directive) and the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR). Therefore, the implementation of these mechanisms will need to be assessed both in the context of Article 17 of the DSM Directive but also under the principles and procedures of the GDPR (e.g. transparency, necessity, proportionality, legal basis, disclosure, retention, individual rights etc.)
It is worth noting the following issues, for example:
- upload filters which process a user’s or rightsholder’s personal data are likely to engage in automated decision-making producing legal effects (as they will determine whether or not a work is copyright-protected), and may therefore be subject to Article 22 of the GDPR (requiring safeguards for the rights and freedoms of the individual); and
- upload filters may also fail to identify user-generated content that benefits from the exceptions outlined in Article 17(7) of the DSM Directive (e.g. quotation, parody, criticism). Knowledge of cultural context will often be necessary to establish whether a work is copyright-infringing, as filters using content-analysis alone may not detect, for example, the satirical or critical nature of a work. It is questionable therefore whether filtering technology can provide the necessary contextual and cultural awareness to protect the freedom of expression of users in detecting cases of copyright infringement.
Regulation of Audio-Visual Works
Licensing of Audio-Visual Works
Special provision is also made in the DSM Directive to “facilitate the licensing of rights in audiovisual works to video-on-demand services”. This is in response to the lack of EU audio-visual works available on video-on-demand (VoD) platforms, despite the growing popularity of on-demand services (such as Netflix and Amazon Video). This is partly attributed to the fact that agreements for online exploitation of such works can be difficult to conclude due to certain territorial rightsholders not having sufficient economic incentive to exploit a work online.
Consequently, Article 13 of the DSM Directive requires Member States to put in place a mediator or neutral body to assist parties to negotiate and reach contractual agreements related to the licensing of works to be made available on VoD platforms. This voluntary negotiation mechanism aims to foster the availability and variety of EU audiovisual works online, and highlights the importance VoD platforms as a form of revenue for rightsholders.
Regulation of Audio-Visual Works Online
The Audio-visual Media Directive 2018/1808 which amends Directive 2010/13/EU) (AVMSD) and was due to be implemented by Member States by 19 September 2020, is intended to be transposed into Irish law by the Online Safety and Media Regulation Bill (discussed below). The AVMSD aims to expand the scope of existing regulations to online content providers, improve consumer and child protection, limit the reach of harmful content and improve media regulation across the EU. In many respects, the most significant change in the AVMSD is that it expands the scope of the regulations to on-demand audio-visual media services (i.e. Netflix) and to video-sharing platform services (i.e. YouTube), subjecting them to the same advertising regulations as traditional media.
The AVMSD also includes provisions for bringing hybrid services into the scope of the regulations, setting out an “essential functionality” test. This has the potential of drawing social media providers into scope, where they monetise audio-visual content, including user-generated content, subjecting them to rules on commercial communications, protection of minors from harmful content and protection of all users from hate speech and other illegal content.
The AVMSD has also introduced a requirement for providers of on-demand audio-visual media services under EU jurisdiction to ensure that at least 30% of their catalogues comprise of European works and for all media service providers to contribute financially to the production of such works.
The Irish government has approved the general scheme of the Online Safety and Media Regulation Bill to establish a regulatory framework to deal with the spread of harmful online content. (It is currently with Office of the Attorney General for detailed drafting and has also been forwarded to the relevant Joint Oireachtas Committee for pre-legislative scrutiny.) It is envisaged that the proposed Online Safety Commissioner will govern the new regulatory framework through the establishment of binding online safety codes. These online safety codes are expected to deal with a wide range of issues, including measures to be taken by online services to tackle the availability of harmful online content, for example cyberbullying material, on their services.
The general scheme of the Online Safety and Media Regulation Bill provides that the Media Commission will replace the Broadcasting Authority of Ireland (BAI) and will take on the role of regulating the audio-visual sector. It will maintain a list of registered VOD services and will be equipped with enforcement and sanction powers to ensure compliance, including the power to seek the imposition of administrative financial sanctions. Head 16 of the general scheme sets out the procedure for administrative financial sanctions that are to be “appropriate, proportionate” and “act as a sufficient incentive” to procure future compliance. (This is reflective of the approach taken in Article 83 of the General Data Protection Regulation for imposing administrative fines which should be “effective, proportionate and dissuasive”). The Bill provides the Media Commission with powers to impose an administrative financial sanction for non-compliance of up to €20,000,000 or, up to 10% of relevant turnover of the preceding financial year, whichever is higher.
Professional VOD services, which provide news and current affairs content, will be also required to meet the same journalistic standards as required by television broadcasters.
