holding that CDA bars claims for negligence and gross negligence in not preventing a 13 year old girl from lying about her age to create a personal profile that led to contact by a sexual predatorSummary of this case from Jane Doe v. Internet Brands, Inc.
May 16, 2008.
Micajah Boatright, Kurt B. Arnold, Jason Aron Itkin, Arnold Itkin, Houston, TX, Gregory Scott Coleman (argued), Marc S. Tabolsky, Richard Bernard Fairer, Yetter Warden LLP, Austin, TX, for Plaintiff-Appellant.
Michael D. Marin, Matthew Brian Ploeger, Christopher V. Popov, Vinson Elkins, Austin, TX, Thomas S. Leatherbury, Vinson Elkins, Dallas, TX, Harry M. Reasoner (argued), Vinson Elkins, Houston, TX, Clifford Thau, Vinson Elkins, New York City, for Defendants-Appellees.
Patrick J. Carome, WilmerHale, Washington, DC, for Internet Commerce Coalition, U.S. Internet Service Provider Ass'n, Computer Communications Industry Ass'n, Information Technology Ass'n of America, National Cable Telecommunications Ass'n, Netcoalition, CTIA-The Wireless Ass'n and Center for Democracy and Technology, Amici Curiae.
Appeal from the United States District Court for the Western District of Texas.
Before GARWOOD, CLEMENT and ELROD, Circuit Judges.
Jane and Julie Doe ("the Does") appeal the district court's dismissal of their claims for negligence and gross negligence, and its finding that the claims were barred by the Communications Decency Act ("CDA"), 47 U.S.C § 230, and Texas common law. For the following reasons, we affirm the decision of the district court.
I. FACTS AND PROCEEDINGS
MySpace.com is a Web-based social network. Online social' networking is the practice of using a Web site or other interactive computer service to expand one's business or social network. Social networking on MySpace.com begins with a member's creation of an online profile that serves as a medium for personal expression, and can contain such items as photographs, videos, and other information about the member that he or she chooses to share with other MySpace.com users. Members have complete discretion regarding the amount and type of information that is included in a personal profile. Members over the age of sixteen can choose the degree of privacy they desire regarding their profile; that is, they determine who among the MySpace.com membership is allowed to view their profile. Once a profile has been created, the member can use it to extend "invitations" to existing friends who are also MySpace.com users and to communicate with those friends online by linking to their profiles, or using e-mail, instant messaging, and blogs, all of which are hosted through the MySpace.com platform.
The term "blog" is a portmanteau of "Web log" and is a term referring to an online journal or diary.
Members can also meet new people at MySpace.com through user groups focused on common interests such as film, travel, music, or politics. MySpace.com has a browser feature that allows members to search the Web site's membership using criteria such as geographic location or specific interests. MySpace.com members can also become online "friends" with celebrities, musicians, or politicians who have created MySpace.com profiles to publicize their work and to interface with fans and supporters.
In the summer of 2005, at age thirteen, Julie Doe ("Julie") lied about her age, represented that she was eighteen years old, and created a profile on MySpace.com. This action allowed her to circumvent all safety features of the Web site and resulted in her profile being made public; nineteen-year-old Pete Solis ("Solis") was able to initiate contact with Julie in April 2006 when she was fourteen. The two communicated offline on several occasions after Julie provided her telephone number. They met in person in May 2006, and, at this meeting, Solis sexually assaulted Julie.
Julie's mother reported the assault to Austin, Texas police, who arrested Solis and charged him with second-degree sexual assault.
Julie's mother, Jane Doe, first sued MySpace, Inc., its parent company, News Corporation (collectively "MySpace"), and Solis in a Texas state court on her own behalf and on behalf of her daughter, alleging that MySpace failed to implement basic safety measures to prevent sexual predators from communicating with minors on its Web site. The Does' original petition asserted claims for fraud, negligent misrepresentation, negligence, and gross negligence against MySpace, and claims for sexual assault and intentional infliction of emotional distress against Solis. MySpace answered the petition and filed special exceptions, asserting among other things, that the CDA and Texas common law barred the Does' claims. The Does amended their petition, to which MySpace again specially excepted; thereafter, before any ruling on the special exceptions, the Does filed a motion for non-suit which the court granted, dismissing the case without prejudice. The Does then refiled in New York state court, asserting the same claims against MySpace, but declining to name Solis as a defendant. MySpace immediately removed that case to the United States District Court for the Southern District of New York and moved simultaneously to transfer venue to the Western District of Texas and to dismiss for failure to state a claim. The district court in New York considered both motions and granted MySpace's motion to transfer venue, but declined to rule on the motion to dismiss, leaving it for the transferee court.
