Europe's top data protection watchdog has said that the concept of "illegal content" must be uniformly defined throughout the European Union.
The European Data Protection Supervisor (EDPS), Peter Hustinx, was responding to plans by the European Commission to reform rules on "notice and action" requests - the removal of illegal content online.
In a statement, the EDPS said that he was concerned that hosting service providers may be forced to process sensitive personal data when removing illegal content, which the Commission defines as intellectual property rights infringements; consumer protection law breaches; hate incitement; child abuse content; terrorism-related content; defamatory material, and privacy-invading material.
Hustinx also questioned whether "notice and action" requests to content hosts, including social networking sites such as Facebook or user-generated content hosts like YouTube, is always the best approach. "For instance, privacy infringements could be best reported to data protection authorities," he said. And some infringements such as child abuse content and terrorism-related content would require the involvement of law enforcement agencies.
Under the E-Commerce Directive, online content hosts are not liable for illegal content created by others, but are required to act to remove the material if notified of its existence. In his statement, the EDPS again underlined the need to be circumspect when proposing pro-active measures to be taken by hosting service providers to prevent illegal content.
"The E-Commerce Directive clearly sets forth that service providers do not have a general obligation 'to monitor the information which they transmit or store, nor a general obligation actively to seek facts or circumstances indicating illegal activity.' The Court of Justice of the EU has emphasised this principle in several case," said Hustinx.