Kommerzielle Webseitenbetreiber haften auf Schadensersatz/ Schmerzensgeld für beleidigende Äusserungen und müssen Kommentare überwachen. Im konkreten Fall war unstreitig eine beledigende Äusserung gefallen; diese wurde vom Webseitenbetreiber auch sofort nach Aufforderung entfernt. Sie bafand sich ca. 6 Wochen online. Dementsprechend wurde vom Ausgangsgericht ein Schadensersatzanspruch bejaht. Hiergegen wandte sich der Webseitenbetreiber unter dem Blickwinkel der Meinungs-/Äusserungsfreiheit:
“Based on the above elements, in particular the insulting and threatening nature of the comments, the fact that the comments were posted in reaction to an article published by the applicant company in its professionally-managed news portal run on a commercial basis, the insufficiency of the measures taken by the applicant company to avoid damage being caused to other parties’ reputations and to ensure a realistic possibility that the authors of the comments will be held liable, and the moderate sanction imposed on the applicant company, the Court considers that in the present case the domestic courts’ finding that the applicant company was liable for the defamatory comments posted by readers on its Internet news portal was a justified and proportionate restriction on the applicant company’s right to freedom of expression.”
EGMR FIRST SECTION
CASE OF DELFI AS v. ESTONIA
(Application no. 64569/09)
10 October 2013
Referral to the Grand Chamber
This judgment will become final in the circumstances set out in Article 44 § 2 of the Convention. It may be subject to editorial revision.
In the case of Delfi AS v. Estonia,
The European Court of Human Rights (First Section), sitting as a Chamber composed of:
Isabelle Berro-Lefèvre, President,
Mirjana Lazarova Trajkovska,
Dmitry Dedov, judges,
and André Wampach, Deputy Section Registrar,
Having deliberated in private on 17 September 2013,
Delivers the following judgment, which was adopted on that date:
1. The case originated in an application (no. 64569/09) against the Republic of Estonia lodged with the Court under Article 34 of the Convention for the Protection of Human Rights and Fundamental Freedoms (“the Convention”) by Delfi AS, a public limited company registered in Estonia (“the applicant company”), on 4 December 2009.
2. The applicant company was represented by Mr V. Otsmann, a lawyer practising in Tallinn. The Estonian Government (“the Government”) were represented by their Agent, Ms M. Kuurberg, of the Ministry of Foreign Affairs.
3. The applicant company alleged that its freedom of expression had been violated.
4. On 11 February 2011 the application was communicated to the Government. It was also decided to rule on the admissibility and merits of the application at the same time (Article 29 § 1).
5. Written submissions were received from the Helsinki Foundation for Human Rights in Warsaw, which had been granted leave by the President to intervene as a third party (Article 36 § 2 of the Convention and Rule 44 § 2).
I. THE CIRCUMSTANCES OF THE CASE
6. The applicant company is a public limited company (aktsiaselts), registered in Estonia.
A. Background of the case
7. The applicant company is the owner of Delfi, an Internet news portal that publishes up to 330 news articles a day. Delfi is one of the largest news portals on the Internet in Estonia. It publishes news in Estonian and Russian in Estonia and also operates in Latvia and Lithuania.
8. At the material time, at the end of the body of the news articles there were the words “add your comment” and fields for comments, the commenter’s name and his or her email address (optional). Below these fields there were buttons “publish the comment” and “read comments”. The part for reading comments left by others was a separate area which could be accessed by clicking on the “read comments” button. The comments were uploaded automatically and were, as such, not edited or moderated by the applicant company. The articles received about 10,000 readers’ comments daily, the majority posted under pseudonyms.
9. Nevertheless, there was a system of notify-and-take-down in place: any reader could mark a comment as leim (an Estonian word for an insulting or mocking message or a message inciting hatred on the Internet) and the comment was removed expeditiously. Furthermore, there was a system of automatic deletion of comments that included certain stems of obscene words. In addition, a victim of a defamatory comment could directly notify the applicant company, in which case the comment was removed immediately.
10. The applicant company had made efforts to advise users that the comments were not its opinion and that the authors of comments were responsible for their content. On Delfi’s Internet site there were “Rules of comment” which included the following:
“The Delfi message board is a technical medium allowing users to publish comments. Delfi does not edit comments. An author of a comment is liable for his/her comment. It is worth noting that there have been cases in the Estonian courts where authors have been punished for the contents of a comment …
Delfi prohibits comments the content of which does not comply with good practice.
These are comments that:
– contain threats;
– contain insults;
– incite hostility and violence;
– incite illegal activities …
– contain obscene expressions and vulgarities …
Delfi has the right to remove such comments and restrict their authors’ access to the writing of comments …”
The functioning of the notice-and-take-down system was also explained in the text.
11. The Government submitted that in Estonia Delfi had a notorious history of publishing defaming and degrading comments. Thus, on 22 September 2005 the weekly newspaper Eesti Ekspress had published a public letter from the editorial board to the Minister of Justice, the Chief Public Prosecutor and the Chancellor of Justice in which concern was expressed about incessant taunting of people on public websites in Estonia. Delfi was named as a source of brutal and arrogant mockery.
B. Article and comments published on the Internet news portal
12. On 24 January 2006 the applicant company published an article on the Delfi portal under the heading ‘SLK Destroyed Planned Ice Road’. Ice roads are public roads over the frozen sea which are open between the Estonian mainland and some islands in winter. The abbreviation SLK stands for AS Saaremaa Laevakompanii (Saaremaa Shipping Company, a public limited company). SLK provides a public ferry transport service between the mainland and some islands. L. was a member of the supervisory board of SLK and the company’s sole or majority shareholder at the material time.
13. On 24 and 25 January 2006 the article attracted 185 comments. About twenty of them contained personal threats and offensive language directed against L.
14. On 9 March 2006 L.’s lawyers requested the applicant company to remove the offensive comments and claimed 500,000 kroons (EEK) (approximately 32,000 euros (EUR)) in compensation for non-pecuniary damage. The request concerned the following twenty comments:
“1. 1. there are currents in [V]äinameri
2. open water is closer to the places you referred to, and the ice is thinner.
Proposal – let’s do as in 1905, let’s go to [K]uressaare with sticks and put [L.] and [Le.] in bag
2. fucking shitheads…
they bath in money anyways thanks to that monopoly and State subsidies and now started to fear that cars may drive to the islands for a couple of days without anything filling their purses. burn in your own ship, sick Jew!
3. good that [La.’s] initiative has not broken down the lines of the web flamers. go ahead, guys, [L.] into oven!
4. [little L.] go and drown yourself
5. aha… [I] hardly believe that that [happened] by accident… assholes fck
6. rascal!!! [in Russian]
7. What are you whining, kill this bastard once[.] In the future the other ones … will know what they will risk, even they will only have one little life.
8. … is [bloody] right. To be lynched, to warn the other [islanders] and would-be men. Then nothing like that will be done again! In any event, [L.] very much deserves that, doesn’t he.
9. “a good man lives [long,] a shitty man [a day or two]”
10. If there was an iceroad, [one] could easily save 500 for a full car, fckng [L.] pay for that economy, why it takes 3 [hours] for your ferries if they are so good icebreakers, go and break ice in Pärnu port … instead, fcking monkey, I will pass [the strait] anyways and if I will drown, it is your fault
11. and can’t anyone defy the shits?
12. [inhabitants of Saaremaa and Hiiumaa islands], do 1:0 to this dope.
13. wonder whether [L.] won’t be trashed in Saaremaa? to screw one’s owns like that.
14. The people will chatter for a couple of days in the Internet, but the crooks (and also those who are backed and whom we ourselves have elected to represent us) pocket the money and pay no attention to this flaming – no one gives a shit about this.
Once [M.] and other big crooks also used to boss around, but their greed stroke back (RIP). Will also strike back to these crooks sooner or later. As they sow, so shall they reap, but they should nevertheless be contained (by lynching as the state is powerless in respect of them – it is really them who govern the state), because they only live for today. Tomorrow, the flood.
15. this [V.] will once get [a blow] from me with a cake.
damn, as soon as you put a cauldron on the fire and there is smoke rising from the chimney of the sauna, the crows from Saaremaa are there – thinking that…a pig is going to be slaughtered. no way
16. bastards!!!! Ofelia also has an ice class, so this is no excuse why Ola was required!!!
