Understanding New Attacks on Section 230 Immunity
This article was originally published in Westlaw Journal, Volume 34, Issue 20. It has been republished here with permission.
Section 230 of the Communications Decency Act provides website operators who post user-generated content with broad immunity from most legal claims arising from that content. It is this broad protection that enables popular sites such as Yelp, Facebook, Twitter - and even online comments sections - to thrive.
Some recent court decisions may appear to weaken the protections of Section 230. But these decisions are often fact-specific and narrow, and most third-party speech is still protected. Still, some courts appear uncomfortable with the broad immunity afforded by Section 230 and may be receptive to arguments that narrow its reach.
OVERVIEW OF SECTION 230
Visit almost any social or consumer website and you will likely encounter a comments section. Though now equal parts ubiquitous and infamous, online comments and other third-party content once faced an existential threat.
The year was 1995, and the internet was in its infancy.
A New York state trial court had just held that a company’s policy of controlling content on its website exposed the company to direct liability for defamation - even though the content was produced by a third party.1
Such liability could have spurred companies to ban third-party content and comments altogether from their websites.
Confronted with what to do to protect the burgeoning technological and informational innovation that is the internet, Congress enacted Section 230.
Section 230 provided sweeping immunity for companies publishing third-party content, even if website owners or operators review or edit the content.
Congress hoped Section 230 would encourage tech companies to more aggressively control the comments posted on their sites and provide some “policing” for the internet. In many ways, Section 230 has had the opposite effect by broadening free speech rights and helping to facilitate the evolution of the modern internet and social media platforms.
SECTION 230 ON THE DEFENSIVE: THEN AND NOW
Creation and development of unlawful content
Section 230 precludes immunity if a website operator creates or develops any part of unlawful content posted on a website. But courts have sometimes struggled with precisely defining what constitutes content “creation” and “development,” as illustrated in two contrasting decisions from the 9th U.S. Circuit Court of Appeals.
In Batzel v. Smith2, a handyman sent an email to the Museum Security Network website, claiming that the handyman’s employer, Ellen L. Batzel, had inherited paintings looted during World War II. The Museum Security Network’s website operator made some minor changes to the email and published it on the network’s listserv.
Batzel sued for defamation after discovering the message on the listserv. The 9th Circuit held that the website operator was immune under Section 230 if it reasonably believed that the handyman had provided the email for publication.
In so holding, the 9th Circuit said, "The ‘development of information’ therefore means something more substantial than merely editing portions of an e-mail and selecting material for publication.”
Five years later, in Fair Housing Council of San Fernando Valley v. Roommates.com LLC,3 the 9th Circuit held that a website could be liable for creating or developing unlawful content posted by third parties if the website “materially contributed” to the content.
That case involved a housing website, roommates.com, that required subscribers to fill out a questionnaire. The questionnaire asked, among other things, the subscriber’s sex, sexual orientation and whether the subscriber had a preference as to the sex or sexual orientation of his roommate.
The 9th Circuit found the website had become a content developer — and lost its Section 230 immunity — by requiring users to fill out a questionnaire asking for information that violated federal and state housing anti-discrimination laws.
The limits of the Roommates.com holding have been tested over the years, with most cases finding that websites and their operators were entitled to Section 230 immunity.
A recent example is a case against classified ad site Backpage.com.
In Backpage.com,4 the 1st Circuit reluctantly dismissed the plaintiffs’ claims, brought under the Trafficking Victims Protection Reauthorization Act of 2008, based on Section 230 immunity.
The TVPRA provides victims with a private right of action against anyone “who knowingly benefits, financially or by receiving anything of value from participation in a venture which that person knew or should have known has engaged in an act of sex trafficking.”
The plaintiffs alleged Backpage expanded its adult marketing footprint by making false representations to law enforcement and the National Center for Missing and Exploited Children regarding Backpage's efforts to combat sex trafficking and "deliberate[ly] structuring...its website to facilitate sex trafficking."
The structuring argument had various elements: Backpage removed sting advertisements as well as support group postings, and it tailored posting requirements to facilitate sex trafficking, the plaintiffs said.
Postings in the adult escort section of the classifieds site did not require email or phone verification, and Backpage removed metadata from photos while also allowing substitute words in postings for otherwise screened terms (e.g., “brly legal” or “high schl”). By implementing these practices, Backpage profited from the resulting sex trafficking, the plaintiffs claimed.
However, the 1st Circuit determined the construction and operation of the website were editorial decisions protected by Section 230.
Similarly, Section 230 protected Backpage.com's choice of the site's words and layout, which were traditional publisher functions.
While the 1st Circuit did not reference Roommates.com in its holding, the distinction between the two cases is that Roommates.com required posting information that violated the law while Backpage.com merely provided a platform where illegal information could be posted.
The 1st Circuit also held the allegations, despite the plaintiffs’ attempts to frame them under the TVPRA, still pointed to the content published on Backpage, all of which was “provided either by the traffickers or by the [plaintiffs] themselves (under orders from their traffickers).”
The appeals court then enunciated a test, stating that “there would be no harm to [the plaintiffs] but for the content of the postings.” While the plaintiffs attacked this but-for test in their petition for certiorari to the Supreme Court, the petition was denied.
When a publisher isn't just a publisher
The other traditional line of attack on Section 230 immunity is to show that a website operator is not acting as a publisher.
Such attacks are occasionally successful, as in the case of Doe v. Internet Brands Inc.5
In Internet Brands, an aspiring model posted her information on ModelMayhem.com. Two rapists, who had not posted on the website, contacted the model using the information she had posted. Internet Brands, ModelMayhem.com’s parent company, knew of the rapists’ criminal scheme because they had previously committed the same crime in the same manner.
