Defamation Law Part 2: Successful strategies to deal with online defamation
Although it is difficult to get a successful result in an online defamation issue, it can be done by carefully establishing who is making the comment, and where they are based. Other important considerations are how damaging the comments are and whether threats might drive the defamer to make further comments. Litigation and threats of litigation are not always the best way forwards but they can be a useful tool. The Facebook case illustrates one such instance where litigation was used to stop defamation on a social networking site.
The Facebook case: A modern take on defamation
Many web users have a false belief that they can say anything they want on the internet and not be held responsible. The courts are finding otherwise. In the most recent English case, Applause Store Productions Ltd v Raphael  EWHC 1781 (QB) (QBD), a man was held liable for comments made on Facebook. Although the limits of defamation law were hardly stretched in this case, it is interesting to see how the court responded.
The case involved Mathew Firsht, the owner of Applause productions, a well known company which provides audiences for television shows. He did not have a Facebook account. In June 2007 a fake profile was placed up on Facebook in an account using Mr. Firsht’s name. This featured extensive personal information about him including his sexual orientation, political views, religious beliefs and a picture – supposedly of Mr. Firsht – but which was actually a copy of the profile picture from his twin brother’s Facebook page. The profile also included a link to a Facebook Group called ‘Has Mathew Firsht lied to you?’ In this case there was no dispute about whether the material was defamatory but only over whom had put up the profile and the group.
The defendant, a Mr. Raphael who had been a friend of Mr. Firsht and also knew him professionally, had his identity revealed after Firsht’s lawyers sent a takedown notice to Facebook and obtained a Norwich Pharmacal order against Facebook. The order required Facebook to disclose not only the registration data but also details of the IP addresses and email addresses which created the profile.
The profile had in fact been created by someone at Mr. Raphael’s IP address. After the profile was created all relevant activity which occurred on the fake account continued to come from Mr. Raphael’s IP address. The same IP address was also used during this time to login into two other Facebook accounts: Mr. Raphael’s account and Mr. Raphael’s girlfriend’s account. The fake account had only been signed into from two different computers at the IP address which included Mr. Raphael’s computer and his girlfriend’s laptop which he admitted he often used. The facts about the IP address and login details were not refuted by Mr. Raphael.
The case gets even stranger. Mr. Raphael’s defence was that he did not create the profile and that the evening the profile was created he and his girlfriend had met a group of strangers at a bar who then returned home with them and spent the night. He said that one of them must have created the profile from his computer. He did not give an explanation of how someone else had been logging into the account from his IP address on the subsequent times the account had been accessed which would have been after the fake profile creating stranger left his home. He instead choose to defend himself by relying on alibi evidence that he had not been at home on the other occasions when the Facebook profile had been accessed so it had to have been someone else.
The judge did not believe his story at all (rightly so) and decided that Mr. Raphael had in fact been the one to put up the false profile as well as the defamatory group. Although the profile was not visible for a considerable length of time, 16-17 days, the judge ruled that due to the popularity and nature of Facebook, which targeted the material towards people who knew Mr. Firsht, the materials were particularly damaging. The Judge also ruled that the allegations of dishonesty were serious enough to harm Mr. Firsht’s business so allocated the award with £15,000 to Mr. Firsht personally, £5,000 to his business and an extra £2,000 for breach of his privacy. In this case, Mr. Raphael learned to his chagrin that comments made online can be costly and that lawyers can often get around the anonymity problem with IP addresses identifying computers not users.
Liability of Internet Service Providers
The other point to bear in mind when discussing defamation on the internet is that in some jurisdictions, including England, Internet Service Providers can have liability for content on the sites they host. They can be liable even if they were merely passively hosting the site unless they take down the objectionable material when they receive notice of it. The famous case on this point in England is Godfrey v. Demon. In that case, an unknown person purporting to be Godfrey put up a comment on Demon’s server. The statement was defamatory. The real Mr. Godfrey asked to have it removed telling Demon that it was fraudulent. When Demon failed to remove the post Godfrey sued for defamation and won. This case established the importance of ISPs treating complaints seriously and investigating and taking down any content that can be considered defamatory.
Since this case, the E-commerce directive has come into effect which also has ramifications for when a host can be liable in defamation (or for other acts). ISPs are in a difficult position. On the one hand if they remove any content posted by their customers they could be in breach of their customers’ contractual rights (unless their contracts expressly absolve them from liability in certain circumstances) On the other hand if they don’t remove the content they could become personally liable for it to third parties.
Under the E-commerce Directive most ISPs will be viewed by the courts as a mere conduit and therefore not liable for the content, as long as they do not initiate the transmission, select the receiver of the transmission and do not select or modify the information in the transmission. Nevertheless, ISPs will still have liability if they are notified of infringing material and then refuse to take it down, and there are those who believe their responsibilities should be broadened further.
The position in the USA
In the United States, ISPs are not liable for defamatory information but they are often joined as co-defendants in lawsuits with John Doe.? There is a purely practical reason for doing this. ISPs are becoming increasingly wary of divulging information about their users since it could be an invasion of privacy.
By joining the ISPs as defendants, once the lawsuit is initiated lawyers can make discovery demands of the ISP to get all of the relevant data which could help them trace the unidentified user who posted the comment. Once the user is identified the ISP is usually dropped from the lawsuit and the user remains the sole defendant.
These laws not only have ramifications for ISPs but for any company which has a forum or allows user generated content on their website. Many companies are not aware that they themselves can be found liable for defamation due to actions of employees or other third parties on these websites. In-house lawyers are becoming increasingly aware of the laws on defamation and privacy in order to take adequate steps to protect their employers.
What to do
If you find that you are the subject of a defamatory comment online there are a number of things that can be done. Clearly balance the seriousness of the comment with the costs associated with getting it taken down. The last resort option would involve going to court to get disclosure orders. Unless the comments are particularly grievous or widespread other avenues should be explored first.
If you are dealing with a hate site that uses a domain name similar to your company name there may be the possibility of trying to retrieve the domain name through a UDRP or other dispute resolution policy. However, this can be risky since at the moment it has not been decided whether these types of sites constitute fair use under the rules. The other problem with this method is that you may inflame the situation further. Also your efforts could be wasted if the site simply reappears on another non-infringing domain name.
Another option is to address the comment in the press or on your own website. Recently, in Israel, an anonymous internet user began a hate campaign against Israel’s best known maker of dairy products. Defamatory comments were posted on a variety of websites and also sent around through emails. The company responded to the situation by posting comments on the website and also sending out their own emails via employees which defended their business. This approach has been successful as content is no longer being posted and the record has been set straight for anyone doing future web searches.
It should always be kept in mind that attacks are often short lived. Surprisingly the best option sometimes can be to deal with the situation by ignoring it, and possibly using SEO strategies to keep the site or the comment low down in the search results. The comment or website will often disappear since it takes a lot of energy to keep the site sufficiently prominent.
Reputation Management Defamation Law 2 author Shireen Smith is an intellectual property solicitor and technology lawyer at Azrights Solicitors providing advice on trademark registration, patents and domains and domain disputes.