Steven Price

My book

Media Minefield

Guide to NZ Media Law

Official Information Act

Official Information Act

Bill of Rights Act

Media law resources

Feeds (RSS)

« | Main | »

How to shut down speech on the internet. Maybe.

By Steven | September 4, 2008

Sebastian Hoegl, a masters student from Germany in my media law seminar, made a startling suggestion this week.

Since we all access the internet via an ISP (we put in a web address, the ISP hives off, collects the data, and sends it to our computers), then the ISPs are publishing that material to us. All of it. Sebastian’s point: if ISPs are sending us material that is defamatory, or in contempt of court, or breaches confidentiality or privacy or a suppression order… aren’t they liable for it?

I’m not debating whether they ought to be liable for it. The question is, under our law at the moment, are they?

Take defamation. ISPs might well be innocent disseminators of this information (I discussed this here). But as soon as they are alerted to defamatory material, they lose this defence. If they don’t stop their publication of the material – even in response to users’ requests – they become liable for the defamation. That means they’d have to block users’ access to that particular material or site. So what’s to stop a lawyer, whose client feels defamed online, from writing to all ISPs in the country (or at least all the main ones) asserting the defamation, and insisting that they block their users’ access to the site or they’ll face a defamation action for their role in the publication? Remember that under normal rules, everyone in the chain of distribution is liable for the defamation, from the journalist to the publisher, and the printer and bookshop owner are only off the hook until they get notice that what they’re printing or selling may contain defamatory material. Why are ISPs different?

Of course, the lawyer already has the ability to write to the ISP hosting the site (if it’s a NZ site), give notice of the defamation, and tell them to have it taken down or face joint liability for it. But what if that ISP is ornery, or badly advised, or taking a principled stand to uphold the rights of its clients? Or, more to the point, what if the host is overseas-based? Sebastian’s suggestion allows the targeting of the NZ entities facilitating access to the material.

Take another example. If the Solicitor-General writes to all the New Zealand ISPs and says: “X blog contains material that is prejudicial to upcoming trial Y. You are not hosting X blog, but you are allowing your users to access it when they type in X blog’s URL. If you continue to allow such access, you may be prosecuted for contempt of court”. I can’t see that that the ISP has any choice but to block the material. China manages it, so it must be technically possible.

Again – I’m not trying to argue that this is necessarily a good thing. The implications are profound, I think, and I want to mull them over. What I’m wondering now is: have I missed anything that undermines this legal analysis?

Topics: Breach of confidence, Contempt of Court, Defamation, Internet issues, Suppression orders | 9 Comments »

9 Responses to “How to shut down speech on the internet. Maybe.”

  1. muso Says:
    September 4th, 2008 at 11:10 am

    While the information passes through our ISPs, I’m not sure we can say that they send us the information. That seems to be based on the premise that since an ISP could conceivably prevent us from accessing something, it therefore counts as a publisher. But isn’t the definition of a publisher more than that? (That’s just a hunch – I don’t actually know, its been a while since I looked it up).

    A request for data passes through about 15-20 different servers each way (your computer -> host computer and back again – type traceroute into a unix or osx terminal). On this analysis each computer in that chain would be liable under defamation and would have to prevent access, merely because it *passes through them*.

    I think an ISP has a different nature to the list of things in your previous blog: “In a newspaper: the quoted source, the reporter, the subeditor, the editor, the publisher, the printer, the paperboy, and the bookshop.” Doesn’t enabling transmission of the material (my view of an ISP) come closer to selling the paper it is printed on to the newspaper, rather than a bookshop which sells the end product? That said, it’s a shit analogy, and I only think my interpretation is one of many. Certainly a difficult question, one that probably needs determination by Parliament rather than the Courts.

  2. Steven Says:
    September 4th, 2008 at 11:28 am

    I’m afraid the common law definition of publisher (for defamation anyway) is pretty wide. Dunno about the “pass-through” servers. But I would have thought the case is fairly easy to make that the contracted ISP immediately responding to the user’s request for information is publishing it to them. Or at least that conclusion is hard to resist. The blank newsprint seller isn’t passing on the defamatory information.

