Tenth Circuit: No Section 230 Immunity for Website that “Developed” Confidential Information by Publishing It

I previously wrote about the district court’s grant of summary judgment in favor of the Federal Trade Commission in an action alleging unfair practices against Accusearch’s Abika.com (a website advertising access to and selling personal telephone records).  Last summer the 10th Circuit weighed-in.

The panel noted that the acquisition of personal telephone records “would almost inevitably require someone to violate the Telecommunications Act or to circumvent it by fraud or theft.”  It concluded that Section 230 immunity was unavailable to Accusearch, given it acted as an “information content provider” with respect to “the information that subjected it to liability under the FTC Act.”

In reaching its decision, the court focused on the definition of information content provider, specifically “whether confidential telephone records are “developed,” within the meaning of the CDA, when, as here, they are sold to the public over the Internet,” and whether Accusearch was responsible for such development.

The court determined that “when confidential telephone information was exposed to public view through Abika.com, that information was ‘developed.’”  Also concluding that “a service provider is ‘responsible’ for the development of offensive content only if it in some way specifically encourages development of what is offensive about the content,” the panel found that Accusearch was responsible for the aforesaid development, having disclosed the confidential information.

Circuit Judge Tymkovich submitted a concurring opinion, explaining that a Section 230 interpretation was unnecessary here, because “the FTC sought and ultimately held Accusearch liable for its conduct rather than for the content of the information it was offering on the Abika.com website.”  Section 230 “says nothing about immunizing publishers or speakers for their own conduct in acquiring the information.”  My favorite line from the concurring opinion?

In sum, the CDA does not extend to immunize a party’s conduct outside the realm of the Internet just because it relates to the publishing of information on the Internet.


Ninth Circuit: Section 230 bars Negligent Undertaking action, Breach of Contract claim survives

Last summer the Ninth Circuit ruled in Barnes v. Yahoo, an appeal relating to whether Section 230 immunized negligent undertaking and breach of contract claims. Here are links to the amended opinion, and a one-word modification to the amended opinion.

The alleged facts are straight-forward and, as is often the case in these actions, disturbing. Without her authorization, plaintiff’s former boyfriend allegedly posted public profiles of her on Yahoo that included nude photos of plaintiff (taken without her knowledge), a solicitation for sex, and plaintiff’s workplace contact information. The ex-boyfriend also allegedly posed as plaintiff in Yahoo chat rooms, directing others to the aforementioned profiles. Strangers began contacting plaintiff at her office, and in some cases showing up in person, seeking sex.

Plaintiff claims that on several occasions she asked Yahoo to remove the materials, but got no response. Eventually Yahoo told plaintiff that they’d take care of it, but still nothing happened. Plaintiff then filed suit in an Oregon state court. Shortly thereafter the offending materials vanished from the site.

Yahoo removed the case to federal court, where plaintiff’s complaint was dismissed on Section 230 grounds. On appeal, the Ninth Circuit considered whether the statute indeed immunizes defendant from what appear to be claims of negligent undertaking and breach of contract (promissory estoppel).

The panel’s negligent undertaking analysis focused on Section 230(c)(1)’s language and history. “Looking at the text, it appears clear that neither this subsection nor any other declares a general immunity from liability deriving from third-party content . . . [s]ubsection (c)(1) does not mention ‘immunity’ or any synonym . . . [it] precludes liability only by means of a definition.” The court zeroed in on the meaning of publisher or speaker, and instances when a plaintiff’s theory of liability indeed treats a defendant as a publisher or speaker of third-party content. Noting that the statutory language does not “limit its application to defamation cases,” the court concluded a plaintiff cannot “escape section 230(c) by labeling as a ‘negligent undertaking’ an action [here the removal of indecent profiles] that is quintessentially that of a publisher.”

However, the panel viewed plaintiff’s promissory estoppel claim as distinct from her negligent undertaking claim, noting that it “does not seek to hold Yahoo liable as a publisher or speaker of third-party content, but rather as the counter-party to a contract, as a promisor who has breached . . .. Contract liability would come not from Yahoo’s publishing conduct, but from Yahoo’s manifest intention to be legally obligated to do something, which happens to be removal of material from publication.” The court held that to the extent plaintiff alleges a breach of contact claim under the theory of promissory estoppel, 230(c)(1) does not preclude her cause of action.

Operate a website? Don’t be alarmed, says the court:

[A] general monitoring policy, or even an attempt to help a particular person, on the part of an interactive computer service such as Yahoo does not suffice for contract liability. This makes it easy for Yahoo to avoid liability: it need only disclaim any intention to be bound.

I don’t know exactly what the district court had before it, or what the record was before the panel here. However, while I don’t necessarily disagree with any of its reasoning, I’m wondering whether it would have been better had the panel instead ruled on the adequacy of plaintiff’s allegations, with an eye toward dismissing insufficiently pleaded claims. Why make law if you don’t have to?

Sixth Circuit: Section 230 is not Absolute

One of the first posts here summarized a federal district court decision involving SexSearch.com. The court dismissed plaintiff’s claims (all 14 of them) against the website, relying on both FRCP 12(b)(6) and Section 230.

On appeal, the Sixth Circuit affirmed the lower court’s dismissal, but on non-Section 230 grounds. I only mention it here because of a few lines in the opinion that strongly hint at how the panel viewed the district court’s application of Section 230:

Because we agree with the district court that Doe’s complaint failed to state a claim, we do not reach the question of whether the Communications Decency Act provides SexSearch with immunity from suit. We do not adopt the district court’s discussion of the Act, which would read § 230 more broadly than any previous Court of Appeals decision has read it, potentially abrogating all state- or common-law causes of action brought against interactive Internet services. We do not have before us any issue concerning the criminal liability of the parties or the voidability of contracts for sexual services. . . . [We] explicitly reserve the question of [Section 230’s] scope for another day.

To my knowledge this would have been the Sixth Circuit’s first foray into constructing Section 230. While it took a rain check, the panel clearly signaled to lower courts that it doesn’t consider the statute an absolute bar to all causes of action.

I’m not sure why the ruling noted the absence of any criminal liability or contract voidability issues. Presumably neither issue would have been quashed by Section 230. But then again perhaps I’m just a little rusty.