| Parliamentary Assembly Assemblée parlementaire |
 |
Internet and the law
Doc. 10064
6 February 2004
Report
Committee on Legal Affairs and Human Rights
Rapporteur: Mr Christos Pourgourides, Cyprus, Group of the European People's
Party
For debate in the Standing Committee — see Rule 15 of the Rules of Procedure
Summary
Although the structure of the Internet makes it impossible to regulate, it is generally recognised that internet users should behave in a civic manner.
The Committee of Ministers adopted a political message on the occasion of the World Summit on the Information Society (WSIS) (Geneva, December 2003) and made a proposal to examine the possibility of offering a platform to draft an international code on inter alia the rights and duties of internet users. The Dutch Presidency of the Committee of Ministers for its part is deploying efforts towards the drafting of such an instrument, in co-operation with public stakeholders and private interests.
The Parliamentary Assembly therefore recommends that the Committee of Ministers establish a legal instrument, preferably in the form of an enlarged convention on inter alia the basic rights and duties of internet users.
It recommends that it establish, in the framework of the convention, an international body, based in Europe, and representing various cultural approaches.
Finally, it asks the Committee of Ministers to give to this body the responsibility for drawing up and monitoring the rules and principles to adapt them if necessary and to ensure that they are respected by national cyberethics committees backing it.
I. Draft recommendation [Link to the adopted text]
1. The Parliamentary Assembly recalls the importance of the Convention on cybercrime and the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data for creating trust through the rule of law.
2. The Assembly welcomes the political message adopted by the Committee of Ministers on the occasion of the World Summit on the Information Society (WSIS) (Geneva, December 2003) and especially the proposal by the Committee of Ministers to examine the possibility of offering a platform to draft an international code on inter alia the rights and duties of internet users. It welcomes the efforts of the Dutch presidency of the Committee of Ministers towards the drafting of such an instrument, in co-operation with public stakeholders and private interests.
3. The structure of the Internet makes it all but impossible to regulate, but at the same time the Assembly acknowledges that there is a general recognition that Internet citizens are to be encouraged to behave in a civic manner.
4. Various states and private interest groups are actively encouraging the adoption of codes of Internet ethics.
5. The Assembly is nevertheless of the opinion that it has to be decided what is meant by “ethical” behaviour on the Internet, and the principles to be applied collectively to all (access or service) providers, and individually to Internet users, have to be established.
6. The Assembly suggests that the setting-up of a European web ethics authority, backed by national cyberethics committees in all the states which have Internet technology, is the key to making businesses and private users responsible for using the Internet lawfully as well as ethically.
7. For these reasons, the Parliamentary Assembly recommends that the Committee of Ministers:
i. establish a legal instrument, preferably in the form of an enlarged convention on inter alia the basic rights and duties of internet users;
ii. establish, in the framework of the convention, an international body, based in Europe, and representing various cultural approaches;
iii. give to the above-mentioned body the responsibility for drawing up and monitoring the rules and principles and ensuring that national cyberethics committees backing it respect them;
iv. calls on the governments of member states to give to the above-mentioned national committees the power of supervision at national level.
II. Explanatory memorandum
by Mr Pourgourides, Rapporteur
Introduction
1. In November 2000, my predecessor, Mr Ivar Tallo, submitted to the Committee an introductory memorandum on “Internet and the law”, essentially concerned with legal developments relating to the use of the Web. At that time, the Council of Europe’s intergovernmental sector had just finished its work on harmonising national criminal law in this area and finding ways of investigating computer crime. In September 2000, the Ministers' Deputies sent the result of this work, in the form of a draft Convention on Cybercrime, to the Assembly for opinion. My predecessor then concentrated on drafting this opinion: instead of a hearing on the legal problems posed by the Internet, a hearing on cybercrime, attended by the European Commission, was held in Paris on 6 March 2001, and the opinion itself was approved by the Committee on 6 April 2001. The Convention on Cybercrime was opened for signature on 23 November 2001, but has not yet come into force. In fact, it has been ratified by only three countries: Albania, Croatia and Estonia. An additional protocol, prompted by the Assembly’s insistence that racist and xenophobic acts committed via the Internet should be criminalised, has since been opened for signature (on 28 January this year), but has not so far been ratified by any state party to the Convention. Since the first introductory memorandum, there have been various new developments, both legislative and judicial, at European and national level. The Secretariat submitted a memorandum on the changes on 25 June 2003.
