This is the first time I have ever run a re-print of a previous post, but in light of last night’s MySpace (Communications Decency Act) “decision”:http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2009/07/02/BA3O18HJR4.DTL , I think this is worthwhile.
This was a huge piece that I wrote one year ago about platform liability.
To try to keep up with them and to serve my clients’ evolving needs, I frequently keep pace with some serious social media law blogs. In light of the horrifying suicide of Missouri teen Megan Meier, the notion of “premise liability” in the social network environment is being re-examined, even after it was coldly thrust into the limelight after a series of high-profile sexual assaults in 2007.
When one traditionally thinks of “premise liability,” images of someone slipping and falling on a wet department store floor come to mind. Historically, there have been a bunch of lawsuits filed against social networks like MySpace about 14 months ago that alleged a different kind of premises liability: they stated that MySpace was responsible for preventing its members from being sexually assaulted. The site was sued by the parents of four underage women who claimed that MySpace did not do enough to prevent their daughters from meeting up with men who assaulted them.
Flaxman and Lopez (a Florida injury law firm, oddly enough) point out that, historically, message boards and social networks have not been required by law to provide safeguards, and that there are no state or federal codes governing how these sites should operate. Social networks like MySpace can point to specific illegal behaviors and prohibit them on their web properties, but those violations (e.g. a user lying about their age to join a site) can be easily circumvented by users, and the site is responsible for how they choose to enforce and punish for those violations (e.g. termination of membership, etc.) Although MySpace did add new security features after the sexual assault allegations, the law has not changed.
There is one previous case precedent worth examining here – Jane Doe v. America Online Inc., 783 So. 2d 101. It’s a 2001 Florida Supreme Court ruling that interprets the Communications Decency Act of 1996 (CDA) to determine that AOL was not responsible for policing chat rooms. The Florida court here dismissed an $8 million suit against AOL alleging that AOL facilitated the distribution of child pornography. This does not bode well for the parents wishing to pursue a “premises liability” argument against a social network.
One of my favorite social media law bloggers, Eric Goldman, feels that the Megan Meier case is not necessarily even about social networks, and that the notion of premise liability is effectively moot. He argues that the woman who constructed the ruse that led to Meier’s suicide could have used other online media.
He instead cites that the actions of Lori Drew (the parent that harassed and bullied the teen) was in violation of the CFAA, the Computer Fraud and Abuse Act, a 1986 Federal Act initially intended to remove legal ambiguities from prosecuting computer crimes (e.g. white-collar crime). By committing illegal actions using MySpace’s servers (just like the men who schemed to have sexual encounters with underage girls did on MySpace in 2007) her breach of the MySpace user agreement became a CFAA violation. Goldman cites her six breaches from the indictment:
* provide accurate registration information
* not use information obtained from MySpace to harass or abuse others
* not solicit information from kids
* not promote false/misleading information
* not promote abusive or threatening conduct
* not post photos of third parties without their consent
This Lori Drew prosecution, Goldman says, is the first time that the Department of Justice has tried to treat a user’s breach of agreement as a CFAA crime. Non legalese translation: break the user agreement, and you’ve committed a federal crime. This is heavy stuff.
There’s little case law to back this type of prosecution up. Goldman points to two opinions (Orin Kerr and Dan Salove) as to why the indictment should be dismissed. Goldman takes a pretty strong stance here, saying:
Implicitly, the DOJ is saying that breaching a user agreement to provide false registration to a website or post a third party’s photo without permission can be a federal crime. If you have never done any of these activities, please email me so I can send you some angel wings. For the rest of us, the DOJ seems to think that we should avoid the Big House only out of their sheer grace.
Goldman’s big fear is that governmental agencies (DOJ, et al) are going to try to tie misreadings of social network user agreements to federal law violations and he points to two more incidents (that he characterizes as abuses) to this point: (1) a New Jersey prosecutor’s reading of the JuicyCampus user agreement and (2) Senator Joe Lieberman’s call for Google to remove allegedly “terrorist” content.
Goldman’s second biggest point (besides the fact that there’s a tremendous liability being placed upon the end-user, not the network) is that there’s a severe disconnect between overly restrictive user agreements and the social networks that don’t really enforce them all that well anyway.
One of the 2007 MySpace sexual assualt cases was thrown out on the 5th U.S. Circuit Court of Appeals two weeks ago. A similar case was dismissed by a Texas judge in February. Lori Drew was indicted two weeks ago by a federal grand jury in Missouri.
Keep an eye on Metzmash and on Goldman’s blog for evolving coverage of the concept of premises liability and other evolving social media issues.