The district court in Texas then held oral argument On February 1, 2007, and decided MySpace's motion to dismiss in a written opinion. The district court construed MySpace's Rule 12(b)(6) motion to dismiss as a Rule 12(c) motion for judgment on the pleadings and considered the Does' most recent complaint, filed on September 25, 2006 in the Bronx County court. In their complaint, the Does alleged:
8. To access the social network, one must create a MySpace account. In order to create a MySpace account, all one has to do is enter a name, email address, gender, country, and date of birth
9. Once signed up, each MySpace user is given his or her own personal webpage to create. MySpace users are then prompted to post photographs and personal information on their webpage. Typically, a MySpace user's webpage is viewable by any other MySpace user. Further, any MySpace user can contact any other MySpace user through internal email and/or instant messaging on MySpace.
Regarding the use of computers and Internet sites, a "prompt" is defined as "a message or symbol from a computer system to a user, generally appearing on a display screen, requesting more information or indicating that the system is ready for user instructions." Dictionary.com, http://www.dictionary.reference.com/browse/prompt (last visited April 28, 2008).
. . . .
11. The catalyst behind MySpace's amazing surge in popularity is their underage users demographic. According to MySpace, approximately 22 percent of MySpace visitors are minors, under the age of 18. MySpace actively and passively markets itself to minors.
. . . .
27. In the summer of 2005, 14-year-old Julie created a profile on MySpace. At the time, Julie was only 13-years-old. Despite MySpace's supposed safety precautions and protections prohibiting anyone under 14-years-old from using MySpace, Julie was easily able to create a profile.
. . . .
41. Defendants owed a legal duty to 14-year-old Julie to institute and enforce appropriate security measures and policies that would substantially decrease the likelihood of danger and harm that MySpace posed to her.
The district court in Texas dismissed with prejudice the Does' claims for negligence and gross negligence, finding that the claims were barred by the CDA and Texas common law. The Does voluntarily withdrew their claims for fraud and negligent misrepresentation; therefore, the district court dismissed those claims without prejudice. The Does now appeal the district court's dismissal of their claims for negligence and gross negligence, arguing that § 230(c)(1) of the CDA is inapplicable here because their claims do not implicate MySpace as a "publisher" protected by the Act and because MySpace not only published but was also partially responsible for creating the content of the information that was exchanged between Julie and Solis. Doe next argues that § 230(c)(2) does not immunize MySpace's failure to take reasonable steps to ensure minors' safety. The Does lastly apply the law of premises liability germane to owners of real property to publishers and Internet service providers operating in the virtual world of cyberspace to argue that the district court erred when it did not find a common-law duty to protect Julie. We hold, however, that the Does' claims of negligence are barred by § 230(c)(1) of the CDA.
II. STANDARD OF REVIEW
This Court reviews a district court's grant of judgment on the pleadings under Rule 12(c) de novo. See Brittan Commc'ns Int'l Corp. v. Sw. Bell Tel. Co., 313 F.3d 899, 904 (5th Cir. 2002); Hughes v. The Tobacco Inst., Inc., 278 F.3d 417, 420 (5th Cir. 2001). A motion for judgment on the pleadings under Rule 12(c) is subject to the same standard as a motion to dismiss under Rule 12(b)(6). Johnson v. Johnson, 385 F.3d 503, 529 (5th Cir. 2004) (citing Great Plains Trust Co. v. Morgan Stanley Dean Witter Co., 313 F.3d 305, 313 n. 8 (5th Cir. 2002)). "[T]he central issue is whether, in the light most favorable to the plaintiff, the complaint states a valid claim for relief." Hughes, 278 F.3d at 420 (internal quotations omitted). Although we must accept the factual allegations in the pleadings as true, id., a plaintiff must plead "enough facts to state a claim to relief that is plausible on its face." Bell Atl. Corp. v. Twombly, ___ U.S. ___, 127 S.Ct. 1955, 1974, 167 L.Ed.2d 929 (2007).