  3. muso Says:
    September 4th, 2008 at 12:23 pm

    The way I see it, the ISP just facilitates the user’s access to the end server, the same as all the pass-through servers. I think that definitely there’s an easy case to make for the end/host server, but can we exclude ISPs from the “publisher” category by distinguishing transmission from facilitation? Wouldn’t it be a better and still valid interpretation of “publish” if it included transmission (in the sense that it means me being in possession of the defamatory information, and giving it to you) but excluded facilitation (I don’t have the information but I can provide a way for you to get it – the internet)?

    This is where the “being able to prevent” factor would come in – ISPs can prevent defamation because they facilitate access. But that’s all that facilitation entails – being able to prevent, not “transmission” in the sense above. The government could prevent access by setting up a Great Firewall of New Zealand, and I think that this entails that the government facilitates access, depending on your interpretation of causation. But they do not have the information and give it to you, just as an ISP does not possess the information and pass it to you – it passes *through* the ISP.

    If, on the other hand, an ISP was caching data to save on costs like I’m sure some do, I think they would count as a publisher. There’s a difference between storing data to serve up to your customers, and passing data through to them from the host server. Or is there? I’m (probably obviously) not familiar with the exact definitions here.

  4. lyndon Says:
    September 4th, 2008 at 1:34 pm

    I suppose from the point of view of the actual people in the ISP, serving particular content is not a deliberate, positive act the way it is for more traditional publishers. If that helps.

    I was just going to add that that ISPs have also been known to cache popular pages automatically which might confuse things further. At least it think the uni did this when i was there, but INAISP.

  5. mushion22 Says:
    September 4th, 2008 at 1:35 pm

    Like muso said, it would depend on whether the ISP caches data or not. The way internet pages are retrieved is not as straight forward as “we put in a web address, the ISP hives off, collects the data, and sends it to our computers.”

    Your computer has a physical connection (somehow, via cables, radio waves etc) to a network of computers, which is usually your ISP, which has onward connections to a bunch of other networks where other computers hold web pages.

    Generally, your computer does not request the information from your ISP at all. It may request the IP address that corresponds to the URL you requested from the ISP (and the ISP will then forward the request if it does not have the address information) but then your computer sends a “packet” of information containing a request to the host containing the pages you want, which in turn transfers the information to your computer. The ISP merely see’s the packet, which is the electronic equivalent of an envelope with a to and from address, and directs the envelope to the appropriate network where that host resides, much like NZ Post would direct letters to other “networks” of post boxes in other regions. The host then sends a packet (or series of packets) back to your address via one or more networks. The computers (or “routers”) along the way merely read the address information and direct them down the appropriate route, unless sophisticated inspection or caching mechanisms are used.

    I am uncertain as to how common law would interpret caching in terms of whether it counts as “publishing.” It would be better to look into cases if there are any as to whether ISPs hold liability for incidental storage. A commonly discussed form of this is whether ISPs are liable for pages created by others but hosted on their equipment (eg personal home pages, forums etc).

    The postal analogy is probably appropriate, particularly if you consider where a person had ordered some material and it is being delivered via the postal “network.” Is NZ Post liable for incidentally possessing packages that contain defamatory material and forwarding them to you? Would they be liable if they were advised that they were in the possession of a package that contained defamatory material? Are they required to inspect all packages and discard those that contain defamatory material?

    In the case of caching, it would be similar to NZ Post having some machine that is able to replicate packages without knowing the contents – only the original location of the package.

    This debate should also include telephone conversations and fax transmissions. The way they work is similar. Your phone call is carried electronically via one or more networks of telephones and even in some cases stored by means or voice mail recorders or message centres. The technology exists to filter phone conversation/fax content (at some great expense), so if ISPs were to be liable, telephone companies should be liable too seeing as the principle of transmission is the same.

    Whether ISPs are realistically able to universally prevent access is debatable. It does in fact require significantly expensive equipment to do that, and degrades the performance of the internet significantly. Some are able to afford that type of equipment, but it is generally to control access to copyrighted material or to restrict speeds on lower price plans.

    With the copyright amendment act, ISPs have been made liable for copyright infringement only if they do nothing to prevent access to a user after bring notified of an infringement. As for defamation and other situations, I agree with muso in that it is another area where statutes have not been amended to reflect advances in technology.

