Brief overview: Upload filters are not an end in themselves, but the result of a new liability regime for platforms. Article 17 of Directive (EU) 2019/790 and the German Copyright Service Provider Act (UrhDaG) oblige certain service providers to prevent infringements at the upload stage. This is flanked by exceptions, protective mechanisms against overblocking, and clear complaints procedures. Fundamental rights (Art. 5 GG, Art. 11 GRCh) and personal rights have a parallel effect.
Anyone hosting or providing content in 2025 will need clear processes, reliable technology, and robust contractual clauses to navigate this complex legal landscape.
Legal Framework for Upload Filters: Art. 17 DSM and UrhDaG – Functioning, De Minimis Limits, and "Presumed Permitted" Uses
Target Group and Basic Principle
The Upload Filters regime primarily covers service providers as defined by the UrhDaG. These are platforms that store user-generated content and make it publicly accessible, as stipulated in Section 2 (1) UrhDaG. In essence, the service provider is generally responsible for the communication to the public (Section 1 (1) UrhDaG).
Liability for service providers can only be discharged under specific conditions. This includes the existence of a license, a legally permitted use, or strict compliance with statutory duties of care (Section 1 (2) UrhDaG). This framework originates from Article 17 of the DSM Directive, which assigns a special responsibility to online content-sharing service providers. For more insights into platform liability, refer to our article on Liability of Platform Operators for Illegal User Content.
Presumed Permitted Uses
To prevent disproportionate blocks, a comprehensive system of presumptions, thresholds, and procedural rights has been established under Part 4 UrhDaG. Specifically, Section 9 UrhDaG mandates that presumed permitted uses must be publicly reproduced until the conclusion of a complaint procedure. This provision is crucial for balancing the interests of rights holders and users.
The rebuttable presumption applies if an upload meets three key criteria:
- It contains less than half of a third-party work (or several works).
- It is combined with other content.
- It is minor or has been explicitly marked as legally permitted (Section 9 (2) in conjunction with Sections 10, 11 UrhDaG).
De Minimis Limits for Minor Uses
Section 10 UrhDaG precisely defines certain micro-uses as "minor." These thresholds provide a standardized and technically verifiable corridor for content filtering:
- Up to 15 seconds per cinematographic work or running image.
- Up to 15 seconds per audio track.
- Up to 160 characters per text.
- Up to 125 kilobytes per photograph, illustrated work, or graphic.
It is important to note that this threshold applies exclusively to non-commercial use or for generating insignificant income. Its primary function is to act as an effective overblocking brake, preventing unwarranted restrictions on user-generated content.
Labeling as Legally Permitted
If a de minimis use is not applicable, a two-stage procedure is initiated. Should an upload be automatically blocked during the uploading process, the service provider must inform the user. The user then has the option to mark the content as legally permitted (Section 11 (1) UrhDaG).
Conversely, if an upload is blocked only after it has been uploaded, the content is considered presumed permitted for 48 hours, even without explicit marking (Section 11 (2) UrhDaG). This mechanism safeguards legitimate uses, such as quotation, parody, or pastiche, from premature blocking and ensures user rights.
Complaints and Accountability Procedures
An effective, free, and swift complaints procedure is available for users regarding both blocked and unblocked content (Section 14 UrhDaG). Until a decision is reached in this process, the service provider is not liable under copyright law for the public reproduction of presumably permitted uses (Section 12 (2) UrhDaG).
Furthermore, in the case of minor uses, the user is also temporarily not responsible (Section 12 (3) UrhDaG). This legislative approach combines preventive filtering obligations with robust procedural safeguards, ensuring fairness and legal certainty in content moderation.
Limitations in Copyright Law
Traditional permissions within copyright law remain fully applicable. Notably, these include Section 51 UrhG (quotation) and Section 51a UrhG (caricature, parody, pastiche). These legal standards frequently form the substantive basis for marking content as legally permitted, in accordance with Section 11 UrhDaG.
