Federal Trade Commission v. LeadClick Media, LLC

Full title: Federal Trade Commission, State of Connecticut, Plaintiffs-Appellees, v…

Court: United States Court of Appeals, Second Circuit.

Date published: Sep 23, 2016

838 F.3d 158 (2d Cir. 2016)

Opinion

Docket Nos. 15-1009-cv 15-1014-cv August Term 2015

09-23-2016

Federal Trade Commission, State of Connecticut, Plaintiffs-Appellees, v. LeadClick Media, LLC, successor to LeadClick Media, Inc., CoreLogic, Inc., Defendants-Appellants, LeanSpa, LLC, a Connecticut limited liability company, NutraSlim, LLC, a Connecticut limited liability company, NutraSlim U.K. Limited, a United Kingdom limited liability company, DBA LeanSpa U.K. LTD, Boris Mizhen, individually and as an officer of LeanSpa, LLC, NutraSlim, LLC, and NutraSlim U.K. LTD, Richard Chiang, individually and as an officer of LeadClick Media, Inc., Angelina Strano, Relief Defendant, Defendants.

Walter P. Loughlin(David R. Fine, Elisa J. D'Amico, Paul F. Hancock, David A. Bateman, on the brief), K&L Gates LLP, New York, NY, Harrisburg, PA, Miami, FL, and Seattle, WA, for Defendant-Appellant LeadClick Media, LLC. Jonathan D. Hacker(Anton Metlitsky, Burden H. Walker, on the brief), O'Melveny & Myers LLP, Washington, D.C. and New York, NY, for Defendant-Appellant CoreLogic, Inc. Michele Arington, Assistant General Counsel (Jonathan E. Nuechterlein, General Counsel, Joel Marcus, Director of Litigation, on the brief), Office of the General Counsel, Federal Trade Commission, Washington, D.C., for Plaintiff-Appellee Federal Trade Commission. George Jepsen, Attorney General, Jonathan J. Blake, Matthew F. Fitzsimmons, Assistant Attorney Generals, Office of the Attorney General, Hartford, CT, for Plaintiff-Appellee State of Connecticut. Thomas M. Hefferon, William M. Jay, Goodwin Procter LLP, Washington, D.C., for Amici Curiae United States Chamber of Commerce, Consumer Mortgage Coalition, Consumer Data Industry Association, Independent Community Bankers of America, Mortgage Bankers Association, National Consumer Reporting Association, and Real Estate Providers Council.

Chin, Circuit Judge

Walter P. Loughlin (David R. Fine, Elisa J. D'Amico, Paul F. Hancock, David A. Bateman, on the brief), K&L Gates LLP, New York, NY, Harrisburg, PA, Miami, FL, and Seattle, WA, for Defendant-Appellant LeadClick Media, LLC.

Jonathan D. Hacker (Anton Metlitsky, Burden H. Walker, on the brief), O'Melveny & Myers LLP, Washington, D.C. and New York, NY, for Defendant-Appellant CoreLogic, Inc.

Michele Arington , Assistant General Counsel (Jonathan E. Nuechterlein, General Counsel, Joel Marcus, Director of Litigation, on the brief), Office of the General Counsel, Federal Trade Commission, Washington, D.C., for Plaintiff-Appellee Federal Trade Commission.

George Jepsen, Attorney General, Jonathan J. Blake, Matthew F. Fitzsimmons, Assistant Attorney Generals, Office of the Attorney General, Hartford, CT, for Plaintiff-Appellee State of Connecticut.

Thomas M. Hefferon, William M. Jay, Goodwin Procter LLP, Washington, D.C., for Amici Curiae United States Chamber of Commerce, Consumer Mortgage Coalition, Consumer Data Industry Association, Independent Community Bankers of America, Mortgage Bankers Association, National Consumer Reporting Association, and Real Estate Providers Council.

Before: Hall, Lynch, and Chin, Circuit Judges.

Chin, Circuit Judge:

In this case, plaintiffs-appellees the Federal Trade Commission (the “FTC”) and the State of Connecticut (the “State”) seek to hold defendant-appellant LeadClick Media, LLC (“LeadClick”) liable for its role in the use of deceptive websites to market weight loss products. LeadClick managed a network of affiliates—known as “publishers”—to advertise on the internet products of its merchant client, LeanSpa, LLC and related entities (collectively, “LeanSpa”). Some of these affiliates created deceptive websites, falsely claiming that independent testing confirmed the efficacy of the products. The FTC and the State brought this action below, asserting claims against LeadClick under Section 5 of the Federal Trade Commission Act (the “FTC Act”), 15 U.S.C. § 45(a)(1), and the Connecticut Unfair Trade Practices Act (“CUTPA”), C.G.S.A. § 42-110b(a). The FTC also filed a claim against defendant-appellant CoreLogic, Inc. (“CoreLogic”), LeadClick's parent company, as a relief defendant.

The district court (Hall, C.J. ) granted summary judgment in favor of the FTC and the State, holding that (1) LeadClick violated the FTC Act and CUTPA as a matter of law, and (2) LeadClick was not entitled to immunity under Section 230 of the Communications Decency Act (the “CDA”). It also ordered CoreLogic to disgorge money that it had received from LeadClick.

We affirm the district court's grant of summary judgment for the FTC and the State with respect to the claims against LeadClick, reverse as to the claim against CoreLogic, and remand with instructions to the district court to enter judgment in favor of CoreLogic.

BACKGROUND

I. The Facts

The facts are largely undisputed and may be summarized as follows.

A. LeadClick

1. LeadClick's Business Model

Until ceasing operations in 2011, LeadClick operated an affiliate-marketing network to provide advertising in internet commerce. LeadClick arranged for advertising for its merchant clients by connecting them to third-party publishers—affiliates—who advertised the merchant's products. The affiliates advertised products in a variety of ways, including email marketing, banner ads, search-engine placement, and creating advertising websites. LeadClick managed the affiliate network through tracking software, referred to as “HitPath,” that would “track the flow of traffic from each individual affiliate's marketing website to the merchant's website while remaining invisible to the consumer.” J. App. at 986 ¶¶ 120-21.

In 2011, LeadClick employed a staff of eight to ten people in its “eAdvertising” division. Some of those employees worked as affiliate managers, managing relationships with affiliate marketers, while others worked as account managers, managing relationships with merchants. Affiliate managers were responsible for scouting and recruiting new affiliates, researching affiliates, and matching affiliates with particular merchant offers. LeadClick would review and control which affiliates were selected to provide online advertising for each merchant's offer.

Independent from its eAdvertising affiliate network business, LeadClick engaged in “media buying” by purchasing advertisement space for banner advertisements from well-known websites. After LeadClick purchased media space, it would resell the space, sometimes to affiliate marketers, at a markup.

