Hosting providers are responsible if there is reprocessing of information

The Italian Administrative Court, with the recent judgment n. 3851/2021, ruled on the responsibility of the hosting provider in light of the legislative decree 70/2003 which implemented Directive 2000/31/EC.

As the Italian Administrative Court recalls:

“The provider is the entity that organizes for its users the offer to access to the Internet and the services connected to its use.

Pursuant to the decree at hand, there are three figures of subjects operating in this market who are organized according to the type of service rendered each corresponding to a specific form of responsibility: i) simple transportation activities – mere conduit (art. 14); ii) temporary storage activities – caching (art. 15); iii) information storage activities – hosting (Art. 16).’ 

In the case of hosting activities, one can find a passive or active hosting provider.

The passive hosting provider carries out a purely technical and automatic service provision activity, with the consequence that these providers do not know or control the information transmitted or stored by the persons to whom they provide their services. The active hosting provider, on the other hand, is not limited to the above and its activity concerns also the contents of the performance rendered.

In the present case, a company had committed unfair commercial practices on the Internet through the publication of content published by the hosting provider, and the Court was called upon to decide whether the active hosting provider could be co-responsible in such a case.

In general, the Italian Administrative Court reveals:

«that there is no objective incompatibility between the figure of the professional, pursuant to the legislation on unfair commercial practices, and the one of the hosting provider, pursuant to the legislation on e-commerce.

However, they must be coordinated in the sense that it is possible to sanction a conduct that violates the rules of professional correctness but it is not allowed that through the application of the discipline on unfair practices, services not provided for by the discipline on electronic commerce and by the specific contract concluded are imposed on the hosting provider”.

The Administrative Court recalls that for telematic offences occurring because of the activities carried out by Internet intermediaries, they must be involved in the liability or at least in the operations of prevention and removal of such offences.

Therefore in case there is not a manipulation of the stored data, the provider’s liability is excluded. In particular, what is important, is that there should be a conduct that essentially has the effect of completing and enriching in a non-passive way (for example through filtering, selection, indexing, organization, cataloguing, aggregation, evaluation, use and so on) the use of content by users.

In the case under exam, therefore, in light of these premises, the responsibility of the hosting provider was excluded in relation to a claim, present on the site, which gave the possibility to be able to book hotel services through the platform obtaining savings as significant as they are generic.

The message in question, however, had been prepared and published by a third professional – the origin was even clarified by the presence of the third party’s trademark – so the hosting provider was not required to verify any of the consequences deriving from access to such a message.

Consequently, given the failure to manipulate the stored data and in the light of an entrepreneurial management of the service, the provider has not been held responsible for the offenses perpetrated by the third party through the content of the claim even if present on its site.