In a split opinion, a majority says this TOS formation failed:

Zeus chose to bury the page containing that agreement behind a hyperlink that itself was written in small, gray text that Tejon did not have to click. This text was located beneath large, red action buttons that Tejon did have to click. Was the hyperlink text enough to put Tejon on notice that clicking on the large, red buttons would subject him to binding arbitration? We find that it was not.

* * *

As usual, the majority starts with the wrap taxonomy. The majority says that there are only two wrap options: clickwrap or browsewrap. I wish there were zero nodes on the wrap taxonomy, but if we’re going to have a taxonomy, two nodes is too few to capture the diversity of TOS formation practices. Importantly, the majority doesn’t leave room to categorize the screen as a “sign-in-wrap,” which is how I think it would be how other circuits characterize it.

With only two choices, the majority says this TOS formation process is a “browsewrap.” (The dissent says the “parties agree that Zeus’s subscription page is a browsewrap agreement,” so the problem may lie in Florida/11th Circuit law forcing the binary choice). Once that wrap characterization is made, it’s pretty well accepted that browsewraps aren’t enforceable. In practice, the majority closely followed the Berman opinion from California, which was a sign-in-wrap opinion, and the majority had many other sign-in-wrap precedents to consider if it went looking. #EndTheWrapTaxonomy.

Despite the wrap tangent, the majority proceeds with the standard approach of reviewing whether the TOS disclosure was sufficiently conspicuous. The majority says no.

• “Zeus placed [the hyperlink] beneath two large, red action buttons that were prominently featured at the center of the page.”
• “Zeus’s terms of service hyperlink is printed in a small font on the bottom half of the page. It is easy to overlook given the larger font sizes and bolder colors of other elements on the page.”
• “all the text below the red action buttons, including the hyperlinked terms, appears in a dim, gray color.” The “dim” color phrase reminds me of the Chabolla reference to “timid” fonts.
• The underlined text was indistinguishable from the other text, and “Zeus’s hyperlink is not highlighted in a different color and is not in all capital letters.” CAPITAL LETTERS…SERIOUSLY?
• “Zeus’s terms of service notice simply does not say anything about arbitration. It would have been simple enough for Zeus to state plainly that clicking on one of the red buttons would subject any dispute between the user and Zeus to binding arbitration….Zeus chose instead to place the provision on a separate terms of service page. Having made that choice, it was required to design its website to ensure that a reasonable user would know to click to view the terms of service page, and it failed to do so.” Ugh, I’ve complained many times about this problem with layered notice. A court can always second-guess that the layered notice should have included the thing that is being contested by the plaintiff. This makes layered notices impossible because the top layer has to reference every possibly challengable term, which is all of them.

Notice that the majority doesn’t engage with the transaction context, another key part of the Ninth Circuit Chabolla/Godun tests. In general, the Ninth Circuit presumes that consumers signing up for a subscription will expect terms to govern their ongoing relationship. The majority doesn’t consider that possibility.

The majority summarizes:

None of the things that we have discussed—location on the page, font size, contrasting color, capital letters, underlining, informational content, and so forth—is individually required to pass a conspicuousness assessment. The point of these design elements is to place a reasonably prudent internet user on notice of the agreement at issue. The internet site owner may utilize some combination of these elements, or perhaps something else entirely, to bring attention to the agreement. Even better, the owner could use a clickwrap agreement. But Zeus chose to do none of this.

Judge Branch, a TAFS judge, dissented. She says the “hyperlink was centrally positioned directly beneath the action buttons, where the user’s attention is easily drawn; colored in light gray to contrast with the black background; underlined; appeared the same size as most of the text on the page; and set apart from a block of text below. A reasonably prudent person would not have missed it.”

(As usual, there was zero empirical support from either the majority or dissent for any assessment of what a reasonable consumer would think).

* * *

This ruling brings to mind the lament of Judge Bybee in the Chabolla decision: “Our decision today will drive websites to the only safe harbors available to them, the clickwrap or scrollwrap agreements.” You’ve been warned (repeatedly).

