By: Dana Yaffe
Much is said about internet intermediaries’ liability regulation - its pros and cons. The intermediaries are probably the most equipped party to moderate harmful content posted by a third party, and to identify the anonymous offenders. However, such monitoring entail dangers to users' rights, mainly freedom of expression and privacy, especially when done under legal liability laws.
Impersonating profiles on dating sites form a useful perspective to explore intermediaries (in this case dating sites) responsibility to third party harmful behaviour. In our Legal Clinic’s activity, we witness this phenomenon mainly through victims’ experience. The victims who turn to us for help, are mostly women who suffer harassments originating from impersonating profiles on online dating sites. Their stories are similar. An unknown offender creates a fake profile on dating sites using some or all of their personal details (hereinafter “fake profiles”). The characteristics of fake profiles vary. Some profiles use ‘only’ photos of a person but attach to it a different personality (for example they use a woman’s photo but not her real name or occupation etc.). It appears as if the creator of such profiles has no direct intention to harm the victim personally, but only wants to use her photo in order to appear more attractive in the profile. Such profiles might be considered harmless, however, we should keep in mind that such a profile could have grave consequences. One of our clients described rumours regarding the victim’s sexual orientation spread in his workplace (as the site was the LGBT community oriented), and additionally he was anxious the fake profile was only the beginning, and more harassments would follow.
Other fake profiles impersonate a person (mostly a woman) completely – meaning the profile who use the woman’s photos, real name, age, address etc. Those are significantly more harmful. An unknown offender creates a fake profile of a woman, to impersonate her and chat with others as if he were her. The profile associates to the woman sexual desires which are usually blunt and violent, and proposes such sexual encounters on her behalf.
Usually the victims don’t use these dating sites, and sometimes are not even aware to the online ‘dating scene’. In some cases, their friends see the fake profile, and inform them about its existence. In other cases, a woman discovers about the existence of a fake profile when she receives phone calls or messages to her profile on social media, with explicit, blunt and even violent sexual content, from people who believe they only continue a chat they had with her through the fake profile few minutes earlier.
These victims describe the horror such events cause them, and its impact on their daily lives. They are afraid the calls will escalate and that the offender who clearly knows their contact details, also knows where they live. Even if the harassments pause, they live under the constant fear that the fake profile will be reactivated and the harassments would resume. They have no way of knowing when a fake profile is used and on what site.
Such a behaviour constitutes a criminal offence and tortures behaviour of the offender. However, in order to address them legally we have to address three main difficult legal and practical questions. First, as the impersonation is online, usually on a non-Israeli site, which court system has the jurisdiction, and which laws apply? Second, how can we identify the unknown offender? Third, what is the rule of the intermediaries? Could they be liable for not preventing such a behaviour?
Criminal procedures
We hold the position that Israeli Criminal law applies in these circumstances. The victims are Israeli citizens and residents; the behaviour is most likely to be of an unknown Israeli offender and the event should be regarded as taking place in Israel.
The state doesn’t argue otherwise, but, in our experience the police does little with such complaints. It appears as if police officers do not comprehend the gravity of the harm caused by such events and disregard them. In addition, we are under the impression that the legal and practical complexities of a criminal investigation involving an unknown offender and a foreign global company overwhelm the officers at police stations. Majority of complaints were closed without any investigation, and the rest were closed eventually without any significant progress.
The use of the criminal procedures should be increased, for them to be effective and deter offenders from such behavior. However, I want to focus on the civil procedures.
Civil procedures
Civil procedure can be an effective tool in the hands of victims, if it provides them with appropriate measures. Israeli Law is an interesting case study, as it is different from other law systems.
It should be noted that we argue that Israeli courts have jurisdiction in such circumstance and that Israeli Law applies.
Israeli courts are the forum conveniens as the conditions of the recently amended article 500(7a) of the Civil Law Procedure Regulations,1983 - 5744 are satisfied. Case law in Israel support this conclusion even prior to the amendment of the Regulations. For example, the Supreme Court recently held (June 2018) that Israeli courts are the forum conveniens for law suits against Facebook arguing for violation of privacy - Ben Hemo V Facebook. See also Booking V Shapira .
Israeli Civil Law applies, as applicable conflict of laws principles points to the law of the country where the tortious wrongdoings have occurred applies– meaning, in the present case, the Israeli law. The Israeli Supreme Court verdict in Yinon V Karahan established this conclusion.
That being said, perusing civil action against the unknown offender in Israel is very challenging. Under current case law, only the police can demand the disclosure of anonymous offender in such cases, as a part of a criminal investigation. The police as was stated earlier does not use this procedure much.
