CJEU has made it effectively impossible to run a user-generated platform legally
9 comments
·December 4, 2025xg15
Retric
Anonymous authors have very little reach without external promotion or a long lasting reputation.
If someone builds up a reputation anonymously then that reputation itself is something that can be destroyed when a platform destroys their account etc.
SilverElfin
> Under this ruling, it appears that any website that hosts any user-generated content can be strictly liable if any of that content contains “sensitive personal data” about any person.
Could this lead to censorship as well? For example you could go to a website or community you don’t like, and share information that could be seen as “sensitive personal data” and then file an anonymous complaint so they get into legal trouble or get shut down?
smartbit
Another analysis, by Heise Verlag, publisher of Europe's largest IT and tech magazine https://heise.de/-11102550
The Russmedia ruling of the ECJ: Towards a “Cleannet”?
A change in liability privilege for online providers will lead to a “cleaner”, but also more rigid, monitored internet, says Joerg Heidrich.
free_bip
Seems like a pretty big overreaction IMO. Advertisements deserve more strict regulation than general user-generated content because they tend to reach far more people. The fact that they aren't has resulted in something like 10% of all ads shown being outright scams or fraud[0]. And they should never have allowed the ad to air in the first place - it was patently and obviously illegal even without considering the GDPR.
If these companies aren't willing to put basic measures in place to stop even the most obviously illegal ads from airing, I have a lot of trouble having sympathy for them getting their just desserts in court.
[0]: https://www.msn.com/en-us/money/personalfinance/meta-showed-...
zahlman
> Advertisements deserve more strict regulation than general user-generated content because they tend to reach far more people.
They deserve strict regulation because the carrier is actively choosing who sees them, and because there are explicit fiscal incentives in play. The entire point of Section 230 is that carriers can claim to be just the messenger; the only reason it makes sense to absolve them of responsibility for the content is because to argue that their conveyance of the content does not constitute expression.
Once you have auctions for ads, and "algorithmic feeds", that becomes a lot harder to accept.
tensor
Except this isn't limited to ads is it? From the post it sounds like the ruling covers any user content. If someone uploads personal data to Github now Github is liable. In fact, why wouldn't author names on open source licenses count as PII?
free_bip
You could always sue GitHub to find out.
Personally, I'm not buying the slippery slope argument. I could be wrong of course but that's the great thing about opinions: you're allowed to be wrong :)
234958720934
[flagged]
> I am an unabashed supporter of the US’s approach with Section 230, as it was initially interpreted, which said that any liability should land on the party who contributed the actual violative behavior—in nearly all cases the speaker, not the host of the content.
I never really understood how that system is supposed to work.
So on the one hand, Section 230 absolves the hoster of liability and tells an affected party to go after the author directly.
But on the other hand, we all rally for the importance of anonymity on the internet, so it's very likely that there will be no way to find the author.
Isn't this a massive vacuum of responsibility?