2. LeadClick's Relationship with LeanSpa

In August 2010, an eAdvertising account manager contacted LeanSpa to solicit business, suggesting that “LeanSpa could be a great fit in the eAds network.” J. App. at 714-15a. LeanSpa, an internet retail business, sold purported weight-loss and colon-cleanse products under various brand names. LeanSpa hired LeadClick to provide online advertising through its affiliate network in September 2010.

Pursuant to their contractual arrangement, LeanSpa was to pay LeadClick a set amount—typically $35 to $45—each time a publisher's advertisement directed an online consumer to LeanSpa's landing page and that consumer enrolled in LeanSpa's free-trial program (referred to herein as an “action”).¹ This arrangement was commonly referred to in the affiliate marketing industry as a cost per action (“CPA”) agreement. LeadClick was responsible for paying 80 to 90 percent of the amount it charged LeanSpa per action to the publisher under separate CPA agreements with its affiliate marketers. LeadClick would retain the difference as compensation for its role connecting merchants with its affiliate network and managing those affiliates.

1 Once customers enrolled in the “free trial” offer, LeanSpa would deceptively enroll them in automatic credit card billing following the trial period. This practice drew the attention of the FTC, which investigated and filed an action against LeanSpa prior to discovering LeadClick's involvement.

To keep track of individual actions, LeadClick provided a unique link to its affiliate marketers for use in LeanSpa advertisements. When customers clicked on that link, they would unknowingly be routed through the HitPath server to the LeanSpa website. The HitPath server would record information on the customer, including the specific affiliate that directed the consumer to LeanSpa. The data was then used by LeadClick to determine the total number of actions for which it could charge LeanSpa and its corresponding contractual liability to the individual affiliates responsible for those actions. Because both LeadClick and its affiliate marketers profited per action generated, they were incentivized to maximize consumer traffic to LeanSpa's websites.

As the business relationship progressed, LeadClick became LeanSpa's primary marketing network, and LeanSpa became LeadClick's “top customer.” J. App. at 343a; 908a; 1016a. By 2011, LeanSpa offers represented approximately 85 percent of all eAdvertising division sales.

In total, LeadClick billed LeanSpa $22 million over the course of their contractual agreement. LeanSpa was chronically behind on its payments to LeadClick: LeanSpa owed LeadClick $6.4 million by March 2011 and approximately $10 million by June 2011. LeanSpa ultimately paid LeadClick $11.9 million, approximately half of its outstanding bill.

In accordance with industry practice, LeadClick paid its publishers before it received payment from LeanSpa. Despite LeanSpa's steep outstanding balance, LeadClick continued to pay its affiliate marketers for advertising LeanSpa products online. In September of 2011, LeadClick terminated its business arrangement with LeanSpa.

3. LeadClick's Involvement in the Use of Fake News Sites to Market LeanSpa Products

Certain affiliates hired by LeadClick used fake news sites to market LeanSpa products. These fake news sites, which were common in the industry at the time, looked like genuine news sites: they had logos styled to look like news sites and included pictures of supposed reporters next to their articles. The articles generally represented that a reporter had performed independent tests that demonstrated the efficacy of the weight loss products. The websites also frequently included a “consumer comment” section, where purported “consumers” praised the products. But there were no consumers commenting—this content was invented.

The vast majority of internet traffic to LeanSpa's websites from LeadClick's affiliate network came from fake news sites. The FTC investigator who reviewed spreadsheets produced by LeadClick, which documented traffic to LeanSpa's website from LeadClick affiliates, found that all of the 24 identifiable affiliate websites that sent 1,000 or more consumers through LeadClick's affiliate network were fake news sites.

While LeadClick did not itself create fake news sites to advertise products, as discussed below, it (1) knew that fake news sites were common in the affiliate marketing industry and that some of its affiliates were using fake news sites, (2) approved of the use of these sites, and, (3) on occasion, provided affiliates with content to use on their fake news pages.

i. LeadClick's Knowledge of Fake News Sites

First, LeadClick knew that fake news sites were commonplace in the industry. For example, one eAdvertising division employee noted that in the summer of 2010, fake news sites were “fairly common,” J. App. at 158-59a, while another testified in his deposition that during his time at LeadClick, “everyone was using 'em,” id. at 235a. In conversations amongst themselves and with affiliates and merchants, LeadClick employees occasionally discussed fake article pages, fake news pages, and news style pages.

Second, LeadClick knew of its own affiliates' use of fake news sites to promote LeanSpa's products. For the LeanSpa account, a LeadClick employee created an affiliate “scouting report” which consisted exclusively of fake news site names like Health8News.net, News-Health6.com, ConsumerNews24.com, BreakingNewsat6.com, and News6Access.com. One account manager testified that he saw fake news sites from LeadClick affiliates that contained information that was “not truthful or accurate,” including websites advertising LeanSpa products. J. App. at 387a, 389a. LeadClick employees also discussed the content of their affiliates' fake news sites, such as “step 1 and step 2,” a typical fake news site product pairing system, demonstrating that their awareness extended beyond general knowledge. See J. App. at 800a.

ii. LeadClick's Approval of Affiliates Fake News Sites

LeadClick employees also affirmatively approved of the use of fake news sites: One LeadClick employee told an affiliate interested in marketing LeanSpa offers that “News Style landers are totally fine” followed by two punctuation marks commonly united to represent a smiley face. J. App. at 761a. Another employee told a potential new client that “[a]ll of our traffic would be through display on fake article pages .” Id. at 750a (emphasis added). LeadClick's standard contract with affiliate marketers required affiliate marketers to submit their proposed marketing pages to LeadClick for approval before they were used.

iii. LeadClick Requested Edits to the Content of Fake News Sites

Finally, on occasion, LeadClick employees requested content edits to some of its affiliates using fake news sites. When LeanSpa informed LeadClick of certain requirements for its advertisements, LeadClick provided these requirements to affiliates and would review proposed advertisements for compliance with LeanSpa's requirements. For example, when LeanSpa noticed that some of the affiliate marketers were pairing a LeanSpa “step 1” product with another merchant's “step 2” on fake news sites, it informed LeadClick of a new LeanSpa product that should be used for “step 2” and LeadClick ordered its affiliates to implement that change in their fake news websites. J. App. at 800-801a.

In one instance, after hearing of a state action against another network for false advertising, a LeadClick employee reached out to an affiliate to “make sure all [his] pages [were] set up good[,] like no crazy [misleading] info.” J. App. at 231a. The affiliate responded that he was removing references to his page being a “news site” and thinking of “removing the reporter pics” from the site to be safe. Id. at 230-31a. The LeadClick employee advised him not to stop using the fake reporter's picture, but to “just add [the term] advertorial.” J. App. at 231-32a. In a later online conversation, the LeadClick employee advised the affiliate to delete references to acai berry on his fake news site and instead use words like “special [ingredient], formula, secret, bla, bla, bla” because “we noticed a huge increase in [actions] with stuff that doesn't [s]ay acai.” J. App. at 1015a.

