Feeds

UK extends ecommerce directive to terrorism laws

A blog posting in Europe could land you in UK courts

SANS - Survey on application security programs

Regulations come into force this week that explain how and when a foreign company can be brought to justice in the UK over blog postings that encourage terrorism. The regulations integrate Europe's ecommerce laws with the UK's Terrorism Act.

The Electronic Commerce Directive (Terrorism Act 2006) Regulations 2007 were laid before Parliament on 31 May and come into force on 21 June.

The Terrorism Act 2006 is already in force. It created offences relating to the encouragement of acts of terrorism and the dissemination of terrorist publications. The Act contains a notice and takedown regime that applies to all website operators. If a person posts any remark to a blog that encourages an act of terrorism, a police constable can serve a notice on the operator of the blog requiring the removal of the offending post within two days.

Failure to comply within the two-day period, in the absence of "reasonable excuse", means the operator will be deemed to have endorsed the post and its directors could face up to seven years in prison.

The Terrorism Act made action against UK and companies in the European Economic Area (EEA) possible and Home Office Guidance of October 2006 described procedures that should be followed. The EEA member states comprise the 27 EU member states plus Iceland, Lichtenstein, and Norway.

If, for example, a blog posting is deemed a threat to public security and a police constable asked the EEA member state to effect its removal and that state failed to do so, proceedings in the UK will be possible.

A Home Office spokesperson stressed to OUT-LAW that the new regulations do not extend the application of the Terrorism Act to service providers overseas beyond what is already possible under that Act. Instead, they restrict the circumstances in which this is possible, setting conditons that must be satisfied.

The regulations also extend certain protections of the E-commerce Directive to the Terrorism Act.

These protections apply to intermediaries acting as mere conduits or those that cache or host third party content. They were aimed at ISPs and website hosting companies. However, the UK's implementing rules, the E-commerce Regulations 2002, do not apply to legislation that postdates them and so the protections need to be given on a case-by-case basis.

This month's regulations add the protections of the E-commerce Regulations to the Terrorism Act. The protections are qualified. For example, hosting a user's offending content is not an offence provided it is removed or blocked expeditiously "upon obtaining actual knowledge that the information was unlawfully terrorism-related".

The Terrorism Act presented a significant challenge for operators of social networking sites or any others that encourage users' contributions when it was introduced. The notice and takedown regime goes further than the laws that control copyright infringements on websites because it also applies to any "repeat statement". That is defined in the Terrorism Act as a statement which "is for all practical purposes, to the same effect as the statement to which the notice related". The two-day time limit for removal of the statement will begin to run from the date of re-publication.

The Terrorism Act says a person is not deemed to endorse a repeat statement if he "is not aware of the publication of the repeat statement", or where he has taken "every step he reasonably could to prevent a repeat statement" becoming available to the public. However, the explanatory notes to the Act provide little guidance as to what is reasonable for the host of a website, blog or message board.

Copyright © 2007, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Big Content goes after Kim Dotcom
Six studios sling sueballs at dead download destination
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.