Case Citation: Tejon v. Zeus Networks, LLC, Case No. 24-11114 (11th Cir. May 1, 2026)

BONUS: U.S. v. Blocker, No. 25-1536 (7th Cir. May 5, 2026)

the fact that a contract is lengthy and poorly understood does not justify reading it with a thumb on the scale. The language of this contract unambiguously permits Dropbox to scan all files at its option and reveal the contents for five specified purposes—and Blocker does not deny that, having discovered child porn, one or more of these purposes applies.

The post 11th Circuit Rejects TOS Formation–Tejon v. Zeus appeared first on Technology & Marketing Law Blog.

The court contextualizes the case:

Intellectual property lawsuits like this one have flooded the Northern District of Illinois. In a typical case, the IP holder files trademark or copyright infringement claims against multiple foreign merchants selling goods on e-commerce platforms like Amazon or Etsy. The plaintiff joins the defendants in a single lawsuit, identifying them in a sealed document attached to the complaint as “Schedule A,” a practice that gives this increasingly common and controversial form of litigation its name. Before defendants are served, a Schedule A plaintiff seeks an emergency temporary restraining order, prejudgment restraint on the defendants’ assets, and electronic service of process, all ex parte. Often, defendants never respond or stop participating in litigation, so the district court must enter default and award statutory damages to the plaintiff with little or no information about the extent of the infringement.

This case follows much of the typical Schedule A playbook. Since 2017, China-based Huajie has sold clothing under the “bellelily” trademark on the website www.bellelily.com. In 2021, Leyibei, also based in China, began selling similar clothing on its similarly named website, www.bellelliy.com. (The “I” and an “L” are transposed in the two names.)

The panel clearly knows about the SAD Scheme, even though it hasn’t heard many appeals yet. For example, the judges already know that SAD Scheme cases are “flooding” the court system and are “controversial.”

Note that this case involves two Chinese litigants fighting in U.S. courts. That is a thing nowadays. Apparently, the Chinese vendors have adopted the philosophy “if you can’t beat ’em, join ’em.” The SAD Scheme gives them another tool to attack their competition. On the plus side, I guess the U.S. is exporting its litigation norms to foreigners. On the minus side, foreign competitor-on-competitor litigation sometimes has nothing to do with protecting U.S. consumers from harmful “counterfeits.” As the stereotype goes, the Chinese are skilled at copying U.S. innovations, and I guess the copiable innovations include the SAD Scheme.

Unlike many SAD Scheme cases, the defendant initially showed up to contest this lawsuit. However, by the time the rightsowner requested summary judgment, the defendant stopped participating.

As a result, the defendant defaulted, and the rightsowner submitted a proposed final judgment. The rightsowner’s proposed order was “barebones” and didn’t justify the rightsowner’s damages request. As a result, the lower court judge issued a final judgment that said the defendant’s infringement was willful and approved an injunction. However, instead of the rightsowner’s requested damages of $2M for willful trademark counterfeiting and $100k for cybersquatting, the district court–without explaining the decision–only awarded the mininum damages for each claim, i.e., $1k each claim, for a total of $2k. DOINK.

The rightsowner appealed the district court’s minimum damages award to the Seventh Circuit. The defendant didn’t show up to contest the appeal, so the rightsowner’s advocacy was completely unrebutted. And yet…the rightsowner still found a way to lose. DOINK AGAIN.

The per curiam opinion summarizes: “it may be better practice for district courts to briefly explain their reasoning in cases like this, but we decline to give Huajie a second bite at the apple.”

The opinion explains:

Huajie failed to offer evidence or arguments in favor of maximum damages, so the district court did not err by failing to offer a robust explanation of its ruling. Huajie argues that the district court should have circled back to its motion for summary judgment to search for support for its damages award. But it was Huajie’s job to make its case for maximum damages on default to the district court, not the court’s job to search through the record for support…

After the district court entered default, Huajie needed to offer evidence and arguments in support of the damages award. But…its proposed order, unaccompanied by any contemporaneously filed motion for entry of default judgment, lacked any rationale to support the maximum award. Although Huajie sought maximum statutory damages in its earlier motion for summary judgment—arguing that only a substantial award could compensate it for its losses and deter future misconduct—it failed to direct the court to those earlier arguments. So Huajie invited the consequence of which it now complains…

we affirm on a basis obvious from the record: nothing immediately available to the district court was adequate to support a $2 million award.

