Canada: Risks of User-Generated Content to Website Operators

Copyright 2010, Blake, Cassels & Graydon LLP

Originally published in Blakes Bulletin on Intellectual Property/Information Technology Social Media Series, December 2010

User-generated content (UGC) on websites raises many legal concerns because of its sheer volume and numerous sources. Canada does not afford the same protection to website operators for UGC as other major jurisdictions.

UGC includes not only content on video-sharing sites such as YOUTUBE, but also product reviews and contest submissions on business websites (see our September 2010 Blakes Bulletin on Intellectual Property). UGC may be immediately responsive and is usually not subject to journalistic or organizational filtering. Often, the source of UGC is anonymous or is falsely identified.

Therefore, the operator of a website which enables the publication or dissemination of UGC may be exposed to risks relating to UGC, including UGC posted by persons with whom it may have no connection. These risks include intellectual property infringement, defamation, misleading advertising and other torts.

Currently, there is no specific statutory protection available to website operators for UGC liability in Canada, except in the province of Quebec, but proposed amendments to the Canadian Copyright Act contemplate immunity from copyright infringement. The legislative immunities and safe harbours available to website operators for UGC liabilities in the United States and Europe highlight the risks to website operators in Canada.

In the United States, where a website operator acts passively, it may be immunized by the Communications Decency Act (CDA) against all claims except the infringement of federal intellectual property rights. The operator may be protected against copyright infringement claims by the Digital Millennium Copyright Act (DMCA) safe harbour.

In Europe, the E-Commerce Directive exempts certain website operators from liability for UGC where the operator has neither knowledge nor control over the content transmitted or stored.

United States Digital Millennium Copyright Act

Section 512 of the DMCA provides a safe harbour from copyright infringement for a qualifying website operator with respect to content stored on its website at the direction of a user.

To qualify, a website operator must be a "service provider" (SP), as defined in the DMCA. Based on the definition, SPs include classic Internet access service providers, web-hosting providers, operators of search engines, online auction sites, wikis, blogs, social networking sites, virtual worlds and more conventional websites that allow the posting of UGC.

An SP is not liable for monetary relief or, except in limited circumstances, for injunctive or other equitable relief for the infringement of copyright by reason of the storage, at the direction of a user, of material, such as UGC, that resides on a system or network controlled or operated by or for the SP. As preconditions to qualify for this safe harbour, an SP must:

• designate, and post contact information for, an agent to receive notification of alleged infringement;
• provide the agent's contact information to the United States Copyright Office;
• implement and disclose a copyright infringement policy and "notice and takedown" procedures;
• establish and disclose a repeat offender policy, whereby the SP terminates the accounts of users who repeatedly infringe copyright; and
• accommodate, and not interfere with, standard technical protection measures used by copyright owners to identify or protect copyrighted works.

In addition, with respect to particular material which is alleged to infringe copyright, the SP must:

• have no actual knowledge that the material, or any activity with the material, on its system or network infringes copyright and not be aware of facts or circumstances from which the alleged infringing activity is apparent;
• receive no financial benefit directly attributable to such activity, where the SP has the right and ability to control such activity; and
• expeditiously remove, or disable access to, the material upon obtaining knowledge or becoming aware of such activity, or receipt of notification of an infringement claim.

Viacom v. You Tube illustrates the application of the DMCA safe harbour. You Tube regularly removed videos from its website upon the receipt of takedown notices under the DMCA for particular works. However, the court held that You Tube was not liable for copyright infringement for the tens of thousands of videos available on its website which allegedly infringed the copyright of the plaintiffs but which had not been specifically identified in notices. The court held that a website operator is entitled to safe harbour protection in the absence of notice of specific and identifiable infringing works because the actual knowledge requirement is applicable to each work.

United States Communications Decency Act

Section 230 of the CDA stipulates that no provider of an "interactive computer service" (ICS) shall be treated as the publisher or speaker of any information provided by another "information content provider" (ICP).

To qualify for such immunity, a website operator must be an ICS, namely an information service, system or access software provider that provides or enables computer access by multiple users to a computer server. A website operator whose site permits the posting of UGC is an ICS.

An ICP is a person who is wholly or partially responsible for the creation or development of information provided through the Internet.

Eligibility for immunity under the CDA depends on the source of the information. If a website passively displays content that is created entirely by third parties, the CDA protects the operator from liability that would otherwise apply as a result of such publication, including in cases alleging defamation, fraudulent and negligent misstatement, misleading advertising and other torts.

Immunity is generally available where the ICS restricts its activities to traditional editorial functions or merely forwards content without making a material contribution. Immunity is also available to website users who post content from another source.

The CDA excludes immunity for the infringement of federal intellectual property rights, such as trade-mark and copyright infringement. However, immunity may be available for related claims, such as the violation of state trade-mark rights and rights of publicity.

An ICS does not enjoy immunity for content which it wholly or partially creates or for which it is responsible. Doctor's Associates v. QIP Holder illustrates that it is not always easy to draw the line between active and passive involvement.

In an advertising campaign for the QUIZNOS restaurant chain, QIP Holder (Quiznos) invited consumers to post videos on a dedicated website demonstrating "why you think QUIZNOS is better" by comparing the amount of meat in a particular QUIZNOS sandwich to a similar SUBWAY sandwich. QUIZNOS posted four sample videos created by its agency to assist the contestants.

When Doctor's Associates (Subway) sued for false advertising, QIP unsuccessfully moved for dismissal on the basis that it was immune under the CDA. The court said that it was "unclear" whether Quiznos went beyond the role of a passive publisher by actively soliciting the videos and shaping their content. The case was settled shortly after.

European E-Commerce Directive

In Europe, the E-Commerce Directive exempts a website operator that qualifies as an "information society service" (ISS) from liability for UGC where the ISS has neither knowledge nor control over the content transmitted or stored. An ISS is defined similarly to an ICS under the CDA. To benefit from the limitation on liability, the ISS must comply with the Directive.

A website operator is exempt from liability where the operator does not play an active role of a kind which gives it knowledge of, or control over, the data stored on its system. However, if its role becomes more than technical, automatic and passive, liability may attach. An ISS must act expeditiously to remove, or disable access to, content upon receipt of actual knowledge or becoming aware of illegal activities.

Canada

There is no Canadian federal legislation that corresponds to the CDA or DMCA. However, the proposed 2010 amendments to the Copyright Act in Bill C-32 (see our June 2010 Blakes Bulletin on Intellectual Property) would provide limited immunity in respect of copyright infringement (see also Copyright Issues in User- Generated Content and Scraping on page 3 of our December 2010 Blakes Bulletin on Intellectual Property.

Quebec

Quebec is the only Canadian province which provides statutory protection to a website operator for UGC. The Quebec Act to Establish a Legal Framework for Information Technology provides that a service provider who acts as an intermediary in providing content storage services on a communication network is not responsible for the activities of the service user with documents stored by the user or at its request.

The provider is not immune from liability for such storage if, upon becoming aware that the documents are being used for an illicit activity, or of circumstances that make such use apparent, the provider does not act promptly to block access to prevent the activity. However, a provider is not required to monitor content stored or communicated on the network or to identify circumstances indicating that the content is used for illicit activities.

Conclusion

The risks to website operators for UGC in Canada may require operators to exercise vigilance over UGC postings on websites that may be governed by Canadian law.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.