Uncommon Sense Makes Executives into Common Criminals

What ever happened to common sense?

The blogosphere is buzzing about the conviction of three Google executives on privacy violations. A judge in Milan convicted 3 of the 4 defendants for failure to comply with the Italian privacy code. All 4 were found not guilty of criminal defamation. The outrage is that this ruling means that employees of sites that host web content are criminally responsible for the content that users upload.The story begins in 2006 when students at a school in Turin, Italy filmed and uploaded a video to Google Video that showed them bullying a schoolmate with Down’s syndrome. The offensive video was removed within a few hours after Google was notified by the Italian police and they cooperated with the investigation and helped identify the person responsible for the upload. The girl who uploaded it and the other classmates involved were sentenced to 10 months community service and expelled from their school.

You’d think that the guilty were punished and the story ends. However, a prosecutor decided to indict the the 4 Google employees even though they had nothing to do with the video – they didn’t appear in it, film it, upload it, review it or know the people involved. They were not even aware of the video’s existence until after it was removed.

Prosecutors argued that Google broke Italian privacy law by not seeking the consent of all the parties involved before allowing it to go online. The public prosecutor, Alfredo Robledo said, “A company’s rights cannot prevail over a person’s dignity.” He claimed that the executives did not do enough to keep the offensive video off its site. Say what? They cooperated to have the video removed as soon as they were informed! They did not post the video! Those that made it and posted it were convicted. Does every C-level executive need to sit in front of a monitor and scan the content that they host?

Having personally been involved with a company (where I was a major stock holder and co-owner) that faced a similar situation, I fail to see how a content or service provider, and especially the executives, are responsible for the actions of others. The responsible parties were caught and convicted. If the prosecutor was compelled to go after other culpable individuals, why not prosecute the parents of the kids who did this? Why not go after the phone company or ISP that carried the signal to make the connection to Google Video? They carried the content, didn’t they?

Since the WWW began, there has been a debate over who is responsible for content posted to the Internet. If you take this decision to the absurd point to where attorneys will probably take it, there is unlimited liability to not only any company that hosts content, but to its employees also. Taking this to the next level, why wouldn’t the phone company be liable for prank calls (especially those you hear on the radio all of the time) that offend someone on the other end. Why isn’t the post office held responsible for the anthrax envelopes that killed innocents back in 2001? The Post Master General should have been opening every letter and inspecting it for content! And what about spam? Shouldn’t my ISP stop that? And why is AT&T or British Telecom (or whatever carrier) not held responsible for allowing a virus or a botnet to propagate on their networks? (That makes me wonder if I should get my company to sue their carrier for damages the next time we get a malware breakout!)
I won’t get on a soap box about the absurd privacy laws in the European Union and especially in Italy. (Did you know that your IP address is considered private information there?) But I will suggest that a successful criminal prosecution is a great stage for a civil case that could involve millions of Euros in a settlement. I am not saying that the “victims” in this case are doing any such thing or that they even had anything to do with encouraging this prosecution. But it *is* something to consider. This case has done nothing to validate the efficacy of privacy laws. Instead, it has just shown how broadly they can be applied and abused.

The simple fact is that no company can police every piece of content in real time. The cost would be prohibitive. The most you can hope for is prompt removal once notified. EU privacy laws specifically give hosting providers a safe harbor from liability so long as they remove illegal content once they are notified of its existence. So what to do…? what do to? Should Google fight back and stop offering services to anyone in Italy? Will that teach them? Probably not.

I can only hope that somewhere in the system, common sense will prevail. Google will appeal and the ruling will probably be overturned. If not, the whole concept of the Internet is at risk.

NB: I don’t endorse the reprehensible behavior of the students who did this. I also do not condone the posting of illegal content. And I sure as hell don’t support heavy handed government intervention.

Share and Enjoy:
  • Print
  • Digg
  • del.icio.us
  • Facebook
  • Twitter
February 24th, 2010 in Uncategorized | tags: ,

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

2 Comments

Saad KadhiFebruary 25th, 2010 at 2:15 am

“Does every C-level executive need to sit in front of a monitor and scan the content that they host?” no but they have to comply with the law and if the Italian law says that you must seek the consent of every person on the video before making it available online, then you must. There is a similar law in France (le droit à l’image) and it has legitimate reasons for existing, mainly related to dignity.

“If the prosecutor was compelled to go after other culpable individuals, why not prosecute the parents of the kids who did this? Why not go after the phone company or ISP that carried the signal to make the connection to Google Video? They carried the content, didn’t they?”. Because the parents are not guilty according the Italian privacy code you are mentioning. They didn’t take the video, they didn’t broadcast to million of users etc. As for the phone company and the ISP, last I heard moving bits from one place to another is not exactly broadcasting. Your argument sound fallacious to me. If someone takes a picture of you and it ends up in a tabloid, you won’t be getting anywhere suing the company that makes the paper or the ink under the Italian privacy code.

“Taking this to the next level, why wouldn’t the phone company be liable for prank calls…” Nice sophist move but a bit too obvious.

“Should Google fight back and stop offering services to anyone in Italy?” Rest assured, they have good lawyers.

“I sure as hell don’t support heavy handed government intervention.” Agreed but again, this doesn’t seem to be the case here as infringing laws doesn’t really count as a heavy handed government intervention.

Moonraker_069February 25th, 2010 at 3:11 pm

Saad, great comments! I actually agree with you to some extent and used hyperbole to make my point, which appears to be what the Italian courts did in this ruling.

I think you nailed the core issue here – the law itself – or rather, the interpretation and scope of the law. While the intention of the "consent" principle in EU privacy laws is to allow individuals to control their private information, its application is too broad. This Italian case is but one example. Avoiding sophistry, if the same standard were applied to all Internet services, such as Facebook, news media, blogs, web cams (traffic cameras, police cameras, or otherwise), search engines, behavioral marketing and other online media, nothing could be posted that might be considered private information without the explicit consent of the individual.

I believe it is the court's responsibility to interpret such laws in a pragmatic, objective manner. The crime that was committed was by those directly involved. Google did its duty to remove the content when they were informed. To expect consent from everyone who has any information about them posted online is a burden that would seriously limit what we can do on the Internet.

This is obviously a matter for debate and many more privacy issues like this will continue as our society tries to catch up to the available technologies. This is nothing new. One of the first mentions of the "Right to Privacy" can be traced back to the seminal 1890 article in the Harvard Law Review written by Samuel Warren and Louis Brandeis (http://faculty.uml.edu/sgallagher/Brandeisprivacy...

To quote one of their concerns at the time, "Instantaneous photographs and newspaper enterprise have invaded the sacred precincts of private and domestic life; and numerous mechanical devices threaten to make good the prediction that 'what is whispered in the closet shall be proclaimed from the house-tops.' For years there has been a feeling that the law must afford some remedy for the unauthorized circulation of portraits of private persons."

This was in response to the newest technology at the time: cameras.

Thanks again for the comments!
Bobby

Leave a comment

Your comment