I finally got around to reading the articles you gathered on hosting liability before xmas:
A little more on the legal position of hosts if their users do naughty things....
There is a useful paper here: http://pcmlp.socleg.ox.ac.uk/sites/pcmlp.socleg.ox.ac.uk/files/liberty.pdf
This interesting, but it seems to concern only ISPs, rather than hosting companies. We won't be providing users with access to the internet through our services, so hopefully we won't have such responsibilities.
Hosts in Europe seem to get some protection - although not as much as they get in the USA. I have no idea whether English law overides Eurpean law, though. English law is quite damning on ISPs - as past case law seems to regard an ISP as a publisher, even if they are only blindly storing and forwarding material from elswhere. See http://www.cl.cam.ac.uk/~rnc1/Judge_and_Jury.html and http://www.nominet.com/disputes/caselaw/index/godfrey/
These two articles and the cases they relate to concern a different kind of distribution to mail hosting. The key case of Godfrey vs Demon Internet relates to Usenet hosting of libellous material. Demon Internet, who were both an ISP and also providor of Usenet hosting, continued to make libellous material (publicly?) available after they had been asked to remove it.
It seems to me that mail hosting is fundamentally different as far as copyright and libel law is concerned, because it does not distribute anything publicly; it only transmits information to specific people / computers (the senders and recipients of emails). As distribution is the point that cases always hinge on, it seems to me, as mail host provodiers we would not encounter these sorts of problems.
The only situation I can envisage that could make us liable for indirect copyright infringement or libel is one where one of our users was mass-mailing unsolicited, contested material (spamming). If this were ever to happen we would disable their accounts as soon as we were notified anyway, I imagine.
However, it seems that there is some protection for hosts if they don't select who is using the site, and they don't actively monitor data.
Seeing as our only users would be ones who we have agreed to host, and accepted payment from, would that not be classified as selecting who uses our services? Or is that point moot in the case of mail hosting?
if a complaint was received - then the only option might be to instantly "suspend" a user's account, as there wouldn't even be an option to look at the content passing through the system.
We could require some kind of evidence from the complainant before enacting a takedown, but it seems unlikely to me that we will receive takedown notices for encrypted email content stored on our servers except in the case of spamming described above.
Unfortunately, the act of allowing users to push encrypted material through the server might be construed under law as complicity - ie. deliberately setting up a system that could be used for nefarious purposes.
Indeed. I wonder if there are any precedents for this interpretation being made by a court for services being provided relating to encryption.
I would also like to ask a contact of mine, Shaun Fensom, about this, as apparently he has experience with such matters and a background with ISPs.
Thoughts on any of the above?
Thanks,
Sam.