From Intermediary Liability to Intermediary Responsibility: A Juxtaposition of
the EU and Nigerian Liability Regime for Internet Service Providers over
Intellectual Property Rights Infringements Online.
Enyinnaya C. Uwadi *
The huge annual increase in the number of internet users in Nigeria makes the country a fertile ground
for investment by Internet Service Providers (ISPs). This increase also comes with a higher probability
for the violation of intellectual property (IP) rights on the internet. With the current global trend in
holding ISPs to a higher standard of responsibility for online IP rights violation as exemplified by the
EU, this article presents an attempt to juxtapose the EU and Nigerian regime, while drawing out lessons
the latter could learn from the former in its current legislative review process.
The internet and its benefits which include the massive growth of electronic commerce
coupled with the surge in the use of social media and online entertainment platforms in recent times,
has become part of our daily lives.
The downside of these benefits of the internet is that it has become
a platform for the violation of law, particularly, intellectual property (IP) infringements. The reason
why IP infringement is so common on the internet is that internet users can do so anonymously from
any part of the world.
Investigating the identity of such an anonymous infringer may be time-
consuming, costly, and often times nearly impossible for the right holder.
Consequently, right holders
started taking actions against internet service providers (ISPs) also known as online intermediaries,
for being the vehicle used for the infringement of the rights.
Questions have also arisen as to whether
the liability for the infringement lies with the ISPs or the individual infringers.
* Roehampton Business School, London.
LLB (Hons) Abuja; BL (Hons) Nigeria; LLM Energy Law, Ibadan; LLM International Commercial Law with Competition Law
and Regulation (Distinction) Reading, UK.
Ian J. Lloyd Information Technology Law (6th edn OUP 2011) 443.
Lilian Edwards, Law, Policy and the Internet (Hart, 2019) 253.
European Parliament Directorate-General for Internal Policies, ‘Liability of Online Service Providers for Copyrighted
Content – Regulatory Action Needed?’ (2018) IP/A/IMCO/2017-08.
Notwithstanding the different classifications of online intermediaries, the term ISP will be used and read contextually to
cover all online intermediaries.
French Hadopi Law.
The dominant view in recent times appears to suggest that ISPs are to be held liable albeit in a limited
way since they provide the platform upon which the right infringement occurs.
This has led to some
concerns and debates on how the ISPs are supposed to handle these IP rights infringements or prevent
them from occurring, as well as the balancing of the role of the ISPs as providers of platforms for the
expression of end-users, the commercial interests of the IP rights owners, and the privacy rights and
freedom of expression of the end-users.
The above points noted, this article examined the liability of ISPs for IP infringements under the EU
and Nigerian legal regimes. It observed that the current legal framework in the EU appears to be tilted
more in favour of protecting the IP rights holders than ISPs and users,
unlike the antecedent position
which provided a sort of shield of immunity for ISPs in some wide circumstances. The current
framework, it is argued has the potential of affecting the economic survival of the ISPs especially those
who rely on user-generated content, by increasing transaction costs via blocking and monitoring
while these obligations could infringe on the right of expression and privacy of
On the Nigerian regime, the article observed that the legal regime from the inception of the internet era
in the country tilts towards the protection of ISPs from IP rights violation by its users. From
observations of the EU regime, the article suggested some legal reforms towards greater intermediary
responsibility in the current Nigerian IP legislative reform process.
In conclusion, it suggests that in designing liability regimes for online IP rights infringement, the focus
should be on identifying the rules which facilitates a thriving domestic market, which would allow for
sustained development of technologically savvy and infringement neutral technologies in order to cater
for the interest of not only online actors, but the general citizens.
2.0 Role of ISP (Online Intermediaries)
The unique structure of the internet comprises three distinct actors. The first category refers to those
who create or post information, while the second refers to the recipients or targets of the information,
and finally, the intermediary (ISP) which plays the key role of providing a platform for the first and
second actors to connect. According to Savin,
the intermediaries play a neutral role by enabling the
flow of information between the first and second actors without contributing to the content of the
Tiffanny Li, ‘Beyond Intermediary Liability: The Future of Information Platforms’ (2018) Yale Law School Workshop
Report <https://ssrn.com/abstract=3392438> accessed 07 January 2020.
Andrew Murray, Information Technology Law (4th edn OUP 2019) 302; Council Directive 2019/790/EC of 17 April 2019
on copyright and related rights in the Digital Single Market and amending Directives 96/9/EC and 2001/29/EC  OJ
These actions can also be taken voluntarily by them to avoid liability or sanctions.
Andrej Savin EU Internet Law (Eldar 2013) 104.
information; they also act as guardians of the identity of the users and protect their anonymity; and
lastly, they are in a unique position to mitigate or prevent the damage which may be caused by the
activities of the first and second actors.
According to a study by the OECD, ISPs facilitate transactions between third parties on the Internet by
giving access to, host, transmit and index content, products, and services originated by third parties
online, or provide internet-based services to third parties.