Because Huajie failed to establish its entitlement to the considerable damages it requested, we uphold the district court’s award of minimum statutory damages. We also take this opportunity to remind litigants that the race is not over after the entry of default. A plaintiff with a default in hand still must support a request for damages with evidence and argument.

Judge Pryor dissents in an opinion that recaps a lot of the same material as the per curiam opinion, suggesting that Judge Pryor hoped to write the majority opinion. She says there’s not enough substance in the district court’s judgment to permit the appellate court to evaluate if the district court judge exercised his discretion properly:

The [district court’s] order does not explain how and why the district court landed on its statutory damages award for willful trademark infringement ($1,000) or cybersquatting ($1,000), and nothing else in the record provides any hints. There’s simply no indication the district court exercised its discretion…

a district court must provide some explanation to support its exercise of discretion in fashioning an award of damages to satisfy due process and facilitate appellate review, even in Schedule A litigation regarding statutory damages

For that reason, Judge Pryor would have remanded the case so the lower court judge could explain the damages amounts.

Created by ChatGPT April 2026

I hear the point raised by Judge Pryor. Judicial rulings without explanations leave everyone scratching their head and stymie appellate review. For example, you may recall the avoidable drama created when the Fifth Circuit lifted the stay on Texas’ Social Media Censorship Act without issuing an opinion, making it virtually impossible to challenge at the Supreme Court. (The Supreme Court eventually eviscerated that law). However, in this case, the per curiam opinion persuasively explained that “Huajie invited the consequence of which it now complains” and doesn’t deserve a second bite at the apple.

When the dust settled, the rightsowner walks away with a whopping $2k in damages from this defendant, which is surely a substantial financial loss in light of the appeal costs. However, it also got an injunction, which may or may not be valuable.

* * *

It’s a bummer the Seventh Circuit once again didn’t substantively address the overall viability of the SAD Scheme. As I’ve repeatedly complained, the merits of SAD Scheme cases will rarely reach the appellate courts. The appellate courts’ silence helps the scheme persist.

At the heart of this appeal are two interrelated issues:

1) The rightsowner cut corners on its advocacy, not supporting its proposed final judgment with a rationale that the judge could rely on, and

2) The lower court judge (Judge Seeger, a savvy judge about SAD Scheme abuses) cut corners on issuing the final judgment. This might be the result of the extreme workloads that SAD Scheme cases impose on judges and/or the rightowner’s weak advocacy.

In my opinion, it’s always noteworthy when a plaintiff loses unopposed cases, because they are almost certain to win if they simply make a proper showing of their legal rights. Each time I wonder how they blew the layup.

Case Citation: Shenzhen Huajie Technology Co., Ltd. v. Shenzhen Leyibei Technology Co., Ltd., No. 25-2659 (7th Cir. April 29, 2026). The rightsowner’s lawyers were Adam Edward Urbanczyk and Brian M. Swift of AU LLC.

The post SAD Scheme Plaintiff Gets Default Win But Blows the Layup on Damages–Shenzen Huajie v. Shenzen Leyibei appeared first on Technology & Marketing Law Blog.

In an effort to avoid that graveyard of litigation, the plaintiff tried the trespass to chattels doctrine. But….um…exactly how does a browser extension trespass any chattel controlled by the retailer? The retailer’s answer (I shit you not, I would not make up shit like this):

superimposing the Price Comparison Tool over other content on the S&S Site trespasses on valuable digital real estate that S&S has expended time, resources, and effort to make aesthetically and functionally appealing to its customers (emphasis added)

Holy mixed metaphors….”digital real estate”!

This lawsuit would be mockable at any time, but its mockability skyrockets in the wake of the Best Carpet Values v. Google decision, which essentially rejected a functionally identical “trespass to web pages” argument.

Sticking closely to the Best Carpet Values decision, the court tells the plaintiff:

the alleged “trespass” is not to any aspect of S&S’s website that is in its possession. Rather, S&S alleges that Defendants’ Price Comparison Tool alters the appearance of S&S’s website in a consumer’s web browser on the consumer’s computer. S&S does not allege that it possesses the consumer’s browser or computer. And S&S cites no authority that it possesses, or has any property interest in, the appearance of its website on a third party consumer’s browser or computer.