Reason for this report
2. Since the original terms of reference in Order 531 (1997) are clearly obsolete, and the Convention on Cybercrime already covers criminal sanctions for computer crime, it remained for this report to tackle a vast legal issue - Internet ethics, which some people call “nethics”.
Definition
3. Nethics or “cyber ethics” are usually taken as comprising all the moral principles which govern the behaviour of websurfers (i.e. Internet users or, sometimes, “Internet citizens”).
4. Nethics are tending to replace “netiquette”, which is simply a series of good conduct rules for the Internet (seen by some users as prohibiting intrusive commercial advertising, or political and religious “propaganda”, and encouraging Internet citizens to behave in a manner regarded as “civic”.)
Scope of the report
5. Cybercrime, which we mentioned earlier, illustrates the full range of problems raised by conduct which violates nethics. The Council of Europe’s Convention on Cybercrime is the first legally binding international instrument to criminalise such offences as computer piracy, data violation, copyright infringement and the dissemination of unlawful (e.g. pornographic) material - and its Protocol will soon do the same for “hate propaganda”.
6. With this as our starting point, all we have to do here is to decide what “ethical” behaviour on the Internet is, work out principles applying collectively to all (access or service) providers, and individually to Internet users, and finally suggest the setting-up of a web ethics authority, possibly backed by national cyberethics committees.
Content hosted by access providers: the present situation in law
7. The anarchic structure of the Internet - originally devised, as we know, by the military as a defence system – makes it all but impossible to regulate. The law, as we have it, deals with this special situation by making a distinction between the content of information and the vector or medium which carries it.
8. In Community law, “hosts” are liable for unlawful material posted on their site, if they know of its existence and fail to remove it[1]. The French Constitutional Council took the opposite line, concluding that “hosts” could not be made liable[2]; recent French case-law has tended to restrict the liability of technical providers by acknowledging that they are not required to block access to unlawful sites[3]. This month, the Dutch host provider Xs4all won in appeal against the church of scientology, which had attempted to silence critics who published copyright-protected texts. The Court of Appeals of The Hague ruled in favour of the provider, and held that it was not responsible for what was published on sites it hosted. This decision legalises the use of hypertext links which also direct to copyright-protected documents. Spain, on the other hand, has adopted a law providing for more restrictive measures and based on objective liability[4]. Under the Convention on Cybercrime, service providers may not be made criminally liable, unless they are - at the very least – genuinely aware that unlawful material (in this case, child pornography) in the message is being transmitted; in other words, nothing in the Convention obliges service providers to monitor content, in order to avoid criminal liability[5].
9. Here, mention should be made of the special case of Norway, which set up a body (the “Norwegian Council for Internet Ethics”) to enforce web ethics on 1 January 2001, giving it authority to order access providers to shut down unlawful sites, and also to adjudicate on disputes between access providers and hosted sites.
10. In France, following amendment and adoption by the French Senate of a Bill on the digital economy (LEN) on 25 June 2003, the French Internet will now be largely regulated by the Supreme Audiovisual Council. However, an amendment proposing the establishment of a nethics committee was rejected.
Collective Internet ethics
11. The Internet has been described as “lying outside the law”, but this does not stop some people from trying to subject it to certain “moral principles”, and various private interest groups and also states are actively encouraging the adoption of “codes of Internet ethics”. At the same time, private operators have steadily growing control of content dissemination - particularly for payment - on the Internet.
Applying the principle of liability to the Internet
12. It is generally acknowledged that the relationship between service providers and users should be based on the “opt-in” principle (i.e. the user’s permission must be sought before any advertising is mailed to him/her)[6].
13. On-line communication professionals report widespread distrust of e-commerce, which is still very limited in Europe. This is due to the fear that certain values and also the fundamental rights of users (including the right to respect for privacy) may be endangered. These professionals are accordingly trying to promote “responsible communication”, which involves bringing in specific ethical rules to protect the rights of users - and particularly their privacy - effectively. This “ethically responsible communication” can be reduced to a few “good practices”.
Respect for privacy
14. If operators wish to respect users’ privacy, they must seek permission before they collect and process personal data - and should ideally do this whenever data are transferred. This obliges them to strive for transparency, since they must tell users the exact nature of the firms which want their data. Operators must also seek consent if they wish to transfer (i.e. resell) users’ data to third parties or commercial partners.
