This article examines laws, regulations and case law related to online pornography in selected jurisdictions to assess their effectiveness and limitations.1 The United States and online pornography"There have been many attempts in the United States to regulate online pornography, although not all of them have been successfully implemented".1.1 The Communications Decency Act (CDA), 1996
The CDA was the first federal law to impose significant constraints on internet communications. It imposed criminal sanctions on anyone who:
knowingly (A) uses an interactive computer service to send to a specific person or persons under 18 years of age, or (B) uses any interactive computer service to display in a manner available to a person under 18 years of age, any comment, request, suggestion, proposal, image, or other communication that, in context, depicts or describes, in terms patently offensive as measured by contemporary community standards, sexual or excretory activities or organs.It further criminalised the transmission of materials that were "obscene or indecent" to persons known to be under 18.
So, under the CDA regime, an ISP was liable for allowing dissemination of obscene or indecent material to minors over Internet facilities it controlled and could be criminally punishable by a fine or imprisonment for up to two years or both. However, the ISP could defend itself that it acted in good faith to take reasonable, effective and appropriate actions to prevent minors from receiving indecent material through the Internet. It could also use the defence based on the distinction between an access service provider and a content provider. If the ISP could prove that it only provided access to a network without interfering with the content, it would have been exempted from liability. If it is established that it acted as a content provider, then it will be criminally liable for transmitting indecent materials to a minor.
However, in Reno v American Civil Liberties Union the US Supreme Court found unconstitutional certain provisions of the CDA that were intended to protect minors from harmful material on the Internet.
This judgement implied that ISPs could no longer be held liable for the transmission to minors of indecent or obscene materials under the CDA. Thus, a quick reaction from the Congress was required to fill what could be considered as a gap. This reaction came with the enactment of the Child Online Protection Act, sometimes referred to as CDA II.1.2 The Child Online Protection Act (COPA), 1998Unlike the CDA, the COPA prohibited the transmission of material that is harmful to minors rather than material that is indecent or obscene. Section 231 (a) (1) provided that:
Whoever knowingly and with knowledge of the character of the material, in interstate or foreign commerce by means of the World Wide Web, makes any communication for commercial purposes that is available to any minor and that includes any material that is harmful to minors shall be fined not more than $50 000, imprisoned not more than 6 months, or both.
Consequently, Commercial site operators who offered material deemed to be harmful to minors were required to use bona fide methods to establish the identification of visitors seeking to access their sites. Failure to do so could result in criminal liability with fines of up to $50 000 and six months in jail for each offence.
On the other hand, ISPs who simply provide access to harmful content to minors could hardly see their responsibility engaged since ISPs cannot be expected to be aware of the character of all materials transmitted through their servers. Indeed, it is technically impossible for them to monitor the enormous quantity of network traffic, which may consist of hundred of thousands of web pages.
The constitutionality of the COPA was challenged almost immediately after its enactment. In ACLU v Reno II, the Third Circuit Court found the COPA to be unconstitutionally overbroad because it prohibited a wide range of constitutionally protected speech. The Supreme Court upheld that decision.
Thus, the second attempt of Congress to regulate online pornography also failed.1.3 The Children's Internet Protection Act (CIPA) 2000The CIPA required schools and libraries that receive government funding to install filtering technology that blocks or filters Internet access to visual depictions that are obscene, or harmful to minors as well as child pornography in respect of children under the age of 17 years.
This Act was held invalid under the First Amendment because it required libraries to use filtering technology that inadvertently blocks access to thousands of legitimate websites while allowing access to some pornographic websites.Upon appeal to the Supreme Court, however, the law was upheld as constitutional as a condition imposed on institutions in exchange for government funding. In upholding the law, the Supreme Court made it clear that the constitutionality of CIPA would be upheld only "if, as the Government represents, a librarian will unblock filtered material or disable the Internet software filter without significant delay on an adult user's request."1.4 The Child Pornography Prevention Act (CPPA), 1996
The CPPA criminalizes the creation, possession and transmission of digital child pornography, whether the pornographic image is computer generated or an actual photograph.
The constitutionality of the CPPA has been challenged in several federal courts resulting in conflicting decisions. However in Achcroft v Free Speech Coalition, the Supreme Court overturned the provisions of the CPPA that made it a crime to possess or distribute any sexually explicit image that appeared to be a minor engaged in a sexual act because it violated the protection of free speech.2 United Kingdom2.
