CRM Software Vendor Didn’t Qualify for Section 230–Tan v. Konnektive

This is a complex consumer protection lawsuit with dozens of defendants. This early-stage opinion is 62 pages. The case involves allegedly bogus “free trial” programs for cosmetics. The plaintiff alleges that she was duped into signing up for a free trial; she instead got billed for way more than she expected, plus she got signed up for a subscription service she didn’t want.

I’ll focus only on a sliver of the case. The plaintiff sued Konnektive and various related parties for providing CRM services to the scheme. In particular, “Plaintiff alleges that the Konnektive Defendants provide back-end CRM software that enables ‘load balancing’ across various merchant accounts.” This “load balancing” allegedly made it harder for credit card companies to detect and stop the high chargebacks.

The Konnektive defendant defended on Section 230 grounds. The court recounts the plaintiff’s allegations:

She alleges that every time a customer made a purchase on the La Pura websites, the Konnektive software selected which merchant ID (“MID”) to bill the customer with based on which MID was most likely to be flagged for fraud. She alleges this load balancing software is critical to the fraudulent scheme, as without it the fraudulent transactions would be discovered by banks and credit card companies and the merchant accounts would be shut down. She also alleges that the Konnektive Defendants’ load balancing software is designed to enable its clients to commit unlawful and fraudulent conduct of the type she alleges and identifies a warning on the Konnektive website to that effect.

The court concludes: “Plaintiff has sufficiently alleged that the Konnektive Defendants are not merely providing ‘neutral tools’ that others exploit for their own unlawful purposes, but rather are materially contributing to the alleged unlawful conduct.”

Reading this opinion triggered several conflicting feelings:

Point#1: CRM software vendors (whether they provide software or SaaS) generally shouldn’t be liable for bad customer behavior. As demonstrated by the uncited Doe v. Salesforce case, Section 230 can protect CRM vendors. See also Goddard v. Google, where Section 230 protected Google for third-party advertising of fraudulent ringtones.

Point #2: When a backend technology vendor actively abets a fraud, Section 230 should not protect the abetting. See, e.g., FTC v. LeadClick. However, it might still apply to other claims that are predicated on third-party content.

Point #3: When a service is abetting fraud, it’s not always easy to explain why Section 230 doesn’t apply. See, e.g., the uncited Swift v. Zynga case, which also dealt with back-end support for fraudulent ad campaigns but garbled the Section 230 discussion, and Faegin v. LivingSocial. The court does OK here. I’ve never been a fan of the “neutral tools” phrase, because no tools are ever truly neutral. Saying that the defendants allegedly materially contribute to unlawful conduct makes more sense (copying language from, and honestly that may be all that needs to be said.

Of course, the “material contribution” still needs to be proved. Many vendors won’t meet this threshold, and I can imagine legitimate reasons for the alleged load-balancing.

Regardless of this case’s final disposition, as readers of this blog surely know, “free trials” are rarely a good deal for consumers. The “caveat emptor” phrase comes to mind–you should assume the backend of the transaction will be messy unless and until the vendor proves otherwise.

Case citation: Tan v. Quick Box, LLC, 2020 WL 7226440 (S.D. Cal. Dec. 8, 2020). The complaint.