The plaintiff tried to obfuscate this issue by arguing that trespass to chattels can apply to intangible property–a slightly true but deeply problematic statement. As I’ve repeatedly explained, if the definition of “chattels” mean intangibles–i.e., the antonym of “chattels”–then trespass to chattels morphs into a doctrine of “trespass to plaintiff’s butthurt feelings,” and the law implodes on itself.

The court doesn’t take this bait. Instead, like the Best Carpet Values decision, the judge observes that by the time the browser extension modifies the retailer’s web page, the digital bits are no longer in the retailer’s “possession.” I would much prefer courts define chattels to categorically preclude debates over its applicability to intangibles, but the court’s logic gets the job done.

There’s nothing left for the retailer to complain about:

Defendants are not alleged to have intercepted and altered S&S’s website transmission such that it was impossible for any consumer to view S&S’s website as S&S intended. Rather, Defendants provided a tool that consumers could decide to use to view S&S’s website in a way chosen by the consumer once the website transmission was in the consumer’s possession. S&S has no property right in the consumer’s internet viewing decisions.

Furthermore, the alleged act of “trespass” identified by S&S is an action taken by the consumer, not by the Defendants. The action S&S alleges constitutes “trespass” is the appearance of Defendants’ Price Comparison Tool superimposed on S&S’s website. But it is the consumer who decides whether to enable the Price Comparison Tool on their computer. To the extent enabling the Price Comparison Tool constitutes a trespass, Defendants aren’t the ones committing it.

In a sense, the court’s ruling is pro-user. The plaintiff is essentially claiming that it alone determines the canonical view of the website. However, websites are viewed on a wide range of devices and browsers, all of which the user chooses, so web pages don’t have any canonical version that the law can recognize. The court’s decision seemingly lets users, not the website, choose which technologies they want to use to access a website.

And yet, this passage also implies that perhaps the retailer could sue the users for trespass to its valuable digital real estate for marring its beautiful and canonical web page. As stupid as that sounds, such a claim would not be materially worse than the claim rejected here.

Case Citation: S&S Activewear LLC v. Promo Hunt, Inc., 2026 U.S. Dist. LEXIS 91156 (N.D. Ill. April 23, 2026). The complaint. Per the complaint, this lawsuit addressed more topics that just trespass to chattels. Still, three lawyers from Sidley & Austin–traditionally, one of the most prestigious law firms in the country–signed off on the phrase “trespasses on valuable digital real estate.” Surely that will be a peak moment of their legal careers. A note about my time at Sidley & Austin.

The post Plaintiffs Are Still Litigating–and Losing–Website Framing Cases (S&S v. Promo Hunt) appeared first on Technology & Marketing Law Blog.

Embed/in bed

The central question in the case is whether embedding is infringing. We don’t get an answer to that question. XXL chose to defend the case on other grounds at the district court, so it’s not at issue in the appeal. As a result, the panel assumes “for the purposes of this appeal, that embedding constitutes actionable use.”

[Note: normally my blog coverage would include a screengrab of one of the videos in question so you could see the content at issue in this dispute. Given this ruling, I worry I’ll join the defendant list if I do so. More chilling effects from legal uncertainty.]

Fair Use of Jordan Video

Nature of Use–Transformativeness

The court questions the transformativeness of XXL’s embedding:

Townsquare republished the Jordan Video in a news article describing a controversy surrounding the video, Townsquare’s reporting at times appears more focused on the mere existence and presentation of the video itself. No place is that more evident than in the article’s headline. Instead of referring to any of the article’s commentary, the headline presents the video as the article’s primary draw: “Michael Jordan Intervenes in Heated Confrontation Involving Wack 100 in Viral Video from 2015 —Watch.” The article then opens by explaining that the DailyLoud had posted the video on X just one day prior. That is the extent of the article’s discussion of the video’s online circulation. It moves on to describe the incident depicted in the video, but that portion of the article simply describes what viewers of the video can see for themselves….

there is a difference between gesturing towards a transformative message and actually communicating that message. Here, Townsquare’s commentary was limited to a few sentences explaining that a third party had republished the video and opined that an individual who does not appear in it was Charleston White. Notably, the article does not identify anything in the video that would corroborate that speculation for the viewer; instead it relies on the unexplained say-so of the DailyLoud’s post. It is therefore debatable whether the article meaningfully communicated any new commentary about the video (which could justify its copying) or instead merely summarized commentary about the fight depicted and relied on the video solely as an illustrative aid (in which case the copying served little transformative function)

Despite these musings, the court doesn’t definitively resolve the transformativeness question, saying the other factors negate fair use.

