from the 1st-amendment-wins-again dept
One down, many more to go.
We’ve been talking a lot by the rush of states to push for age verification laws all over the world, despite basically every expert noting that age verification technology is inherently a problem for privacy and security, and the laws mandating it are terrible. So far, it seems that only the Australian government has decided to buck the trend and push back on implementing such laws. But, much of the rest of the world is moving forward with them, while a bunch of censorial prudes cheer these laws on despite the many concerns about them.
The Free Speech Coalition, the trade group representing the adult content industry, has sued to block the age verification laws in the US that specifically target their websites. We reported on how their case in Utah was dismissed on procedural grounds, because that law is a bounty-type law with a private right of action, so there was no one in the government that could be sued. However, the similar law in Texas did not include that setup (even as Texas really popularized that method with its anti-abortion law). The Free Speech Coalition sued over the law to block it from going into effect.
Judge David Alan Ezra (who is technically a federal judge in Hawaii, but is hearing Texas cases because the Texas courts are overwhelmed) has issued a pretty sweeping smackdown of these kinds of laws, noting that they violate the 1st Amendment and that they’re barred by Section 230.
Given the rushed nature of the proceedings (the case was filed a few weeks ago, and the judge needed to decide before the law was scheduled to go into effect on Friday), it’s impressive that the ruling is 81 pages of detailed analysis. We’ll have a separate post soon regarding the judge’s discussion on the “health warnings” part of the opinion, but I wanted to cover the rest of the legal analysis, mostly regarding the 1st Amendment and Section 230.
However, it is worth mentioning Texas’ ridiculous argument that there was no standing for the Free Speech Coalition in this case. They tried to argue that there was no standing because FSC didn’t name a particular association member impacted by the law, but we’ve been over this in other cases in which trade associations (see: NetChoice and CCIA) are able to bring challenges on behalf of their member companies. The more bizarre standing challenge was that some of the websites that are members of the Free Speech Coalition are not American companies.
But, the judge notes (1) many of the members are US companies and (2) even the non-US companies are seeking to distribute content in the US, where the 1st Amendment still protects them:
Defendant repeatedly emphasizes that the foreign website Plaintiffs “have no valid constitutional claims” because they reside outside the United States. (Def.’s Resp., Dkt. # 27, at 6–7). First, it is worth noting that this argument, even if successful, would not bar the remaining Plaintiffs within the United States from bringing their claims. Several website companies, including Midus Holdings, Inc., Neptune Media, LLC, and Paper Street Media, LLC, along with Jane Doe and Free Speech Coalition (with U.S. member Paper Street Media, LLC), are United States residents. Defendant, of course, does not contest that these websites and Doe are entitled to assert rights under the U.S. Constitution. Regardless of the foreign websites, the domestic Plaintiffs have standing.
As to the foreign websites, Defendant cites Agency for Intl. Dev. v. All. for Open Socy. Intl., Inc., 140 S. Ct. 2082 (2020) (“AOSI”), which reaffirmed the principle that “foreign citizens outside U.S. territory do not possess rights under the U.S. Constitution.” Id. at 2086. AOSI’s denial of standing is distinguishable from the instant case. That case involved foreign nongovernmental organizations (“NGOs”) that received aid—outside the United States—to distribute outside the United States. These NGOs operated abroad and challenged USAID’s ability to condition aid based on whether an NGO had a policy against prostitution and sex trafficking. The foreign NGOs had no domestic operations and did not plan to convey their relevant speech into the United States. Under these circumstances, the Supreme Court held that the foreign NGOs could not claim First Amendment protection. Id.
