By Godana Galma
(Amendment) Act (2019) (the Act) introduced a Notice and Takedown (NTD)
regime in the country’s legal system. Most jurisdictions have adopted NTD as
the legal standard to address copyright infringement within cyberspace. This
blogger commends the Act for addressing the interests of copyright holders with
regard to online infringement. However, apart from copyright, there are other
rights that are affected by the structure set out in the Act.
While previous posts relating to the Act have dealt
primarily with Intellectual Property considerations, this piece will attempt to
highlight both the direct and indirect implications of the Act on digital
rights. This analysis will be used to formulate recommendations on how to
achieve a balance between copyright and digital rights.
RIGHT OF ACCESS TO
The right to access information enables citizens to
obtain information held by state agencies. In some instances, it extends to
private persons. It is based on the premise that governments hold information
not for themselves but on behalf of the public. Information-access laws foster
transparency and accountability in decision making allowing citizens to
participate in governance.
In Kenya, this right is enshrined in Article 35(1) of the Constitution of Kenya (2010) and the Access to Information Act (2016).
This blogger opines that the above right is directly limited
by Section 35B (5) which states,
“An Internet Service
Provider (ISP) shall disable access to the material within forty eight business
hours unless it receives a counter notice fulfilling the requirements set out
for a takedown notice and contesting the contents of the takedown notice.”
When an ISP complies with a takedown notice, a number
of parties are affected. They are: the person issuing the notice, the ISP, the
content publisher and other internet users who want to view the content.
This provision recognizes the interests of content
publishers by implicitly providing for the remedy of issuance of a counter
it fails to provide mechanisms through which content can be reinstated. In so doing, it ignores the interests of other
internet users who may want to access the content. Once a takedown notice is
implemented, such individuals have no recourse whether or not actual
infringement is upheld. To the extent that there is no restorative mechanism,
the NTD structure limits the right of access to information.
In contrast, the United States’ Digital Millennium Copyright Act (1998) recognizes the information-access
rights of these other users and providing an elaborate structure through which
content may be restored by ISPs.
Additionally, there is no mandate for the Kenya
Copyright Board or ISPs to maintain records or a repository regarding NTDs. Availing
such information is important not only for users but also for the general
public’s right of access to information.
RIGHT TO FREEDOM OF EXPRESSION
of expression is the right to communicate or express ideas, opinions or beliefs
through any media without restraint.
This right protects an individual’s autonomy to form his/her own worldview from
unjustified censorship. Free
speech is constitutionally recognized in Article
blogger contends that the NTD structure has an indirect effect on the freedom
of expression. The framing of certain provisions in the Act promote a culture
35A (1) (b) (v) provides,
“An ISP Provider shall not be liable for
infringement…so long as the ISP removes or disables access once it receives a
provision conditions the grant of safe harbor
on compliance with takedown notices.Under
the Act, an ISP has a maximum of 48 hours to comply with takedown requests. Section 35B (6) further states,
“An ISP which
fails to take down or disable access when it receives a takedown notice shall
be fully liable for any loss or damages resulting from non-compliance to a takedown
notice without a valid justification.”
this section gives ISPs a defense to non-compliance, it fails to define what
constitutes ‘valid justification.’ Section 35B (10) further provides,
“An ISP Provider shall not be liable for wrongful
takedown in response to a valid takedown notice.”
ISPs face severe criminal sanctions for failure to takedown content, they enjoy immunity against wrongful
provisions, when read together, incentivize ISPs to act in a certain manner. First,
they condition safe harbor on compliance with takedown notices. Secondly, they
give ISPs an extremely short window within which to comply with notices.
Lastly, they grant ISPs protection against liability arising out of wrongful
takedown. This deliberate framing of these provisions places ISPs in a
precarious position. ISPs are forced to weigh the immediate danger of losing
their safe harbor against the perceivably lesser threat of upsetting their
there is a general propensity for ISPs to lean on the side of caution and censor
the content in question regardless of whether actual infringement has occurred.
While the Act does not explicitly impede
free speech, it deliberately promotes a culture of censorship within the
conduits of such speech. This is what this blogger refers to as the indirect
effect on free speech.
RIGHT TO PRIVACY
The right to privacy is an individual’s right against
undue intrusion into fundamental personal matters by public or non-public
bodies. Privacy protects us from having information on personal matters unduly
publicized or revealed. The
digital right to privacy has come under focus in light of the invasive culture pervading
the information age. The right to privacy is enshrined in Article 31 of the Constitution.
While privacy is the foundation of a number of
individual freedoms, perhaps its most crucial element in modern times is the protection
of personal data. In
this regard, Parliament passed the Data
Protection Act (2019) which provides the legal and institutional mechanism
for the protection of personal data.
As with free speech, the Act does not expressly set
out to limit the right to privacy. However, the particular wording in certain
provisions may indirectly affect the privacy rights of users. Section 35A (1) (c) (ii) states,
“An ISP shall not be
liable for damages arising from material stored
at the request of the recipient of the services, as long as it is not aware of
the facts or circumstances from which the allegedly infringing activity or
infringing nature of the material is not apparent”
This blogger pays particular emphasis to this
provision as it imposes liability upon ISPs where the infringing nature of the
material is ‘apparent.’ The
particular wording of this provision can be said to impose a kind of ‘constructive knowledge’ obligation on
As private entities, ISPs should not be tasked with
public enforcement roles. They
cannot be expected to determine whether content on their platform is actually
infringing as this constitutes a judicial role. Imposing such duties may force them
to aggressively police their servers for any sign of infringement. The privacy
implications of this scenario are apparent (no pun intended).
