CDA Section 230 shelters operators from liability for third-party posts; Fall-out from well-intentioned promises by the operators themselves is another matter.

Section 230 of the Communications Decency Act (CDA) is a statute we’ve written about on several occasions.   For website operators, it’s akin to the Gardol Invisible Shield: Section 230 effectively immunizes website operators from liability arising from most (but not all) of the bad things that visitors to their sites might say or do. (Cautionary note: Section 230 does not help you when you’re accused of copyright or trademark infringement based on third-party posts to your site.) (Promotional note: we can offer tutorials on both Section 230 of the CDA and Section 512 of the Digital Millennium Copyright Act, which covers the copyright/trademark area. Let me know if you have any interest.)

If you like your Internet a bit raucous, you can thank Section 230. Its immunity provisions are directly responsible for the virtual absence of any decorum on most Internet discussion boards, chat rooms and comment areas.  Those provisions relieve website operators of the hassle and expense involved in extensively moderating their sites for improper comments – and that, in turn, opens the doors for robust exchanges of often controversial views that might otherwise go unexpressed, or at least unposted for fear of potential litigation. Section 230 has proven to be a rock solid protector of website operators (and, many would say, free speech).

But in a couple of recent cases from the U.S. Court of Appeals for the Ninth Circuit, website operators have been less than invulnerable to the reach of courts prodded by individuals unhappy about third-party-posted content. What happened to Section 230?

The good news is that Section 230 is alive and well – and still quite effective. The recent cases imposed liability of website operators not because of the content, but because of the website operator’s own conduct when objections to the content were raised. Fortunately, operators should be able easily to avoid such liability because the case law, at least as it has developed thus far, provides a nice, bright line, rule.

The earlier of the two cases involved Yahoo!, which was sued by a woman whose ex-boyfriend posted Bad Stuff about her (like nude pictures, solicitations for sex, personal contact information) in Yahoo! chat rooms. She asked Yahoo! to remove the pictures. Yahoo! agreed . . . but didn’t remove the pictures. She asked again, more emphatically. Yahoo! agreed again . . . but didn’t remove the pictures.  Finally, she sued Yahoo! to get the pictures removed – at which point Yahoo! removed the pictures. But in the lawsuit the plaintiff included claims against Yahoo! for “negligent undertaking of services” and breach of contract. In response, Yahoo! wrapped itself in the cloak of Section 230, claiming that it can’t be held liable for content posted by third-parties.

A U.S. District Court bought Yahoo!’s Section 230 argument – but the Ninth Circuit sure didn’t. According to the Circuit, imposing liability on Yahoo! was not inconsistent with Section 230 if the liability was tied to Yahoo!’s actions in response to the plaintiff’s request that the offending content be removed. That’s different from imposing liability based solely on the mere posting of the photos themselves. In other words, this lawsuit can stand if the plaintiff can establish that Yahoo! made a promise to her woman (i.e., to remove the offending content) and then broke that promise. 

We come next to the case of Scott P. v. Craigslist, Inc., whose facts here are very similar to the Yahoo! case. Scott P. was the subject of several harassing posts on the very popular Craigslist website. The posts included solicitations for gay sex, offers to give away personal items and the ever-popular disclosure of confidential information.  Scott P contacted Craigslist three times, asking that these posts be removed. Each time, Craigslist agreed to remove the posts in question. On the second and third times, Craiglist said it had taken steps to prevent further posts of this type. Of course, the posts hadn’t been removed, and they kept occurring. So Scott P. sued Craigslist under California law for promissory estoppel (that’s legal-speak for breaking a promise) and for having unacceptably weak user verification procedures.

The suit was filed in the California Superior Court (that is, not the federal court system) in San Francisco. Since California is in the Ninth Circuit, you’ve got to figure that the lawyers for both Scott P. and Craigslist were clued in to the Circuit’s Yahoo! decision, even if that decision does not necessarily control in California state courts. 

So when Craiglist asserted the Section 230 defense, it should not have been surprised when the court allowed the promissory estoppels claim to go forward (although the court did toss the “unacceptably weak user verification” claim). 

To be clear: the court did not hold that Craigslist had in fact broken its promises to Scott P. It just said that Section 230 is not a defense to a claim of promissory estoppels. And since Scott P. was able to produce evidence that he had reason to rely on Craiglist’s promises to remove the offending posts and otherwise deal with this problem, Scott P. could proceed with his case.

From these two cases it appears that Section 230 remains as strong as ever where third party posts are concerned. As a result, website operators should feel reasonably confident that they can moderate their chat rooms, discussion boards and comment areas as little or as much as you want – or not at all. Section 230 protection should still be effective.

But if an operator begins interacting directly with a user or other third party who feels that he, she or it is being harassed, defamed or otherwise aggrieved in some way, and if the operator makes promises to fix the problem, then the operator darn well better fix the problem. What does “fix the problem” mean? That will depend on the particular facts of each case, including particularly the nature of the gripe being asserted and the nature of the relief promised by the operator.

So the good news here is that Section 230 is alive, well, and still available to protect website operators. The bad (or, at least, disappointing) news is that, no matter how much an operator might want to be the good guy, the operator is on stronger legal ground by simply saying to the aggrieved complainant, “Sorry but we can’t – and don’t have to – help you”.