Justia Internet Law Opinion Summaries
Gonzalez v. Google, LLC
Plaintiffs challenge the district court's dismissal of three actions seeking damages under the Anti-Terrorism Act (ATA) against Google, Twitter, and Facebook on the basis that defendants' social media platforms allowed ISIS to post videos and other content to communicate the terrorist group's message, to radicalize new recruits, and to generally further its mission. Plaintiffs also claim that Google placed paid advertisements in proximity to ISIS-created content and shared the resulting ad revenue with ISIS. The Gonzalez Plaintiffs' appeal concerns claims for both direct and secondary liability against Google. The Taamneh and Clayborn Plaintiffs' appeals concern claims for secondary liability against Google, Twitter, and Facebook.In Gonzalez, the Ninth Circuit concluded that the presumption against the extraterritorial application of federal statutes did not prevent section 230 of the Communications Decency Act (CDA) from applying to plaintiffs' claims because the relevant conduct took place in the United States. Furthermore, the Justice Against Sponsors of International Terrorism Act of 2016 (JASTA) did not impliedly repeal section 230. The panel joined the First and Second Circuits in holding that section 230(e)(1) is limited to criminal prosecutions. Therefore, plaintiffs' claims were not categorically excluded from the reach of section 230 immunity. The panel affirmed the district court's ruling that section 230 immunity bars plaintiffs' non-revenue sharing claims. The panel also affirmed the district court's dismissal of the direct liability revenue-sharing claims for failure to adequately allege proximate cause. Separately, the panel concluded that the TAC's direct liability revenue-sharing claims did not plausibly allege that Google's actions qualified as acts of international terrorism within the meaning of 18 U.S.C. 2331(1), and that the secondary liability revenue-sharing claims failed to plausibly allege either conspiracy or aiding-and-abetting liability under the ATA.In Taamneh, the panel reversed the district court's judgment that the FAC failed to adequately state a claim for secondary liability under the ATA, concluding that the district court erred by ruling that plaintiffs failed to state a claim for aiding-and-abetting liability under the ATA. The district court did not reach section 230 immunity in Taamneh. In Clayburn, the panel affirmed the district court's judgment and concluded that the district court correctly held that plaintiffs failed to plausibly plead their claim for aiding-and-abetting liability. Accordingly, the panel affirmed the judgments in Gonzalez and Clayborn, and reversed and remanded for further proceedings in Taamneh. View "Gonzalez v. Google, LLC" on Justia Law
Kinslow v. Georgia
Jereno Kinslow's felony conviction for computer trespass was premised on evidence that Kinslow altered his employer’s computer network settings so that e-mail messages meant for Kinslow’s boss would also be copied and forwarded to Kinslow’s personal e-mail account. The Court of Appeals affirmed Kinslow’s conviction, and the Georgia Supreme Court granted Kinslow’s petition for certiorari, posing the question of whether Kinslow’s conduct constituted a violation of OCGA 16-9-93 (b)(2). The Court found that although the statute in general was extremely broad, the portion of (b)(2) on which the State exclusively relied did not reach Kinslow’s conduct. Accordingly, the Supreme Court concluded the evidence presented at Kinslow’s trial was insufficient to support his conviction under Jackson v. Virginia, 443 U.S. 307 (1979), and thus reversed. View "Kinslow v. Georgia" on Justia Law
Retana v. Twitter, Inc.