17. Estonian state, led by scum [and] financed by scum, of course does not prevent or punish the antisocial acts of the scum. But well, each [L.] has his Michaelmas… and this cannot at all be compared to a ram’s Michaelmas. Actually sorry for [L.] – a human, after all… 😀 😀 😀
18. … if after such acts [L.] should all of a sudden happen to be on sick leave and also in case of the next destruction of the ice road… will he [then] dear to act like a pig for the third time? 🙂
19. fucking bastard, that [L.]… could have gone home with my baby soon… anyways his company cannot guarantee a normal ferry service and the prices are such that… real creep… a question arises whose pockets and mouths he has filled up with money so that he’s acting like a pig from year to year
20. can’t make bread from shit; and paper and internet stand everything; and just for own fun (really the state and [L.] do not care about the people’s opinion)… just for fun, with no greed for money – I pee into the [L.’s] ear and then I also shit onto his head. :)”
15. On the same day the offensive comments were removed by the applicant company.
16. On 23 March 2006 the applicant company responded to the request from L.’s lawyers. It informed L. that the comments had been removed under the notice-and-take-down obligation, and refused the claim for damages.
C. Civil proceedings against the applicant company
17. On 13 April 2006 L. brought a civil suit with the Harju County Court against the applicant company.
18. At the hearing of 28 May 2007 the representatives of the applicant company submitted, inter alia, that in cases like the “Bronze Night” (public disorders related to the relocation of the Bronze Soldier monument in April 2007) Delfi had removed 5,000-10,000 comments per day, also on its own initiative.
19. By a judgment of 25 June 2007 L.’s claim was dismissed. The County Court found that the applicant company’s responsibility was excluded under the Information Society Services Act (Infoühiskonna teenuse seadus), which was based on the Directive on Electronic Commerce (Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market). The court considered that the comment environment in the applicant company’s news portal was to be distinguished from the portal’s journalistic area. The administration of the former by the applicant company was essentially of a mechanical and passive nature. The applicant company could not be considered the publisher of the comments, nor did it have any obligation to monitor them.
20. On 22 October 2007 the Tallinn Court of Appeal allowed L.’s appeal. It considered that the County Court had erred in finding that the applicant company’s responsibility was excluded under the Information Society Services Act. The County Court’s judgment was quashed and the case referred back to the first-instance court for new consideration.
21. On 21 January 2008 the Supreme Court declined to hear the applicant company’s appeal.
22. On 27 June 2008 the Harju County Court, having re-examined the case, found for L. In accordance with the Court of Appeal’s instructions it relied on the Obligations Act (Võlaõigusseadus) and deemed the Information Society Services Act inapplicable. It observed that the applicant company had placed a note on its Internet site that comments were not edited, that it was prohibited to post comments that were contrary to good practice, and that the applicant company reserved to itself the right to remove such comments. A system was put in place whereby users could notify the applicant company of any inappropriate comments. However, the County Court considered that this was insufficient and did not allow adequate protection for the personality rights of others. The court found that the applicant company itself was to be considered the publisher of the comments, and it could not avoid responsibility by publishing a disclaimer that it was not liable for the content of the comments.
23. The County Court found that the news article itself published in the Delfi news portal was a balanced one. A number of comments, however, were vulgar in form; they were humiliating and defamatory and impaired L.’s honour, dignity and reputation. The comments went beyond justified criticism and amounted to simple insults. The court concluded that freedom of expression did not extend to protection of the comments concerned and that L.’s personality rights had been violated. L. was awarded EEK 5,000 (EUR 320) in non-pecuniary damages.
24. On 16 December 2008 the Tallinn Court of Appeal upheld the County Court’s judgment. It emphasised that the applicant company had not been required to exercise preliminary control over comments posted on its news portal. However, having chosen not to do so, it should have created some other effective system which would have ensured rapid removal of unlawful comments from the portal. The Court of Appeal considered that the measures taken by the applicant company were insufficient and that it was contrary to the principle of good faith to place the burden of monitoring the comments on their potential victims.
25. The Court of Appeal rejected the applicant company’s argument that its responsibility was excluded on the basis of the Information Society Services Act. It noted that the applicant company was not a technical intermediary in respect of the comments, and that its activity was not of a merely technical, automatic and passive nature; instead, it invited users to add comments. Thus, the applicant company was a provider of content services rather than of technical services.
26. On 10 June 2009 the Supreme Court dismissed the applicant company’s appeal. It upheld the Court of Appeal’s judgment in substance, but partly modified its reasoning.
27. The Supreme Court approved the lower courts’ interpretation of the Information Society Services Act, and reiterated that an information society service provider, falling under that Act and the Directive on Electronic Commerce, had neither knowledge of nor control over information which was transmitted or stored. By contrast, a provider of content services governed the content of information that was being stored. In the present case, the applicant company had integrated the comment environment into its news portal and invited users to post comments. The number of comments had an effect on the number of visits to the portal and on the applicant company’s revenue from advertisements published on the portal. Thus, the applicant company had an economic interest in the comments. The fact that the applicant company did not write the comments itself did not imply that it had no control over the comment environment. It enacted the rules of comment and removed comments if the rules were breached. The users, on the contrary, could not change or delete the comments they had posted; they could merely report obscene comments. Thus, the applicant company could determine which comments were published and which not. The fact that it made no use of this possibility did not mean that it had no control over the publishing of the comments.
28. Furthermore, the Supreme Court considered that in the present case both the applicant company and the authors of the comments were to be considered publishers of the comments. In this context, it also referred to the economic interest of an internet portal’s administrator, which made it a publisher as entrepreneur, similarly to a publisher of printed media. The Supreme Court found that the plaintiff was free to choose against whom to bring the suit, and L. had chosen to bring the suit against the applicant company.
29. The Supreme Court found that on the basis of its legal obligation to avoid causing damage to other persons the applicant company should have prevented clearly unlawful comments from being published. Furthermore, after the comments had been published, it had failed to remove them on its own initiative, although it must have been aware of their unlawfulness. The courts had rightly found that the applicant company’s failure to act had been unlawful.
D. Subsequent developments
30. According to information posted on 1 October 2009 by Delfi on its Internet portal Delfi did not allow persons who had posted offensive comments to post a new comment until the commenter had read and accepted the rules of commenting. Furthermore, it was announced that Delfi had set up a team of moderators who carried out follow-up moderation of comments posted on the portal. First of all, the moderators reviewed all user notices of inappropriate comments. The compliance of comments with the rules of commenting was monitored as well. According to the information published, the number of comments posted by Delfi’s readers in August 2009 had been 190,000. Delfi’s moderators had removed 15,000 comments (about 8%), mainly consisting of spam or irrelevant comments. The share of defamatory comments had been less than 0.5% of the total number of comments.
II. RELEVANT DOMESTIC LAW AND PRACTICE
31. The Constitution of the Republic of Estonia (Eesti Vabariigi põhiseadus) provides:
“No one’s honour or good name shall be defamed.”
“(1) Everyone has the right to free self-realisation.
(2) Everyone shall honour and consider the rights and freedoms of others, and shall observe the law in exercising his or her rights and freedoms and in fulfilling his or her duties.”
“(1) Everyone has the right to freely disseminate ideas, opinions, beliefs and other information by word, print, picture or other means. This right may be restricted by law to protect public order, morals, and the rights and freedoms, health, honour and the good name of others. This right may also be restricted by law for state and local government public servants, to protect a state or business secret or information received in confidence, which has become known to them by reason of their office, and the family and private life of others, as well as in the interests of justice.
(2) There is to be no censorship.”
32. Section 138 of the Civil Code (General Principles) Act (Tsiviilseadustiku üldosa seadus) provides that rights shall be exercised and obligations performed in good faith. A right shall not be exercised in an unlawful manner or with the aim of causing damage to another person.
33. Paragraph 2 of section 134 of the Obligations Act (Võlaõigusseadus) provides:
“In the case of an obligation to compensate for damage arising from … violation of a personality right, in particular from defamation, the obligated person shall compensate the aggrieved person for non-pecuniary damage only if this is justified by the gravity of the violation, in particular by physical or emotional distress.”
34. Section 1043 of the Obligations Act provides that a person (tortfeasor) who unlawfully causes damage to another person (victim) shall compensate for the damage if the tortfeasor is culpable (süüdi) of causing the damage or is liable (vastutab) for causing the damage pursuant to law
35. Section 1045 of the Obligations Act stipulates that the causing of damage is unlawful if, inter alia, the damage is caused by violation of a personality right of the victim.
36. The Obligations Act further provides:
Section 1046 – Unlawfulness of damage to personality rights
“(1) Defamation of a person, inter alia by passing undue judgment, by the unjustified use of the name or image of the person, or by breaching the inviolability of the private life or another personality right of the person, is unlawful unless otherwise provided by law. Upon the establishment of unlawfulness, the type of violation, the reason and motive for the violation and the gravity of the violation relative to the aim pursued thereby shall be taken into consideration.
