In the recent case of Totalise plc v Motley Fool Ltd and Another, the High Court ruled that website operators must identify the source of defamatory comments.
A subscriber to the financial website Motley Fool began posting statements on the site’s discussion board which were defamatory of Totalise plc, the financial services company. As the subscriber was using a pseudonym, "Zeddust", Totalise asked Motley Fool to identify Zeddust so that they could sue for defamation. Motley Fool removed the statements and banned Zeddust from their site but refused to reveal his or her true identity.
Zeddust then began to post similar statements on another financial website, Interactive Investor, with similar results.
Both ISPs argued they would be in breach of confidence and of the Data Protection Act 1998 if they revealed Zeddust’s identity.
Totalise applied to the court to force the hand of both ISPs. In addition to the Data Protection Act, one of the ISPs also opposed the application by citing section 10 of the Contempt of Court Act 1981. The act, regularly used as a defence by newspapers, states: "No court may require a person to disclose … the source of information for which he is responsible, unless it be established to the satisfaction of the court that disclosure is necessary in the interests of justice or national security or for the prevention of disorder or crime." This was a perilous defence since it involved the ISP’s accepting responsibility for the defamatory material and abandoning their usual Defamation Act 1996 defence to any defamation action.
Mr Justice Robert Owen ordered both websites to reveal the identity of Zeddust, as he was satisfied that disclosure was "necessary in the interests of justice". He dismissed Motley Fool’s Contempt of Court Act defence, as the operators of the websites were not responsible for the publication of the material as they exercised no editorial control. On the Data Protection Act he added that the exemptions from the non-disclosure provisions were wide enough to allow disclosure to an innocent party seeking to establish its legal rights. The ISPs were ordered to pay Totalise’s costs.
Does this decision mean that the Data Protection Act no longer protects anonymous contributors to websites? And should websites that host discussion boards start to censor their content?
The answer to both these questions is no. The non-disclosure provisions of the Data Protection Act still apply to controllers of personal data. But a sensible ISP will maintain a ‘hands off’ approach and cover itself by securing users’ agreement to a privacy policy allowing disclosure in the case of clear abuse of the cloak of anonymity.
The case raises interesting questions concerning the future of discussion boards, not least about the relationship between privacy and free expression rights for subscribers to such boards.
Rupert Earle is a partner at Theodore Goddard
Email pged@pressgazette.co.uk to point out mistakes, provide story tips or send in a letter for publication on our "Letters Page" blog