Internet Library of Law
and Court Decisions

Social Networking Sites - Internet Library of Law and Court Decisions - Updated June 12, 2008

Court holds that the Communications  Decency Act, 47 U.S.C. § 230 ("CDA"), immunizes defendant Yahoo, Inc. ("Yahoo") from tort claims arising out of its alleged failure to timely honor promises to remove from Yahoo's web site objectionable content about plaintiff posted by a third party.  The content consisted of "profiles" contained both nude photos of plaintiff, and accurate contact information.

Court holds that the Communications Decency Act immunizes defendants from various non-intellectual property claims arising out of their making available on their adult social networking sites an anonymous profile authored by an unknown third party which plaintiff claims falsely appears to people who know her to be her own.  The Court holds that this immunity also covers non-intellectual property claims arising out of defendants reposting this profile on third party sites, making slight alterations to the profile as to the participant’s age, and using the profile in teasers and other advertisements for defendants’ site.  As a result, the Court dismissed claims plaintiff advanced for defamation, intentional infliction of emotional distress, intentional, reckless, negligent and/or willful and wanton conduct, and violations of the New Hampshire Consumer Protection Act, arising out of such alleged misconduct.

The Court held that the Communications Decency Act did not, however, immunize defendants from intellectual property claims plaintiff advanced, both under applicable federal and state laws, including right of publicity claims advanced under New Hampshire state law.   Plaintiff was accordingly allowed to proceed with claims that defendants, by including identifiable aspects of plaintiff’s persona in advertisements and ‘teasers’ in an effort to increase the profitability of their websites, violated her right to publicity.

The Court further held that plaintiff could proceed with Lanham Act false designation of origin and false advertising claims against the defendants.   The false advertising claim was based on the inclusion of the profile at issue in ‘teasers’ and other advertisements for defendants’ site.  These acts allegedly deceived consumers into registering for defendants’ services in the hope of interacting with plaintiff, and caused injury to her reputation as a result, including alleged lost employment opportunities.  The false designation of origin claims similarly arose out of defendants’ use of the profile at issue in marketing their sites, which falsely implied plaintiff’s affiliation with, or sponsorship and approval of, defendants’ site and service.

Affirming the decision of the District Court below, the Fifth Circuit holds that section 230(c)(1) of the Communications Decency Act immunizes the social networking site Myspace Inc. from claims of negligence and gross negligence arising out of the alleged sexual assault of a minor made possible by her posting of a ‘user profile’ on Myspace.com.  As a result of this posting, a male, age 19, made contact with the minor, who falsely represented she was 18, and sexually assaulted her.  The Fifth Circuit held Myspace was immunized from plaintiff’s negligence and gross negligence claims, because they sought to hold Myspace liable for its role in making content authored by a third party – the minor’s user profile and personal information contained therein – available to third parties. 

In reaching this result, the Fifth Circuit rejected plaintiff’s attempt to avoid the bar of the CDA by arguing that they sought to hold Myspace liable for its alleged failure to institute adequate safety measures to protect minors, particularly from sexual predators.

Because the Fifth Circuit held that Section 230(c)(1) of the CDA barred plaintiffs’ claims, the Court did not review so much of the District Court’s decision that held that those claims were also barred by both Section 230(c)(2) of the Communications Decency Act, as well as applicable principles of Texas common law.

Court dismisses negligence and gross negligence claims asserted against defendant Myspace, Inc. (“Myspace”) arising out of the alleged sexual assault of a minor made possible by her posting of a “user profile” on Myspace.com.  As a result of this posting, a male, age 19, made contact with the minor who falsely represented she was 18, obtained her telephone number and arranged a meeting at which she was allegedly sexually assaulted.  The Court held Myspace immunized from such claims by application of the Communications Decency Act, 47 U.S.C. Section 230, because, at bottom, plaintiffs’ claims sought to hold Myspace liable as a result of its role in the publication of the minor’s user profile.  The Court also held plaintiffs’ claims barred by Section 230(c)(2)(A), as they sought to hold Myspace liable for its purported negligence in failing to verify the minor’s age.  The minor was 13 at the time she posted a user profile in which she falsely claimed to be 18.  Myspace does not permit those below 14 to use its services.

The Court also dismissed plaintiffs’ negligence claims, which sought to hold Myspace liable for its purported negligent failure to institute measures designed to protect minors from sexual predators and to take appropriate steps to verify their age.  The Court held that, like Federal Express and other common carriers, Myspace owed no duty to the minor which could form the basis of such a claim.

Finally, the Court dismissed plaintiffs’ fraud and negligent misrepresentation claims as a result of plaintiffs’ failure to plead such claims with the requisite particularity.

