The Responsibilities of Online Service Providers

Online service providers (OSPs)— such as AOL, Facebook, Google, Microsoft, and Twitter—significantly shape the informational environment (infosphere) and influence users’ experiences and interactions within it. There is a general agreement on the centrality of OSPs in information societies, but little consensus about what principles should shape their moral responsibilities and practices. In this article, we analyse the main contributions to the debate on the moral responsibilities of OSPs. By endorsing the method of the Levels of Abstract (LoAs), we first analyse the moral responsibilities of OSPs in the web (LoA_IN). These concern the management of online information, which includes information filtering, Internet censorship, the circulation of harmful content, and the implementation and fostering of human rights (including privacy). We then consider the moral responsibilities ascribed to OSPs on the web (LoA_ON) and focus on the existing legal regulation of access to users’ data. The overall analysis provides an overview of the current state of the debate and highlights two main results. First, topics related to OSPs’ public role—especially their gatekeeping function, their corporate social responsibilities, and their role in implementing and fostering human rights—have acquired increasing relevance in the specialised literature. Second, there is a lack of an ethical framework that can (a) define OSPs’ responsibilities, and (b) provide the fundamental sharable principles necessary to guide OSPs’ conduct within the multicultural and international context in which they operate. This article contributes to the ethical framework necessary to deal with (a) and (b) by endorsing a LoA enabling the definition of the responsibilities of OSPs with respect to the well-being of the inforsphere and of the entities inhabiting it (LoA_For).

In Web 2.0 anyone can become a producer of information. As a result, countless ‘intermediaries’ operate as go-betweens and facilitators to transmit such information. In view of the above, we seek to examine whether they are liable for unlawful or harmful content contained in these transmissions. In 2000 the EU Electronic Commerce Directive (ECD) established a status of immunity for access, cache and host providers. Subsequent legislation regulating electronic communications, data protection, secrecy of communication and enforcement of intellectual property has dramatically increased the obligations of intermediaries and, hence, the degree of their liability, albeit on a cases by case basis and without necessarily challenging the provisions of ECD.

This chapter discusses the responsibilities of Google as the leading search engine provider to provide fair and unbiased results. In its role, Google has a large influence on what is actually searchable on the Web as well as what results users get to see when they search for information. Google serves billions of queries per month, and users only seldom consider alternatives to this search engine. This market dominance further exacerbates the situation. This leads to questions regarding the responsibility of search engines in general, and Google in particular, for providing fair and balanced results. Areas to consider here are (1) the inclusion of documents in the search engine’s databases and (2) results ranking and presentation. I find that, while search engines should at least be held responsible for their practices regarding indexing, results ranking, delivering results from collections built by the search engine provider itself and the presentation of search engine results pages; today’s dominant player, Google, argues that there actually is no problem with these issues. Its basic argument here is that “competition is one click away”, and, therefore, it should be treated like any other smaller search engine company. I approach the topic from two standpoints: from a technical standpoint, I will discuss techniques and algorithms from information retrieval and how decisions made in the design of the algorithms influence what we as users get to see in search engines. From a societal standpoint, I will discuss what biased search engines mean for knowledge acquisition in society and how we can overcome today’s unwanted search monopoly.

This paper analyses Data Breach Notification Duties from a jurisprudential perspective. DBNDs impose duties on people who are victims of a crime, duties whose violation in turn can trigger criminal sanctions. To analyze what type of duties a democratic society under the rule of law can impose on victims, we need a conceptual framework that links duties to participate in crime investigation and prosecution to specific roles a person can have in relation to a crime. Duff and Marshall have developed such a theory of the criminal law, which the paper applies to DBNLs, combining their approach with Floridi’s concept of the infosphere.

This chapter provides an analysis of the recent landmark cases of the CJEU and ECtHR on the role and liability of Online Service Providers (OSPs) in policing content on the Internet. The authors assess legal arguments in Google France, eBay, UPC TeleKabel Wien and Delfi to discover how the rulings accommodate the right to freedom of expression and the safe harbours in the EU E-Commerce Directive. They examine how knowledge and awareness of illegal content impact the OSPs responsibilities and duties (of care) to restrict content. Finally, they seek guidance in Roman law and the concepts of ‘bonus pater familias’ and ‘bonus ac diligens scriptor’ to fully understand the position and the responsibilities of the OSPs.

Certain parts of the debate on the ethical responsibilities of OSPs strike one with their heavily moralising and accusing tone. However, from a business ethics point of view, any assessment of these responsibilities should keep the pivotal role of economic competition in mind. Its exact degree or intensity may vary, but in general, economic competition limits the options of actors, which has consequences for their ethical responsibilities as well. I argue, first, that the OSP discussion should rest less on purely individual concepts of responsibility, but more on concepts of group agency. Second, there are still ways of ascribing responsibility to companies compatible with competition, as much of the debates on Corporate Social Responsibility show.

