Online Liability Blog

Last summer the Ninth Circuit ruled in Barnes v. Yahoo, an appeal relating to whether Section 230 immunized negligent undertaking and breach of contract claims. Here are links to the amended opinion, and a one-word modification to the amended opinion.

The alleged facts are straight-forward and, as is often the case in these actions, disturbing. Without her authorization, plaintiff’s former boyfriend allegedly posted public profiles of her on Yahoo that included nude photos of plaintiff (taken without her knowledge), a solicitation for sex, and plaintiff’s workplace contact information. The ex-boyfriend also allegedly posed as plaintiff in Yahoo chat rooms, directing others to the aforementioned profiles. Strangers began contacting plaintiff at her office, and in some cases showing up in person, seeking sex.

Plaintiff claims that on several occasions she asked Yahoo to remove the materials, but got no response. Eventually Yahoo told plaintiff that they’d take care of it, but still nothing happened. Plaintiff then filed suit in an Oregon state court. Shortly thereafter the offending materials vanished from the site.

Yahoo removed the case to federal court, where plaintiff’s complaint was dismissed on Section 230 grounds. On appeal, the Ninth Circuit considered whether the statute indeed immunizes defendant from what appear to be claims of negligent undertaking and breach of contract (promissory estoppel).

The panel’s negligent undertaking analysis focused on Section 230(c)(1)’s language and history. “Looking at the text, it appears clear that neither this subsection nor any other declares a general immunity from liability deriving from third-party content . . . [s]ubsection (c)(1) does not mention ‘immunity’ or any synonym . . . [it] precludes liability only by means of a definition.” The court zeroed in on the meaning of publisher or speaker, and instances when a plaintiff’s theory of liability indeed treats a defendant as a publisher or speaker of third-party content. Noting that the statutory language does not “limit its application to defamation cases,” the court concluded a plaintiff cannot “escape section 230(c) by labeling as a ‘negligent undertaking’ an action [here the removal of indecent profiles] that is quintessentially that of a publisher.”

However, the panel viewed plaintiff’s promissory estoppel claim as distinct from her negligent undertaking claim, noting that it “does not seek to hold Yahoo liable as a publisher or speaker of third-party content, but rather as the counter-party to a contract, as a promisor who has breached . . .. Contract liability would come not from Yahoo’s publishing conduct, but from Yahoo’s manifest intention to be legally obligated to do something, which happens to be removal of material from publication.” The court held that to the extent plaintiff alleges a breach of contact claim under the theory of promissory estoppel, 230(c)(1) does not preclude her cause of action.

Operate a website? Don’t be alarmed, says the court:

[A] general monitoring policy, or even an attempt to help a particular person, on the part of an interactive computer service such as Yahoo does not suffice for contract liability. This makes it easy for Yahoo to avoid liability: it need only disclaim any intention to be bound.

I don’t know exactly what the district court had before it, or what the record was before the panel here. However, while I don’t necessarily disagree with any of its reasoning, I’m wondering whether it would have been better had the panel instead ruled on the adequacy of plaintiff’s allegations, with an eye toward dismissing insufficiently pleaded claims. Why make law if you don’t have to?

Interesting post today on one of Wired’s blogs (links to a recent post at The Volokh Conspiracy) relating to the potential applicability of Section 230 to Bloomberg’s “role” in United’s free fall earlier this week.

Lots of juicy issues here, but time constraints force me to simply take this opportunity to quickly vent on a longstanding pet peeve of mine.  Why don’t all “news” articles on the web contain a static publication date in or very near the article text?  I’m not necessarily sympathetic to all of Google’s positions on this matter, but one thing I will agree with is that I find it terribly annoying when I view a news article on the web, whether following a search or while browsing a media outlet’s website, and find myself struggling to determine when the article was written.  How difficult can it be for online publishers to get this right?  Maybe there is some SEO, advertiser and/or “staleness” issue out there that is beyond my comprehension.  But they should all take a backseat to including critical information such as a publication date when disseminating “news” articles.

Kudos to the New York Times, which in my experience not only consistently lets you know the date an article was published, but whether, when, and where the article appeared in the hard copy version of the newspaper.

*  *  *

A note to my faithful readers (if there are any of you left):  It’s been an unusually busy summer for me.  I won’t bore you with any of the details, but I do hope to get back on the horse here soon and resume regular postings.  If that proves to be impossible, I may accept the invitation (if it’s still outstanding when the time comes) of one of my favorite technology bloggers to submit occasional posts on his blog.  In the meantime, I hope you’ll continue to subscribe/stop by here.

-Michael

Last month the Fifth Circuit issued its first (to my knowledge) ruling that turned on Section 230. Affirming the lower court in Doe v. MySpace Inc., Circuit Judge Clement, writing on behalf of herself and Judges Garwood and Elrod, ruled that the statute protected MySpace from claims that it was negligent for not “instit[uting] and enforc[ing] appropriate security measures and policies that would substantially decrease the likelihood of danger and harm that MySpace posed to” the minor-plaintiff.

The minor had lied about her age, enabling her to create a public MySpace profile. A nineteen year old male MySpace user (“Pete”) subsequently discovered her profile and initiated contact with her. The minor eventually shared her phone number with Pete and agreed to meet him in person, at which time he sexually assaulted her. Plaintiffs believe that had MySpace been utilizing age verification software, the assault never would have occurred.

The Court ruled that the plaintiffs’ negligence claims are barred by Section 230,

notwithstanding [plaintiffs'] assertion that they only seek to hold MySpace liable for its failure to implement measures that would have prevented [the minor] from communicating with [her assailant]. Their allegations are merely another way of claiming that MySpace was liable for publishing the communications and they speak to MySpace’s role as a publisher of online third-party-generated content. . . . [plaintiffs'] negligence and gross negligence claims are barred by the CDA, which prohibits claims against Web-based interactive computer services based on their publication of third-party content.

Read here about MySpace’s commitment earlier this year to forty-nine state AGs to make the site safer for minors.