Nature of Use–Commerciality

“Townsquare is a for-profit entity, a fact that weighs against fair use….Townsquare ran advertising alongside its embedded depiction of the Jordan Video, but classic legacy news media such as newspapers, news magazines, and commercial television stations did, and do, the same.”

The court decides the nature of use factor is at best neutral.

Nature of Work

“The Jordan Video was largely factual, and, as Richardson concedes, did not involve meaningful creative choices. That Richardson was fortunate to be in the right place at the right time to record Jordan’s unexpected intervention does not make the work creative.” The court says this factor weighs in favor of fair use but “plays a minimal role in the fair-use assessment.”

Amount Taken

XXL republished the entire video, which it said was required by the embedding. The panel questions the necessity:

Townsquare could have, for example, republished the text of the post along with a portion of the video. Or it could have taken a screenshot of the post with a still of the video (as Townsquare did for the article’s headline). Or it could have simply reported on the controversy and included a hyperlink to the post, forgoing any reproduction of the video. While embedding the post may have been more expedient for Townsquare, nothing compels a conclusion (and certainly not at this stage) that embedding the post and, with it, the entire video was reasonable in relation to Townsquare’s limited news reporting.

I guess the panel is really that willing to second-guess XXL’s editorial processes? And the court says XXL could have taken a video screengrab instead of embedding the whole video, but later in the opinion it doesn’t resolve whether that screengrab would itself be infringing, so…is that a non-infringing option or not?

XXL also argued that viewers needed to see the entire video to evaluate its hypothesis about who’s in the video. The court responds that the person at issue never appears in the video (only off-camera).

XXL also argued that embedding allowed its audience to see the original comments. The court responds that XXL could have just done summary reporting of that information.

Instead, the court says “Perhaps discovery may offer further editorial or technological justification for Townsquare’s decision to use the entirety of the video.” Sounds expensive.

Market Effect

The court says this is the “most important” fair use factor.

The court says Richardson’s complaint didn’t make clear what the market for the video is. The court rewards this pleading omission: “Townsquare cannot decisively demonstrate the absence of an effect of its use of the Jordan Video on the market for the original video based on the allegations in a complaint that say little or nothing about the nature of that market.” It’s true that the defense has the burden to establish fair use, but the panel also rewards plaintiff drafting gamesmanship.

Without any guidance from the complaint, the panel then veers into speculation-land:

It is entirely unclear that a viewer of Townsquare’s story would gain anything from watching a version of the Jordan Video unencumbered by Townsquare’s reporting, advertising, and the X post text and border. And if viewers are unlikely to gain anything, they would have little reason to seek out the Jordan Video from Richardson. And without viewers, Richardson would experience market harm either by lost advertising revenue (if, like Townsquare, he had published the video online) or lost rental or purchase revenue (if he provided the video directly to consumers).

I can’t tell if the initial X poster (DailyLoud) was authorized or not. If it was an authorized post to X, then odds are that the X posting wouldn’t generate any of these revenues, in which case the court’s discussion is both hypothetical and wrong.

The court summarizes its view on the market effect at early litigation stages: “because Townsquare has not shown that its use of the Jordan Video is not a market substitute for the Jordan Video itself, the fourth statutory factor weighs against fair use.”

Summary of Fair Use

To whatever extent Townsquare’s use of the Jordan Video is transformative (if at all), that fact is outweighed by Townsquare’s decision to republish the entire video. That choice rendered its use of the video a plausible market substitute for the video itself. Discovery may further explicate the relevant market factors, and thus demonstrate that Townsquare’s use of the full video was reasonably justified or that customers interested in watching the video would still seek out the original to avoid the article’s text and advertising

As this passage indicates, XXL could still win fair use–it will just take more time and money to find out. But notice how the court had to twist the factors to make them (other than the amount taken) actually weigh against fair use. Perhaps reflecting the pleading burdens, the court was extraordinarily charitable to the plaintiff–almost certainly more than the plaintiff deserved. This is how bad cases survive in court longer than they should.