1 The Obscene Publications Act, 1959
In terms of the Obscene Publications Act, mere possession of an obscene article is not an offence. Possession with the intention of publication for gain, however, is an offence. As set out in the case of R v Fellows & Arnold, the offence may be committed simply by making obscene material available for electronic transfer or downloading by another party who is thus enabled to access and copy that material. "It thus follows that an ISP which provides online access and hosting in exchange for a subscription fee could face liability for an obscene website created by a subscriber, hosted by the ISP and to which the ISP provides access".
ISPs can also face liability for transmission of obscene material over the Internet under the Broadcasting Act 1990. This Act extends the Obscene Publications Act to incorporate live and pre-recorded 'programme services'.
So under this legislation, an ISP who hosts a website containing obscene material provided by a third party and who has requisite knowledge could face liability as the publisher of that obscene article. It has also been suggested that an ISP which provides Internet access to a known publisher of obscene materials may face liability, even where the material in question is hosted on the other party's own server.
No prosecutions, to date, however, have been brought against ISPs with respect to obscene material and, as noted by Gavin Sutter, it is unlikely that such a case would happen anytime soon unless an ISP was sufficiently aware and failed to act. With the establishment of the Internet Watch Foundation (IWF), self-regulation has proved to be a better and more effective solution to law. The IWF will be dealt with later in this dissertation.2.2 The Protection of Children Act 1978This Act criminalises the creation, the distribution and the possession of child pornography.
An ISP may be criminally liable as an accessory to a crime under section 3 of the Protection of Children Act if it carries illegal content such as child pornography on its servers. But it should be realized that the initial responsibility for generation and dissemination of child pornography lies with the authors and not ISPs. The responsibility of the ISP is only possible if the ISP who is aware of the existence of child pornography on its servers fails to take reasonable steps to remove it. Thus, it can be said that 'knowingly' carrying child pornography would bring liability for the UK ISPs even though actual knowledge is not a requirement under the 1978 Act.
3 The Council of Europe's Convention on Cybercrime, 2001Given disparities on the regulation of child pornography around the world, harmonization efforts have been undertaken at international level to deal with the issue; this is the case of the Council of Europe's Convention on Cybercrime. Article 9 (1) of this Convention provides that each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law, when committed intentionally and without right, the following conduct:
• Producing child pornography for the purpose of its distribution through a computer system;
• Offering or making available child pornography through a computer system;
• Distributing or transmitting child pornography through a computer system;
• Procuring child pornography through a computer system for oneself or for another;
• Possessing child pornography in a computer system or on a computer data store medium.
South Africa as one of the signatories to this Convention has implemented this provision in terms of the Films and Publications Act No 65 as amended in 1999 to make the exploitive use of children in pornographic publications, films or on the Internet, punishable.
4 South Africa and online pornography4.1 The Films and Publications Act No 65 of 1996This Act regulates the creation, production, possession and distribution of pornography in South Africa. It also specifically outlaws child pornography, notably on the Internet.
Let us analyse instances where an ISP can incur liability in terms of this Act, i.e for distribution of pornography to minors as well as for possession and distribution of child pornography.4.1.1 Distribution of pornography to minors
According to the Films and Publications Act No 18 of 2004, distribution includes... the fact of handling or exhibiting a film or a publication to a person under the age of 18 years, and also the failure to take reasonable steps to prevent access thereto by such a person. Consequently, ISPs could face criminal liability for allowing access to pornography to minors on their servers under this Act. This reminds us provisions of the CDA and COPA intended to prevent access to pornography to minors and their fate in the US. So it is interesting to see that South Africa has succeeded where the US legislator has failed.
