Website immunity spreads with impunity

Saving Web 2.0 for all mankind

High performance access to file storage

Silicon Justice February has been a banner month for website immunity in the US.

MySpace.com, Google, Microsoft and Lycos have all benefited from decisions entered in the latter part of the month which confirmed or adopted the broad grant of immunity that many US courts have extended to operators of "interactive computer services" under Section 230 of the Communications Decency Act.

It is fairly well established now that interactive computer service providers are not liable for information transmitted over their service by another. In the plain vanilla case of a person suing a website or ISP for defamation based on a message board posting by a third party, judges hardly even finish reading the complaint before granting judgment for the defendant.

That's essentially what happened in the case of Eckert v. Microsoft. A man sued the Redmond giant claiming that Microsoft owed him money for refusing to remove defamatory posts about him on a Microsoft-run message board, and for delaying the deactivation of the link between his message board account and his work email.

The magistrate judge, whose recommendations the district court judge adopted, was kind to Mr. Eckert since he had represented himself - and therefore had no idea that his lawsuit was doomed from the start - but the short, methodical dissection of his arguments belied the fact that the magistrate was probably hiding a snicker or two as he was writing it.

Most cases like this never get filed anymore, so it's interesting just to see one in the wild. The other notable aspect is that the magistrate judge came to his conclusions based on interpretations of Section 230 from other jurisdictions, which suggests that the broad grant of immunity has indeed become the de facto norm, even though some courts have limited the immunity somewhat.

Variations on the ordinary Section 230 theme are more common these days. For instance, parents of a 14-year old girl who was sexually assaulted by a man she met on MySpace.com sued the social networking site for negligence in failing to protect their daughter from contact by sexual predators. The plaintiffs insisted that the claim of negligence removed their suit from the Section 230 realm, since they were suing over MySpace's policies, and not the content of postings on the site.

The judge in the case, however, held in February that the girl and her assailant never would have met if MySpace hadn't published their communications, thus the plaintiffs' claims were aimed at MySpace in its publishing capacity. Under the Section 230 jurisprudence cited by the court, this entitled MySpace to Section 230 immunity and dismissal of the plaintiffs' case.

This ruling could have a great impact on other lawsuits involving sexual predator abuse on MySpace, either by influencing other judges to dismiss, or by shaping the claims that plaintiffs make against the site. Since this is a district court, other courts won't necessarily have to follow its logic, but MySpace's arguments for dismissal will be much more persuasive with some legal precedent behind them. Plus, any further negligence suits against MySpace in this district will now be barred based on rules of issue preclusion.

Google, Microsoft (again) and Yahoo! also benefited from another original application of the Section 230 immunity in February. A man sued the two companies after they refused to place contextually-based ads for the man's gripe sites within their search results. The judge dismissed this "must-carry" suit (except for a breach of contract claim against Google) after finding that the decision whether or not to place the ads constituted an exercise of editorial discretion that activated Section 230.

Part of the law states that information service providers won't be liable for decisions about monitoring, screening or deleting content. Citing this portion of the statute, the judge dismissed all claims relating to the companies' decisions to reject the ads. Essentially, the companies had screened access to the plaintiff's objectionable ad content, and therefore the decision to reject the ads was immune from suit.

This could affect other current and potential lawsuits against search engines, since the court's reasoning could apply equally well to decisions to exclude websites in search results, or to rank certain websites higher than others based on inscrutably complicated and annoyingly inaccessible algorithms.

The Section 230 decision issued in February that has the most precedential effect (since it was rendered by an appellate court) involved securities claims, of all things. The plaintiff, Universal Communication Systems, a publicly-traded company, sued Lycos over false statements about the company's financial health made in postings to RagingBull.com, a financially-oriented site that Lycos operated at all times relevant to the lawsuit.

The 1st Circuit Court of Appeals affirmed the dismissal of the claims against Lycos based on Section 230, holding that claims under Florida securities law treated Lycos as the publisher of information posted by third-parties. The court rejected plaintiff's claims that Lycos was actually the publisher of the information (and therefore not immune under Section 230), noting that other courts (most recently in this case from the California Supreme Court) have determined that notice of the unlawful nature of the third-party information does not turn it into the provider's own speech.

The plaintiff also floated an active inducement theory that it claimed should destroy Section 230 immunity. This theory was based on the Grokster case, and tried to create liability by claiming that Lycos had invited the misstatements, even though its terms of use directed users to abide by state and federal securities law.

The court shot this theory down by noting, appropriately, that nothing in the statute creates an exception for active inducement. Even if it did, the court said, Lycos had done nothing close to the behavior necessary to trigger liability for active inducement.

With this decision, the 1st Circuit threw its hat in with the other appellate circuits that have interpreted Section 230 broadly. As noted above, some other circuits have lessened the immunity somewhat, so the issue may end up before the Supreme Court eventually. For now, however, the weight of the appellate decisions rests with the broad immunity camp.

So, all-in-all, a big month for Section 230 immunity for websites based on third-party content. As these decisions continue to come out, and the subject matter of the immunity continues to expand, the protections for interactive websites should only become stronger, and the types of services available to web users more varied. Amazingly, this is the exact idea that Congress had when it passed Section 230 over a decade ago. Who woulda thought, right?

Just a little something to keep all you Web 2.0 acolytes warm in bed tonight.®

Kevin Fayle is an attorney, web editor and writer in San Francisco. He keeps a close eye on IP and International Law issues.

3 Big data security analytics techniques

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
prev story


Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.