Suing the Host: Probably a Bad Idea

On August 4, 2010 the Eighth Circuit ruled in Johnson v. Elizabeth Arden dba (No. 09-2601), an action involving the posting of allegedly defamatory statements on an internet discussion board.

Plaintiffs Mr. and Mrs. Johnson run an exotic cat breeding business known as the “Cozy Kitten Cattery” (“CKC”).  Defendant InMotion is an ISP (Internet Service Provider) and hosts, a website that “permits and encourages individuals to post complaints about businesses and business owners.”  Plaintiffs filed suit against InMotion and others after someone posted on that CKC kills cats, rips off cat breeders, and steals kittens, and that the plaintiffs are con artists.  Plaintiffs alleged damages include lost sales of kittens and cats, lost revenue and lost goodwill, as well as continuing harm resulting from the allegedly defamatory posts.

Relying on Section 230, the lower court dismissed claims against defendant InMotion (defamation, intentional infliction of emotional distress, etc.), presenting the Eighth Circuit with its first opportunity to hear an appeal of a Section 230 matter. Having reviewed the statutory language, the Court determined that Section 230 bars “plaintiffs from holding ISPs legally responsible for information that third parties created and developed.” Elaborating, the panel explained that

[t]he record contains no evidence that InMotion designed its website to be a portal for defamatory material or do anything to induce defamatory postings. We conclude that the CDA provides ISPs like InMotion with federal immunity against state tort defamation actions that would make service providers liable for information originating with third-party users of the service such as the other defendants in this case. . . . Because InMotion was merely an ISP host and not an information content provider, the [plaintiffs’] claims against InMotion fail as a matter of law under § 230(c)(1), and the district court properly dismissed the claims.

While perhaps confusing the website with its host, InMotion, the Eighth Circuit confirmed what other courts have been saying for years, that a website host is generally not legally responsible for content submitted by others and appearing on a hosted website.


Section 230 ICP Allegations: Plausible or Possible?

At the very end of 2009, the Fourth Circuit ruled in Nemet Chevrolet v.  Sadly, I’m just now getting around to blogging about it.

Nemet takes issue with 20 allegedly defamatory posts that appeared on the website.  Before getting to the meat of the case, the panel reminded everyone that, per its previous ruling in Zeran, “our Circuit clearly views the § 230 provision as an immunity.”  Thus when applicable, Section 230 should stop a lawsuit dead in its tracks, not just bar liability, says the court.  Such immunity is to be “generally accorded effect at the first logical point in the litigation process…[w]e thus aim to resolve the question of § 230 immunity at the earliest possible stage of the case. . . .”

Key to its case, Nemet alleges that, at least with respect to the posts at issue, is an information content provider, and thus ineligible for Section 230 immunity.  Construing a recent Supreme Court ruling regarding the sufficiency of allegations, the court considered whether plaintiff’s allegations regarding defendant’s ICP status were plausible.

Referred to as the “Development Paragraph,” plaintiff included allegations for each allegedly actionable post that had some role in developing the post.

Distinguishing the case from Ninth Circuit’s decision, the court noted that plaintiff

has merely alleged that structured its website and its business operations to develop information related to class-action lawsuits. But there is nothing unlawful about developing this type of content; it is a legal undertaking….the amended complaint ‘does not show, or even intimate,’ that contributed to the allegedly fraudulent nature of the comments at issue.

The court found other allegations similarly lacking:

  • “Nemet fails to make any cognizable argument as to how a website operator who contacts a potential user with questions thus ‘develops’ or ‘creates’ the website content.”
  • “Nemet’s claim of revising or redrafting is both threadbare and conclusory.”

The panel concluded that the Development Paragraph failed to state facts upon which it could be concluded that it was plausible that defendant was an ICP.

As to eight of the posts, Nemet also alleged that Consumeraffairs had to some extent fabricated same (referred to as the “Fabrication Paragraph”).  Yet the sole basis for such assertion was that, utilizing the information contained in the posts, Nemet itself could not find the purported customer/poster in its records.  “There is nothing but Nemet’s speculation which pleads’s role as an actual author in the Fabrication Paragraph.”

Chief District Judge Jones dissented from this part of the ruling, opining that plaintiff’s allegations were adequate.  “By stating sufficient factual assertions, Nemet has created the reasonable inference that wrote the eight posts to attract additional complaints.”

Affirming the district court’s dismissal of the complaint, the panel’s opinion concluded that “[v]iewed in their best light, Nemet’s well-pled allegations allow us to infer no more than ‘the mere possibility’ that was responsible for the creation or development of the allegedly defamatory content at issue. Nemet has thus failed to nudge its claims that is an information content provider for any of the twenty posts across the line from the ‘conceivable to plausible.’ As a result, is entitled to § 230 immunity.”