(2) The violation of a personality right is not unlawful if the violation is justified in view of other legal rights protected by law and the rights of third parties or public interests. In such cases unlawfulness shall be established on the basis of the comparative assessment of different legal rights and interests protected by law.”
Section 1047 – Unlawfulness of disclosure of incorrect information
“(1) Violation of personality rights or interference with the economic or professional activities of a person by way of disclosure [avaldamine] of incorrect information or by incomplete or misleading disclosure of information concerning the person or the activities of the person, is unlawful unless the person who discloses such information proves that, upon disclosure thereof, the person was not aware and was not required to be aware that such information was incorrect or incomplete.
(2) Disclosure of defamatory matters concerning a person, or matters which may adversely affect the economic situation of a person, is deemed to be unlawful unless the person who discloses such matters proves that the statement he or she makes is true.
(3) Regardless of the provisions of subsections (1) and (2) of this section, the disclosure of information or other matters is not deemed to be unlawful if the person who discloses the information or other matters or the person to whom such matters are disclosed has a legitimate interest in the disclosure, and if the person who discloses the information has checked the information or other matters with a thoroughness which corresponds to the gravity of the potential violation.
(4) In the event of disclosure of incorrect information, the victim may demand that the person who has disclosed such information refute the information or publish a correction at their own expense, regardless of whether the disclosure of the information was unlawful or not.”
Section 1055 – Prohibition on damaging actions
“(1) If unlawful damage is caused continually or a threat is made that unlawful damage will be caused, the victim or the person who is threatened has the right to demand that behaviour which causes damage be terminated or the making of threats of such behaviour be refrained from. In the event of bodily injury, damage to health, violation of inviolability of personal life or any other personality rights, it may be demanded, inter alia, that the tortfeasor be prohibited from approaching others (restraining order), the use of housing or communication be regulated, or other similar measures be applied.
(2) The right to demand that behaviour which causes damage as specified in subsection (1) of this section be terminated does not apply if it is reasonable to expect that such behaviour can be tolerated in human coexistence or due to significant public interest. In such a case the victim has the right to make a claim for compensation for damage caused unlawfully …”
37. The Information Society Services Act (Infoühiskonna teenuse seadus) provides as follows:
Section 8 – Restricted liability upon mere transmission of information and provision of access to public data communications network
“(1) Where a service is provided that consists of the mere transmission in a public data communication network of information provided by a recipient of the service, or the provision of access to a public data communication network, the service provider is not liable for the information transmitted, on condition that the provider:
1) does not initiate the transmission;
2) does not select the receiver of the transmission;
3) does not select or modify the information contained in the transmission.
(2) The acts of transmission and of provision of access within the meaning of paragraph 1 of this section include the automatic, intermediate and transient storage of the information transmitted, in so far as this takes place for the sole purpose of carrying out the transmission in the public data communication network, and provided that the information is not stored for any period longer than is reasonably necessary for the transmission.”
Section 9 – Restricted liability upon temporary storage of information in cache memory
“(1) Where a service is provided that consists of the transmission in a public data communication network of information provided by a recipient of the service, the service provider is not liable for the automatic, intermediate and temporary storage of that information, if the method of transmission concerned requires caching for technical reasons and the caching is performed for the sole purpose of making more efficient the information’s onward transmission to other recipients of the service at their request, on condition that:
1) the provider does not modify the information;
2) the provider complies with conditions on access to the information;
3) the provider complies with rules regarding the updating of the information, specified in a manner widely recognised and used in the industry;
4) the provider does not interfere with the lawful use of technology which is widely recognised and used by the industry to obtain data on the use of the information;
5) the provider acts expeditiously to remove or to disable access to the information it has stored upon obtaining actual knowledge of the fact that the information at the initial source of the transmission has been removed from the network, or access to it has been disabled, or that a court, the police or a state supervisory authority has ordered such removal.”
Section 10 – Restricted liability upon provision of information storage service
“(1) Where a service is provided that consists of the storage of information provided by a recipient of the service, the service provider is not liable for the information stored at the request of a recipient of the service, on condition that:
1) the provider does not have actual knowledge of the contents of the information and, as regards claims for damages, is not aware of facts or circumstances from which the illegal activity or information is apparent;
2) the provider, upon obtaining knowledge or awareness of the facts specified in subparagraph 1 of this paragraph, acts expeditiously to remove or to disable access to the information.
(2) Paragraph 1 of this section shall not apply when the recipient of the service is acting under the authority or the control of the provider.”
Section 11 – No obligation to monitor
“(1) A service provider specified in sections 8 to 10 of this Act is not obliged to monitor information upon the mere transmission thereof or provision of access thereto, temporary storage thereof in cache memory or storage thereof at the request of the recipient of the service, nor is the service provider obliged to actively seek information or circumstances indicating illegal activity.
(2) The provisions of paragraph 1 of this section do not restrict the right of an official exercising supervision to request the disclosure of such information by a service provider.
(3) Service providers are required to promptly inform the competent supervisory authorities of alleged illegal activities undertaken or information provided by recipients of their services specified in sections 8 to 10 of this Act, and to communicate to the competent authorities information enabling the identification of recipients of their service with whom they have storage agreements.”
38. In a judgment of 21 December 2005 (case no. 3-2-1-95-05) the Supreme Court found that, for the purposes of section 1047 of the Obligations Act, disclosure [avaldamine] meant disclosure of information to third parties. A person who transmitted information to a media publisher [meediaväljaanne] could be considered a discloser [avaldaja] even if he or she was not the publisher of the article [ajaleheartikli avaldaja] in question. The Supreme Court has reiterated the same position in its subsequent judgments, for example in a judgment of 21 December 2010 (case no. 3‑2‑1-67-10).
39. In a number of domestic cases actions for defamation have been brought against several defendants, including, for example, a publisher of a newspaper and the author of an article (the Supreme Court’s judgment of 7 May 1998 in case no. 3-2-1-61-98), a publisher of a newspaper and an interviewee (the Supreme Court’s judgment of 1 December 1997 in case no. 3-2-1-99-97), and solely against a publisher of a newspaper (the Supreme Court’s judgment of 30 October 1997 in case no. 3-2-1-123-97, and a judgment of 10 October 2007 in case no. 3-2-1-53-07).
III. RELEVANT INTERNATIONAL MATERIAL
A. Council of Europe documents
40. On 28 May 2003 the Committee of Ministers of the Council of Europe adopted, at the 840th meeting of the Ministers’ Deputies, the Declaration on freedom of communication on the Internet. It reads in the relevant part as follows:
“The member states of the Council of Europe …Convinced also that it is necessary to limit the liability of service providers when they act as mere transmitters, or when they, in good faith, provide access to, or host, content from third parties;
Recalling in this respect Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (Directive on electronic commerce);
Stressing that freedom of communication on the Internet should not prejudice the human dignity, human rights and fundamental freedoms of others, especially minors;
Considering that a balance has to be found between respecting the will of users of the Internet not to disclose their identity and the need for law enforcement authorities to trace those responsible for criminal acts;
Declare that they seek to abide by the following principles in the field of communication on the Internet:
Principle 1: Content rules for the Internet
“Member states should not subject content on the Internet to restrictions which go further than those applied to other means of content delivery.”
Principle 3: Absence of prior state control
“Public authorities should not, through general blocking or filtering measures, deny access by the public to information and other communication on the Internet, regardless of frontiers. This does not prevent the installation of filters for the protection of minors, in particular in places accessible to them, such as schools or libraries.
Provided that the safeguards of Article 10, paragraph 2, of the Convention for the Protection of Human Rights and Fundamental Freedoms are respected, measures may be taken to enforce the removal of clearly identifiable Internet content or, alternatively, the blockage of access to it, if the competent national authorities have taken a provisional or final decision on its illegality.”
Principle 6: Limited liability of service providers for Internet content
“Member states should not impose on service providers a general obligation to monitor content on the Internet to which they give access, that they transmit or store, nor that of actively seeking facts or circumstances indicating illegal activity.
Member states should ensure that service providers are not held liable for content on the Internet when their function is limited, as defined by national law, to transmitting information or providing access to the Internet.
In cases where the functions of service providers are wider and they store content emanating from other parties, member states may hold them co-responsible if they do not act expeditiously to remove or disable access to information or services as soon as they become aware, as defined by national law, of their illegal nature or, in the event of a claim for damages, of facts or circumstances revealing the illegality of the activity or information.
