Trends in Censorship by Private Actors

This module aims to:

• Give an overview of ways in which non-state actors facilitate online censorship.

• Set out the international and regional legal principles that are implicated by online censorship.

• Unpack the concept of net neutrality.

• Examine the misuse of intermediary liability to curb expression and access.

• Explore the right to be forgotten.

• Explain the monitoring obligations of search engines and platforms.

Introduction

States’ obligations to uphold and respect rights, including digital rights, are a cornerstone of international law.(1) However, there is growing appreciation in international law and human rights that much of the digital space, and the technology used to access it, is owned, or controlled by multinational companies, giving the private sector unprecedented power to either uphold or infringe on an array of expressive rights. Litigators and activists must now contend not only with state abuses of digital rights but also violations by private actors.

In 2011, the United Nations Special Rapporteur on Freedom of Expression (UNSR on FreeEx) noted that: “Generally, companies have played an extremely positive role in facilitating the exercise of the right to freedom of opinion and expression,” but that “pressure exerted upon them by States, coupled with the fact that their primary motive is to generate profit rather than to respect human rights” creates risks for the private sector to engage in or enable censorship.(2)

In 2021, a subsequent UNSR on FreeEx highlighted the gendered dimensions of these risks, noting that social media companies’ failure to address the proliferation of online gender-based violence, and gender biases in content moderation and other AI-driven processes, have led to the silencing of women’s voices online.(3)

This module grapples with some of the long-term threats to freedom of expression from non-state actors, as well as emergent threats. Alongside a brief overview of relevant topics, it provides practical guidance on how to ensure that fundamental rights and freedoms are respected, protected, and promoted online.

Net Neutrality

An overview of net neutrality

The principle of net neutrality is that internet service providers (ISPs) should treat all internet traffic equally, without imposing restrictions or preferential treatment based on factors like the source, destination, or type of data being transferred, or any profit motive. For example, an ISP cannot block, slow down or alter access to service A or make it faster and easier to access service B.⁴ This aims to ensure that users have equal access to all online content and services. It means that ISPs must remain neutral and impartial when providing internet access.⁵

Net neutrality is now a well-established principle of contemporary human rights and international law.⁶

• A 2017 report of the UNSR, for example, found that: “In the digital age, the freedom to choose among information sources is meaningful only when Internet content and applications of all kinds are transmitted without undue discrimination or interference by non-State actors, including provider.”⁷

• In 2021, a resolution of the Human Rights Council on the promotion and protection of human rights on the internet included a clarion call for states to ensure net neutrality, and to prohibit ISPs from giving preferential access to particular types of content or services for commercial gain.⁸

In principle, net neutrality protections are designed to safeguard freedom of expression and access to information online by ensuring that such freedoms are not determined by market forces or curtailed by network providers. Net neutrality aims to promotes diversity, pluralism, and innovation, and to ensure that people can freely access information and impart ideas across the information society. The Steering Committee on Media and Information Society of the Council of Europe, in its report on Protecting Human Rights through Network Neutrality, explained that net neutrality encourages internet users to freely elect how they use their internet connection. The Center for Technology and Democracy explains that:

Preserving internet neutrality means preserving the power of individuals to make choices about how they use the Internet – what information to seek, receive, and impart, from which sources, and through which services.”⁹

Net neutrality, development and human rights

Given net neutrality’s role in the advancement of freedom of expression, it should be viewed through a human rights lens. Some have gone as far as suggesting that it is an emerging international human rights norm.¹⁰ Ensuring network neutrality is seen as central to the protection of fundamental human rights and an enabler of fair competition and innovation, as it promotes freedom and enhances network access.¹¹

Yet despite the demonstrable link between human rights and net neutrality and the clearly defined position of the UNSR, the past decade has seen growing threats to net neutrality. It has been the subject of regulatory debates and radical shifts in regulations across the world. Additionally, norms and standards have started to develop, and, equally, attempts by state and non-state actors to influence net neutrality and individuals’ freedom of expression online are pervasive. This will be outlined below.

Current challenges and debates

There are two common approaches that interfere with net neutrality:

• Blocking or throttling of content, either by state or non-state actors, may include entirely blocking or significantly slowing down access to specific websites, content, or platforms, or restricting access to content in specific geographic regions. This form of restriction contravenes international human rights norms. The Net Neutrality Compendium explains that “blocking certain information resources or restricting what information Internet users can impart over their connection would have serious implications for the right to free expression. For example, blocking access to a particular lawful blog because its content is disfavoured by the access provider would raise obvious concerns.” The 2017 Report of the UNSR notes that “States’ use of blocking or filtering technologies is frequently in violation of their obligation to guarantee the right to freedom of expression.”

