Explanatory Memorandum

1. The right to an effective remedy is enshrined in Article 13 of the ECHR. Everyone whose rights and freedoms are restricted or violated on the Internet has the right to an effective remedy.

2. Article 13 of the ECHR guarantees the availability, at the national level, of a remedy to enforce the substance of ECHR rights and freedoms in whatever form they might happen to be secured in the domestic legal order. It requires the provision of a domestic remedy to deal with the substance of a complaint under the ECHR and to grant appropriate relief. States have a positive obligation to carry out an investigation of allegations of human rights infringement that is diligent, thorough and effective. The procedures followed must enable the competent body to decide on the merits of the complaint of violation of the Convention and to sanction any violation found but also to guarantee the execution of decisions taken.

3. There should be a national authority tasked with deciding on allegations of violations of the rights guaranteed in the ECHR. There must be a specific legal avenue available whereby an individual can complain about the unreasonable length of proceedings in the determination of his/her rights. The authority may not necessarily be a judicial authority if it presents guarantees of independence and impartiality. However, its powers and the procedural guarantees afforded should permit a determination whether a particular remedy is effective.

4. The procedure followed by the competent national authority should permit effective investigation of a violation. It should allow the competent authority to decide on the merits of the complaint of a violation of ECHR rights, to sanction any violation and to guarantee the victim that the decision taken will be executed. The remedy must be effective in practice and in law and not conditional upon the certainty of a favourable outcome for the complainant. Although no single remedy may itself entirely satisfy the requirements of Article 13, the aggregate of remedies provided in law may do so.

5. Effective remedies should be available, known, accessible, affordable and capable of providing appropriate redress. Effective remedies can also be obtained directly from Internet service providers (although they may not enjoy sufficient independence to be compatible with Article 13 ECHR), public authorities and/or other national human rights institutions. Possibilities for redress include an inquiry, an explanation by the service provider or online provider, the possibility to reply to a statement which is considered for example defamatory or offensive, reinstatement of user-created content that has been removed by an online service provider, and reconnection to the Internet when Internet users have been disconnected and related compensation.

6. States, as part of their positive obligations to protect individuals against violations of human rights by private companies, should take appropriate steps to ensure that when such violations occur those affected have access to judicial and non-judicial mechanisms. The United Nations Guiding Principles on Business and Human Rights specify that companies should establish complaint mechanisms which are accessible, predictable (providing clear and known procedure with indication of time frames for each stage of the process, clarity on the types of process and outcomes available and the means for monitoring their implementation) equitable (access to sources of information, advice and expertise), transparent and capable to offer remedies which are in full compliance with international human rights standards directly to individuals.

7. Internet users should be offered clear and transparent information regarding the means of redress available to them. This information could be included in terms of use and/or service or in other guidelines and policies of Internet service/online providers. Internet users should be provided with practical and accessible tools to contact Internet service/online providers to report their concerns. They should be able to request information and seek remediation. Some examples of remedies which may be available to Internet users are helplines or hotlines run by Internet service providers or consumer protection associations to which Internet users can turn in the case of violation of their rights or the human rights of others. Guidance should be provided by public authorities and/or other national human rights institutions (ombudspersons), data protection authorities, regulators for electronic communications, citizens' advice offices, human rights or digital rights associations or consumer organisations.

8. Internet users should be protected from cybercrime. States who are signatory parties to the Budapest Convention have undertaken obligations to protect citizens from criminal activities and offences on the Internet. Internet users have a reasonable expectation to be protected from criminal activity or criminal offences committed on or using the Internet.

9. The focus is on offences against confidentiality and integrity of computer data and systems and computer-related offences. Content-related offences (child pornography, copyright infringement) are not covered here as these are considered to be dealt with in the parts of the Guide relating to the rights of the child. The protection of right-holders is considered to implicate the interests of this particular group rather than those of Internet users. Also, interceptions and surveillance of communications are dealt with in the section on privacy and data protection.

10. Internet users have a legitimate interest to manage, operate and control their computer systems in an undisturbed and uninhibited manner. They should be protected from illegal access to the whole or parts of computer systems used by them including hardware, components, stored data of the system installed, directories, traffic and content-related data. This also includes protection from unauthorised intrusion into computer systems and data (hacking, cracking or other forms of computer trespass) which may lead to impediments to Internet users of systems and data such as access to confidential data (passwords, information and secrets etc).

11. Internet users should also be protected against computer data interference, such as malicious code (for example viruses and Trojan horses). They should also be protected against interference with the functioning of computer or telecommunication systems by inputting, transmitting, damaging deleting, altering or suppressing computer data as for example programmes that generate ‘denial of service attacks, malicious codes such as viruses that prevent or substantially slow down the operation of the system, or programmes that send large quantities of electronic mail to a recipient in order to block communication functions of the system (spamming). This may be an administrative or criminal offence depending on domestic legislation.

12. Internet users should be protected against computer forgery which involves unauthorised creation or alteration of data so that they acquire a different evidentiary value in the course of legal transactions, which rely on the authenticity of information contained in the data.

13. Internet users have a legitimate interest in the protection of assets represented or administered in computer systems (electronic funds, deposit money). They should be protected against computer fraud manipulations which produce a direct economic or possessory loss of an Internet user's property (money, tangible and intangibles with an economic value) such as credit card fraud.

14. Any security measure aimed at ensuring the protection of Internet users from cyber-crime must be in full compliance with the standards of the ECHR, in particular the right to private and family life and the right to freedom of expression.

15. Internet users have the right to fair trial, which is enshrined in Article 6 of the ECHR. This refers to the determination of civil rights and obligations or criminal charges with regard to activities of Internet users. In particular, this concerns key principles pronounced by the Court, namely the right to a fair and public hearing within a reasonable time by an independent and impartial court; the right to institute proceedings before courts, to a final determination of the dispute, to a reasoned judgment and to the execution of the judgment; the right to adversarial proceedings and equality of arms and others.

16. The Court, although not in Internet-related cases, has established general principles with regard to the quality of administration of justice (independence, impartiality, competence of the tribunal), the protection of right of the parties (fair hearing, equality of arms and public hearing) as well as with regard to the efficiency of justice administration (reasonable time).

17. The Internet user has the right to file an individual application to the Court after exhausting all domestic remedies that are available and effective, within six months from the date on which a final decision was taken.

Please see here the full text of the Explanatory Memorandum.