The final form E-commerce Regulations are very similar to the
draft Regulations, which themselves were very similar to the EU’s
original E-commerce Directive. The Directive introduced a “country
of origin” principle on which country’s laws should be followed by
businesses, certain new information requirements for web sites,
rules on commercial e-mail and rules on liability for hosting,
caching or transmitting content or communications.
However, there are some changes in the final Regulations which
were laid before Parliament on 31st July. Mostly, these clarify
perceived ambiguities in the draft Regulations.
Country of Origin principle
The final Regulations include a new paragraph which clarifies
that, subject to certain exceptions:
"…any requirement which falls within the
co-ordinated field shall apply to the provision of an information
society service by a service provider established in the United
Kingdom irrespective of whether that information society service is
provided in the United Kingdom or another member State."
The draft Regulations intended the same effect – but the ISPA
and others argued that the wording was ambiguous.
Private international law
The draft Regulations explicitly provided that they neither
established additional rules on private international law (i.e. the
part of UK law that deals with cases having a foreign element, such
as where a contract is made in a foreign country or one or more of
the parties is not resident in the UK) nor dealt with the
jurisdiction of courts.
The Government stated that the effect of this was that UK courts
would continue to follow the requirements of the Private
International Law (Miscellaneous Provisions) Act 1995 but that the
application of the law dictated by them would be subject to a
restrictions test in accordance with the internal market provisions
of the Regulations.
The ISPA and others argued that preserving private international
law, albeit in modified form, was inconsistent with the intent of
the Directive to establish country of origin regulation of
information society services and that, as a consequence, the
Regulations would fail to provide the legal certainty needed by
UK-established service providers to trade and be competitive in
Europe.
The Government has removed the provision on private
international law accordingly.
Internal market
The E-Commerce Directive requires the UK to ensure that
information society services provided by service providers
established in the UK comply with the national provisions
applicable here irrespective of where in the European Economic Area
the service is being provided.
The ISPA points out that draft Regulations made it explicit that
UK enforcement authorities would have to apply UK provisions to UK
service providers, even when the recipient was elsewhere in the
EEA, and left it implicit that this required UK service
providers to comply with UK provisions in the first place.
During the consultation period, some argued that the requirement
for UK service providers to comply with UK provisions should be
clearly stated. The Government accepts that this would represent a
more transparent implementation of the Directive’s requirements and
has recast the Regulations accordingly.
However, because of the need to extend the scope of recipients
for whose benefit UK enforcement authorities must act, the
Regulations also retain the existing wording to this effect.
Rules on liability for hosting etc.
The draft Regulations set out the conditions upon which an ISP
avoids liability for damages for caching information, in order to
protect ISPs from responsibility for users’ material over which
they have little control.
The final Regulations still mean that ISPs will not be liable
for damages, but they add the words, “or for any other pecuniary
remedy or for any criminal sanction”.
The same change has been made to liability for hosting material,
together with a new wording to make a condition of avoiding
liability contingent upon a claim of damages actually having been
made.
The draft Regulations provided that each provision most relevant
to ISPs on avoiding liability for hosting, caching etc. would act
as a defence to criminal proceedings. However, there is a new
condition which shifts a burden of proof to the prosecution: where
evidence is given by an ISP to show compliance with the relevant
conditions set out in the Regulations, the court or jury shall
accept that the defence is satisfied unless the prosecution proves
beyond reasonable doubt that it is not.
An entirely new clause in the final Regulations provides that,
in determining whether an ISP has “actual knowledge” for the
purposes of meeting the conditions for avoiding liability for
illegal material, “a court shall take into account all matters
which appear to it in the particular circumstances to be relevant
and, among other things, shall have regard to:
(a) whether [the ISP] has received a notice
[to its e-mail address or other contact details, details which must
be provided on its web site]; and
(b) the extent to which any notice includes
-
(i) the full name and address of the sender
of the notice;
(ii) details of the location of the
information in question; and
(iii) details of the unlawful nature of the
activity or information in question.”
The
final Regulations