In October 1998, Congress recognized the rapid development of the Internet and the benefits generated by Web-based service providers to the public. See 47 U.S.C. § 230(a) (acknowledging that "interactive computer services offer a forum for a true diversity of political discourse, unique opportunities for cultural development, and myriad avenues for intellectual activity" and have "flourished . . . with a minimum of government regulation"). In light of its findings, Congress enacted the CDA for several policy reasons, including "to remove disincentives for the development and utilization of blocking and filtering technologies that empower parents to restrict their children's access to objectionable or inappropriate online material." Id. § 230(b)(4). To achieve that policy goal, Congress provided broad immunity under the CDA to Web-based service providers for all claims stemming from their publication of information created by third parties, referred to as the "Good Samaritan" provision. Id. § 230(c)(1) ("No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider."). Indeed, "[n]o cause of action may be brought and no liability may be imposed under any State or local law that is inconsistent with this section." Id. § 230(e)(3).
Courts have construed the immunity provisions in § 230 broadly in all cases arising from the publication of user-generated content. See, e.g., Green v. Am. Online (AOL), 318 F.3d 465, 471 (3d Cir. 2003); Carafano v. Metrosplash.com, Inc., 339 F.3d 1119, 1123-24 (9th Cir. 2003); Batzel v. Smith, 333 F.3d 1018, 1030-31 n. 19 (9th Cir. 2003); Ben Ezra, Weinstein, Co. v. Am. Online Inc., 206 F.3d 980, 984-86 (10th Cir. 2000); Zeran v. Am. Online, Inc., 129 F.3d 327, 330-31 (4th Cir. 1997). For example, the Ninth Circuit held that a Web-based dating-service provider was not liable when an unidentified party posted a false online personal profile for a popular actress, causing her to receive sexually explicit phone calls, letters, and faxes at her home. Carafano, 339 F.3d at 1122. Acknowledging that the immunity provision in § 230(c)(1) of the CDA causes "Internet publishers [to be] treated differently from corresponding publishers in print, television and radio," id. at 1122, the Ninth Circuit held that "[u]nder § 230(c), . . . so long as a third party willingly provides the essential published content, the interactive service provider receives full immunity regardless of the specific editing or selection process." Id. at 1124.
Similarly, the Fourth Circuit dismissed a plaintiffs claims on the pleadings, holding that the CDA protects Web-based service providers from liability even after the provider is notified of objectionable content on its site. See Zeran, 129 F.3d at 333. The plaintiff in Zeran sued an Internet service provider for failing to remove upon notice a false advertisement offering shirts featuring tasteless slogans relating to the 1995 bombing of the Oklahoma City Federal Building and instructing interested buyers to call the plaintiff to place orders. Id. at 329. After analyzing the immunity provision of § 230, the Fourth Circuit wrote:
If computer service providers were subject to distributor liability, they would face potential liability each time they receive notice of a potentially defamatory statement — from any party, concerning any message. . . . Because service providers would be subject to liability only for the publication of information, and not for its removal, they would have a natural incentive simply to remove messages upon notification, whether the contents were defamatory or not. Thus, like strict liability, liability upon notice has a chilling effect on the freedom of Internet speech. . . . Because the probable effects of distributor liability on the vigor of Internet speech and on service provider self-regulation are directly contrary to § 230's statutory purposes, we will not assume that Congress intended to leave liability upon notice intact.
Id. at 333.
Parties complaining that they were harmed by a Web site's publication of user-generated content have recourse; they may sue the third-party user who generated the content, but not the interactive computer service that enabled them to publish the content online. See id. at 330-31 ("None of this means, of course, that the original culpable party who posts defamatory messages would escape accountability. . . . Congress made a policy choice, however, not to deter harmful online speech through the separate route of imposing tort liability on companies that serve as intermediaries for other parties' potentially injurious messages.").