The story of technology and law has often been about the law lagging behind innovation. Corporate Social Responsibility (CSR) instruments, because of their transnational amenability, responsiveness to change and non-binding nature, have been increasingly deployed to fill the perceived governance gap. This chapter examines the various CSR frameworks that guide or govern online service providers (OSP), such as search engine providers, social networking providers, payment providers, and e-commerce platforms. It will focus on three influential initiatives: the United Nations Guiding Principles, the European Commission ICT Sector Guidance and the Global Network Initiative. The core question for OSPs, as with any company, is how do we make them accountable for their human rights impact? This entails analysis of some of the following questions. What value, if any, do such CSR frameworks offer to the protection of human rights online and what are their drawbacks? Relatedly, how do we know if these CSR frameworks are a success? What factors lead to the conclusion that CSR, in a given situation or sector, is an ill-suited device where more traditional legal measures are needed?

This chapter discusses Online Service Providers (OSPs) and gauges whether they can be defined as a new and unique species of the firm. It is concluded that OSPs have many typical features such as their intermediary role, the dependence on network effects, and a capacity to grow rapidly across borders via the online medium, but that there are few features that distinguish them as a unique species. Yet, it is argued that the intertwined social relation with end-customers, often in co-development milieu combined with the lack of a direct monetary relationship, could be one such unique feature. Therefore, an important challenge, particularly for countries in the global South, is to construct and implement policy frameworks in order to ensure that OSPs and the people using them are embedded in a dynamic but fair environment.

Within the EU, governments increasingly encourage online service providers to engage in co- and self-regulatory measures to prevent harmful and illegal content in the online sphere. As part of this tendency, governments shape schemes of liability for third-party content around the online service providers (intermediaries), giving them strong incentives to block, filter or take down content upon notification or request from public authorities in order to avoid liability. Concern has been raised, that the intermediaries are being used to implement public policy with limited oversight and accountability with severe implications on human rights. Drawing on case-studies of three EU directives, including the E-commerce directive, the chapter illustrates how measures of blocking, filtering, and take down of content in co- and self-regulatory frameworks interfere with the human rights standards related to freedom of expression and information. It further discusses current approaches towards human rights responsibilities of private actors, with a particular focus on the UN Guiding Principles on Business and Human Rights. The chapter concludes that self-regulatory frameworks are insufficient to counter the human rights challenges related to the involvement in online content regulation of intermediaries, who play a crucial role for online public participation.

Vast quantities of user content get uploaded online every single minute: pictures, videos, status updates, blog posts – they are the face of today’s Internet. While a lot of this content is entitled to receive copyright protection under national laws, once uploaded, it is also subject to licensing clauses found in Terms of Service agreements. These clauses establish how platform providers can use the submitted content, and in many cases, language of these clauses is broad and ambiguous, to the point where users are left uncertain about who can use their content, in which ways, and for how long. This chapter argues that contractual ambiguity negatively affects users and platform providers alike. It examines the potential clashes between licensing clauses and privacy policies, deeming it necessary to ensure that in the case of conflict between the two, it is the privacy policy that should prevail. The chapter warns against the potential of invasive licenses to erode trust between users and platform providers, endangering content sharing which is the core of today’s participative Web.

Imposing a high level of liability to Online Service Providers may result in over-enforcement against allegedly infringing conducts, with a “chilling-effect” on freedom of speech.

The regime for OSPs’ liability under Dir. 2000/31 was conceived as a well balanced approach. However, the interpretation of the European Court of Justice and of some national courts has raised the bar on providers’ duties. The absence in Dir. 2000/31 of a notification system of infringing activities is surely one of the reasons why this scenario has come into existence. As a result, the Commission has been considering the adoption of a new regime of “notice & action”.

An interesting approach is the Canadian one, based on the so-called “notice and notice” system. Upon receiving notification from the copyright owner, the OSP is not obliged to remove the content; it must only forward that notification to the alleged infringer. Furthermore, non-compliance leads only to the payment of statutory damages.

“Notice and notice” has proved an efficient and effective tool that correctly balances freedom of expression and providers’ needs. In this paper, I compare the European and Canadian regulatory frameworks for OSPs’ liability, and investigate whether the Canadian approach could offer a solution to some of the persisting problems of the European one.

Facing pressure from stakeholders, companies in the information and communications technology (ICT) sector have begun to release reports tabulating and detailing government requests they receive to restrict access to content and hand over user data. While these reports initially aimed to reassure customers, privacy advocates, and other observers that the companies deserve trust and defend user interests, their rapid spread and growth following revelations of mass surveillance in 2013 has led to transparency reporting becoming an expected, normal channel of communication to the public, and an indicator of ethical considerations by tech and telecom firms. This chapter charts the rise of transparency reporting, noting its foundations in financial regulation, human rights norms, and corporate social responsibility discourses. We investigate the diverse array of academic, civil society, and regulatory stakeholders promoting and analysing the reports, as well as legal and discretionary limitations to the practice. We posit transparency as an enabler for an ethical framework for online service providers (OSPs), as well as a functional way to assuage user bases regarding privacy and freedom of expression concerns. Expanded and standardized reporting on more categories of corporate activity could further illuminate the opaque decisions that OSPs make about content and user data, and lead to more ethical outcomes.