Start-up and Small Service Provider Privileges
Section 2 UrhDaG differentiates between start-up service providers and small service providers. Start-ups are defined, for example, by EU turnover of ≤ €10 million and services active for less than three years. Small service providers have a turnover of ≤ €1 million.
Section 7 UrhDaG provides relief from certain upload filter obligations for these groups. However, it does not exempt them from other duties, such as license acquisition or general procedural requirements. Any entity integrating platform functions into a product should promptly assess if these thresholds might be exceeded. For relevant considerations, see our guide on Common Legal Mistakes Made by Start-ups.
Upload Filters, Fundamental Rights, and Overblocking: Freedom of Expression and Art in Balance
Fundamental Rights Framework
Upload filters inevitably impact fundamental communication rights. On a national level, Art. 5 para. 1 GG (freedom of expression and information) and Art. 5 para. 3 GG (artistic freedom) provide essential protection. At the EU level, Art. 11 CFR is paramount for freedom of expression.
The Court of Justice of the European Union has affirmed that Article 17 of the DSM Directive complies with fundamental rights. Crucially, it emphasized the necessity of protective mechanisms against overblocking (e.g., C-401/19, Poland v. Parliament and Council). German implementation law, through Sections 9-12 UrhDaG, specifically addresses this requirement, integrating safeguards against overblocking.
Proportionality Through Procedural Safeguards
The legislator has opted against unfettered filtering, instead requiring structured consideration through predefined rules. This includes threshold values (de minimis limits), the presumption of "presumed permitted" content, options for user labeling, and swift complaint processes with substantive reassessment.
This combination aims to mitigate erroneous decisions by automated systems. Simultaneously, it protects the legitimate interests of rights holders, ensuring a balanced and proportionate application of the law.
"Presumed Permitted" Is Not an Amnesty
The "presumed permitted" status safeguards legitimate use until clarification. However, this presumption is overturned if the legal permission is found not to apply. Rights holders retain claims for injunctive relief and removal; the platform's provisional freedom from responsibility, as per Section 12 (2) UrhDaG, ends with the decision in the appeal proceedings.
This system obliges all parties—platforms, uploaders, and rights holders—to provide verifiable arguments. It fosters a balanced approach to content moderation, demanding accountability from all participants.
Technical Diligence Requirements
"Best-efforts" obligations, specified in Article 17 para. 4 DSM Directive, mandate appropriate measures to prevent unlicensed uses. This effectively makes content detection systems unavoidable for compliance. The key challenge lies in controlling their hit and error rates.
A false positive hit, also known as overblocking, risks violating fundamental rights. Conversely, a false negative hit, or underblocking, harms copyright interests. Therefore, documented parameters, regular recalibration, and human second checks are essential components for ensuring proportionality and accuracy in technical diligence.
Upload Filters, Personal Rights, and DSA Interfaces: Moderation Beyond Copyright Law
Personal Rights Online
While upload filters primarily address copyright risks, the protection of personal rights also plays a significant role. This includes the general right of personality under Art. 1 para. 1, Art. 2 para. 1 GG in conjunction with Section 823 BGB, and the right to one's own image (Sections 22 et seq. KUG).
Platforms must design their due diligence obligations to efficiently address unlawful interventions, such as defamation, deepfakes, or distortions. This must be achieved without suppressing permissible criticism, satire, or artistic adaptations, ensuring a careful balance between different legal protections.
DSA Obligations for Platform Regulation
The Digital Services Act (DSA) complements the copyright regime not in terms of liability, but in terms of procedural requirements. It mandates reporting systems, complaint channels, transparency obligations, and robust protection of minors for all online platforms.
For very large platforms, additional requirements apply, such as risk assessments, audits, and transparency reports. Practically, this means that notice-and-action for content beyond copyright, like personality rights infringements, must operate coherently alongside UrhDaG workflows. Ideally, this should occur via standardized intake processes with specific routing mechanisms to handle diverse legal challenges.
Limitation Right as a Bridge Between Rights
In complex or borderline cases, quotation (Section 51 UrhG) and parody/pastiche (Section 51a UrhG) serve to balance personality and copyright interests. A satirical meme upload, for instance, might be permissible under copyright law but simultaneously infringe upon personal rights if it violates privacy.