    I would also agree that an ISP is merely a transmission medium, rather than a publisher – although under current defamation law I assume this would still technically make them liable, unless there has been a case where the judge has taken into account the nature of technology and the negative impacts a judgment making ISPs liable would have.

  6. Sebastian Hoegl Says:
    September 4th, 2008 at 2:30 pm

    Muso said: “Certainly a difficult question, one that probably needs determination by Parliament rather than the Courts.”

    That is pretty much the point I was trying to make in my paper and presentation. My fear is, as the situation is so unclear, ISPs (but not only them) will be inclined to takle stuff down or prevent access to not risk being liable. That would certainly be the advise I would be giving to a client.

    And as far as I know, every ISP caches material, at least of popular pages. That for sure makes them a publisher.

    ISPs also definitely have the technical ability to block certain pages, it has happened in Germany numerous times, from overseas Nazi-pages to just recently the blocking of “youporn” by one of the biggest german ISPs. They had received a complaint that “youporn” didn’t follow the German rules for age-restricting access, so they blocked the page for a couple of days until the problem was sorted out.

    One thing seems obvious to me: we need to find a way to balance the rights of free speech and access to information with the rights of others not to be defamed, harassed or otherwise offended. That basically no country I have looked at has done so worries me a bit.

    Addendum: The Copyright (New Technologies) Amenement Act 2008 as I read it requires ISPs (and they have a very wide definition of ISPs) to take down infringing material or prevent access to it to avoid liability. I don’t really like that system, (because it forces an ISP into a judicial role which I am sure not all can deal with), but I don’t see why we can’t use the same system for other material as well to reach consistency.

    At the very least an ISP would know what to do to avoid liability.

  7. Steven Says:
    September 4th, 2008 at 3:32 pm

    musion22 added a second post:

    PS: It is also possible to perform a traceroute on a windows machine by opening up a command prompt (Click start > run, type in cmd and press ok) and typing in tracert hostname (eg: tracert and press enter and it will give a list of all the routers that the packets were sent via.

    (Sorry, I deleted this in error).

  8. nigel_k Says:
    September 5th, 2008 at 11:58 am

    The analogy with printed material is the most obvious one but is far from perfect, e.g. the absence of a deliberate, positive act mentioned above, the possibility of encryption. ‘Publish’ could be interpreted so it requires a deliberate act and does not include mere failure to block the passage of data. It is a BORA consistent meaning that can be given to the word ‘publish’.

    Also, the ISP cannot easily block content. They can block a URL but the content may be on other pages or even on the same page but accessed via a different URL. To effectively block the content they need to suspend the account of the person posting it, rather than trying to do it at the receiving end. Then it is like a phone company being held liable for failing to cut off someone’s phone after they used it to transmit defamatory material in a phone call. I don’t know if the phone company is liable in that situation but it seems extreme if they are.

  9. Rick Shera Says:
    September 8th, 2008 at 6:19 pm

    This is all part of a call for Someone to do Something about X. The Someone is increasingly being argued to be the ISP; the Something is being described as intermediation (making the ISP the gatekeeper or de facto policeman for the internet); and the X is … well pick your favourite emotive net nastiness of the day, be it copyright infringement, objectionable material involving children, publication of bomb making instructions, suicide material, defamation or whatever.

    One of the big problems it seems to me (as Sebastian says) is that ISPs are being forced into a quasi judicial role, without statutory protections, on the basis of allegation only, without cost recovery and in danger of being accused of endangering free speech. And yet we want a vibrant digital economy based on better and faster internet access.

    Sorry to veer off topic slightly from the defamation thread but my current bete noir in this area is s92A of the Copyright Act, recently introduced by the Copyright (New Technologies) Amendment Act (but not yet in force). It is far worse than the notice and takedown section 92C referred to by Sebastian above. It is suggested by rights holding organisations that this new section envisages what they refer to as a “3 strikes and you’re out” process. So that, after an ISP receives (and matches the IP address to its customer and then logs) 3 infringement allegations, it is supposed to terminate the alleged infringer’s internet account. Innocent until proven guilty? Yeah right.


You must be logged in to post a comment.