Another employee sent an affiliate a list of ingredient information about a LeanSpa product, referring to it as “good content that we can use for the page” and stating “if we get this inserted correctly and make the page look good we can blow this up.” J. App. at 778a. Providing feedback on another affiliate's page, that same employee stated that the site “looks good except you CANT say anything about a free trial.. [sic] I need that removed,” id. 787a, and noted that “[i]t is much more realistic if you say that someone lost 10-12 lbs in 4 weeks rather than saying anything more than that,” id. at 788a.

4. LeadClick's Media Buying on Behalf of Affiliates With Fake News Sites

In addition to providing LeanSpa access to its affiliate network, LeadClick occasionally purchased advertising space on genuine news sites for banner advertisements that would link to the fake news sites promoting LeanSpa's products as part of its “media buying” business. When soliciting LeanSpa's business, a LeadClick account manager referred to the media buying as a way to “generat[e] quality traffic in very lucrative placements.” J. App. at 714a. LeadClick occasionally identified fake news sites as destination pages for the banner advertisements when negotiating with media sellers by emailing the media seller a compressed version of an affiliate's page or providing the web address for the destination page.

B. CoreLogic

In 2005, CoreLogic's predecessor, First American Corporation, together with another public company, First Advantage Corporation (“First Advantage”), acquired a majority interest in LeadClick.² In 2009, CoreLogic and First Advantage acquired the remaining interest in LeadClick. Later that year, CoreLogic purchased First Advantage, and changed its name to CoreLogic U.S., Inc. (“CLUSI”). After the acquisition, CoreLogic wholly owned CLUSI directly, and indirectly owned LeadClick through CLUSI.

2 First American Corporation reincorporated and changed its name to CoreLogic in 2010.

In 2010, CoreLogic reorganized its corporate structure, and LeadClick became a direct subsidiary of CoreLogic, and a sister company to CLUSI. During the restructuring, CoreLogic transitioned LeadClick and six of its sister subsidiaries into a “shared services system” to streamline and enhance back office functions across the subsidiaries. Pl. FTC's Local Rule 56(a)(2) Statement in Response to CoreLogic, Inc.'s Local Rule 56(a)(1) Statement (“FTC 56(a)(2) Statement”) at ¶ 4, Federal Trade Commission v. LeanSpa, LLC, No. 3:11–cv–01715–JCH, ECF No. 309.

Shared services programs allow related entities to consolidate some or all of their back-office functions, such as accounting, legal and compliance, human resources, and information technology, into a single office. Concentrating these functions allows the companies to operate more efficiently and reduce their administrative expenses. These programs are common in business today—Amici Curiae estimate that “more than eighty percent of Fortune 500 companies have implemented some form of shared services in their domestic operations.” Amici Br. at 5.

As part of CoreLogic's shared services system, CoreLogic's back office began to handle accounts payable for LeadClick and its sister subsidiaries in January 2011. The accounts receivable process was transitioned several months later, beginning in July 2011. After January of 2011, when LeadClick accrued a payable expense, CoreLogic would make the payment directly on its behalf, and track the payment as an advance to LeadClick. Both LeadClick and CoreLogic intended that LeadClick would later reimburse CoreLogic for those advances from its incoming revenue once CoreLogic transitioned LeadClick's accounts receivables process to the shared services program. Pursuant to this agreement, CoreLogic advanced approximately $13 million to pay LeadClick's expenses from January through August of 2011, and recorded these expenses as an intercompany liability. “[T]here was no agreed upon repayment schedule or repayment deadline, no security for those advances, no written loan agreement, and no interest due in connection with the funds CoreLogic provided LeadClick in 2011.” J. App. at 38a.

Once LeadClick's accounts receivable system transitioned to CoreLogic as part of the shared services agreement, CoreLogic began to recoup its prior advances by executing daily sweeps of the revenues received by LeadClick: Incoming funds deposited into LeadClick's account were automatically swept first into an account held by CLUSI, and then directed into an account held by CoreLogic. Through these sweeps, LeadClick repaid a total of $8.2 million of its advance balance to CoreLogic. Half of this amount was repaid in a single cash transfer on August 30, 2011 (the “August 30 Transfer”), when LeadClick, in transitioning its accounts receivable, withdrew $4.1 million in customer receipts from a bank account, and deposited them into a shared service account, which was then automatically swept to CLUSI and then CoreLogic. This was LeadClick's final repayment: When it ceased operations in September of 2011, it still owed CoreLogic approximately $8 million, and owed its sister subsidiary CLUSI approximately $8 million under an old promissory note.³

3 CLUSI's predecessor entered into a loan agreement and promissory note with LeadClick in 2008, before LeadClick became its wholly-owned subsidiary. That note remained partially outstanding at the time LeadClick ceased operations.

II. The Proceedings Below

On November 7, 2011, the FTC and the State filed a complaint in this action against LeanSpa, NutraSlim, LLC, NutraSlim U.K., Ltd., and Boris Mizhen, LeanSpa's owner, for unfair trade practices. The FTC and the State learned of LeadClick's involvement in LeanSpa's business during discovery, and amended their complaint on July 26, 2012 to include LeadClick and its former officer, Richard Chiang, as defendants and Angelina Strano, Mizhen's wife, as a relief defendant. The complaint was subsequently amended on August 28, 2013 by the FTC to add CoreLogic as a relief defendant. The State did not join the FTC in asserting a claim against CoreLogic. All claims except for those against LeadClick and CoreLogic were resolved in stipulated orders before the district court.

LeadClick and Chiang moved to dismiss, claiming immunity under Section 230 of the CDA. The district court denied the motion on January 29, 2013, concluding that LeadClick had not established immunity. On May 5, 2014, plaintiffs moved for summary judgment against LeadClick and CoreLogic. On the same day, LeadClick and CoreLogic separately moved for summary judgment.

On March 5, 2015, the district court granted plaintiffs' motion and denied defendants' motions. As part of that decision, the district court required LeadClick to disgorge all proceeds that it received from LeanSpa as payment for affiliate marketing and required CoreLogic to disgorge $4.1 million, which was the amount that LeadClick transferred to CoreLogic in August 2011. The district court entered final judgment in favor of plaintiffs on March 6, 2015. LeadClick and CoreLogic filed timely notices of appeal.

DISCUSSION

Defendants raise three issues on appeal: (1) LeadClick's liability under Section 5 of the FTC Act and CUTPA, (2) LeadClick's purported immunity under Section 230 of the CDA, and (3) CoreLogic's liability as a relief defendant.

We review de novo a district court's grant of summary judgment, “to determine whether the district court properly concluded that there was no genuine dispute as to any material fact, such that the moving party was entitled to judgment as a matter of law.” Myers v. Pat t erson, 819 F.3d 625, 632 (2d Cir. 2016). We address the claims against LeadClick and CoreLogic separately below.

