The Law on Electronic Commerce, Official Gazette No. 41/2009

Document type
(1) This Law regulates the regulates the conditions and manner of information society services, obligations to inform service users, commercial messages, rules relating to the conclusion of the contract in electronic form, the responsibility of service providers of the information society, and monitoring violations.
(2) Article 3, par. 1.3. defines an information society service as a "service provided at a distance, for a fee, through electronic equipment for data processing and storage, upon personal request of services users, and especially internet based commerce, offering information and advertising via the Internet, electronic search engines, as well as providing search data and services transmitted by electronic networks, providing access to a network or storage of services users’ data." Moreover, Article 3, par. 1.4. defines information society service providers as a "legal entity or entrepreneur, as well as a natural person, who has the status of dealer in accordance with the law governing trade, which offers the services of the information society." 
(3) Article 16-19 provide safe harbours for online intermediaries. Mere Conduit. Article 16 that service providers transmitting electronic messages at the instructions of the user, is not liable for the content of the sent message as well as its further transmission unless he did not:
  • initiate transfer;
  • choose data or document which are subject of transfer;
  • exempt or changed data in the message or document content;
  • choose the content recipient.
(4) Temporary Storage (or Caching). According to Article 17, the service provider is not liable for the automatic, intermediate and temporary storage that is performed only for efficient formation of the data transfer requested by any other user services, if:
  • does not change the data;
  • takes into account the conditions for access to the data;
  • complies with the rules for updating;
  • acts in accordance with the permitted application of technologies for data collection;
  • removes or disables access to the data that is kept immediately after learning that the data is removed from the transmission through the network or is denied access to them, as well as when the court or other competent authority, ordered their removal or disabling of access.
(4) Permanent Storage (or Hosting). According to Article 18, the service provider that stores data at the request of the users, on demand services, is not responsible for the stored data, if:
  • did not or could have known about illegal users' activities or information;
  • immediately after learning that an unauthorized activity or information removed or disabled access to this information.
(5) Linking. According to Article 19, the service provider who through electronic linking grant access to data of another service provider is not responsible for the information, if:
  • did or could not have known about illegal users' activities or information;
  • immediately after learning about illegal activities or information, removes or disables access to the data.
(6) No monitoring Obligations. According to Article 20, when providing information society services, the service provider is not required to review the data that is stored, transmitted or made available, or to investigate circumstances indicating the illegal operation of the service user.
(7) Mandatory Notification. Article 20 also states that service provider must inform the competent state authority if there is a reasonable doubt that:
  • their services are used to undertake illegal activities;
  • users provided illegal information.
The service provider must provide information on the basis of an appropriate judicial or administrative decision, disclose all the information necessary to identify or prosecute offenders, and protect the rights of third parties. 
(8) Notice and Takedown Obligations. According to Article 20, par. 2, notification of illegal activities or information in accordance with Article 18, par. 1. 2 and Article 19, par. 1. 2 shall contain the information about the sender of the notice, the precise description of the online location where illegal activities or information occur, as well as an explanation if the request is inadmissible.
Topic, claim, or defense
General or Non-Specified
Document type
Issuing entity
Legislative Branch
Type of service provider
General or Non-Specified
Host (Including Social Networks)
Internet Access Provider (Including Mobile)
Cache Provider
Issues addressed
Trigger for OSP obligations
OSP obligation considered
Block or Remove
Monitor or Filter
Type of law
General effect on immunity
Strengthens Immunity
General intermediary liability model
Takedown/Act Upon Knowledge (Includes Notice and Takedown)