[IT] Court of Cassation rules on ISPs’ liability in RTI v. Yahoo! case

IRIS 2019-5:1/19

Ernesto Apa & Filippo Frigerio

Portolano Cavallo

On 19 March 2019, the Italian Supreme Court of Cassation issued its judgment in the appeal filed by RTI (Reti Televisive Italiane S.p.A., one of the main Italian broadcasters) against the landmark Milan Court of Appeals’ decision issued in January 2015 in the RTI v. Yahoo! case.

The case arose in 2009 when RTI filed a suit against Yahoo!, provider of the Yahoo! Video service, to have the latter condemned for copyright infringement against RTI, based on the fact that several of RTI’s videos were hosted on the Yahoo! Video platform, uploaded by users without RTI’s consent.

The first instance Court of Milan upheld RTI’s demands, declaring that Yahoo! had infringed the plaintiff’s copyrights by hosting those pieces of content.

In 2015, the Milan Court of Appeals reversed the decision, confirming that Yahoo! could not be held liable given its role as a mere intermediary that does not control or manage the content uploaded by third users. Yahoo!, therefore, had acted as a hosting provider - thus protected by the “safe harbour” defence in light of Article 16 of the E-Commerce Decree (Legislative Decree No. 70 of 2003) and Article 14 of the E-Commerce Directive (2000/31/EC). Most importantly, the Milan Court of Appeals did not recognise any distinction between active and passive hosting providers, proposed by some rulings, especially those of the Court of Rome. The Milan appellate panel had identified the category of “advanced” hosting provider, which does not fall outside the boundaries of the “safe harbour” defence provided by the e-commerce legislation. RTI filed an appeal against this decision with the Court of Cassation. The Court of Cassation reversed the appellate decision, establishing important principles of law, and remanded to the Court of Appeals on the requirements of the communication to lawfully put the provider “on notice.”

In light of the prevailing interpretation by the Court of Justice of the European Union (CJEU) and of new legislative developments at European Union level, the Court of Cassation recognised the existence of a distinction between active and passive hosting providers. The court established the following principle of law: “The active hosting provider is the provider of information society services that carries out an activity beyond a mere technical, automatic and passive service and, on the contrary, carries out an active conduct, cooperating with others in the commission of the illicit activity; thus, the active hosting provider cannot benefit from the safe harbor liability regime enshrined in Article 16 of the Decree and its liability shall be ascertained on the basis of the general rules on liability”.

To this end, the court enlisted some indexes that suggest that the hosting provider is carrying out an active role (not all of them must be present): (i) filtering, (ii) selection, (iii) indexing, (iv) organisation, (v) cataloguing, (vi) aggregation, (vii) evaluation, (viii) use, (ix) modification, (x) extraction, or (xi) promotion of content, if made in the context of a business-oriented management of the service, as well as techniques to profile users in order to increase their loyalty. The ultimate effect of these activities is “[…] to complete and enrich in a non-passive way the fruition of the contents by indeterminate users”.

The court then dealt with the issue of liability, focusing its analysis on Article 16 of the E-Commerce Decree and laying down the following principle of law: “in the context of the information society services, the hosting provider’s liability pursuant to Article 16 of the E-Commerce Decree exists upon the provider that failed to immediately remove the unlawful pieces of content as well as when it kept hosting them, when all the following conditions are met: (i) the provider is aware of the illicit activity committed by the recipient of the service, because it received notice from the rightsholder or from third sources; (ii) the unlawfulness of the recipient’s conduct is reasonably verifiable with the same degree of diligence that it is reasonable to expect from a professional Internet operator in a certain historical moment, insomuch as the provider is grossly negligent if it fails to ascertain the unlawfulness of the content; (iii) the provider has the possibility to usefully act, because it was made aware in a sufficiently specific way of the unlawful pieces of content that shall be removed”.

In this respect, the Court of Cassation underlined that the liability of a hosting provider is based on two specific elements, namely (i) the unlawfulness of the content hosted, which in turn derives from the infringement of others’ rights, by means of a civil or criminal offence, for example, a copyright infringement; and (ii) the knowledge of this unlawfulness, meaning that the hosting provider’s liability can exist only if the latter culpably omits to take down the unlawful information or disable access to its service, thus failing to stop the infringement of third parties’ rights.

The Court of Cassation remanded to the Milan Court of Appeals the decision as to whether the notice shall mandatorily include the URLs of the at-issue content or whether other details suffice for the purpose of putting the provider on notice.

Finally, the Court of Cassation clarified that the purpose of Article 17 of the E-Commerce Decree is to enhance cooperation between hosting providers and national judicial/administrative authorities in identifying and preventing unlawful activities. Article 17 being a general principle, hosting providers, either active or passive, cannot be deemed liable for failure to preventatively monitor their services. However, they shall promptly inform the authorities when they are aware of potentially unlawful activities on their services.


This article has been published in IRIS Legal Observations of the European Audiovisual Observatory.