Strasbourg, le 19 novembre 2013
CDDH(2013)025rev2
COMITE DIRECTEUR POUR LES DROITS DE L’HOMME
(CDDH)
______
Commentaires du CDDH sur le
Projet de Recommandation du Comité des Ministres aux Etats membres sur un
Guide sur les droits de l’homme pour les utilisateurs d’internet
Introduction
1. Le CDDH a reçu une demande d’éventuels commentaires relatifs à un projet de
Recommandation du Comité des Ministres sur un guide sur les droits de l’homme
pour les utilisateurs d’internet.
2. Le projet de Recommandation a été préparé par le Comité d’experts sur les droits
des utilisateurs d’internet (MSI-DUI), instance subordonnée au Comité directeur sur
les médias et la société de l’information (CDMSI), faisant suite à son mandat, afin
d’aider les utilisateurs d’internet à comprendre et exercer leurs droits, y compris
celui de communiquer avec les acteurs principaux de ce dernier et les instances
publiques compétentes et de disposer d'un recours effectif.
3. Cette activité fait partie des suites à donner à la Stratégie sur la gouvernance
CDDH(2013)025Rev2
2
d’internet 2012-2015, qui inclut des méthodes de travail pour faciliter la coopération
et la synergie entre les comités du Conseil de l’Europe.
4. Le CDMSI envisage d’examiner les commentaires reçus lors de sa réunion des 3-6
décembre 2013.
5. Le présent document contient :
I. le texte du projet de recommandation…………………………………. 2
II. commentaires du CDDH………..………………..9
III. le projet d’exposé des motifs de la recommandation……….............. 12
I.
PROJET DE RECOMMANDATION
Projet de recommandation CM/Rec (___)___ du Comité des Ministres aux Etats
membres sur un guide des droits de l’homme pour les utilisateurs d’internet
(adopté par le Comité des Ministres
le …, lors de la …e réunion des Délégués des Ministres)
(document MSI-DUI(2013)07Rev4, du 18 octobre 2013,
préparé par le Comité d’experts sur les droits
des utilisateurs d’internet, MSI-DUI)
En vertu de la Convention européenne des droits de l’homme (la Convention), telle qu’elle
est interprétée par la Cour européenne des droits de l’homme dans sa jurisprudence, il
incombe aux Etats membres du Conseil de l’Europe de veiller au respect des droits de
l’homme et des libertés fondamentales. La Convention s’applique également dans le
contexte de l’utilisation d’internet. Les autres conventions et instruments du Conseil de
l’Europe relatifs à la protection du droit à la liberté d’expression, de l’accès à l’information,
du droit à la liberté de réunion et du droit à la vie privée s’appliquent eux aussi dans ce
contexte.
Les obligations des Etats en vue de respecter, de protéger et de promouvoir les droits de
l’homme comprennent celle d’exercer un contrôle en ce sens sur les entreprises privées. Les
normes existantes en matière de droits de l’homme bénéficient d’une primauté sur les
conditions générales d’utilisation édictées par les acteurs du secteur privé à l’intention des
utilisateurs d’internet.
Internet a valeur de service public. Des personnes, des réseaux, des institutions publiques et
des organismes privés s’appuient sur internet pour mener leurs activités et sont en droit
d’attendre des services en ligne qu’ils soient accessibles, fournis sans discrimination,
abordables, sécurisés, fiables et continus. En outre, les droits de l’homme et les libertés
fondamentales des utilisateurs d’internet ne doivent subir aucune restriction inutile ou
disproportionnée.
3
CDDH(2013)025Rev2
Lorsque les droits et libertés des utilisateurs font l’objet de restrictions ou de violations, les
utilisateurs doivent être mis en connaissance de leurs droits et mis en mesure de les exercer
concrètement. Cela implique notamment de les renseigner sur les voies de recours. Compte
tenu des possibilités offertes par internet en matière de transparence et de responsabilité
dans la gestion des affaires publiques, les utilisateurs doivent avoir accès à internet comme
outil de participation à la vie démocratique.
Pour garantir que les normes existantes en matière de droits de l’homme et de libertés
fondamentales s’appliquent de la même façon en ligne et hors ligne, le Comité des
Ministres recommande que les Etats membres :
-
promeuvent activement le guide des droits de l’homme pour les utilisateur
d’internet, tel qu’il figure en annexe, auprès des citoyens, des institutions publiques
et des acteurs du secteur privé, et prennent des mesures ciblées en vue de son
application afin de mettre les utilisateurs en mesure d’exercer pleinement leurs
droits de l’homme et leurs libertés fondamentales en ligne ;
-
évaluent, examinent périodiquement et, le cas échéant, suppriment les restrictions à
l’exercice des droits et libertés sur internet, notamment lorsque ces restrictions ne
sont pas conformes à la Convention telle qu’elle est interprétée par la jurisprudence
pertinente de la Cour européenne des droits de l’homme. Toute restriction doit être
prévue par la loi, nécessaire dans une société démocratique pour atteindre un but
légitime, et proportionnée au but légitime poursuivi ;
-
assurent aux utilisateurs d’internet l’accès à des recours effectifs en cas de
restriction ou d’atteinte à leurs droits et libertés, ce qui implique à la fois une
coordination et une coopération renforcée entre les institutions, organisations et
autres parties concernées, une participation active des acteurs du secteur privé et des
organisations de la société civile, ainsi qu’une coopération efficace avec ces
partenaires. Selon le contexte national, cela peut inclure des dispositifs de recours,
tels que des permanences téléphoniques, des autorités de protection des données,
des institutions nationales de protection des droits de l’homme (médiateur /
ombudsperson) ou des procédures judiciaires ;
-
promeuvent la coordination entre les Etats membres du Conseil de l’Europe et
d’autres acteurs publics et non publics, au sein et au-delà du Conseil de l’Europe, en
ce qui concerne les normes et les procédures ayant des incidences sur la protection
des droits de l’homme et des libertés fondamentales sur internet.
En outre, le Comité des Ministres invite :
-
le Secrétaire Général du Conseil de l’Europe à promouvoir le guide et à soutenir les
suites à donner, notamment en ce qui concerne la diffusion et la mise à jour du
guide lorsque nécessaire ;
-
le secteur privé à engager un véritable dialogue avec tous les Etats membres et la
société civile dans le cadre de l’exercice de la responsabilité sociale des entreprises,
CDDH(2013)025Rev2
4
en particulier en matière de transparence et de responsabilité, conformément aux
Principes directeurs des Nations Unies relatifs aux entreprises et aux droits de
l’homme : mise en œuvre du cadre de référence « protéger, respecter et réparer ».
Le secteur privé est également invité à contribuer à la diffusion du guide ;
-
la société civile à soutenir la diffusion et l’application du guide, ainsi qu’à surveiller
le respect de ses dispositions, afin qu’il soit un outil efficace au service des
utilisateurs d’internet.
Annexe
Guide des droits de l’homme pour les utilisateurs d’internet
Introduction
Utilisateur d’internet, ce guide est fait pour vous aider à connaître vos droits de l’homme en
ligne et à les défendre quand ils sont menacés. Les droits de l’homme et les libertés
fondamentales ont la même valeur dans le monde virtuel que dans le monde réel. Vous
trouverez dans ce guide des informations et des conseils pour comprendre leur signification
dans la pratique, pour les affirmer et les exercer concrètement, et pour accéder aux recours.
Le guide se fonde sur la Convention européenne des droits de l’homme et d’autres
conventions et instruments du Conseil de l’Europe qui concernent différents aspects de la
protection des droits de l’homme. Tous les Etats membres du Conseil de l’Europe ont
l’obligation de garantir le respect, la protection et la jouissance des droits et libertés
énoncés dans ces textes. Le guide s’inspire en outre de l’interprétation continue de ces
droits et libertés par la Cour européenne des droits de l’homme, et d’autres instruments
juridiques pertinents du Conseil de l’Europe.
Le guide ne proclame pas de nouveaux droits de l’homme ni de nouvelles libertés
fondamentales. Il s’appuie sur les normes en vigueur et sur les mécanismes d’application
existants. Il est appelé à évoluer et pourra être révisé à intervalles réguliers.
Accès et non-discrimination
L’accès à internet est une condition importante pour exercer ses droits et ses libertés ainsi
que pour participer à la démocratie. C’est pourquoi votre accès à internet ne doit pas être
coupé contre votre volonté, hormis par décision judiciaire.
Votre accès à internet doit être abordable. Il ne doit pas être discriminatoire. Vous devez
avoir un accès aussi étendu que possible aux contenus, aux applications et aux services sur
internet, en utilisant les équipements de votre choix.
Si vous vivez en zone rurale ou enclavée, si vous avez de faibles revenus ou si vous avez
des besoins particuliers (en raison d’un handicap, par exemple), vous pouvez attendre des
pouvoirs publics qu’ils prennent des mesures spéciales pour faciliter votre accès à internet.
Dans vos relations avec les pouvoirs publics, les fournisseurs d’accès à internet, les
5
CDDH(2013)025Rev2
fournisseurs de contenus et de services en ligne et d’autres utilisateurs ou groupes
d’utilisateurs, vous ne devez subir aucune discrimination sous quelque motif que ce soit,
qu’elle se fonde sur le sexe, la race, la couleur, la langue, la religion ou les convictions, les
opinions politiques ou autres, l’origine nationale ou sociale, l’appartenance à une minorité
nationale, la fortune, la naissance, l’appartenance ethnique, l’âge, l’orientation sexuelle ou
toute autre situation.
Liberté d’expression et d’information
Vous avez le droit d’obtenir et de communiquer les informations et les idées de votre choix,
sans ingérence et sans considération de frontière. Cela signifie que :
-
Vous avez le droit de vous exprimer en ligne et d’accéder à l’information et aux
propos émanant d’autres personnes. Ce droit s’applique également aux discours
politiques, aux points de vue sur les religions et aux convictions et expressions qui
heurtent, choquent ou inquiètent d’autres personnes. Vous devez tenir dûment
compte de la réputation des autres personnes. Des restrictions s’appliquent aux
propos qui incitent à la haine, à la violence ou à la discrimination.
-
Vous êtes libre de créer des contenus ainsi que de réutiliser et de diffuser des
contenus en tenant dûment compte des droits d’autres personnes, y compris le droit
à la protection de la propriété.
-
Les pouvoirs publics de votre pays ont le devoir de respecter et de protéger votre
liberté d’expression et votre liberté d’information. Les éventuelles restrictions à ces
libertés ne doivent pas être arbitraires, mais conformes à la législation en matière de
droits de l’homme. Elles doivent en outre vous être communiquées, assorties
d’informations sur les moyens d’obtenir des conseils et de défendre vos droits. Elles
ne doivent pas être plus étendues ni maintenues plus longtemps que ce qui est
strictement nécessaire.
-
Votre fournisseur d’accès à internet et votre fournisseur d’accès aux contenus et aux
services en ligne sont tenus, au titre de la responsabilité sociale des entreprises, de
respecter et de protéger vos droits de l’homme et vos libertés fondamentales, et de
les rétablir le cas échéant. Vous devez toutefois être conscient du fait que les
fournisseurs de services en ligne, tels que les réseaux sociaux, peuvent appliquer des
politiques de contenu qui imposent des restrictions à la diffusion de certains types
de contenus et de comportements. Vous devez être informé de ces restrictions pour
prendre une décision éclairée sur le fait d’utiliser ou non le service en question.
Vous devez notamment savoir comment le fournisseur de services en ligne traite les
contenus apparemment illicites et quels sont les contenus et les comportements qu’il
considère comme déplacés dans le cadre de l’utilisation de ses services.
-
Vous êtes libres de ne pas divulguer votre identité en ligne, par exemple en utilisant
un pseudonyme. Toutefois, vous devez être conscient du fait que votre identité peut
être révélée si une décision de justice l’exige.
Réunion, association et participation
CDDH(2013)025Rev2
6
Vous êtes libre de vous réunir et de vous associer pacifiquement avec d’autres personnes en
utilisant internet. Concrètement, cela signifie que :
-
Vous êtes libre de choisir tout site web, toute application ou tout autre service pour
constituer ou mobiliser un groupe de la société ou une association, pour y adhérer
ou pour participer à ses activités, indépendamment du fait que cette entité soit ou
non officiellement reconnue par les pouvoirs publics. Vous avez également le droit
de constituer des syndicats et d’y adhérer.
-
Vous avez le droit d’émettre des protestations en ligne de manière pacifique. Vous
devez toutefois être conscient des éventuelles conséquences judiciaires dans les cas
où vos protestations en ligne entraîneraient des perturbations, des interruptions de
service ou des dommages aux biens d’autrui.
-
Vous êtes libre d’utiliser des outils en ligne pour participer aux débats publics au
niveau local, national ou mondial, aux initiatives législatives et à l’observation
citoyenne des processus décisionnels ; vous avez notamment le droit de signer des
pétitions et de participer à l’élaboration des politiques de gestion d’internet.
Protection de la vie privée et des données personnelles
Vous avez droit au respect de la vie privée et familiale sur internet, c'est-à-dire à la
protection de vos données personnelles et au respect de la confidentialité de votre
correspondance et de vos communications. Cela signifie que :
-
Vous devez être conscient du fait que, lorsque vous utilisez internet, vos données
personnelles sont soumises à une série de traitements. Ceci est notamment le cas
lorsque vous naviguez sur internet, lorsque vous communiquez par courrier
électronique, par messagerie instantanée ou par téléphonie sur internet, ou encore
lorsque vous utilisez les réseaux sociaux ou des moteurs de recherche.
-
Le traitement de vos données personnelles est soumis à des règles et des principes
qui doivent être respectés par les pouvoirs publics et par les entreprises impliquées
dans le traitement.
-
Le traitement de vos données personnelles doit se limiter aux cas prévus par la loi
ou auxquels vous avez consenti (par exemple, en acceptant les conditions
d’utilisation du service sur internet). Vous devez disposer d’informations indiquant
quelles sont les données personnelles traitées et/ou communiquées à des tiers, quand
le traitement a lieu, par qui il est effectué et à quelles fins. En règle générale, vous
devez pouvoir exercer un contrôle sur vos données personnelles (vérifier leur
exactitude, demander leur rectification ou suppression, ou s’assurer qu’elles ne sont
pas conservées plus longtemps que nécessaire).