When defining under national law the obligations of service providers as set out in the previous paragraph, due care must be taken to respect the freedom of expression of those who made the information available in the first place, as well as the corresponding right of users to the information.
In all cases, the above-mentioned limitations of liability should not affect the possibility of issuing injunctions where service providers are required to terminate or prevent, to the extent possible, an infringement of the law.”
Principle 7: Anonymity
“In order to ensure protection against online surveillance and to enhance the free expression of information and ideas, member states should respect the will of users of the Internet not to disclose their identity. This does not prevent member states from taking measures and co-operating in order to trace those responsible for criminal acts, in accordance with national law, the Convention for the Protection of Human Rights and Fundamental Freedoms and other international agreements in the fields of justice and the police.”
B. European Union documents
1. Directive 2000/31/EC
41. Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (Directive on electronic commerce) provides as follows:
“… (9) The free movement of information society services can in many cases be a specific reflection in Community law of a more general principle, namely freedom of expression as enshrined in Article 10(1) of the Convention for the Protection of Human Rights and Fundamental Freedoms, which has been ratified by all the Member States; for this reason, directives covering the supply of information society services must ensure that this activity may be engaged in freely in the light of that Article, subject only to the restrictions laid down in paragraph 2 of that Article and in Article 46(1) of the Treaty; this Directive is not intended to affect national fundamental rules and principles relating to freedom of expression …
(42) The exemptions from liability established in this Directive cover only cases where the activity of the information society service provider is limited to the technical process of operating and giving access to a communication network over which information made available by third parties is transmitted or temporarily stored, for the sole purpose of making the transmission more efficient; this activity is of a mere technical, automatic and passive nature, which implies that the information society service provider has neither knowledge of nor control over the information which is transmitted or stored.
(43) A service provider can benefit from the exemptions for “mere conduit” and for “caching” when he is in no way involved with the information transmitted; this requires among other things that he does not modify the information that he transmits; this requirement does not cover manipulations of a technical nature which take place in the course of the transmission as they do not alter the integrity of the information contained in the transmission.
(44) A service provider who deliberately collaborates with one of the recipients of his service in order to undertake illegal acts goes beyond the activities of “mere conduit” or “caching” and as a result cannot benefit from the liability exemptions established for these activities.
(45) The limitations of the liability of intermediary service providers established in this Directive do not affect the possibility of injunctions of different kinds; such injunctions can in particular consist of orders by courts or administrative authorities requiring the termination or prevention of any infringement, including the removal of illegal information or the disabling of access to it.
(46) In order to benefit from a limitation of liability, the provider of an information society service, consisting of the storage of information, upon obtaining actual knowledge or awareness of illegal activities has to act expeditiously to remove or to disable access to the information concerned; the removal or disabling of access has to be undertaken in the observance of the principle of freedom of expression and of procedures established for this purpose at national level; this Directive does not affect Member States’ possibility of establishing specific requirements which must be fulfilled expeditiously prior to the removal or disabling of information.
(47) Member States are prevented from imposing a monitoring obligation on service providers only with respect to obligations of a general nature; this does not concern monitoring obligations in a specific case and, in particular, does not affect orders by national authorities in accordance with national legislation.
(48) This Directive does not affect the possibility for Member States of requiring service providers, who host information provided by recipients of their service, to apply duties of care, which can reasonably be expected from them and which are specified by national law, in order to detect and prevent certain types of illegal activities. …”
Article 1 – Objective and scope
“1. This Directive seeks to contribute to the proper functioning of the internal market by ensuring the free movement of information society services between the Member States …”
Article 2 – Definitions
“For the purpose of this Directive, the following terms shall bear the following meanings:
(a) “information society services”: services within the meaning of Article 1(2) of Directive 98/34/EC as amended by Directive 98/48/EC;
(b) “service provider”: any natural or legal person providing an information society service;
(c) “established service provider”: a service provider who effectively pursues an economic activity using a fixed establishment for an indefinite period. The presence and use of the technical means and technologies required to provide the service do not, in themselves, constitute an establishment of the provider …”
Section 4: Liability of intermediary service providers
Article 12 – “Mere conduit”
“1. Where an information society service is provided that consists of the transmission in a communication network of information provided by a recipient of the service, or the provision of access to a communication network, Member States shall ensure that the service provider is not liable for the information transmitted, on condition that the provider:
(a) does not initiate the transmission;
(b) does not select the receiver of the transmission; and
(c) does not select or modify the information contained in the transmission.
2. The acts of transmission and of provision of access referred to in paragraph 1 include the automatic, intermediate and transient storage of the information transmitted in so far as this takes place for the sole purpose of carrying out the transmission in the communication network, and provided that the information is not stored for any period longer than is reasonably necessary for the transmission.
3. This Article shall not affect the possibility for a court or administrative authority, in accordance with Member States’ legal systems, of requiring the service provider to terminate or prevent an infringement.”
Article 13 – “Caching”
“1. Where an information society service is provided that consists of the transmission in a communication network of information provided by a recipient of the service, Member States shall ensure that the service provider is not liable for the automatic, intermediate and temporary storage of that information, performed for the sole purpose of making more efficient the information’s onward transmission to other recipients of the service upon their request, on condition that:
(a) the provider does not modify the information;
(b) the provider complies with conditions on access to the information;
(c) the provider complies with rules regarding the updating of the information, specified in a manner widely recognised and used by industry;
(d) the provider does not interfere with the lawful use of technology, widely recognised and used by industry, to obtain data on the use of the information; and
(e) the provider acts expeditiously to remove or to disable access to the information it has stored upon obtaining actual knowledge of the fact that the information at the initial source of the transmission has been removed from the network, or access to it has been disabled, or that a court or an administrative authority has ordered such removal or disablement.
2. This Article shall not affect the possibility for a court or administrative authority, in accordance with Member States’ legal systems, of requiring the service provider to terminate or prevent an infringement.”
Article 14 – Hosting
“1. Where an information society service is provided that consists of the storage of information provided by a recipient of the service, Member States shall ensure that the service provider is not liable for the information stored at the request of a recipient of the service, on condition that:
(a) the provider does not have actual knowledge of illegal activity or information and, as regards claims for damages, is not aware of facts or circumstances from which the illegal activity or information is apparent; or
(b) the provider, upon obtaining such knowledge or awareness, acts expeditiously to remove or to disable access to the information.
2. Paragraph 1 shall not apply when the recipient of the service is acting under the authority or the control of the provider.
3. This Article shall not affect the possibility for a court or administrative authority, in accordance with Member States’ legal systems, of requiring the service provider to terminate or prevent an infringement, nor does it affect the possibility for Member States of establishing procedures governing the removal or disabling of access to information.”
Article 15 – No general obligation to monitor
“1. Member States shall not impose a general obligation on providers, when providing the services covered by Articles 12, 13 and 14, to monitor the information which they transmit or store, nor a general obligation actively to seek facts or circumstances indicating illegal activity.
2. Member States may establish obligations for information society service providers promptly to inform the competent public authorities of alleged illegal activities undertaken or information provided by recipients of their service or obligations to communicate to the competent authorities, at their request, information enabling the identification of recipients of their service with whom they have storage agreements.”
2. Directive 98/34/EC as amended by Directive 98/48/EC
42. Directive 98/34/EC of the European Parliament and of the Council of 22 June 1998 laying down a procedure for the provision of information in the field of technical standards and regulations and of rules on Information Society services, as amended by Directive 98/48/EC, provides as follows:
“For the purposes of this Directive, the following meanings shall apply …
2. ’service’, any Information Society service, that is to say, any service normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of services.
For the purposes of this definition:
— ’at a distance’ means that the service is provided without the parties being simultaneously present,
— ’by electronic means’ means that the service is sent initially and received at its destination by means of electronic equipment for the processing (including digital compression) and storage of data, and entirely transmitted, conveyed and received by wire, by radio, by optical means or by other electromagnetic means,
— ’at the individual request of a recipient of services’ means that the service is provided through the transmission of data on individual request.
An indicative list of services not covered by this definition is set out in Annex V.
This Directive shall not apply to:
— radio broadcasting services,
— television broadcasting services covered by point (a) of Article 1 of Directive 89/552/EEC.”