Text and Data Mining
Another forthcoming change under the DSM Directive is how text and data mining (TDM) is regulated. The effect of this change is to permit TDM by non-profit research institutions and allow the market to dictate the conditions for commercial TDM, by permitting commercial TDM by default unless the rightsholders impose measures to either restrict or licence its use. We have considered this in further detail in the following briefing: Mining for exceptions in the new copyright directive.
New Press Publishers Right
The third change is to grant a new ‘neighbouring’ right under Article 15 of the DSM Directive to press publishers (as distinct from the authors’ copyright). This gives press publishers the exclusive right to authorise the reproduction and making available to the public of their press publications for online uses by information society service providers (ISSPs), such as search engines, news aggregators and media monitoring services. In effect, this means that press publishers should, in theory, be able to negotiate new or improved licensing terms with ISSPs that make press publishers’ content available on their online services. The right lasts for two years after the press publication is published and excludes acts of hyperlinking from their scope.
This has proven to be particularly controversial in the Member States that have moved to implement it.
Further details on this new right are set out in our briefing here.
Other Legal and Regulatory Matters
This briefing does not aim to summarise all legal and regulatory issues pertaining to the publication and sharing of content online but below is summary of some key relevant issues:
Other Copyright Issues
EU copyright law affects online content in a number of other ways, including:
- Screen Scraping: The CJEU has issued a decision  on screen-scraping in the area of copyright infringement and database rights, finding that, in circumstances where a website owner is unable to rely on its database rights to tackle infringement by ‘screen scraping’, it may be able to rely on its terms and conditions to prevent this.
- Hyperlinking: The law on the copyright implications of hyperlinking is still evolving but the Court of Justice of the European Union (CJEU) has, to date, established the following rules:
- posting a hyperlink to a copyright protected work, which is already freely accessible on the internet with the authorisation of the copyright owner, will not infringe copyright;
- hyperlinking to make copyright protected works available to a “new public” may constitute copyright infringement i.e. if the posting of the link would make the work available to users who should not otherwise have access to that content; and
- infringement occurs where the link is to a work where the poster of the link knew (or should have known) that the work was posted on a third party resource or website without the consent of the rightsholder (assuming the work was, in fact, posted without the consent of the rightsholder). This might arise, for example, where the poster of the link knows, or ought to know, that a particular rightsholder never makes any content available for free, yet its content turns up on another resource. The CJEU has held that when the posting of hyperlinks is carried out for profit, it is expected that the person posting the link will conduct the necessary checks to ensure they are not infringing copyright.
Online content is also subject to the exercise of certain rights under the GDPR. For example, the ‘right to be forgotten’ enables individuals to request the removal of personal data from online platforms and search engines where there is no longer a justification for the publication of such information (e.g. the data is no longer accurate).
Trade Mark Infringement
The publication and advertising of content online must also not infringe trade mark rights in the EU. This extends to the use of trade marks in advertising keywords by competitors advertising their products or services through search engines.
In Ireland, the regulation of broadcast advertising is carried out by the BAI, through both the General and Children’s Commercial Communications Codes and other forms of advertising are largely managed on a self-regulatory basis, pursuant to codes set by the Advertising Standards Authority for Ireland (ASAI). In addition, the advertising of the following products and services (including online) are subject to specific control in Ireland by law or industry codes (or both): tobacco; gambling; financial products and services, alcohol, medicinal products and products and services targeted towards children.
The Defamation Act 2009 applies to online content published in Ireland providing remedies with respect to defamatory statements i.e. one that tends to injure a person’s reputation in the eyes of reasonable members of society. In addition to the defences available under the Defamation Act 2009, including the defence of innocent publication, an online intermediary may also rely on the exemptions from liability under the E-Commerce Directive, summarised at the start of page 1 above, (commonly referred to as “notice and takedown”).
The defamation laws have been under review by the Department of Justice since 2016 and is anticipated that there may be proposals for legislative change by early 2021 but the detail of those proposals have not yet been published.
The European Commission’s Digital Services Act package is proposed to modernise the current legal framework for digital services. This would include clear rules framing the responsibilities of digital services to address the risks faced by their users and to protect their rights. A public consultation in relation to the package closed on 8 September and on 15 December 2020 the Commission issued its proposal for a Regulation a Single Market For Digital Services (Digital Services Act).
The proposed Regulation aims to amend and harmonise the “notice and takedown” regimes and their operation in each Member State, to clarify the use of automated filtering, to harmonise the liability regime and to define the roles and powers of digital platform regulators.