Further, ISPs have a significant role in the prosecution of online IP infringements due to the position
of trust they occupy.
To explain further, trust, the fabric upon which legal systems are based, can be
developed in an offline world via personal relationships. In an increasingly faceless world of the
internet, it is almost impossible to achieve such a level of personal relationship. Therefore, there is a
need for some sort of institution to fill the void and replace this trust in order to facilitate the various
anonymous communication on the internet in a secured manner. Herein lies the trust role of ISPs on
In summary, ISPs generally act as gatekeepers to internet publications;
the backbone of the internet
infrastructure, exert enforcement of IP rights without being state actors
shape public policies
as copyright policies
However, the role of ISPs has been met with some criticisms which include the lack of transparency in
their management of online traffic;
control of the online market as virtual monopolies, thereby
restricting end-user choices; abuse of power
as was the case of Google where about 28% of their
takedown requests were invalid;
and indirectly facilitating unlawful activities like IP rights
infringement on their platform by their end-users.
3.0 Rationale for Liability of ISP
OECD, ‘The Economic and Social Role of Internet Intermediaries’ (2010)
<https://www.oecd.org/internet/ieconomy/44949023.pdf accessed 07 January 2020.
Christian Czychowski and Jan Bernd Nordemann ‘Limitless Internet – unlimited liability? Guidelines for a liability model
of intermediaries (2013) GRUR 986.
Diane Rowland, Uta Kohl and Andrew Charlesworth Information Technology Law, (5th edition, Routledge, 2017) 73.
ibid at 87.
Leo Kelion, ‘Google wins landmark right to be forgotten case’ (BBC News 24 September 2019)
< https://www.bbc.co.uk/news/technology-49808208> accessed 08 January 2020.
Content ID system of YouTube and Copyright School; See also Bloomberg Law, ‘Prince Estate Wins YouTube Concert
Video Copyright Claims’ (Bloomberg 7 January 2010) < https://news.bloomberglaw.com/ip-law/prince-estate-wins-
youtube-concert-video-copyright-claims> accessed 08 January 2020.
Vlad Savov, ‘In the absence of net neutrality, UK regulator demands more transparency from ISPs’ (The Verge November
24 2011) <https://www.theverge.com/2011/11/24/2584602/ofcom-isp-transparency-net-neutrality> accessed 09 January
Mathew Bloomer ‘Do ISPs Abuse Their Power?’ (xdadevelopers February 26, 2015) <https://www.xda-
developers.com/do-isps-abuse-their-power/> accessed 09 January 2020.
Scott Davenport ‘Columbia University Researchers Claim 28% Of Google’s URL Takedown Requests Are Invalid’
accessed 09 January 2020.
Generally, infringement of IP rights on the internet can result in what could be categorised into primary
and secondary liabilities.
Primary liability refers to those who infringe on IP rights firsthand. End
users are usually the primary violators, except in cases where the ISPs directly provide the infringing
content for the end-users. On the other hand, secondary liability refers to those who provide a platform
for a primary infringement to occur, for example, ISPs. That is to say that there must be a connection
between a primary and a secondary IP rights infringer for a case of secondary liability to be
The rationale for imposing secondary liability of IP rights infringement on ISPs ranges from the moral
aspect of not allowing an infringer to enjoy the IP of another without authorisation; compensation
especially in cases where there is a commercial benefit; source of deterrence, because ISPs control the
gateway through which internet pests enter and re-enter the system;
detecting violation and
enforcement at a reasonable cost for IP right holders due to the myriads of challenges with identifying
and going after the individual rights infringer.
This challenge is more prominent in the case of an
anonymous violator. Therefore, this makes the ISPs not only the identifiable target but also an
economically viable target for lawsuits by IP rights holders, because they are most likely to have
financial resources to compensate the rights holder.
On the flip side, ISPs advocates argue that the role of ISPs is similar to that of a messenger like a post
office, or that of a telephone company, and since the post office and telephone companies are not held
liable in defamation suits for their role as passive conduits, the same privilege should be extended to
Also, making ISPs liable will be lead to the adoption of a blanket filtering obligation for user-
generated content by ISPs in other to avoid liability. It is argued that even where this is done, there is
no guarantee that every infringing content online will be detected. This will therefore be an
overwhelming burden for the ISPs, incur extra operation costs which could be passed on to the users
in form of higher subscription costs, and may also be in violation of the privacy rights of internet users.
4.0 Liability of ISPs under EU Law
In the introductory section of this article, it was mentioned that the initial trend of liability for IP rights
infringements tilted against ISPs as secondary infringers, due to the difficulties and costs associated
Matthias Leistner ‘Structural aspects of secondary (provider) liability in Europe’ (2014) 9 Journal of Intellectual Property
Law & Practice, No. 1.
Murray (n 8) 308.