AOSI differs from the instant litigation in two critical ways. First, Plaintiffs do not seek to challenge rule or policymaking with extraterritorial effect, as the foreign plaintiffs did in AOSI. By contrast, the foreign Plaintiffs here seek to exercise their First Amendment rights only as applied to their conduct inside the United States and as a preemptive defense to civil prosecution. Indeed, courts have typically awarded First Amendment protections to foreign companies with operations in the United States with little thought. See, e.g., Manzari v. Associated Newspapers Ltd., 830 F.3d 881 (9th Cir. 2016) (in a case against British newspaper, noting that defamation claims “are significantly cabined by the First Amendment”); Mireskandari v. Daily Mail and Gen. Tr. PLC, CV1202943MMMSSX, 2013 WL 12114762 (C.D. Cal. Oct. 8, 2013) (explicitly noting that the First Amendment applied to foreign news organization); Times Newspapers Ltd. v. McDonnell Douglas Corp., 387 F. Supp. 189, 192 (C.D. Cal. 1974) (same); Goldfarb v. Channel One Russia, 18 CIV. 8128 (JPC), 2023 WL 2586142 (S.D.N.Y. Mar. 21, 2023) (applying First Amendment limits on defamation to Russian television broadcast in United States); Nygård, Inc. v. UusiKerttula, 159 Cal. App. 4th 1027, 1042 (2008) (granting First Amendment protections to Finnish magazine); United States v. James, 663 F. Supp. 2d 1018, 1020 (W.D. Wash. 2009) (granting foreign media access to court documents under the First Amendment). It would make little sense to allow Plaintiffs to exercise First Amendment rights as a defense in litigation but deny them the ability to raise a pre-enforcement challenge to imminent civil liability on the same grounds.
Moving on. The judge does a fantastic job detailing how Texas’ age verification law is barred by the 1st Amendment. First, the decision notes that the law is subject to strict scrutiny, the highest level of scrutiny in 1st Amendment cases. As the court rightly notes, in the landmark Reno v. ACLU case (the case that found everything except Section 230 of the Communications Decency Act unconstitutional), the Supreme Court said governments can’t just scream “for the children” and use that as a shield against 1st Amendment strict scrutiny:
However, beginning in the 1990s, use of the “for minors” language came under more skepticism as applied to internet regulations. In Reno v. ACLU, the Supreme Court held parts of the CDA unconstitutional under strict scrutiny. 521 U.S. 844, 850 (1997). The Court noted that the CDA was a content-based regulation that extended far beyond obscene materials and into First Amendment protected speech, especially because the statute contained no exemption for socially important materials for minors. Id. at 865. The Court noted that accessing sexual content online requires “affirmative steps” and “some sophistication,” noting that the internet was a unique medium of communication, different from both television broadcast and physical sales.
It also points to ACLU vs. Ashcroft, which found the Child Online Protection Act unconstitutional on similar grounds, and notes that Texas’ law is pretty similar to COPA.
Just like COPA, H.B. 1181 regulates beyond obscene materials. As a result, the regulation is based on whether content contains sexual material. Because the law restricts access to speech based on the material’s content, it is subject to strict scrutiny
Texas also tried to argue that there should be no 1st Amendment protections for adult content because it’s “obscene.” But the judge noted that’s not at all how the system works:
In a similar vein, Defendant argues that Plaintiffs’ content is “obscene” and therefore undeserving of First Amendment coverage. (Id. at 6). Again, this is precedent that the Supreme Court may opt to revisit, but we are bound by the current Miller framework. Miller v. California, 413 U.S. 15, 24 (1973). 3 Moreover, even if we were to abandon Miller, the law would still cover First Amendmentprotected speech. H.B. 1181 does not regulate obscene content, it regulates all content that is prurient, offensive, and without value to minors. Because most sexual content is offensive to young minors, the law covers virtually all salacious material. This includes sexual, but non-pornographic, content posted or created by Plaintiffs. See (Craveiro-Romão Decl., Dkt. # 28-6, at 2; Seifert Decl., Dkt. # 28-7, at 2; Andreou Decl., Dkt. # 28-8, at 2). And it includes Plaintiffs’ content that is sexually explicit and arousing, but that a jury would not consider “patently offensive” to adults, using community standards and in the context of online webpages. (Id.); see also United States v. Williams, 553 U.S. 285, 288 (2008); Ashcroft v. Free Speech Coal., 535 U.S. 234, 252 (2002). Unlike Ginsberg, the regulation applies regardless of whether the content is being knowingly distributed to minors. 390 U.S. at 639. Even if the Court accepted that many of Plaintiffs’ videos are obscene to adults—a question of fact typically reserved for juries—the law would still regulate the substantial portion of Plaintiffs’ content that is not “patently offensive” to adults. Because H.B. 1181 targets protected speech, Plaintiffs can challenge its discrimination against sexual material.
And under strict scrutiny, the law… fails. Badly. The key part of strict scrutiny is whether or not the law is tailored specifically to address a compelling state interest, and not go beyond that. While the court says that protecting children is a compelling state interest, the law is not even remotely narrowly tailored to that interest:
Although the state defends H.B. 1181 as protecting minors, it is not tailored to this purpose. Rather, the law is severely underinclusive. When a statute is dramatically underinclusive, that is a red flag that it pursues forbidden viewpoint discrimination under false auspices, or at a minimum simply does not serve its purported purpose….