-
Vous ne devez pas être soumis à des mesures générales de surveillance ou
d’interception des communications. La loi n’autorise la violation de la
confidentialité des données personnelles que dans de rares circonstances, par
7
CDDH(2013)025Rev2
exemple, dans le cadre d’enquêtes pénales. Des informations accessibles, claires et
précises doivent être mises à votre disposition pour vous permettre de connaître les
règles et la législation en vigueur à cet égard.
-
Votre vie privée doit être respectée sur le lieu de travail également. La
confidentialité de votre correspondance et de vos communications privées en ligne
doit être maintenue. Votre employeur est tenu de vous informer de toute éventuelle
mesure de surveillance ou de suivi de sa part.
-
Vous pouvez obtenir de l’aide auprès des autorités de protection des données, qui
existent dans la plupart des pays européens, pour vous assurer du respect des lois et
des principes relatifs à la protection des données.
Education et connaissances générales
Vous avez un droit à l’instruction, y compris l’accès aux connaissances. Cela signifie que :
-
Vous devez avoir accès à l’éducation en ligne et aux contenus culturels,
scientifiques, spécialisés et autres sur internet, dans les langues officielles. Cela
comprend l’accès gratuit aux travaux de recherche et aux œuvres culturelles
financés à partir de fonds publics. L’accès peut connaître des restrictions liées à la
rémunération des auteurs de ces travaux.
-
Vous devez avoir accès aux ressources d’éducation et de connaissance dans le
domaine des technologies numériques, dans le cadre de l’éducation à internet et aux
médias, pour être en mesure d’exercer vos droits et vos libertés sur internet. Cela
implique de comprendre, d’utiliser et d’exploiter une large gamme d’outils en ligne.
Ces connaissances doivent vous permettre de porter un regard critique sur la
justesse et la fiabilité des contenus sur internet.
Les enfants et les jeunes
Les enfants et les jeunes jouissent de tous les droits et de toutes les libertés exposés dans ce
guide. Si vous êtes un enfant ou un jeune, vous avez droit à une protection particulière et à
un accompagnement spécifique lorsque vous naviguez sur internet. Cela signifie que :
-
Vous avez le droit d’exprimer librement votre opinion, de participer à la société,
d’être entendu et de contribuer aux prises de décision sur les affaires qui vous
concernent. Vos opinions doivent être dûment prises en considération, eu égard à
votre âge et à votre degré de maturité, et sans discrimination.
-
Vous pouvez espérer recevoir des informations et une initiation de la part de vos
enseignants, éducateurs, parents ou tuteurs, sur les moyens d’utiliser internet sans
risque et de protéger votre vie privée.
-
Vous devez être conscient du fait que les contenus qui vous concernent ou que vous
créez sur internet peuvent nuire à votre dignité, à votre sécurité et à votre vie privée,
ou avoir des répercussions négatives pour vous ou pour vos droits, aujourd’hui ou
CDDH(2013)025Rev2
8
plus tard dans la vie. Vous devez avoir la possibilité de retirer ou de supprimer les
contenus de ce type, y compris leurs traces (fichiers journaux, archives), dans un
délai raisonnablement court.
-
Vous pouvez espérer recevoir des informations claires sur les contenus et les
comportements interdits sur internet (par exemple, le harcèlement en ligne) ainsi
que sur la possibilité de signaler des contenus apparemment illicites. Cette
information doit être adaptée à votre âge et à votre situation ; vous devez recevoir
des conseils et de l’aide d’une manière qui respecte votre droit à la confidentialité et
à l’anonymat.
-
Vous devez bénéficier d’une protection spéciale contre les atteintes à votre bien-être
physique et moral, en particulier contre l’exploitation et les abus sexuels sur internet
et d’autres formes de cybercriminalité. En particulier, vous avez droit à des mesures
d’éducation destinées à vous protéger de ces dangers.
Voies de recours
Vous avez droit à un recours efficace lorsque vos droits et vos libertés ont subi des
restrictions ou des violations. Pour obtenir réparation, vous ne devez pas nécessairement
engager une action en justice. Les voies de recours doivent être disponibles, connues,
accessibles, abordables, et permettre d’obtenir une réparation appropriée. Un recours peut
être obtenu directement auprès des fournisseurs d’accès à internet, des pouvoirs publics
et/ou d’autres institutions nationales des droits de l’homme. En fonction de la violation
subie, un recours peut entraîner une enquête, des explications, une réponse, une
rectification, des excuses, le rétablissement d’un statut, le rétablissement d’une connexion
ou une réparation. Dans la pratique, cela signifie que :
-
Votre fournisseur d’accès à internet, les fournisseurs d’accès aux contenus et aux
services en ligne, les autres entreprises concernées ainsi que les pouvoirs publics
doivent vous informer de vos droits, de vos libertés, des recours possibles et des
moyens de les obtenir. Des informations expliquant comment signaler d’éventuelles
atteintes à vos droits, comment porter plainte et comment demander réparation
doivent être facilement accessibles.
-
Des informations complémentaires et des conseils doivent être mis à disposition par
les pouvoirs publics, les institutions nationales des droits de l’homme
(médiateur/ombudsperson), les autorités de protection des données, les services
d’aide aux particuliers, les associations de protection des droits de l’homme ou des
droits numériques, les organisations de défense des consommateurs, etc.
-
Vous pouvez raisonnablement espérer d’être protégé contre les activités criminelles
et les infractions pénales commises sur internet ou par l’utilisation d’internet, en
particulier en cas d’accès illicite, d’intrusion, de falsification ou autre manipulation
frauduleuse concernant votre identité numérique, votre ordinateur ou les données
qu’il contient. Vous pouvez attendre des autorités compétentes qu’elles mènent une
enquête et qu’elles prennent des mesures appropriées si vous portez plainte pour
CDDH(2013)025Rev2
9
violation de votre identité ou de votre propriété en ligne.
Dans le cadre de toute procédure destinée à établir vos droits et obligations ou le bienfondé de toute accusation portée contre vous au pénal en rapport avec l’utilisation
d’internet,
-
vous avez droit à un procès équitable, dans un délai raisonnable, par un tribunal
indépendant et impartial ;
-
vous avez un droit de recours individuel devant la Cour européenne des droits
de l’homme après l’épuisement des voies de recours internes disponibles.
* * *
II.
COMMENTAIRES DU CDDH
1.
Le CDDH prend note avec intérêt du projet de Recommandation et salue l’initiative
de rédiger un guide sur les droits de l’homme pour les utilisateurs d’internet. Le Comité est
reconnaissant de l’opportunité qui lui est donnée de formuler des commentaires sur le
projet de guide.
2.
Le CDDH partage le point de vue du CDMSI que les droits de l’homme sont
applicables en ligne et hors ligne, et que par conséquent, ils doivent être respectés et
protégés dans le cadre de l’utilisation d’internet. Il rappelle que le CDDH a été chargé, en
janvier dernier, par le Comité des Ministres d’élaborer un instrument non contraignant sur
les droits de l’homme et les entreprises soutenant la mise en œuvre effective au niveau
européen des Principes directeurs des Nations Unies relatifs aux entreprises et aux droits de
l’homme. Cet instrument examinera et abordera les éventuelles lacunes de sensibilisation,
de mise en œuvre et normatives dans le domaine, telles qu’identifiées dans l’étude de
faisabilité du CDDH (CDDH(2012)R76 Addendum VII) et par le biais d’échanges de
bonnes pratiques nationales.
3.
Le CDDH convient avec le CDMSI qu’internet devrait être disponible et accessible
à large échelle. Dans le rapport explicatif annexé à son projet de Recommandation sur la
promotion des droits de l’homme des personnes âgées il indique que la maîtrise des
technologies de l’information peut favoriser l’inclusion sociale des personnes âgées, leur
capacité à vivre un vieillissement actif et leur permettre de mener une vie indépendante.
4.
Ceci étant dit, le CDDH souligne que l’accès à internet n’a pas encore été reconnu
comme un droit de l’homme en tant que tel. Il en va de même pour l’accès au matériel
éducatif, culturel ou scientifique en ligne, ainsi que pour l’éducation et l’information
numérique. Par conséquent, lorsque sont énoncées des attentes que les individus devraient
avoir concernant l’adoption de mesures par les Etats membres visant à faciliter l’exercice
des droits énoncés dans le projet de guide, il faut tenir compte des différences existantes
CDDH(2013)025Rev2
10
dans les contextes nationaux, y compris de la législation et des politiques nationales, dans
les domaines concernés.
5.
Le CDDH apprécie les efforts déployés pour élaborer un guide convivial sur les
droits de l’homme pour les utilisateurs d’internet. Etant bien conscient des difficultés liées à
la simplification du langage, il recommande néanmoins, à cet effet, la révision approfondie
de l’ensemble du texte afin de s’assurer que la terminologie et les expressions appropriées
et précises sont utilisées lorsque le texte:
-
se réfère aux obligations à la charge des Etats et aux droits dont sont
titulaires les individus en vertu des instruments contraignants pertinents ;
paraphrase la jurisprudence pertinente de la Cour européenne des droits de
l’homme ;
se réfère à des indications non contraignantes (voir, par exemple, la manière
dont les Principes directeurs des Nations Unies relatifs aux entreprises et aux
droits de l’homme sont présentés, au quatrième tiret sous la section relative à
«La liberté d’expression et d’information»).
6.
Le CDDH attire également l’attention du CDMSI, à cet égard, sur la récente boîte à
outils préparée le CDDH pour informer les agents publics sur les obligations de l’Etat en
application de la Convention européenne des droits de l’homme (CM (2013) 93 add4 final).
7.
Le CDDH voit le projet de guide comme un outil utile pour informer les utilisateurs
d’internet de leurs droits. Il est d’avis que des clarifications supplémentaires concernant les
restrictions et les interférences possibles à ces droits devraient être envisagées. Il note, par
exemple, que la Convention prévoit la possibilité de restrictions uniquement à l’égard de
certains droits, et que les justifications de ces restrictions peuvent varier en fonction des
droits en cause.
8.
En sus des observations formulées ci-dessus et des modifications au texte qu’elles
impliqueraient, le CDDH souhaite attirer l’attention du CDMSI sur les questions
spécifiques suivantes :
i.
Dans le premier paragraphe du préambule, il serait préférable de s’en tenir à
l’intitulé de l’article 1 de la CEDH et dire «L’obligation de respecter les droits
de l’homme reconnue par chaque Etat membre en vertu de la Convention
européenne des droits de l’homme est également valable dans le contexte ... ».
ii. Dans le troisième paragraphe du préambule, la dernière phrase semble se référer
à l’exercice, par les utilisateurs d’internet, de leurs droits de l’homme et libertés
fondamentales en général, et non spécifiquement lors de l’utilisation d’internet.
Il est suggéré d’ajouter les mots « lors de l’utilisation d’internet » à la fin de la
phrase.
iii. Au dernier tiret de la Recommandation, le Comité des Ministres invite la
société civile à «surveiller le respect » des dispositions du Guide. Dans la
CDDH(2013)025Rev2
11
mesure où le Guide n’est pas un instrument contraignant, ce message peut
prêter à la confusion.
iv. Au troisième tiret de la section «La liberté d’expression et d’information»,
l’expression «elles ne doivent pas être plus étendues ni maintenues plus
longtemps que ce qui est strictement nécessaire» n’est pas claire. Elle peut aussi
se chevaucher avec la deuxième phrase.
v.
Les responsabilités des sociétés liées à internet sont présentées d’une manière
qui peut potentiellement prêter à confusion. Conformément aux Principes
directeurs des Nations Unies relatifs aux entreprises et aux droits de l’homme
(qui ne sont pas un instrument contraignant en soi), les entreprises ont en effet
une responsabilité de respecter les droits de l’homme, ce qui les oblige à éviter
d’engendrer ou de contribuer à des incidences négatives sur les droits de
l’homme, et à prévoir ou à collaborer au redressement de telles incidences. Par
contre, l’obligation de protéger et d’assurer un accès à un recours effectif
incombe essentiellement aux Etats. Cette considération s’applique à plusieurs
sections du texte, et notamment au quatrième tiret de la section «Liberté
d’expression et d’information» et à l’ensemble de la section « Voies de
recours ».
vi. Le dernier paragraphe de la section «Protection de la vie privée et des données
personnelles» peut mener à la conclusion erronée que le respect des lois et des
principes de protection des données ne peut être assuré que dans les Etats où
des autorités spécifiques de protection des données existent. Il serait préférable
d’utiliser une formulation plus générale pour exprimer le même principe.
vii. Dans la dernière phrase du dernier tiret de la section «Les enfants et les jeunes»,
il faudrait ajouter, dans la version anglaise, le mot « measures » après
« education » afin de clarifier la signification de l’expression «right to
education to protect yourself …».
* * *
III. PROJET D’EXPOSE DES MOTIFS
(seulement disponible en anglais pour le moment)
(document MSI-DUI (2013)10Rev2, 21 October 2013,
prepared by the Committee of Experts on Rights of Internet Users
/ Comité d’experts sur les droits des utilisateurs d’internet, MSI-DUI)
Draft explanatory memorandum to the draft recommendation CM/Rec (_____) __ of the Committee of
Ministers to member states on a guide on human rights for Internet users
I. Introduction
CDDH(2013)025Rev2
12
1. The Internet plays an increasingly important role in people’s lives and in all aspects of human society. It is
continually evolving in technology and providing citizens with possibilities to access information and
services, to connect and to communicate, as well as to share ideas and knowledge globally. The impact of the
Internet on social, economic and cultural activities is also growing.