• Zero-rating involves the differential treatment of content by making certain content available with a zero-download cost.¹²

This method is less drastic than blocking and throttling of content and is often framed in terms of public benefit. The 2017 Report of the UNSR describes zero-rating as “the practice of not charging for the use of internet data associated with a particular application or service; other services or applications, meanwhile, are subject to metered costs.” The impact of zero-rating can depend on who implements it, the purpose of the zero-rating, how decisions are made about what content is zero-rated, and the nature of the content itself. In low-income contexts, it can be an effective way to provide widespread access to information in the public interest.

States have responded differently to debates about net neutrality and zero-rating, with some legislating strong protections for the former and others developing policies to promote zero-rating of certain content as a public service.

Certain developed states have shown a trend towards complete bans of zero-rating, perhaps as a reflection of better and more affordable connectivity. Canada, Norway, Slovenia, and the Netherlands are some of the states that have prohibited service providers from differentiating between tariffs for internet access services.¹³

Among developing countries, zero-rating is more likely to be viewed as a policy approach to address challenges such as limited internet access, high data prices and widespread digital divides. Notably, the global COVID-19 pandemic prompted a range of temporary zero-rating initiatives in both developed¹⁴ and developing nations,¹⁵ in which online education, health, and other resources were zero-rated. In many instances, ISPs voluntarily provided zero-rated access to certain resources, such as in Tanzania and Kenya,¹⁶ while in South Africa the government issued regulations requiring ISPs to zero-rate certain resources.¹⁷

While these measures were enacted as once-off exceptions in the unprecedented challenges of a global pandemic, in the long run, zero-rating could be seen to cause complications in relation to net neutrality. Access Now explains:

“Activists in advanced economies are struggling to communicate the importance of Net Neutrality for free expression, innovation, and competition, in some cases to audiences that are increasingly anti-regulation. Many in developing countries are facing down critics who argue that non-neutral internet access somehow functions as an “on-ramp” for the free and open internet.” The following examples illustrate the complexity of this debate.

Practically engaging with net neutrality

As illustrated above, state and non-state actors often seek to depart from the principles of net neutrality and materially change the conditions of people’s access to the internet, which impacts the right of freedom of expression and access to information. Overcoming the threats to net neutrality involves two key considerations: the need to ensure adequate safeguards that preserve net neutrality; and the need to understand what limitations are permissible in relation to net neutrality. According to the Net Neutrality Compendium:

To an unprecedented degree, the Internet transcends national borders and reduces barriers to the free flow of information, enabling free expression, democratic participation, and the enjoyment of other rights … Establishing rules to preserve net neutrality – or more precisely, Internet neutrality – is one way to prevent the imposition, by those in a position to control access, of structural inequalities that would distort this environment.”³¹

As discussed above, states should preserve net neutrality in order to promote the widest possible non-discriminatory access to information. Calling on states to enact laws or regulations to protect net neutrality is an important step in holding states accountable and pushing them to fulfil their responsibilities of protecting freedom of expression.³²

While adequate legislative and regulatory provisions are the goal, it is, as with all rights, imperative to know what limitations are permissible. The 2011 Joint Declaration on Freedom of Expression and the Internet stated:

Freedom of expression applies to the Internet, as it does to all means of communication.  Restrictions on freedom of expression on the Internet are only acceptable if they comply with established international standards.

Simply put, limitations to net neutrality should only be permitted when provided by law and where necessary and proportionate to the achievement of a legitimate aim.³⁴ This three-part test is rooted in article 19³ of the International Covenant on Civil and Political Rights (ICCPR) and must be passed for the legitimate and legal restriction of the right to freedom of expression.

In a 2018 Report, the UNSR made the following notable statements regarding state and company liability that should be kept in mind when litigating issues around net neutrality:

• In relation to state responsibility: Human rights law imposes duties on states to ensure enabling environments for freedom of expression and to protect its exercise. The duty to ensure freedom of expression obligates states to promote, among other things, media diversity, independence, and access to information. Additionally, international and regional bodies have urged states to promote universal internet access. States also have a duty to ensure that private entities do not interfere with the freedoms of opinion and expression. The UN Guiding Principles on Business and Human Rights (Guiding Principles), adopted by the Human Rights Council in 2011, emphasise state duties to ensure environments that enable business respect for human rights.

• In relation to state responsibility: The Guiding Principles establish a framework according to which companies should, at a minimum, avoid causing or contributing to adverse human rights impacts, and seek to prevent or mitigate such impacts directly linked to their operations, products, or services by their business relationships, even if they have not contributed to those impacts.