H.B. 1181 will regulate adult video companies that post sexual material to their website. But it will do little else to prevent children from accessing pornography. Search engines, for example, do not need to implement age verification, even when they are aware that someone is using their services to view pornography. H.B. 1181 § 129B.005(b). Defendant argues that the Act still protects children because they will be directed to links that require age verification. (Def.’s Resp., Dkt. # 27, at 12). This argument ignores visual search, much of which is sexually explicit or pornographic, and can be extracted from Plaintiffs’ websites regardless of age verification. (Sonnier Decl., Dkt. # 31-1, at 1–2). Defendant’s own expert suggests that exposure to online pornography often begins with “misspelled searches[.]”…
So, the law doesn’t stop most access to adult content. The judge highlights that, by the state’s own argument, it doesn’t apply to foreign websites, which host a ton of adult content. And it also doesn’t apply to social media, since most of their content is not adult content.
In addition, social media companies are de facto exempted, because they likely do not distribute at least one-third sexual material. This means that certain social media sites, such as Reddit, can maintain entire communities and forums (i.e., subreddits), dedicated to posting online pornography with no regulation under H.B. 1181. (Sonnier Decl., Dkt. # 31-1, at 5). The same is true for blogs posted to Tumblr, including subdomains that only display sexually explicit content. (Id.) Likewise, Instagram and Facebook pages can show material which is sexually explicit for minors without compelled age verification. (Cole Decl., Dkt. # 5-1, at 37–40). The problem, in short, is that the law targets websites as a whole, rather than at the level of the individual page or subdomain. The result is that the law will likely have a greatly diminished effect because it fails to reduce the online pornography that is most readily available to minors.
In short, if the argument is that we need to stop kids from seeing pornography, the law should target pornography, rather than a few sites which focus on pornography.
Also, the law is hella vague, in part because it does not consider that 17-year-olds are kinda different from 5-year-olds.
The statute’s tailoring is also problematic because of several key ambiguities in H.B. 1181’s language. Although the Court declines to rest its holding on a vagueness challenge, those vagueness issues still speak to the statute’s broad tailoring. First, the law is problematic because it refers to “minors” as a broad category, but material that is patently offensive to young minors is not necessarily offensive to 17-year-olds. As previously stated, H.B. 1181 lifts its language from the Supreme Court’s holdings in Ginsberg and Miller, which remains the test for obscenity. H.B. 1181 § 129B.001; Miller, 413 U.S. at 24; Ginsberg, 390 U.S. at 633. As the Third Circuit held, “The type of material that might be considered harmful to a younger minor is vastly different—and encompasses a much greater universe of speech—than material that is harmful to a minor just shy of seventeen years old. . . .” ACLU v. Ashcroft, 322 F.3d at 268. 7 H.B. 1181 provides no guidance as to what age group should be considered for “patently offensive” material. Nor does the statute define when material may have educational, cultural, or scientific value “for minors,” which will likewise vary greatly between 5-yearolds and 17-year-olds.
And even the “age verification” requirements are vague because it’s not clear what counts.
Third, H.B. 1181 similarly fails to define proper age verification with sufficient meaning. The law requires sites to use “any commercially reasonable method that relies on public or private transactional data” but fails to define what “commercially reasonable” means. Id. § 129B.03(b)(2)(B). “Digital verification” is defined as “information stored on a digital network that may be accessed by a commercial entity and that serves as proof of the identify of an individual.” Id. § 129B.003(a). As Plaintiffs argue, this definition is circular. In effect, the law defines “identity verification” as information that can verify an identity. Likewise, the law requires “14-point font,” but text size on webpages is typically measured by pixels, not points. See Erik D. Kennedy, The Responsive Website Font Size Guidelines, Learn UI Design Blog (Aug. 7, 2021) (describing font sizes by pixels) (Dkt. # 5-1 at 52–58). Overall, because the Court finds the law unconstitutional on other grounds, it does not reach a determination on the vagueness question. But the failure to define key terms in a comprehensible way in the digital age speaks to the lack of care to ensure that this law is narrowly tailored. See Reno, 521 U.S. at 870 (“Regardless of whether the CDA is so vague that it violates the Fifth Amendment, the many ambiguities concerning the scope of its coverage render it problematic for purposes of the First Amendment.”).
