Illegal websites rely on essential web services to operate, such as hosting, payment, advertising, proxy providers, domain name providers and marketplaces.
These mainstream providers are making millions in fees from fraudulent business customers who provide unverified or inaccurate data on their identity.
The absence of an obligation for service providers to verify the identity of their business customers, and the resulting anonymity, make it nearly impossible to bring civil or criminal actions to stop online harms.
Lack of business customer verification renders Art. 5 of the E-Commerce Directive (ECD), which actually requires all online businesses to provide their name, physical address, and contact details, rather useless and unenforceable.
Requiring commercial entities to reveal their true identity on the internet would automatically reduce illegal content online and would greatly facilitate consumers’ and business customers’ efforts to seek redress. The obligation actually already exists: Article 5 ECD establishes general information requirements, that service providers shall render easily, directly and permanently accessible to the recipients of their services and to competent authorities. These information requirements include the name of the service provider, the geographic address at which the service provider is established and the details of the service provider, including their email address, which allow them to be contacted rapidly and communicated within a direct and effective manner.
The problem is that commercial entities that intentionally distribute illegal content knowingly choose not to comply with this obligation. Under existing law, they face no consequences for failing to do so. Operators of scam websites seeking to defraud consumers, as well as operators of online services disseminating child abuse content, illegal gambling, counterfeit products and other harmful content freely target EU citizens, using EU-based infrastructure, with an impunity borne of complete anonymity.