I. LeadClick's Liability

A. FTC Act Liability

1. Applicable Law

Section 5 of the FTC Act “empower[s] and direct[s]” the FTC to “prevent persons, partnerships, or corporations ... from using ... unfair or deceptive acts or practices in or affecting commerce,” and declares unlawful “unfair or deceptive acts or practices in or affecting commerce.” 15 U.S.C. § 45(a)(1) and (a)(2).⁴ The FTC Act is drafted broadly to include not only traditional anti-trust violations but also “practices that the Commission determines are against public policy for other reasons.” FTC v. Indiana Fed'n of Dentists, 476 U.S. 447, 454, 106 S.Ct. 2009, 90 L.Ed.2d 445 (1986). “It is important to note the generality of [this] standard[ ] of illegality; the proscriptions in [Section] 5 are flexible, ‘to be defined with particularity by the myriad of cases from the field of business.’ ” FTC v. Colgate – Palmolive Co., 380 U.S. 374, 384–85, 85 S.Ct. 1035, 13 L.Ed.2d 904 (1965) (quoting FTC v. Motion Picture Advert. Serv. Co., 344 U.S. 392, 394, 73 S.Ct. 361, 97 L.Ed. 426 (1953) ).

4 CUTPA provides that “[n]o person shall engage in unfair methods of competition and unfair or deceptive acts or practice in the conduct of any trade or commerce.” C.G.S.A. § 42-110b(a). The statute is interpreted consistently with the federal statute. Id. 42-110b(b) (“It is the intent of the legislature that in construing subsection (a) of this section, the commissioner and the courts of this state shall be guided by interpretations given by the Federal Trade Commission and the federal courts to Section 5(a)(1) of the [FTC] Act.”); 42-110(c) (noting that regulations may be established provided “[s]uch regulations shall not be inconsistent with the rules, regulations and decisions of the federal trade commission [sic] and the federal courts in interpreting the provisions of the [FTC] Act.”). Accordingly, although we discuss only the alleged violation of the FTC Act below, the analysis applies with equal force to the alleged CUTPA violation.

The FTC and the State allege that LeadClick is liable under Section 5 because it engaged in a deceptive act or practice.⁵ “To prove a deceptive act or practice under § 5(a)(1), the FTC must show three elements: ‘[1] a representation, omission, or practice, that [2] is likely to mislead consumers acting reasonably under the circumstances, and [3], the representation, omission, or practice is material.’ ” FTC v. Verity Int'l, Ltd. , 443 F.3d 48, 63 (2d Cir. 2006) (quoting In re Cliffdale Assocs., Inc. , 103 F.T.C. 110, 165 (1984) ). “The deception need not be made with intent to deceive; it is enough that the representations or practices were likely to mislead consumers acting reasonably.” Id. The deceptive acts or practices must be “likely to cause substantial injury to consumers which is not reasonably avoidable by consumers themselves and not outweighed by countervailing benefits to consumers or to competition.” 15 U.S.C. § 45(n).

5 The FTC and State of Connecticut do not assert that that LeadClick engaged in an unfair trade practice.

LeadClick argues that a defendant may be held liable under Section 5(a) for deceptive acts or practices only when a defendant creates the deceptive content or when that content is attributable to the defendant. According to LeadClick, because it did not create the deceptive content appearing on the false news sites, nor was that content attributable to it, it cannot be held liable under the FTC Act. As discussed below, we disagree that the FTC Act requires that a defendant create deceptive content to be liable. Instead, we hold that under the FTC Act, a defendant may be held liable for engaging in deceptive practices or acts if, with knowledge of the deception, it either directly participates in a deceptive scheme or has the authority to control the deceptive content at issue.

Both the Ninth and Eleventh Circuits have recognized that a defendant may be liable for deceptive content even if it was not solely responsible for a deceptive scheme. In FTC v. Neovi, Inc., the Ninth Circuit held a check processing company liable under the FTC Act for creating and delivering fraudulent checks drawn by its customers without proper verification, where the company had “reason to believe that a vast number of checks were being drawn on unauthorized accounts.” 604 F.3d 1150, 1157 (9th Cir. 2010). The defendant argued that it could not be held liable, because its users, and not the defendant itself, created the deceptive checks. Id. at 1155. The Ninth Circuit rejected this argument, noting that “a single violation of the [FTC] Act may have more than one perpetrator,” id. and “businesses can cause direct consumer harm as contemplated by the FTC Act in a variety of ways,” id. at 1156. The check processing company, through its own actions, “engaged in a practice that facilitated and provided substantial assistance to a multitude of deceptive schemes.” Id. at 1157. The Court recognized that “the creation and distribution of most any good is subject to a host of sequential steps” and that while “[s]ome of those steps involve the contribution of independent causal agents, ... those contributions do not magically erase the role of the aggregator and distributer of the goods.” Id. at 1155. Rather, because the check processing company “engaged in behavior that was, itself, injurious to consumers,” it was liable under the FTC Act. Id. at 1157

Similarly, in FTC v. IAB Marketing Associates, LP, the Eleventh Circuit considered the likelihood that the FTC would succeed in an action against a company selling trade association memberships. 746 F.3d 1228 (11th Cir. 2014). The company hired third-party telemarketers who misrepresented that the memberships were “functionally equivalent to major medical insurance.” Id. at 1231. The Court found “no merit” in the argument that the company could not be held liable for misrepresentations “made by various independent contractors it engaged to sell its products.” Id. at 1232–33.

The defendants argued that they could not be held liable for the misrepresentations made by the third-party telemarketers without “direct participation in, knowledge of, and the ability to control the telemarketers' behavior.” Id. at 1233. This test had previously been applied by the Eleventh and Seventh Circuits to determine when an individual employee may be held liable for the conduct of a corporation. See FTC v. Gem Merch. Corp. , 87 F.3d 466, 467–68, 470 (11th Cir. 1996) (holding an individual liable under the FTC Act where “he was aware that salespeople made material representations to consumers to induce sales, and he was in a position to control the salespeople's behavior”); FTC v. Amy Travel Serv., Inc., 875 F.2d 564, 573 (7th Cir. 1989) (holding individuals liable under the FTC Act for deceptive practices of a corporation where those individuals had knowledge of the deceptive practices and participated directly in those practices or had authority to control them).

Without deciding whether the standard for imposing liability was as “demanding” as to require both direct participation and authority to control, the IAB Marketing Associates court determined that the company would be liable even under the knowledge, participation, and control test, because it directly participated in the scheme with knowledge and had the ability to control the telemarketers it employed to sell its trade association memberships. IAB Mktg. Associates, 746 F.3d at 1233. While there was no evidence in the record that the defendants instructed the telemarketers to make material misrepresentations, the defendants hired the third party telemarketers to sell its products with knowledge that the telemarketers were making the misrepresentation. Id. The defendants also had authority over those telemarketers, and could have, but did not, require them to cease making the misrepresentations. Id.