3. Case-law of the Court of Justice of the European Union
43. In a judgment of 23 March 2010 (Joined Cases C‑236/08 to C‑238/08 Google France and Google  ECR I‑2417) the Court of Justice of the European Union considered that in order to establish whether the liability of a referencing service provider may be limited under Article 14 of Directive 2000/31, it is necessary to examine whether the role played by that service provider is neutral, in the sense that its conduct is merely technical, automatic and passive, pointing to a lack of knowledge or control of the data which it stores. Article 14 of the Directive on electronic commerce must be interpreted as meaning that the rule laid down therein applies to an internet referencing service provider in the event that that service provider has not played an active role of such a kind as to give it knowledge of, or control over, the data stored. If it has not played such a role, that service provider cannot be held liable for the data which it has stored at the request of an advertiser, unless, having obtained knowledge of the unlawful nature of those data or of that advertiser’s activities, it failed to act expeditiously to remove or to disable access to the data concerned
44. In a judgment of 12 July 2011 (Case C‑324/09 L’Oréal and Others ) the Court of Justice of the European Union ruled that Article 14(1) of Directive 2000/31 was to be interpreted as applying to the operator of an online marketplace where that operator had not played an active role allowing it to have knowledge or control of the data stored. The operator played such a role when it provided assistance which entailed, in particular, optimising the presentation of the offers for sale in question or promoting them. Where the operator of the online marketplace had not played such an active role and the service provided fell, as a consequence, within the scope of Article 14(1) of Directive 2000/31, the operator none the less could not, in a case which could result in an order to pay damages, rely on the exemption from liability provided for under that Article if it had been aware of facts or circumstances on the basis of which a diligent economic operator should have realised that the offers for sale in question had been unlawful and, in the event of it being so aware, had failed to act expeditiously in accordance with Article 14(1)(b) of Directive 2000/31.
45. In a judgment of 24 November 2011 (Case C-70/10 Scarlet Extended ) the Court of Justice of the European Union ruled that an injunction may not be made against an Internet service provider which required it to install a system for filtering all electronic communications passing via its services, in particular those involving the use of peer-to-peer software, which applied indiscriminately to all its customers, as a preventive measure, exclusively at its expense and for an unlimited period, which was capable of identifying on that provider’s network the movement of electronic files containing a musical, cinematographic or audiovisual work in respect of which the applicant claimed to hold intellectual property rights, with a view to blocking the transfer of files the sharing of which would infringe copyright.
ALLEGED VIOLATION OF ARTICLE 10 OF THE CONVENTION
46. The applicant complained that holding it liable for the comments posted by the readers of its Internet news portal infringed its freedom of expression as provided in Article 10 of the Convention, which reads as follows:
“1. Everyone has the right to freedom of expression. This right shall include freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers. This Article shall not prevent states from requiring the licensing of broadcasting, television or cinema enterprises.
2. The exercise of these freedoms, since it carries with it duties and responsibilities, may be subject to such formalities, conditions, restrictions or penalties as are prescribed by law and are necessary in a democratic society, in the interests of national security, territorial integrity or public safety, for the prevention of disorder or crime, for the protection of health or morals, for the protection of the reputation or rights of others, for preventing the disclosure of information received in confidence, or for maintaining the authority and impartiality of the judiciary.”
47. The Government contested that argument.
48. The Government pointed out that according to the applicant company it had been neither the author nor the discloser of the defamatory comments. The Government noted that if the Court shared that view, the application was incompatible ratione materiae with the provisions of the Convention, as the Convention did not protect the freedom of expression of a person who was neither the author nor the discloser. The applicant company could not claim to be a victim of a violation of the freedom of expression of persons whose comments had been deleted. Nevertheless, the Government were of the opinion that in fact the applicant company was the discloser of the defamatory comments.
49. The applicant company disagreed. It contended that the obligation imposed on it to maintain a preventive censorship policy over the exercise of freedom of expression of third persons also infringed its freedom of expression, that is freedom to impart information created and published by third persons.
50. The Court notes that the applicant company was sued for defamation in respect of comments posted on its Internet portal, it was deemed to be discloser (or publisher – the Estonian words avaldama/avaldaja mean both disclose/discloser and publish/publisher; see, for example, paragraphs 36 and 38 above) of the comments – along with their authors – and held liable for its failure to prevent the disclosure of or remove on its own initiative the unlawful comments. It was obliged by the domestic courts to pay the plaintiff compensation for non-pecuniary damage he had sustained. Thus, the applicant company was directly affected by the domestic courts’ decisions. The Court considers that the applicant company’s grievance relates to freedom of expression and falls within the scope of Article 10 of the Convention. Therefore, the Government’s objection has to be dismissed.
51. The Court further notes that the application is not manifestly ill-founded within the meaning of Article 35 § 3 (a) of the Convention. Nor is it inadmissible on any other grounds. It must therefore be declared admissible.
1. The parties’ submissions
(a) The applicant
52. The applicant company argued that the domestic courts had interfered with its freedom of expression (right to impart information). It submitted that it had been forced to alter its business model completely and compelled to monitor every comment posted on its news portal – up to 10,000 comments a day. Although certain technical and manual procedures had already been applied prior to the Supreme Court’s judgment, the scope of that activity and its legal implications had substantially changed as a result of the judgment concerned.
53. The applicant company argued that the interference with its freedom of expression had not been “prescribed by law”. It argued that the civil law provisions relied on by the Supreme Court embodied a negative obligation not to publish defamatory information. In the applicant company’s view there was no obligation in the domestic law for it to pre-monitor all the content posted by third persons. The domestic courts’ interpretation of the pertinent legislation had not met the requirement of foreseeability. The applicant company further argued that the liability of service providers for the disclosure of third party content was limited under the EU Directive on Electronic Commerce transposed into the Estonian legal order as the Information Society Services Act.
54. The applicant company accepted that the reputation and rights of L. had been engaged in the present case. However, it considered that the authors of the comments were liable for the possible infringement of L.’s rights. Holding the applicant company liable pursued no legitimate aim.
55. The applicant company argued that the restriction imposed on its freedom of expression was not necessary in a democratic society. It noted that the article published by it had been a balanced one, and thus the comments created and published by the commentators had not been provoked or triggered by the deeds of the applicant company. It argued that it was sufficient that the personal rights of individuals were protected by a two-limb system – firstly by the notice-and-take-down system operated by the service provider, and secondly by the possibility of bringing a claim against the authors of the comments.
56. Referring to the cases of Google France and Google and L’Oréal and Others of the Court of Justice of the European Union, the applicant company argued that it had not played an “active role” but had merely stored comments on its server, set the terms of its service, been (indirectly) remunerated for that service and provided general information to its customers (readers, commentators).
57. The applicant company further referred to the Declaration on freedom of communication on the Internet and Article 15 of the Directive on Electronic Commerce, and argued that a host was not obliged to seek or monitor the hosted material. Such an overly burdensome obligation was contrary to freedom of expression and information. The fact that the applicant company had acted diligently and implemented various technical and manual procedures to reduce the number of illegal comments from the comments area of its portal should not mean that it was liable for illegal content posted by third parties. Otherwise, hosts who took no measures whatsoever to eliminate illegal material would be encouraged, and diligent hosts punished.
58. In conclusion, the applicant company asserted that it had only played a passive role in hosting the comments; it had had no active knowledge of the illicit comments, nor had it been or should have been aware of the illicit comments before the relevant notice by L., after which the applicant company had promptly removed the comments. Thus, the applicant company had acted in accordance with the standards to be observed by a diligent economic operator, and its freedom to impart information via the commenting area of its news portal had been disproportionately interfered with.
(b) The Government
59. The Government submitted that Delfi continued to be one of the largest Internet portals in Estonia. The articles published by it were commented on extensively and people could do so without identifying themselves. Thus, the Government rejected the applicant company’s argument that it had had to change its business model. Furthermore, the Government pointed out that the applicant company had also admitted monitoring comments on its own initiative on some occasions even before the proceedings giving rise to the present application.
60. The Government argued that the obligation to avoid causing harm had a clear basis in law and was confirmed by comprehensive case-law (see paragraphs 31 to 39 above). A media publication was usually liable for what it published, and its liability could not be precluded by a disclaimer published by the applicant company, as pursuant to the Obligations Act an agreement which precluded or restricted liability for damage caused unlawfully was void. Pursuant to the domestic law authors and owners of media publications had joint and several liability.
61. The Government maintained that since the publication of comments was under the control of the applicant company and in practice Delfi also exercised partial control, it was obliged to protect the honour of other persons, and the restriction concerned had a legitimate aim with regard to the applicant company.
