Site Map
Privacy Statement
Copyright Policy
Accessibility
Feedback
Search Site:

Legal Guidance for ICT Use in Education, Research and External Engagement

 

Content

Hosting Liability - Essentials

23 November 2007

Please note: this guidance has been prepared by JISC Legal for information purposes only and is not, nor is intended to be, legal advice. This information is not intended to constitute, and receipt of it does not constitute, a contract for legal advice or the establishment of a solicitor-client relationship.

Table of Contents

  1. Introduction
  2. Who is Responsible for Illegal Materials?
  3. Pornography
  4. Copyright Infringement 
  5. Should an Institution Monitor for Illegal Content?

If you have Adobe Acrobat Reader installed on your computer, you may download a pdf version here - Hosting Liability - Essentials. (Recommended for printing) Acrobat Reader is available from Adobe's web site - http://www.adobe.com/.

1.  Introduction

Providing computers and internet access to students and staff means that responsibility for what they do online can, in certain circumstances, rest with the institution. This Hosting Liability Essentials paper considers the extent to which FE or HE institutions are responsible for content which is made available on their computer systems. Can an institution avail of the defences to liability (outlined below) which the more conventional providers of information services benefit from?

2.  Who is Responsible for Illegal Materials?

FE and HE institutions are obliged to ensure that users are not making illegal use of their internet and email access. This requires strict adherence by institutions to the JANET Acceptable Use Policy - http://www.janet.ac.uk/services/publications/policy-documents.html.

  • Firstly FE and HE institutions are legally responsible for their own published content and they must ensure that it does not infringe the rights of others.
  • However the legal position is somewhat complicated where an institution only acts as an intermediary, for example, as a service provider or as a 'host' of information for others. In such cases responsibility for offending material will usually lie with the individual involved.
  • At its simplest, the more control the institution exercises over those who publish and upload information onto websites and online interactive forums, the more likely it is that the institution will be held liable for any harm which those individuals cause.

Defamation

Many of the liability difficulties with the hosting, publishing and possession of unlawful and illegal content have occurred in the highly confrontational area of defamation law.

  • A defamatory statement is one which lowers the claimant in the estimation of right thinking members of society.
  • The general rule of UK defamation law is that those who publish a defamation face liability and this applies to FE and HE institutions in the same way as to any other publisher.
  • Making materials available on a website, or other electronic forum is likely to be considered publishing where the institution exercises editorial control over the content.

In order to be held liable for defamation, you must be a "publisher" of the defamatory statement. The definition of "publisher" includes anyone who participated in the publication of the defamatory statement.

So what liability has an institution when an individual publishes a defamatory statement about someone else by means of an institution's computer system?

Godfrey v Demon Internet

This case concerned whether the ISP (Demon Internet) could take advantage of the so called 'innocent dissemination' defence in the Defamation Act 1996.

The court held that Demon was able to claim that it had published the defamatory statement innocently. However, because it had not deleted the offending post on its news server after it had been notified by Dr Godfrey, it was liable as a publisher.

The key thing here is that an ISP (or any other intermediary with no knowledge of the defamatory material complained of) will be liable if it is given notice of the defamatory material and does not delete that material.

As a result, any FE or HE institution should treat a notice of complaint seriously and investigate it immediately.

Put simply, the position is that an FE or HE institution

  • which is not an 'author, editor or publisher';
  • that takes 'reasonable care';
  • and does not know, and had no reason to believe, that what it did caused or contributed to the publication of a defamatory statement,

is unlikely to be liable for defamation.

Electronic Commerce (EC Directive) Regulations 2002

Since July 2002, the requirements of the Electronic Commerce (EC Directive) Regulations 2002, which give effect to the European Electronic Commerce Directive (known as the E-Commerce Directive) must be considered. The Regulations limit the liability of service providers who unwittingly transmit or store unlawful content provided by others in certain circumstances.

There are three categories of service providers whose liability is thus limited by the Regulations;

  • those who transmit information (i.e. 'mere conduits'),
  • those who engage in "caching" information, and
  • those engaged in "hosting" information.

Further detailed information on the E-Commerce Directive is available in the document "FE/HE Institutions and Liability for Third Party Provided Content" by Gavin Sutter on the JISC Legal website.

In 2006, in what is believed to have been the first case of its kind, the High Court awarded £10,000 in damages and over £7,000 in costs against a college lecturer who had made libellous statements on an internet bulletin board about a member of the UK Independence Party. The case - Keith-Smith v. Williams - [QUEEN'S BENCH DIVISION [2006] All ER (D) 297 (Mar)] illustrates the continued significance of online defamation and libel in the education sector. Details of the news story can be found on the Guardian Unlimited website at - http://www.guardian.co.uk/law/story/0,,1737445,00.html.