We agree that a deceptive scheme violating the FTC Act may have more than one perpetrator. We adopt the test applied by the Eleventh Circuit in the context of an individual's liability for corporate deception to determine LeadClick's Section 5 liability under the FTC Act: A defendant may be held liable for deceptive practices that cause consumer harm if, with knowledge of the deceptive nature of the scheme, he either “participate[s] directly in the practices or acts or ha[s] authority to control them.” Amy Travel Serv. , 875 F.2d at 573. A defendant directly participates in deception when it engages in deceptive acts or practices that are injurious to customers with at least some knowledge of the deception. 15 U.S.C. § 45(a) and (n). Similarly, a defendant who knows of another's deceptive practices and has the authority to control those deceptive acts or practices, but allows the deception to proceed, may be held liable for engaging in a deceptive practice injurious to consumers. This is consistent with the FTC's longstanding policy that an omission in certain circumstances may constitute a deceptive or unfair practice. See Letter from Federal Trade Commission to Hon. John D. Dingell, Chairman of the Committee on Energy and Commerce (October 14, 1983), appended to Cliffdale Assocs. , 103 F.T.C. at 182 (“The Commission will find an act or practice deceptive if there is a misrepresentation, omission, or other practice, that misleads the consumer acting reasonably in the circumstances, to the consumer's detriment.”); In the Matter of Int'l Harvester Co ., 104 F.T.C. 949 (1984) (finding defendant's failure to warn consumers of a material risk of harm created by its product would be an unfair trade practice under Section 5).

LeadClick argues that applying a test that imposes liability based on direct participation in or authority to control deceptive practices conflates principal liability with aiding and abetting liability, which is foreclosed under the FTC Act. We reject this argument.

We have not previously considered whether a defendant may be held liable under the FTC Act for aiding and abetting another's deceptive acts or practices. As LeadClick notes, the FTC Act does not expressly provide for aiding and abetting liability. Cf. Central Bank of Denver, N.A. v. First Interstate Bank of Denver, N.A. , 511 U.S. 164, 177, 114 S.Ct. 1439, 128 L.Ed.2d 119 (1994) (noting that in securities fraud context that if “Congress intended to impose aiding and abetting liability ... it would have used the words ‘aid’ and ‘abet’ in the statutory text”); Wright v. Ernst & Young LLP, 152 F.3d 169, 175 (2d Cir. 1998) (noting where Section 10(b) liability is based on making material false representations, “[a]nything short of such conduct is merely aiding and abetting, and no matter how substantial that aid may be, it is not enough to trigger liability”). We need not decide this issue, however, because we conclude that a defendant acting with knowledge of deception who either directly participates in that deception or has the authority to control the deceptive practice of another, but allows the deception to proceed, engages, through its own actions, in a deceptive act or practice that causes harm to consumers. As the Ninth Circuit noted in Neovi, Inc. :

To be clear, none of this is to say that [defendant] is liable under a theory of aiding and abetting. [Defendant] engaged in behavior that was, itself, injurious to consumers. [Defendant's] business practices might have served to assist others in illicit or deceptive schemes, but the liability under the FTC Act that attached to [defendant] is not mediated by the actions of those third parties. [Defendant] caused harm through its own deeds—in this case creating and delivering unverified checks—and thus § 5 of the FTC Act easily extends to its conduct.

Neovi, Inc., 604 F.3d at 1157. A defendant may be held liable for its own acts of deception under the FTC Act, whether by directly participating in deception or by allowing deceptive acts or practices to occur that are within its control. This direct liability is distinguishable from liability for merely aiding and abetting the deceptive conduct of another.

2. Application

LeadClick does not dispute on appeal that its affiliates engaged in false and deceptive advertising practices. Instead, it argues that even assuming these statements were deceptive, such deception “support[s] only imposition of liability against the publishers who created and made the deceptive statements—not against a wholly separate entity[, LeadClick,] that the FTC concedes did not make the challenged statements.” LeadClick Br. at 33. As discussed below, we reject this argument and hold that LeadClick is directly liable for its own deceptive conduct in the eAdvertising scheme. LeadClick knew that deceptive false news sites were prevalent in its affiliate marketing network, directly participated in the deception, and had the authority to control the deceptive content of these fake news sites, but allowed the deceptive content to be used in LeanSpa advertisements on its network. Accordingly, LeadClick is liable under Section 5 of the FTC Act for engaging in deceptive acts or practices.

i. LeadClick Knew of the Deception

LeadClick knew that (1) the use of false news pages was prevalent in affiliate marketing, and (2) its own affiliate marketers were using fake news sites to market LeanSpa's products:

• An eAdvertising division employee noted that in the summer of 2010, fake news sites were “fairly common,” J. App. at 158a-59a;

• Another employee testified in his deposition that during his time at LeadClick, “everyone was using 'em,” id. at 235;

• LeadClick employees occasionally discussed fake article pages, fake news pages, and news style pages among themselves and with affiliates and merchant clients;

• A LeadClick employee testified that he saw “many” false news sites from LeadClick affiliates that contained false information, J. App. at 387a, 389a; and

• LeadClick was even familiar with the specific content of these sites, and employees occasionally referred to “step 1 and step 2” pairing typical of fake news sites, see J. App. at 157a, 746a, 800a.

ii. Direct Participation in the Deceptive Practices

In addition to this knowledge, LeadClick participated in the deceptive scheme through the following acts:

• A LeadClick employee “scouted” fake news websites to recruit potential affiliates for the LeanSpa account;

• LeadClick employees required alterations to the content of its affiliates' fake news pages by instructing them to revise their pages to comply with explicit directives from LeanSpa;

• A LeadClick employee instructed an affiliate to check that his fake news site was not “crazy [misleading]” and advising him not to remove the reporter photograph, but to “just add advertorial,” J. App. at 230a-31a;

• LeadClick employees advised affiliates on the content to include in their pages to increase consumer traffic, see J. App. at 788a (telling an affiliate “[i]t is much more realistic if you say that someone lost 10-12 lbs[.] in 4 weeks rather than saying anything more than that”); and

• LeadClick purchased banner advertisement space on genuine news sites to resell that space to affiliates running fake news pages to “generat[e] quality traffic in very lucrative placements.” J. App. at 714a.

Considered together, this conduct clearly demonstrates LeadClick's direct participation in the deceptive advertising scheme. LeadClick's own actions—recruiting and paying affiliates who used fake news sites for generating traffic, managing those affiliates, suggesting substantive edits to fake news pages, and purchasing banner space for fake news sites on legitimate news sources—caused significant harm to consumers.

iii. LeadClick's Authority to Control the Deceptive Practices or Acts

LeadClick was paid by LeanSpa to recruit and manage a network of affiliates who would advertise LeanSpa's products. As established above, LeadClick knew that some of its affiliates were using fake news sites to advertise LeanSpa products. As the manager and orchestrator of the affiliate marketing scheme, LeadClick had the authority to control the deceptive practices of affiliates that joined its network:

• LeadClick had the ultimate authority to review and approve or disapprove of an affiliate using a fake news site;

• LeadClick permitted affiliates using fake news sites to join its network and refer customers to LeanSpa, and it paid its affiliates with fake news sites for generating actions; and

• LeadClick employees affirmatively approved the use of fake news sites by telling a potential affiliate that “News Style landers are totally fine,” J. App. at 761a, and explaining to a potential merchant client that “[a]ll of [its] traffic would be through display on fake article pages, ” Id. at 750a (emphasis added);

As the manager of the affiliate network, LeadClick had a responsibility to ensure that the advertisements produced by its affiliate network were not deceptive or misleading. By failing to do so and allowing the use of fake news sites on its network, despite its knowledge of the deception, LeadClick engaged in a deceptive practice for which it may be held directly liable under the FTC Act.