The Does appear to agree with the consensus among courts regarding the liability provisions in § 230(c)(1). They argue, however, that their claims against MySpace do not attempt to treat it as a "publisher" of information; therefore, they argue that § 230 does not immunize MySpace from their claims and state tort law applies in full effect. The Does attempt to distinguish their case from Carafano, Zeran, and other contrary authority by claiming that this case is predicated solely on MySpace's failure to implement basic safety measures to protect minors. The district court rejected the Does' argument, stating:
The Court, however, finds this artful pleading to be disingenuous. It is quite obvious the underlying basis of Plaintiffs' claims is that, through postings on MySpace, Pete Solis and Julie Doe met and exchanged personal information which eventually led to an in-person meeting and the sexual assault of Julie Doe. If MySpace had not published communications between Julie Doe and Solis, including personal contact information, Plaintiffs assert they never would have met and the sexual assault never would have occurred. No matter how artfully Plaintiffs seek to plead their claims, the Court views Plaintiffs' claims as directed toward MySpace in its publishing, editorial, and/or screening capacities.
Doe v. MySpace, Inc., 474 F.Supp.2d 843, 849 (W.D.Tex. 2007).
The Does do not present any caselaw to support their argument. In fact, they rely upon the same line of cases listed above but point to § 230(c)(1)'s grant of immunity to publishers of third-party content as evidence that their claims are somehow different. Other courts, however, have examined pleadings similar to the Does' and have reached the same conclusion as the district court. For example, in Green, the plaintiff sued a Web-based service provider after he received a computer virus from a third party and endured derogatory comments directed at him by others in an online "chat room." 318 F.3d at 469. He made a failure-to-protect argument similar to the Does', claiming that "AOL waived its immunity under [§] 230 by the terms of its membership contract with him and because AOL's Community Guidelines outline standards for online speech and conduct and contain promises that AOL would protect [him] from other subscribers." Id. at 471. The Third Circuit, however, dismissed the claims as barred by § 230, after recharacterizing the plaintiff's claims:
There is no real dispute that Green's fundamental tort claim is that AOL was negligent in promulgating harmful content and in failing to address certain harmful content on its network. Green thus attempts to hold AOL liable for decisions relating to the monitoring, screening, and deletion of content from its network — actions quintessentially related to a publisher's role. Section 230 "specifically proscribes liability" in such circumstances.
Id. (quoting Zeran, 129 F.3d at 333).
Green demonstrates the fallacy of the Does' argument. Their claims are barred by the CDA, notwithstanding their assertion that they only seek to hold MySpace liable for its failure to implement measures that would have prevented Julie Doe from communicating with Solis. Their allegations are merely another way of claiming that MySpace was liable for publishing the communications and they speak to MySpace's role as a publisher of online third-party-generated content.
The Does further argue for the first time on appeal that MySpace is not immune under the CDA because it partially created the content at issue, alleging that it facilitates its members' creation of personal profiles and chooses the information they will share with the public through an online questionnaire. The Does also contend that MySpace's search features qualify it as an "information content provider", as defined in the CDA: "The term `information content provider' means any person or entity that is responsible, in whole or in part, for the creation or development of information provided through the Internet or any other interactive computer service." 47 U.S.C. § 230(f)(3).
Nothing in the record, however, supports such a claim; indeed, Julie admitted that she lied about her age to create the profile and exchanged personal information with Solis. In the February 1, 2007 hearing before the district court, the Does admitted that Julie created the content, disclosing personal information that ultimately led to the sexual assault, but stressed that their cause of action was rooted in the fact that MySpace should have implemented safety technologies to prevent Julie and her attacker from meeting:
THE COURT: I want to get this straight. You have a 13-year-old girl who lies, disobeys all of the instructions, later on disobeys the warning not to give personal information, obviously, [and] does not communicate with the parent. More important, the parent does not exercise the parental control over the minor. The minor gets sexually abused, and you want somebody else to pay for it? This is the lawsuit that you filed?
MR. ITKIN [Counsel for the Does]: Yes, your Honor.
. . . .
MR. ITKIN: The first point is we're not complaining about any of the content that was transmitted between Julie Doe and Pete Solis. Our complaint is [that] the two of them never should have been able to meet because MySpace could have implemented technology very simple and technologically — not simple but technologically and inexpensive age verification software that has been asked for by attorneys general before the lawsuit happened, or even done the things they did right after the filing of the lawsuit that would have prevented these two people from ever meeting. We wanted to keep the foxes out of the hen house. That's the first thing, your Honor, is that we're not complaining about, the content.