[..] There is also an increasing number of cases before the European Court of Human Rights (ECtHR) which
relate to the Internet. The ECtHR has affirmed recently that “[t]he Internet has now become one of the
principal means by which individuals exercise their right to freedom of expression and information, providing
as it does essential tools for participation in activities and discussions concerning political issues and issues of
general interest.”1
[..] The Council of Europe’s Internet Governance Strategy 2012-2015 attaches importance to the rights of
Internet users. The chapter ‘Maximising Rights and Freedoms for Internet Users’, which aims at promoting
access to and best use of the Internet includes as a line of action:
“a. drawing up a compendium of existing human rights for Internet users to help them in communicating with
and seeking effective recourse to key Internet actors and government agencies when they consider their rights
and freedoms have been adversely affected: to report an incident, lodge a complaint or seek a right to reply,
redress or other form of recourse;”
II. The process
[..] The Steering Committee on the Media and Information Society (CDMSI), at its 1 st meeting on 27-30 April
2012, proposed to the Committee of Minsters to set up a Committee of Experts on Rights of Internet Users
(MSI-DUI) and agreed its draft terms of reference. The CDMSI’s proposal was based on the Council of
Europe Internet Governance Strategy 2012-2015 which states that:
“To promote access to and best use of the Internet requires an equal amount of effort to safeguard the
freedom of Internet users. In this context, action will focus on:
a. drawing up a compendium of existing human rights for Internet users to help them in
communicating with and seeking effective recourse to key Internet actors and government agencies
when they consider their rights and freedoms have been adversely affected: to report an incident,
lodge a complaint or seek a right to reply, redress or other form of recourse;”
[..] Further to the CDMSI’s proposal, the Committee of Ministers approved the terms of reference at the
1147th meeting of the Ministers’ Deputies on 6 July 2012.2
[..].The expected result of the MSI-DUI, according to its terms of reference, is:
“A compendium of existing human rights for Internet users is prepared to help them understand and
exercise their rights when, considering their rights and freedoms have been adversely affected, they
communicate with and seek effective recourse from key Internet actors and government agencies
(2013)” (hereinafter the Compendium).
[..] The MSI-DUI had its first meeting on 13 and 14 September 2012, in Strasbourg. The objective of the
MSI-DUI work should not be to create new human rights but to examine the application of existing rights to
the Internet environments. The MSI-DUI discussed also the process how work will be carried out and
expected results delivered. As a first step it considered that it is necessary to identify gaps in the protection of
Internet users’ rights in particular by looking at interferences with the exercise of their rights. Therefore,
information on practical problems experienced by users and possible violations of human rights should be
collected with a view to mapping out issues to be addressed by the Compendium. This step should also look
at available remedies and best practices. In relation to these issues the, MSI-DUI members agreed to reach out
to their networks and communities by means of a short questionnaire.
1
2
See Yldirim v. Turkey (no 3111/10), § 54
See CM(2012)91.
13
CDDH(2013)025Rev2
[..] During the same year it organised consultations with stakeholders at the Internet Governance Forum (6 to
9 November 2012, Baku) ‘Empowerment of Internet Users – which tools?’ valued the outreach opportunities
that this event offered, the feedback received on various topics relevant to the Compendium as well as the
quality of dialogue with stakeholders. Workshop discussions highlighted Internet users’ problem such as
removal of user generated content without due process, issues related to personal data protection and the lack
of effective remedies. Private sector stakeholders have a critical role to play in ensuring the effective exercise
of fundamental rights and freedoms in Internet environments.
[..] At its second meeting which took place on 13 and 14 December 2012 (Strasbourg), the MSI-DUI
considered the replies received by different stakeholders on its questionnaire and completed its analytical
stage. During the meeting it outlined a first draft of the Compendium and agreed to work on this basis.
[..] At its third meeting 20-21 March 2013 (Strasbourg), the MSI-DUI examined all issues falling under the
different chapters of the draft Compendium, notably freedom of expression, the right to private life, freedom
of assembly and association, online liberty and security, right to education, rights of the child, right to an
effective remedy. Clear and concise wording for users, summarising key questions contained in captions or
text boxes was considered as an innovative way to combine language destined for member states with the
needs of a Compendium which addresses users. The CDMSI delegations decided at its 3rd meeting, which
took place from 23 to 26 April 2013, to submit comments on the draft Compendium. The CDMSI delegations
were invited to consider the draft Compendium as it stood at the time of the consultations, noting that it was a
‘work-in-progress’ document which did not require full examination, comments and validation at that stage.
The replies received generally supported the approach taken by the MSI-DUI, confirmed the added value of
the work and suggested consideration of the next steps with a view to raising Internet users awareness.
[..] Members of the MSI-DUI had a working meeting on 10 September 2013 in which they discussed a short
version of the Compendium which addresses the user directly. There was support for a proposal to entitle the
Compendium a ‘Guide of Human Rights for Internet Users’.
[..] The MSI-DUI had its last meeting on 1 and 2 October 2013 (Strasbourg). It examined and finalised its
proposals to the CDMSI for a draft Committee of Ministers recommendation on a Guide on Human Rights for
Internet Users. It agreed to have multi-stakeholder consultations in the framework of a Council of Europe
Open Forum at the Internet Governance Forum (22-25 October 2013, Indonesia). Selected stakeholders were
asked to provide their comments and suggestions. In addition, comments and feedback will be asked from
other Council of Europe steering committees including the Steering Committee for Human Rights Policy
(CDDH), the European Committee on Legal Cooperation (CDCJ), the European Committee on Crime
Problems (CDPC) as well as conventional committees including the Consultative Committee of the
Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (TP-D),
the Cybercrime Convention Committee (T-CY), the Committee of Experts on Terrorism (CODEXTER), the
Committee of Parties to the Lanzarote Convention on the protection of children against sexual exploitation
and sexual abuse (T-ES).
[..] Summary of multi-stakeholder consultations.
[..] The CDMSI, at its 4th meeting which was held from 3 to 6 December 2011, finalised a draft
recommendation to member states on […] and decided to submit them to the Committee of Ministers for
possible adoption.
III. Commentary on the recommendation
[..] The aim of this recommendation is to foster the protection of human rights and fundamental freedoms on
the Internet in all Council of Europe member states. Individuals’ and communities access to the Internet and
best use of it requires efforts to inform Internet users about their rights and freedoms and to enable them to
exercise these in online environments.
[..] The governance of the Internet from its infrastructure to its applications and usages has direct
CDDH(2013)025Rev2
14
consequences for the realisation of human rights and fundamental freedoms, democracy and rule of law. The
Council of Europe’s Committee of Ministers has affirmed in the Declaration on Internet Governance
Principles that a people-centred and human rights based approach to the Internet as well as the empowerment
of Internet users to exercise their rights and freedoms on the Internet are fundamental principles of Internet
governance.
[..] The Guide which is annexed to this recommendation offers explanations and interpretations of human
rights standards contained in the European Convention on Human Rights (ECHR) and other Council of
Europe standards in a simple language which is clear and understandable by users. Its focus is on particular
rights and freedoms, freedom of expression, freedom of assembly and association, personal data protection,
children’s rights and the right to an effective remedy, which are considered as mostly affected by the Internet
and that are most relevant to the users.
[..] Human rights and fundamental freedoms are guaranteed in various Council of Europe instruments which
are not exclusively applicable to the Internet. Notably, they are enshrined in the ECHR which is interpreted by
the ECtHR in its case-law. A number of Council of Europe conventions and other non-binding instruments
lay down human rights protection standards. There is added value in providing guidance to Internet users on
the application of these standards to the Internet by way of compiling relevant information on their rights and
freedoms in one document.
The preamble
[..] The preamble sets out the reasons that have led the Committee of Ministers to make the recommendation
to its member states. The basic premise for the recommendation, which is stated in the first paragraph, is that
the obligation to safeguard human rights and fundamental freedoms lies with states. This must be done in
compliance with the ECHR as interpreted by the ECtHR. The ECHR is not the only instrument which is
applicable as other binding and non-binding standards are relevant. Notably, Council of Europe conventions
include the Budapest Convention on Cybercrime (CETS); the Lanzarote Convention on the Protection of
Children against Sexual Exploitation and Sexual Abuse CETS No. 201 and Convention for the Protection of
Individuals with Regards to Automatic Processing of Personal Data (ETC No.108).
[..] Other instruments adopted by the Committee of Ministers provide guidance to member states on a number
of human rights issues on the Internet, notably the Recommendation CM/Rec(2007)16 of the Committee of
Ministers to member states on measures to promote the public service value of the Internet; Recommendation
CM/Rec(2008)6 of the Committee of Ministers to member states on measures to promote the respect for
freedom of expression and information with regard to Internet filters; Recommendation CM/Rec(2010)13 of
the Committee of Ministers to member states on the protection of individuals with regard to automatic
processing of personal data in the context of profiling; Recommendation CM/Rec (2011)7 of the Committee
of Ministers to member states on a new notion of media; Recommendation CM/Rec(2012)4 of the Committee
of Ministers to member States on the protection of human rights with regard to social networking services;
Recommendation CM/Rec(2012)3 of the Committee of Ministers to member States on the protection of
human rights with regard to search engines, and numerous others.
[..] The second paragraph of the preamble specifies that the obligations of states to respect, protect and
promote human rights include the oversight of private companies. The ECtHR has affirmed in its judgments
that states have positive obligations to protect the fundamental rights and freedoms of individuals on the
Internet, notably in the context of protection of children and young people 3, the morals and the rights of
others4, combatting racist or xenophobic discourse, discrimination and racial hatred 5. In addition, in several
judgements in the context of complaints relating to different articles of the ECHR, the ECtHR has held states
accountable for their failure to protect citizens from adverse effects on their rights and freedoms of actions
3
K.U. v. UK, no 2872/02;
Pay v. UK, no. 32792/05;
5
Féret v. Belgium no.15615/07;
4
15
CDDH(2013)025Rev2
taken by private companies.6
[..] Internet users are usually asked to agree with the terms and conditions of any Internet services in order to
be able to use these services. The terms and conditions of use may not always be in compliance with
international human rights standards. The second paragraph emphasises the primacy of the international
human rights framework over any contractual arrangements or policies applicable to privately ordered
Internet spaces. This is also in line with the Guiding Principles on Business and Human Rights: Implementing
the United Nations “Protect, Respect and Remedy” Framework. 7
[..] The third paragraph of the preamble reaffirms the public service value of the Internet as set out in the
relevant Committee of Ministers’ Recommendation CM/Rec(2007)16.8 It highlights the critical role that the
Internet plays not only for users’ everyday activities but also for the exercise and enjoyment of their human
rights and fundamental freedoms. Internet users’ rights and freedoms should be subjected to unnecessary and
disproportionate interferences in the context of using Internet services.
[..] The fourth paragraph defines the objective of the recommendation that it to foster users’ better
understanding and effective exercise of human rights online including access to effective remedies. People’s
awareness and understanding of human rights standards is essential for the full realisation of human rights and
the overall compliance of Council of Europe member states with their obligations under the ECHR. In
particular, people should be informed about which fundamental rights and freedoms may be at stake when
they access and use the Internet, the instances in which their rights and freedoms may be exposed to
interferences as well as the recourses that are available to them.
[…] The fourth paragraph also acknowledges that the Internet provides opportunities for transparency and
accountability in public affairs. In that sense, the Internet empowers individuals and communities to
participate in democratic life. The objective of empowering individuals to exercise their rights is gaining a
growing importance as more people are expected to join the Internet in the years to come.
The operational part
[..] The first part of the operational part is addressed to member states. It states a key principle of the Council
of Europe’s Internet policy that fundamental rights and freedoms apply equally to online and offline
environments. This approach has also been acknowledged by the United Nations Human Rights Council as
affirmed in its Resolution of 2012 ‘The Promotion, Protection and Enjoyment of Human Rights on the
Internet’. With a view to capitalising on the potential of the Guide the Committee of Ministers recommends
to member states to actively promote it through dissemination widely in the public and private sectors. The
objective is to ensure that it is made available and communicated to individuals and Internet users at large in a
clear language.
[..] The second indent reaffirms that the exercise of human rights and fundamental freedoms on the Internet
may be subject to restrictions only on grounds which are specified by the ECHR and in compliance with its
conditions. Therefore, the Committee of Ministers recommended to member states to examine whether
restrictions with human rights and fundamental freedoms on the Internet are prescribed by law, pursue
legitimate aims and are necessary in a democratic society. Where these conditions are not complied with
restrictions must be removed.
[..] The third indent, addresses the need to ensure effective remedies as part of the full realisation and
enjoyment of human rights and fundamental freedoms on the Internet. Therefore, it calls on member states to
6
Lόpez Ostra v. Spain, no. 16798/90, § 44-58; Taşkin and Others v. Turkey; Fadeyeva v. the Russian
Federation.
7
Guiding Principles on Business and Human Rights: Implementing the United Nations “Protect, Respect and
Remedy” Framework (A/HRC/17/31) endorsed by the Human Rights Council by Resolution Human rights and
transnational corporations and other business enterprises A/HRC/RES/17/4
8
Recommendation CM/Rec(2007)16 of the Committee of Ministers to member states on measures to promote
the public service value of the Internet.
CDDH(2013)025Rev2
16
enhance their efforts in guaranteeing the right to an effective, inter alia, by ensuring enhanced co-ordination
and co-operation among the existing recourse mechanisms, in particular with regard to the processing of
complaints lodged by Internet users as well as in the provisions of a response thereto. Co-operation with
private sector actors to guarantee the right to an effective remedy is considered essential. The
recommendation also acknowledges that there is a diversity of redress mechanisms available in different
member states, such as ombudspersons, hotlines or expedited court procedures.
[..] The protection of human rights and fundamental freedoms on the Internet in Council of Europe member
states may be exposed to action taken by state or non-state actors that are not based in Europe. Therefore, the
fourth indent recommends co-ordination between Council of Europe member states and non- Council of
Europe member states as well as non-state actors.
[..] The second part of the operational part encompasses recommendations regarding the follow-up action
within the Council of Europe and recommendations to non-state actors. The first indent is invited to promote
the Guide by means of its dissemination. Given the fact that the Internet is a fast evolving technology,
questions related to human rights protection on the Internet may emerge. Therefore, the Secretary General is
invited to update it wherever necessary.
[..] The second indent of the operational part acknowledges the crucial role of the private sector for the full
realisation of human rights and fundamental freedoms on the Internet. Therefore, the Committee of Ministers
invites them to promote the Guide in the context of their activities, notably by making it part of their business
practices or other activities. The issue of corporate social responsibility, in particular transparency and
accountability of business practices is emphasised. The private sector, must fulfil its social corporate
responsibility to respect human rights in conformity with the Guiding Principles on Business and Human
Rights: Implementing the United Nations “Protect, Respect and Remedy” Framework.
[..] The third indent of the operational part acknowledges the key contribution that the civil society can give in
promoting the Guide and compliance with it. It also, affirms that the Guide is a living tool. The Committee of
Ministers therefore invites the civil society to support the dissemination and compliance with the Guide.