This Act prohibits the distribution of pornography to minors. So an ISP could be held liable for distributing to minors inter alia a publication or a film classified XX or X18 or a film not classified at all. But to be liable, an ISP needs to distribute pornography knowingly. It is therefore unlikely that an ISP who simply provides access to Internet without monitoring the content could be held liable for access to pornography to minors on its servers. It results that the duty of ISPs to prevent access to online pornography to minors is unlikely to be effective, parents or guardians are probably the first ant best defense for protecting children from pornography over the Internet. As regards the content provider, it is likely to be liable if it fails to take reasonable steps to prevent access by children to pornography and to face a sentence to a fine or to imprisonment for a period not exceeding five years or to both.4.1.2 Possession & distribution of child pornography
The Films and Publications Act was amended in 1999 to make the exploitive use of children in pornographic publications, films or on the Internet, punishable.4.1.2.1 Possession of child pornography
Possession is defined in relation to a film or a publication in the Films and Publications Act No 65 as amended as including the keeping or storing in or on a computer system or computer data storage medium and also the fact of having custody, control or supervision on behalf of another person. And section 21 (1) (a) (i) of the same Act states that any person who is in possession of a film or publication which contains child pornography shall be guilty of an offence and further may be sentenced to a fine or to imprisonment for a period not exceeding ten years or to both in terms of section 30 (1A). What this implies for ISP? May they face liability for keeping or storing child pornography on their servers?
It is submitted that ISPs would not be considered in possession of child pornography unless they are aware of its presence on their servers, in which case they have a duty to remove such material and only failure to do so exposes them to liability.
The application and interpretation of Section 27 of the Films and Publications Act related inter alia to the criminalization of the possession of child pornography was considered in the case of De Reuck v Director of Public Prosecutions, case in which De Reuck charged for possession of child pornography challenged the constitutionality of the definition of child pornography. The Witwatersrand High Court dismissed the applicant's challenge and held the definition to be constitutional; on appeal, the Constitutional Court upheld that decision.4.2.2.2 Distribution of child pornography
The Films and Publications Act No 65 punishes the distribution of child pornography of the same penalty as its possession, i.e. a fine or imprisonment for a period not exceeding 10 years or both. But, like possession, the distribution of child pornography requires the requisite knowledge of it by the ISP to give rise to liability. So ISPs who distribute child pornography in the carrying on of their business without being aware of the content of that material will be exempted from liability under the Films and Publications Act. However that Act imposes obligations on ISPs in order to prevent the use of their services for the hosting or distribution of child pornography as well as a close cooperation with the South African Police Services in the combat against child pornography.
One should also note that ISPs who merely provide access to or host child pornography without being aware of the content thereof may be exempted from liability in terms of the Electronic Communications and Transactions Act No 25 of 2002.
The CDA was the first federal law to impose significant constraints on internet communications. It imposed criminal sanctions on anyone who:
knowingly (A) uses an interactive computer service to send to a specific person or persons under 18 years of age, or (B) uses any interactive computer service to display in a manner available to a person under 18 years of age, any comment, request, suggestion, proposal, image, or other communication that, in context, depicts or describes, in terms patently offensive as measured by contemporary community standards, sexual or excretory activities or organs.It further criminalised the transmission of materials that were "obscene or indecent" to persons known to be under 18.
So, under the CDA regime, an ISP was liable for allowing dissemination of obscene or indecent material to minors over Internet facilities it controlled and could be criminally punishable by a fine or imprisonment for up to two years or both. However, the ISP could defend itself that it acted in good faith to take reasonable, effective and appropriate actions to prevent minors from receiving indecent material through the Internet. It could also use the defence based on the distinction between an access service provider and a content provider. If the ISP could prove that it only provided access to a network without interfering with the content, it would have been exempted from liability. If it is established that it acted as a content provider, then it will be criminally liable for transmitting indecent materials to a minor.
However, in Reno v American Civil Liberties Union the US Supreme Court found unconstitutional certain provisions of the CDA that were intended to protect minors from harmful material on the Internet.
This judgement implied that ISPs could no longer be held liable for the transmission to minors of indecent or obscene materials under the CDA. Thus, a quick reaction from the Congress was required to fill what could be considered as a gap. This reaction came with the enactment of the Child Online Protection Act, sometimes referred to as CDA II.1.2 The Child Online Protection Act (COPA), 1998Unlike the CDA, the COPA prohibited the transmission of material that is harmful to minors rather than material that is indecent or obscene. Section 231 (a) (1) provided that:
Whoever knowingly and with knowledge of the character of the material, in interstate or foreign commerce by means of the World Wide Web, makes any communication for commercial purposes that is available to any minor and that includes any material that is harmful to minors shall be fined not more than $50 000, imprisoned not more than 6 months, or both.