15. Operators must prepare and post on their site an accessible, clearly worded confidentiality charter, setting out their commitments in the matter of data protection. This charter should explain how the information collected is used, and indicate the international texts respected, as well as the types of programme which may be run on the equipment of visitors to the site. North American firms have already adopted this practice, which is slow to take hold in Europe.
16. Finally, operators must undertake to respect the confidentiality charter, and show that they can genuinely guarantee that users’ privacy will be respected. In particular, they must mention certain practices, such as the transfer of data to third parties.
Applying the principle of transparency to the Internet
17. Operators aiming at transparency must inform users clearly of their site’s purpose. Users are frequently taken in by sites which offer content or services which are supposedly free, but actually paid for, with open access items serving merely to achieve “visibility”.
18. If a site is selling names to advertisers, then the operator should inform users of the action taken to ensure that the information collected will remain confidential.
19. Finally, if a site is compiling a directory of users, i.e. collecting personal data for inclusion on a database which will then be sold on to other sites – often the case with free services (particularly free e-mail or web access services) – then this should also be indicated on a separate page.
Applying the principle of accessibility to the Internet
20. The Internet should help to forge real relationships between the people who use it. We regard this social function as very important in a world where people make contact via the keyboard. Where managers and users are concerned, a few simple procedures can be used to reduce the physical distance between them.
21. Firstly, users must be able to contact site managers easily – which is why the latter must present themselves clearly and make themselves readily accessible. They should reply rapidly to users, and establish chatrooms as platforms for direct dialogue. This is also important in the public sector, where the gap which is opening between the authorities and the public, as the former introduce electronic procedures, must be bridged.
22. Finally, site managers must promote contacts between site visitors, the aim being to create a community of users. This can easily be done via forums or discussion groups, which allow users to exchange opinions and ideas in real time or through recorded messages.
No to intrusive material, overt or covert
23. All advertising must be non-intrusive. Specifically, windows which open when pages are downloaded should be banned, as should windows which open when active pages are closed, and banners which unroll when the mouse is moved.
24. We regard “non-media” (i.e. covert or even subliminal) advertising, which sets out to provoke new consumer reflexes, as dangerous, since it blurs the distinction between advertising and information. Site managers must indicate the nature of all messages clearly, e.g. in an insert or note.
Individual Internet ethics
25. The Internet has, above all, popularised “one-to-one” communication (e-mail and dialogue). Internet communication must follow certain “good practices”, enshrined in a number of simple rules which individual users and managers should respect and adapt to their own requirements. The first users were thoroughly familiar with the web environment, its specific technical culture and the relevant RFC (request for comment) or reference publications. This is no longer true of the millions of people who use the Internet today, most of whom are neophytes and need rules.
26. These rules can apply to e-mail or dialogue. There are too many for us to list them fully here. They cover ownership and confidentiality of e-mails, copyright, the despatch and forwarding of e-mails, Webchains and the style and size of messages, and include rules on dialogue and the organisation of sessions. It is safe to say that they follow the rules of courtesy which govern ordinary conversation.
27. The same rules can apply to “one-to-several” communication (mailing lists, electronic newsletters). General rules for mailing lists and electronic newsletters are easily worked out. There are also specific rules for electronic mailing lists and Usenet news (all messages to newsgroups). When drafting these rules, it is necessary to remember that some messages may be invasive or may even violate the recipients’ privacy; it would seem vital to guarantee a normal flow of communications which are clear and whose sources are easily identified.
28. It is important to note that users have a responsibility to use the Internet ethically and lawfully. They must identify themselves clearly in all electronic correspondence, and are liable for the content of messages which they send to one or more other persons. No communications or information of an obscene, pornographic, sexual, racist, offensive, defamatory, discriminatory, disagreeable, violent or hate-filled nature must ever be used, consulted, downloaded, disseminated, printed or recorded. Messages involving sexual or racial harassment may lead to prosecution. The use of special software to block offensive messages may be recommended.
29. Finally, the arrival of the new information services makes it necessary for users and site managers to be even more vigilant. These services, such as Gopher and Gopher+, WAIS (wide area information system), the Telnet protocol, which can be used to consult data banks and on-line library catalogues, and the MUD (multi-user dungeon) and MOO (multi-user object-orientated) environments, which normally provide virtual worlds for role-games, can be used to search for information on the Web, and to access and visualise it. These services are normally run by agencies, and the information may not be free. There are various agreements on information services, and knowing about them is important. One must also beware of taking information at face-value, and must keep one’s critical faculties intact.
