Skating On Thin Ice: penalties for website owners and keyboard warriors

The recent decision of the Grand Chamber of the European Court of Human Rights (ECHR), Delfi SA v. Estonia, Application no. 64569/09, 16 June 2015, is helpful in confirming the rules surrounding when and why website operators can be held liable for content posted on their websites by their users.

The area of liability for User Generated Content (or “UGC”) is largely governed by EU Regulations, which, in general, state that if website operator acts as a “mere conduit” and does not filter, or otherwise regulate content which appears on their website, then they have no responsibility for the content of those comments. The general EU regime that governs internet intermediaries is contained in the Electronic Commerce Directive 2000/31/EC. This states that EU Members States must ensure that their national laws provide intermediaries with immunity from all liability (subject to certain requirements outlined below) arising from hosting, transmitting or caching unlawful third party content. However, as noted above, this immunity is subject to the intermediary’s role being a passive one, with no knowledge or control over the content.

Furthermore, the intermediary must operate an effective ‘notice and take down’ procedure. That means that if the intermediary has actual or ‘constructive’ knowledge of the content (for example, if a website user makes a complaint, purporting a comment is defamatory or otherwise unlawful) but fails to remove or disable access to it, then immunity is not available to them.

Background to the claim

A popular Estonian online news service, Delfi, posted an article concerning ice bridges. This generated a large number of responses, including some particularly offensive comments towards an individual implicated in the story. Those comments remained on the website for 6 weeks until the individual requested both their removal and damages. Delfi removed these comments the same day, but refused to pay damages.

When the claim was dealt with by the national court, the individual was awarded damages – albeit an amount substantially less than originally claimed.

In response to the decision, Delfi proceeded to argue that the national court’s ruling of liability for defamatory comments posted by its readers was a breach of its right to freedom of expression, and consequently a violation of Article 10 of the European Convention on Human Rights. Claims that corporate entities (or “legal persons”) should have the same human rights as natural persons are not a new thing, with the most famous success to date being found in Citizens United v. Federal Election Commission (2010), a US Supreme Court case which held that corporations were entitled to the same constitutional right to freedom of expression as private citizens, leading to the unleashing of (now ubiquitous) ‘Super PACs’ into the field of US Politics.

Ignorance is not bliss

In spite of its arguments, it was held that Delfi was liable for the offending comments which had been posted on its website, due to its power to moderate such content.

It is particularly notable that this case highlights the fact that a website provider may be held liable for featuring offending material on its website before receiving express notification of a complaint from a user. Whilst Delfi did have terms of use prohibiting users from using threatening and abusive language, and an automatic filter to delete comments based on certain words, it appears this was ineffective and that its attempts to moderate its site were sufficient to make it liable for anything that slipped through the cracks. Consequentially, by a majority of fifteen votes to two, the ECHR upheld the rejection by the lower chamber of the ECHR of the news service’s claim, ultimately finding them culpable for the comments posted by its users.


This decision is neither strikingly novel nor revolutionary, and the position essentially remains the same as previously for Website operators.

The decision is not a huge blow to online freedom as many may argue. The decision paid particular attention to context, justified by the fact that Delfi is a professionally managed internet news portal, run on a commercial basis, and with active moderation of UGC. Therefore, social media sites and private bloggers need not worry about any new obligations being imposed upon them in the immediate future.

The decision does however serve as an important reminder to those who operate websites featuring UGC; if you take steps to monitor and moderate your content, then it is not sufficient to simply rely on user notifications before deleting potentially unlawful posts. While responding quickly and effectively to unlawful material remains crucially important for website operators, any moderation program which is operated must be robust and effective.

Should website operators try to skate around their obligations and fail to moderate their platforms in the necessary fashion then, as the Delfi case starkly illustrates, they may find themselves on a slippery slope towards paying substantial damages to the aggrieved subjects of their users’ posts.


For more information on the Delfi decision, or to discuss how the above issues might affect your online offering, please contact Raoul Lumb on 0203 206 2791 or at