Terrorism

Under section 3(1) of the Terrorism Act 2006 the police can require providers of electronic services (including universities and colleges) to remove terrorist statements or articles which are hosted by them on the internet. If they fail to remove them without reasonable excuse within two working days of being requested to do so by the police, the institution may be deemed to have endorsed the statements and senior officers may be liable for criminal prosecution. The defences which exist as a result of the Electronic Commerce (EC Directive) Regulations 2002 (outlined above) will usually be available to the providers of electronic services in these circumstances.

3.  Pornography

The mere possession of some material is an offence in UK law, for example, child pornography. If a student or staff member is using space on the institution's computers to store child pornography, then the officers of the institution which owns the servers that it is hosted on could possibly be criminally liable for possession of that material.

However, there is an 'awareness-related' defence to such liability in the Criminal Justice Act 1988 (Section 160) which states that provided those employees responsible for management of the computer systems

  • had not seen the articles in question and
  • did not know that they were there, or
  • had no reason to believe that they were in possession of child pornography,

no liability is likely to arise.

See further 'FE/HE Institutions and Liability for Third Party Provided Content' - Gavin Sutter - and the detailed treatment of the area of Cybercrime on the JISC Legal website at - http://www.jisclegal.ac.uk/.

4.  Copyright Infringement

Providing facilities for copyright infringement is also treated as an infringement and is referred to as secondary infringement. It may happen that staff or students use college webspace for storing infringing copies, for example, video or mp3 sound files by means of peer-to-peer (p2p) file sharing facilities. Does this mean that the institution will incur liability in respect of this infringing material?

If it is assumed that the copying is not done with the authority of the institution then the ingredients of secondary copyright infringement, s.23 of the Copyright, Designs and Patents Act 1988 (CDPA) have to be considered.

  • The existence of files with extensions such as mp3 on the institution's servers should not necessarily be grounds for inferring knowledge of the infringement as a number of services allow users to download music tracks quite legally.
  • A court is unlikely to expect a college or university to inspect every file on its servers and then to check whether it was legitimately downloaded.
  • However where large numbers of mp3 files, for example, are being copied and stored on an institution's computers which do not relate to the business of the institution, the institution is likely to be under an obligation to investigate further and to satisfy itself that it is not facilitating copyright infringement by others.

Further detailed treatment of the risks of secondary copyright infringement can be found in the paper "Legal Risks and Liabilities for IT Services in FE and HE" by Christine Cooper on the JISC Legal website at - http://www.jisclegal.ac.uk/publications/legalRisks.htm.

5.  Should an Institution Monitor for Illegal Content?

Those institutions that host content are often in a difficult position regarding how active they should be in taking responsibility for moderating such content, and what legal liability they will incur by allowing staff and students to upload content for publication.

There is a very fine path for FE or HE institutions to tread between

  • the requirement to take reasonable care in relation to publication and
  • actually monitoring their users and their servers which would mean that they may face liability as a publisher.

The Electronic Commerce (EC Directive) Regulations 2002 do not address the imposition of a general obligation on service providers to monitor the information that they transmit or store or to actively seek facts or circumstances indicating illegal activity. No such obligation exists in UK law, and its introduction would be incompatible with the requirements of the E-Commerce Directive.

Further detailed information on The Electronic Commerce (EC Directive) Regulations 2002 is available on the Department for Business, Enterprise and Regulatory Reform website at - http://www.berr.gov.uk/.

Online Discussion Groups

Issues in terms of liability for offending content may arise in relation to discussion groups which function as online tutorials, monitored by a member of the institution's teaching staff.

  • The level of control exercised over the group is significant.
  • Where access is limited to the tutor and a small number of participating students then the tutor, acting on behalf of the institution, regulates what content is published.
  • The ease with which a student in a closed tutorial group can be identified (not to mention any internal disciplinary procedures and penalties) should act as a strong deterrent to the making of defamatory posts.

Source: Lawrence Graham LLP - SmartLaw - Issue 49 - March 2007 - http://www.lawgram.com/.

Unmoderated Online Forums

Where FE and HE institutions provide unmonitored online forums it is important that they continually clarify and highlight what the terms of acceptable use for users are.

It is essential that:

  • all users are frequently reminded that they are personally responsible for what they post to online forums and
  • are required to comply with the institution's terms of acceptable use in the same way as they are with any other use of the institution's computer facilities.

JISC Legal - 23 November 2007

John X Kelly

© JISC Legal - www.jisclegal.ac.uk

 

 

JISC logo

JISC Advance logo

JISC Legal is a JISC Advance service | JISC Legal is hosted by the University of Strathclyde, a charitable body, registered in Scotland, with registration number SC015263 | The contents of this website are provided for information purposes only and do not constitute legal advice. | Login |



 
skip navigation Menu top links right columnn content JISC Legal home page News Events