Commentary on the Appendix: Guide on Human Rights for Internet Users
The introduction
[..] The introduction reaffirms the principle that human rights and freedoms apply equally to online and
offline environments. The Guide addresses the Internet user directly and therefore it adopts a style which uses
the ‘you’ form. The objective is to provide Internet users with a tool that can serve as reference for
information and orientation on human rights and fundamental freedoms on the Internet. Users’ ability to
control their activities on the Internet is essential for a trusted online environment. They must be fully
informed about the way different choices may affect their rights and freedoms. Moreover, they should have
the option to consent to such choices. Therefore, the introduction states that the Guide is primarily a tool for
the Internet user, to know about his/her human rights and, when necessary, to act upon them as part of the
right to an effective remedy. This does not exclude the possibility for state authorities and private sector
companies to use the Guide in order to analyse their responsibilities to Internet users under human rights law
– and to bring their policies and practices in line with the law.
[..] The Guide contextualises the application of existing standards on human rights and fundamental freedoms
to Internet environments The Guide is based on the ECHR and the jurisprudence of the ECtHR and draws
from other Council of Europe conventions as well as declarations and recommendations of the Committee of
Ministers. The introduction re-emphasises the duty of member states to respect, protect and fulfil the rights
and freedoms that are contained in the Guide.
[..] The focus is on particular issues which are considered as mostly affected by the Internet and that are most
relevant to the users. The Guide is without prejudice to the enforceability of the legal instruments on the basis
of which it has been is elaborated. In particular, the rights and remedies discussed in the Compendium are not
necessarily reflected in the existing jurisprudence of the ECtHR. It builds on the effectiveness and
17
CDDH(2013)025Rev2
enforceability of existing human rights standards and the relevant mechanisms for their enforcement.
Therefore, the Guide states that it does not establish new rights and freedoms.
Access and non-discrimination
[..] This part of the Guide emphasises principles and considerations which are considered as being
intrinsically linked and generally applicable to all human rights and fundamental freedoms included in the
Guide, notably access to the Internet and the principle of non-discrimination.
Access to the Internet
[..] Access to the Internet is considered as a condition and enabler not only for the enjoyment and exercise of
the right to freedom of expression but also other rights and freedoms. Therefore, the Guide emphasises that
“access to the Internet is a necessary means for you to exercise your rights and freedoms contained in the
ECHR.”
[..] The first paragraph of this part also looks at the conditions that disconnection from the Internet should
fulfil. The Council of Europe standards offer sufficient guidance and legal basis on this issue. The ECtHR has
emphasised that the Internet has become today one of the principal means for the exercise of the right to
freedom of expression and information by individuals. Freedom of expression applies not only to the content
of information but also to the means of dissemination, since any restriction imposed on the latter necessarily
interferes with the right to receive and impart information. Such interferences can only be accepted if they
meet the conditions stated in Article 10, paragraph 2 of the ECHR as interpreted by the ECtHR. 9 A measure
that is bound to have an influence on the individuals’ accessibility of the Internet engages the responsibility of
the state under Article 10.10
[..] Internet users should be offered effective remedies against measures of disconnection from the Internet. In
the first place, Internet service providers should inform Internet users about the grounds and legal basis for the
disconnection measure and the procedures for objecting to it and requesting reinstatement of full access to the
Internet. Such requests should be treated within reasonable time limits. Moreover, every Internet user, in the
exercise of his right to fair trail, should be enabled to request a review of the disconnection measures by a
competent administrative and/or judicial authority. These elements are dealt under the last section of the
Guide ‘Effective Remedies’.
[..] Furtherore, the Committee of Ministers of the Council of Europe has affirmed in several of its
recommendations to member states that it promotes the public service value of the Internet. 11 This is
understood as “people’s significant reliance on the Internet as an essential tool for their everyday activities
(communication, information, knowledge, commercial transactions) and the resulting legitimate expectation
that Internet services be accessible and affordable, secure, reliable and ongoing.”
[..] The second paragraph, drawing from the Committee of Ministers recommendation on the public service
value of the Internet12 puts forward the view that everyone should have access to basic Internet services at an
affordable price and irrespective of age, gender, race, religion, political or other opinion, national, ethnic or
social origin, association with a national minority, property, birth or other status. Therefore, it states that your
Internet access should be affordable and non-discriminatory.
[..] The issue of access to Internet content is also dealt within this paragraph. The right to access Internet
9
See note 1 above, § 50. See also Autronic AG v Switzerland (No. 12726/87). In Khurshid Mustafa and
Tarzibachi v. Sweden no 23883/06 the ECtHR found that a domestic court’s interpretation of a private act
(contract) engaged the responsibility of the respondent state, thus broadening the scope of Article 10 protection
to restrictions imposed by private persons..
10
See note 1 above, § 53.
11
Recommendation CM/Rec(2007)16 of the Committee of Ministers to member states on measures to promote
the public service value of the Internet, section II
12
Ibid, CM/Rec(2007)16, section II
CDDH(2013)025Rev2
18
content is linked to the right receive and impart information on the Internet as guaranteed by Article 10 of the
ECHR.13 The Council of Europe’s Committee of Ministers has affirmed that every Internet user should have
the greatest possible access to Internet-based content, applications and services of his/her choice, whether or
not they are offered free of charge, using suitable devices of his/her choice. Such a general principle,
commonly referred to as network neutrality, should apply irrespective of the infrastructure or the network
used for Internet connectivity. 14
[..] Internet users should be adequately informed about any measures or practices by network operators which
may block certain types of content and applications or prioritise them over others. For example, network
operators may block peer-to-peer protocols, slow down traffic carrying video or webcasting or charge for
such traffic. These measures should be proportionate, appropriate and avoid unjustified discrimination; they
should be subject to periodic review and not be maintained longer than strictly necessary. 15
[..] The third paragraph contextualises the principle of universal community service concerning new
communication services in Internet environments. This principle has been affirmed in Recommendation No.
R (99)14 of the Committee of Ministers , which states in its first principle entitled access that:
“ 1. Member states should foster the creation and maintenance of public access points providing access for all
to a minimum set of communication and information services in accordance with the principle of universal
community service. This should include encouraging public administrations, educational institutions and
private owners of access facilities to new communication and information services to enable the general
public to use these facilities.
2. Member states should foster the provision of adequate and internationally connected networks for new
communication and information services, and in particular their extension to areas with a low communication
and information infrastructure.
3. Member states should foster the provision of adequate facilities for the access to new communication and
information services by users requiring support.”16
[..] Disabled persons must have equivalent and non-discriminatory access to the Internet and ICTs to that
enjoyed by other Internet users. The Council of Europe’s Committee of Ministers has recommended to
member states to foster the provision of adequate facilities for the access to the Internet and ICTs by disabled
users17. They should also promote affordable access for disabled persons bearing in mind the importance of
design, the need to raise awareness among these persons and groups, the appropriateness and attractiveness of
Internet access and services as well as their adaptability and compatibility. 18 The objective of affordable
access applies also to persons and groups of persons on low incomes, those living in rural or geographically
remote areas.19
[..] Therefore, the third paragraph of this part of the Guide specify that Internet access should be affordable
and non-discriminatory and that the Internet users living in rural or geographically remote areas and that
Internet user on low income or with special needs should be able to request assistance from public authorities.
For example, Internet users with disabilities should be provided with accessible and adequate means to
complain, when they believe their Internet accessibility has been unjustifiably hindered, to Internet service
providers, content providers, national regulatory authorities or other competent authorities in the
13
See note 1 above, § 50.
Declaration of the Committee of Ministers on Network Neutrality, adopted by the Committee of Ministers
on 29 September 2010. See also, Directive 2002/21/EC of the European Parliament and of the Council of 7
March 2002 on a common regulatory framework for electronic communications networks and services , article
8(4) g;
15
Ibid, Declaration on Network Neutrality.
16
CM/Rec(2007)16, appendix section II; Recommendation No. R (99)14 of the Committee of Ministers to
member states on universal community service concerning new communication and information services,
principle 1.
17
Ibid.
18
CM/Rec(2007)16, Appendix, section II.
19
Ibid.
14
19
CDDH(2013)025Rev2
telecommunications domain and national courts.
Non-discrimination
[..] The fourth paragraph contextualises the principle of non-discrimination in the various and different
interactions that Internet users have with public authorities, Internet service providers and other companies or
other users or groups of users. The prohibition of discrimination is also included as a general overarching
consideration that is applicable to all the rights and freedoms included in the Guide. Its wording is based on
the Article 14 of the ECHR which provides: “The enjoyment of the rights and freedoms set forth in this
Convention shall be secured without discrimination on any ground such as sex, race, colour, language,
religion, political or other opinion, national or social origin, association with a national minority, property,
birth or other status.”
[..] In addition the prohibition of discrimination is enshrined in Article 1 of protocol 12 of the ECHR, which
provides: “1. The enjoyment of any right set forth by law shall be secured without discrimination on any
ground such as sex, race, colour, language, religion, political or other opinion, national or social origin,
association with a national minority, property, birth or other status. 2. No one shall be discriminated against
by any public authority on any ground such as those mentioned in paragraph 1.”
Freedom of expression and information
[..] This section of the Guide is based on the right to freedom of expression, which is enshrined in Article 10
of the ECHR.
[..] The first indent affirms that Internet users have broad freedom to express themselves online. The ECtHR
has affirmed in its jurisprudence that Article 10 applies to the Internet. 20 The right to freedom of expression
includes the right to freely express opinion, views, ideas and to receive and impart information regardless of
frontiers. Freedom of expression is applicable not only to “information” or “ideas” that are favourably
received or regarded as inoffensive or as a matter of indifference, but also to those that offend, shock or
disturb.21 However, Internet users’ broad freedom does not mean that they should not respect the reputation
of other people. Therefore, the Guide provides guidance to Internet users on this point.
[..] The first indent also deals with the issue of expression that does not qualify for protection under Article 10
of the ECHR, that is hate speech. The ECtHR has found that certain forms of expression which amount to
hate speech or which negate the fundamental values of the ECHR are excluded from the protections afforded
by Article 10 of the ECtHR. 22 In this connection the ECtHR applies article 17 of the ECHR which provides:
“Nothing in this Convention may be interpreted as implying for any State, group or person any right to engage
in any activity or perform any act aimed at the destruction of any of the rights and freedoms set forth herein or
at their limitation to a greater extent than is provided for in the Convention.”
[..] Although there is no universally acceptable definition of hate speech, the Council of Europe’s Committee
of Ministers has stated in the context of its work that “the term "hate speech" shall be understood as covering
all forms of expression which spread, incite, promote or justify racial hatred, xenophobia, antisemitism or
other forms of hatred based on intolerance, including: intolerance expressed by aggressive nationalism and
ethnocentrism, discrimination and hostility against minorities, migrants and people of immigrant origin.”23
[..] The second indent focuses on freedom of Internet users to express their religious, non-religious views and
their opinions on cultural matters. It is considered that this part addresses the relevant aspects and dimensions
of the exercise of the right to freedom of thought, conscience and religion as enshrined in Article 9 of the
20
See note 1 above §50.
Handyside v. the United Kingdom, judgment of 7 December 1976, Series A No. 24, para.49.
22
Féret v. Belgium no. 15615/07; Garaudy v. France no. 65831/01, 24.06.2003, admissibility decision; Leroy
v. France no. 36109/03; Jersild v. Denmark no. 15890/89; Vejdeland and Others v. Sweden(no. 1813/07.
23
Recommendation No. R (97) 20 of the Committee of Ministers to member states on ‘Hate Speech’.
21
CDDH(2013)025Rev2
20
ECHR on the Internet.
[..] The third indent addresses a specific dimension of the right to receive and impart information on the
Internet, that is the use, re-use and distribution of content. The Council of Europe’s policy on the public
service value of the Internet encompasses measures and strategies to be taken by member states to promote
freedom of communication and creation on the Internet regardless of frontiers, in particular by not subjecting
individuals to any licensing or other requirements having a similar effect, nor any general blocking or filtering
measures by public authorities, or restrictions that go further than those applied to other means of content
delivery; as well as facilitating, where appropriate, “re-users”, meaning those wishing to exploit existing
digital content resources in order to create future content or services in a way that is compatible with respect
for intellectual property rights.24
[..] The fourth indent deals with the issue of restrictions to freedom of expression. It states upfront that the
duty to respect and protect freedom of expression lies with the governments. States’ primary duty under
Article 10 is not to interfere with communication of information between individuals, be they legal or natural
persons. Nonetheless, the ECtHR has affirmed that the effective exercise of Article 10 rights may also require
positive measures of protection, even in the sphere of relations between individuals. The responsibility of a
state may be engaged as a result of not observing its obligation to enact appropriate domestic legislation 25.
Also, a violation of the ECHR can be established where a national court’s interpretation of a legal act, be it a
private contract, a public document, a statutory provision or an administrative practice appears unreasonable,
arbitrary, discriminatory or, more broadly, inconsistent with the principles underlying the ECHR. 26
[..] This part of the guide is premised on the view that freedom of expression is not an absolute right but it can
be subjected to formalities, conditions, restrictions or penalties in accordance with Article 10 paragraph 2 of
the ECHR as interpreted by the ECtHR. The latter has stated that such restrictions must:
- be prescribed by law which means that the law must be accessible, clear and sufficiently precise to
enable individuals to regulate their behaviour. The law should provide for sufficient safeguards
against abusive restrictive measures, including effective control by a court or other independent
adjudicatory body. 27
- pursue a legitimate aim in the interests listed in paragraph 2 of Article 10; this list is exhaustive but
interpretation and scope evolves with the relevant case law of the ECtHR.
- be necessary in a democratic society – which means that there is a pressing social need for it, it
pursues a legitimate aim and is the least restrictive means for achieving that aim. 28
[..] The second indent also highlights two forms of interference with freedom of expression that is blocking
and filtering. Blocking and filtering may amount to a violation of freedom of expression if the conditions of
Article 10, paragraph 2 of the ECHR, as interpreted by the ECtHR, are not met. 29 This part of the Guide is
based on general principles established by the ECtHR on these forms of interference as well as other
standards adopted by the Committee of Ministers, which are primarily concerned with the proportionality of
filtering and blocking measures.
[..] Nationwide general blocking or filtering measures can be taken by state authorities only if the filtering
concerns specific and clearly identifiable content, a competent national authority has taken a decision on its
illegality and the decision can be reviewed by an independent and impartial tribunal or regulatory body in
24
See CM/Rec(2007)16, Appendix, section III, second indent.