62. The Government contended that the restriction was necessary in a democratic society. The vulgar, insulting and degrading value judgments contained in the comments in the present case had had no reasonable factual basis. There was therefore nothing in the comments which would have required the portal administrator to do any work to check their veracity. Since Delfi had not removed the posted comments on its own initiative, and it must have been aware that they were unlawful, the Estonian courts had justly found that Delfi’s omission was unlawful. The disclaimer stating that the comments were not the opinion of the applicant company and that the authors of comments were responsible for their content did not preclude the applicant company’s liability.
63. The Government argued that placing the obligation to monitor the comments and notify the portal administrator of offensive comments on the possibly injured parties was neither sufficient nor justified. Such a system did not ensure sufficient protection of the rights of third parties, as proven by the circumstances of the present case. Any information communicated via the Internet spread so quickly that by the time the inappropriate comments were finally deleted the public interest in the given news and the comments posted on it had waned. Measures taken weeks or even days later for protecting a person’s honour were no longer sufficient, because offensive or unlawful comments had already reached the public and done their damage. Since controlling the Internet was an impossible task for an ordinary person, the party with control over a specific portal had the duty to take action where necessary to prevent violation of personality rights.
64. The Government noted that Estonia had chosen to apply less restrictive civil – as opposed to criminal – liability in defamation cases. However, even if a court adjudicating a civil case was able to identify the IP address of a computer and the address where the computer was located, it was extremely difficult to identify the person who actually wrote the comment. Thus, as Delfi did not identify the commentators, this made it too difficult for an injured person to have recourse to the civil courts against anonymous authors of comments. Furthermore, the Government considered that the State’s enacting of a regulation providing for mandatory identification of commentators on an Internet portal would constitute an excessive interference. Thus, it was more suitable and proportionate in civil proceedings to place greater liability (joint and several) for defamation on a portal owner who provided content services. The Government pointed out in this context that Delfi was a profit-oriented company which had invited visitors to its portal to comment on its articles without identifying the authors of the comments. At the same time the income it earned depended on the advertisements published on the portal, which, in turn, depended on the number of comments. The Government referred to the domestic courts’ finding that Delfi had not acted with the due diligence required in commerce – it had not taken measures which would have precluded the risk of violation of other persons’ rights. At the same time, the domestic courts had not prescribed to Delfi how it should perform its duties, leaving this matter for the applicant company and considering that there were various means of doing this.
65. The Government argued that the applicant company was not a hosting service provider for the purposes of the Information Society Services Act when publishing comments posted on Delfi’s articles. A hosting service provider offered merely a data storage service, while the stored data, their insertion, removal and content (including ability to remove or change the stored data) remained under the control of service users. In the Delfi commenting environment those commenting lost control of their comments as soon as they had entered them, and commenters could not change or delete their comments. Thus, Delfi was not a technical intermediary in respect of comments, but a content service provider. It deleted and modified comments if needed, and had also done so prior to the Supreme Court’s judgment, playing therefore an active role of such a kind as to give it knowledge of, or control over, the data relating to the comments to its articles. The fact that Delfi had taken measures to minimise insulting comments, for example by screening, demonstrated that Delfi had actually been aware of its liability.
66. The Government also pointed out that the comments in question had not attacked the public limited company concerned, but a member of its supervisory board personally, and could not therefore be justified by the exercise by the press of its role of a “public watchdog”. The comments had resorted to offensive and intemperate language and had gone beyond a generally acceptable degree of exaggeration or provocation; they had not stimulated any reasonable public discussion.
67. Lastly, the Government considered that the sum the applicant company had been ordered to pay L. as compensation for non-pecuniary damage (corresponding to EUR 320) had not had a “chilling effect” on the freedom of expression.
2. The third-party intervener’s arguments
68. The Helsinki Foundation for Human Rights in Warsaw provided an analysis of the Polish law concerning the liability related to publication of materials on the Internet. It noted that Polish case-law was inconsistent. In some cases news portals had not been held responsible for comments posted by the readers, in other cases blog-owners or forum administrators had been held responsible for third-party comments. The Helsinki Foundation reiterated that prior restraint was a particularly restrictive measure, and it also indicated a variety of problems related to the notice-and-take-down procedure which called for more precise regulation.
3. The Court’s assessment
(a) Existence of an interference
69. The Court notes that the focus of the parties’ arguments differed as regards the applicant company’s role in the present case. The Government were of the opinion that the applicant company was to be considered the discloser of the defamatory comments, whereas the applicant company considered that the comments had been published by third parties and the applicant company’s freedom to impart information had been interfered with (see paragraphs 48 and 49 above). Regardless of the exact role to be attributed to the applicant company’s activities, it is not, in substance, in dispute between the parties that the domestic courts’ decisions in respect of the applicant company constituted an interference with its freedom of expression guaranteed under Article 10 of the Convention. The Court sees no reason to hold otherwise (see also paragraph 50 above).
70. Such an interference with the applicant company’s right to freedom of expression must be “prescribed by law”, have one or more legitimate aims in the light of paragraph 2 of Article 10, and be “necessary in a democratic society”.
71. The Court reiterates that a norm cannot be regarded as a “law” within the meaning of Article 10 § 2 unless it is formulated with sufficient precision to enable the citizen to regulate his conduct; he must be able – if need be with appropriate advice – to foresee, to a degree that is reasonable in the circumstances, the consequences which a given action may entail. Those consequences need not be foreseeable with absolute certainty. Whilst certainty is desirable, it may bring in its train excessive rigidity, and the law must be able to keep pace with changing circumstances. Accordingly, many laws are inevitably couched in terms which, to a greater or lesser extent, are vague, and whose interpretation and application are questions of practice (see, for example, Lindon, Otchakovsky-Laurens and July v. France [GC], nos. 21279/02 and 36448/02, § 41, ECHR 2007‑IV)
72. The Court further reiterates that the scope of the notion of foreseeability depends to a considerable degree on the content of the text in issue, the field it is designed to cover, and the number and status of those to whom it is addressed. A law may still satisfy the requirement of foreseeability even if the person concerned has to take appropriate legal advice to assess, to a degree that is reasonable in the circumstances, the consequences which a given action may entail. This is particularly true in relation to persons carrying on a professional activity, who are used to having to proceed with a high degree of caution when pursuing their occupation. They can on this account be expected to take special care in assessing the risks that such activity entails (see Lindon, Otchakovsky-Laurens and July, loc. cit., with further references to Cantoni v. France, 15 November 1996, § 35, Reports of Judgments and Decisions 1996‑V, and Chauvy and Others v. France, no. 64915/01, §§ 43-45, ECHR 2004‑VI).
73. The Court notes that in the present case the parties’ opinions differed as to the question whether the interference with the applicant company’s freedom of expression was “prescribed by law”. The applicant company argued that the domestic law did not entail a positive obligation to pre-monitor content posted by third persons, and that its liability was limited under the EU Directive on Electronic Commerce. The Government referred to the pertinent provisions of the civil law and domestic case-law, under which media publications were liable for their publications along with the authors.
74. As regards the applicant company’s argument that its liability was limited under the EU Directive on Electronic Commerce and the Information Society Services Act, the Court notes that the domestic courts found that the applicant company’s activities did not fall within the scope of these acts. The Court reiterates in this context that it is not its task to take the place of the domestic courts. It is primarily for the national authorities, notably the courts, to resolve problems of interpretation of domestic legislation. The Court’s role is confined to ascertaining whether the effects of such an interpretation are compatible with the Convention (see, among others, Pérez de Rada Cavanilles v. Spain, 28 October 1998, § 43, Reports of Judgments and Decisions 1998‑VIII).
75. The Court further notes that pursuant to the pertinent provisions of the Constitution, the Civil Code (General Principles) Act and the Obligations Act (see paragraphs 31 to 36 above), as interpreted and applied by the domestic courts, the applicant company was deemed liable for the publication of the defamatory comments. Although these provisions are quite general and lack detail in comparison with, for example, the Information Society Services Act (see paragraph 37 above), the Court is satisfied that they, along with the pertinent case-law, made it clear that a media publisher was liable for any defamatory statements made in its media publication. The fact that in the present case publication of articles and comments on an Internet portal was also found to amount to journalistic activity and the administrator of the portal as an entrepreneur was deemed to be a publisher can be seen, in the Court’s view, as application of the existing tort law to a novel area related to new technologies (compare, for example, Bernh Larsen Holding AS and Others v. Norway, no. 24117/08, § 126, 14 March 2013, where the Court saw no reason to question the domestic court’s interpretation, according to which legal provisions originally conceived in respect of hard copies of documents were also deemed to apply to electronically stored documents). This does not mean that the provisions of the civil law in question did not constitute a sufficiently clear legal basis for the applicant company’s liability, or that gradual clarification of legal rules was outlawed (compare, mutatis mutandis, Radio France and Others v. France, no. 53984/00, §§ 20 and 30, ECHR 2004‑II). Indeed, general provisions of law can at times make for a better adaptation to changing circumstances than can attempts at detailed regulation (see, for comparison, Times Newspapers Ltd v. the United Kingdom (nos. 1 and 2), nos. 3002/03 and 23676/03, §§ 20, 21 and 38, ECHR 2009, where the “Internet publication rule” relied on a rule originally dating from the year 1849, and Editorial Board of Pravoye Delo and Shtekel v. Ukraine, no. 33014/05, §§ 60-68, ECHR 2011 (extracts), where the lack of reference to Internet publications in the otherwise quite detailed media law gave rise to an issue of lawfulness under Article 10 of the Convention).