Douglas Gary Lichtman and Eric Posner, ‘Holding Internet Service Providers Accountable’ (2004) John M. Olin Program
in Law and Economics Working Paper No. 217, 5
< https://pdfs.semanticscholar.org/2804/886cde69b94fba30856af28ff0a1e8552b02.pdf> accessed 10 January 2020.
Cartier International AG v British Sky Broadcasting Ltd  ETMR
See Jaani Riordan, ‘The Liability of Internet Intermediaries’ (DPhil Thesis, University of Oxford 2013).
with identifying anonymous IP rights infringers. However, that position started changing gradually
about two decades ago, to provide for limited liability by securing immunity regimes for ISPs under
the EU Law. Three factors were responsible for this. The first was that ISPs argued that they could not
practically exercise effective control over the high volume of contents provided by users. Secondly,
they contended that they were not morally responsible for the content of action of others and finally,
that if they were to be held liable, the ISP industry which provides a very important function in the
present digital economy will collapse or withdraw from Europe.
This led to the enactment of new
laws in the EU like the E-Commerce Directive (ECD)
to address the above concerns of ISPs.
4.1 The E-Commerce Directive
The ECD harmonized the liability regime of ISPs across EU member states. The ECD regime deals
with all kinds of content issues ranging from IP, libel, obscenity among others, unlike the US regime
under the Digital Millennium Copyright Act (DMCA) which focuses on a single area of copyright.
The ECD regime covers not only ISPs, but also a wider range of online actors who are involved in
several activities which include; selling goods and services, providing search tools, and offering online
These secondary categories of persons are collectively referred to as information society
service providers (ISSPs).
The ECD via Articles 12 to 15 provides uniform pan-EU rules governing liability privileges for ISPs,
which acts as a shield against liability in cases where the ISPs would ordinarily be liable under the
relevant civil, criminal, or administrative law for damage claims and annex claims like payment for
costs of suit in relation to the damage claim.
The only exception to this privilege is on injunction
claims and injunction annex claims.
These privileges oftentimes referred to as safe harbours apply
when the ISPs acts in the following manner:
a. As mere conduits under Article 12. Where ISPs act as mere conduits of contents by solely
transmitting contents originated by and destined for other parties, they are absolved of all
This immunity applies only where the ISP did not initiate the transmission, select the
receiver of the information, or modify the information contained in the transmission. This is
Edward (n 2) 286.
EC E-Commerce Directive 2000/31/EC.
Edward (n 2) 267.
Diane, Uta and Andrew (n 13) 105.
C-484/14 McFadden v Sony (CJEU, 15 September 2016) Para 75.
Recital 45 E-Commerce Directive reads as follows: ‘The limitations of liability of intermediary service providers
established in this Directive, do not affect the possibility of injunctions of different kinds; such injunctions can in particular
consist of orders by courts or administrative authorities requiring the termination of prevention of any infringement,
including the removal of illegal information or the disabling of access to it.’
Except for Injunction. McFadden (n 28).
similar to the common law position developed for carriers like the post office and phone
companies in England.
b. As caching providers under Article 13. ISPs deploy the use of caches to speed up the internet for
users and reduce their transmission costs.
The benefit of immunity under this Article applies
where the ISPs did not modify the information, complies with the condition of access, updates
the cached copy regularly in line with industry practice, and takes down the cached copies once
they become aware that the original source of the information has been removed or access to it
has been disabled or blocked.
c. As hosting providers under Article 14. ISPs are exempted from liability with respect to the storage
of information provided by a recipient of their services, when they are unaware of the illegal
activity or information, and also where they expeditiously take steps to remove or disable access
to such information upon becoming aware. This requires ISPs to set up a team whose core duty
it is to quickly remove such contents upon notice in order to prevent potential liability. ISPs
however, cannot claim immunity when they optimize or promote the infringement content in a
manner like deals of the day. This was the decision of the CJEU in L’Oreal SA v. eBay.
d. Article 15 provides for another privilege alongside Articles 12-14, by prohibiting the imposition
of general monitoring obligations by member states on ISPs, a position which was upheld by the
Court of Justice of the European Union (CJEU) in Scarlet v SABAM.
4.1.1 Injunction Relief under the ECD and Copyright Enforcement Directive
A right holder who alleges IP rights infringement could seek to get the details and information of the
individual rights violator from the ISP, or in the alternative prevent the ISP from facilitating a further
infringement. Questions arise whether an ISP is permitted by law to divulge the details of an end-user
to the rights holder under the current General Data Protection Regulation in the EU. This and other
difficulties associated with the first option as previously mentioned in this article make the second more
desirable for IP rights holders. To achieve this, they apply for injunction relief of filtering or blocking
as provided under Article 8(3) of the Copyright Directive, and also in Article 9 of the Copyright
Enforcement Directive, on condition that such an injunction must be effective, proportionate,
dissuasive, not excessively costly for the ISP, and do not create barriers to legitimate trade within the
Bunt v Tilley  EWHC 407 (QB).
Diane, Uta and Andrew (n 13) 105.