Moderation guidelines should therefore implement a two-stage check: first, admissibility under copyright law, and second, other legal interests (e.g., personality rights, competition law, criminal law, protection of minors). This layered approach ensures comprehensive legal compliance and fair content assessment.
Evidence and Documentation Issues
Thorough documentation is crucial for legal enforcement in the context of upload filters. This includes notifications, detailed reasons for blocking or unblocking, records of test steps, human reviews, and any changes to training data or thresholds. These documents are vital for internal audits, arbitration processes, and potential legal proceedings, providing a clear and defensible audit trail.
Implementing Upload Filters by 2025: A Practical Roadmap for Governance, Technology, and Contracts
Effective implementation of upload filters requires a structured approach across several key areas to ensure compliance and mitigate risks.
A. Governance & Responsibilities
- Roles and Escalations: Clearly assign responsibilities for license management, filter parameters, legal review, complaint processing, and reporting. Document deputization and substitution rules to ensure operational continuity and accountability.
- Policies: Develop comprehensive guidelines covering upload rules, permitted content, and the handling of remixes, parodies, and quotations. This also includes clear procedures for "marking as permitted" (Section 11 UrhDaG), adherence to the 48-hour time window, management of "presumed permitted" content (Section 9 UrhDaG), and the complaints procedure (Section 14 UrhDaG).
- Protection of Minors: Implement DSA protection requirements, including age-appropriate default settings, robust risk mitigation strategies, and efficient reporting mechanisms for content harmful to minors.
- Start-up Status Monitoring: Continuously monitor sales figures, operational duration, and visitor numbers. Establish an automatic change of compliance level if defined thresholds are exceeded (referencing Sections 2, 7 UrhDaG). Proactive monitoring helps avoid common legal pitfalls.
B. Technology & Processes
- Recognition Systems: Implement versioning for models and conduct rigorous tests using balanced gold datasets (e.g., music, video, text, images). Measure precision/recall and the false positive rate per work class to continuously refine system accuracy and effectiveness.
- Threshold Control: Define score thresholds specifically to prevent unintended blocking of Section 10 cases. "Low-confidence matches" should be systematically routed to human review queues for expert assessment, minimizing automated errors.
- Notification & User Interface (UI): Provide user-friendly notifications for imminent blocks, clearly referencing Section 11 UrhDaG. Similarly, notify users for post-upload matches with a 48-hour window. Offer one-click marking for Section 51 / Section 51a UrhG, and enable the convenient uploading of licenses or consents.
- Complaints Procedure: Establish clear chains of deadlines, ensure qualified justifications for decisions, and mandate notifications to rights holders (Section 14 UrhDaG). Aim for a decision within one week as an internal target value, with clear escalation paths to the legal department for complex cases.
- Data and IT Security: Maintain robust hash databases and fingerprints, and ensure evidence storage with strong integrity protection. Implement logging in strict accordance with Privacy by Design principles (Art. 25 GDPR) to safeguard user data. For more information on data protection, consider our article on Data Leak in Startup Practice.
- Transparency Reports: Compile key figures on blocking/unblocking events, average processing periods, and complaint outcomes. Ensure these reports are DSA-compatible for regulatory compliance, enhancing public trust and oversight.
C. Contractual Framework & Chain of Rights
- Licenses: Secure comprehensive rights clearance with collecting societies and producers. Clearly define the scope of licenses (territory, media, adaptations), and ensure full compliance with direct remuneration requirements (Section 12 (1) UrhDaG). Our guide on License Agreements for Software Start-ups offers further details.
- Uploader Terms & Conditions (T&Cs): Include explicit assurances of rights ownership from uploaders. Oblige them to correctly label content (e.g., quotation, parody) and to cooperate in clarification processes. Incorporate robust indemnification and recourse clauses for cases of abusive labeling. For guidance on user agreements, see Why Providers of SaaS or Online Stores Should Not Ask Their Users to Agree to Terms and Conditions.
