The European Union currently contains some 380 million citizens in 15 member states, and these figures are set to expand as the EU enlarges.Regulations published at the end of February by the Tánaiste, Ms Harney, have the effect of guaranteeing that an Irish person has the right to offer an "information society service" to every one of those people in every EU member state together with those in the European Economic Area.
So long as Irish law is complied with, an Irish service provider does not have to worry about complying with local regulations.
This freedom comes with a number of exceptions and limitations; for example, it may be limited in order to protect public health, so the regulation should not be seen as authorising the setting up of online pharmacies or prescribing services.
But this regulation and the EU directive that it implements may have the effect of creating a significant competitive opportunity for Ireland. Many European economies are notoriously over-regulated, so Ireland may be able to position itself as a more business-friendly location than European competitors in e-businesses such as data processing or internet hosting.
It is true that the right to provide online services does not come without its disadvantages, one of the most noticeable being "spam" or unsolicited email. This is already a costly problem for businesses and internet users. One EU study has estimated that spamming imposes costs on users of at least €10 billion worldwide every year.
One service provider, AOL, uses filters to block some 780 million spams every day, an average of 22 per customer.
The regulations expressly state that they do not permit the sending of spams. They also try to begin dealing with this problem by making it an offence to send an "unsolicited commercial communication" that is not identified "clearly and unambiguously as such".
There are indications that this may be done by placing the letters ADV or UCE in the subject line of a spam. This should make it easier for users (or their employer or ISP) to eliminate such communications before they start clogging up mailboxes and slowing down systems. Breaches will be prosecuted by the Data Protection Commissioner, and upon conviction a fine of up to €3,000 or imprisonment for a term not exceeding three months may be imposed.
Businesses intending to advertise online would be wise to familiarise themselves with these provisions and the similar provisions relating to commercial communications.
The regulations may not be effective against high-volume spammers from outside the EU, but they may discourage Irish businesses from engaging in spam. Cutting the number of businesses who can use spam may reduce the amount of spam, but spamming is a volume business, which relies upon sending out a vast number of spams in order to generate a tiny proportion of replies.
The regulation also changes the rules for online contracts: service providers must provide users with certain information before a contract is concluded and once an order is placed the provider must acknowledge it as soon as possible.
One danger for those who provide internet services is that the provider of a service may be held liable for the activities of users.
This could occur under Ireland's strict laws on the publication and retention of defamatory material.
The regulation tries to control this danger by limiting the liability of service providers in certain situations.
The first is where the service provider provides a "mere conduit" for the transmission of information, so the provision of internet access will of itself be exempt from liability.
So if a person used the internet to publish a defamatory communication, the service provider who enabled them to access the internet would be expressly exempted from liability under this provision.
A service provider who caches or stores information temporarily to make it easier for users to access it will be exempt from liability, subject to certain conditions such as it cannot modify the information concerned.
Finally, a service provider will be exempt from liability in relation to the hosting or storage of information relating to an 'unlawful activity'.
This is provided that the service provider does not have actual knowledge of the unlawful activity or acted expeditiously to remove such information as soon as it became obtained such knowledge.
This provision goes some way to redressing section 22 of the Electronic Commerce Act 2000, which extended the laws of defamation to the "retention of information electronically".
These provisions should make life somewhat easier for Irish service providers, but some EU member states such as Holland are already providing exemptions from liability that go far beyond those provided under Irish law, which may allow them to derive benefits and investment in the longer term.
So deciding how these provisions will work in practice may prove to be a not inconsiderable challenge.
Denis Kelleher is a practising barrister and co-author of Information Technology Law in Ireland the second edition of which will be published later this year, http://www.ictlaw.com.
