Nov 122017
 

This post appeared on Techdirt on 11/10/17.  The anniversary it notes is today.

We have been talking a lot lately about how important Section 230 is for enabling innovation and fostering online speech, and, especially as Congress now flirts with erasing its benefits, how fortuitous it was that Congress ever put it on the books in the first place.

But passing the law was only the first step: for it to have meaningful benefit, courts needed to interpret it in a way that allowed for it to have its protective effect on Internet platforms. Zeran v. America Online was one of the first cases to test the bounds of Section 230’s protection, and the first to find that protection robust. Had the court decided otherwise, we likely would not have seen the benefits the statute has since then afforded.

This Sunday the decision in Zeran turns 20 years old, and to mark the occasion Eric Goldman and Jeff Kosseff have gathered together more than 20 essays from Internet lawyers and scholars reflecting on the case, the statute, and all of its effects. I have an essay there, “The First Hard Case: ‘Zeran v. AOL’ and What It Can Teach Us About Today’s Hard Cases,” as do many other advocates, including lawyers involved with the original case. Even people who are not fans of Section 230 and its legacy are represented. All of these pieces are worth reading and considering, especially by anyone interested in setting policy around these issues.

Nov 042017
 

The following post originally appeared on Techdirt on 10/27/17.

It isn’t unusual or unwarranted for Section 230 to show up as a defense in situations where some might not expect it. Its basic principles may apply to more situations than may necessarily be readily apparent. But to appear as a defense in the Cockrum v. Campaign for Donald Trump case is pretty unexpected. From page 37 of the campaign’s motion to dismiss the case against it, the following two paragraphs are what the campaign slipped in on the subject:

Plaintiffs likewise cannot establish vicarious liability by alleging that the Campaign conspired with WikiLeaks. Under section 230 of the Communications Decency Act (47 U.S.C. § 230), a website that provides a forum where “third parties can post information” is not liable for the third party’s posted information. Klayman v. Zuckerberg, 753 F.3d 1354, 1358 (D.C. Cir. 2014). That is so even when even when the website performs “editorial functions” “such as deciding whether to publish.” Id. at 1359. Since WikiLeaks provided a forum for a third party (the unnamed “Russian actors”) to publish content developed by that third party (the hacked emails), it cannot be held liable for the publication.

That defeats the conspiracy claim. A conspiracy is an agreement to commit “an unlawful act.” Paul v. Howard University, 754 A.2d 297, 310 (D.C. 2000). Since WikiLeaks’ posting of emails was not an unlawful act, an alleged agreement that it should publish those emails could not have been a conspiracy.

This is the case brought against the campaign for allegedly colluding with Wikileaks and the Russians to disclose the plaintiffs’ private information as part of the DNC email trove that ended up on Wikileaks. Like Eric Goldman, who has an excellent post on the subject, I’m not going to go into the relative merits of the lawsuit itself, but I would note that it is worth consideration. Even if it’s true that the Trump campaign and Wikileaks were somehow in cahoots to hack the DNC and publish the data taken from it, whether and how the consequences of that disclosure can be recognized by law is a serious issue, as is whether this particular lawsuit by these particular plaintiffs with these particular claims is one that the law can permit to go forward without causing collateral effects to other expressive endeavors, including whistleblower journalism generally. On these points there may or may not be issues with the campaign’s motion to dismiss overall. But the shoehorning of a Section 230 argument into its defensive strategy seems sufficiently weird and counterproductive to be worth commenting on in and of itself. Continue reading »

Protecting Internet Intermediaries (cross-post)

 Analysis/commentary, Intermediary liability  Comments Off on Protecting Internet Intermediaries (cross-post)
Feb 202014
 

The following was posted on Project-Disco.org earlier this week:

What would the Internet be without its intermediaries? Nothing, that’s what. Intermediaries are what carry, store, and serve every speck of information that makes up the Internet. Every cat picture, every YouTube comment, every Wikipedia article. Every streamed video, every customer review, every online archive. Every blog post, every tweet, every Facebook status. Every e-business, every search engine, every cloud service. No part of what we have come to take the Internet for exists without some site, server, or system intermediating that content so that we all can access it.

And yet, if we’re not careful, we can easily lose all the benefits these intermediaries bring us. Thankfully, in the United States we have some laws that help ensure they can exist, chief among them 47 U.S.C. Section 230. As my recent paper on the state of the law regarding intermediary liability explains, this law stands for the proposition that intermediaries are only responsible for what they themselves communicate through their systems – not what others use them to say. For example, newspapers that post articles online are only responsible for the content of the articles they publish, not the comments readers then post to them. Similarly consumer review sites are only responsible for the information they supply to their sites, not the user reviews themselves. This same principle also means that people who link to content (as search engines do) are not legally responsible for that content, even if that content should happen to be illegal in some way (like by being potentially defamatory).

The reason Section 230 has been so helpful in allowing the Internet to thrive and become this increasingly rich resource is that by relieving intermediaries of liability for the content passing through their systems it has allowed for much more, and much more diverse, content to take root on them than there would have been had intermediaries felt it necessary to police every byte that passed through their systems out of the fear that if they didn’t, and the wrong bit got through, an expensive lawsuit could be just around the corner. Because of that fear, even if those bits and bytes did not actually comprise anything illegal intermediaries would still be tempted to over-censor or even outright prohibit scads of content, no matter how valuable that content might actually be.

Continue reading »

Feb 202013
 

At an event on CFAA reform last night I heard Brewster Kahle say what to my ears sounded like, “Law that follows technology tends to be ok. Law that tries to lead it is not.”

His comment came after an earlier tweet I’d made:

I think we need a per se rule that any law governing technology that was enacted more than 10 years ago is inherently invalid.

In posting that tweet I was thinking about two horrible laws in particular, the Computer Fraud and Abuse Act (CFAA) and the Electronic Communications Privacy Act (ECPA). The former attempts to forbid “hacking,” and the second ostensibly tried to update 1968’s Wiretap Act to cover information technology. In both instances the laws as drafted generally incorporated the attitude that technology as understood then would be the technology the world would have forever hence, a prediction that has obviously been false. But we are nonetheless left with laws like these on the books, laws that hobble further innovation by how they’ve enshrined in our legal code what is right and wrong when it comes to our computer code, as we understood it in 1986, regardless of whether, if considered afresh and applied to today’s technology, we would still think so.

To my tweet a friend did challenge me, however, “What about Section 230? (47 U.S.C. § 230).” This is a law from 1996, and he has a point. Section 230 is a piece of legislation that largely immunizes Internet service providers for liability in content posted on their systems by their users – and let’s face it: the very operational essence of the Internet is all about people posting content on other people’s systems. However, unlike the CFAA and ECPA, Section 230 has enabled technology to flourish, mostly by purposefully getting the law itself out of the way of the technology.

The above are just a few examples of some laws that have either served technology well – or served to hamper it. There are certainly more, and some laws might ultimately do a bit of both. But the general point is sound: law that is too specific is often too stifling. Innovation needs to be able to happen however it needs to, without undue hindrance caused by legislators who could not even begin to imagine what that innovation might look like so many years before. After all, if they could imagine it then, it would not be so innovative now.