Salesforce Asks Appeals Court To Say It's Protected Under 230; After Its Own CEO Said We Should Get Rid Of 230
from the incredible dept
We were quite perplexed in late 2019 when Salesforce.com founder and CEO Marc Benioff (never one to shy away from expressing his opinions on anything at all) announced that Section 230 should be abolished. It seemed like an extremely poorly thought-out statement from a CEO who was wholly unfamiliar with the issues, but who has sort of relished tweaking the noses of the big consumer internet companies over the past few years (after spending the first decade or so of Software.com’s existence tweaking the noses of enterprise software companies). As we wrote at the time, Benioff didn’t seem to understand 230 at all, and seemed just angry at Facebook.
Of course, this is coming back to bite him hard. Just a few months later, lawyer Annie McAdams, who seems to have made it her life’s mission to file blatantly silly attacks on Section 230 in court, sued Salesforce.com (and not for the first time!), claiming that because Backpage.com had used Salesforce as its CRM system, Salesforce was somehow magically liable for any sex trafficking that happened on the platform. In the complaint, McAdams cited Benioff’s comments:
Salesforce will claim that no matter what role Salesforce played in the development and amplification of Backpage?s business model, they should be completely shielded and not have to answer any questions or be held accountable in any manner by asking the Court to dismiss the case at the initial stage.
The distortion and use of the Communications Decency Act as a sword by technology companies such as Salesforce is an outright distortion of the intent of Congress in regard to the development of the internet.
The Communications Decency Act (?CDA?) was never intended to protect technology companies from being held accountable for unlawful conduct or sex trafficking.
Salesforce?s own CEO, Marc Benioff, on October 16, 2019, has demanded Section 230 of the CDA be abolished with the need for ?standards and practices be decided by law?
And, in late March, she actually prevailed. In a somewhat terrible decision, federal judge Andrew Hanen refused to grant Salesforce’s motion to dismiss, and said that Salesforce’s use of 230 here did not let it off the hook with a bizarre ruling that goes against pretty much all 230 precedent on the books:
… the Court cannot hold as a matter of law that CDA 230’s protections apply to Salesforce. In particular, the Court is not persuaded that Salesforce is a provider of “an interactive computer service” entitled to protection.
WHAT?!? I mean, every other court has recognized that any website is considered an interactive computer service. I’m honestly having trouble recalling another cases where this definition is even an issue at all.
Moreover, it is unclear to the Court whether CDA 230 is even relevant, because Plaintiff has alleged that Salesforce directly and “knowingly benefitted” from providing services to facilitate sex trafficking. That allegation, if true, would elevate Salesforce’s role beyond that of a mere publisher, which is the touchstone of CDA 230(c)(1).
This is also… just wrong. Having knowledge does not, in any way, elevate a website’s role “beyond that of a mere publisher.” There are multiple cases that say so, and nothing in the law says that knowledge changes anything. The whole thing is bizarre.
For what it’s worth, the court did reject a bunch of McAdams’ other claims regarding negligence and civil conspiracy, recognizing that it’s a stretch to argue that providing the CRM tool to a service that provided tools to other third parties, some of whom used it for trafficking, somehow makes them liable. But, without the 230 immunity, the case still has to go on concerning Texas’ anti-sex trafficking law.
Now, Salesforce is in the position of trying to ask the 5th Circuit appeals court to fix this awful ruling. Its first move is just to get the district court to let it pause the case at this point to get the 5th Circuit to take a look. And it’s leaning hard on Section 230, the same law its CEO says should be abolished.
Both sides would benefit from resolving sooner rather than later the threshold, potentially dispositive issue whether section 230 of the Communications Decency Act applies to Salesforce and bars this lawsuit in its entirety.
In laying out the argument for why the 5th Circuit should get to review the case at this stage, Salesforce lawyers point out that if this is not allowed, it completely destroys the whole reason that 230 immunity exists in the first place — to make one immune to these kinds of mistargeted lawsuits:
The section 230 issue presents a controlling question of law?particularly given that the Fifth Circuit considers section 230(c)(1) an ?immunity provision? and regards its applicability as a threshold legal issue to resolve at the outset of litigation. MySpace, 528 F.3d at 418; accord Diez v. Google, Inc., 831 F. App?x 723, 724 (5th Cir. 2020) (per curiam). That necessity is driven ?not because of the expense of litigation but because of the irretrievable loss of immunity from suit.? McSurely v. McClellan, 697 F.2d 309, 317 n.13 (D.C. Cir. 1982) (per curiam). So courts ?aim to resolve the question of [section] 230 immunity at the earliest possible stage of the case because that immunity protects [providers] not only from ultimate liability,? but also from litigation itself. Nemet Chevrolet, Ltd. v. Consumeraffairs.com, Inc., 591 F.3d 250, 255 (4th Cir. 2009) (citation omitted).
As a result, an interlocutory appeal is warranted to ensure meaningful appellate review of whether section 230 bars plaintiffs? suit against Salesforce. If the litigation continues, even though Salesforce may eventually be protected ?from ultimate liability,? it will have lost?irretrievably?section 230?s protection against being sued in the first place and ?having to fight costly and protracted legal battles.? Nemet Chevrolet, 591 F.3d at 255 (citation omitted). Thus, as ?resolution on appeal . . . would impact the course of litigation and could terminate the suit in this Court,? La. State Conf. of NAACP v. Louisiana, — F. Supp. 3d. —, No. 19-479-JWD-SDJ, 2020 WL 6130747, at *9 (M.D. La. Oct. 19, 2020), the section 230 issue is a controlling question of law that warrants immediate review.