As discussed above, LeadClick is not liable here merely because it aided and abetted its affiliates' deception. Rather, its liability arises from its own deceptive practices: directly participating in the deceptive scheme by recruiting, managing, and paying a network of affiliates to generate consumer traffic through the use of deceptive advertising and allowing the use of deceptive advertising where it had the authority to control the affiliates participating in its network. See Neovi, 604 F.3d at 1157 n.5 (rejecting similar argument and noting that defendant's “actions caused consumer harm; it did not merely aid or abet others who caused consumer harm”).

Moreover, LeadClick is directly liable regardless of whether it intended to deceive consumers—it is enough that it orchestrated a scheme that was likely to mislead reasonable consumers. See Verity Int'l, Ltd., 443 F.3d at 63. And the scheme did just that: the majority of traffic from LeadClick's affiliate network came from fake news sites, generating enough traffic to bill LeanSpa for approximately $22 million and earn LeanSpa recognition as LeadClick's “top customer.” J. App. at 343a, 908a, 1016a.

Accordingly, the district court did not err in concluding that LeadClick is directly liable under Section 5 of the FTC Act and CUTPA.

B. Immunity under the CDA

LeadClick argues that, even if it would otherwise be liable under Section 5 of the FTC Act and CUTPA for its participation in the deceptive marketing scheme, it is immune under Section 230 of the CDA. We conclude, however, that the district court correctly held that LeadClick was not entitled to Section 230 immunity. 1. Applicable Law

When it was introduced, the primary purpose of the CDA was to protect children from sexually explicit internet content.⁶ Section 230, enacted through an amendment to the CDA, had a different objective: “[T]o preserve the vibrant and competitive free market that presently exists for the Internet and other interactive computer services, unfettered by Federal or State regulation.” 47 U.S.C. § 230(b)(2) ; see also Zeran v. America Online, Inc., 129 F.3d 327, 330 (4th Cir. 1997) (“Congress recognized the threat that tort-based lawsuits pose to freedom of speech in the new and burgeoning Internet medium.”).

6 In his statement introducing the proposed legislation, Senator Exon proclaimed “[T]he information superhighway should not become a red light district. This legislation will keep that from happening and extend the standards of decency which have protected telephone users to new telecommunications devices.” 141 Cong. Rec. S1953 (daily ed. Feb. 1, 1995) (statement of Sen. Exon).

The amendment assuaged Congressional concern regarding the outcome of two inconsistent judicial decisions applying traditional defamation law to internet providers. 141 Cong. Rec. H8469-70 (daily ed. Aug. 4, 1995 (statement of Rep. Cox)). The first held that an interactive computer service provider could not be liable for a third party's defamatory statement, Cubby, Inc. v. CompuServe, Inc., 776 F.Supp. 135, 141 (S.D.N.Y. 1991), but the second imposed liability where a service provider filtered its content in an effort to block obscene material, Stratton Oakmont, Inc. v. Prodigy Servs. Co. , No. 31063/94, 1995 WL 323710, at *4 (N.Y. Sup. Ct. May 24, 1995). The amendment was intended to overrule Stratton and provide immunity for “interactive computer service[s]” that make “good faith” efforts to block and screen offensive content. 47 U.S.C. § 230(c).

To accomplish that goal, Section 230 provides that “[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” 47 U.S.C. § 230(c)(1).

We have had limited opportunity to interpret Section 230. Other circuits, however, have recognized that Section 230 immunity is broad. See, e.g., Jones v. Dirty World Entm't Recordings LLC, 755 F.3d 398, 406–07 (6th Cir. 2014) (“close cases ... must be resolved in favor of immunity” (quoting Fair Hous. Council of San Fernando Valley v. Roommates.Com, LLC, 521 F.3d 1157, 1174 (9th Cir. 2008) (en banc))); Almeida v. Amazon.com, 456 F.3d 1316, 1321 (11th Cir. 2006) (“The majority of federal circuits have interpreted the CDA to establish broad federal immunity to any cause of action that would make service providers liable for information originating with a third-party user of the service.” (internal quotation marks omitted)); id. at n.3 (collecting cases). In applying the statute, courts have “broken [it] down into three component parts,” finding that “[i]t shields conduct if the defendant (1) ‘is a provider or user of an interactive computer service, (2) the claim is based on information provided by another information content provider and (3) the claim would treat [the defendant] as the publisher or speaker of that information.’ ” Jane Doe No. 1 v. Backpage.com, LLC , 817 F.3d 12, 19 (1st Cir. 2016) (quoting Universal Commc'n Sys., Inc. v. Lycos, Inc ., 478 F.3d 413, 418 (1st Cir. 2007) ); see also Jones , 755 F.3d at 409 ; Zeran , 129 F.3d at 330.

On appeal, LeadClick argues that it is immune under Section 230 because it meets these elements. We discuss each, in turn. i. Provider of an Interactive Computer Service

“The term ‘interactive computer service’ means any information service, system, or access software provider that provides or enables computer access by multiple users to a computer server, including specifically a service or system that provides access to the Internet and such systems operated or services offered by libraries or educational institutions.” 47 U.S.C. § 230(f)(2).

Courts typically have held that internet service providers, website exchange systems, online message boards, and search engines fall within this definition. See, e.g. , Zango, Inc. v. Kaspersky Lab, Inc ., 568 F.3d 1169, 1175 (9th Cir. 2009) (concluding that malware provider who blocked plaintiff's software as “potentially malicious” was interactive computer service provider because it provided service to consumers by screening for malicious content); Chicago Lawyers' Comm. for Civil Rights Under Law, Inc. v. Craigslist, Inc. , 519 F.3d 666, 671 (7th Cir. 2008), as amended (May 2, 2008) (applying definition to Craigslist, a classified advertisements website); Universal Commc'ns Sys. v. Lycos, Inc., 478 F.3d 413, 419 (1st Cir. 2007) (applying definition to internet message board operator); Zeran , 129 F.3d at 329 (“AOL is just such an interactive computer service.”); Murawski v. Pataki , 514 F.Supp.2d 577, 591 (S.D.N.Y. 2007) (concluding Ask.com is an interactive service provider because it is a search engine).