Vgt Verein gegen Tierfabriken v. Switzerland, no. 24699/94, § 45.
26
See note 9 above Khurshid Mustafa and Tarzibachi v. Sweden no 23883/06 § 33; Plaand Puncernau v.
Andorra, no. 69498/01, § 59, ECHR 2004-VIII
27
See note 1 above § 64.
28
Ibid., § 66-70.
29
Recommendation CM/Rec(2008)6 of the Committee of Ministers to member states on measures to promote
the respect for freedom of expression and information with regard to Internet filters, see Appendix, part III, ii .
See also, note 1 above.
25
21
CDDH(2013)025Rev2
accordance with the requirements of Article 6 of the ECHR. 30 State authorities should ensure that all filters
are assessed both before and during their implementation to ensure that their effects are proportionate to the
purpose of the restriction and thus necessary in a democratic society, in order to avoid unreasonable blocking
of content.31
[..] Measures taken to block specific Internet content (for example a specific website) must not be arbitrarily
used as a means of general blocking of information on the Internet and must not have a collateral effect in
rendering large quantities of information inaccessible, thereby substantially restricting the rights of Internet
users.32 They should be prescribed by a legal framework ensuring strict control of the scope of blocking and
effective judicial review to prevent any abuse of power. 33 Judicial review of such a measure should weigh-up
the competing interests at stake, strike a balance between them and examine whether there a less far-reaching
measure could be taken to block access to specific Internet content. 34 The policy requirements and principles
mentioned above do not prevent the installation of filters for the protection of minors in specific places where
minors access the Internet such as schools or libraries.35
[..] Filtering and de-indexation of Internet content by search engines entails the risk of violation of freedom of
expression of Internet users as guaranteed by Article 10 of the ECHR. Search engines have freedom to crawl
and index information available on the World Wide Web. They should not be obliged to monitor their
networks and services proactively in order to detect possibly illegal content and should not conduct any exante filtering or blocking activity unless mandated by a court order or by a competent authority. Deindexation or filtering of specific websites at the requests of public authorities, which comply with their
obligations, to filter or de-index specific websites should be transparent, narrowly tailored and reviewed
regularly subject to compliance with due process requirements. 36
[..] The third ident of the section of freedom of expression also identifies some of the guarantees that Internet
users should be afforded when filtering and blocking measures are taken, focusing notably on information to
the user and possibilities to challenges these restrictions. The guidance given to the user is based on the
guidance that the Council of Europe’s Committee of Ministers has provided to its member states in respect of
the implementation of filtering and blocking measures. 37
[..] Internet users should be made aware of the activated filters, be enabled to deactivate them where
appropriate and be assisted in varying the level of filtering in operation, in particular by being given
information that enables them:
(i) to identify when filtering has been activated and to understand how, and according to which
criteria the filtering operates (for example black lists, white lists, keyword blocking, content rating,
de-indexation or filtering of specific websites or content by search engines);
(ii) to understand why a specific type of content has been filtered;
(iii) concise information and guidance regarding the manual overriding of an active filter, namely
who to contact when it appears that content has been unjustifiably blocked and the means which may
allow a filter to be overridden for a specific type of content or website;
effective and readily accessible means of recourse and remedy, including suspension of filters, in cases where
users claim that content has been blocked unjustifiably.
30
Ibid. CM/Rec(2008)6, see Appendix, part III, iv.
Ibid,
32
See note 1 above, § 52; 66- 68. Committee of Ministers Declaration on Freedom of Communication on the
Internet
33
Ibid. § 64. Association Ekin v. France, no 39288/98
34
Ibid., § 64-66.
35
See Declaration on Freedom of Communication on the Internet, principle 3.
36
See Recommendation CM/Rec(2012)3 of the Committee of Ministers to member States on the protection of
human rights with regard to search engines, Appendix, part III.
37
See note 29 above, CM/Rec(2008)6, see Appendix, part I; Ibid, CM/Rec(2012)3, Appendix, part III.
31
CDDH(2013)025Rev2
22
[..] Internet service providers should put in place mechanisms of communication with Internet users which are
easily accessible and enable them to report unreasonable blocking or filtering of content and to complain
against such action.38
[..] The state must provide for effective and accessible means of recourse in cases where users and/or authors
of content claim that content has been blocked unreasonably by state authorities. If content is found to be
blocked unreasonably, the state must provide for effective remedies, including suspension of filters. 39 As a
last recourse the user shall be afforded easy access to raise a complaint with the national courts, and if
national remedies are exhausted, to the ECtHR.
[..] The fourth indent addresses issues of exercise of freedom of expression in the context of online services
such as social networks. Internet users may face situations in which the content that they have created and
made available through these services is removed by the relevant companies. Also, their accounts (e.g. a
user’s profile or presence in social networks) may be de-activated based on the application of the conditions
of use defined by these online services.
[..] The removal of user-created content by the online services which host such content as well as deactivation
of users’ accounts are forms of interferences with the right to freedom of expression and the right to receive
and impart information. They may result in violations of these rights unless the conditions of Article 10,
paragraph 2 of the ECHR as interpreted by the ECtHR are met. 40
[..] Therefore, the fourth indent of this part of the Guide informs the Internet user that online service providers
should respect human rights of Internet users on the basis of their corporate social responsibility. The latter
responsibility may include different types of action such as refraining from conveying hate speech and other
content that incites violence or discrimination for whatever reason. Online service providers should be
attentive to the use of, and editorial response to, expressions motivated by racist, xenophobic, anti-Semitic,
misogynist, sexist (including as regards LGBT people) or other bias.41 In this context, Internet users should
be enabled to signal and report to the hosting platform through easily accessible mechanisms the existence of
content or expression of views and/or behaviour that are apparently illegal. 42
[..] This part of the Guide, however, alerts Internet users to the fact that online service providers that host
user-created content are entitled to and may exercise different levels of editorial judgement with regard to the
content that they make available through their services, in accordance with their terms of service. 43 Without
prejudice to their editorial freedom they should, however, ensure that Internet users’ right to seek, receive and
impart information is not infringed upon in accordance with Article 10 of the ECHR. 44 In particular this
means that any restriction on the user-generated content should be specific, justified for the purpose for which
it is taken and communicated to the concerned Internet user.
[..] The Internet user should be enabled to make an informed decision whether to use the online service or not.
In practice this may mean that the Internet user should be:
(i) informed about any foreseen measures to remove content created by him/her or to deactivate
his/her account before these are taken and offering the possibility to address the concerns of the
Internet platform on a volunteer basis;
(ii) provided with accessible (in a language that the user understands) clear and precise information
regarding the fact and the grounds for taking measures of content removal and account deactivation,
38
Ibid. CM/Rec(2012)3, Appendix, part III, v.
Ibid.
40
Recommendation CM/Rec (2011)7 of the Committee of Ministers to member states on a new notion of
media, §. 7, Appendix, § 15; 44-47; 68 -69 ; Recommendation CM/Rec(2012)4 of the Committee of Ministers
to member States on the protection of human rights with regard to social networking services, § 3
41
Ibid., CM/Rec (2011)7, § 91.
42
Ibid.,; CM/Rec(2012)4, II/10.
43
Ibid.,CM/Rec (2011)7, § 18; 30-31
44
Ibid.,CM/Rec (2011)7, § 7, 2nd indent.
39
23
CDDH(2013)025Rev2
the legal provision evoked in taking them and other elements that permit to assess the proportionality
and the legitimacy of the aim pursued;
(iii) enabled to request a review of the measures on content removal and account de-activation by the
online service itself within a reasonable time;
(iv) if not satisfied by the outcomes of the review procedure, enabled to complain against the
decision of the online service to a competent administrative and/or judicial authority.
[..] The sixth indent of the freedom of expression part of the Guide deals with the issue of anonimity. The
Council of Europe’s Committee of Ministers has affirmed the principle of anonymity in its Declaration on
Freedom of Communication on the Internet. Accordingly, in order to ensure protection against online
surveillance and to enhance the free expression of information and ideas, Council of Europe member states
should respect the will of users of the Internet not to disclose their identity. This does not prevent member
states from taking measures and co-operating in order to trace those responsible for criminal acts, in
accordance with national law, the ECHR and other international agreements in the fields of justice and the
police.45
[..] However, anonimity is not an absolute guarantee and it can be subject to measures to lift it such as court
decision. The ECtHR has considered a case involving failure of a Council of Europe member state to compel
an Internet service provider to disclose the identity of a person wanted for placing an indecent advertisement
about a minor on an Internet dating site. The ECtHR considered that although freedom of expression and
confidentiality of communications are primary considerations and users of telecommunications and Internet
services must have a guarantee that their own privacy and freedom of expression will be respected, such
guarantee cannot be absolute and must yield on occasion to other legitimate imperatives, such as the
prevention of disorder or crime or the protection of the rights and freedoms of others. The state has a positive
obligation to provide a framework which reconciles those competing interests. 46
[..] The Budapest Convention on Cybercrime does not appear to criminalise the use of technology for
purposes of anonymous communication. According to the its explanatory report, “the modification of traffic
data for the purpose of facilitating anonymous communications (e.g. activities of anonymous remailer
systems) or the modification of data for the purposes of secure communications (e.g. encryption) should in
principle be considered a legitimate protection of privacy, and, therefore, be considered as being undertaken
with right. However, Parties may wish to criminalise certain abuses related to anonymous communications,
such as where the packet header information is altered in order to conceal the identity of the perpetrator in
committing a crime.”47
Assembly, Association and Participation
[..] This part of the Guide is based on the the right to freedom of assembly and association as enshrined in
Article 11 of the ECHR.
[..] The first indent is a direct implementation of the the principle that Article 11 of the ECHR applies without
distinction to online and offline environments. It informs the user that he/she has the right to peacefully meet
and associate with others on the Internet regardless of the platform, website or application used for these
purposes. This includes the right of Internet users to peacefully protest online and organise themselves as well
as the freedom of all groups in society to participate in assemblies assisted by the use of the Internet and
information and communication technologies (ICTs) and other forms of associative life and form and join
trade unions.
[..] The second indent focuses on the right to protest in online environments. It specifies that the protest
should be peaceful and in this connection it looks in particular at the implementation of the principle that this
45
See Declaration on Freedom of Communication on the Internet, Principle 7.
K.U. v. Finland, not 2872/02 § 49.
47
Budapest Convention on Cybercrime, Article 2, explanatory report, §. 62.
46
CDDH(2013)025Rev2
24
right to protest applies equally online and offline. Protests in the offline environments are accepted which
have consequences for the general public, such as disruption or blocking of access to premises, fall within the
limits of permissible exercise of freedom of assembly in accordance with Article 11. This may not always be
the case in online world when action that give rise to disruption of online services, such as unauthorised
access to a particular website or a restricted online space, or handling digital content without authorisation,
are undertaken to express a particular point of view or to protest. Although, this matter is not addressed in
specific statutory or human rights case-law about online protest, it was felt necessary to apprise the user of the
limits of the exercise of the right to protest online.
[..] The third indent informs the Internet user about his/her freedom to exercise his/her citizenship on the
Internet. This part is based on the recognition that the Internet has become a tool for active citizen
participation in building and strengthening democratic societies. The Council of Europe’s Committee of
Ministers has recommended that its member states should develop and implement strategies for e-democracy,
e-participation and e-government which make effective use of ICTs in democratic processes and debates, in
relationships between public authorities and civil society, and in the provision of public services as part of an
integrated approach that makes full and appropriate use of a number of communication channels, both online
and offline. 48
[..] The Guide informs the user that they have the freedom to participate in local, national and global public
policy debates, legislative initiatives and scrutiny of decision-making processes, including the right to sign
petitions. This freedom should be matched by concrete action by states to enble Internet users to exercise this
freedom. In this context, the Council of Europe’s Committee of Ministers has recommended to its member
states to:
- strengthen citizens’ participation by means of the Internet and other ICTs in national, regional and
local public life such as in public policy debates, legislative initiatives and scrutiny of decision
making processes;
- encourage the use of ICTs by citizens (including online forums, weblogs, political chats, instant
messaging and other forms of citizen-to-citizen communication) to engage in democratic
deliberations, e-activism and e-campaigning, put forward their concerns, ideas and initiatives,
promote dialogue and deliberation with representatives and government, and to scrutinise officials
and politicians in matters of public interest;
- improve public administration and services by making them more accessible (inter alia through
access to official documents), responsive, user-oriented, transparent, efficient and cost-effective;
- wherever appropriate introduce e-voting systems which are secure, reliable, efficient, technically
robust, open to independent verification and easily accessible to voters, in full respect for the
principles of democratic elections and referendums. 49
Privacy and data protection
[..] This part of the Guide is based on the the right to respect for family and private life, which is enshrined in
Article 8 of the ECHR.
[..] Private life is a notion not susceptible to exhaustive definition. The ECtHR has emphasised that Article 8
encompasses a wide range of interests – namely private and family life, home and correspondence. The
ECtHR has found mail, telephone communications 50 and e-mails sent in a working context51 to fall within the
meaning of correspondence. Private life also includes a person’s right to their image 52. Applied to the Internet
context this may mean photographs, video-clips which contain a person’s images. In short, private life is a
broad notion not susceptible to exhaustive definition. The right to private life includes the right to identity and
personal development, the right to establish and develop relationships with other human beings and the
48
See note 8 above, CM/Rec(2007)16, Appendix, part I.
Recommendation Rec(2004)11 of the Committee of Ministers to member states on legal, operational and
technical standards for e-voting
50
Klass others v. Germany, no 5029/71, §41.
51
Copland v. UK, no 62617/00, § 41, 42.
52
Sciacca v. Italy, no. 50774/99, § 29.
49
25
CDDH(2013)025Rev2
outside world and may include activities of a professional or business nature. 53
[..] The focus of this part of the Guide is on the right to privacy with regard to personal data, which is
guaranteed on the basis of the Convention for the Protection of Individuals with Regards to Automatic
Processing of Personal Data (ETC No.108) (hereinafter Convention 108). The reason is because most of the
activities that users conduct on the Internet involve some form of personal data processing. Therefore, the first
indent alerts the user to the fact by providing examples such as browers, email, instant messages, voice-over
Internet protocols, social networks and search engines. The notion of data processing is explained in the
glossary, on the basis of relevant provisions of the Convention 108, as all operations carried out in the
Internet, such as collection, storage, alteration, erasure and retrieval or dissemination or personal data.