Conclusion

Developing countries continue to face challenges in relation to net neutrality and the suggestion that some access is better than no access. While there is a need for a nuanced approach to zero-rating to enable access to public interest information, the international human rights framework is clear on the need to protect equal access, and states should not enable infringements on net neutrality to serve as justification for failing to take steps toward full and meaningful internet access for all. It is necessary for civil society actors and human rights litigators to ensure that net neutrality is protected through lobbying states, sending complaints to regulators, strategic litigation, and public advocacy, in order to achieve the goal of equal opportunity in access.

Intermediary Liability

Internet intermediaries – an overview

‘Internet intermediary’ is a broad, constantly developing term referring to the many services and stakeholders involved in providing access to internet services. The Council of Europe suggests the term encompasses “a wide, diverse and rapidly evolving range of service providers that facilitate interactions on the internet between natural and legal persons.” Their functions include connecting users to the internet; hosting web-based services; facilitating the processing of data; gathering information and storing data; assisting searching, and; enabling the sale of goods and services.³⁵

Examples of internet intermediaries include:

• Internet service providers who offer connectivity;

• Web hosting companies that provide the infrastructure;

• Search engines and social media platforms, that provide content and facilitate communication.³⁶

Simply put, “internet intermediaries are the pipes through which internet content is transmitted and the storage spaces in which it is stored and is therefore essential to the functioning of the internet.”³⁷ Internet intermediaries dominate a pivotal role in the current digital climate impacting social, economic and political exchanges. They can influence the dissemination of ideas and have been described as the “custodians of our data and gatekeepers of the world’s knowledge”.³⁸

It is not difficult to see the link between internet intermediaries and the advancement of an array of human rights. As gatekeepers to the internet, they occupy a unique position in which they can enable the exercise of freedom of expression, access to information and privacy rights. The 2016 Report of the UNSR noted that:

The contemporary exercise of freedom of opinion and expression owes much of its strength to private industry, which wields enormous power over digital space, acting as a gateway for information and an intermediary for expression.

Internet intermediary liability

Given the important roles that intermediaries play in society, with influence on either upholding or infringing on a myriad of implicated rights, it is imperative to understand their legal liability. The Association for Progressive Communications (APC) explains that intermediary liability refers to the extent that internet intermediaries should be held responsible for what users do through their services. Where intermediary liability exists, ISPs have an obligation to prevent unlawful or harmful activity by users of their services, and failure to do so may lead to legal consequences such as orders to compel or criminal sanctions.

For example, in 2023 the Malaysian Communications and Multimedia Commission (MCMC) announced that it would take legal action against Meta for what it saw as a failure to promptly remove content deemed harmful.³⁹ This reportedly included matters related to race, royalty, religion, and instances of defamation, impersonation, online gambling, and fraudulent advertisements. Digital rights advocates argued that the MCMC’s threat of legal action against a social media platform for its content moderation decisions poses a potential risk to intermediary liability principles and online freedom of expression.⁴⁰

In a report on the liability of internet intermediaries in Nigeria, Kenya, South Africa, and Uganda, APC captured the following ways in which intermediary liability can arise:

• Copyright infringement.

• Digital privacy.

• Defamation.

• National and public security.

• Hate speech.

• Child protection.

• Intellectual property disputes.

While intermediary liability can be associated with a legitimate interest, there are growing concerns, as noted by the UNSR in the 2016 Report, about the “appropriate balance between freedom of expression and other human rights” and the misuse of intermediary liability to curb expression and access.⁴¹ The legal liability of intermediaries has a direct impact on users’ rights, as intermediaries are more likely to be pre-emptively restrictive, and even prevent lawful activity, to avoid possible legal consequences. In this regard, there is a direct correlation between restrictive liability laws – the over-regulation of content – and the increased censorship, monitoring and restrictions of legitimate and lawful online expression. There are three general approaches to intermediary liability, each with differing considerations and implications: strict liability, the broad immunity model, and the safe-harbour model.

Strict liability

In terms of this approach, intermediaries are liable for third-party content. The abovementioned UNESCO report states that the only way to avoid liability is to proactively monitor, filter, and remove content in order to comply with the state’s law. Failing to do so places an intermediary at risk of fines, criminal liability, and revocation of business or media licenses. The UNESCO report notes that China and Thailand are governed by strict liability. This approach is largely considered inconsistent with international norms and standards.