So the law is underinclusive and vague. But it’s also overinclusive by covering way more than is acceptable under the 1st Amendment.
Even if the Court were to adopt narrow constructions of the statute, it would overburden the protected speech of both sexual websites and their visitors. Indeed, Courts have routinely struck down restrictions on sexual content as improperly tailored when they impermissibly restrict adult’s access to sexual materials in the name of protecting minors.
The judge notes (incredibly!) that parts of HB 1181 are so close to COPA (the law the Supreme Court found unconstitutional in the ACLU v. Ashcroft case) that he seems almost surprised Texas even bothered.
The statutes are identical, save for Texas’s inclusion of specific sexual offenses. Unsurprisingly, then, H.B. 1181 runs into the same narrow tailoring and overbreadth issues as COPA….
Despite this decades-long precedent, Texas includes the exact same drafting language previously held unconstitutional.
Nice job, Texas legislature.
The court also recognizes the chilling effects of age verification laws, highlighting how, despite the ruling in Lawrence v. Texas saying anti-gay laws were unconstitutional, Texas has still kept the law in question on the books.
Privacy is an especially important concern under H.B. 1181, because the government is not required to delete data regarding access, and one of the two permissible mechanisms of age-verification is through government ID. People will be particularly concerned about accessing controversial speech when the state government can log and track that access. By verifying information through government identification, the law will allow the government to peer into the most intimate and personal aspects of people’s lives. It runs the risk that the state can monitor when an adult views sexually explicit materials and what kind of websites they visit. In effect, the law risks forcing individuals to divulge specific details of their sexuality to the state government to gain access to certain speech. Such restrictions have a substantial chilling effect. See Denver Area Educ. Telecomm. Consortium, Inc., 518 U.S. at 754 (“[T]he written notice requirement will further restrict viewing by subscribers who fear for their reputations should the operator, advertently or inadvertently, disclose the list of those who wish to watch the patently offensive channel.”).
The deterrence is particularly acute because access to sexual material can reveal intimate desires and preferences. No more than two decades ago, Texas sought to criminalize two men seeking to have sex in the privacy of a bedroom. Lawrence v. Texas, 539 U.S. 558 (2003). To this date, Texas has not repealed its law criminalizing sodomy. Given Texas’s ongoing criminalization of homosexual intercourse, it is apparent that people who wish to view homosexual material will be profoundly chilled from doing so if they must first affirmatively identify themselves to the state.
Texas argued that the age verification data will be deleted, but that doesn’t cut it, which is an important point in many other states passing similar laws:
Defendant contests this, arguing that the chilling effect will be limited by age verification’s ease and deletion of information. This argument, however, assumes that consumers will (1) know that their data is required to be deleted and (2) trust that companies will actually delete it. Both premises are dubious, and so the speech will be chilled whether or not the deletion occurs. In short, it is the deterrence that creates the injury, not the actual retention. Moreover, while the commercial entities (e.g., Plaintiffs) are required to delete the data, that is not true for the data in transmission. In short, any intermediary between the commercial websites and the third-party verifiers will not be required to delete the identifying data.
The judge also notes that leaks and data breaches are a real risk, even if the law requires deletion of data! And that the mere risk of such a leak is a speech deterrent.
Even beyond the capacity for state monitoring, the First Amendment injury is exacerbated by the risk of inadvertent disclosures, leaks, or hacks. Indeed, the State of Louisiana passed a highly similar bill to H.B. 1181 shortly before a vendor for its Office of Motor Vehicles was breached by a cyberattack. In a related challenge to a similar law, Louisiana argues that age-verification users were not identified, but this misses the point. See Free Speech Coalition v. Leblanc, No. 2:23-cv-2123 (E.D. La. filed June 20, 2023) (Defs.’ Resp., Dkt. # 18, at 10). The First Amendment injury does not just occur if the Texas or Louisiana DMV (or a third-party site) is breached. Rather, the injury occurs because individuals know the information is at risk. Private information, including online sexual activity, can be particularly valuable because users may be more willing to pay to keep that information private, compared to other identifying information. (Compl. Dkt. # 1, at 17); Kim Zetter, Hackers Finally Post Stolen Ashley Madison Data, Wired, Aug. 18, 2015, https://www.wired.com/2015/08/happened-hackers-posted-stolen-ashleymadison-data (discussing Ashley Madison data breach and hackers’ threat to “release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses.”). It is the threat of a leak that causes the First Amendment injury, regardless of whether a leak ends up occurring.
