Legal checklist: user generated content

07 Apr 2012
Alasdair Taylor

The web has changed radically since 2005.  We’ve seen the rise of some websites, the demise of others; the evolution of new business models and the senescence of others; new languages, new technologies and new platforms have driven a revolution in web culture; and the principle that gives unity to that revolution is the principle of user participation. 

In many contexts, user participation implies user generated content.  From blog comments to forum discussions, social walls to photo sharing services, much of the web now consists of content provided by users. 

If you’re setting up a new site or service, there’s a good chance that you’ll be thinking about including user content-based features.  If so, this checklist will help you to negotiate some of the associated legal issues.  

(1) Guidance for users

Consider publishing clear guidelines for users describing what can and cannot be posted.  Whilst the legal T&Cs should cover the nitty-gritty (see below), most people won’t read them.  A short and clear notice in a prominent place on the website will help educate users about their legal obligations.  

(2) Website T&Cs

Ensure that your T&Cs include appropriate user content provisions.  Matters to cover include: the licence granted by users to you; any licence enabling others to reuse content posted on the site; warranties that the content doesn’t give rise to any legal liabilities; indemnities for when it does; and disclaimers in relation to user content.  Where practicable, T&Cs should be expressly accepted by users who post content on your website.

(3) Personal data

User content often includes personal data, bringing the Data Protection Act 1998 and related legislation into play.  Ensure your processing complies with the DPA, and that appropriate disclosures are included in your privacy policy and in the body of pages that may collect personal information.  Consent may be needed for the processing of personal data.

(4) Abuse reporting procedure

Provide an easy-to-find and easy-to-use abuse reporting procedure, and act promptly upon reports of abuse.  Abusive content, in this context, is any content that doesn’t comply with your carefully-crafted T&Cs.

(5) Special defences

Assess whether you can take advantage of the defences under Section 1 Defamation Act 1996 and Regulations 17 to 19 of the Ecommerce Regulations.  The availability of these defences may depend upon the extent to which you take responsibility for the publication of the user content. Consider whether to: (i) review all user content prior to publication; (ii) review user content ex post facto; or (iii) take a hands-off approach, and only review content where it has been notified to you.  You may want to take professional advice on this point.

(6) Copyright infringement checks

There are various web services that can be used to check content posted to a website for copyright infringement.  Although such services are not comprehensive – and never will be – they are an extra line of defence, and they may be appropriate for some kinds of site.


According to what I read somewhere else on this site, “review content where it has been notified to you” may be the safest option for an operator. My question is: under which case would an automatic system be considered? For example, some antispam tool running periodically. Would this be considered as reviewing each post? How would you tell whether a post was reviewed (and optionally removed) by a tool or the operator?

Add a new comment

Your email address will not be published.

SEQ Legal
Copyright © 2022 Docular Limited | All rights reserved