Title: .C. E-COMMERCE DIRECTIVE 2000/31

This directive was adopted to ensure legal certainty, consumer confidence and free movement of ‘information society services’ between the EU Member States. The directive, as stated in recital 14, should be in full compliance with the principles relating to personal data protection, in particular as regards unsolicited commercial communication and liability of intermediaries.  

The directive cannot prevent anonymous use of open networks such as the Internet. It contains important provisions regarding information to be provided and regarding liability. Section 4 of the Directive, titled “liability of intermediary service providers”, constitutes a very important part of the directive.

1. In the case of mere conduit, the service provider is not liable for the information transmitted, on condition that the provider: (a) does not initiate the transmission; (b) does not select the receiver of the transmission; and (c) does not select or modify the information contained in the transmission (article 12.1.).

2. In case of caching (article 13), service providers are not liable for the automatic, intermediate and temporary storage of that information, performed for the sole purpose of making more efficient the information’s onward transmission to other recipients of the service upon their request, on condition that the provider: (a) does not modify the information; (b) complies with conditions on access to the information (c) complies with rules regarding the updating of the information, specified in a manner widely recognised and used by industry (d) doesn’t interfere with the lawful use of technology, widely recognised and used by industry, to obtain data on the use of the information; and (e) acts expeditiously to remove or to disable access to the information it has stored upon obtaining actual knowledge of the fact that the information at the initial source of the transmission has been removed from the network, or access to it has been disabled, or that a court or an administrative authority has ordered such removal or disablement.

3. In the case of hosting (article 14), a service provider is not liable for the information stored at the request of a recipient of the service, on condition that (a) the provider does not have actual knowledge of illegal activity or information and, as regards claims for damages, is not aware of facts or circumstances from which the illegal activity or information is apparent; or (b) the provider, upon obtaining such knowledge or awareness, acts expeditiously to remove or to disable access to the information.

Regarding the liability of internet service providers, we underline that this directive does in fact not apply to legal issues concerning privacy and data protection. As a consequence, one can conclude that notice-and-take down procedures may not be applicable in the case of infringements of privacy and data protection laws. We suggest that the notice-and-take down procedure could be a useful tool to provide control and safeguards in AmI environments.

Regarding the information obligation, we refer again to the fact that this information should be given in a technologically intelligible form, understandable for the intelligent agent of the AmI user (ambient law).