As Salesforce points out, Judge Hanen’s claim that Salesforce might not even be an “interactive computer service” goes against lots of other courts, even those who have reviewed whether or not Salesforce itself qualifies:
The Court?s initial hesitation as to whether Salesforce is an interactive computer service provider covered by section 230 is contrary to at least two other courts that have decided that issue as to Salesforce specifically. And decisions from courts across the country magnify the substantial ground for disagreement on when an interactive computer service provider is ?treated? as a ?publisher? under section 230.
To start, two other courts have very recently held that Salesforce meets section 230?s definition of an interactive computer service provider in cases involving virtually identical allegations. A California state court determined that ?[t]he term ?interactive computer service? . . . applies to software providers such as [Salesforce].? Does #1 through #90 v. Salesforce.com, Inc., No. CGC-19-574770, slip op. at 4 (S.F. Super. Oct. 3, 2019).
That court explained that Salesforce?s ?customer relationship management . . . software? supplies ?enabling tools? that users can access through the internet. Does #1 through #90, at 4 (quoting 47 U.S.C. ? 230(f)(4)). Those software tools, the court concluded, put Salesforce well within the ?broad statutory definition? of an ?access software provider,? because Salesforce provides ?software . . . or enabling tools? that ?transmit,? ?receive,? ?cache,? ?search,? and ?organize? data. Id. at 4?5 (quoting 47 U.S.C. ? 230(f)(4)). And because ?multiple users? can ?access? the ?computer server? with those tools, 47 U.S.C. ? 230(f)(2), Salesforce is a ?provider . . . of an interactive computer service? under section 230(c)(1), see Does #1 through #90, at 4.
The court also ruled that the plaintiffs? claims impermissibly ?treat[ed] [Salesforce] as the publisher of [third-party] information.? Does #1 through #90, at 5. The court explained that the plaintiffs? claims relied on third-party content to establish Salesforce?s liability. Simply put, Salesforce could ?only be liable if . . . linked to the[ ] advertisements? that were used to traffic the plaintiffs. Id. Because the plaintiffs alleged that Salesforce was linked to the ads for the reason that ?its ?platform and CRM? [software] enabled Backpage to publish and disseminate? them, the court determined that the plaintiffs? claims necessarily implicated Salesforce ?as a publisher.? Id. The court therefore concluded that the claims were barred by section 230(c)(1)….
A Texas state court has held the same?namely, that Salesforce falls within section 230?s definition of an interactive computer service and that materially identical claims were barred under section 230. In Re: Jane Doe Cases, Tex. MDL Cause, No. 2020-28545, slip op. at 1?2 (Aug. 28, 2020). Thus, whether Salesforce is entitled to section 230 immunity may depend on whether the parties are in state or federal court in Texas?creating a risk of forum shopping between Texas courts that heightens the need for interlocutory review.
Then they note that there are lots of other cases regarding non-Salesforce defendants showing how broad the definition of an ICS truly is.
Relying on the plain statutory text, courts have held that many different types of providers are covered under the statute?s capacious definitions of an ?interactive computer service? and ?access software provider.? 47 U.S.C. ? 230(f)(2) & (4); see, e.g., Zango, Inc. v. Kaspersky Lab, Inc., 568 F.3d 1169, 1175?76 (9th Cir. 2009) (provider of anti-malware software); Davis v. Motiva Enterprises, L.L.C., No. 09-14-00434-CV, 2015 WL 1535694, at *1, *3?4 (Tex. App.?Beaumont Apr. 2, 2015) (employer whose employee used the company?s ?technology and facilities?); GoDaddy.com, LLC v. Toups, 429 S.W.3d 752, 758?59 (Tex. App.?Beaumont 2014) (website host).
Other courts might therefore conclude (and indeed have concluded) that Salesforce?a provider of software that ?enables . . . access by multiple users to a computer server,? 47 U.S.C. ? 230(f)(2), where those users can use various tools to ?transmit,? ?receive,? ?cache,? ?search,? and ?organize? customer data, id. ? 230(f)(4)? falls within these definitional provisions, too.
As such, they note that plenty of courts — including the 5th Circuit in which this district court resides — have held that 230 immunizes websites from all kinds of civil liability if that liability touches on 3rd party content.
Likewise, the Fifth Circuit and a host of other courts have held that the ?plain text? of section 230 immunizes interactive computer service providers from ?any cause of action? that treats them as a ?publisher? by seeking to hold them ?liable for information originating with a third-party user of the service.? Diez, 831 F. App?x at 724; accord MySpace, 528 F.3d at 418 (negligence claims); see O?Kroley v. Fastcase, Inc., 831 F.3d 352, 354 (6th Cir. 2016) (invasion of privacy and other tort claims); Jane Doe No. 1 v. Backpage.com, LLC, 817 F.3d 12, 19?20 (1st Cir. 2016) (human trafficking claims); Barnes v. Yahoo!, Inc., 570 F.3d 1096, 1101?02 (9th Cir. 2009) (collecting citations).
Hopefully they succeed, and the 5th Circuit overturns the initial ruling.
However, the bigger question may be whether or not Benioff has learned his lesson and might actually understand why Section 230 is so important for the wider internet, including his company?