Fourth Circuit Goes On The Attack Against Section 230 In A Lawsuit Over Publication Of Third Party Data
from the immunity-applies,-unless-the-judge-doesn't-like-Section-230 dept
Prior to the turn of the century, the Fourth Circuit Court of Appeals handed down a formative decision that helped craft the contours of Section 230 immunity. The case — Zeran v. America Online — dealt with a tricky question: whether or not a platform’s failure to moderate content (in this case, posts that contained Zeran’s phone number and oblique accusations he approved of the Oklahoma City federal building bombing) made the platform liable for the user-generated content.
The Appeals Court didn’t have much to work with at that point. Section 230 of the Communications Decency Act was less than a year old at the time Kenneth Zeran filed his lawsuit against AOL. Nevertheless, the court recognized AOL’s immunity from the suit. And it did this by applying the new CDA clause retroactively to apply to alleged wrongs against Zeran that were committed nearly a year before the CDA went into effect.
Flash-forward more than a quarter century, and the Fourth Circuit Court of Appeals has delivered another potentially groundbreaking decision [PDF], albeit one that goes the other direction to hold a website directly responsible for content posted by others.
In this case, the plaintiffs and their class action lawsuit sought to hold Public Data, LLC directly responsible for content it gathers from other sources and republishes on its own platforms. The data collected by Public Data (the name the court uses to collectively refer to the multiple parties collecting and disseminating this data) comes from public records. This includes civil and criminal court proceedings, voting records, driver data, professional licensing information, and anything else generated by government agencies Public Data can hoover up.
It then consolidates the data to make it more user-friendly, reformatting raw documents to deliver snapshots of people Public Data’s customers wish to obtain info about. The plaintiffs allege this process often removes exonerative data about criminal charges and reduces criminal background info to little more than a list of charges (with no data on whether these charges resulted in a conviction). Making things worse, Public Data’s summaries apparently include “glib statements” that misrepresent the entirety of the data collected from public sources. Public Data makes it clear to users that it is not responsible for any inaccuracies in the raw data it collects and collates. It also refuses to correct incorrect data or remove any inaccurate information it has scraped from public records databases.
The value of this information — no matter how inaccurate or incomplete — is undeniable. The plaintiffs note that Public Data has nearly 50 million customers. And presumably few of those customers take the repackaging of scraped data — with or without Public Data’s commentary — with a grain of salt, despite the cautionary statements issued by Public Data.
This all sounds like the collection and republication of data generated by third-parties. What is or isn’t passed onto users sounds pretty much like content moderation, something that’s not only protected by Section 230 immunity, but the First Amendment as well. Since those are the most obvious impediments to the lawsuit, the plaintiffs have chosen to frame this repackaging of data (and Public Data’s editorial decisions) as violations of the Fair Credit Reporting Act (FCRA).
The Appeals Court should have recognized this tactic for what it was. Instead, it decides the acts the lawsuit is predicated on are somehow exempt from Section 230 immunity. Eric Goldman, who has a long history of covering Section 230 cases and advocating for its continued existence, saw this disturbing decision coming a long time ago, back when the lower court decided Section 230 immunity applied but did so in a way that invited novel interpretations of this protection.
The plaintiff sued the defendant for violating four provisions of the Fair Credit Reporting Act (FCRA). At its core, the FCRA is in tension with Section 230 because it seemingly regulates the dissemination of third-party content (i.e., the credit data provided by vendors). However, many FCRA provisions are ministerial in nature about how to operate a credit reporting agency, and those provisions may not specifically base liability for credit report dissemination even if the overall statutory objective relates to that output. This makes the FCRA/230 interface ambiguous and confusing.
The district court dismissed the lawsuit on Section 230 grounds in a garbled and controversial opinion. As I predicted then, the district court’s “distorted Section 230 test makes this ruling vulnerable on appeal or in further proceedings.” And here we are.
And that’s what has happened here. Ignoring its own Zeran precedent, the court starts imposing new rules on Section 230 immunity, utilizing the plaintiff’s Fair Credit Reporting Act allegations as the baseline. The court says there’s a possible defamation claim here because it apparently believes liability attaches to publishers of third-party content when the republished content is “improper.”
That’s definitely wrong. And it sounds like the court wants to believe there’s a publisher/platform dichotomy that makes Section 230 irrelevant, even though the law itself makes no such distinction when it comes to content created by third parties.
To arrive at this tortured conclusion, the court says a whole lot about the Fair Credit Reporting Act, which does indeed pose penalties on reporting agencies that aren’t careful about ensuring the accuracy of the information they collect or disseminate. But that has little to do with Public Data’s business model, which simply collects public records from public sites to find relevant information about people its customers wish to know more about.
That isn’t the same thing and the court should know this. Instead, it seemingly decides that FCRA reporting requirements apply and Section 230 doesn’t. And then it says things about the commentary Public Data attaches to public record data, claiming that this goes beyond protected editorial functions and turns Public Data into a culpable partner in the dissemination of false information. Here’s Goldman, summarizing this particularly dangerous conclusion:
The court summarizes its legal standard as:
an interactive computer service is not responsible for developing the unlawful information unless they have gone beyond the exercise of traditional editorial functions and materially contributed to what made the content unlawful.
This adopts an obvious false dichotomy. Materially contributing to third-party content is a “traditional editorial function,” so this distinction is incoherent. This legal standard invites plaintiffs to define “traditional editorial functions” to exclude whatever defense behavior they are targeting. The chaos is palpable. (The scope of “traditional editorial functions” is a question presented in Gonzalez, so the Supreme Court will almost certainly make a worse hash of this term by June).
If you don’t see the problem here, Goldman explains further:
When a 230 defendant republishes third-party content verbatim and without redaction, this standard is fine. But 230 defendants routinely extract pieces of a third-party submission–sometimes as promotional previews, sometimes to fit publication constraints. 230(c)(1) has applied in so many cases fitting that paradigm (People v. Ferrer represents an outer extreme), yet future plaintiffs can argue that any piece excluded from the extract creates a deceptive omission and VOILA! Bye bye 230.
So, for example, Google’s search results descriptions republishes extracts from the source website. This has qualified for Section 230 (e.g., O’Kroley v. Fastcase). This court is saying that 230 would not apply if the plaintiff claims the search results description left behind contextualizing information, which will happen ALL THE TIME. Boom–all of Google search descriptions are now potentially outside Section 230.
That’s where the Fourth Circuit Appeals court leaves, practically daring Public Data to appeal the decision and place it in the hands of a Supreme Court that is far too willing these days to upend rights and protections recently appointed justices just don’t care for. Section 230 immunity is on the Supreme Court’s shit list at the moment, and this decision feeds into desire to cherry-pick cases that it can use to overturn decades of jurisprudence just because it no longer cares for its own precedent.