C-324/09 L’Oreal SA v. eBay International AG (CJEU 12 July 2011).
Case C-70/10 Scarlet Extended SA v Société Belge des Auteurs, Compositeurs et Editeurs SCRL (SABAM) (CJEU, 24
Cartier (n 23).
L’Oreal SA v. eBay (n 33) -.
In the opinion of this article, the injunction relief as provided in L’Oreal v eBay
is an acceptable
middle ground of safe harbor, because it considers the rights and interests of the three actors involved.
The right to privacy of the end-user and alleged rights violator is somewhat respected, the ISP is not
held liable for damages but is required under the injunction to prevent further infringements as an
intermediary, while the IP holder’s rights are respected and protected.
4.2 The New Copyright in the Digital Single Market Directive 2019 (DSM Directive)
Before concluding on the EU regime, this article will briefly examine the latest EU law on the liability
of ISPs. The DSM Directive which amended Directives 96/9/EC and 2001/29/EC, came into force on
June 6, 2019, marking the end of what may be referred to as a controversial legislative process at EU
The implementation is expected to commence within two years and Member States are expected
to pass appropriate legislation to meet the Directive's requirements within that period of time.
process of implementation by member states appears to be one that will be contentious, as one (Poland)
has already filed an action for annulment under Article 263 TFEU.
Another subject of controversy is
found in the translations of ‘best efforts’ in Article 17(4)(a) into the languages of some member states,
which may likely result in challenges to compliance, judicial interpretation, and application of resulting
However, in relation to the subject matter of this article, Article 17 (Article 13 in the draft) of the DSM
Directive seems to be part of a new broader policy direction in the EU which is geared towards
increasing the responsibility of online platforms (ISPs). The rationale for this new policy direction
according to Tiffany
is that the nature and manner of operation of ISPs presently are way different
from when the intermediary liability laws were first developed, and the existing statutes may not be
adequate to address the technological and social changes that have occurred over time. This new policy
direction appears to be in contrast with the prohibition of general monitoring obligations in Article 15
of the ECD, and the freedom of individuals to interact with online content.
The general monitoring
João Quintais ‘The New Copyright in the Digital Single Market Directive: A Critical Look’ (2020) 1 European Intellectual
Property Review 2020 (Forthcoming) https://ssrn.com/abstract=3424770 accessed 09 January 2020.
‘Digital Single Market Copyright Directive: EU to start dialogue with stakeholder’ (International Insider 15 October
2019) < https://internationalinsider.org/2019/10/15/digital-single-market-copyright-directive-eu-to-start-dialogue-with-
stakeholder/> accessed 15 October 2019.
Quintais (n 38).
Bulgarian, Dutch and Swedish versions translate ‘best efforts’ to mean ‘all efforts’
Eleonora Rosati ‘DSM Directive Series #5: Does the DSM Directive mean the same thing in all language versions? The
case of 'best efforts' in Article 17(4)(a)’ (The IPKat Wednesday, May 22, 2019)
< http://ipkitten.blogspot.com/2019/05/dsm-directive-series-5-does-dsm.html> accessed 09 January 2020.
Tiffany (n 7).
Aleksandra Kuczerawy, ’To Monitor or Not to Monitor? The Uncertain Future of Article 15 of the E-Commerce
Directive’ (Balkanization May 29 2019) <https://balkin.blogspot.com/2019/05/to-monitor-or-not-to-monitor-
uncertain.html> accessed 09 January 2020.
obligations conflict with of Articles 8 (the right to protection of personal data), 11 (freedom of
expression and information), and 16 (freedom to conduct business) of the EU Charter on Fundamental
Rights, as well as a CJEU precedent in Scarlet v SABAM.
It is also argued that the provision of Article 17 of the DSM Directive did not clarify existing law,
rather appears to change it by providing that ISPs carry out acts of communication to the public by
giving access to content uploaded by their users.
Consequently, ISPs that rely on user-generated
content like YouTube and Facebook will become responsible for making sure that users don’t share
In other words, they are directly liable for the contents uploaded by end-users
notwithstanding their exclusion from the hosting safe harbour provisions previously available to many
of them under Article 14(1) of the ECD.
In summary, it is argued that Article 17 appears to be incompatible with EU law as interpreted by the
CJEU because it imposes an obligation on ISPs to monitor their platforms, ignores transparency
obligations to the benefit of end-users, and requires ISPs to obtain licenses before they can have
protected works on their online platforms.
It is the view of this article that the potential difficulty in complying with these onerous obligations by
ISPs will likely make them rely on another possibility, which shields them from liability if they meet a
number of collective conditions as provided in Article 17(4) by demonstrating to have; made best
efforts to obtain an authorization from right holders; made best efforts to ensure the unavailability of
specific works for which the right holders have provided them with the relevant and necessary
information; and acted expeditiously, upon receiving a sufficient and substantial notice from right
holders, to take down infringing content and made best efforts to prevent its future upload, except with
the authorization of the right holders.