Tenth Circuit: No Section 230 Immunity for Website that “Developed” Confidential Information by Publishing It

I previously wrote about the district court’s grant of summary judgment in favor of the Federal Trade Commission in an action alleging unfair practices against Accusearch’s (a website advertising access to and selling personal telephone records).  Last summer the 10th Circuit weighed-in.

The panel noted that the acquisition of personal telephone records “would almost inevitably require someone to violate the Telecommunications Act or to circumvent it by fraud or theft.”  It concluded that Section 230 immunity was unavailable to Accusearch, given it acted as an “information content provider” with respect to “the information that subjected it to liability under the FTC Act.”

In reaching its decision, the court focused on the definition of information content provider, specifically “whether confidential telephone records are “developed,” within the meaning of the CDA, when, as here, they are sold to the public over the Internet,” and whether Accusearch was responsible for such development.

The court determined that “when confidential telephone information was exposed to public view through, that information was ‘developed.’”  Also concluding that “a service provider is ‘responsible’ for the development of offensive content only if it in some way specifically encourages development of what is offensive about the content,” the panel found that Accusearch was responsible for the aforesaid development, having disclosed the confidential information.

Circuit Judge Tymkovich submitted a concurring opinion, explaining that a Section 230 interpretation was unnecessary here, because “the FTC sought and ultimately held Accusearch liable for its conduct rather than for the content of the information it was offering on the website.”  Section 230 “says nothing about immunizing publishers or speakers for their own conduct in acquiring the information.”  My favorite line from the concurring opinion?

In sum, the CDA does not extend to immunize a party’s conduct outside the realm of the Internet just because it relates to the publishing of information on the Internet.

Ninth Circuit: Section 230 bars Negligent Undertaking action, Breach of Contract claim survives

Last summer the Ninth Circuit ruled in Barnes v. Yahoo, an appeal relating to whether Section 230 immunized negligent undertaking and breach of contract claims. Here are links to the amended opinion, and a one-word modification to the amended opinion.

The alleged facts are straight-forward and, as is often the case in these actions, disturbing. Without her authorization, plaintiff’s former boyfriend allegedly posted public profiles of her on Yahoo that included nude photos of plaintiff (taken without her knowledge), a solicitation for sex, and plaintiff’s workplace contact information. The ex-boyfriend also allegedly posed as plaintiff in Yahoo chat rooms, directing others to the aforementioned profiles. Strangers began contacting plaintiff at her office, and in some cases showing up in person, seeking sex.

Plaintiff claims that on several occasions she asked Yahoo to remove the materials, but got no response. Eventually Yahoo told plaintiff that they’d take care of it, but still nothing happened. Plaintiff then filed suit in an Oregon state court. Shortly thereafter the offending materials vanished from the site.

Yahoo removed the case to federal court, where plaintiff’s complaint was dismissed on Section 230 grounds. On appeal, the Ninth Circuit considered whether the statute indeed immunizes defendant from what appear to be claims of negligent undertaking and breach of contract (promissory estoppel).

The panel’s negligent undertaking analysis focused on Section 230(c)(1)’s language and history. “Looking at the text, it appears clear that neither this subsection nor any other declares a general immunity from liability deriving from third-party content . . . [s]ubsection (c)(1) does not mention ‘immunity’ or any synonym . . . [it] precludes liability only by means of a definition.” The court zeroed in on the meaning of publisher or speaker, and instances when a plaintiff’s theory of liability indeed treats a defendant as a publisher or speaker of third-party content. Noting that the statutory language does not “limit its application to defamation cases,” the court concluded a plaintiff cannot “escape section 230(c) by labeling as a ‘negligent undertaking’ an action [here the removal of indecent profiles] that is quintessentially that of a publisher.”

However, the panel viewed plaintiff’s promissory estoppel claim as distinct from her negligent undertaking claim, noting that it “does not seek to hold Yahoo liable as a publisher or speaker of third-party content, but rather as the counter-party to a contract, as a promisor who has breached . . .. Contract liability would come not from Yahoo’s publishing conduct, but from Yahoo’s manifest intention to be legally obligated to do something, which happens to be removal of material from publication.” The court held that to the extent plaintiff alleges a breach of contact claim under the theory of promissory estoppel, 230(c)(1) does not preclude her cause of action.

Operate a website? Don’t be alarmed, says the court:

[A] general monitoring policy, or even an attempt to help a particular person, on the part of an interactive computer service such as Yahoo does not suffice for contract liability. This makes it easy for Yahoo to avoid liability: it need only disclaim any intention to be bound.