Finding plaintiff MySpace likely to prevail on its claims that defendant Sanford Wallace violated the CAN-SPAM Act, 15 U.S.C. Section 7704, as a result of his transmission of unsolicited commercial emails to MySpace users, the Court issued a preliminary injunction, enjoining defendant, inter alia, from further use of MySpace or its internet messaging service, from establishing or maintaining MySpace accounts, or from using MySpace for commercial purposes.

Defendant sent email messages to MySpace users that redirected them to a website containing a MySpace logo at which defendant solicited their user name and passwords.  Defendant used this information to hijack and log onto those users’ profiles, from which he then sent messages to the users’ MySpace ‘friends’ inviting them to visit defendant’s websites.  These email messages did not comply with CAN-SPAM.  Among other things, they did not contain a valid physical address for defendant, did not provide opt out instructions, or provide a valid return email address at which defendant could be contacted to request that no further emails be sent.  Moreover, they did not, in their header information, identify defendant as their source.  As such, held the Court, plaintiff was likely to establish a number of violations of CAN-SPAM, and was accordingly entitled to injunctive relief. 

In reaching this result, the Court found that CAN-SPAM applied to emails sent from one MySpace user to another, over the MySpace network.  The Court also noted that CAN-SPAM applied to instant messages.

Court holds that defendant’s creation and use of 95 MySpace accounts to transmit unsolicited commercial email promoting its communications products runs afoul of both the CAN-SPAM Act, and California Business and Professions Code Section 17529.5, and violates MySpace’s Terms of Service.  Defendant created these accounts without identifying itself as the account holder.  The emails violated CAN-SPAM because they failed to contain either a valid physical address for defendant the Globe.com, or instructions on how to avoid receiving further email solicitations.  In addition, they were impermissibly sent to MySpace user email addresses generated by use of a script software program, another violation of CAN-SPAM.  They were also sent from email accounts obtained through false or fraudulent pretenses, as a result of defendant’s failure to accurately identify itself as the account holder.   

The Court found that these emails also violated California B & P Code Section 17529.5, both because they contained false header information that failed to identify the Globe.com as their source, and because they contained misleading subject lines that failed to accurately describe the emails’ contents.

Finally, the Court found defendant’s conduct violated MySpace’s Terms of Service, which prohibited the use of MySpace accounts both for commercial purposes and to transmit spam, and prohibited the use of scripts to generate email addresses for the transmission of commercial email to MySpace account holders.  As such, the Court held defendant liable for liquidated damages of $50 for each email sent as mandated by the Terms of Service.  In reaching this result, the Court rejected defendant’s challenge to such clause on the ground that it was an unenforceable penalty provision.

Quick Hits

Court allows the social networking site Facebook Inc. (“Facebook”) to proceed with claims charging its competitor ConnectU with improperly harvesting email addresses of Facebook users from its site, who were then sent emails soliciting their patronage. 

Denying in part defendant’s motion to dismiss, the Court held that Facebook had stated a valid claim under California Penal Code Section 502 by alleged that defendant knowingly accessed Facebook’s site and, in violation of the site’s prohibitions, copied user email addresses.  One violates this section when he “knowingly accesses and without permission takes, copies, or makes use of any data from a computer, computer system or computer network, or takes or copies any supporting documentation, whether existing or residing internal or external to a computer, computer system, or computer network.”  This claim was valid notwithstanding the fact that ConnectU obtained such access by using, with their permission, authorized passwords given Facebook users. 

The Court also allowed Facebook to proceed with common law misappropriation claims arising out of such activities, holding the same were not preempted by the Copyright Act.

The Court did grant so much of ConnectU’s motion to dismiss which sought relief under California Business & Profession’s Code Sections 17529.4 and 17538.45, holding those statutes preempted by the Federal CAN-SPAM Act.  Cal. Bus. & Prof. Code Section 17529.4 makes it unlawful “for any person or entity to collect electronic mail addresses posted on the Internet if the purpose of the collection is for the electronic mail addresses to be used to … initiate or advertise in an unsolicited commercial email advertisement …”.  Because, under CAN-SPAM, the Act “supersedes any statute, regulation or rule of a State or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages, except to the extent that any such statute, regulation or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto,” the Court held these California statutes preempted, and accordingly dismissed Facebook’s claims thereunder.  The Court reached that result because “neither section 17529.4 nor section 17538.45 purport to regulate false or deceptive email, or require such falsity or deception as an element of the statutory violation.”

Finally, the Court dismissed, with leave to replead, Facebook’s CAN-SPAM Act claims, holding that the Act prohibited the use of materially false or misleading header information concerning the originating address of the emails, which had not yet been alleged here.  A claim alleging deception in the manner in which destination email addresses were obtained did not state a claim under CAN-SPAM, held the Court.   

Download PDF of Court Decision