Broad immunity model

On the other end of the spectrum is the broad immunity model, which provides exemptions from liability without distinguishing between intermediary function and content. The UNESCO report cites the Communications Decency Act in the United States as an example of this model, which protects intermediaries from liability for illegal behaviour by users when they do remove content in compliance with private company policy. ARTICLE19 explains that under this model, intermediaries are not responsible for the content they carry, but are responsible for the content they disseminate. The Organisation for Economic Co-operation and Development (OECD), in its Council Recommendation on principles for internet policy, makes reference to this as the preferred model, as it conforms with the best practices, discussed below, and gives due regard to the promotion and protection of the global free flow of information online.

Safe-harbor model

The safe harbour model, otherwise known as conditional liability, seemingly adopts a middle-ground approach. This approach gives intermediaries immunity provided they comply with certain requirements. Through this approach, intermediaries do not have to actively monitor and filter content but rather are expected to remove or disable content upon receipt of notice that the content includes infringing material. Central to this approach is the idea of ‘notice and takedown procedures’, which can be content- or issue‑specific. There are mixed views on this approach; for some, it is a fair middle-ground; for others, it is a necessary evil to guard against increased filtering or a complete change in the intermediary landscape.⁴² As noted in the UNESCO report, there are others who express concern about this approach because of its susceptibility to abuse, as it may lend itself to self-censorship, giving the intermediaries quasi-judicial power to evaluate and determine the legality of content.

At the core of the debate between the various models is the need to understand the difference between lawful and unlawful content. There is a chilling effect on expression when internet intermediaries are left to their own devices to determine what is good or legal, as it is likely they will tend towards more censorship than less, out of fear of liability.

Keeping in line with a human rights perspective, this guide advocates that “[t]he right to freedom of expression online can only be sufficiently protected if intermediaries are adequately insulated from liability for content generated by others.”(45) The following section provides some guidance on applicable international human rights frameworks that can be relied on when advocating for rights in relation to intermediary liability.

In 2021, the UN Special Rapporteur warned against the trend of states passing regulations and issuing orders to pressure online platforms to police speech, rather than creating rights-preserving processes that can be adjudicated through the courts, noting:

“The risk with such laws is that intermediaries are likely to err on the side of caution and “over-remove” content for fear of being sanctioned.”⁴⁶

Different interest groups continue to push different agendas in relation to internet intermediaries and their liability. Many countries either have non-existent laws or vague and inconsistent laws that make it difficult to enforce rights. There are, however, applicable international human rights frameworks that guide how laws should be enacted or how restrictions may be imposed. With any rights-based advocacy or litigation, it is necessary to establish the rights invoked. As discussed above, it is clear that internet intermediaries play a vital role in the advancement of an array of rights. Thereafter, the next step is to determine responsibility.

In relation to internet intermediaries, the triad of information rights is clearly invoked. The 2010 UN Framework for Business and Human Rights finds that states are primarily responsible for ensuring that internet intermediaries act in a manner that ensures the respect, protection and promotion of fundamental rights and freedoms of internet users. But at the same time, the intermediaries themselves have a responsibility to respect the recognised rights of their users.

Although there might be complexities regarding the cross-jurisdictional scope of intermediaries’ powers and responsibilities, international human rights norms should always be at the fore.

Given the link between internet intermediaries and the fundamental right to freedom of expression, it is best to engage with this topic and test laws, regulations and policies against prescribed human rights standards and understand the restrictions and limitations that may be applicable. As discussed in previous sections, restrictions on the right to freedom of expression have been formulated as a strict, narrow, three-part test – namely, that the restriction must:

• Be provided by law;

• Pursue a legitimate aim; and

• Conform to the strict tests of necessity and proportionality.⁴⁷

Laws content restriction orders and practices must comply with this test. Practically, the need to assess the compliance of legislative frameworks is most likely to be needed in jurisdictions that adopt the strict liability model and the safe-harbour model. The strict liability model can be easily tested and found to be compliant. The safe-harbour model requires slightly deeper engagement to determine compliance, as the following example – namely Kenya’s Copyright (Amendment) Act of 2022 – shows.

In 2015, a group of civil society organisations drafted a framework of baseline safeguards and best practices to protect human rights when intermediaries are asked to restrict online content. Known as the Manila Principles, these were drafted with the intention of being “considered by policymakers and intermediaries when developing, adopting, and reviewing legislation, policies and practices that govern the liability of intermediaries for third-party content.” Advocates and litigators should similarly rely on these best practice principles, which are based on international human rights instruments and other international legal frameworks when advancing online rights.

Digital rights advocates have used these principles to test whether states’ legal frameworks and regulations for intermediary liability are adequate. For example, in 2018 India’s ICT ministry published draft regulations that would add new restrictions to that country’s existing intermediary liability, including for example that internet intermediaries should automatically, proactively filter out content that promotes cigarettes and alcohol.⁴⁹ The Centre for Internet and Society (CIS) made submissions showing that the draft 2018 Rules were unaligned to the Manila Principles and had the potential to infringe on the right to freedom of expression. At the time of this publication, the provisions in the 2018 Draft Rules had not been put into regulation, and the CIS approach is a useful illustration of how the Manila Principles can be used to test domestic legislation against international best practices.