Internet services and social media providers may not be held secondarily liable under the Anti-Terrorism Act (ATA) for aiding and abetting a foreign terrorist organization—here, Hamas—based only on acts committed by a sole individual entirely within the United States.In July 2016, plaintiff and thirteen other police officers were shot and either injured or killed during a tragic mass-shooting committed by Micah Johnson in Dallas, Texas. Plaintiff and his husband filed suit against Twitter, Google, and Facebook, alleging that defendants are liable because they provided material support to Hamas, a foreign terrorist organization that used Internet services and social media platforms to radicalize Johnson to carry out the Dallas shooting.The Fifth Circuit held, based on plaintiffs' allegations, that the Dallas shooting was committed solely by Johnson, not by Hamas's use of defendants' Internet services and social media platforms to radicalize Johnson. Therefore, it was not an act of international terrorism committed, planned, or authorized by a foreign terrorist organization. The court also held that defendants did not knowingly and substantially assist Hamas in the Dallas shooting, again because the shooting was committed by Johnson alone and not by Hamas either alone or in conjunction with Johnson. Therefore, the district court was correct in concluding that defendants are not secondarily liable under the ATA. The court affirmed the district court's judgment. View "Retana v. Twitter, Inc." on Justia Law
Rhode Island v. Alphabet, Inc.
After Cambridge Analytica improperly harvested user data from Facebook's social network, Google discovered that a security glitch in its Google+ social network had left the private data of some hundreds of thousands of users exposed to third-party developers. Google and its holding company, Alphabet, chose to conceal this discovery, made generic statements about how cybersecurity risks could affect their business, and stated that there had been no material changes to Alphabet's risk factors since 2017.Rhode Island, in a consolidated amended complaint, filed suit against Alphabet, Google, and others, alleging violations of Section 10(b) of the Securities Exchange Act of 1934 and SEC Rule 10b-5 for securities fraud, as well as violations of Section 20(a) of the Exchange Act. The district court granted Alphabet's motion to dismiss on the grounds that Rhode Island failed to adequately allege a materially misleading misrepresentation or omission and that Rhode Island failed to adequately allege scienter.The Ninth Circuit concluded that the complaint adequately alleged that Google, Alphabet, and individual defendants made materially misleading statements by omitting to disclose these security problems and that defendants did so with sufficient scienter, meaning with an intent to deceive, manipulate, or defraud. Applying an objective materiality standard, the panel concluded that Rhode Island's complaint plausibly alleges the materiality of the costs and consequences associated with the Privacy Bug, and its public disclosure, and how Alphabet's decision to omit information about the Privacy Bug in its 10-Qs significantly altered the total mix of information available for decisionmaking by a reasonable investor. Furthermore, the complaint adequately alleges scienter for the materially misleading omissions from the 10-Q statements. The panel also concluded that Rhode Island adequately alleged falsity, materiality, and scienter for the April 2018 and July 2018 10-Q statements. Accordingly, the panel reversed the district court's holdings to the contrary and reversed the dismissal of the section 20(a) control-person claims based on the 10-Q statements.Because the complaint does not plausibly allege that the remaining statements at issue are misleading material misrepresentations or omissions, the panel affirmed the district court's dismissal of the Section 10(b) and Rule 10b-5(b) statement liability claims based on these statements. The panel also affirmed the district court's dismissal of the Section 20(a) controlling-person claims for these statements. Finally, because the district court erred in sua sponte dismissing Rhode Island's claims under Rule 10b-5(a) and (c) when Alphabet had not targeted those claims in its motion to dismiss, the panel reversed the dismissal of the claims under Section 10(b) and Rule 10b-5(a) and (c) against all defendants and remanded to the district court. The panel also reversed the dismissal of Rhode Island's claims under Section 20(a) to the extent those claims depend on claims alleging violations of Rule 10b-5(a) and (c). View "Rhode Island v. Alphabet, Inc." on Justia Law
Soliman v. Subway Franchisee Advert. Fund Trust, Ltd.