The second condition in the preceding paragraph appears to impose on ISPs an upload filtering
whereas the third introduces both a notice-and-takedown mechanism which is similar to
that of Article 14 of the ECD, and a notice and stay down obligation.
Scarlet v SABAM (n 34).
Christina Angelopoulos and João Pedro Quintais, ‘Fixing Copyright Reform: A Better Solution to Online Infringement’
(2019) 10 JIPITEC 147 para 1.
Murray (n 8) 302.
Quintais (n 38).
Stalla-Bourdillon, Sophie and Rosati, Eleonora and Turk, Karmen and Angelopoulos, Christina and Kuczerawy,
Aleksandra and Peguera, Miquel and Husovec, Martin, ‘A Brief Exegesis of the Proposed Copyright Directive’ (November
24, 2016). Available at SSRN: https://ssrn.com/abstract=2875296 or http://dx.doi.org/10.2139/ssrn.2875296.
Quintais (n 31) 18.
Martin Husovec ‘How Europe Wants to Redefine Global Online Copyright Enforcement’ (2019) SSRN Electronic Journal
<10.2139/ssrn.3372230> accessed 10 January 2020.
For ISPs to meet the conditions above and avoid liability, they are most likely to adopt the use of
automatic content recognition technologies to examine all contents before they are uploaded by end-
users. Notwithstanding the DSM directive’s clear rejection of this outcome in Article 17(8), it is
difficult to see how these obligations will not result in the deployment of upload filters, which will
eventually result in general monitoring of uploaded contents. It is hoped that this measure will not
violate the e-Privacy Directive, the GDPR, and the Charter of Fundamental Rights of the EU, as
interpreted by the CJEU.
5.0 Liability of ISPs under the Nigerian Legal System
With a population estimate of 206,139,589 in the year 2020, Nigeria has a total number of 126,078,999
internet users and ranks 6th on the global table of countries with the highest number of internet users.
With such a huge number of internet users in Nigeria which is above the total population of the United
Kingdom (England, Northern Ireland, Scotland, and Wales) and France combined,
appears to be a fertile ground and investment hub for ISPs. This section of the article will examine the
liability of these ISPs for the infringement of copyrighted content on their sites under the Nigerian
5.1 The Copyright Act Cap 28 LFN 2004; and the Copyright Amendment Bill 2015
Enacted 32 years ago in 1988, the Copyright Act is the general legislative statute that covers the
infringement of IP rights in Nigeria. However, the Act does not have a clear and express provision on
the regulation of IP rights on the internet. The reason for this apparent omission is not farfetched,
because the Act was enacted before the advent of the internet in Nigeria. Even the latest version of the
Act, which is the 1999 amendment also came at a time when the concept of the internet and its
operations arguably appeared as rocket science to the lawmakers. As such, the Copyright Act offers
little for consideration of this article. However, it contains some provisions in Sections 15, 16, and 20
which could be stretched and expanded under the liberal rules of interpretation to incorporate liability
for ISPs as facilitators of IP rights infringement.
However, it is worthy to note that the draft Copyright Amendment Bill 2015 addresses this lacuna by
bringing the internet within its precincts. In relation to online content, Section 47 of the Bill empowers
an IP rights holder whose rights are infringed on the internet to issue a notice in writing to the ISP or
M.R.F Senftleben, Christina Angelopoulos, Giancarlo Frosio, Valentina Moscon, Miquel Peguera, Ole-Andreas Rognstad
‘The Recommendation on Measures to Safeguard Fundamental Rights and the Open Internet in the Framework of the EU
Copyright Reform’ (2018) European Intellectual Property Review Vol. 40, No. 3. pp. 149-163.
Internet World Stats <https://www.internetworldstats.com/top20.htm> accessed April 26, 2020.
Ibid. Both Countries have an estimate of about 123,000,000 internet users.
For a detailed discussion see Bernard Jemilohun, ‘Liability of Internet Service Providers under Nigerian Law’ (2019)
International Journal of Research, Vol 6, Issue 7, p 9.
the ISPs designated agent to take down or disable access to the infringing content or link to such
content, hosted on its systems or networks. Upon receipt of the notice, the ISP shall promptly notify
the alleged rights infringer who has 10 days to respond to the claims of the IP rights holder, failure of
which the ISP shall comply with the demands of the IP rights holder.
Where the notice appears
frivolous or the alleged infringer responds to the notice and the ISP is justified of the merits, it shall
refuse to comply with the notice to take down and also promptly communicate its decision to the IP
rights holder. However, an ISP may restore the removed content if it receives a counter-response from
the alleged rights infringer and promptly informs the IP rights holder, and he fails to respond
accordingly. Sections 48 and 49 of the draft Bill absolves ISPs of any liability for any action taken in
good faith with regards to the procedure for removal of online IP rights infringement. Also, anyone
who is not satisfied with the decision of the ISP can refer the matter to the Nigerian Copyright
Commission (NCoC) for determination.
