On 3 October 2019, the CJEU made an important decision in case C-18/18 with respect to the liability of hosting service providers and whether they may be ordered to remove or block access to content that they store.. As a reminder, hosting service providers are subject to a specific liability regime regarding the information they transmit or store for their clients, but of course they remain subject to court injunctions. Accordingly, the CJEU decided that a host provider, in this instance Facebook, may be ordered to remove or to block access to information which was published on its social network, the content of which was identical to information previously declared to be unlawful.
Such an injunction would also be valid for equivalent (but not identical) content, to the extent that such content would remain essentially unchanged compared to the content previously declared unlawful and that the host provider is not required to carry out an independent assessment of that content to determine whether it is unlawful. Indeed, host service providers cannot be subject to a general obligation to monitor information they store or to actively search unlawful content, except in limited circumstances (e.g. under Luxembourg law, where necessary to safeguard national security or for the prevention, detection and prosecution of criminal offences).
The liability regime of host providers is governed at European level by Articles 14 and 15 of the Directive 2000/31/EC on e-Commerce. This liability regime was transposed into Luxembourg law under Articles 62 and 63 of the Law of 14 August 2000 on e-Commerce. Under this regime, hosting providers are not liable for information they stored if they do not have actual knowledge of their illegal nature or if they act expeditiously to remove or disable access to that information as soon as they becomes aware of it.
This may also interest you :
- CJEU "Fashion ID" case: the operator of a website embedding a social media "Like" button can be a controller jointly with the social media editor
- CJEU limits the de-referencing right to the EU territory
- Guidelines on the "right to be forgotten" in the specific case of online search engine
- Guidelines on data protection by design and by default
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.