Regulation (EU) 2021/784 on addressing the dissemination of terrorist content online (“Terrorist Content Online Regulation“, in short: TCO Regulation) entered into force on 7 June 2021. Its provisions have been applicable in Malta since 24 March 2023. The Regulation lays down uniform rules to address the misuse of hosting services for the dissemination to the public of terrorist content online.
The provisions apply to companies offering hosting services in the EU, irrespective of whether or not their main establishment is located in an EU Member State.
Authorities which have become aware of the publication of terrorist content online will issue an order requiring the content to be removed and/or access to the content to be disabled. Providers must comply with the order within one hour of receipt. Providers failing to comply with an order and systematically and persistently failing to comply with the provisions may be liable to a penalty of up to 4% of their global turnover of the preceding business year.
Pursuant to Article 12(1) of Regulation (EU) 2021/784, Malta’s competent authorities are:
(Article 17 of the TCO Regulation)
Hosting service providers which do not have their main establishment in the EU but offer services in the EU must designate a legal representative in the EU. The legal representative is responsible for receiving, complying with and implementing decisions from authorities. If a provider’s legal representative resides in Malta, notification of the designation must be sent immediately to the following email [email protected].
The information according to Article 8 TCO Regulation is available here:
The term “hosting service provider” within the meaning of the Terrorist Content Online Regulation means something slightly different from what the term is generally taken to mean. Hosting service providers within the meaning of the Terrorist Content Online Regulation (“TCO hosting service provider”) provide services that meet the following three requirements:
Content within the meaning of the Terrorist Content Online Regulation may be individual files such as texts, images, videos or downloads but can also be entire websites or platforms if, for example, their content largely serves the purpose of disseminating terrorist content.
In practice, a distinction is made, depending on the business model offered, between indirect hosting service providers and hosting service providers within the meaning of the Terrorist Content Online Regulation (TCO hosting service provider). The Court of Justice as a Court of Criminal Judicature interpretation is that the Terrorist Content Online Regulation only fully applies to TCO hosting service providers.
A classification as a TCO hosting service provider or indirect hosting service provider applies to an individual business model (for each individual service offered by a hosting provider) and not to an individual company. A company may therefore be classified as both a TCO and an indirect hosting service provider.
TCO hosting service providers are understood to be providers offering services for the storage and dissemination of information by technical means on the internet and for the storage of information provided by and at the request of a content provider (within the meaning of Article 2 point (1) of the Regulation).
Indirect hosting service providers are understood to be providers that offer services for arranging hosting services or, for example, provide the technical infrastructure or other support services for other hosting service providers (such as server operators) and that are not in direct contact with the content providers. The services offered therefore do not involve storing information at the direct request of a content provider and therefore generally do not fall within the scope of the Terrorist Content Online Regulation.
The Regulation is fully applicable to TCO hosting service providers.
Under the Regulation and the Terrorist Content Online Act, hosting service providers must:
TCO hosting service providers that take specific measures pursuant to Article 5 of the Regulation must establish an effective and accessible mechanism allowing content providers to submit a complaint concerning the removal of content or disabling of access to content.
All requests must be examined promptly. If the removal of content or disabling of access to content was unjustified, the content or access must be reinstated without undue delay. The complainant must be informed within two weeks of receipt of the complaint. If a complaint is rejected, the reasons must be given.
The specified terrorist content must be removed or access to the content disabled in all EU Member States within one hour of receipt of the removal order.
The competent authority that issued the removal order and the Bundeskriminalamt must be informed when the content has been removed or access to the content has been disabled. (Article 3(3) and (6) of the Terrorist Content Online Regulation)
Please complete the template for “Feedback following removal of or disabling of access to terrorist content” set out in Annex II to the Regulation and indicate the time of the removal or disabling.
Please inform the competent authority that issued the removal order and the Malta Police Force without undue delay using the template for “Information about the impossibility to execute the removal order” set out in Annex III to the Terrorist Content Online Regulation. (Article 3(8) of the Regulation).
Please complete the template for “Information about the impossibility to execute the removal order” set out in Annex III to the Terrorist Content Online Regulation. Please inform the competent authority that issued the removal order and the Malta Police Force without undue delay and explain your reasons. (Article 3(7) of the Regulation)
The same applies in this case: the specified terrorist content must be removed or access to the content disabled within one hour.