However, from 2021 to 2023 the Ministry subsequently proposed new, more extensive changes to the intermediary liability framework.⁵⁰ While these do not include the controversial provisions of the 2018 Draft Rules, the changes extend new liabilities to the online game industry and include new restrictions on publishing information which is “patently false and untrue or misleading in nature”. In follow-up submissions, the CIS argued that this effectively requires intermediaries to factcheck any content published through their services, which they argue is unconstitutional.

The apparent successes in having the draft 2018 Rules withdrawn illustrate the importance of digital rights advocates bringing international law to bear in their policy engagements. Yet the subsequent developments in India’s intermediary liability framework illustrate the ongoing debates and need for further engagement to ensure emerging policies uphold the principles of freedom of expression online.

Conclusion

Internet intermediaries play a crucial role in the advancement of human rights. Intermediary liability needs to be understood holistically in relation to the prevention of harm, the protection of free speech and access to information, and encouraging innovation and creativity.⁵¹

While there is a growing trend of online harms and unlawful content:

“The law must find a way to flexibly address these changes, with an awareness of the ways in which existing and proposed laws may affect the development of information intermediaries, online speech norms, and global democratic values.”⁵²

Right To Be Forgotten

Overview of the right to be forgotten

The right to be forgotten, which is also described as the right to be delisted, or the right to erasure, involves an entitlement or right to request that search engines remove links to private information taking into account the right to privacy weighed against public interest considerations.⁵³

In India, the Digital Personal Data Protection Bill of 2022, specifically in section 14, introduces the concept of the “Right to be Forgotten.”⁵⁴ This right grants individuals, known as data principals, the authority to correct or erase their personal data. If a data fiduciary receives such a request, they are obligated to either correct, complete, or update the data principal’s information, or erase it if it is no longer necessary for the original processing purpose, unless retention is legally required. It’s important to note that the Digital Personal Data Protection Bill is yet to be passed, and currently, the Information Technology Act of 2000 provides relevant protections.

This wide discretion for search engines to balance the competing elements of relevance and the public interest left some digital rights activists concerned. The decision also triggered a debate regarding the tension between the right to privacy and the right to freedom of expression and access to information. Some privacy proponents welcomed the legal development for creating space for people to have some level of control over their personal information, arguing that it “restores the balance between free speech and privacy in the digital world.”⁵⁶ Others were more circumspect, noting that when information is delisted it affects other fundamental rights, including freedom of expression and the right to receive and impart information and ideas.⁵⁷

Evolution of the right to be forgotten

Following the abovementioned judgment, the right to be forgotten has been recognised in domestic contexts,⁵⁸ regional legislation and again by the CJEU. For example, the High Court of Orissa, India held in Rout v State of Odisha (2020) that the right to be forgotten is an integral part of the right to privacy. Nevertheless, some countries’ courts continue to push back against such a right. In Curi et al v Globo Comunicação e Participações S/A (2021), the Brazilian Federal Supreme Court held that a general right to be forgotten is incompatible with the Federal Constitution.

As of 2022, Google’s Transparency Report revealed that it had delisted nearly 50% of the URLs requested for removal under these terms, having received over 1.3 million requests from users to be “forgotten” since 2014. The relevance of this new right cannot be disputed; however, its scope, applicability and effects are still being debated.

In May 2018, the European Union (EU) elevated the status of the right through article 17 of the General Data Protection Regulation. Article 17 provides data subjects with the right to the erasure of their personal data from search engines. It further obliges search engines to erase personal data without undue delay subject to listed grounds. When erasure is required, article 17² stipulates that all reasonable steps must be followed – taking into account the available technology and the cost of implementation – to inform all controllers processing the personal information that any links, copies or replication of the personal data should also be erased. Article 17³ includes instances when the right to be forgotten does not apply, namely for exercising the right of freedom of expression and information; for compliance with a legal obligation; for reasons of public interest in the area of public health; for archiving purposes in the public interest, scientific or historical research or statistical purposes; or for the establishment, exercise or defence of legal claims.

The careful navigation of balancing privacy rights against freedom of expression will continue to pose challenges as the digital landscape continues to evolve.⁵⁹

The extra-territorial scope of the right to be forgotten

In many ways, the CJEU clarified the extra-territorial scope of the right to be forgotten. The CJEU has acknowledged that states are still entitled to develop the content of this right within their respective jurisdictions, and are still at liberty to adopt different approaches when balancing the relevant rights and interests – provided that such an approach is compliant with international human rights norms.

