The new Defamation Bill promised in the Queen’s Speech has now been published. Although it also contains changes to what statements can give rise to liability for defamation, the most interesting part for network operators is likely to be the new provisions on liability for those who host third party content on web sites and blogs.
Section 1 of the current Defamation Act 1996 essentially gives hosts two options when they receive a complaint that a statement on their site is defamatory:
- remove or modify the statement promptly, and be sure that they cannot incur liability for the defamation;
- leave the statement untouched and risk being found liable for publication if it is subsequently found to be defamatory.
Paragraph 5 of the Bill would create two more options:
- If it is possible for the claimant to identify the person who posted the statement, then the host is protected from liability and does not need to do anything;
- If it is not possible for the claimant to identify the poster, then the host is protected from liability so long as they follow a process or processes that will be specified in a subsequent Statutory Instrument.
While the new options are welcome, the current wording creates three obvious questions:
- What is included within the scope of “website”? And how will this affect future publication technologies that haven’t yet been invented?
- Is the “operator” of a website the person that runs the server, the website software, the main author of a blog, etc.? I would hope that at least those three are covered.
- What is meant by “identifying” the person who posted the statement? This posting says that it was written by “Andrew Cormack”, but searching the web reveals several individuals with that name. Or is it sufficient that a complainant could request a Norwich Pharmacal Order against the operator of this site and discover which of them it is? I would imagine that a website operator would want to be very sure that the poster was indeed sufficiently “identifiable” before they left an allegedly defamatory statement untouched.
Section 5(4) of the Bill also specifies what needs to be in a notice in order to trigger this process: a welcome clarification.
During the consultation process that led to this Bill, it was also suggested by the Joint Parliamentary Committee that it might change the current legal position that encourages a website operator to wait for complaints rather than proactively checking for defamatory statements. I’ve a feeling that the double negatives (“you have a defence… unless” )in the Bill do actually have that effect, but I need to study them a bit more to be sure. If so, as noted below, this would only apply to proactive checking for defamatory statements, not to other types of unlawful publication.
The consultation also suggested that there might be a process to allow a website operator to ask for a judicial ruling on whether an anonymous posting was defamatory, if it felt that there was good reason not to remove it (for example because of the statutory duty on universities and colleges to promote free speech). That doesn’t seem to be in the Bill, but it could still be included in the Regulations.
And, of course, this Bill only affects liability for defamation, not for other types of civil or criminal illegality, such as copyright breach. Those will continue to be covered (by default) by the notice and takedown procedures in the eCommerce Directive.