The new Defamation Bill was published last week following an announcement in the Queen’s speech. The Bill contains a number of measures of interest to ISPs, including a single publication rule and new defences for hosting providers and operators of websites with user-generated content.

The single publication rule

Currently, a claim for defamation can be brought up to one year after publication. This limitation is measured from the last time the allegedly defamatory article was published. However, viewing an article online essentially involves the host transmitting a copy of that article over the Internet, which counts in legal terms as republishing the article. This means that there is, in effect, no time limit for making a defamation claim against the publisher of an online article, since the law considers the article to be republished every time it is viewed.

The Defamation Bill solves this problem by introducing a single publication rule. If the Bill becomes law, the limitation period will be measured from the first time an article is published, rather than the last, as long as “the manner of a subsequent publication” is not “materially different from the manner of the first publication”. This should go some way towards placing online content on an equal footing with offline content.

New defences for website operators

Under current defamation law, website operators and hosting providers risk being found liable for defamation if they refuse to take down content that a court later finds to be defamatory. A blogger could, for example, be held liable for failing to remove a defamatory comment posted by one of her readers, while the ISP that hosts the blog could in turn be liable for failing to remove defamatory statements posted by the blogger.

The new Defamation Bill provides a defence in cases where the defamatory contents was posted by someone other than the website operator or host:

5 Operators of websites

…

2. It is a defence for the operator to show that it was not the operator who posted the statement on the website.
3. The defence is defeated if the claimant shows that—
   1. it was not possible for the claimant to identify the person who posted the statement,
   2. the claimant gave the operator a notice of complaint in relation to the statement, and
   3. the operator failed to respond to the notice of complaint in accordance with any provision contained in regulations.

In other words, website operators are immune from liability in cases where it is possible to identify the author of the allegedly defamatory statement (unless the author is the website operator, of course).

While this is undoubtedly a positive move, commentators have noted that the Bill still leaves important questions unanswered:

• What is included within the scope of “website”? And how will this affect future publication technologies that haven’t yet been invented?
• Is the “operator” of a website the person that runs the server, the website software, the main author of a blog, etc.? I would hope that at least those three are covered.
• What is meant by “identifying” the person who posted the statement? This posting says that it was written by “Andrew Cormack”, but searching the web reveals several individuals with that name. Or is it sufficient that a complainant could request a Norwich Pharmacal Order against the operator of this site and discover which of them it is? I would imagine that a website operator would want to be very sure that the poster was indeed sufficiently “identifiable” before they left an allegedly defamatory statement untouched.

— Andrew Cormack, ja.net Regulatory Developments blog