[..] The second indent informs the user that there are principles and rules that should be respected by public
authorities and private companies that are engaged in the processing of personal data. This information is
considered important because it is necessary that a user understands and knows the rules and principle on the
basis of which data processing should take place in order to be able to exercise his/her rights such as to
request correction, erasure etc. According to Convention 108 personal data must be obtained and processed
fairly and lawfully, stored for specified and legitimate purposes, adequate, relevant and not excessive in
relation to the purposes for which they are stored, accurate and, where necessary, kept up to date, preserved
in a way which permits identification of the person whose personal data are processed and for no longer than
is required for the purpose for which those data are stored.54
[..] The processing of personal data is an interference with the right to privacy with regard to personal data.
The ECtHR has affirmed that the compiling, storing, using and disclosing of personal information by the state
for example in respect of a police register, amounts to an interference with one’s right to respect for private
life as guaranteed by Article 8, paragraph 1, of the ECHR. 55 In addition, there is a positive obligation on the
state to ensure an effective deterrent against grave acts to a person’s personal data, sometimes by means of
efficient criminal law provisions. 56
[..] The third indent places emphasis on two specific principles of processing personal data, that is its
lawfulness and the Internet user’ consent to such processing. It informs the user that data can be processes
only when it is laid down by law and when the user has consented to such processing for example by agreeing
to the terms and conditions of Internet service. A person’s free, specific, informed and explicit (unambiguous)
consent to the processing of personal data on the Internet is proposed to be added to Convention 108. 57
[..] The third indent also contextualises the rights of the data subject as laid down in Convention 108. The
Internet user should therefore be enabled to:
- to establish the existence of processing of his/her personal data by any natural or legal person, the
main purposes of the processing as well as the identity and habitual residence or principal place of
business of the processing entity;
- to obtain at reasonable intervals and without excessive delay or expense confirmation of whether
personal data relating to him/her is stored as well as communication to him/her of such data in an
53
Rotaru v Romania (no. 28341/95); P.G. and J.H. v the UK (no. 44787/98); Peck v. UK (no. 44647/98); Perry
v. UK (no. 63737/00); Amann v. Switzerland (no. 27798/95).
54
Convention for the Protection of Individuals with Regards to Automatic Processing of Personal Data (ETC
No.108)
55
Leander v. Sweden, no 9248/81, § 48 26 March 1987.
56
X and Y v. the Netherlands, 26 March 1985, §§ 23-24 and 27, Series A no. 91; August v. the United
Kingdom (dec.), no. 36505/02, 21 January 2003; and M.C. v. Bulgaria, no. 39272/98, § 150, ECHR 2003-XII;
K.U. v. Finland no. 2872/02, § 43, 2 December 2008.
57
The Consultative Committee of the Convention for the Protection of Individuals with Regards to Automatic
Processing of Personal Data (ETC No.108) has made a number of proposals to modernise this convention (TPD(2012)4Rev3_en). One of the proposals focuses on the consent of the person whose personal data are
processed as a pre-condition for such processing “Each Party shall provide that data processing can be carried
out on the basis of the free, specific, informed and [explicit, unambiguous] consent of the data subject or of
some legitimate basis laid down by law.”
CDDH(2013)025Rev2
26
intelligible form;
- to obtain rectification or erasure of such data if these have been processed contrary to the law
giving effect to basic principles of personal data processing;
- to have a remedy if a request for confirmation or, as the case may be, communication, rectification
or erasure as referred to above is not complied with..58
The third indent summarises and simplifies these provisions by formulating simple messages addressed to the
Internet users.
[..] Derogation from these rights shall be allowed when this is provided for by the law and it constitutes a
necessary measure in a democratic society in the interests of: (a) protecting state security, public safety, the
monetary interests of the state or the suppression of criminal offences; (b) protecting the data subject or the
rights and freedoms of others. Restrictions on the exercise of the rights foreseen above may be provided by
law with respect to automated personal data files used for statistics or for scientific research purposes when
there is obviously no risk of an infringement of the privacy of the data subjects.59
[..] The fourth indent addresses issues of surveillance or interception. The right to respect for the
confidentiality of correspondence and communications is enshrined in Article 8 of the ECHR as interpreted
by the ECtHR. The concept of correspondence covers mail and telecommunications 60 and e-mails sent in a
working context61. It is expected that the interpretation of this concept will evolve to keep pace with the
developments of technology which many bring other methods of communication, such as email messages (in
a broader context), instant messaging or other forms of communications on the Internet within the sphere of
Article 8 protection.
[..] Some of the general principles affirmed in the ECtHR jurisprudence with regard to interception and
surveillance of communications in non-Internet cases and cases involving interferences by state authorities are
given below. These principles provide general guidance and reference, for possible future application to
Internet communications.
[..] Interceptions of correspondence and telecommunications are interferences with the right to private life
and can only be accepted if they are in compliance with the conditions of Article 8 paragraph 2 of the ECHR
as interpreted by the ECtHR. The very existence of legislation permitting surveillance of telecommunications
may be considered as an interference with the right to private life. A law that institutes a system of
surveillance under which all persons in the country concerned can potentially have their mail and
telecommunications monitored directly affects all users or potential users of the postal and telecommunication
services in that country. The ECtHR has therefore accepted that an individual may, under certain conditions,
claim to be the victim of a violation occasioned by the mere existence of secret measures or of legislation
permitting them, without having to allege that such measures were in fact applied to him or her. 62
[..] Interceptions must have a basis in the law and be necessary in a democratic society for one of the purposes
foreseen in Article 8. The ECtHR has developed general principles with particular reference to the
requirements that the law providing for covert measures of surveillance of correspondence and
communications by public authorities should meet.
Foreseability – the law must be accessible to the person concerned who must be able to foresee its
consequences for him her. The law must also be formulated with sufficient clarity and precision to
give citizens an adequate indication of the conditions and circumstances in which the authorities are
58
Ibid, Article 8.
Ibid., Article 9.
60
Association for European Integration and Human Rights and Ekmidzhiev v. Bulgaria no. 62540/00 § 58;
Klass and Others v. Germany no 5029/71;, Malone v. the United Kingdom, no 8691/79 and Weber and Saravia
v. Germany, no 54934/00.
61
See note 51 above Copland v. UK, no 62617/00.
62
Klass and Others, no 5029/71 §§ 30-38; Malone v. the United Kingdom no 8691/79§ 64; and Weber and
Saravia v. Germany no. 54934/00, §§ 78 and 79, Association for European Integration and Human Rights and
Ekmidzhiev v. Bulgaria no. 62540/00 § 58, § 69-70;
59
27
CDDH(2013)025Rev2
empowered to resort to this secret and potentially dangerous interference with the right to respect for
private life and correspondence.63
Minimum safeguards for the exercise of discretion by public authorities – the law should have
detailed rules on (i) the nature of the offences which may give rise to an interception order; (ii) the
definition of the categories of people liable to have their communications monitored; (iii) the limit on
the duration of such monitoring; (iv) the procedure to be followed for examining, using and storing
the data obtained; and (v) the precautions to be taken when communicating the data to other parties;
and the circumstances in which data obtained may or must be erased or the records destroyed 64.
Supervision and review by competent authorities – the ECtHR requires that there exist adequate and
effective guarantees against abuse.65
[..] In surveillance cases, the ECtHR may apply a stricter or less strict standard of review of safeguards
against arbitrary interference with Article 8 rights depending on the technical means used for the surveillance.
In a case of surveillance by means of geo-location technology (GPS) the ECtHR considered that the technical
means used for surveillance interfere with private life less than interception of telecommunications and it
consequently applied more general principles on adequate protection against arbitrary interference. 66
[..] The fifth indent of this section of the Guide focuses on privacy in the workplace. This is based on case-law
of the ECtHR which has found that telephone calls of an employee from business premises are covered by the
notions of private life and correspondence and that emails sent from work as well as information derived from
the monitoring of personal Internet usage should be protected under Article 8 of the ECHR. The employee
has a reasonable expectation of privacy in respect of her phone calls, email and Internet usage in the absence
of a warning that these would be liable to monitoring. 67
[..] The sixth indent informs the user that they can be assisted by data protection authorities, or other
competent authorities in member states, in order to ensure that their right to privacy with regard to personal
data is respected.
[..] In addition to the principles on personal data protection and rights of data subject that are laid down in
Convention 108 and explained above, the Council of Europe’s committee of ministers has provided additional
policy guidance on safeguards for the right to privacy with regard to personal data in respect with search
engines, social networks and profiling. An overview of these is included below.
Search engines
63
Malone v. the United Kingdom, no 8691/79 § 67; Valenzuela Contreras v. Spain, judgment of 30 July
1998, Reports 1998-V, p. 1925, § 46 (iii); and Khan v. the United Kingdom, no.35394/97, § 26, Association
for European Integration and Human Rights and Ekmidzhiev v. Bulgaria, no. 62540/00, §71.
64
See Kruslin v France, no. 11801/85 § 33; Huvig v. France, no 11105/84 § 32; Amann v. Switzerland,
no27798/95 § 56; Weber and Saravia v. Germany, no 54934/00§ 93; Association for European Integration and
Human Rights and Ekmidzhiev v. Bulgaria, no. 62540/00 § 76
65
Ibid., no. 62540/00) § 77
66
Uzun v. Germany, no 35623/05, § 66-74. The law must be accessible by every person concerned and
sufficiently precise and clear to give citizens an adequate indication of the conditions and circumstances in
which authorities are empowered to resort to such measures, in particular with regard to the scope of the
measure (the kind of information that may be gathered and kept and the categories of people against whom
surveillance measures can be taken); the length of time for which the information may be kept and the time
limitation for the duration of surveillance measures in proportion with the circumstances; the grounds required
for authorising surveillance ( the circumstances in which such measures may be taken); the authorities
competent to permit, carry out and supervise the surveillance measures; the kind of remedy provided by law
(effective supervision by a judicial authority (at least in the last resort, as it affords the best guarantees of
independent, impartial control according to a proper procedure.
67
Copland v. UK, no 62617/00, §41, 42.
CDDH(2013)025Rev2
28
[..] Internet users increasingly search for information on the Internet with the help of search engines. These
process large amounts of Internet users’ personal data based on their search behaviour histories which may
reveal a person’s beliefs, relations or intentions, sensitive data on racial origin, political opinions, religious or
other beliefs, data concerning health, sexual life or relating to criminal convictions.
[..] Search engines should ensure transparency of data collection and legitimate purpose, in particular by
developing tools on:
(i) Data minimisation – tools to minimise data collection and processing (no storing of Internet users’ IP
address beyond legitimate purpose, sampling and surveying, anonymisation of personal data, anonymous
research where applicable).
(ii) Limited retention periods – personal data retention periods should be no longer than strictly necessary for
the legitimate and specified purposes of the processing.
(iii) Data security - security measures to protect personal data against unlawful access by third parties and that
appropriate data breach notification schemes are in place. Measures should include “end-to-end” encryption
of the communication between the user and the search engine provider.
(iv) Cross-correlation of data – the cross-correlation of data originating from different services/platforms
belonging to the search engine provider is performed only if unambiguous consent has been granted by the
user for that specific service. 68
[..] Internet users should be informed, in an intelligible form, using clear and plain language adapted to the
Internet users, about the reasons for collection and retention of their personal data and all intended uses
thereof and the exercise of their rights. Users should be also informed when their personal data has been
compromised.
[..] Search engines should develop tools that allow users to gain access to, and to correct and delete, data
related to themselves that have been collected in the course of the use of services, including any profile
created, for example for direct marketing purposes.
Social networks
[..] Council of Europe’s Committee of Ministers standards on social networks provide guidance on the
principles that must be upheld with regard to data processing by social networks 69, notably:
Informed consent – social network should seek Internet users’ informed consent before their personal data is
disseminated, shared with other categories of people or companies and/or used in ways other than those
necessary for the specified purposes for which they were originally collected. Internet users should be offered
a clear interface and sufficiently multi-layered access to enable consent to different kinds of data being access
by third parties.
Default privacy-friendly settings – social networks should put in place default privacy-friendly settings and
apply the most appropriate security measures on Internet users’ personal data. Default privacy settings should
limit access to self-selected contacts identified by the user. Internet users should be enabled to adjust their
privacy settings and to select the level of public access to their data.
Sensitive data require enhanced protection − the use of techniques that may have a significant impact on
users’ privacy (where for instance processing involves sensitive or biometric data, such as facial recognition)
− should not be activated by default;
Data security – social network should apply the most appropriate security measures to protect Internet users’
personal data against unlawful access by third parties. This should include measures for the end-to-end
68
69
See note 36 above, in particular Appendix, part II.
See note 40 above..
29
CDDH(2013)025Rev2
encryption of communication between the Internet user and social networks. Internet users should be
informed when of breaches of their personal data security in order to enable them to take preventive measures
such as changing their passwords and to be attentive to their financial transactions (for example when social
networks are in possession of bank or credit card details).
Privacy by design – social networks should be encouraged to address data protection needs at the stage of
conception of their services or products and continuously assess the privacy impact of changes to existing
services with a view to strengthening security and users' control of their personal data.
Non-users - Social networks should refrain from collecting and processing personal data about non-users, for
example e-mail addresses and biometric data (such as photographs). Users should be made aware of the
obligations they have towards other individuals and, in particular, that the publication of personal data related
to other people should respect the rights of those individuals.
[..] Social networks should inform their users in a clear and understandable manner on:
- the processing of their personal data, their rights and the means of exercising their rights;
- the terms and conditions of use (including concise explanations) and information about the social
networks policy for dealing with apparently illegal content and what is considered inappropriate
content and behaviour on the network;
- every change made to the social network’s terms of service and conditions of use and other action
such as installation of third party applications which present possible risks to users’ privacy;
- the law that is applicable in the execution of the social networking services and the related
processing of their personal data;
- the consequences of open access (in time and geographically) to their profiles and communications,
in particular explaining the differences between private and public communication, and the
consequences of making information publicly available, including unrestricted access to, and
collection of, data by third parties;
- the need to obtain the prior consent of other people before they publish their personal data,
including audio and video content, in cases where they have widened access beyond self-selected
contacts.
