28 December 2018

Online Intermediaries

'The Liability of Australian Online Intermediaries' by Kylie Pappalardo and Nicolas Suzor in (2018) 40(4) Sydney Law Review 469 comments
This article provides a comprehensive review of the current state of Australian online intermediary liability law across different doctrines. Different aspects of Australian law employ a range of tests for determining when an actor will be liable for the actions of a third party. So far, these tests have primarily been developed in cases brought under the laws of defamation, racial vilification, misleading and deceptive conduct, contempt of court, and copyright. In this article, we look across these bodies of law to highlight common features and doctrinal differences. We show that the basis on which third party intermediaries are liable for the actions of individuals online is confusing and, viewed as a whole, largely incoherent. We show how the main limiting devices of liability across all of these schemes — intention, passivity, and knowledge — are ineffective in articulating a clear distinction for circumstances in which intermediaries will not be held liable. The result is a great deal of uncertainty. We argue that intermediary liability law should develop by focusing on the concept of responsibility, and that existing principles in tort jurisprudence can help to guide and unify the different standards for liability. 
The authors argue
 Online intermediary liability law in Australia is a mess. Internet intermediaries, including telecommunications providers, internet service providers (‘ISPs’), content hosts, search engines, social media platforms, and e-commerce and payment providers all play a major role in enabling (and restricting) the information that people can see and post online.[1] The legal bases on which intermediaries are liable for the actions of individuals online is confusing and, viewed as a whole, largely incoherent. As the internet has grown up, courts and legislatures around the world have struggled to extend the reach of territorial laws to adequately deal with online communications and interactions. As pressure has mounted to find a way to enforce local laws to deal with specific emerging tensions, the legal response has been haphazard. In Australia, liability under separate doctrines has developed out of their particular bodies of common law jurisprudence in almost complete isolation. The result is a great deal of uncertainty; the rules and standards for third-party liability in copyright differ from those in defamation, in other torts, in contract, and in civil content regulation and criminalised speech. Courts, legislatures, lobbyists, and civil society groups are struggling to articulate a coherent basis upon which intermediaries should be required to act to enforce the law against their users in a way that is effective, fair, and does not chill investment in online services. This is an increasingly heated and important debate, but the possibility of reaching any broad consensus remains elusive. 
The pressure to find a way to enforce local laws to deal with specific emerging tensions is reflected across a number of separate ongoing legal debates in Australia. The High Court of Australia’s decision in Roadshow Films Pty Ltd v iiNet Ltd[2] that iiNet, an ISP, was not liable for copyright infringement by users of its service has led successive governments to respond with a confusing range of policy options. This has included first mooting a substantial legislative reversal of the decision,[3] then a failed attempt to require ISPs to negotiate with rightsholders in the shadow of a threat to introduce more burdensome regulation,[4] and new laws requiring ISPs to block access to websites that infringe copyright in certain circumstances.[5] In defamation law, first instance courts are struggling to articulate the appropriate reach of defamation law beyond website operators and on to search engines.[6] In 2014, the Australian Law Reform Commission (‘ALRC’) recommended the introduction of a civil action for serious breaches of privacy,[7] which it suggested should probably also apply to intermediaries who fail to remove private information from their networks after they have been notified of a serious invasion of privacy.[8] A separate 2011 report by the ALRC into content regulation recommended that internet intermediaries ought to be required to block or remove ‘prohibited’ content available on or through their networks.[9] This recommendation follows a failed attempt from 2008 through 2012 to empower the Australian Communications and Media Authority to designate prohibited content to which ISPs must block access.[10] The Australian Government has also created the role of ‘eSafety Commissioner’,[11] with the power to request that large social network sites remove ‘cyberbullying’ content targeted at Australian children.[12] The eSafety Commissioner’s remit has recently been extended beyond children to include identifying and removing illegal online content and tackling image-based abuse.[13] A 2017 review considered how federal law may require intermediaries to remove sexual images posted without the consent of the subject[14] — a phenomenon colloquially known as ‘revenge porn’.[15] This is an issue that the Australian Government is still determining how to resolve.[16] 
None of these initiatives express a coherent or consistent articulation of when, exactly, an online intermediary will be liable for the actions of their users. There are conflicting authorities both within and between separate bodies of law that impose different standards of responsibility on online intermediaries. Courts are struggling to adapt the law to apply to new technological contexts in a way that adequately balances competing interests from within the confines of existing doctrines. The legislative process is alternately heated and stalled; policymakers too are struggling to articulate balances that are acceptable to all stakeholders. 
In this article, we provide an overview of the current state of Australian intermediary liability law, and argue that a greater focus on responsibility can help to guide and unify the different standards for liability. In Part II, we explain the struggle to regulate the internet, the competing tensions, and the growing pressure for intermediaries to take a more active role in upholding the law and enforcing social norms. In Part III, we provide a comprehensive review of online intermediary liability case law in Australia. We show that there is a common struggle to articulate the boundaries of intermediary liability law within and among different doctrines. This struggle is manifesting in a body of case law that relies on apparent intent and actual or imputed knowledge of wrongdoing to found liability in ways that distort the historical bounds of liability in each doctrine. In Part IV, we examine the main devices that delineate the scope of intermediary liability across different doctrines: the classification of ‘active’ versus ‘passive’ actors; the role of intent; and the role of knowledge. These concepts, we argue, are ineffective in clearly articulating the circumstances in which intermediaries will not be held liable. Accordingly, they fail to provide intermediaries with legal certainty or adequate guidance for acceptable conduct. We conclude by suggesting that intermediary liability law should develop by focusing on the concept of responsibility to ground liability. 
Existing, long-established principles in tort jurisprudence have long helped courts to work through and articulate the boundaries of liability. The legal inquiry that looks to the role that intermediaries play in the wrongful acts of others is not unique to online regulation, or to defamation, content regulation or copyright law. In tort law, too, courts occasionally look beyond immediate injurers to background actors ‘whose carelessness is alleged to have set the stage for the injury’.[17] The task of distinguishing actors who are liable for wrongdoing from those who are not goes to the heart of tort law and theory.[18] In imposing liability for causing harm, tort law ‘is only secondarily about who pays; the primary focus is on how people are allowed to treat each other’.[19] 
Tort law has largely dealt with the issue of secondary liability by closely examining the actual role that the secondary actor has played in causing the relevant harm. While courts engaged in this inquiry have used different terms over the years, including ‘proximity’, ‘closeness’ and ‘directness’, the question is fundamentally the same: was the intermediary’s conduct causally significant in bringing about the harm suffered by the plaintiff?[20] The principles that have emerged from this jurisprudence focus on the imposition of negative duties (that is, duties not to harm) and the reluctance to impose affirmative duties to proactively protect another from harm caused by a third party (except in discrete circumstances).[21] It is only where the intermediary has played a causally significant role in establishing the circumstances that are likely to lead directly to the harm that the intermediary will be held responsible. These established principles, we suggest, are likely to be more effective at identifying when an intermediary will have a responsibility to act than the more common distinctions based on intention, passivity, or knowledge. We suspect that it might be possible for these existing principles of responsibility to inform the development of different areas of online intermediary liability law without wholesale doctrinal shifts, but we leave this work for a future article.