Zango, Inc. v. Kaspersky Lab, Inc.: The Ninth Circuit Gets to the Right Destination But By the Wrong Route
The Ninth Circuit's recent ruling in Zango, Inc. v. Kaspersky Lab, Inc. is one of the few that directly deal with the provisions in the Communications Decency Act that provide immunity from suit for the screening activities of internet service providers. The relevant section, 47 U.S.C. § 230(c)(2), provides as follows:
"No provider or user of an interactive computer service shall be held liable on account of --
(A) any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected; or
(B) any action taken to make available to information content providers or others the technical means to restrict access to material described in paragraph [A]."
The plaintiff in the case, Zango, Inc., is a now-defunct Internet entertainment company that provided access to a catalog of online videos, games and music to users who agreed to view advertisements while surfing the internet. The defendant, Kaspersky Lab, Inc., is still live and kicking, and is a Moscow-based firm which bills itself as "a leading anti-virus software and Internet Security software solution for your home computer or business."
According to the court, Kaspersky's software classified Zango as "adware," a type of malware. Once installed on a user's computer, adware monitors a user's browsing habits and causes "pop-up" ads to appear throughout the browsing session. Adware can open up links with websites that themselves contain malware that can infect a personal computer. Kaspersky's software disabled key features of Zango's software and through a series of routines, ultimately blocked the use of Zango.
Zango sued Kaspersky, seeking an injunction against its blocking activities. In defense, Kaspersky invoked the protection of §230(c)(2)(B), cited above.
The Ninth Circuit concluded that Kaspersky was "plainly immunized" by the Communications Decency Act. This conclusion was based on its analysis of §230(c)(2)(B) and two related definition sections: § 230(f)(2) which defines the term "interactive computer service" to mean any "information service, system, or access software provider that provides or enables computer access by multiple users to a computer server . . . "; and § 230(f)(4) which defines the term "access software provider" to include providers of software that filter content.
Combining these three sections, the Court concluded that a provider of filtering software or services may not be held liable for any action taken to make its filtering software available "so long as the provider enables access by multiple users to a computer service." The Court then noted that Kaspersky "provides or enables computer access by multiple users to a "computer server" by providing its customers with online access to its update servers."
What the Court seems to be saying is that because Kaspersky operated a service that permitted multiple users to gain access to a server -- its software update system --, then Kaspersky was immune for acts it performed on information transmitted through other servers. This doesn't make sense, because it would seem to mean that as long as a person operates a network in any part of its business, then its gets immunity from any claims brought regarding any of its filtering software.
In my view, an access software provider "enables" access to a computer server by and through its filtering and editing functions. In other words, under Section (f)(2), "enabling computer access" includes "filtering," so the term "interactive computer service" includes companies that provide filtering software. This, in turn, means that under Section c(2)(B), no provider of filtering software can be held liable for "any action taken to enable or make available" to anyone "the technical means to restrict access to objectionable material.
So I get to the same place as the Ninth Circuit, but by a different, and hopefully, less problematic route.
That is not to say that there aren't a host of other problems with this statute. In his concurring opinion, Justice Fisher pointed out the problem caused by what he termed "the unbounded catchall phrase, "otherwise objectionable"" in the statute. The ambiguity of this term opens up the possibility that a filter software company could be found immune for filtering out material that it personally finds objectionable -- such as software or content from its competitors. This would permit the filter company to violate antitrust laws with impunity. He suggested that immunity only be given for software that filters out material that the user would find objectionable.
I would add that the statute would also appear to provide immunity if filter software or enabling tools damaged user computers or ISP servers. I'm not sure that Congress had such immunity in mind when it wrote this statute.
David D. Johnson is a business lawyer whose practice focuses on litigation and other issues relating to digital media and consumer electronics companies. David can be contacted at (310) 785-5371 or DJohnson@jmbm.com.