Hilariously, Texas’ own “expert” (who works on age verification tech and is on the committee that runs the trade association of age verification companies) basically undermined Texas’ argument:
Defendant’s own expert shows how H.B. 1181 is unreasonably intrusive in its use of age verification. Tony Allen, a digital technology expert who submitted a declaration on behalf of Defendant, suggests several ways that age-verification can be less restrictive and costly than other measures. (Allen Decl., Dkt. # 26-6). For example, he notes that age verification can be easy because websites can track if someone is already verified, so that they do not have to constantly prove verification when someone visits the page. But H.B. 1181 contains no such exception, and on its face, appears to require age verification for each visit.
Given all that, the age verification alone violates the 1st Amendment.
With that, there isn’t even a need to do a Section 230 analysis, but the court does so anyway. It doesn’t go particularly deep, other than to note that Section 230’s coverage is considered broad (even in the 5th Circuit):
Defendant seeks to differentiate MySpace because the case dealt with a negligence claim, which she characterizes as an “individualized harm.” (Def.’s Resp., Dkt. # 27, at 19). MySpace makes no such distinction. The case dealt with a claim for individualized harm but did not limit its holding to those sorts of harms. Nor does it make sense that Congress’s goal of “[paving] the way for a robust new forum for public speech” would be served by treating individual tort claims differently than state regulatory violations. Bennett v. Google, LLC, 882 F.3d 1163, 1166 (D.C. Cir. 2018) (cleaned up). The text of the CDA is clear: “No cause of action may be brought and no liability may be imposed under any State or local law that is inconsistent with this section.” 47 U.S.C. § 230(e)(3). “[A]ny” state law necessarily includes those brought by state governments, so Defendant’s distinction between individual vs. regulatory claims is without merit.
The Fifth Circuit “and other circuits have consistently given [Section 230(c)] a wide scope.” Google, Inc. v. Hood, 822 F.3d 212, 220-21 (5th Cir. 2016) (quoting MySpace, 528 F.3d at 418). “The expansive scope of CDA immunity has been found to encompass state tort claims, alleged violations of state statutory law, requests for injunctive relief, and purported violations of federal statutes not specifically excepted by § 230(e).” Hinton v. Amazon.com.dedc, LLC, 72 F. Supp. 3d 685, 689 (S.D. Miss. 2014) (citing cases).
And while the court says 230 preemption might not apply to adult content websites that create and host their own content, it absolutely does apply to those that host 3rd party user-uploaded content.
Those Plaintiffs that develop and post their own content are not entitled to an injunction on Section 230 grounds. Still, other Plaintiffs, such as WebGroup, which operates XVideos, only hosts third-party content, and therefore is entitled to Section 230 protection.
Given all that it’s not difficult for the court to issue the injunction, noting that a violation of 1st Amendment rights is irreparable harm.
In short, Plaintiffs have shown that their First Amendment rights will likely be violated if the statute takes effect, and that they will suffer irreparable harm absent an injunction. Defendant suggests this injury is speculative and notimminent, (Def.’s Resp., Dkt. # 27, at 21–23), but this is doubtful. H.B. 1181 takes effect on September 1—mere days from today. That is imminent. Nor is the harm speculative. The Attorney General has not disavowed enforcement. To the contrary, her brief suggests a genuine belief that the law should be vigorously enforced because of the severe harms purportedly associated with what is legal pornography. (Id. at 1–5). It is not credible for the Attorney General to state that “[p]orn is absolutely terrible for our kids” but simultaneously claim that they will not enforce a law ostensibly aimed at preventing that very harm. Because the threat of enforcement is real and imminent, Plaintiffs’ harm is non-speculative. It is axiomatic that a plaintiff need not wait for actual prosecution to seek a preenforcement challenge. See Babbitt v. United Farm Workers Nat. Union, 442 U.S. 289, 298 (1979). In short, Plaintiffs have more than met their burden of irreparable harm.
All in all this is a very good, very clear, very strong ruling, highlighting how age verification mandates for adult content violate the 1st Amendment. It’s likely Texas will appeal, and the 5th Circuit has a history of ignoring 1st Amendment precedent, but for now this is a win for free speech and against mandatory age verification.
Filed Under: 1st amendment, adult content, age verification, chilling effects, hb 1181, pornography, preemption, privacy, section 230, standing, state laws, texas
Companies: free speech coalition