[..] Further guidance is provided in the Committee of Ministers recommendation with regard to users of social
networks ability to control their personal information. Internet users should be informed and offered
accessible tools to exercise their right to limit access to their data, including the right to remove data from
archives and search engine caches.
[..] Internet users should be enabled to “opt in” settings (actively chose settings) in order to consent to wider
access by third parties. When allowing third party applications to access users’ personal data, the services
should provide sufficiently multi-layered access to allow users to specifically consent to access different kinds
of data.
[..] With regard to consent for processing personal data, Internet users should be enabled to withdraw
consent. Before terminating their account, users should be able to easily and freely move the data they have
uploaded to another service or device, in a usable format. Upon termination, all data from and about the users
should be permanently eliminated from the storage media of the social networking service.
[..] In addition, Internet users should be enabled to make informed choices about their online identity,
including with regard to the right to use a pseudonym. In the event that a social networking service requires
real identity registration, the publication of that real identity on the Internet should be optional for users. This
does not prevent law-enforcement authorities from gaining access to the user’s real identity when necessary
and subject to appropriate legal safeguards guaranteeing the respect of fundamental rights and freedoms.
Profiling
[..] Profiling is understood as automatic data processing techniques which consist of applying a profile to an
individual in order to take decisions concerning him or her or for purposes of analysing or predicting his or
CDDH(2013)025Rev2
30
her personal preferences, behaviours and attitudes. For example, personal data of an Internet user may be
collected and processed in the context of his/her interaction with a website or an application or in the context
of Internet browsing activity over time and across different websites e.g. pages and content visited, times of
visits, what was searched for, what was clicked (tracking). Cookies are one of the technologies/techniques
used to track users’ browsing/online activities; this is done by means of storing information in a user’s
equipment and retrieving it later on.
[..] Convention 108 principles and the rights foreseen therein are fully applicable to the processing of personal
data in the context of profiling. Additional safeguards on the right to privacy with respect to personal data
have been laid down in Council of Europe’s Committee of Ministers standards. 70 The Internet user to whom
profiling is applied is entitled to:
be informed about the logic underpinning the processing of personal data that is used to attribute a profile to
him/her and the purposes of profiling;
-
give his/her informed and specific consent to profiling and to withdraw such consent;
-
object to the use of his/her personal data for the purpose of profiling;
-
object to a decision taken on the sole basis of profiling, which has legal effects concerning him/her or
significantly affects him/her, unless this is provided by law which lays down measures to safeguard
the users’ legitimate interests, particularly by allowing him/her to put forward his point of view and
unless the decision was taken in the course of the performance of a contract and provided that the
measures for safeguarding the legitimate interests of the Internet user are in place.
[..] Restrictions of these rights are permissible where they are provided by law and necessary in a democratic
society for reasons of state security, public safety, the monetary interests of the state or the prevention and
suppression of criminal offences, or protecting the data subject or the rights and freedoms of others. 71
Education and literacy
[..] The right to education is enshrined in Article 2 of the protocol 1 to the ECHR. The Council of Europe’s
Committee of Ministers promotes access to Internet for education purposes. The first indent of this part of the
Guide, therefore, informs the user that he/she has the right to education which includes access to knowledge.
Internet users, in the exercise of their right to education, should be able to access digital education, cultural,
scientific, scholarly and other content in their languages and in relation to their cultures so as to ensure that all
cultures can express themselves and have access to the Internet in all languages. 72 The Internet user shall be
able to freely access publicly funded research and cultural works on the Internet. 73 Access to digital heritage
materials should be ensured within reasonable restrictions. Restrictions on access to knowledge are permitted
in specific cases in order to remunerate authors for their work, within the limits of fair use exceptions.
[..] The second indent of this part of the Guide encompasses issues of Internet and media literacy, which is
understood as the ability of Internet users to acquire basic information and skills in order to be able to exercise
his/her human rights and fundamental freedoms on the Internet. As part of their right to education, Internet
users should have access to basic education and knowledge about the exercise of their rights and freedoms
online. This is in line with the Council of Europe’s Committee of Ministers promotes computer literacy as a
fundamental prerequisite for access to information, the exercise of cultural rights and the right to education
through ICTs.74
70
Recommendation CM/Rec(2010)13 of the Committee of Ministers to member states on the protection of
individuals with regard to automatic processing of personal data in the context of profiling , section 5
71
Ibid., section 6.
72
See note 8 above, Section IV
73
Ibid.
74
Committee of Ministers Declaration on human rights and the rule of law in the Information Society,
CM(2005)56 final 13 May 2005.
31
CDDH(2013)025Rev2
[..] The user of the Guide is also informed about the fact that Internet literacy programmes and initiatives
should enable the user to critically analys the accuracy and trustworthiness of Internet content. Council of
Europe Member states should facilitate access to ICT devices and promote education to allow all persons, in
particular children, to acquire the skills needed to work with a broad range of ICTs and assess critically the
quality of information, in particular that which would be harmful to them. 75
Children and young people
[..] This section of the Guide encompasses information about rights of the child and young people which aim
at ensuring special protection for them in Internet environments. Because of the volume and richness of
Council of Europe standards in this field it was considered necessary to have a separate section on this
subject.
[..] The first indent addresses the issue of the right of children and young people to participate in society as
well as decisions affecting them by means of the Internet and other ICTs. The Committee of Ministers of the
Council of Europe has affirmed that all children and young people under the age of 18 should have the right,
the means, the space, the opportunity and, where necessary, the support to freely express their views, to be
heard and to contribute to decision making on matters affecting them, their views being given due weight in
accordance with their age, maturity and understanding. The right of the child and young people to participate
applies fully to Internet environments without any discrimination on any grounds such as race, ethnicity,
colour, sex, language, religion, political or other opinion, national or social origin, property, disability, birth,
sexual orientation or other status. 76
[..] The first indent informs the user of the Guide that the views of the child and young person should be given
due weight in accordance with their age and maturity and without discrimination. In practice this means that
in order to enable children and young people to exercise their rights and in particular their right to
participation, they should be provided with information appropriate to their age and circumstances, including
through social networking and other media on the opportunities available to them to exercise this right and
where they can get support to take advantage of their opportunities. In addition, they should be provided with
all relevant information and offered adequate support for self-advocacy appropriate to their age and
circumstances. They should be fully informed about the scope of their participation, including limitations of
their involvement, the expected and actual outcomes of their participation and how their views were
ultimately considered.77
[..] Where children and young people consider that their right to participate has been violated they should be
provided with effective redress and remedies, such as child-friendly means of making complaints and judicial
and administrative procedures including access to assistance and support in using them, ensuring that these
mechanisms are available to children and young people.78
[..] The second indent of this section informs the child or young user of the Guide that they should be enabled
to use the Internet in safety and with due regard for their privacy. In this connection, they should receive
training and information from teachers, educators and parents. This indent encapsulates the importance of
information literacy which in Council of Europe policy is understood as the competent use of tools providing
access to information, the development of critical analysis of content and the appropriation of communication
skills to foster citizenship and creativity, as well as training initiatives for children and their educators in order
for them to use the Internet and information and communication technologies in a positive and responsible
manner.79
75
Ibid.
Recommendation CM/Rec(2012)2 of the Committee of Ministers to member States on the participation of
children and young people under the age of 18
77
Ibid.
78
See Recommendation CM Rec(2011)12 of the Committee of Ministers to member states on children’s rights
and social services friendly to children and families, Council of Europe Guildelines on Child-Friendly Justice.
79
Recommendation Rec(2006)12 of the Committee of Ministers on empowering children in the new
information and communications environment.
76
CDDH(2013)025Rev2
32
[..] The third indent provides practical guidance to the child and young user of the Guide in respect of his/her
right to privacy. Children’s right to private life has been the object of examination in cases brought before the
ECtHR. In particualr the Court has considered that the physical and mental welfare of children are essential
aspects of their right to private life. 80 As part of positive obligations inherent in an effective respect for
private or family life, the Court has affirmed that effective deterrence against grave acts where fundamental
values and essential aspects of private life are at stake, requires efficient criminal law provisions and
investigations.81 This is even more important when the physical and moral welfare of a child is threatened.
Children and other vulnerable individuals are entitled to State protection, in the form of effective deterrence,
from such grave types of interference with essential aspects of their private lives. 82
[..] The third indent alerts the child and young user of the Guide that the content that they create on or using
the Internet (e.g. pictures, videos, text or other content) or the traces of this content (logs, records and
processing) may last or be permanently accessible. This may challenge their dignity, security and privacy or
otherwise renders them vulnerable now or at a later stage in their lives. Children and young persons should be
empowered to understand and cope with this reality and to protect their privacy online. This is based on
guidance that Council of Europe’s Committee of Ministers has provided to its member states on this matter,
notably by declaring that other than in the context of law enforcement there should be no lasting or
permanently accessible record of the content created by children on the Internet which challenges their
dignity, security and privacy or otherwise renders them vulnerable now or at a later stage in their lives. 83 It
has also invited member states together, where appropriate, with other relevant stakeholders, to explore the
feasibility of removing or deleting such content, including its traces (logs, records and processing), within a
reasonably short period of time.84
[..] The fourth indent also addresses empowerment aspects of children and young people. It provides
information in respect of harmful content and behaviour online. Children are entitled to special care and
assistance that is appropriate to their age and circumstances, in particular with regard to risk of harm which
may arise from content and behaviour, such as online pornography, the degrading and stereotyped portrayal of
women, the portrayal and glorification of violence and self-harm, in particular suicides, demeaning,
discriminatory or racist expressions or apologia for such conduct, solicitation (grooming), the recruitment of
child victims of trafficking in human beings, bullying, stalking and other forms of harassment, which are
capable of adversely affecting the physical, emotional and psychological well-being of children.85 In this
context the Guide alerts the child and young Internet user that they should be informed, in a way that is
adapted to their age and any other particular circumstances, about the types of content and behaviour that are
legal and what is illegal and harmful.
[..] Children and young people should be also given possibilities to report such types of content and behaviour
as well as advice and support to deal them with due regard for confidentiality and children’s anonymity. This
is in particular relevant in the context social networks. The Committee of Ministers has recommended to its
member states to take action in this respect. 86 Social networks should take measures to protect children and
young people from harmful content, in particular by:
- providing clear information about the kinds of content or content-sharing or conduct that may be
contrary to applicable legal provisions;
- developing editorial policies so that relevant content or behaviour can be defined as “inappropriate”
80
K.U. v. Finland - 2872/02 § 40, 41.
X and Y v. the Netherlands, §§ 23-24 and 27; August v. the United Kingdom no. 36505/02; and M.C. v.
Bulgaria, no. 39272/98, § 150.
82
K.U. v. Finland, no 2872/02 § 46.
83
Declaration of the Committee of Ministers on protecting the dignity, security and privacy of children on the
Internet
84
Ibid.
85
Recommendation CM/Rec(2009)5 of the Committee of Ministers to member states on measures to protect
children against harmful content and behaviour and to promote their active participation in the new information
and communications environment
86
See note 40 above, CM/Rec(2012)4 , Appendix, II, §10.
81
33
-
CDDH(2013)025Rev2
in the terms and conditions of use of the social networking service, while ensuring that this approach
does not restrict the right to freedom of expression and information as guaranteed by Article 10 of
the ECHR;
setting up easily accessible mechanisms for reporting inappropriate or apparently illegal content or
behaviour posted on social networks;
providing due-diligence response to complaints of cyber-bullying and cyber-grooming. 87
[..] The fifth indent informs the child and young user of the Guide about the risks of interference with their
physical and moral welfare, especially sexual exploitation and abuse in online environments and that they
should receive special protection in this regard. This approach finds its basis primarily on the Council of
Europe Convention on the Protection of Children against Sexual Exploitation and Sexual Abuse (CETS No.
201) hereinafter referred to as the Lanzarote Convention. The ECtHR has affirmed in its case law that states
have positive obligations to ensure the protection of children online. 88
[..] More specifically, the protection of children from sexual abuse and exploitation according to the
Lanzarote Convention includes protection from being recruited, caused or coerced into participating in
pornographic performances made accessible or available on the Internet (for example through webcams, in
chat rooms or online games).89 In addition, children must be protected from solicitation through the use of the
Internet or other ICTs for the purpose of engaging in sexual activities with the child (grooming) who,
according to the relevant provisions of national law, has not reached the legal age for sexual activities and for
the purpose of producing child pornography. 90
[..] Children should be encouraged to participate, according to their evolving capacity, in the development and
the implementation of state policies, programmes or others initiatives concerning the fight against sexual
exploitation and sexual abuse of children in Internet environments. 91
[..] Children should be provided with child-friendly and accessible means of reporting alleged sexual abuse
and exploitation of children on the Internet and making complaints through information services such as
telephone and Internet helplines. They should be provided with advice and support in using these services
with due regard for confidentiality and anonymity. 92
Effective remedies
[..] This section of the Guide brings together elements of the right to an effective remedy, the right to fair trial
and protection from cyber-crime. The explanatory memorandum covers them in the order that they included
in the Guide.
[..] The first paragraph informs the user about the right to an effective remedy, which is enshrined in Article
13 of.the ECHR. This right applies fully to Internet and online environments. Everyone whose rights and
freedoms as set forth in the ECHR are violated on the Internet has the right to an effective remedy. The first
paragraph is based on some of the general principles established by the ECtHR in its case-law. With a view to
keeping the Guide to a length that can be digested by the average Internet user, these principles were not
integrated in full but only summarised in the Guide. They are elaborated below for any further references by
Internet users.
[..] Article 13 of the ECHR guarantees the availability at the national level of a remedy to enforce the
87
Ibid..
K.U. v. Finland no. 2872/02.
89
Council of Europe Convention on the Protection of Children against Sexual Exploitation and Sexual Abuse
CETS No.: 201, Article. 2; Article 21, see also explanatory report on these articles.
90
Ibid., Article 23.
91
Ibid., Article 9/1
92
Ibid. Article 13. See also Recommendation CM Rec(2011)12 of the Committee of Ministers to member
states on children’s rights and social services friendly to children and families, Council of Europe Guildelines
on Child-Friendly Justice.