ii. Information Content Provider

As noted above, the statute requires that the claim be based on content provided by another information content provider. This grant of immunity applies only if the interactive service provider is not also an “information content provider” of the content which gives rise to the underlying claim. “Information content provider” is defined to include “any person or entity that is responsible, in whole or in part, for the creation or development of information provided through the Internet or any other interactive computer service.” 47 U.S.C. § 230(f)(3). This definition “cover[s] even those who are responsible for the development of content only in part.” FTC v. Accusearch Inc. , 570 F.3d 1187, 1197 (10th Cir. 2009) (quoting Universal Commc'n Sys., Inc. v. Lycos, Inc., 478 F.3d 413, 419 (1st Cir. 2007) ). A defendant, however, will not be held responsible unless it assisted in the development of what made the content unlawful. Id. at 1201. For example, a defendant who paid researchers to uncover confidential phone records protected by law, and then provided that information to paying customers, fell within the definition because he did not merely act as a neutral intermediary, but instead “specifically encourage[d] development of what [was] offensive about the content.” Id. at 1199 ; see also Roommates.com, 521 F.3d at 1167–68 (holding defendant liable for developing content by “not merely ... augmenting the content generally, but ... materially contributing to its alleged unlawfulness” when it required subscribers to provide information which enabled users of site to unlawfully discriminate in selecting a roommate).

iii. Whether the Claim Treats the Defendant as the Publisher or Speaker of Content Provided by Another

“At its core, § 230 bars ‘lawsuits seeking to hold a service provider liable for its exercise of a publisher's traditional editorial functions—such as deciding whether to publish, withdraw, postpone or alter content.’ ” Dirty World Entm't Recordings LLC, 755 F.3d at 407 (quoting Zeran, 129 F.3d at 330 ). Section 230(c)(1) provides that “no provider of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider” but it does not define the terms “publisher or speaker.” 47 U.S.C. § 230(c)(1).

In Barnes v. Yahoo!, Inc., the Ninth Circuit addressed “how to determine when, for purposes of this statute, a plaintiff's theory of liability would treat a defendant as a publisher or speaker of third-party content.” 570 F.3d 1096, 1101 (9th Cir. 2009), as amended (Sept. 28, 2009). The Ninth Circuit considered traditional dictionary definitions of publisher, including “the reproducer of a work intended for public consumption” and “one whose business is publication.” Id. at 1102 (quoting Webster's Third New International Dictionary 1837 (Philip Babcock Gove ed., 1986)). In deciding whether the claim at issue sought to hold the defendant liable as a publisher or speaker, the Court noted that “what matters is whether the cause of action inherently requires the court to treat the defendant as the ‘publisher or speaker’ of content provided by another. To put it another way, courts must ask whether the duty that the plaintiff alleges the defendant violated derives from the defendant's status or conduct as a ‘publisher or speaker.’ ” Id. at 1102.

In Accusearch, Inc., the only other case considering the application of Section 230 immunity to liability arising under Section 5 of the FTC Act, the Tenth Circuit concluded that the defendant could not be immune for its payment to researchers to uncover confidential phone records and subsequent publishing of that information because it was an information content provider of the offensive conduct. 570 F.3d at 1197. The majority concluded that the defendant was not immune because liability was based on the defendant's own content rather than the content of another, while the concurrence was of the view that the defendant was not immune because liability was premised not on content but on its conduct. Id. at 1197, 1205.

2. Application

LeadClick argues that it should be immune from liability under the FTC Act and CUTPA because it was an interactive computer service provider, it did not publish deceptive content, and the plaintiffs seek to hold it liable for the deceptive statements of its affiliates. We disagree and conclude that LeadClick is not entitled to Section 230 immunity because it is an information content provider with respect to the deception at issue and because LeadClick is liable under the FTC Act for its own deceptive acts or practices, rather than for publishing content created by another.

i. Provider of an Interactive Computer Service

As an initial matter, we are doubtful that LeadClick is an “interactive service provider.” The definition is indeed broad, but we are not convinced that LeadClick provides computer access in the sense of an internet service provider, website exchange system, online message board, or search engine. LeadClick contends that it is covered because it “enabled computer access by multiple users to a computer server” by routing consumers from its affiliates' webpages to LeanSpa's websites via the HitPath server. LeadClick Reply Br. at 4.

But LeadClick cites no case law applying the definition of “interactive service provider” in a similar context, where the defendant's provision of services (in this case, consumer access to LeadClick's HitPath computer server) was wholly unrelated to its potential liability under the statute. Moreover, the “service” LeadClick purportedly provided—access to the HitPath server—is not the type of service that Congress intended to protect in granting immunity. The statute aims to promote the continued development of the internet, through “the availability of educational and informational resources to our citizens” and to “offer a forum for a true diversity of political discourse, unique opportunities for cultural development, and myriad avenues for intellectual activity.” 47 U.S.C. § 230(a)(1), (a)(3) ; see also id. at (b)(1), (b)(3) (noting that it is the policy of the United States “to promote the continued development of the Internet and other interactive computer services” and to “maximize user control over what information is received by individuals, families, and schools who use the Internet and other interactive computer services”). The computer access service LeadClick actually provided, routing customers through the HitPath server before reaching LeanSpa's website, was invisible to consumers and did not benefit them in any way. Its purpose was not to encourage discourse but to keep track of the business referred from its affiliate network.

In any event, we need not reach this issue because we conclude, as described below, that LeadClick is an information content provider with respect to the content at issue and that LeadClick is liable for its own content and not merely because it was the “publisher or speaker” of deceptive content provided by its affiliates.

ii. Information Content Provider

LeadClick is not entitled to immunity because it participated in the development of the deceptive content posted on fake news pages. As discussed in greater detail above, LeadClick recruited affiliates for the LeanSpa account that used false news sites. LeadClick paid those affiliates to advertise LeanSpa products online, knowing that false news sites were common in the industry. LeadClick employees occasionally advised affiliates to edit content on affiliate pages to avoid being “crazy [misleading],” J. App. at 231a, and to make a report of alleged weight loss appear more “realistic” by reducing the number of pounds claimed to have been lost, id. at 788a. LeadClick also purchased advertising banner space from legitimate news sites with the intent to resell it to affiliates for use on their fake news sites, thereby increasing the likelihood that a consumer would be deceived by that content.