Soliman entered a California Subway sandwich shop. An employee showed her an in-store, hard-copy advertisement, on which Subway offered to send special offers if she texted a keyword. Soliman sent a text message to Subway. Subway began sending her, via text message, hyperlinks to electronic coupons. Soliman alleges that she later requested by text that Subway stop sending her messages, but her request was ignored. She filed suit under the Telephone Consumer Protection Act. Subway moved to compel arbitration, arguing that a contract was formed because the in-store advertisement, from which Soliman got the keyword and shortcode, included a reference to terms and conditions, including an arbitration requirement, located on Subway’s website and provided the URL.The Second Circuit affirmed the denial of the motion to compel arbitration. Under California law, Soliman was not bound by the arbitration provision because Subway did not provide reasonably conspicuous notice that she was agreeing to the terms on the website. Because of barriers relating to the design and content of the print advertisement, and the accessibility and language of the website itself, the terms and conditions were not reasonably conspicuous under the totality of the circumstances; a reasonable consumer would not realize she was being bound to such terms by sending a text message to Subway in order to receive promotional offers. View "Soliman v. Subway Franchisee Advert. Fund Trust, Ltd." on Justia Law
Van Buren v. United States
Former Georgia police sergeant Van Buren used his credentials on a patrol-car computer to access a law enforcement database to retrieve license plate information in exchange for money. His conduct violated a department policy against obtaining database information for non-law-enforcement purposes. The Eleventh Circuit upheld Van Buren's conviction for a felony violation of the Computer Fraud and Abuse Act of 1986 (CFAA), which covers anyone who “intentionally accesses a computer without authorization or exceeds authorized access,” 18 U.S.C. 1030(a)(2), defined to mean “to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.”The Supreme Court reversed. An individual “exceeds authorized access” when he accesses a computer with authorization but then obtains information located in particular areas of the computer (files, folders, databases) that are off-limits to him. Van Buren “access[ed] a computer with authorization” and “obtain[ed] . . . information in the computer.” The phrase “is not entitled so to obtain” refers to information one is not allowed to obtain by using a computer that he is authorized to access.“Without authorization” protects computers themselves from outside hackers; the “exceeds authorized access” clause protects certain information within computers from "inside hackers." One either can or cannot access a computer system, and one either can or cannot access certain areas within the system. The Act’s precursor to the “exceeds authorized access” language covered any person who, “having accessed a computer with authorization, uses the opportunity such access provides for purposes to which such authorization does not extend.” Congress removed any reference to “purpose” in the CFAA. On the government’s reading, an employee who sends a personal e-mail or reads the news using a work computer may have violated the CFAA. View "Van Buren v. United States" on Justia Law
People v. Lund
Lund was convicted of possession of more than 600 images of child pornography, at least 10 of which involved a prepubescent minor or a minor under 12 years old (Penal Code 311.11(c)(1)) and was sentenced to five years' imprisonment.One of the tools used in the investigation was CPS (Child Protection System), a privately-developed web interface for viewing results from a suite of several software tools that each search for child pornography on a specific peer-to-peer network. CPS compares the files listed in response to keyword searches against CPS’s database of hash values, which contains the hash values of files that law enforcement officers somewhere in the world have previously tagged as child pornography.The court of appeal affirmed, rejecting arguments that the trial court should have excluded some of the CPS data because the data was case-specific, testimonial hearsay and that the prosecution failed to establish that CPS was reliable and generally accepted in the scientific community. The CPS hash values were not hearsay in this case because they were not admitted for their truth. Lund also unsuccessfully argued that the prosecutor committed repeated, pervasive misconduct and that the trial court abused its discretion in allowing the prosecution to play for the jury several child pornography videos. View "People v. Lund" on Justia Law
Green v. Pierce County