I don’t know exactly what the district court had before it, or what the record was before the panel here. However, while I don’t necessarily disagree with any of its reasoning, I’m wondering whether it would have been better had the panel instead ruled on the adequacy of plaintiff’s allegations, with an eye toward dismissing insufficiently pleaded claims. Why make law if you don’t have to?

Sixth Circuit: Section 230 is not Absolute

One of the first posts here summarized a federal district court decision involving The court dismissed plaintiff’s claims (all 14 of them) against the website, relying on both FRCP 12(b)(6) and Section 230.

On appeal, the Sixth Circuit affirmed the lower court’s dismissal, but on non-Section 230 grounds. I only mention it here because of a few lines in the opinion that strongly hint at how the panel viewed the district court’s application of Section 230:

Because we agree with the district court that Doe’s complaint failed to state a claim, we do not reach the question of whether the Communications Decency Act provides SexSearch with immunity from suit. We do not adopt the district court’s discussion of the Act, which would read § 230 more broadly than any previous Court of Appeals decision has read it, potentially abrogating all state- or common-law causes of action brought against interactive Internet services. We do not have before us any issue concerning the criminal liability of the parties or the voidability of contracts for sexual services. . . . [We] explicitly reserve the question of [Section 230’s] scope for another day.

To my knowledge this would have been the Sixth Circuit’s first foray into constructing Section 230. While it took a rain check, the panel clearly signaled to lower courts that it doesn’t consider the statute an absolute bar to all causes of action.

I’m not sure why the ruling noted the absence of any criminal liability or contract voidability issues. Presumably neither issue would have been quashed by Section 230. But then again perhaps I’m just a little rusty.

Bloomberg liable for United Airlines’ stock nosedive?

Interesting post today on one of Wired’s blogs (links to a recent post at The Volokh Conspiracy) relating to the potential applicability of Section 230 to Bloomberg’s “role” in United’s free fall earlier this week.

Lots of juicy issues here, but time constraints force me to simply take this opportunity to quickly vent on a longstanding pet peeve of mine.  Why don’t all “news” articles on the web contain a static publication date in or very near the article text?  I’m not necessarily sympathetic to all of Google’s positions on this matter, but one thing I will agree with is that I find it terribly annoying when I view a news article on the web, whether following a search or while browsing a media outlet’s website, and find myself struggling to determine when the article was written.  How difficult can it be for online publishers to get this right?  Maybe there is some SEO, advertiser and/or “staleness” issue out there that is beyond my comprehension.  But they should all take a backseat to including critical information such as a publication date when disseminating “news” articles.

Kudos to the New York Times, which in my experience not only consistently lets you know the date an article was published, but whether, when, and where the article appeared in the hard copy version of the newspaper.

*  *  *

A note to my faithful readers (if there are any of you left):  It’s been an unusually busy summer for me.  I won’t bore you with any of the details, but I do hope to get back on the horse here soon and resume regular postings.  If that proves to be impossible, I may accept the invitation (if it’s still outstanding when the time comes) of one of my favorite technology bloggers to submit occasional posts on his blog.  In the meantime, I hope you’ll continue to subscribe/stop by here.


Fifth Circuit issues its first Section 230 opinion

Last month the Fifth Circuit issued its first (to my knowledge) ruling that turned on Section 230. Affirming the lower court in Doe v. MySpace Inc., Circuit Judge Clement, writing on behalf of herself and Judges Garwood and Elrod, ruled that the statute protected MySpace from claims that it was negligent for not “instit[uting] and enforc[ing] appropriate security measures and policies that would substantially decrease the likelihood of danger and harm that MySpace posed to” the minor-plaintiff.

The minor had lied about her age, enabling her to create a public MySpace profile. A nineteen year old male MySpace user (“Pete”) subsequently discovered her profile and initiated contact with her. The minor eventually shared her phone number with Pete and agreed to meet him in person, at which time he sexually assaulted her. Plaintiffs believe that had MySpace been utilizing age verification software, the assault never would have occurred.

The Court ruled that the plaintiffs’ negligence claims are barred by Section 230,

notwithstanding [plaintiffs’] assertion that they only seek to hold MySpace liable for its failure to implement measures that would have prevented [the minor] from communicating with [her assailant]. Their allegations are merely another way of claiming that MySpace was liable for publishing the communications and they speak to MySpace’s role as a publisher of online third-party-generated content. . . . [plaintiffs’] negligence and gross negligence claims are barred by the CDA, which prohibits claims against Web-based interactive computer services based on their publication of third-party content.

Read here about MySpace’s commitment earlier this year to forty-nine state AGs to make the site safer for minors.