Consequently, Commercial site operators who offered material deemed to be harmful to minors were required to use bona fide methods to establish the identification of visitors seeking to access their sites. Failure to do so could result in criminal liability with fines of up to $50 000 and six months in jail for each offence.
On the other hand, ISPs who simply provide access to harmful content to minors could hardly see their responsibility engaged since ISPs cannot be expected to be aware of the character of all materials transmitted through their servers. Indeed, it is technically impossible for them to monitor the enormous quantity of network traffic, which may consist of hundred of thousands of web pages.
The constitutionality of the COPA was challenged almost immediately after its enactment. In ACLU v Reno II, the Third Circuit Court found the COPA to be unconstitutionally overbroad because it prohibited a wide range of constitutionally protected speech. The Supreme Court upheld that decision.
Thus, the second attempt of Congress to regulate online pornography also failed.1.3 The Children's Internet Protection Act (CIPA) 2000The CIPA required schools and libraries that receive government funding to install filtering technology that blocks or filters Internet access to visual depictions that are obscene, or harmful to minors as well as child pornography in respect of children under the age of 17 years.
This Act was held invalid under the First Amendment because it required libraries to use filtering technology that inadvertently blocks access to thousands of legitimate websites while allowing access to some pornographic websites.Upon appeal to the Supreme Court, however, the law was upheld as constitutional as a condition imposed on institutions in exchange for government funding. In upholding the law, the Supreme Court made it clear that the constitutionality of CIPA would be upheld only "if, as the Government represents, a librarian will unblock filtered material or disable the Internet software filter without significant delay on an adult user's request."1.4 The Child Pornography Prevention Act (CPPA), 1996
The CPPA criminalizes the creation, possession and transmission of digital child pornography, whether the pornographic image is computer generated or an actual photograph.
The constitutionality of the CPPA has been challenged in several federal courts resulting in conflicting decisions. However in Achcroft v Free Speech Coalition, the Supreme Court overturned the provisions of the CPPA that made it a crime to possess or distribute any sexually explicit image that appeared to be a minor engaged in a sexual act because it violated the protection of free speech.2 United Kingdom2.
1 The Obscene Publications Act, 1959
In terms of the Obscene Publications Act, mere possession of an obscene article is not an offence. Possession with the intention of publication for gain, however, is an offence. As set out in the case of R v Fellows & Arnold, the offence may be committed simply by making obscene material available for electronic transfer or downloading by another party who is thus enabled to access and copy that material. "It thus follows that an ISP which provides online access and hosting in exchange for a subscription fee could face liability for an obscene website created by a subscriber, hosted by the ISP and to which the ISP provides access".
ISPs can also face liability for transmission of obscene material over the Internet under the Broadcasting Act 1990. This Act extends the Obscene Publications Act to incorporate live and pre-recorded 'programme services'.
So under this legislation, an ISP who hosts a website containing obscene material provided by a third party and who has requisite knowledge could face liability as the publisher of that obscene article. It has also been suggested that an ISP which provides Internet access to a known publisher of obscene materials may face liability, even where the material in question is hosted on the other party's own server.
No prosecutions, to date, however, have been brought against ISPs with respect to obscene material and, as noted by Gavin Sutter, it is unlikely that such a case would happen anytime soon unless an ISP was sufficiently aware and failed to act. With the establishment of the Internet Watch Foundation (IWF), self-regulation has proved to be a better and more effective solution to law. The IWF will be dealt with later in this dissertation.2.2 The Protection of Children Act 1978This Act criminalises the creation, the distribution and the possession of child pornography.
An ISP may be criminally liable as an accessory to a crime under section 3 of the Protection of Children Act if it carries illegal content such as child pornography on its servers. But it should be realized that the initial responsibility for generation and dissemination of child pornography lies with the authors and not ISPs. The responsibility of the ISP is only possible if the ISP who is aware of the existence of child pornography on its servers fails to take reasonable steps to remove it. Thus, it can be said that 'knowingly' carrying child pornography would bring liability for the UK ISPs even though actual knowledge is not a requirement under the 1978 Act.