Screenshots as Infringement

The lower court said the screengrabs were de minimis copying. The court says that doctrine doesn’t apply because “By taking screenshots, Townsquare made literal copies of video “frames” and incorporated those copies into its articles.” The court sees the de minimis exception quite narrowly: “we have typically found de minimis use where the defendant’s inclusion of the copyrighted work was incidental or unidentifiable in the secondary work.” In contrast, “Townsquare prominently displayed the screenshots, which are clearly recognizable as taken from the embedded videos (as Townsquare intended them to be), to communicate the subject matter of its articles.”

The court doesn’t address fair use for the screengrabs because the lower court didn’t rule on that topic. Nevertheless, the court cautions the lower court that “fair-use analysis is generally ill-suited to the pleading stage.”

It’s truly mind-blowing to believe that it could be infringing to display a screengrab from a video when discussing the video. I expect courts will bless the republication of screengrabs eventually, but not using the de minimis doctrine.

Permission to Embed the Melle Mel Video

Art of Dialogue uploaded the Melle Mel video to YouTube. YouTube’s upload TOS expressly authorizes third-party embedding, which seemingly extends permission to XXL. Richardson said the court couldn’t consider these facts, but the court responds that Richardson:

does not, for example, assert that the Melle Mel Video was uploaded onto YouTube without his consent or that the version of the Terms that Townsquare attached was in any way inaccurate. Had he done so, the resulting factual dispute would have rendered the Terms premature for consideration at the pleading stage. But his failure to do so confirms that he sought to rely on “clever drafting” to render his complaint “invulnerable to Rule 12[c].”

A reminder that the court just accepted similar “clever” drafting in the fair use considerations…so I guess pleading cleverness only works sometimes? Also, the court saying that all Richardson had to do was contest the initial upload authorization or the TOS terms (which they would only do in good faith per Rule 11–wink wink) and the court would survive the case to summary judgment provides plaintiffs with yet more leverage.

To the extent that XXL didn’t comply with any conditions from YouTube’s TOS embedding license, the court says that’s YouTube’s issue to enforce, not Richardson’s.

Implications

I could recapitulate this decision:

• The Second Circuit doesn’t like to decide fair use on motions to dismiss. (XXL requested judgment on the pleadings, but the court sidestepped the difference in stages by collapsing the two into a single “pleading stage”).
• The de minimis defense is a niche exception.
• Social media TOSes authorize third-party embedding. If the uploader had the permission to upload, then downstream embedders aren’t liable.

Stated this way, perhaps this opinion doesn’t look so bad.

However, the court’s reticence to resolve fair use early is problematic in light of Richard Liebowitz’s recent litigation rampage in Second Circuit-governed courts, where courts had to resolve fair use early to clear out his trash lawsuits. Rulings like this help copyright trolls and other copyright owners weaponize the litigation process and increase defense costs. Even if the lower court rules for Townsquare/XXL on remand, significant damage is done simply by letting unmeritorious cases get that far.

All of these litigation efforts could be avoided if the Second Circuit followed the Ninth Circuit’s approach to embedding, a question that wasn’t before this panel. In the 9th Circuit, embedding isn’t copyright infringement, so defendants don’t need to justify fair use or try to make the de minimis doctrine something more than it is. We’ve been waiting a long time for the Second Circuit to clarify its stance on embedding. Until then, we get rulings like this and expensive litigation cycles.

Similarly, we need stronger judicial pronouncements that screengrabs aren’t infringing. The entire meme and GIF ecosystem is riding on that issue.

Case Citation: Richardson v. Townsquare Media, Inc., 2026 WL 1097502 (2d Cir. April 23, 2026)

The post We Still Don’t Know the Second Circuit’s Position on Embedding and Copyright Infringement–Richardson v. Townsquare appeared first on Technology & Marketing Law Blog.

