Poking holes in CDA Section 230 immunity

For many years, conventional wisdom has held that Section 230 of the Communications Decency Act presented an impregnable barrier against imposing liability upon internet platforms for hosting third-party content. 47 U.S.C. § 230(c)(1) provides: “No provider or user or an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” This extraordinary grant of immunity finds no counterpart in any of the more traditionally protected forms of expression such as books, magazines, newspapers, motion pictures, television, and radio. Consequently, internet service providers (such as Facebook/Meta, Twitter, YouTube, and Yelp) have been free to ignore takedown demands and even thumb their noses at court-issued judgments that require the removal of adjudicated defamatory content. Hassell v. Bird, 5 Cal.5th 522 (2018).

Since its enactment in 1996, CDA Section 230 has only been substantively amended once. In 2018, the legislative package known as FOSTA/SESTA [Allow States and Victims to Fight Online Sex-Trafficking Act (FOSTA) and Stop Enabling Sex Traffickers Act (SESTA), Pub. L. 115-164, § 4(a), Apr. 11, 2018, 132 Stat. 1254], explicitly excluded enforcement of federal and state sex trafficking laws from the scope of Section 230 immunity. 47 U.S.C. § 230(e)(5). Though there has been a modicum of bipartisan agreement on the need to further constrict the blanket immunity enjoyed by internet platforms, given the nature of Congressional gridlock and the disparate rationales proffered for seeking to limit Section 230’s reach, it now seems wishful thinking to believe that this statute will again be amended any time soon. Douglas E. Mirell and Joshua Geller, “Reforming the Internet,” L.A. Daily Journal, Jan. 17, 2020.

This leaves the judicial branch as the last line of defense for constraining the abuses that this blanket immunity has fostered. Fortunately, there are a few cases that have poked some holes in the liability barrier erected by Section 230 – thanks largely to decisions by the Ninth Circuit Court of Appeals.

Beginning in 2008, the Ninth Circuit held that website operators could retain their immunity only if they “don’t encourage illegal content, or design your website to require users to input illegal content.” Fair Housing Council of San Fernando Valley v. Roommates.com, LLC, 521 F.3d 1157, 1175 (9th Cir. 2008). In that case, “a website designed to match people renting out spare rooms with people looking for a place to live” posted a questionnaire that required each subscriber “to disclose his sex, sexual orientation and whether he would bring children to a household.” Id. at 1161. Such disclosures were claimed to violate the federal Fair Housing Act which bans any “statement with respect to the sale or rental of a dwelling that indicates any preference, limitation, or discrimination” based upon sex and familial status, among other protected characteristics. 42 U.S.C. § 3604(c) [cleaned up].

Eight years later, the Ninth Circuit allowed an aspiring model who used a social networking website to obtain employment to sue the platform for negligent failure to warn under California law after she was allegedly drugged and raped by two men who used that website as part of a scheme to lure her to a fake audition. Jane Doe v. Internet Brands, Inc., 824 F.3d 846 (9th Cir. 2016). Jane Doe did not seek “to remove any user content or otherwise affect how it publishes or monitors such content,” but instead sought to hold the website “liable for failing to warn her about information it obtained from an outside source about how third parties targeted and lured victims.” Id. at 851.

In 2019, the Ninth Circuit again rejected a challenge to Section 230 immunity in a case where a website, which allowed individuals seeking rental housing to connect with hosts, objected to a Santa Monica city ordinance that prohibited short-term home rentals except for licensed home-shares where the residents lived on site with their guests. HomeAway.com, Inc. v. City of Santa Monica, 918 F.3d 676 (9th Cir. 2019). In rejecting the plaintiffs’ assertion that the ordinance was preempted by Section 230 because it required them to monitor and remove non-compliant third party content, the Circuit Court found the ordinance did not require such monitoring; rather, the website operator could simply cross-reference the city’s registry of licensed rentals before processing a booking. Id. at 682-684.

Subsequently, California’s own state appellate courts have likewise limited the scope of immunity accorded to website operators in two cases involving the commercial marketing website Amazon.com.

In 2020, Amazon was not shielded from a potential strict products liability claim involving a defective computer battery purchased from a third-party seller under its “Fulfilled by Amazon” program. Bolger v. Amazon.com, LLC, 53 Cal.App.5th 431 (2020). The Fourth District Court of Appeal concluded that the plaintiff’s claim targeted not the seller’s advertisement, but rather “Amazon’s role in the ‘vertical distribution of consumer goods’ as an ‘integral part of the overall producing and marketing enterprise’ for the [third-party sellers’] replacement laptop battery.” Id. at 464 (citation omitted). Accordingly, “Amazon’s own involvement in the distribution of an allegedly defective product supports strict liability.” Id.

Most recently, on April 8, 2022, California’s First District Court of Appeal issued a modified opinion and denied rehearing in a case holding that Amazon may be subject to liability for posting third-party sellers’ advertisements for their skin-tightening face creams without including a warning that these cosmetics contain mercury – a violation of California’s Proposition 65 which requires such warnings to be issued regarding products containing this reproductive toxin. Lee v. Amazon.com, Inc., 76 Cal.App.5th 200, 2022 WL 736094 (2022). In reaching its conclusion, the appeals court noted that Section 230 preempts inconsistent, but not consistent, state laws; it found that “Proposition 65 is not inconsistent with the CDA because imposing liability on Amazon for failing to comply with its own, independent obligations under Proposition 65, does not require treating Amazon as the publisher or speaker of third-party sellers’ content.” Lee, 2022 WL 736094, at *33.

What is perhaps most intriguing about this latest decision is that it seemingly holds Amazon liable (assuming a Proposition 65 violation can ultimately be established) for information not provided by these third-party sellers in their advertisements. How much of a door this will open to subsequent litigation where others fail to tell the whole truth – as, for example, in defamation and false light invasion of privacy cases – remains to be seen.