Internet Service Providers: Mere conduits of data, or gatekeepers to the threshold of cybercrime? What role do ISPs play in ensuring a safe and secure online environment?
Abstract
What happens when an end-user subscriber to an Internet Service Provider (ISP) causes harm or injury to an unsuspecting third party? What recourse does the victim have? Is the current legal framework providing sufficient protection to victims from the actions of end users intent on causing harm? The world-wide online environment is constantly evolving. In part, rapid improvements in technology are driving this change. At the heart of it all are the ISPs who provide internet access to millions of end-user subscribers around the world. Through access to the internet, perpetrators of cybercrime can saturate the internet, rapidly and persistently, with damaging material intended to cause serious reputational, financial and psychological harm to the targeted victim, whether government, businesses or individuals. The question whether ISPs should be responsible for the wrongful acts of their end-user subscribers and the extent to which ISPs should be held accountable for the actions of their end-user subscribers is a global problem with no easy solution. Under the current legal framework, the liability of an ISP for the infringing activities of their end users is typically based on the ISP’s knowledge of the end user’s activity. If the ISP is unaware of the behaviour of its end user customer, most courts are reluctant to hold the ISP liable for that behaviour. However, once the ISP becomes aware of the infringing activity, or should have become aware of the activity with reasonable diligence, courts are more inclined to hold the ISP liable for the infringing activities of its end users.