Immunity For Internet Service Providers Under the Communications Decency Act (CDA)

The rise of user-generated content (UGC) has been staggering over the last ten years. Often referred to as UGC, consumer-generated media (CGM) or user-created content (UCC), the concepts are all the same. A domain owner puts up a website which allows third party users to post content, video, pictures, comments, posts, biographies, and the list goes on.

What happens when a third party end-user posts defamatory or copyright infringing content on your website? On February 1, 1996, the United States Congress passed the Communications Decency Act (CDA) as an amendment of the Telecommunications Act of 1996. Under the CDA, an Internet Service Providers (ISP) are provided an exclusion from certain liability for information published by others. The computer service provider is afforded a certain level of immunity under law for information which originates with third party users of the service. Three factors are typically analyzed in determining whether or not a computer service provider is afforded section 230 protection. The first is whether or not the website owner is a provider of an “interactive computer service.” The second is whether or not the allegedly actionable content are entered into the system by someone other than the website owner. The third is whether or not the website owner can be considered a publisher or speaker of the third party content. In determining whether or not the website operator can be held accountable for the third party content depends on the degree of involvement and the design of the software which allowed the actionable content to be uploaded.

If you are a blogger, website operator or other person allowing for third parties to publish information on your website, you need to make sure that you have the protection of Section 230 Immunity so that you are not held liable for statements or content published to your site by third parties. You should also note that Section 230 doesn’t provide immunity from all claims. For instance, trademark infringement is specifically excluded from immunity. The CDA does provide immunity in cases involving defamation, fraud, obscenity, assault, harassment and other similar causes of action. It should also be noted that the CDA is a U.S. Statute and therefore applies only in the United States. Other countries may, or may not, have a version of immunity for website owners. The CDA does, however, preempt any state laws which may seek to impose liability where immunity is otherwise granted.

One common issue which arises is whether or not immunity is lost if you retain the right to approve or edit the questionable content. Currently, it appears that accepting/rejecting posts or comments will not preclude immunity from attaching. However, significant editing may cause you to earn the label “information content provider” which thus subjects you to liability.

Another issue which often arises is whether or not the content that violates your acceptable use policy must be removed from the site. The CDA does not impose an obligation to have an acceptable use policy. At this point, it does not appear that a violation of the acceptable use policy removes immunity from liability. The best way to protect yourself, however, is to have a solid acceptable use policy which applies to people who view your website, and those that submit information to it.