76. The Court accordingly finds that, as a professional publisher, the applicant company must at least have been familiar with the legislation and case-law, and could also have sought legal advice. The Court observes in this context that the Delfi news portal is one of the largest in Estonia, and also that a degree of notoriety has been attributable to comments posted in its commenting area. Thus, the Court considers that the applicant company was in a position to assess the risks related to its activities and that it must have been able to foresee, to a reasonable degree, the consequences which these could entail. It therefore finds that the interference in issue was “prescribed by law” within the meaning of the second paragraph of Article 10 of the Convention.
(c) Legitimate aim
77. The Court considers that the restriction of the applicant company’s freedom of expression pursued a legitimate aim of protecting the reputation and rights of others. The Court has taken note of the applicant company’s argument about the liability of the actual authors of the comments. However, in the Court’s view the fact that the actual authors were also in principle liable does not remove the legitimate aim of holding the applicant company liable for any damage to the reputation and rights of others. The question of whether the applicant company’s rights under Article 10 were excessively restricted in the present case by holding it liable for comments written by third parties is a question of whether the restriction was “necessary in a democratic society”, to be dealt with below.
(d) Necessary in a democratic society
(i) General principles
78. The fundamental principles concerning the question whether an interference with freedom of expression is “necessary in a democratic society” are well established in the Court’s case-law and have been summarised as follows (see, among other authorities, Hertel v. Switzerland, 25 August 1998, § 46, Reports of Judgments and Decisions 1998‑VI; Steel and Morris v. the United Kingdom, no. 68416/01, § 87, ECHR 2005‑II; Mouvement raëlien suisse v. Switzerland [GC], no. 16354/06, § 48, ECHR 2012 (extracts)); and Animal Defenders International v. the United Kingdom [GC], no. 48876/08, § 100, 22 April 2013:
“(i) Freedom of expression constitutes one of the essential foundations of a democratic society and one of the basic conditions for its progress and for each individual’s self-fulfilment. Subject to paragraph 2 of Article 10, it is applicable not only to ‘information’ or ‘ideas’ that are favourably received or regarded as inoffensive or as a matter of indifference, but also to those that offend, shock or disturb. Such are the demands of pluralism, tolerance and broadmindedness without which there is no ‘democratic society’. As set forth in Article 10, this freedom is subject to exceptions, which … must, however, be construed strictly, and the need for any restrictions must be established convincingly …
(ii) The adjective ‘necessary’, within the meaning of Article 10 § 2, implies the existence of a ‘pressing social need’. The Contracting States have a certain margin of appreciation in assessing whether such a need exists, but it goes hand in hand with European supervision, embracing both the legislation and the decisions applying it, even those given by an independent court. The Court is therefore empowered to give the final ruling on whether a ‘restriction’ is reconcilable with freedom of expression as protected by Article 10.
(iii) The Court’s task, in exercising its supervisory jurisdiction, is not to take the place of the competent national authorities but rather to review under Article 10 the decisions they delivered pursuant to their power of appreciation. This does not mean that the supervision is limited to ascertaining whether the respondent State exercised its discretion reasonably, carefully and in good faith; what the Court has to do is to look at the interference complained of in the light of the case as a whole and determine whether it was ‘proportionate to the legitimate aim pursued’ and whether the reasons adduced by the national authorities to justify it are ‘relevant and sufficient’…. In doing so, the Court has to satisfy itself that the national authorities applied standards which were in conformity with the principles embodied in Article 10 and, moreover, that they relied on an acceptable assessment of the relevant facts ….”
79. Furthermore, the Court reiterates the essential function the press fulfils in a democratic society. Although the press must not overstep certain bounds, particularly as regards the reputation and rights of others and the need to prevent the disclosure of confidential information, its duty is nevertheless to impart – in a manner consistent with its obligations and responsibilities – information and ideas on all matters of public interest (see Jersild v. Denmark, 23 September 1994, § 31, Series A no. 298; De Haes and Gijsels v. Belgium, 24 February 1997, § 37, Reports of Judgments and Decisions 1997‑I; and Bladet Tromsø and Stensaas v. Norway [GC], no. 21980/93, § 58, ECHR 1999‑III). In addition, the Court is mindful of the fact that journalistic freedom also covers possible recourse to a degree of exaggeration, or even provocation (see Prager and Oberschlick v. Austria, 26 April 1995, § 38, Series A no. 313, and Bladet Tromsø and Stensaas, cited above, § 59). The limits of permissible criticism are narrower in relation to a private citizen than in relation to politicians or governments (see, for example, Castells v. Spain, 23 April 1992, § 46, Series A no. 236; Incal v. Turkey, 9 June 1998, § 54, Reports of Judgments and Decisions 1998‑IV; and Tammer v. Estonia, no. 41205/98, § 62, ECHR 2001‑I).
80. The Court reiterates that the right to protection of reputation is a right which is protected by Article 8 of the Convention as part of the right to respect for private life (see Chauvy and Others, cited above, § 70; Pfeifer v. Austria, no. 12556/03, § 35, 15 November 2007; and Polanco Torres and Movilla Polanco v. Spain, no. 34147/06, § 40, 21 September 2010). In order for Article 8 to come into play, however, an attack on a person’s reputation must attain a certain level of seriousness and be made in a manner causing prejudice to personal enjoyment of the right to respect for private life (see A. v. Norway, no. 28070/06, § 64, 9 April 2009, and Axel Springer AG v. Germany [GC], no. 39954/08, § 83, 7 February 2012).
81. When examining whether there is a need for an interference with freedom of expression in a democratic society in the interests of the “protection of the reputation or rights of others”, the Court may be required to ascertain whether the domestic authorities have struck a fair balance when protecting two values guaranteed by the Convention which may come into conflict with each other in certain cases, namely on the one hand freedom of expression protected by Article 10, and on the other the right to respect for private life enshrined in Article 8 (see Hachette Filipacchi Associés v. France, no. 71111/01, § 43, 14 June 2007; MGN Limited v. the United Kingdom, no. 39401/04, § 142, 18 January 2011; and Axel Springer AG, cited above, § 84).
82. The Court has found that, as a matter of principle, the rights guaranteed under Articles 8 and 10 deserve equal respect, and the outcome of an application should not, in principle, vary according to whether it has been lodged with the Court under Article 10 of the Convention by the publisher of an offending article or under Article 8 of the Convention by the person who has been the subject of that article. Accordingly, the margin of appreciation should in principle be the same in both cases (see Axel Springer AG, cited above, § 87, and Von Hannover v. Germany (no. 2) [GC], nos. 40660/08 and 60641/08, § 106, ECHR 2012, with further references to the cases of Hachette Filipacchi Associés (ICI PARIS), cited above, § 41; Timciuc v. Romania (dec.), no. 28999/03, § 144, 12 October 2010; and Mosley v. the United Kingdom, no. 48009/08, § 111, 10 May 2011).
83. The Court has considered that where the right to freedom of expression is being balanced against the right to respect for private life, the relevant criteria in the balancing exercise include the following elements: contribution to a debate of general interest, how well known the person concerned is, the subject of the report, the prior conduct of the person concerned, the method of obtaining the information and its veracity, the content, form and consequences of the publication, and the severity of the sanction imposed (see Axel Springer AG, cited above, §§ 89-95, and Von Hannover (no. 2), cited above, §§ 108-113).
(ii) Application of the principles to the present case
84. Turning to the present case, the Court notes at the outset that there is no dispute that comments posted by readers in reaction to the news article published on the applicant company’s Internet news portal were of a defamatory nature. Indeed, the applicant company promptly removed the comments once it was notified by the injured party, and described them as “infringing” and “illicit” before the Court. However, the parties’ views differ as to whether the applicant company’s civil liability for the defamatory comments amounted to a disproportionate interference with its freedom of expression. In other words, the question is whether the applicant company’s obligation, as established by the domestic judicial authorities, to ensure that comments posted on its Internet portal did not infringe the personality rights of third persons was in accordance with the guarantees set out in Article 10 of the Convention.
