UPDATE: On December 31, 2019, the Ninth Circuit released an amended opinion in Enigma Software Group USA, LLC v. Malwarebytes, Inc., No. 17-17351 (9th Cir. Dec. 31, 2019). The case also involves competing providers of filtering software and issues concerning the scope of CDA §230(c)(2). In reversing the lower court’s dismissal of claims under the CDA, the Ninth Circuit held that “the phrase ‘otherwise objectionable’ does not include software that the provider finds objectionable for anticompetitive reasons.”


Three recent court decisions affirmed the robust immunity under the Communications Decency Act (CDA), 47 U.S.C. §230(c), for online providers that host third-party content: the Second Circuit’s decision in Herrick v. Grindr LLC, No. 18-396 (2d Cir. Mar. 27, 2019) (summary order), the Wisconsin Supreme Court’s opinion in Daniel v. Armslist, LLC, No. 2017AP344, 2019 WI 47 (Wis. Apr. 30, 2019),  and the Northern District of California’s decision in P.C. Drivers Headquarters, LP v. Malwarebytes Inc., No. 18-05409 (N.D. Cal. Mar. 6, 2019).

In Herrick, the plaintiff asserted negligence, products liability and related claims against Grindr, a mobile dating app, after someone impersonated him and posted fake profiles on the app. The appeals court affirmed the district court’s dismissal of the case. The court found that Section 230(c)(1) barred claims that ascribed liability to Grindr for the design of its platform as within the purview of protected “traditional editorial functions.” In the Armslist case, the Wisconsin Supreme Court ruled that CDA Section 230 barred tort claims against a classified advertising website where an individual purchased what turned out to be a murder weapon from a private seller. The court found that such claims treated the website as the publisher or speaker of the third party sales content and were therefore barred.

What would have happened if those providers had taken greater efforts to guard against this kind of activity, but in the process, did something wrong? Would they have lost their immunity under CDA Section 230(c)(1)? Another section of CDA Section 230 – known as the “Good Samaritan” provision — allows online providers to self-regulate third party content without fear of liability.

The Good Samaritan provision, Section 230(c)(2)(A) of the CDA, grants immunity to interactive computer service providers that act in good faith to “restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected.” Section 230(c)(2)(B) grants immunity to interactive computer service providers for “any action taken to enable or make available to information content providers or others the technical means to restrict access” to objectionable material under Section 230(c)(2)(A).

In P.C. Drivers Headquarters, the plaintiff is in the business of offering software designed to optimize the processing speed of users’ computers. The defendant, offers software that scans users’ computer for malware, adware or “potentially unwanted programs” (or PUPs) which it flags or quarantines, and also asks users if they want to remove the program.  The defendant characterized certain of the plaintiff’s software as PUPs and allegedly posted removal instructions on a message board forum.  The plaintiff contended that the branding of its software as a PUP was inappropriate, and advanced claims under the Lanham Act and various state law business tort claims.

Invoking the Good Samaritan provision, Section 230(c)(2)(B), the defendant argued that it is a provider of an interactive computer service and that it provides the technical means to restrict access to material that it or its users consider objectionable, and thus was entitled to immunity for the plaintiff’s non-trademark claims. The court agreed and ruled that Section 230 is a “broadly worded statute” that immunizes the classification of the plaintiff’s software as PUPs and its subsequent actions.

In all, the court stated that Section 230 provides “generous coverage,” and followed the Ninth Circuit’s Zango precedent which had previously extended “Good Samaritan” protection to blocking software and interpreted the ordinary meaning of the CDA phrase “otherwise objectionable.”  Some additional clarification on the contours of CDA §230(c)(2) may arrive soon, as the defendant — Malwarebytes — is involved in a similar case brought by a different software company; that case is on appeal in the Ninth Circuit after a California district court dismissed the claims under CDA §230(c)(2) and was argued in February 2019 before a Ninth Circuit panel. We will be watching closely how the appeals court interprets the Good Samaritan blocking provision for what looks to be the first time in about a decade (since the 2009 Zango opinion).