Throughout the hearing, the Does stated they had one argument — that MySpace was negligent for not taking more precautions:
MR. ITKIN: Pete Solis is liable for an assault. But what we're trying to hold MySpace liable for isn't the publishing of a phone number but, rather, we're trying to hold MySpace responsible for not putting in the safety precautions to keep the two of them separated.
. . . .
THE COURT: Now, I've heard all of your arguments on the negligence and the duty. Now the duty is something that's bothering me and that's my next question to you. But as I read your pleadings, they are just wholly inapplicable to the Federal Rules of Procedure on fraud. You've got no specific fraud here. And on your negligent misrepresentation, that's just a rehash of what you're already doing. So we're really talking about one cause of action, and that is a negligence cause of action. You keep nodding. Do you agree with that?
MR. ITKIN: I think that is a fair recommendation, a fair statement.
. . . .
MR. ITKIN: Thank you. Your Honor we are not — and I want to be very clear about this. We are not complaining about any of the content that was exchanged between Julie Doe and Pete Solis. We understand that that is something we cannot complain about. Our complaint is only that these two should have never been allowed to find each other, anyways, if reasonable safety pre-cautions were put in place. And under congressional law and, we believe, Texas common law, that's enough to state a claim.
Although the Does' complaint alleged that MySpace allowed or encouraged members to post information after a member's profile had been created, counsel for the Does reiterated in the hearing time and again that they had no complaints or allegations regarding the content of the information posted by Julie or exchanged between Julie and Solis. It appears that the reference to MySpace's solicitation of information was solely used to set up the Does' argument that MySpace failed to protect Julie by declining to implement age-verification software:
THE COURT: But your client violated every single thing that MySpace says to do.
MR. ITKIN: Which is your Honor — and true. That is correct, your Honor. But I will say that that's a known risk to MySpace. And that's not just me saying it, that's the Attorney General saying it.
THE COURT: Everyone knows people lie. So therefore, should you be liable?
MR. ITKIN: No, your Honor. But when you know of the risk and you know that the people — there's potential for lying, all you need to do is put some basic safety mechanisms in place to prevent — or to circumvent the lying.
THE COURT: So you've got the Attorney General of the United States saying . . . don't put your credit card on the internet, but you want them to do it to get a free space. That's one of the things.
MR. ITKIN: That's one of the things.
THE COURT: Then a driver's license. Do you know how many people I sentence here every Friday that have a fake driver's license?
MR. ITKIN: I can imagine a lot, your Honor.
. . . .
MR. ITKIN: What we really want, your Honor, is there's a company out there — I'll give you an example of one of the companies out there called Aristotle. Aristotle through public databases if you enter your name, your zip code, and your birth year can come back with, hey, this person's real; or you can enter an e-mail and have verification. So there's some things to do that are less intrusive as far as giving people your driver's license or your Social Security number.
. . . .
MR. ITKIN: Your Honor, because if [MySpace] had the age verification software in place, [Julie and Solis] never would have talked in the first place. They never would have known about each other.
At no time before filing their appeal in this Court did the Does argue that the CDA should not apply to MySpace because it was partially responsible for creating information exchanged between Julie and Solis. Because the Does failed to present this argument to the district court, they are barred from making this argument on appeal. See Stokes v. Emerson Elec. Co., 217 F.3d 353, 358 n. 19 (5th Cir. 2000) ("Arguments not raised in the district court cannot be asserted for the first time on appeal."); Brown v. Ames, 201 F.3d 654, 663 (5th Cir. 2000) ("To avoid being waived, an argument must be raised to such a degree that the trial court may rule on it." (internal Quotations omitted)). We therefore hold, without considering the Does' content-creation argument, that their negligence and gross negligence claims are barred by the CDA, which prohibits claims against Web-based interactive computer services based on their publication of third-party content. 47 U.S.C. § 230(c)(1), (e)(3). Because we affirm the district court based upon the application of § 230(c)(1), there is no need to apply § 230(c)(2), or to assess the viability of the Does' claims under Texas common law in the absence of the CDA.
The judgment of the district court is AFFIRMED.