Due to the onerous task in proving that ISPs did not act in good faith, this article is of the opinion that
the Copyright Amendment Bill appears to indirectly exempt ISPs from liability over IP rights
infringement on their sites. Also, there is no right of action in the court for anyone who is not satisfied
with the decision of an ISP, as the only remedy is an administrative procedure of referral to the NCoC
for determination. Even though Section 50 of the Bill allows an IP rights holder to apply to the court
for an order to compel an ISP to disclose the identity of an alleged rights infringer, this right only avails
the IP rights holder the legal grounds to proceed against the individual IP rights infringer, especially in
situations where the identity of the rights infringer is in question or anonymous. This, in my opinion,
provides a wide range or almost absolute exemption for ISPs and does not provide enough deterrent
for them to act expeditiously towards the protection of an IP rights holder, because according to the
deterrence model, liability leads to a more positive leaning towards compliance.
5.2 The Advance Fee Fraud and other Fraud Related Offences Act 2006
Although the Advance Fee Fraud Act is geared towards the prevention of fraudulent financial
transactions, it contains some provisions on the liability of ISPs where the fraud is committed through
the internet. The relevant portion of the Act is Section 13 which provides that ISPs shall exercise the
duty of care to ensure that their services and facilities are not utilized for unlawful activities.
provides that compliance with the provisions of the Act shall be a valid defence for ISPs in any lawsuit
Section 48 of the Bill
Section 13(3) of the Advance Fee Fraud and other Fraud Related Offences Act 2006
Section 13 (4) ibid.
While it is not in question that IP rights infringement can be classified as an unlawful activity, it remains
a doubt if an IP rights holder can rightly proceed against an alleged violator in a civil case under this
Act, which is primarily for the prosecution of criminal offences. In any event, it is worthy to note that
the liability of ISPs under this Act is similar to that which is provided in the draft Copyright Amendment
Bill, which is that ISPs are not to be held liable for any unlawful activity or IP rights infringement on
their sites where the violation occurred without their knowledge.
5.3 The Guidelines for the Provision of Internet Service Published by the Nigerian
Communications Commission, 2011
The beginning of the new millennium witnessed a massive revolution and growth in the use of the
internet in Nigeria, especially in the wake of the massive surge towards privatisation and globalisation
with the return to democratic rule. This development resulted in attempts to enact new laws and amend
existing ones to ensure that the internet due to its strategic importance is not left unregulated, because
as I noted earlier Nigerian laws enacted before that time had no provisions on the use of the internet.
Some progress was achieved via the enactment of some laws like the Nigerian Communications Act
(NCA) 2003, Nigerian Information Technology Development Agency Act (NITDA) 2007. However,
these laws had no provision on the violations of IP rights on the internet, which led to the legislative
attempts about a decade ago to amend the Copyright Act and fill this gap.
Due to the high potential
for the violation of IP rights on the internet, the Nigerian Communications Commission (NCC) in its
wisdom and pursuant to its powers
developed the Guidelines for the Provision of Internet Service
(Guidelines). It appears that this Guideline was intended to regulate IP rights violation on the internet,
pending the competition of the legislative amendment process, and with retrospection, this was a
laudable decision by the NCC, as the Copyright Amendment Bill is yet to see the light of the day,
having suffered several setbacks in the legislative process.
With regards to violation of IP rights on the internet, the Guidelines places an obligation on ISPs to
inform users of any statements of cybercrime prevention or acceptable internet use published by the
NCC or any other authority, and that failure to comply with these acceptable use requirements may
lead to criminal prosecution for the users, including concerning several unlawful activities of which the
violation of IP rights was mentioned specifically.
ISPs are also required to cooperate with law
enforcement and regulatory agencies investigating cybercrime or other illegal activity. They are also
required to contact the NCC, and any other legal or regulatory authority identified by the Commission
from time to time, in the event they become aware of any complaint or activity indicating internet use
The first was the Copyright Amendment Bill 2011.
Section 70 (2) of the NCA.
Paragraph 5 (d).
for the commission of an offence.
These provisions appear to place monitoring obligations on ISPs
over the online activities of internet users to address the problem of IP rights violations, and also to
make the users aware of the risks and consequences of infringing IP rights online.
As online intermediaries, the liability of ISPs is subject to the rules under Paragraph 11 of the Guideline
which is similar to that of the EU safe harbours privileges. They apply to ISPs in Nigeria where they
act in the following manner:
a. As mere conduits. Where ISPs act as a mere conduit of contents by solely transmitting contents
originated by and destined for other parties, they are absolved of all liability. This immunity
applies only where the ISP did not initiate the transmission; select the recipient of the
information; select or modify the information contained in the transmission; and acts without
delay to remove or disable access to the information upon receiving a takedown notice or
becoming aware that the transmitted information has been disabled or removed from the source.
b. As caching providers. ISPs are absolved of liability where they did not modify the information;
complies with the conditions of access; updates the cached copy regularly in line with industry
practice; do not interfere with the lawful use of technology to obtain data on the information,
and promptly act without delay to remove or disable access to the information upon receipt of
a takedown notice or once they become aware that the original source of transmission of the
information has been removed or disabled.
c. As hosting providers. ISPs are exempted from liability with respect to the storage of information
provided by a user when they do not interfere with the information and also the conditions of
access applicable to the information; where they do not interfere with the lawful use of
technology to obtain data on the use of the information; do not have knowledge of illegal
activity related to the information; and where they act without delay to remove or disable access
to such information upon receiving of a takedown notice.