88
CDDH(2013)025Rev2
34
substance of the ECHR rights and freedoms in whatever form they might happen to be secured in the
domestic legal order. It requires the provision of a domestic remedy to deal with the substance of a complaint
under the ECHR and to grant appropriate relief.93 On this basis the Guide states in the first indent that
effective remedies should be proportionate to the violation suffered.
[..] States have a positive obligation to carry out an investigation of allegations of human rights infringement
that is diligent, thorough and effective. The procedures followed must enable the competent body to decide on
the merits of the complaint of violation of the Convention and to sanction any violation found but also to
guarantee the execution of decisions taken. 94
[..] Article 13 requires the existence of a national authority with the task of deciding on allegations of
violations of the rights guaranteed in the ECHR.95 There must be a specific legal avenue available whereby an
individual can complain about the unreasonable length of proceedings of determination his/her rights. 96 The
authority may not necessarily be a judicial authority if it presents definite guarantees of independence and
impartiality. The powers an authority possesses and the procedural guarantees which it affords should be so at
to permit a determination whether the remedy before it is effective. 97
[..] The procedure followed by the competent national authority should be effective in order to permit
effective investigation of a violation and to enable the competent authority to decide on the merits of the
complaint of violation of ECHR rights 98 and to sanction any violation and to guarantee the victim that the
decision taken will be executed.99
[..] The remedy must be effective in practice and in law and not conditional upon the certainty of a favourable
outcome for the complainant.100 Although no single remedy may itself entirely satisfy the requirements of
Article 13 the aggregate of remedies provided in law may do so. 101
[..] Based on the principles mentioned above, the Guide states that effective remedies can also be obtained
directly from Internet service providers, public authorities and/or other independent persons, authorities and
other organs. It further provides Internet users with examples of different recourses that they may have when
they consider that their rights and freedoms have been violated, namely an inquiry, an explanation by the
service provider or online provider, the possibility to reply to a statement which is considered for example
defamatory or offensive, reinstatement of user-created content that has been removed by an online service
provider, reconnection to the Internet when Internet users have been disconnected and related compensation.
[..] The first indent of this section brings together elements of corporate social responsibility to protect,
respect and remedy human rights. The theme of social corporate responsibility is a subject matter that is being
examined by the Council of Europe, notably the Steering Committee on Human Rights. 102 Moreover, the
ECtHR has affirmed in numerous judgments that states have positive obligations to protect the fundamental
rights and freedoms of individuals, notably in the context of protection of children and young people103, the
93
Kaya v. Turkey, no. 22729/93, §106.
Smith and Grady v. UK, no 33985/96 33986/96
95
Silver and others v. UK, no. 5947/72; 6205/73; 7052/75; 7061/75; 7107/75; 7113/75; 7136/75 §113; Kaya v.
Turkey, no. 22729/93, §106.
96
Kudla v. Poland, no. 30210/96, §157
97
Silver and others v. UK, no. 5947/72; 6205/73; 7052/75; 7061/75; 7107/75; 7113/75; 7136/75 §113; Kaya v.
Turkey, no. 22729/93, §106.
98
Smith and Grady v. UK, no 33985/96 33986/96, § 138.
99
Iatridis v. Greece, no. 31107/96, § 60.
100
Kudla v. Poland, no. 30210/96, §158.
101
Silver and others v. UK, no.5947/72; 6205/73; 7052/75; 7061/75; 7107/75; 7113/75; 7136/75§113; Kudla v.
Poland, no. 30210/96 §157
102
See Preliminary draft Declaration of the Committee of Ministers on the United Nations Guiding Principles
on Business and Human Rights considered by the Steering Committee for Human Rights (CDDH (2013)R78,
at pg.31
103
K.U. v. UK, no 2872/02;
94
35
CDDH(2013)025Rev2
morals and the rights of others104, combatting racist or xenophobic discourse, discrimination and racial
hatred105.
[..] In addition, in several judgements in the context of complaints relating to different articles of the ECHR,
the ECtHR has held states accountable for their failure to protect citizens from adverse effects on their rights
and freedoms of actions taken by private companies. 106 As part of their positive obligations to protect
individuals against violations of human rights by private companies states should take appropriate steps to
ensure that when such violations occur those affected have access to judicial and non-judicial mechanisms.
The latter may include administrative mechanisms (ombuds-institutions, data protection authorities) or
mediation-based or other adjudicative or dialogue processes (dispute resolution mechanisms, consumer
protection associations). These elements are captured in the second indent of the Guide.
[..] Companies should establish complaint mechanisms which are accessible, predictable (providing clear and
known procedure with indication of time frames for each stage of the process, clarity on the types of process
and outcomes available and means of monitoring their implementation) equitable (access to sources of
information, advice and expertise), transparent and capable to offer remedies which are in full compliance
with international human rights standards directly to individuals. 107
[..] In Internet environments, Internet users should be offered clear and transparent information regarding the
means of redress available. This information could be included in Terms of Use and/or Service or other
guidelines and policies of Internet service/online providers but should be consistent. Internet users should be
provided with practical and accessible tools to contact Internet service/online providers to report cases which
they believe are violations of their rights, to request information and seek remediation. Some examples of
remedies which may be available to Internet users are help-lines or hotlines run by Internet service providers
or consumer protection associations to which Internet users can turn in the case of violation of their rights or
the human rights of others.
[..] The third indent encompasses aspects of protection of Internet users from cybercrime. States who are
signatory parties to the Budapest Convention on Cybercrime have undertaken obligations to protect citizens
from criminal activities and offences on the Internet. Therefore, it is considered that Internet users have a
legitimate expectation in this respect. This indent is based on the standards laid down in the Budapest
Convention, notably its substantive provisions.
[..] The focus is on offences against confidentiality and integrity of computer data and systems and computerrelated offences. Content-related offences (child pornography, copyright infringement) are not covered here
as these are considered to be dealt with in the parts of the Guide relating to the rights of the child. The
protection of right-holders is considered to implicate the interests of the later rather than those of Internet
users. Also, interceptions and surveillance of communications are dealt with in the previous section of the
Compendium.
[..] The reflection aimed at preparing this part of the Guide included an analysis of the explanatory report of
the Budapest Convention in connection with each of the criminal offences, identified as explained above, with
a view to understanding what is the legal interest that is identified as being protected by the corresponding
provision of the Budapest Convention in particular whether individual users' legal interests are identified or
specifically mentioned. On this basis, this indent mentions those offences, which according to relevant parts
in the explanatory, are criminalised in order to grant protections to legal interests/rights of Internet users. In
other words, whenever the explanatory report of the Budapest Convention states that the legal protected
interest is that of a user the relevant provisions of the Convention are mentioned.
104
Pay v. UK, no. 32792/05.
Féret v. Belgium no.15615/07.
106
Lόpez Ostra v. Spain, no. 16798/90, § 44-58; Taşkin and Others v. Turkey; Fadeyeva v. the Russian
Federation.
107
See Guiding Principles on Business and Human Rights: Implementing the United Nations “Protect, Respect
and Remedy” Framework (A/HRC/17/31) endorsed by the Human Rights Council by Resolution Human rights
and transnational corporations and other business enterprises A/HRC/RES/17/4, chapter III, principles 28-31.
105
CDDH(2013)025Rev2
36
[..] Internet users have a legitimate interest to manage, operate and control their computer systems in an
undisturbed and uninhibited manner. They should be protected from illegal access to the whole or parts of
computer systems used by them including (hardware, components, stored data of the system installed,
directories, traffic and content-related data). This also includes protection from unauthorised intrusion into
computer systems and data (hacking, cracking or other forms of computer trespass) which may lead to
impediments to Internet users of systems and data such as access to confidential data (passwords, information
and secrets etc).108
[..] Internet users have a legitimate interest in the protection of the integrity and the proper functioning or use
of stored computer data or computer programs. This includes protection against computer data interference, as
for example the input of malicious codes (such as viruses and Trojan horses).109 They should also be protected
against interference with the functioning of computer or telecommunication systems by inputting,
transmitting, damaging deleting, altering or supressing computer data 110, as for example programmes that
generate ‘denial of service attacks, malicious codes such as viruses that prevent or substantially slow the
operation of the system, or programmes that send large quantities of electronic mail to a recipient in order to
block communication functions of the system (spamming). This may be an administrative or criminal offence
depending on domestic legislation.
[..] Internet users have a legitimate interest in the security and reliability of electronic data which is the
equivalent of a public or private document with legal effects. They should be protected against computer
forgery which involves unauthorised creation or alteration of data so that they acquire a different evidentiary
value in the course of legal transactions, which rely on the authenticity of information contained in the data.111
[..] Internet users have a legitimate interest in the protection of assets represented or administered in computer
systems (electronic funds, deposit money). They should be protected protection against computer fraud
manipulations which produce a direct economic or possessory loss of an Internet user’s property (money,
tangible and intangibles with an economic value) such as credit card fraud. 112
[..] Any security measure aimed at ensuring the protection of Internet users from cyber-crime must be in full
compliance with the standards of the ECHR, in particular Articles 8 and 10. 113
[..] The second paragraph deals with the right to fair trial, which is enshrined in article 6 of the ECHR. The
focus of the Guide is on the right to fair trial as it relates to the determination of civil rights and obligations or
criminal charges with regard to activities of Internet users on the Internet. This part of the Guide is based on
some of the key principles pronounced by the ECtHR, such as the right to a fair and public hearing within a
reasonable time by an independent and impartial court; the right to institute proceedings before courts, to a
final determination of the dispute, to a reasoned judgment and to the execution of the judgment; the right to
adversarial proceedings and equality of arms and others.
[..] The ECtHR, although not in Internet-related cases has established general principles with regard to the
quality of administration of justice (independence, impartiality, competence of the tribunal) the quality with
regard to the protection of right of the parties (fair hearing, equality of arms and public hearing) as well as
with regard to the efficiency of justice administration (reasonable time).
[..] Although the independence of judicial bodies is generally accepted the when deciding whether a court is
independent the ECtHR looks at the manner of appointment of its members, the duration of their office, the
existence of guarantees against outside pressure and whether the judicial body presents an appearance of
108
Budapest Convention on Cybercrime, Article 2, explanatory report, §.44-50.
Ibid., Article 4, explanatory report §, 60-61.
110
Ibid., Article 5, explanatory report § 65-69.
111
Ibid., Article 7, explanatory report § 81.
112
Ibid., Article 8, explanatory report § 86-88.
113
Ibid. Article 15.
109
37
CDDH(2013)025Rev2
independence. 114
[..] The tribunal must have the power to give binding decisions which cannot be changed by a non-judicial
authority115. The ECtHR has been reluctant to question any decision by a domestic courts which has conduct
proper inquiry into an allegation of bias by the parties concerned. 116 The ECtHR has held that although there
is no express guarantee of a right to access to court this is embodied in its guarantees. The right to access to a
court must not only exist but also be effective.117 By the very nature this right calls for state regulation, which
should nonetheless not injure the substance of the right nor conflict with others. Any limitations to such right
must pursue a legitimate aim and be proportional to the means employed and the aim sought to be
achieved.118
[..] The ECtHR has not recognised a right to legal aid standing on its own in civil cases. It has found that legal
representation was indispensable only when this became compulsory because of the nature and complexity of
proceedings, the factual and legal complexity of the case and bearing in mind what was at stake for the
applicant.119
[..] In cases where the jurisdiction of the domestic court over the facts of the case or the legal issue before it
was limited, the ECtHR has assessed the subject-matter of the dispute, whether the domestic court may, even
within the limited competence, adequately review disputed issues, the manner in which that decision was
arrived at, and the content of the dispute, including the desired and actual grounds of the action or appeal.120
[..] The principle of equality of arms is inherent in Article 6 of the ECHR. Everyone who is a party to
proceedings (civil or criminal) must have a reasonable opportunity of presenting her case to the court under
conditions which do not place her at a substantial disadvantage in relation to her opponent. The parties to
proceedings (civil or criminal) must have the opportunity to have knowledge of and provide comments on all
evidence or observations filed I the proceedings.
[..] The ECtHR has considered as violations of Article 6 cases in which domestic courts did not give detailed
answers to questions or submissions of applicants which were fundamental to the outcome of the case and
therefore the domestic courts would have the obligation to deal with it specifically in the judgment. 121
[..] In respect of publicity of hearings, the ECtHR has considered that the form of publicity to be given to the
judgement under the domestic law of the respondent state must be assessed in the light of the special features
of the proceedings in question and by reference to the object and purpose of Article 6(1). 122 The ECtHR found
violations of Article 6 when judgement was not given in public either by the domestic courts of first instance
or of the appeals, nor were the full texts of their judgments openly available to the public in their registries
and access was limited to those with a ‘legitimate interest’. 123
[..] The ECtHR assessed the guarantee of reasonable time for hearing on a case-by-case basis. Some of the
key elements it has considered include what is at stake for the parties concerned, the complexity of the case,
the conduct of the parties to the dispute and the conduct of the administrative and judicial authorities. The
ECtHR has attached importance to the nature of the facts to be established 124as well as other relevant factors.
114
Campbell and Fell v.UK, no. 7819/77 7878/77, § .48.
Findlay v UK, no. 22107/93, §77.
116
Gregory v UK, no. 22299/93.
117
Golder v. UK, no. 4451/70, § 35.
118
Ashingdane v. UK, no 8225/78, §57.
119
Aerts v. Belgium, no. 25357/94;
120
Bryan v. UK, no. 19178/91, §45.
121
Balani v. Spain, no 18064/91, § 27, 28.
122
Pretto and others v. Italy, no 7984/77, § 26.
123
Werner v. Austria, no. 21835/93, §41-51; Szucs and others v. Austria 20602/92, 21835/93, 28389/95,
28923/95, 33730/96, 38549/97, 35437/97,
124
Triggiani v. Italy, no. 13509/88, §17.
115
CDDH(2013)025Rev2
38
[..] Delays of the proceedings caused by the complainant are also considered where relevant. The state is
responsible for delays caused by all its administrative or judicial authorities. Some of the delays which the
ECtHR has considered as attributable to the state included adjournment of proceedings pending outcomes of
other cases, delay in the conduct of the hearing by the court or in the presentation of evidence by the state, or
in the court registry or other administrative authorities. 125 States must also organise their legal systems so as to
allow the courts to comply with the requirements of Article 6(1) including that of trial within reasonable time.
125
Zimmerman and Steiner v. Zwiterland, judgment of 13 July 1983 (Series A no. 66, § 29.