LeadClick's role in managing the affiliate network far exceeded that of neutral assistance. Instead, it participated in the development of its affiliates' deceptive websites, “materially contributing to [the content's] alleged unlawfulness.” Roommates.com, LLC , 521 F.3d at 1168. Accordingly, LeadClick is an information content provider with respect to the deceptive content at issue and is not entitled to immunity under Section 230.

iii. The Claim does not treat LeadClick as a Publisher or Speaker of Another's Content

LeadClick cannot establish the third element necessary for immunity because it is not being held liable as a publisher or speaker of another's content. Rather, as discussed above, LeadClick is being held accountable for its own deceptive acts or practices—for directly participating in the deceptive scheme by providing edits to affiliate webpages, for purchasing media space on real news sites with the intent to resell that space to its affiliates using fake news sites, and because it had the authority to control those affiliates and allowed them to publish deceptive statements. Accordingly, because LeadClick's Section 5 liability is not derived from its status as a publisher or speaker, imposing liability under Section 5 does not “inherently require[ ] the court to treat the [LeadClick] as the ‘publisher or speaker’ ” of its affiliates' deceptive content, and Section 230 immunity should not apply. See Barnes, 570 F.3d at 1101–02 ; see also Accusearch, 570 F.3d at 1204–05 (Tymkovitch, J. , concurring) (noting that “the FTC sought and ultimately held [defendant] liable for its conduct rather than for the content of the information is was offering on [its] website” and arguing that there should be no immunity because “Section 230 only immunizes publishers or speakers for the content of the information from other providers that they make public”).

II. CoreLogic's Liability as Relief Defendant

CoreLogic appeals from the district court's finding that it must disgorge money it received from LeadClick in the August 30 Transfer. As described below, the district court erred in holding CoreLogic liable for LeadClick's fines as a relief defendant, because CoreLogic had a legitimate claim to repayment of its prior advances to LeadClick.

A. Applicable Law

“A relief defendant is a person who ‘holds the subject matter of the litigation in a subordinate or possessory capacity as to which there is no dispute.’ ” Commodity Futures Trading Comm'n v. Walsh, 618 F.3d 218, 225 (2d Cir. 2010) (quoting SEC v. Colello, 139 F.3d 674, 676 (9th Cir. 1998) ). The typical relief defendant “is a bank or trustee, which has only a custodial claim” to the subject matter of the litigation. Colello, 139 F.3d at 677. A relief defendant has no ownership interest in the property, but “may be joined to aid the recovery of relief.” SEC v. Cavanagh (Cavanagh II), 445 F.3d 105, 109 n.7 (2d Cir. 2006).

“Federal courts may order equitable relief against a [relief defendant] not accused of wrongdoing ... where that person: (1) has received ill-gotten funds; and (2) does not have a legitimate claim to those funds.” S.E.C. v. Cavanagh (Cavanagh I), 155 F.3d 129, 136 (2d Cir. 1998). “District courts may only require disgorgement of the assets of a relief defendant upon a finding that she lacks a legitimate claim.” Walsh, 618 F.3d at 226 (internal quotation marks omitted).

While we have not “developed explicit guidelines for what qualifies as a legitimate claim sufficient to immunize ... property from disgorgement,” we have recognized that “relief defendants who have provided some form of valuable consideration in good faith ... are beyond the reach of the district court's disgorgement remedy.” Id. at 226 (internal quotation marks omitted). An outstanding loan from a relief defendant constitutes valuable consideration, giving rise to a “legitimate claim” to repayment of the outstanding amount of principal and accrued interest. See Janvey v. Adams, 588 F.3d 831, 835 (5th Cir. 2009) (debtor-creditor relationship “constitutes a sufficient legitimate ownership interest to preclude treating [defendants] as relief defendants”). A gratuitous transfer, however, without the payment of consideration, does not give rise to a legitimate claim. See Cavanagh I, 155 F.3d at 137 (concluding that neither relief defendant had a legitimate claim to property received as a gift, because to hold otherwise, “would allow almost any defendant to circumvent the SEC's power to recapture fraud proceeds, by the simple procedure of giving [property] to friends and relatives, without even their knowledge”).

B. Application

The facts here are undisputed. Instead, the parties dispute whether on these facts, CoreLogic had a legitimate claim to the August 30 Transfer of $4.1 million. The FTC argues that this transfer should be characterized as a gratuitous distribution because it lacked a formal loan agreement and, accordingly, was not in exchange for valuable consideration. CoreLogic disagrees, contending that this transaction was the repayment of an outstanding intercompany loan, implemented as part of its shared services agreement. The district court concluded that CoreLogic had no legitimate claim to the funds because there was no formal loan agreement between the parties and ordered disgorgement. We disagree with the district court's conclusion that a formal loan agreement was required in this context and hold that CoreLogic was not a proper relief defendant because it had a legitimate interest in the transferred funds. We conclude that under these undisputed facts, CoreLogic's advances to LeadClick constituted “valuable consideration” entitling it to repayment from LeadClick.

Both parties agree that after CoreLogic implemented the shared services system, CoreLogic paid LeadClick's accounts payable. For accounting purposes, CoreLogic and LeadClick documented the advances as intercompany balances. The parties intended these advances to be repaid automatically from LeadClick's revenue once the accounts receivable function was transitioned to CoreLogic, six months after the transition of accounts payable. Once Core Logic transitioned LeadClick's accounts receivable system to the shared services program, LeadClick did in fact begin to repay these amounts through an automatic diversion of cash receipts deposited in the shared services account to CoreLogic.⁷ LeadClick repaid a total of $8.2 million of its advance balance to CoreLogic through the automated transfers. CoreLogic held a right to repayment under these circumstances. It did not merely hold the transferred funds in a custodial capacity. See Cavanagh II , 445 F.3d at 109 n.7 ; Colello , 139 F.3d at 677.

7 The funds were first swept automatically into an account held by CLUSI, LeadClick's sister subsidiary, which subsequently transferred the funds into CoreLogic's central treasury, pursuant to the shared services agreement

The district court reasoned that the advances constituted gratuitous transfers that could not give rise to a legitimate claim to repayment because there was no formal debtor-creditor relationship in place between LeadClick and CoreLogic. But, as Amici Curiae point out, the lack of a formal agreement is not surprising in the shared services context. The FTC's own expert acknowledged that it is not customary to use promissory notes or charge interest on intercompany advances made pursuant to a shared services program. Requiring such documentation “is incompatible with the very purpose of shared services: streamlining operations and increasing efficiency by reducing excess paperwork.” Amici Br. at 6. An interest charge would also be artificial, because the companies were consolidated under general accounting principles for public companies. Under these circumstances, the lack of a formal loan agreement does not create suspicion that the transactions were a sham.

Even without the formalities of an arm's-length loan agreement, it is undisputed that CoreLogic advanced funds to LeadClick, both parties intended these advances to be repaid, and the August 30 Transfer reduced the outstanding intercompany balance. Under these facts, CoreLogic's claim to the August 30 Transfer was therefore legitimate.⁸ Accordingly, CoreLogic was not a proper relief defendant, and the district court erred in ordering it to disgorge the funds it received from LeadClick.

8 Similarly, CoreLogic's claim is not undermined by the fact that LeadClick's ability to repay depended upon its future business performance. Repayment of an uncollateralized loan based on a borrower's income generally depends upon the borrower's ability to generate revenue.

CONCLUSION

For the reasons set forth above, the judgment of the district court imposing liability on the defendants is AFFIRMED with respect to LeadClick and REVERSED with respect to CoreLogic, and we REMAND with instructions to the district court to enter judgment in favor of CoreLogic.