Opportunities and risks

The right to be forgotten can provide important protections for privacy and can fulfil an important role in promoting agency and autonomy. State and non-state actors have far-reaching powers when it comes to the online personal information and identity of individuals. Allowing individuals to have some ownership of their personal information gives them a degree of control over their digital identities. Most online personal information has no bearing on public interest considerations and has far more intrinsic value to the individual than to society at large. The current jurisprudential and legislative developments in this regard have been sensitive to this, recognising the difference between what is of value to an individual, what is interesting to the public, and what is in the public interest.

There were concerns that an “overly expansive right to be forgotten will lead to censorship of the Internet because data subjects can force search engines or websites to erase personal data, which may rewrite history.”⁶⁰ In some instances, it is permissible for individuals not to be indefinitely defined by their past. The Google Spain judgment provides some direction on this, where it recognised the need for relevant considerations to take place – such as the nature and sensitivity of the information, the public interest and the role played by the data subject in public life – when finding a fair balance between the right of the data subject and the interests of internet users.

Shortly after the Google Spain judgment, Google received an array of requests from people to have articles of their past removed from the search engine. Google’s regular Transparency Reports provide some guidance on how it deals with requests, providing examples of some of the outcomes of requests for erasure. In 2017, for example, the report noted some responses to politician’s requests stating “[w]e did not delist the URLs given his former status as a public figure”, while another stated “[w]e delisted 13 URLs as he did not appear to be currently engaged in political life and was a minor at the time.” ARTICLE 19 explains that, from a child’s rights perspective, binding children to negative aspects of their past can “impede their development and diminish their sense of self-worth.”

There are legitimate benefits that accompany the right to be forgotten; however, there are also risks associated with the right, in particular around the enforcement of rights and the adverse effect this can have on the right to freedom of expression.⁶¹ A lack of cogent regulatory safeguards can result in search engines becoming the “judge, jury, and executioner” of the right to be forgotten.⁶² There are risks involved in conferring such a decision-making power on a private entity, particularly given the need to balance competing rights, an exercise traditionally reserved for courts.⁶³ The Electronic Frontier Foundation expressed concern that the “ambiguous responsibility upon search engines” will censor the internet.

Conclusion

The right to be forgotten brings to the fore the tensions between the right to privacy and the right to freedom of expression and given the rapid pace at which digital space is changing, these tensions will likely persist. Provided public interest overrides are prioritised and adequate safeguards are put in place, there can be some degree of consonance.

Monitoring Obligations of Search Engines and Platforms

Overview of monitoring obligations of search engines and platforms

The internet has been described as “the greatest tool in history for global access to information and expression”.⁶⁴ But it is also a powerful tool for disinformation and hate speech which have, as captured in the Joint Letter from Special Rapporteurs and experts, “exacerbated societal and racial tensions, inciting attacks with deadly consequences around the world.” The increase in the spread of disinformation and the rise of the internet being used for nefarious purposes has put non-state actors in a somewhat precarious position. The UN Human Rights Office of the High Commissioner notes that along with the many opportunities associated with the internet, there are growing threats of unlawful activities online. The ease with which malicious content can spread online has posed a dilemma for states and intermediaries. On the one hand, there is a need to mitigate online harms, but on the other, in order to do so, content must not be moderated in a manner that leads to censorship and free speech violations.⁶⁵ Intermediaries are now complying with state laws concerning content regulation and are also, in some instances, acting proactively to monitor content, either of their own volition or in order to escape liability.⁶⁶

The 2018 Report by the UNSPR noted key concerns regarding content regulation:

States regularly require companies to restrict manifestly illegal content such as representations of child sexual abuse, direct and credible threats of harm and incitement to violence, presuming they also meet the conditions of legality and necessity. Some [s]tates go much further and rely on censorship and criminalization to shape the online regulatory environment.

Monitoring obligations for search engines and platforms are loosely understood as general obligations imposed on intermediaries to monitor all content and filter unwanted content.⁶⁷ Intermediaries faced with these obligations are expected to develop content recognition technologies or other automatic infringement assessment systems and essentially develop and utilise filtering systems.⁶⁸ In instances where there are strict monitoring obligations, monitoring will likely become the norm, opening intermediaries to automatic and direct liability.⁶⁹ Monitoring obligations raise concerns with respect of intermediary liability. It has been noted that:

Monitoring obligations drastically tilt the balance of the intermediary liability rules toward more restriction of speech, may hinder innovation and competition by increasing the costs of operating an online platform, and may exacerbate the broadly discussed problem of over-removal of lawful content from the Internet.”⁷⁰

Further to the above, there has been a trend, akin to that of the right to be forgotten, where states demand global removal of content that violates domestic law.⁷¹ Notwithstanding the recent findings of the CJEU, these demands might continue, as predicted by the UNSR in the 2018 Report, to have the chilling effect of allowing censorship across borders.