After the Supreme Court’s first and only CFAA decision in Van Buren v. US in 2021, I wrote that the Court “could have done 10% more work here and provided clarity on very key questions….[but SCOTUS] declined the opportunity to do so. In the end, there are remarkably few clear, declarative sentences in this opinion that provide guidance for future cases.”

The Court intentionally left open many key questions. And so it should come as no surprise that there has been an emerging doctrinal divergence related to key concepts with the CFAA. Perhaps most notably, Courts have been applying the concept of “technological harm” in the CFAA differently in different circuits.

In Van Buren, Justice Barrett wrote:

…§1030(a)(2) also gives rise to civil liability, §1030(g), with the statute defining ‘damage’ and ‘loss’ to specify what a plaintiff in a civil suit can recover. ‘[D]amage,’ the statute provides, means ‘any impairment to the integrity or availability of data, a program, a system, or information.’ §1030(e)(8). The term ‘loss’ likewise relates to costs caused by harm to computer data, programs, systems, or information services. §1030(e)(11). The statutory definitions of ‘damage’ and ‘loss’ thus focus on technological harms—such as the corruption of files—of the type unauthorized users cause to computer systems and data. Limiting ‘damage’ and ‘loss’ in this way makes sense in a scheme ‘aimed at preventing the typical consequences of hacking.’ Royal Truck, 974 F. 3d, at 760. The term’s definitions are ill fitted, however, to remediating ‘misuse’ of sensitive information that employees may permissibly access using their computers.

Van Buren v. United States, 141 S. Ct. 1648, 1659–60 (2021) (quoting 18 U.S.C. § 1030(e)(8), § 1030(e)(11)).

Multiple district courts, especially in SDNY and the Northern District of California, began to interpret Van Buren to demand that any CFAA “loss” be tethered to technological harm. Meanwhile, some other district courts read the statute to allow any claim to proceed that included an allegation that a plaintiff had investigated an offense and incurred $5,000 in so doing.

Where this comes up most consistently is in the context of an internal investigation related to alleged unauthorized access. Courts increasingly have disagreed about whether an internal investigation, untethered to “technological harm,” meets the standard for a qualifying loss under §1030(e)(11). While not quite rising to the level of a circuit split, lower courts in the 2d, 3d, and 9th Circuits have increasingly required specific pleading at the motion to dismiss stage to allege that the internal investigation posited as a “loss” was tethered to “harm to computer data, programs, systems, or information services.” In the 5th, 7th, and 11th circuits, courts were much less inclined to require that specific pleading.

—

On Jan. 21, 2026, the Tenth Circuit became the first circuit court to squarely reject the CFAA interpretation that investigations must be tethered to technological harm. It did so with Moxie Pest Control (Utah), LLC v. Nielsen, and it concluded that investigative costs qualify as a CFAA “loss” even when the plaintiff does not show or even allege “technological harm” like corrupted data or damage to systems.

According to the Tenth Circuit, under § 1030(e)(11)’s plain text, any reasonable cost of responding to an offense qualifies.

—

This was the general divide that had emerged around the country pre-Moxie.

The first camp suggests that costs must be tethered to clear evidence of technological harm to qualify as a loss.

The courts in this camp do not reject investigative costs as a category. But conclusory pleadings related to investigations in the absence of technological harm often get dismissed. These courts have demanded specifics about what was done, why the investigation was necessary, how it ties to the intrusion, and evidence that the “loss” was tethered to “harm to computer data, programs, systems, or information services.”

Many recent decisions have been pushing in that direction:

