On March 28, 2023, roughly six months before the right to request de-indexation takes effect in Québec, the Superior Court of Québec ordered Google to pay $500,000 to A.B., a prominent Québec businessman, for failing to de-index a site containing defamatory materials. The materials, which were posted on a site accessible through the defendant’s search engine, considerably tarnished A.B.’s reputation in both Canada and the United States. Upon learning of their existence in 2007, A.B. repeatedly requested that the defendant remove the links from its search engine. The defendant originally complied, although only for Canadian searches, and subsequently re-indexed the materials in 2011, after which they were once again accessible from Canada.
Although A.B. v.Google (2023 QCCS 1167) is not strictly speaking about the right to request de-indexation as provided for in An act respecting the protection of personal information in the private sector (“PPIPS”), it does provide the following takeaways for technology-based referral services (“Service Providers”) operating in Québec:
- Québec’s Act to establish the legal framework for information technology (“AELFIT”) is increasingly relevant to Service Providers and businesses operating in Québec;
- Service Providers are expected to adhere to the standards they set for themselves in their public-facing statements;
- Geoblocking may not necessarily limit damages in defamation cases;
- The fact that the Internet contains a lot of unreliable information does not diminish the effect of online defamation on a defendant; and
- The court’s decision in this case does not open the floodgates for cases on the right to request de-indexation.
Below, we expand on each of the above points.
1. AELFIT is Relevant to Service Providers and to Businesses Operating in Québec
The law at the centre of A.B. v. Google is AELFIT, and more specifically the second part of article 22 states that a Service Provider, acting as an intermediary, may incur responsibility if, upon becoming aware that its services are being used for illicit activity, it does not act promptly to cease providing the services. So, while under normal circumstances the intermediary is not responsible for the activities engaged in by its users, if it becomes aware that these activities are illicit, it has a duty to act.
On another note, Justice Hussain’s decision points to the increasing relevance of AELFIT. Passed in 2001, AELFIT has remained in the shadows of PPIPS when it comes to assessing the impact of Law 25 – the legislation updating Québec’s personal information protection legislation. For example, and although not related to the present case, AELFIT contains provisions that have been amended by Law 25, such as a requirement to disclose, prior to deployment, the use of technology processing biometric data for identification purposes to Québec’s data protection authority, the Commission d’accès à l’information (“CAI”). This requirement is unique in Canada and presents challenges to pan-Canadian entities that have already deployed biometric-based authentication or identification technology without previously disclosing it to the CAI.
2. Service Providers Will Be Held to Claims in Public-facing Statements
A tactic that worked against the defendant was its reliance on its own public-facing statements and witness testimonies to defend the care it took to provide users with the information that was appropriate to them. The court found the image of the responsible curator that these statements created inconsistent with the defendant’s characterization of itself as a neutral intermediary that was not responsible for the information that transited through its servers.
3. Geoblocking Doesn’t Necessarily Mitigate Defamation Impact
Justice Hussain did not accept the defendant’s argument that the damages to the plaintiff’s reputation were mitigated through its use of geoblocking. The defendant argued that over 99% of searches made by Canadians were directed to the Canadian sites that, prior to 2011, did not have access to the defamatory information. The court decided that since non-Canadian businesspeople could use VPN technology linked to the search engines of their countries of origin, geoblocking could easily be bypassed and therefore did not confine the effects of defamation to a particular location. This conclusion may reflect the strength of the evidence presented by the defendant in this particular case and should not be interpreted as an outright dismissal of the relevance of geoblocking in online defamation matters, but it is nevertheless worth noting.
Find out the different Canadian laws governing defamation to see if your case is worth suing for defamation before the courts here.
4. The Uneven Quality of Information on the Internet Doesn’t Diminish a Defendant’s Fault
The court did not agree that the fact that the Internet contains a lot of incorrect information attenuates the fault of a defendant in a defamation suit. Justice Hussain wrote:
“Québec’s law on defamation does not consider fault to be attenuated by the fact that the defamatory content in question is found in an environment where there is also defamatory content about other people. The victim of the defamation is not the victim of a lesser fault by virtue of the fact that there are other victims of other faults”.
Learn more on the ruling and its impact on future matters.
***
Danielle Miller Olofsson is a senior associate in the Corporate Group. Her practice focuses on all matters relating to privacy, data protection, and cyber security.
Danielle advises clients on compliance requirements and cyber security best practices. She frequently acts as a breach coach to clients that have been the object of cyber-attacks and other malevolent activity affecting their data and personal information. Having practiced law in Europe, Danielle is also called to advise on the increasingly complex requirements surrounding international data transfers and multi-jurisdictional data incidents.