Conclusions: the setting-up of national ethics committees
30. The above arguments also suggest that national nethics committees should be established in all the states which have Internet technology. These national committees would be affiliated to an international body, which would have a bureau of not less than five members, each representing a given cultural bloc (at the very least, the US for the North American, English-speaking and western group, France for the Latin countries, and a North European country, with the others being chosen later), and would be based in Europe, where the Web was invented. Its statute might be modelled on that of FIFA (the International Federation of Association Football). It would be responsible for framing the rules and ensuring that the national committees respected them. These committees would provide supervision at national level. Obviously, given the uncontrollable nature of the Internet, the system would have to retain a certain flexibility.
31. The national committees would deal with nethics violations, give binding decisions or opinions, and have power to supervise compliance with its decisions. They would give these decisions in response to complaints by parties subject to the rules or any other parties directly affected by the action complained of; they would also be empowered to act on their own initiative. Finally, they would provide guidance for the public on other complaints procedures.
32. It is to be hoped that this system will ensure that cases like the much-publicised Yahoo! case do not recur (cf. document AS/Jur (2000) 35, Doc 9031, Doc 9263 and the Secretariat memorandum of 25 June 2003).
Reporting committee: Committee on Legal Affairs and Human Rights
Reference to committee: Order 531 (1997)
Draft resolution adopted unanimously by the Committee on 15 December 2003
Members of the Committee: Mr Lintner (Chairperson), Mr Marty, Mr Jaskiernia, Mr Jurgens (Vice-Chairpersons), Mrs Ahlqvist, Mr Akçam, Mr Alibeyli, Mrs Arifi, Mr Arzilli, Mrs Azevedo, Mr Barquero Vázquez, Mr Bartumeu Cassany, Mrs Bemelmans-Videc, Mr Berisha, Mr Bindig, Mr Brecj, Mr Bruce, Mr Chaklein (alternate: Mr Shishlov), Mrs Christmas-Møller, Mr Cilevics, Mr Contestabile, Mr Daly, Mr Davis (alternate: Mr Lloyd), Mr Dimas, Mr Engeset, Mrs Err, Mr Fedorov, Mr Fico, Mr Frunda, Mr Galchenko, Mr Gedei, Mr Goris, Mr Guardans, Mr Gündüz, Mrs Hajiyeva, Mrs Hakl, Mr Ionnadis, Mr Holovaty (alternate: Mr Shybko), Mr Ivanov, Mr Kalezic, Mr Kelber, Mr Kelemen, Mr S. Kovalev, Mr Kroll, Mr Kroupa, Mr Kucheida, Mrs Leutheusser-Schnarrenberger, Mr Livaneli (alternate: Mr Ates), Mr Manzella, Mr Martins, Mr Masson (alternate: Mr Hunault), Mr McNamara, Mr Monfils, Mrs Nabholz-Haidegger, Mr Nachbar, Mr Olteanu, Mrs Pasternak, Mr Pehrson, Mr Pellicini, Mr Pentchev, Mrs Pétursdóttir, Mr Piscitello, Mr Poroshenko, Mrs Postoica, Mr Pourgourides, Mr Prica, Mr Pullicino Orlando, Mr Raguz, Mr Ransdorf, Mr Rochebloine, Mr Rustamyan, Mr Skrabalo, Mr Solé Tura (alternate: Mrs Lopez Gonzalez), Mr Spindelegger, Mr Stankevic, Mr Stoica, Mr Symonenko, Mr Takkula, Mrs Tevdoradze, Mr Toshev, Mr Wilkinson, Mrs Wohlwend
N.B. The names of those members who were present at the meeting are printed in italics.
Secretaries to the Committee: Ms Coin, Mr Schirmer, Mr Cupina, Mr Milner
[1] Article 12 of Directive 2002/58/EC of 12 July 2002.
[2] Decision of the Constitutional Council No. 2000-433 DC of 27 July 2000 on the Act amending Act No. 96-1067 of 30 September 1986 on freedom of communication. The Act provides for no liability of access providers and refers to ordinary law.
[3] Order made on 8 February 2002 on an urgent application in the “Frint 14” case.
[4] Act 34/2002 of 11 July 2002 “on services connected with the information society and electronic commerce”, BOE 12/07/2002 (BOE 06/08/2002).
[5] Article 9-1.e) of the Convention on Cybercrime.
[6] In the above-mentioned Directive, the European Commission decided that all concerns within the European Community would be required to adopt this practice before the end of October 2003.