The issue before the Washington Supreme Court’s in this case was whether an individual’s YouTube channel qualified as “news media” for requests for certain records under the Washington Public Records Act (PRA). In 2014, Brian Green and Peter Auvil went to the County-City Building in Tacoma to file a document and pay a parking ticket. As they went through security, the guard asked to search Auvil’s bag. Auvil refused. A Pierce County deputy sheriff came to assist, and Auvil began to record a video of the interaction on his phone. Auvil continued to refuse to allow the security guard to search the bag, arguing that the security checkpoint was a violation of his privacy rights. The conversation escalated, and the deputy asked the men to leave. When Green stood too close to him, the deputy shoved Green and caused him to fall backward onto the floor. The deputy arrested Green for criminal obstruction and took him to jail. He was released approximately 24 hours later. The prosecuting attorney’s office dismissed the charge. In December 2017, Green e-mailed a PRA request to the Pierce County Sheriff’s public records office requesting “[a]ny and all records of official photos and/or birth date and/or rank and/or position and/or badge number and/or date hired and/or ID Badge for all detention center and/or jail personnel and/or deputies on duty November 26 & 27 2014.” A representative of the Sheriff’s “Public Disclosure Unit” sent 11 pages of records, but did not include photographs or dates of birth as requested, explaining that the information was exempt under the PRA. Green said he was “working on a story concerning the Pierce County Jail” and again signed his e-mail with the title, “Investigative Journalist.” Green claimed his 6,000-subscriber YouTube channel met the definition of “news media” under the PRA. The Supreme Court concluded the statutory definition of “news media” required an entity with a legal identity separate from the individual. Green did not prove that he or the Libertys Champion YouTube channel met the statutory definition of “news media,” and, thus, he was not entitled to the exempt records. Therefore, the trial court was reversed in part. The Court affirmed the trial court’s denial of Pierce County’s motion to compel discovery. View "Green v. Pierce County" on Justia Law
Pillar Project AG v. Payward Ventures, Inc.
Pillar hired Epiphyte to convert its cryptocurrency into Euros. Epiphyte informed Pillar that it used Payward’s online exchange to convert its clients’ cryptocurrencies. Pillar transferred its cryptocurrency into Epiphyte’s account on Payward’s platform. After Epiphyte converted the currency but before the exchanged funds were transferred to Pillar’s bank account, four million Euros belonging to Pillar were stolen from Epiphyte’s account.Pillar sued Payward, alleging Payward knew or should have known that Epiphyte was using its Payward account on Pillar's behalf, failed to use standard security measures that would have prevented the theft, and falsely advertised that it provided the best security in the business. Payward moved to compel arbitration, claiming that Epiphyte agreed to Payward’s “Terms of Service” when it created an account, as required for all users, that those Terms included an arbitration agreement, and that Pillar was bound by that agreement.The court of appeal affirmed the denial of Payward’s motion. There is no evidence Epiphyte was acting as Pillar’s agent when it agreed to the Terms two years before Pillar hired it or that the agency relationship automatically bound the principal to the agent’s prior acts. There is no evidence Pillar knew the arbitration agreements existed or had a right to rescind them. No ratification occurred. There was no intent to benefit Pillar or similar parties. Pillar’s claims are not inextricably intertwined with the Terms. View "Pillar Project AG v. Payward Ventures, Inc." on Justia Law
Lemmon v. Snap, Inc.
The Ninth Circuit reversed the district court's judgment dismissing an amended complaint against Snap based on immunity under the Communications Decency Act (CDA), 47 U.S.C. 230(c)(1). Plaintiffs, the surviving parents of two boys who died in a high-speed accident, alleged that Snap encouraged their sons to drive at dangerous speeds and caused the boys' deaths through its negligent design of its smartphone application Snapchat. Specifically, plaintiffs claimed that Snapchat allegedly knew or should have known, before the accident, that its users believed that a reward system existed and that the Speed Filter was therefore incentivizing young drivers to drive at dangerous speeds.The panel applied the Barnes factors and concluded that, because plaintiffs' claim neither treats Snap as a "publisher or speaker" nor relies on "information provided by another information content provider," Snap does not enjoy immunity from this suit under section 230(c)(1). In this case, Snap is being used for the predictable consequences of designing Snapchat in such a way that it allegedly encourages dangerous behavior, and the CDA does not shield Snap from liability for such claims. The panel declined to affirm the district court's decision on the alternative ground that plaintiffs have failed to plead adequately in their amended complaint the causation element of their negligent design claim. Accordingly, the panel remanded for further proceedings. View "Lemmon v. Snap, Inc." on Justia Law