The imposition of monitoring obligations appears to have primarily been in relation to copyright infringements. However, it is growing at an unprecedented rate, causing grave concern for free expression.⁷² Judgments of the European Court of Human Rights (ECtHR) provide useful insight into the issues regarding online platforms and liability for users’ comments.

Jurisprudential developments

The 2,%22itemid%22:[%22001-155105%22]}" target="_blank" rel="noreferrer noopener">Delfi v Estonia matter was the first of the prominent cases to address the issue of content moderation and online media liability. An Estonian newspaper, Delfi, published an article that was critical of a ferry company. The article received 185 comments online, some of which were targeting a board member of the company, L, and were considered threatening and/or offensive. L requested that the comments be immediately taken down and claimed approximately €32,000 in compensation for non-pecuniary damages. Delfi agreed to remove the comments but refused to pay the damages. L approached the Harju County Court, bringing a civil claim against Delfi. The County Court found that the company could not be considered the publisher of the comments, and it did not have an obligation to monitor them. L appealed to the Tallinn Court of Appeal who remitted the matter back to the County Court for reconsideration, concluding that the lower court had erred in its finding in relation to Delfi’s liability. The matter eventually reached the Supreme Court, which found that there was a legal obligation to avoid causing damage to other persons and that Delfi should have prevented the clearly unlawful comments from being published. The Supreme Court noted that after the comments had been published, Delfi failed to remove them on its own initiative, although it must have been aware of their unlawfulness. Delfi’s failure to act was found to be unlawful.

Delfi applied to the First Section of ECtHR, arguing that the imposition of liability for the comments violated its right to freedom of expression. The ECtHR was faced with the question of whether Delfi’s obligation, as established by the domestic judicial authorities, to ensure that comments posted on its internet portal did not infringe the personality rights of third persons was in accordance with the right to freedom of expression. In order to resolve this question, the ECtHR developed a four-stage test:

• The context of the comments.

• The measures applied by the Delfi in order to prevent or remove defamatory comments.

• The liability of the actual authors of the comments as an alternative to the applicant company’s liability.

• The impacts of the restrictions imposed on Delfi in a democratic society.

The ECtHR found that the restriction on Delfi’s right to freedom of expression was justified and proportionate, taking into consideration the following:

• The insulting and threatening nature of the comments which were posted in reaction to an article published by Defli;

• The insufficiency of the measures taken by Delfi to avoid damage being caused to other parties’ reputations and to ensure a realistic possibility that the authors of the comments will be held liable; and

• The moderate sanction imposed on Delfi.

Following this decision by the First Section, the matter was then referred to the Grand Chamber of the ECtHR. In 2015, the Grand Chamber affirmed the judgment of the First Section. In this regard, in the 2015 2,%22itemid%22:[%22001-155105%22]}" target="_blank" rel="noreferrer noopener">Delfi v Estonia judgement, the Grand Chamber noted:

[W]hile the Court acknowledges that important benefits can be derived from the Internet in the exercise of freedom of expression, it is also mindful that liability for defamatory or other types of unlawful speech must, in principle, be retained and constitute an effective remedy for violations of personality rights.

The Grand Chamber, in determining if freedom of expression had been infringed, considered the restriction was lawful, sought to achieve a legitimate aim and was necessary in a democratic society. Ultimately the Grand Chamber concluded that Delfi was liable for defamation as the publisher of the comments. The Grand Chamber found that “an active intermediary which provides a comments section cannot have absolute liability” and noted that “freedom of expression cannot be turned into an exercise in imposing duties.”

While the Grand Chamber found that the liability against Delfi had been a justified and proportionate restriction on the news portal’s freedom of expression, it noted, in its appendix that:

We trust that this is not the beginning (or the reinforcement and speeding up) of another chapter of silencing and that it will not restrict the democracy-enhancing potential of the new media.  New technologies often overcome the most astute and stubborn politically or judicially imposed barriers.  But history offers discouraging examples of censorial regulation of intermediaries with lasting effects.  As a reminder, here we provide a short summary of a censorial attempt that targeted intermediaries.