85. In order to resolve this question, the Court will proceed to analyse in turn a number of factors which it considers to be of importance in the circumstances of the present case. Firstly, the Court will examine the context of the comments, secondly, the measures applied by the applicant company in order to prevent or remove defamatory comments, thirdly, the liability of the actual authors of the comments as an alternative to the applicant company’s liability, and fourthly the consequences of the domestic proceedings for the applicant company.
86. The Court notes that the news article published on the Delfi news portal addressed a topic of a certain degree of public interest. It discussed a shipping company’s moving its ferries from one route to another and in doing so breaking the ice at potential locations of ice roads, as a result of which the opening of such roads – a cheaper and faster connection to the islands compared to the company’s ferry services – was postponed for several weeks. The article itself was a balanced one, a manager of the shipping company was given the opportunity to provide explanations, and the article contained no offensive language. Indeed, the article itself gave rise to no arguments about defamation in the domestic proceedings. Nevertheless, the article dealt with the shipping company’s activities that negatively affected a large number of people. Therefore, the Court considers that the applicant company, by publishing the article in question, could have realised that it might cause negative reactions against the shipping company and its managers and that, considering the general reputation of comments on the Delfi news portal, there was a higher-than-average risk that the negative comments could go beyond the boundaries of acceptable criticism and reach the level of gratuitous insult or hate speech. It also appears that the number of comments posted on the article in question was above average and indicated a great deal of interest in the matter among the readers and those who posted their comments. Thus, the Court concludes that the applicant company was expected to exercise a degree of caution in the circumstances of the present case in order to avoid being held liable for an infringement of other persons’ reputations.
87. As regards the measures applied by the applicant company, the Court notes that, in addition to the disclaimer stating that the writers of the comments – and not the applicant company – were accountable for them, and that it was prohibited to post comments that were contrary to good practice or contained threats, insults, obscene expressions or vulgarities, the applicant company had two general mechanisms in operation. Firstly, it had an automatic system of deletion of comments based on stems of certain vulgar words. Secondly, it had a notice-and-take-down system in place according to which anyone could notify it of an inappropriate comment by simply clicking on a button designated for that purpose, to bring it to the attention of the portal administrators. In addition, on some occasions the administrators of the portal removed inappropriate comments on their own initiative. Thus, the Court considers that the applicant company cannot be said to have wholly neglected its duty to avoid causing harm to third parties’ reputations. Nevertheless, it would appear that the automatic word-based filter used by the applicant company was relatively easy to circumvent. Although it may have prevented some of the insults or threats, it failed to do so in respect of a number of others. Thus, while there is no reason to doubt its usefulness, the Court considers that the word-based filter as such was insufficient for preventing harm being caused to third persons.
88. The Court has further had regard to the notice-and-take-down system as used by the applicant company. Indeed, the question of whether by applying this system the applicant company had fulfilled its duty of diligence was one of the main points of disagreement between the parties in the present case. The Court firstly notes that the technical solution related to the Delfi portal’s notice-and-take-down system was easily accessible and convenient for users – there was no need to take any steps other than clicking on a button provided for that purpose. There was no need to formulate reasons as to why a comment was considered inappropriate or to send a letter to the applicant company with the pertinent request. Although in the present case the interested person did not use the notice-and-take-down feature offered by the applicant company on its website, but rather relied on making his claim in writing and sending it by mail, this was his own choice, and in any event there is no dispute that the defamatory comments were removed by the applicant company without delay after receipt of the notice. Nevertheless, by that time the comments had already been accessible to the public for six weeks.
89. The Court notes that in the interested person’s opinion, shared by the domestic courts, the prior automatic filtering and notice-and-take-down system used by the applicant company did not ensure sufficient protection for the rights of third persons. The domestic courts attached importance in this context to the fact that the publication of the news articles and making public the readers’ comments on these articles was part of the applicant company’s professional activity. It was interested in the number of readers as well as comments, on which its advertising revenue depended. The Court considers this argument pertinent in determining the proportionality of the interference with the applicant company’s freedom of expression. It also finds that publishing defamatory comments on a large Internet news portal, as in the present case, implies a wide audience for the comments. The Court further notes that the applicant company – and not a person whose reputation could be at stake – was in a position to know about an article to be published, to predict the nature of the possible comments prompted by it and, above all, to take technical or manual measures to prevent defamatory statements from being made public. Indeed, the actual writers of comments could not modify or delete their comments once posted on the Delfi news portal – only the applicant company had the technical means to do this. Thus, the Court considers that the applicant company exercised a substantial degree of control over the comments published on its portal even if it did not make as much use as it could have done of the full extent of the control at its disposal.
90. The Court has also had regard to the fact that the domestic courts did not make any orders to the applicant company as to how the latter should ensure the protection of third parties’ rights, leaving the choice to the applicant company. Thus, no specific measures such as a requirement of prior registration of users before they were allowed to post comments, monitoring comments by the applicant company before making them public, or speedy review of comments after posting, to name just a few, were imposed on the applicant company. The Court considers the leeway left to the applicant company in this respect to be an important factor reducing the severity of the interference with its freedom of expression.
91. The Court has taken note of the applicant company’s argument that the affected person could have brought a claim against the actual authors of the comments. It attaches more weight, however, to the Government’s counter-argument that for the purposes of bringing a civil claim it was very difficult for an individual to establish the identity of the persons to be sued. Indeed, for purely technical reasons it would appear disproportionate to put the onus of identification of the authors of defamatory comments on the injured person in a case like the present one. Keeping in mind the State’s positive obligations under Article 8 that may involve the adoption of measures designed to secure respect for private life in the sphere of the relations of individuals between themselves (see Von Hannover (no. 2), cited above, § 98, with further references), the Court is not convinced that measures allowing an injured party to bring a claim only against the authors of defamatory comments – as the applicant company appears to suggest – would have, in the present case, guaranteed effective protection of the injured person’s right to private life. It notes that it was the applicant company’s choice to allow comments by non-registered users, and that by doing so it must be considered to have assumed a certain responsibility for these comments.
92. The Court is mindful, in this context, of the importance of the wishes of Internet users not to disclose their identity in exercising their freedom of expression. At the same time, the spread of the Internet and the possibility – or for some purposes the danger – that information once made public will remain public and circulate forever, calls for caution. The ease of disclosure of information on the Internet and the substantial amount of information there means that it is a difficult task to detect defamatory statements and remove them. This is so for an Internet news portal operator, as in the present case, but this is an even more onerous task for a potentially injured person, who would be less likely to possess resources for continual monitoring of the Internet. The Court considers the latter element an important factor in balancing the rights and interests at stake. It also refers, in this context, to the Krone Verlag (no. 4) judgment, where it found that shifting the defamed person’s risk to obtain redress for defamation proceedings to the media company, usually in a better financial position than the defamer, was not as such a disproportionate interference with the media company’s right to freedom of expression (see Krone Verlag GmbH & Co. KG v. Austria (no. 4), no. 72331/01, § 32, 9 November 2006).
93. Lastly, the Court notes that the applicant company was obliged to pay the affected person the equivalent of EUR 320 in non-pecuniary damages. The Court is of the opinion that this sum, also taking into account that the applicant company was a professional operator of one of the largest Internet news portals in Estonia, can by no means be considered disproportionate to the breach established by the domestic courts.
94. Based on the above elements, in particular the insulting and threatening nature of the comments, the fact that the comments were posted in reaction to an article published by the applicant company in its professionally-managed news portal run on a commercial basis, the insufficiency of the measures taken by the applicant company to avoid damage being caused to other parties’ reputations and to ensure a realistic possibility that the authors of the comments will be held liable, and the moderate sanction imposed on the applicant company, the Court considers that in the present case the domestic courts’ finding that the applicant company was liable for the defamatory comments posted by readers on its Internet news portal was a justified and proportionate restriction on the applicant company’s right to freedom of expression.
There has accordingly been no violation of Article 10 of the Convention.
FOR THESE REASONS, THE COURT UNANIMOUSLY
1. Declares the application admissible;
2. Holds that there has been no violation of Article 10 of the Convention.
Done in English, and notified in writing on 10 October 2013, pursuant to Rule 77 §§ 2 and 3 of the Rules of Court.
André Wampach Isabelle Berro-Lefèvre
Deputy Registrar President