On June 7, 2019, the US Court of Appeals for the DC Circuit affirmed dismissal of a lawsuit filed against Google, Microsoft, and Yahoo! by fourteen self-described “legitimate” locksmiths. Marshall’s Locksmith Svc. Inc. v. Google, LLC, et al., No. 18-7018.

The case, comprised of eight federal and state claims including violations of the Lanham Act, specifically 15 U.S.C. § 1125(a)(1)(B), and Section 2 of the Sherman Act, 15 U.S.C. § 2, alleged that the defendants gain advertising revenue by enabling so-called “scam locksmiths” – which are either not resident in or are not licensed by the jurisdictions in which they purport to operate – to “amplify their influence” in search results. Defendants achieved complete dismissal of the case pursuant to a provision in the Communications Decency Act, 47 U.S.C. § 230 (CDA), that gives immunity to a “publisher or user of an interactive computer service.” The Court of Appeals’ de novo review hinged on whether defendants in fact enabled the “scam” locksmiths to a degree that strips them of CDA immunity. (The Sherman II claim for unlawful monopolization was predicated on the same advertising-related conduct, so CDA immunity would require dismissal of that claim as well.)

The controlling provision of the CDA states: “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” 47 U.S.C. § 230(c)(1). The DC Circuit employs a three-part test to determine whether that provision protects a CDA defendant: (1) whether the entity is indeed a “provider or user of an interactive computer service;” (2) was the content provided by a third party; and (3) are complainants attempting to hold the defendant “liable as the ‘publisher or speaker’” of the content. Here, only the second prong was at issue, because plaintiffs conceded that defendants are interactive computer services and that they indeed seek relief from the defendants as “publishers.”

The Court of Appeals first held that the “scam” locksmiths provided the content, which included nonexistent physical addresses, to the defendants, and thus plaintiffs’ claims are “precisely the kind that Congress passed § 230 to foreclose.” The Court was unmoved by plaintiffs’ allegation that defendants were given notice that the addresses were fake, relying on a 2007 First Circuit holding that “notice of the unlawful nature of the information provided is not enough to make it the service provider’s own speech.”

The Court of Appeals first held that the “scam” locksmiths provided the content, which included nonexistent physical addresses, to Google, and thus plaintiffs’ claims are “precisely the kind that Congress passed § 230 to foreclose.” The Court was unmoved by plaintiffs’ allegation that defendants had notice that the addresses were fake, relying on a 2007 First Circuit holding that “notice of the unlawful nature of the information provided is not enough to make it the service provider’s own speech.”

The Court next addressed plaintiffs’ argument that defendants “enhanced” the content received from “scam” locksmiths by creating maps that “pinpoint” the addresses at which those entities are purportedly located. That enhancement, plaintiffs argued, renders the information “new content,” transforming defendants into publishers that do not enjoy CDA immunity. The Court did not agree: “defendants use a neutral algorithm” to create the maps based on locksmith-provided information, and in Section 230(c) “Congress has immunized the re-publication of even false information.” For these reasons, dismissal was affirmed.

Defendants’ victory came, however, with a warning: “§ 230 immunity … is not limitless.” The Court of Appeals cautioned that had defendants actually “fabricate[d] locksmith addresses,” those addresses would be deemed content, rendering defendants “publishers” under the CDA. In other words, the panel seemed to say, those algorithms had better stay neutral and third-party information must remain truly “third-party.”

CDA immunity is becoming the epicenter of fights about not only who is liable for Internet advertising, as here, but also whether broadband service providers (whose regulatory category has evolved from and between Internet Access Provider or IAP to the quite crowded Internet Service Provider or ISP) like Verizon and Comcast should be subject to FCC procompetitive “open Internet” regulation. In the latter case, many advocates have adopted the rationale that IAPs/ISPs have the right under the First Amendment to be unfettered in their Internet transmissions. See USTA v. FCC, 825 F.3d 674, 740-44 (D.C. Cir. 2016). Parties advocating for FCC regulation find that argument to be not only inapposite but also incongruous with those same companies’ reliance on CDA immunity in cases such as Marshall Locksmiths. IAPs/ISPs, many argue, are either neutral platforms that simply post others’ content and thus deserve CDA immunity or they are publishers that have First Amendment rights in their transmissions but enjoy no CDA immunity.

The legal concept that mere carriers of others’ property – be they automobiles, conversations, or packets of data – should not be liable for the nature of that property is not new. In the Internet age, however, questions that truly qualify as “existential” must be faced. Whose property is it? When we speak of “consumer protection,” from what are we protecting consumers? The questions posed in Marshall Locksmiths – what do we call the posting of third-party content in a user-friendly, online manner? – might begin to put agencies and courts into an endless loop of interest-balancing.