Shortly after the Grand Chamber’s Delfi judgment, the Fourth Section of the ECtHR considered whether a non-profit, self-regulatory body of intermediaries (MTE) and an internet news portal (Index) were liable for offensive comments posted on their websites in Magyar Tartalomszolgáltatók Egyesülete v Hungary. In 2010, the two parties published an article critical of two real estate agents. The article attracted some comments that the estate agents found to be false and offensive and which, they argued, infringed on their right to a good reputation. MTE and Index were held liable by the Hungarian courts for the comments. MTE and Index approached the ECtHR arguing that their right to freedom of expression had been violated.

The ECtHR noted that interferences with the freedom of expression must be “prescribed by law,” have one or more legitimate aims, and be “necessary in a democratic society.” The ECtHR applied the same four-stage test as it did in Delfi but differed from its finding in Delfi, concluding that there had been a violation of freedom of expression. The ECtHR found that:

• The comments triggered by the article can be regarded as going to a matter of public interest and while they were vulgar that were not necessarily offensive, noting that style constitutes part of the communication as the form of expression and is protected together with the content of the expression.

• The conduct of MTE and Index in providing a platform for third-parties to exercise their freedom of expression by posting comments is a journalistic activity of a particular nature. It was noted that it would be difficult to reconcile MTE and Index’s liability with existing case law that cautions against the punishment of a journalist for assisting in the dissemination of statements made by another person.

• MTE and Index took certain general measures to prevent defamatory comments on their portals or to remove them.

The ECtHR found that there had been a violation of freedom of expression and concluded with the following:

[I]n the case of Delfi, the Court found that if accompanied by effective procedures allowing for rapid response, the notice-and-take-down-system could function in many cases as an appropriate tool for balancing the rights and interests of all those involved.  The Court sees no reason to hold that such a system could not have provided a viable avenue to protect the commercial reputation of the plaintiff. It is true that, in cases where third-party user comments take the form of hate speech and direct threats to the physical integrity of individuals, the rights and interests of others and of the society as a whole might entitle Contracting States to impose liability on Internet news portals if they failed to take measures to remove clearly unlawful comments without delay, even without notice from the alleged victim or from third parties.  However, the present case did not involve such utterances.

It has been noted that there are some inconsistencies in the ECtHR’s approach to online liability.⁷³ However, it does appear that the shift away from the Delfi reasoning was a shift in the right direction.⁷⁴ Ultimately, these cases have illustrated that even though freedom of expression is paramount, complete immunity is not always attainable, and there might be instances where intermediaries will be responsible for the moderation of content.⁷⁵

Efforts to address content moderation at the global level

UN Human Rights Office of the High Commissioner has noted:

One of the greatest threats to online free speech today is the murkiness of the rules . . .  States circumvent human rights obligations by going directly to the companies, asking them to take down content or accounts without going through legal process, while companies often impose rules they have developed without public input and enforced with little clarity. We need to change these dynamics so that individuals have a clear sense of what rules govern and how they are being applied.

Alongside the considerable rights implications for the moderation of online content by intermediaries, there is the glaring lack of adequate rules, guidelines, procedures and remedies in relation to the current practices of content moderation that are cause for concern.⁷⁶ It is clear that a human rights framework ought to be guiding the principles for company content moderation.

It has been noted that there are some inconsistencies in the ECtHR’s approach to online liability.⁷⁷ However, it does appear that the shift away from the Delfi reasoning was a shift in the right direction.⁷⁸ Ultimately, these cases have illustrated that even though freedom of expression is paramount, complete immunity is not always attainable, and there might be instances where intermediaries will be responsible for the moderation of content.⁷⁹

Conclusion

The growing power of private actors within the internet and technology sphere raises new questions with regard to the protection of freedom of expression in the modern age. Private actors have gained the ability to filter and control the flow of information to internet users, raising questions about net neutrality, and complex challenges with regard to enabling access to the internet and to information in developing countries, while maintaining the free and unhindered flow of information.

These powerful actors, along with online news publishers and a host of other internet intermediaries, have also become responsible for hosting huge quantities of information created and posted by regular users, raising questions about how responsibility should be apportioned for illegal or damaging content online. In particular, concerns have been raised that apportioning liability to intermediaries risk creating a digital ecosystem in which freedom of expression is routinely and structurally stymied because of fears of being held liable.

The right to privacy and the protection of personal information has come up against the free flow of information in the issue now known as ‘the right to be forgotten,’ which has begun to be dealt with at length in regional and domestic courts. This issue relates closely to that of the content moderation obligations of private platform providers and search engines, who must make influential decisions every day about what content will be allowed and what will be removed, with significant consequences for the right to freedom of expression in the digital age.

As a result, it is vital that mechanisms and processes for greater transparency and accountability over the decisions of these powerful, private actors be put in place to ensure alignment with international human rights law and standards on freedom of expression and access to information.