- Rights Holder Workflow: Provide standardized notice templates that include clear work identification, rights chain, and license status. Implement effective rate limits to prevent spam notices and establish clear escalation procedures to the Section 14 process.
- Service Provider Contracts (Filter Provider/SaaS): Define clear service levels, including expected hit rates and response times. Include audit and explainability clauses, comprehensive data and confidentiality protection provisions, and clear exit rights (e.g., model/data portability).
- Right to Evidence: Ensure comprehensive log retention, precise time stamps, and secure signatures for all relevant actions. Implement robust legal hold procedures for contentious proceedings, safeguarding crucial evidence throughout the legal process.
D. Product and Community Design
- Remix-Friendly Defaults: Develop intuitive templates and training modules on Section 51 / Section 51a UrhG. Actively educate users to avoid fair use myths, as this concept does not directly apply in German law, promoting accurate understanding of legal permissions.
- "Narrow Block – Wide Review" Principle: Implement hard blocks only for high-confidence matches that do not fall under Section 10 thresholds. All other cases, especially those with lower confidence or complex legal nuances, should be routed to manual review for careful expert assessment.
- UI for Fundamental Rights: Integrate visible legal bases for decisions (e.g., citation, parody, pastiche, license) directly into the user interface. Provide short, clear justification texts and easily accessible options for objection to enhance transparency and user control over their content.
E. Inspection and Audit Program
- Conduct regular quarterly parameter reviews with A/B comparisons to optimize filter performance. Document all findings meticulously for supervisory authorities, courts, and arbitration boards.
- Implement systematic bias checks to identify and address potential biases (e.g., against specific genres or languages) within the filtering systems, ensuring fairness.
- Perform comprehensive stress tests prior to major events (e.g., sports, festivals, product releases) to ensure system stability and reliable performance under high load conditions.
F. Typical Mistakes – And How to Avoid Them
- Hard blocking below Section 10 thresholds: Regularly review and fine-tune threshold logic, and expand test data to prevent unwarranted blocks and overblocking.
- No 48-hour release for post-block: Ensure Section 11 (2) UrhDaG is accurately mapped within the system logic to allow for temporary releases, protecting legitimate uses.
- Missing or sluggish complaints procedure: Operationally secure Section 14 UrhDaG obligations, including meeting deadlines and allocating sufficient resources for timely and effective complaint processing.
- Exclusively technical consideration: Integrate essential legal review layers for borderline cases, especially those involving citation or artistic freedom, to ensure nuanced and legally sound decisions.
- DSA obligations viewed in isolation: Develop a standardized workflow with legal routing for non-copyright infringements, ensuring all regulatory requirements are addressed coherently across various legal domains.
Conclusion
By 2025, upload filters will be a legal requirement for many online platforms. However, their implementation must be part of a balanced system that incorporates licenses, clear barriers, legal presumptions, and effective legal remedies. Platforms that integrate these obligations and rights comprehensively will significantly reduce both liability and reputational risks.
Furthermore, such an integrated approach actively protects fundamental rights and establishes robust procedures for handling disputes. This proactive and holistic strategy is essential for navigating the evolving landscape of digital content moderation and ensuring legal compliance.
Fittingly:
In its ruling of July 17, 2025 (case no. I ZB 82/24), the Federal Court of Justice clarified that cloud services do not owe any copyright levy. The system of private copying remuneration pursuant to Sections 54 et seq. UrhG is linked to devices and physical storage media. The Senate rejects an analogous application to pure cloud storage due to the lack of an unintended regulatory gap. The Karlsruhe judges’ note: Any shifts from local storage to the cloud may have to be addressed legislatively; a judicial extension of the scope of levies is out of the question. In practice, this means that remuneration obligations (private copying) remain strictly separate from liability and due diligence obligations under Art. 17 DSM/UrhDaG. Pure cloud storage is regularly not an OCSSP (no communication to the public), whereas content sharing platforms must ensure upload filter compliance independently of private copying remuneration.