Swico has adopted this Code of Conduct for Hosting (hereinafter “CCH”) to establish technology-appropriate guidelines for Swiss hosting providers regarding the handling of prohibited content, to establish these guidelines as an industry standard, to strengthen legal certainty, and to make it easier for individuals affected by prohibited content to take action against the creators of such content.
With the notice-and-notice and notice-and-takedown procedures set forth in the CCH, Swico implements principles of conduct that are already being applied in self-regulatory instruments of Internet service providers (ISPs) and hosting provider associations in the European and international contexts. In drafting the CCH, Swico also took note of the requirements that regulations—particularly in the United States and the European Union, or rather in their member states—impose on so-called notice-and-takedown procedures and the associated liability exemptions for hosting providers; in doing so, Swico took into account that this regulatory framework differs in the European Union from that in Switzerland.
By adopting this CCH, Swico also acknowledges the efforts of the Council of Europe and the work of the Council of Europe’s Expert Group on New Media, which provide incentives for the involvement of ISPs in regulatory initiatives aimed at achieving state regulatory objectives on the Internet, while recognizing and promoting the potential for self-organization and self-regulation among ISPs. In this context, it has also consulted the Human Rights Guidelines for Internet Service Providers developed by the Council of Europe in cooperation with the European Internet Services Providers Association (EuroISPA) and welcomes their commitment to the importance of self-regulation on the Internet.
Internet service providers play an important role as intermediaries on the Internet. They make Internet communication possible in the first place. In an effort to promote the economic, social, and cultural potential of their services, they commit to the following principles of conduct.
The CCH constitutes a code of conduct for handling reports of potentially illegal content. It is an act of voluntary self-regulation.
Any services provided by the hosting provider that go beyond pure hosting services are not covered by the scope of the CCH. In particular, Internet access services as well as services for storing, processing, and making content available to third parties in a non-publicly accessible area (e.g., cloud services) are not covered.
3.1 ) Prohibited Content
Content that infringes the rights of third parties, in particular intellectual property rights in the broad sense (such as copyrights or trademark rights) or personal rights, or constitutes a criminal offense (specifically in the areas of pornography, depictions of violence, racism, and defamation).
3.2 ) Hosting Service
A service that enables operators of websites and applications to store, process, and make content publicly available to third parties
3.3 ) Customer
A customer of the hosting provider with whom a contract regarding hosting services exists.
3.4 ) Notice
A notification from an affected party stating that content made publicly accessible by the customer is impermissible.
It is required that the sender be more than just a third party or the general public affected by the alleged infringement. In cases of violations of personal rights and offenses requiring a complaint, this includes the injured party (or their representative); in cases of intellectual property rights infringements, it includes the person entitled to ownership or licensing rights to the content (or their representative). In the case of offenses prosecuted ex officio, no specific involvement of the sender is required.
Substantively and formally, a notice must contain at least the following information:
As intermediaries on the Internet, hosting providers provide an infrastructure that enables operators of websites and applications to store, process, and make content publicly available to third parties. Hosting providers have no knowledge of what content their customers store, process, and make available. They are also not obligated to actively monitor the content. The customer alone is responsible for content that they store, process, or make accessible to third parties while using the hosting services.
The obligations of the hosting provider defined in the CCH serve the purpose of making it easier for persons affected by unlawful content to take action against the author of such content.
5.1 ) The hosting provider reviews a received notice to determine whether it meets the substantive and formal requirements of Section 3.4. In assessing these requirements, the hosting provider applies the standard of a legal layperson.
5.2 ) If the received notice does not meet the formal and/or substantive requirements of Section 3.4, or does not meet them in full, the hosting provider shall request the sender of the notice to supplement the notice within two business days of receiving the request. If the sender does not supplement the notice within the deadline, or if the supplemented notice also does not meet or does not fully meet the formal and/or substantive requirements of Section 3.4, the hosting provider will not process the notice further.
5.3 ) If the received Notice fully meets the formal and substantive requirements of Section 3.4, the Hosting Provider will generally send a notification to both the customer and the sender of the Notice within two business days of receiving the complete Notice.
5.3 a ) In the notification to the customer, the provider informs the customer of the receipt of the notice and forwards the notice to the customer. The provider informs the customer that the customer is solely responsible for content that the customer stores, processes, or makes available to third parties while using the hosting services. The provider requests that the customer remove the disputed content or justify the legality of the content in a statement to the sender of the notice. The hosting provider also informs the customer that the customer is liable to the hosting provider for expenses incurred in connection with the defense against third-party claims and for any further damages. The hosting provider may require the customer to provide security to cover such damages as a precautionary measure. In clear-cut cases, the hosting provider may also proceed directly in accordance with Section 6.
5.3 b ) In the notification to the sender of the notice, the hosting provider acknowledges receipt of the notice and informs the sender that a letter has been sent to the customer. The hosting provider informs the sender of the notice that the customer alone is responsible for any content that the customer stores, processes, or makes available to third parties while using the hosting services. In addition, the hosting provider informs the sender that the hosting provider is not authorized to disclose customer data. Instead, the hosting provider points out ways in which the sender can determine the identity of the owner of an Internet domain (e.g., via Whois databases available on the Internet) and which government agencies the sender can contact to enforce the alleged claims. In clear-cut cases, the hosting provider may also proceed directly in accordance with Section 6.
6.1 ) If the notice received fully meets the formal and substantive requirements of Section 3.4 and is highly likely to concern impermissible content, or if the hosting provider could itself be held criminally or civilly liable, the hosting provider may, at its own discretion, block access to the affected website in whole or in part until the matter is resolved between the parties concerned or by courts and authorities.
6.2 ) Immediately before or after a block, the hosting provider shall inform the customer of the receipt of the notice, forward the notice to the customer, and inform the customer of the reason for the block. At the same time, the hosting provider shall inform the sender of the notice of the block and the communication to the customer. The hosting provider shall decide at its own discretion whether to report criminal offenses to KOBIK (National Coordination Unit for Combating Internet Crime) or to law enforcement authorities.
6.3 ) The standard of a legal layperson applies to the assessment of the completeness of the notice as well as to the discretion regarding blocking and reporting.
7.1 ) The hosting provider shall ensure that its agreements with the customer contain, at a minimum, the following provisions and notices in accordance with their meaning:
The hosting provider shall implement internal organizational measures to ensure that notices are processed promptly. It shall designate a person as the primary contact responsible for unauthorized content and shall communicate on its website how and to whom notices are to be submitted for processing under the notice-and-takedown procedure, for example via an online form.
Swico provides its members with templates for the notifications to customers and to the sender of the notice mentioned in the CCH.
The CCH constitutes a voluntary self-regulatory framework. Given the existing legal uncertainty regarding provider liability, Swico cannot guarantee that compliance with the CCH will protect the hosting provider from criminal prosecution and penalties or civil liability.
This Hosting Code of Conduct takes effect in April 2020.