In 2000, the EU legislature adopted the landmark Ecommerce Directive, which provides – at certain conditions – for limitations of liability of certain information society service providers (ISSPs) as potentially arising out of illegal activities committed by users of their services.
The Ecommerce Directive safe harbours are available to mere conduit (Article 12), caching (Article 13), and hosting (Article 14) providers.
As readers will know, the safe harbour system will be maintained in the upcoming Digital Services Act (DSA). In relation to this, a notable discussion ensued during the negotiations has been that regarding the treatment of search engines. What is a search engine from the perspective of the safe harbour system: a caching provider, hosting provider, something else? And should search engines be governed by a specific safe harbour? [If you wish to know how all this ended, read on]
According to the Italian Supreme Court, a search engine is a hosting provider that is potentially eligible for the application of the corresponding safe harbour.
In 2017, the colleague of the claimant’s had been found liable of defamation for stating, on a website that he managed, that the claimant was a member of the mafia and the author of several crimes.
Marcel was not happy when he read something about himself on the internet ...
Despite the claimant’s request to Google to remove URLs to and search information relating to such defamatory statements such a request was not complied with, even after the decision against the claimant's colleague became final.
The claimant thus brought an action before the Milan Court of First Instance which, in 2020, ordered Google to delist the relevant URLs and search information, as well as compensating the moral damage (EUR 25,000) caused to the claimant due to its inactivity.
Among other things, the Milan court considered that a search engine could be in principle considered akin to a hosting provider. Nonetheless, it excluded the applicability of the corresponding safe harbour regime under Legislative Decree 70/2003 (the Italian transposition of the Ecommerce Directive) in general terms, finding that the relevant conditions thereof would not be satisfied by search engines.
The Milan court considered that the hosting safe harbour does in principle only apply to ISSPs in relation to third-party information. A search engine would not meet this requirement, on consideration that it aggregates information based on choices that it undertakes out of its own volition [😕… so much for net neutrality!].
All this said, the Milan court found Google liable not because of the inapplicability of the hosting safe harbour in the specific circumstances at issue, but because of the general tort liability provision in the Italian Civil Code (Article 2043).
Italian Supreme Court finds that search engines are in principle eligible for the hosting safe harbour … but not in this specific case
Google appealed to the Italian Supreme Court. It is worth recalling that this is not a court on the merits: it is instead tasked with ensuring the correct interpretation and application of the law.
Among the grounds of appeal, there was that arguing that the Milan court had misinterpreted and misapplied the safe harbour regime. Google submitted that that court had unduly considered that its search engine would be a hosting provider. According to Google this approach would be incorrect: the Milan court should not have investigated the hosting safe harbour but should have instead considered a search engine akin to a caching provider and, consequently, applied the corresponding safe harbour.
Insofar as the qualification of a search engine is concerned, the Italian Supreme Court considered that the Milan court had correctly considered the function of a search engine as being akin to hosting. This said, the Supreme Court also found that the Milan court had been wrong in excluding tout court the applicability of the hosting safe harbour to search engines.
All this said, in this specific case, it was correct to exclude any limitation of liability on the side of the search engine operator: despite that the Google was notified of the decision by which the colleague of the claimant had been found liable for defamation, it failed to delist the URLs relating to the illegal information. As such, the search engine did have actual knowledge of the illegal information and yet failed to act expeditiously to disable access to it, as it is instead required under the national provision corresponding to Article 14(1)(a) of the Ecommerce Directive.
As mentioned, the discussion of how search engines should be treated has been a vexed issue in the negotiations leading up to the DSA. The Council mandate proposed that Article 4 therein should set forth a safe harbour available to “caching and online search engines”.
Incidentally, the introduction of a search engine specific safe harbour as proposed in the Council Text could have potentially entailed a more favourable treatment of search engines compared to hosting providers and online platforms, even where the function that they perform is that of a hosting service. In particular, they might have ended up not being the addressees of some of the most relevant due diligence obligations and notice-and-action requirements.
The most recent version of Article 4 of the DSA, that is the one on which a consensus has been ultimately found, only refers to “caching”.
In any event, as the Italian Supreme Court’s decision also shows, under the current law search engines are not in principle devoid of protection under the safe harbour system.
Even though in its first report on the application of the Ecommerce Directive the Commission expressly acknowledged that the liability of search engines was outside the scope of that directive, in the Impact Assessment accompanying the DSA proposal, it indicated that some EU Member States have provided for safe harbour protection to search engines at the same conditions as hosting providers.
The Commission itself received submissions from search engines arguing that they would qualify as caching providers.
Ultimately, in its DSA proposal the Commission (correctly) considered, inter alia in line with CJEU case law (in particular Google France), that search engines, including their advertising features, might be regarded as hosting providers in certain cases and benefit in principle from the protection under Article 14 of the Ecommerce Directive.
To conclude: certain functions of search engines need arguably to be qualified as caching, while others are to be regarded as hosting. Even after the DSA enters into force and despite the ultimate lack of a search engine-specific safe harbour, the limitations of liability for, respectively, caching and hosting will remain available to these ISSPs, of course provided that the relevant requirements thereof are fulfilled in the specific circumstances at hand.
[Originally published on The IPKat on 3 July 2022]