FantasticSearch

1. A hosting service provider exposed to terrorist content as referred to in paragraph 4 shall, where applicable, include in its terms and conditions and apply provisions to address the misuse of its services for the dissemination to the public of terrorist content. It shall do so in a diligent, proportionate and non-discriminatory manner, with due regard, in all circumstances, to the fundamental rights of the users and taking into account, in particular, the fundamental importance of the freedom of expression and information in an open and democratic society, with a view to avoiding the removal of material which is not terrorist content.

2. A hosting service provider exposed to terrorist content as referred to in paragraph 4 shall take specific measures to protect its services against the dissemination to the public of terrorist content. The decision as to the choice of specific measures shall remain with the hosting service provider. Such measures may include one or more of the following:

(a) appropriate technical and operational measures or capacities, such as appropriate staffing or technical means to identify and expeditiously remove or disable access to terrorist content;

(b) easily accessible and user-friendly mechanisms for users to report or flag to the hosting service provider alleged terrorist content;

(c) any other mechanisms to increase the awareness of terrorist content on its services, such as mechanisms for user moderation;

(d) any other measure that the hosting service provider considers to be appropriate to address the availability of terrorist content on its services.

3. Specific measures shall meet all of the following requirements:

(a) they shall be effective in mitigating the level of exposure of the services of the hosting service provider to terrorist content;

(b) they shall be targeted and proportionate, taking into account, in particular, the seriousness of the level of exposure of the services of the hosting service provider to terrorist content as well as the technical and operational capabilities, financial strength, the number of users of the services of the hosting service provider and the amount of content they provide;

(c) they shall be applied in a manner that takes full account of the rights and legitimate interest of the users, in particular users’ fundamental rights concerning freedom of expression and information, respect for private life and protection of personal data;

(d) they shall be applied in a diligent and non-discriminatory manner. Where specific measures involve the use of technical measures, appropriate and effective safeguards, in particular through human oversight and verification, shall be provided to ensure accuracy and to avoid the removal of material that is not terrorist content.

4. A hosting service provider is exposed to terrorist content where the competent authority of the Member State of its main establishment or where its legal representative resides or is established has:

(a) taken a decision, on the basis of objective factors, such as the hosting service provider having received two or more final removal orders in the previous 12 months, finding that the hosting service provider is exposed to terrorist content; and (b) notified the decision referred to in point (a) to the hosting service provider.

5. After having received a decision as referred to in paragraph 4 or, where relevant, paragraph 6, a hosting service provider shall report to the competent authority on the specific measures that it has taken and that it intends to take in order to comply with paragraphs 2 and 3. It shall do so within three months of receipt of the decision and on an annual basis thereafter. That obligation shall cease once the competent authority has decided, upon request pursuant to paragraph 7, that the hosting service provider is no longer exposed to terrorist content.

6. Where, based on the reports referred to in paragraph 5 and, where relevant, any other objective factors, the competent authority considers that the specific measures taken do not comply with paragraphs 2 and 3, that competent authority shall address a decision to the hosting service provider requiring it to take the necessary measures so as to ensure that paragraphs 2 and 3 are complied with. The hosting service provider may choose the type of specific measures to take.

7. A hosting service provider may, at any time, request the competent authority to review and, where appropriate, amend or revoke a decision as referred to in paragraph 4 or 6. The competent authority shall, within three months of receipt of the request, adopt a reasoned decision on the request based on objective factors and notify the hosting service provider of that decision.

8. Any requirement to take specific measures shall be without prejudice to Article 15(1) of Directive 2000/31/EC and shall entail neither a general obligation for hosting services providers to monitor the information which they transmit or store, nor a general obligation actively to seek facts or circumstances indicating illegal activity. Any requirement to take specific measures shall not include an obligation to use automated tools by the hosting service provider.