By clicks, likes, tweets, photos, blog posts, online transactions, we (people and businesses) allow for creating Big Data. Our digital traces tell the story about our professions, preferences, choices, transactions, traveling, habits etc. They permit to get information about who we are and what we do as individuals and organisations. This process is associated with a threat but also an opportunity for the social and economic development. The key question is how to ensure that the data we create continue to improve our lives, innovation, and sustainable development. A majority of Big Data is no longer housed in statistical agencies, but housed by businesses including Online Services Providers (OSPs). We state that regulators should consider this data as a public good and build the platforms for public and private partnerships to ensure advantage of digital technology, improved connectivity, and data revolution.

The purpose of this chapter is twofold. First, it aims to show that there is a need to review Articles 12 to 15 of the e-Commerce Directive for at least two reasons: the e-Commerce Directive does not harmonise the conditions for holding intermediaries liable (but only the conditions for exempting Internet intermediaries from liability) and recent case law both at national and European levels, e.g. Delfi v Estonia, shows that divergences still persist among Member States; in addition, Article 15 has become an empty shell despite L’Oréal v eBay, Scarlet v Sabam and Sabam v Netlog.

Second, this chapter suggests that if a review is not possible, the very rationale of Articles 12 to 15 and thereby their interpretation should be rethought. Indeed, the rationale said to underlie Articles 12 to 15– and used by the CJEU to determine the domain as well as the effects of these Articles – is ill-suited to the complexity and diversity of intermediary activities given the current trend towards more ‘voluntary’ (or better ‘suggested’) intervention. What is needed is a test that would ensure that control measures put in place by Internet intermediaries are protective of both Articles 10 and 8 of the ECHR and their equivalents within the EU Charter of Fundamental Rights.

We are seeing the rise of a new type of socio-technical infrastructure. The systems with which we increasingly interact no longer exhibit the characteristics of the systems used even a decade ago. Today’s technologies have an ambient quality, are embedded in our most intimate spheres, are data-driven, and exhibit increasing agency in our lives. The quality of our interactional experiences therefore depends upon the quality and quantity of our data and, as such, data has become a recognised global asset. With this heightened economic interest has come a concurrent review of regulation in the sphere of data protection, as the law moves towards mandating privacy by design and by default. However, for this to become a reality requires not only more inclusive regulatory practices, but also the engagement of those responsible for the formation of such systems – designers and systems architects. This raises several questions, principal of which being how one might engage these communities within the emerging discourse. This paper begins to address such issues by exploring a recognised approach to fostering creative thought within design, that of ideation, and suggests a way by which such a methodology might begin the job of drawing designers into the regulatory frame.

The global information society is shaped by the platforms and innovation of large internet companies such as Google, Facebook, Dropbox, Twitter and Instagram. These Online Service Providers (OSPs) shape our view of the world through the organisation and management of our information. OSPs are becoming part of processes that were previously regarded as the preserve of national governments – such as administration and ‘national statistics’ – and sometimes acquire a state-like position with regard to information and power. Yet two of the main academic disciplines that analyse the international arena, International Relations theory and the study of international law, both have a blind spot for corporate power, let alone the large Internet companies that shape the global information society. We situate OSPs in the international political domain, arguing that it is necessary to define what Corporate Political Responsibility should consist of in this context, and how it might be exercised.

Given the severe lack of sufficiently detailed data, there is very little measurement or quantification of the contributions by online intermediaries in the academic literature. Intermediaries and platforms are loosely defined by lawmakers and national statistics for any meaningful analysis; available data suggests online intermediaries do not yet interact with many of the sectors often mentioned as adversely affected by digitalisation, while available data on productivity and trade leads to counterintuitive conclusions. We examine to what extent the economic impact of intermediaries may differ in the US and the EU – two markets with comparable set up of market institutions and actors – and conclude that the impact is similar in terms of input, outputs, productivity and trade. Yet the online intermediaries have created different incentives in the US and the EU. Conclusion is the political economy of advertising: Online advertising continues to grow at the expense of TV, magazines and newspapers. Europe is the only geographic area in the world that has seen the advertising expenditures fall (– 0.8 % compared to +0.6 % in North America). Furthermore, traditional media is the most important supplier of inputs to online intermediaries in the US, which turned a zero-sum game between into a condition of co-dependence.This redistributive mechanism – where online intermediaries channel profits back into traditional media through advertising – could not be confirmed to exist in the EU. This lack of co-dependency is one possible determinant to why stakeholder interests are differently aligned in the EU compared to the US.

In this commentary I argue that the ethical issues surrounding online data privacy are not unique and instead involve timeless features of transactions in the market. I explain how we can turn to what justifies the market most generally in analysing such issues. The use of any truncated account of the justification of the market, I argue, will mislead us into coming to either the wrong conclusions or to no conclusions about the ethics of online data privacy.