In filing suit against Internet Brands, the plaintiff did not seek to hold the company liable for any content posted on the website, but rather for its failure to warn her about the known criminal rape scheme.
The 9th Circuit reversed dismissal based on Section 230 immunity because the plaintiff alleged
- The defendant knew of the criminal rape scheme.
- The criminals contacted the plaintiff through, but did not publish on, ModelMayhem.com.
- The defendant failed to warn the plaintiff as required under California law.
- The plaintiff was drugged, raped and filmed by the criminals.
Another successful case was Nunes v. Twitter Inc.6
In Nunes, the plaintiff acquired a new phone number, previously owned by a Twitter user who had received text updates of tweets. The plaintiff did not want to continue receiving the text updates but had no way to make the tweets stop.
The plaintiff alleged that Twitter’s actions violated the Telephone Consumer Protection Act of 1991. Twitter countered by claiming immunity under Section 230 as a publisher of information.
Denying Section 230 immunity, the court noted that the suit did not "seek to impose 'liability arising from the content created by' the people who post tweets." It illustrated why using the following analogy:
To analogize to a more traditional publishing platform, if someone delivers newspapers containing false gossip, and the person who is the subject of the gossip sues the delivery person for defamation, that lawsuit seeks to treat the delivery person as a publisher. But if the delivery person throws an unwanted newspaper noisily at a door early in the morning, and the homeowner sues the delivery person for nuisance, that suit doesn't seek to treat the delivery person as a publisher. The suit doesn't care whether the delivery person is throwing a newspaper or a rock, and the suit certainly doesn't care about the content of the newspaper.
While Section 230 provides broad protection for claims against websites as publishers, it may not bar all claims.
If a plaintiff can show that a website operator behaved unlawfully, but not as a publisher, Section 230 immunity may not apply.
A new wrinkle
Plaintiffs have discovered that the best way to avoid dismissal under Section 230 immunity is to allege that the website operator itself created and posted the unlawful content - and not to rely solely on allegations that the website operator published, developed or solicited unlawful third-party content.7
Until recently, the Twombly/Iqbal8 plausibility standard had set the bar plaintiffs must surmount in making such allegations. However, a recent case from the 7th Circuit involving Gawker, owner of the website Jezebel, may have lowered that bar.
In Huon v. Denton,9 Meanith Huon sued Gawker over a Jezebel article about Huon entitled “Acquitted Rapist Sues Blog for Calling Him Serial Rapist.”
The District Court dismissed all Huon’s claims, which he had brought based on the article’s title, content and certain comments posted by anonymous third-party users.
The 7th Circuit affirmed the dismissal of the claims based on the article’s title and content. However, it revived the defamation claims based on third-party user comments.
Reviving these claims, the 7th Circuit focused on two allegations: Huon had plausibly alleged that Gawker employees “authored at least some of the comments themselves,” and one of the comments "unequivocally accuses Huon of committing a crime," making it per se defamatory under Illinois law.
Instead of scrutinizing whether the Gawker employee authored the per se defamatory comment, the appeals court held that the allegations "are [not] so implausible as to warrant dismissal under Rule 12(b)(6)" and stated that discovery was the proper tool to test their validity.
According to the court, Rule 11 of the Federal Rules of Civil Procedure, which governs abusive filings, would serve to quiet concerns about a flood of frivolous lawsuits.
Whether that proves true remains to be seen.
WHAT PUBLISHERS AND WEBSITE OPERATORS NEED TO KNOW
As evidenced by these recent court cases, plaintiffs will continue looking for ways to weaken the protections websites enjoy under Section 230. At the same time, further emboldened website users continue to post potentially defamatory content.
Website operators still enjoy broad protection from liability for what third-party users post and write.
However, despite several recent cases that reaffirm Roommates.com as the principal breach in Section 230 immunity, close attention should be paid to any cases following the 7th Circuit’s holding in Huon. And website operators should be wary of what content they themselves produce. The new front in the war on Section 230 could result from a single, errant comment.
1 See Stratton Oakmont Inc. v. Prodigy Servs. Co., No. 31063-94, 1995 WL 323710 (N.Y. Sup. Ct., Nassau Cty. May 26, 1995).
2 See Batzel v. Smith, 333 F.3d 1018 (9th Cir. 2003).
3 See Fair Hous. Council of San Fernando Valley v. Roommates.com LLC, 521 F.3d 1157 (9th Cir. 2008).
4 817 F.3d 12 (1st Cir. 2016), No. 16-276, cert.denied (U.S. Jan. 9, 2017).
5 824 F.3d 846 (9th Cir. 2016).
6 No. 14-cv-2843, 2016 WL 3660526 (N.D. Cal. July 1, 2016).
7 See, e.g., FTC v. LeadClick Media LLC, 838 F.3d 158 (2d Cir. 2016) (holding that the defendant was not entitled to Section 230 immunity because it had created “deceptive content posted on fake news pages”); Enigma Software Grp. USA, LLC v. Bleeping Comput. LLC, No. 16-cv-57, 2016 WL 3773394 (S.D.N.Y. July 8, 2016) (holding that the complaint’s allegations were sufficient to defeat Section 230 immunity, particularly where those allegations claimed that a website moderator — who had been designated by the website operator — had acted as the operator’s implied agent when posting on the website’s forums).
8 Bell Atl. Corp. v. Twombly, 550 U.S. 544 (2007); Ashcroft v. Iqbal, 556 U.S. 662 (2009).
9 841 F.3d 733 (7th Cir. 2016). Statements are per se, or automatically, defamatory when they fall into certain categories, such as indicating that a person has committed a crime or has a sexually transmittable disease.