3 The Council of Europe's Convention on Cybercrime, 2001Given disparities on the regulation of child pornography around the world, harmonization efforts have been undertaken at international level to deal with the issue; this is the case of the Council of Europe's Convention on Cybercrime. Article 9 (1) of this Convention provides that each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law, when committed intentionally and without right, the following conduct:
• Producing child pornography for the purpose of its distribution through a computer system;
• Offering or making available child pornography through a computer system;
• Distributing or transmitting child pornography through a computer system;
• Procuring child pornography through a computer system for oneself or for another;
• Possessing child pornography in a computer system or on a computer data store medium.
South Africa as one of the signatories to this Convention has implemented this provision in terms of the Films and Publications Act No 65 as amended in 1999 to make the exploitive use of children in pornographic publications, films or on the Internet, punishable.
4 South Africa and online pornography4.1 The Films and Publications Act No 65 of 1996This Act regulates the creation, production, possession and distribution of pornography in South Africa. It also specifically outlaws child pornography, notably on the Internet.
Let us analyse instances where an ISP can incur liability in terms of this Act, i.e for distribution of pornography to minors as well as for possession and distribution of child pornography.4.1.1 Distribution of pornography to minors
According to the Films and Publications Act No 18 of 2004, distribution includes... the fact of handling or exhibiting a film or a publication to a person under the age of 18 years, and also the failure to take reasonable steps to prevent access thereto by such a person. Consequently, ISPs could face criminal liability for allowing access to pornography to minors on their servers under this Act. This reminds us provisions of the CDA and COPA intended to prevent access to pornography to minors and their fate in the US. So it is interesting to see that South Africa has succeeded where the US legislator has failed.
This Act prohibits the distribution of pornography to minors. So an ISP could be held liable for distributing to minors inter alia a publication or a film classified XX or X18 or a film not classified at all. But to be liable, an ISP needs to distribute pornography knowingly. It is therefore unlikely that an ISP who simply provides access to Internet without monitoring the content could be held liable for access to pornography to minors on its servers. It results that the duty of ISPs to prevent access to online pornography to minors is unlikely to be effective, parents or guardians are probably the first ant best defense for protecting children from pornography over the Internet. As regards the content provider, it is likely to be liable if it fails to take reasonable steps to prevent access by children to pornography and to face a sentence to a fine or to imprisonment for a period not exceeding five years or to both.4.1.2 Possession & distribution of child pornography
The Films and Publications Act was amended in 1999 to make the exploitive use of children in pornographic publications, films or on the Internet, punishable.4.1.2.1 Possession of child pornography
Possession is defined in relation to a film or a publication in the Films and Publications Act No 65 as amended as including the keeping or storing in or on a computer system or computer data storage medium and also the fact of having custody, control or supervision on behalf of another person. And section 21 (1) (a) (i) of the same Act states that any person who is in possession of a film or publication which contains child pornography shall be guilty of an offence and further may be sentenced to a fine or to imprisonment for a period not exceeding ten years or to both in terms of section 30 (1A). What this implies for ISP? May they face liability for keeping or storing child pornography on their servers?
It is submitted that ISPs would not be considered in possession of child pornography unless they are aware of its presence on their servers, in which case they have a duty to remove such material and only failure to do so exposes them to liability.
The application and interpretation of Section 27 of the Films and Publications Act related inter alia to the criminalization of the possession of child pornography was considered in the case of De Reuck v Director of Public Prosecutions, case in which De Reuck charged for possession of child pornography challenged the constitutionality of the definition of child pornography. The Witwatersrand High Court dismissed the applicant's challenge and held the definition to be constitutional; on appeal, the Constitutional Court upheld that decision.4.2.2.2 Distribution of child pornography
The Films and Publications Act No 65 punishes the distribution of child pornography of the same penalty as its possession, i.e. a fine or imprisonment for a period not exceeding 10 years or both. But, like possession, the distribution of child pornography requires the requisite knowledge of it by the ISP to give rise to liability. So ISPs who distribute child pornography in the carrying on of their business without being aware of the content of that material will be exempted from liability under the Films and Publications Act. However that Act imposes obligations on ISPs in order to prevent the use of their services for the hosting or distribution of child pornography as well as a close cooperation with the South African Police Services in the combat against child pornography.
One should also note that ISPs who merely provide access to or host child pornography without being aware of the content thereof may be exempted from liability in terms of the Electronic Communications and Transactions Act No 25 of 2002.