However, Israeli Law entails an interesting path, when it comes to the liability of online dating sites.
Social networks and other intermediaries are held not liable for third party’s behaviour in Israeli courts, at least so far. However, the Israeli courts reached a different outcome in the past, when it came to dating sites. Two precedents under Israeli case law, one by the Supreme Court, Dobidsky v. Shapira and one at a lower court Barnotabskia v. DoubleTech, held Israeli online dating sites responsible for not removing an impersonating profile, and paid compensation to the damaged individual. One of them even went further to hold that the ‘duty of care’ consists of filtering mechanisms prior to the activation of a profile.
Those precedents were criticized, and with good arguments. Such a ‘duty of care’ requires monitoring of users’ behaviour, and so violates their privacy. We can assume sensitive information, e.g. sexual orientation and preferences is exposed on chats in such sites. More so, liability regimes create ‘barrier to entry’ the market, prevent competition thus forming a market with few companies, which monopolise our data and gain greater expertise and powers.
In the US, the international largest LSBT community dating app Grind was held not liable for these reasons. Even though the circumstances of the case were extreme - fake accounts sent more than 1000 men to the doorstep of an innocent by stander, with sexual and violent ‘offers’ during several years.
The U.S. approach comes at great costs as it leaves many innocent men and (mostly) women at bay, helpless in the face of such harassments. There are US scholars who propose legislation that would better protect individuals while minimizing its negative effects. Most of such proposals focus on due process and response time to users’ reports on harmful behaviour.
Other countries reach different conclusions. In Brazil for example, the court of appeals of the state of Rio de Janeiro found Facebook to be negligent after leaving a plaintiff helpless in the face of harassments caused by an impersonating profile. Facebook had to compensate the plaintiff and pay 55,000 BRL.
Representing these victims, the clinic argue that once notified of a fake profile, online dating sites have ‘duty of care’ to make reasonable efforts to detect, delete and prevent third parties from reactivate fake profiles in reasonable time. Acts and omissions that do not meet the appropriate duty of care, would be considered negligent behaviour under Israeli Law.
Our experience show that legal arguments are not enough. By the time we received any response from a site, which was usually delayed, generic and unhelpful, our clients unfortunately chose not to proceed with the legal procedure. They feared social stigma and emotional difficulties, and some lacked the funds to seek such a legal endeavour. Similar thing happened with an Israeli dating site.
Lately though, it seems as if public debate succeeded in making a difference. “Okcupid”, a major international dating site, has succeeded to detect and block harmful profiles of our latest client. In their response, they state that :
“In addition, OkCupid is taking preventative steps to try to reduce the possibility that further accounts are created with her information. Examples of these measures include permanently banning the email address used to set up the account, as well as proactive monitoring to ban accounts created with the same mobile ID or photos used on the reported (“XXX”) account.
Furthermore, OkCupid recently began SMS verification, and will continue to monitor any accounts using the same IP address so that any account created by the same user can be banned.”
We hope such a response is a first example of dating sites reacting to public demands, and many are to follow. But, it is too soon to tell.
Aside from that one reply, our experience demonstrates that the U.S current approach of No liability can be destructive to our society, as it leaves us exposed and helpless confronting such a behaviour. The main question remains - what should be considered as ‘appropriate measures’ to fulfil the dating sites duty of care? I believe the clinic experience offers some insights for that:
First, the barriers preventing individuals from protecting their rights in the online dating environment are significant, as fear of social stigma and intimate reputation is at stake. We might overestimate the chilling effect such a liability regime would have on innovation.
Second, unlike other intermediaries like social media, there is very limited exercise of freedom of speech if any on dating sites, as they are not used as a platform for public debate. The speech is directed to other users privately. This might justify a different balance from other intermediaries, when it comes to liability laws.
However, users' privacy is still a concern when we contemplate enforcing detection or even monitoring mechanisms in such sites. Here we should turn to technical experts – what are the technical solutions that can preserve mostly privacy and at the same time offer remedies to victims?
Third, liability laws can be of little help to victims due to the international scale of the behaviour. Criminal remedies to such offences should be given higher priority. International legal arrangements should be made to facilitate criminal investigation in such cases, as any investigation usually involves at least another legal system. Legal arrangement facilitating civil law procedures should also be made, lowering the barriers preventing victims from protecting their rights.
** This post is based on a letter that was written with the help of the students in the Legal clinic on Human Rights in Cyberspace of the Hebrew University of Jerusalem, Coral Ben Avi, Anita Agronov, Roy Weitz, Shachar Avraham and Yarden Adas.