In such instances, conducting a surveillance on the
activity of users may inadvertently reveal a user’s personal information such
as identity and location data.
Therefore, by imposing public roles on ISPs, the Act may indirectly infringe on
the privacy rights of users.
Acthas to a great deal, addressed
the plight of copyright holders in terms of protecting their works in the
digital sphere. However, in so doing, it has directly and indirectly affected other
rights of content publishers and other internet users. Drawing from this
analysis, this blogger makes certain recommendations.
there is need for fundamental reforms to the NTD structure and to develop a framework
that embodies interests of all concerned parties. Rather than incentivizing ISPs to protect
themselves, the Act can achieve a degree of balance by imposing correlating duties
to protect the interests of other parties i.e. privacy and information-access.
This framework may also relieve ISPs of public roles such as the aforementioned
constructive knowledge obligations. Such reforms will ensure that ISPs aren’t encouraged
to infringe on the rights of other parties in the name of compliance.
blogger also calls for greater transparency in the takedown notice process. An
ideal framework should integrate the interests of other internet users by
providing an elaborate process through which content can be restored. Additionally,
this piece suggests the development of a process for recognition of a representative
body for ISPs. This body should be tasked with a number of obligations such as
keeping records. This blogger draws this suggestion from the South African Electronic Communications and Transactions
Act (2002) which lays down a clear procedure for recognition of a
Whilst the Act alludes to the recognition of an umbrella association,
it does not explicitly define its roles nor the conditions for its recognition.
Such a procedure would go a long way in promoting transparency and
accountability in the takedown process.
upcoming post will focus on the place of automation and the effects of
utilizing robotic processes in implementing takedown notices.)
 The NTD model
introduced by the Digital Millenium Copyright Act (1998) has largely become the
standard with nations adopting its basic structure. It was adopted in Europe
through the EU’s Electronic Commerce Directive (2000).
 P. Gathu, H. Kahindi, ‘Access to Information in Kenya’ Tranparency
International,Adili, Issue 155 at https://tikenya.org/wp-content/uploads/2017/06/adili-155-access-to-information-in-kenya.pdf
Article 35 provides (1) Every citizen has
the right of access to (a) information held by the State; and (b) Information
held by another person and required for the exercise or protection of any right
or fundamental freedom.
 This Act provides a
framework to facilitate disclosure of information held by public entities and
private bodies. For instance an individual can seek to access details regarding
the government’s revenues and spending which they can obtain from the Budget
Documents availed by the National Treasury.
 The right to issue a
counter notice, though not directly stated, is implied in Section 35B (5) of
 S.512, Digital Millenium Copyright Act (1998)
 Article 19, ‘Kenya: Copyright (Amendment) Bill 2017’
 Duhaime’s Law Dictionary, ‘Freedom of Expression’ at http://www.duhaime.org/LegalDictionary/F/FreedomofExpression.aspx
 A. Barak, ‘Freedom of Expression and its Limitations’ Kesher / קשר, No. 8, 1990, pp. 4e–11e
 A safe harbor is a
provision in legislation that provides protection from liability or penalties
upon fulfillment of certain conditions. Safe harbor provisions are used to protect
parties who act in good faith but violate the law on technicalities beyond
their reasonable control.
 Section 35B (5), Copyright (Amendment) Act 2019
 ‘Right to Privacy’ Wex Definitions, Legal Information Institute at https://www.law.cornell.edu/wex/right_to_privacy
 Article 31 of the Constitution provides, “Every person has the right to privacy, which
includes the right not to have—(a) their person, home or property
searched;(b) their possessions seized;(c) information relating to their family
or private affairs unnecessarily required or revealed; or(d) the privacy of
their communications infringed.”
 Excerpt from B.
Rossler, ‘The Value of Privacy’
(Cambridge: Polity Press 2005) as cited by Justice Odunga in ANM & another v FPA & another 
eKLR at http://kenyalaw.org/caselaw/cases/view/174597/
 Constructive knowledge
is a legal term for information that a party is presumed by law to have and
which is obtainable by reasonable inquiry.
 ILP Abrogados ‘Actual Knowledge, Constructive Knowledge,
Imputed Knowledge and To the Seller´s Knowledge in a Purchase Agreement’ at
 ISPs are mere private
entities offering services to their clients for consideration. As such, they
should not be burdened with the obligation to enforce copyright. This mandate
falls within the purview of public entities such as KECOBO.
 Content recognition and
filtering tools generally rely on fingerprinting and watermarking technology,
which entail ‘real-time’ monitoring and identification of infringing material
before blocking access. These tools conduct a surveillance of network packets
thereby revealing personal information. See https://www.tandfonline.com/doi/full/10.1080/13600869.2018.1475906?af=R
 Section 71, Electronic Communications and Transactions
Act (No. 25 of 2002)
 Section 35B (2) (h) Copyright (Amendment) Act (2019)