A recurrent feature in the above three privileges under the Guidelines is that of a takedown notice. To
make the process efficient, straightforward, and transparent, ISPs are required to establish a procedure
for receiving and promptly responding to content-related complaints, including any notice to withdraw
or disable access to identified content issued by the Commission or other legal authority.
The above provisions show that the liability regime for ISPs in Nigeria is very limited and narrow. As
seen in the role of ISPs as hosting providers, once it can be proved that they are not aware of the illegal
activity online they will be exempted from liability. However, as Jemilohun argued, if it is established
that an ISP in question knew or ought to have known that the online activity is unlawful but failed to
Paragraph 6 (a) and (d).
take it down promptly, it will not be able to avoid liability.
I beg to slightly differ from the position.
This is because the relevant portion of the Guideline is clear, direct and does not give room to insinuate
that ISPS should take constructive notice of the unlawful activity.
In the absence of a clear provision to that effect, questions arise whether ISPs are empowered to act
unilaterally and take down an online infringing content when they are yet to receive a notice to take
down and whether they can be held liable for not doing so upon becoming aware constructively. In my
humble opinion, the above position of Jemilohun at best represents a desirable and persuasive argument
that could become law upon receiving a judicial imprimatur. This is because ISPs can become aware
that an online content infringes the IP rights of another, especially where the holder of the rights is a
popular individual or brand. Where this happens, it makes sense that ISPs should live up to their role
as gatekeepers and promptly remove the infringing content while also swiftly notifying the alleged
infringer of the removal, as well as his options for a review if he feels the removal was erroneous.
Unfortunately, this Guideline has not been tested before the Nigerian Courts. The reason for this is not
farfetched as Jemilohun rightly submitted that the Guideline lacks normative authority and appears to
only provide the legal basis for the NCC to penalize ISPs who violate the provisions.
This means that
it seems very unlikely that an individual whose IP rights are violated will have an enforceable remedy
against ISP under the Guideline, aside from the right to submit a notice to take down to the ISP.
6.0 Observations from the EU and Lessons for Nigeria
In the assessment of this article, it appears that the position of the EU law as provided under the ECD
is that ISPs cannot be held liable for IP rights infringement on their platforms, as long as they are neutral
and passive in the act of infringement, and promptly removed the infringing content upon being
notified. However, L’Oreal case suggests that mere knowledge of the alleged violation may remove
the shield of immunity under the ECD, as it is very unlikely for an ISP that tolerates or promotes IP
rights violation on its platform to benefit from Articles 12 to 15 of the ECD. This is similar to the
position in Nigeria, only to the extent that the question of whether mere knowledge of the alleged
violation by an ISP will remove the immunity shield is yet to come before the Courts for interpretation.
Furthermore, this article observes that no guidance was specified in the ECD as to the meaning of
‘expeditious’ under the hosting immunity regime of Article 14 and whether it allows time for ISPs to
check the facts, consult in-house lawyers, or external counsel.
The same observation applies to the
Nigerian regime where there is no guidance on the phrase ‘ act without delay’. The dilemma for ISPs
Jemilohun (n 56) 11.
ibid, p 12.
Edwards (n 2) 270.
under both regimes is that in a bid to act expeditiously and escape liability by removing the alleged
infringing materials upon being notified, they may hastily remove a content that could have been
allowed under the right of fair use, thereby infringing in the right to freedom of expression of the end-
user. However, the EU Commission Recommendation of March 1, 2018, on Measures to Effectively
Tackle Illegal Content Online
where a 24-hour target was set for the removal of hate speeches by
major IT companies like Facebook can be a guide as to what expeditious means in that context. In any
event, Article 14(3) allows EU member states to establish procedures governing the removal or
disabling of access to information. For example, tech firms in the UK are mandated to remove extremist
ideas within 2 hours.
The Nigerian regime has no such provision or guidance and therefore, this article
suggests the incorporation of a definition of the phrase by the Commission in other to guard against
Another observation is that the DSM Directive which is the current EU legal framework on the liability
of ISPs appears to be tilted towards protecting the IP right holders more than ISPs and end-users of the
unlike the antecedent position which provided a sort of shield of immunity for ISPs in some
circumstances. The current framework with its new obligations on ISPs could increase the cost of
operation for ISPs. Therefore, it is argued that the new legal framework has the potential of affecting
the economic survival of the ISPs by increasing transaction costs via compliance with blocking and
monitoring (filtering) obligations. These additional costs on the ISPs will likely discourage the future
development of internet technology within the EU market, which may be detrimental for the EU
Contra-wise, the position in Nigeria is tilted towards the protection of ISPs, which may not be sufficient
for them to perform as gatekeepers and play their role in the protection of the IP rights online. It could
be that Nigeria adopted this stance indirectly in order to encourage investment by ISPs in the Nigerian
market because placing strict monitoring obligations on ISPs or making them secondarily liable for
online IP rights violations in an emerging market like Nigeria will increase their cost of operation. This
will most likely lead to lower investment in the sector which may result in non-improvement in the
quality of internet services, higher prices, restriction of freedom of expression, and invasion of privacy
for end users which may discourage potential internet service users. These setbacks will act as an
impediment to government policies geared towards the growth of internet penetration and ease of doing
Brussels, 1.3.2018 C (2018) 1177.
See ‘Theresa May warns tech firms over terror content’ (BBC News 20 September 2017)
<https://www.bbc.co.uk/news/uk-politics-41327816> accessed 08 January 2020.
Murray (n 8).
A position that has been argued is that a desirable middle line should be one that encourages online
digital works, offers adequate protection for them, and holds the online IP rights infringer personally
liable under the law.
While this article agrees with the first two points, the third leg of this argument
does not persuade because it appears not to take cognizance of situations where the rights infringer
perpetrates the act anonymously or under a pseudonym, of which it may be nearly impossible to
ascertain the real identity. This article suggests that having attained a remarkable level of growth in
internet usage as evidenced in the rank of Nigeria as the 6th country with the highest number of internet
users globally, it becomes imperative for Nigerian ISPs to assume intermediary responsibility as
exemplified by the EU regime where ISPs play a more active role as gatekeepers and intermediaries in
curbing the violation of IP rights among other unlawful activities on the internet.
Before concluding, this article notes that the draft Copyright Bill contains provisions that make it almost
impracticable to hold ISPs secondarily liable for IP rights infringement, because of the shield of ‘acting
in good faith’ which they can wield as a defence to actions by a rights holders. It is therefore suggested
that the draft Bill which is still pending before the National Assembly should be reviewed to bring it in
conformity with current trends and realities by incorporating the relevant provisions of the NCC
Guidelines, with some modifications to increase the liability regime of ISPs for the violation of IP
rights on the internet. This is because the present situation which is akin to an absolute safe shelter for
ISPs is not in the best interest of the policies geared towards making the internet a safe haven for
commercial transactions and the protection of IP rights holders.
7.0 Summary and Conclusion
Recent policy discourse both globally and in the EU appears to be gradually moving from intermediary
liability of ISPs to intermediary responsibility. The amended Audiovisual Media Services Directive,
the DSM Directive, and the proposal for a Regulation on preventing the dissemination of terrorist
content online, alongside new soft law initiatives of the EU, such as the Code of Conduct on Countering
Illegal Hate Speech Online and the latest Code of Conduct on Disinformation, point toward that
direction and trend.
However, since it is safe to assume how unbearable it may be for ISPs to obtain all the required
authorisations for the potential ton of online contents uploaded by end-users as provided under the
DSM directive, coupled with the cost of high complying with the monitoring obligations, it is the view
of this article that as long as ISPs provide a service which primarily benefits the society and cooperates
in a reasonable way with IP right holders who has justifiable claims, it ought to enjoy immunity under
Jemilohun (n 56) 9.
Kuczerawy (n 45).
the law from the right holders’ lawsuits. Hence, a system of information sharing and cooperation
between IP rights holders and ISPs should be developed, which would most likely improve the general
effectiveness of addressing the challenge of IP rights infringement on the internet, to optimize the best
use of limited resources and save cost.
While this article does not call for a slavish adoption of the EU liability regime of ISPs for online
violation of IP rights by Nigeria, it discussed the giant strides of the EU regime as a model from which
Nigeria could learn from in its current law review and law-making process. Therefore, in designing
the liability regime for Nigeria ISPs, care should be taken to avoid tailoring liability rules which offer
an almost absolute safe harbour for ISPs on the basis of encouraging higher investments, while
schematizing the rules against the interests of IP rights holders, by limiting their ability to hold ISPs
secondarily liable for IP rights violation.
Since Nigeria has attained a significant level of relevance in
the use of the internet with its 6th globally on the number of internet users within 20 years, coupled with
the potential of moving higher on the table, the question of tailoring the rules in favour of ISPs to
encourage investment no longer arises. Rather, the focus should be on identifying the rules which
facilitate a thriving market in Nigeria and guarantees a sustained development of technologically savvy
and infringement neutral, technologies to cater for the interest of not only online actors, but the general
Katja Weckstrom, 'Liability for Trademark Infringement for Internet Service Providers' (2012) 16 Marq Intell Prop L