• CoStar Group, Inc. v. Leon Capital Group, LLC (D.D.C. 2022) dismissed where the claimed loss was time and money spent “identifying, investigating, and attempting to block and otherwise respond,” but the allegations did not adequately plead cognizable CFAA loss.
• The Phoenix Co., Inc. v. Castro-Badillo (D.P.R. Aug. 9, 2024) dismissed where the plaintiff relied on “investigation” but did not plead what investigative measures were taken and what damage, if any, was actually caused.
• Sylabs Inc. v. Rose (N.D. Cal. Sep. 26, 2024) dismissed where “loss” was pegged to forensic analysis but the allegations were essentially conclusory and failed Rule 12(b)(6) specificity expectations.
• William Gottlieb Mgmt. Co., LLC v. Carlin (S.D.N.Y. Mar. 26, 2024) dismissed where the “investigation” just confirmed what the plaintiff already knew and did not involve analyzing effects on computer systems.
• X Corp. v. Center for Countering Digital Hate (N.D. Cal. 2024) dismissed X Corp.’s CFAA claim at the motion-to-dismiss stage because the court found that X failed to allege technological harm necessary under § 1030’s loss definition, and that internal costs and reputational advertising revenue losses tied to CCDH’s reports and investigations did not allege harm to computer data, systems, or programs as contemplated by the statute. Also, the broader complaint was treated as a SLAPP aimed at punishing criticism rather than bona fide CFAA conduct.

If you read those cases as a group, you find situations where courts are skeptical of internal investigations because they seem pretextual. According to these cases, an alleged investigation is not a blank check to proceed with a CFAA claim. Courts want to see that the investigation was a response to an access violation causing technological harm and not just a litigation prep exercise.

The second camp is more of a magic words approach. If there’s alleged unauthorized access, and you say there was an investigation that cost $5k, the case moves to discovery.

This was pretty much the consensus around the country pre-Van Buren. But lower courts were fairly evenly divided about that concept of loss post-Van Buren.

The Tenth Circuit in Moxie is now a clean appellate-level entry for this camp.

According to Moxie, the CFAA’s definition of “loss” explicitly includes response and damage-assessment costs. So district courts should not treat Van Buren as silently rewriting the civil-remedies threshold into limiting investigations to those tethered to technological harm.

Moxie is now the most prominent post-Van Buren statement on this question, and because it is a circuit court opinion, and not a one-off district court order, it will carry significant weight, and may permanently tip the scales in favor of this camp.

—

The facts of Moxie are as follows:

The plaintiffs were a group of affiliated pest-control companies that alleged employees of their competitor, Aptive Environmental, bribed current and former Moxie representatives to turn over confidential, password-protected sales data (including leaderboards) stored in Moxie’s system, which Aptive then allegedly used to recruit door-to-door sales representatives. Moxie sued Aptive and several individuals under the Computer Fraud and Abuse Act (CFAA), RICO, the Defend Trade Secrets Act (DTSA), and Utah’s Uniform Trade Secrets Act (UTSA).

The district court dismissed Moxie’s CFAA claim for failure to plead a qualifying “loss” post-Van Buren, denied motions to compel broad damages discovery, and granted summary judgment on the other claims for lack of causation. On appeal, the Tenth Circuit reversed the dismissal of the CFAA claim, holding that Moxie’s allegations of over $5,000 in investigative costs incurred in response to unauthorized access plausibly satisfied the CFAA’s “loss” definition even absent technological harm, affirmed the discovery ruling, affirmed summary judgment on RICO, and reversed in part the DTSA/UTSA rulings on remedies and remanded for further proceedings.

—

For practitioners in this space, it isn’t hard to see how Moxie could be problematic.

There is a chicken-or-the-egg conundrum with the statutory language cited by the Tenth Circuit. While § 1030(e)(11)’s definition of loss includes any reasonable cost of responding to an offense, the statute itself does not offer any guidance on what the *offense* must be that provokes the investigation. By the Tenth Circuit’s definition, it doesn’t matter. Any conduct associated with unwanted access will do. And so, activity that does not cause technological harm can give rise to a CFAA claim if a plaintiff investigates it and incurs $5,000 in expenses.

The problem is twofold: (1) It lets plaintiffs convert a whole range of non-technological harms into federal computer crimes, thus seemingly contradicting the guidance of the Supreme Court and the statute itself, which requires harm to computer data, programs, systems, or information services; and (2) The $5,000 threshold becomes nigh-meaningless. Any plaintiff with a lawyer and an incident-response vendor can hit $5,000 by lunchtime. Indeed, a recent case found that a pro se plaintiff spending 25 hours of his own time was sufficient to establish a “loss” under the CFAA. Karcz v. Mezouak, 2026 WL 622679 (D.N.J. March 5, 2026).

In other words, conduct that would not give rise to a CFAA violation because the alleged harm is not technological in nature under the Supreme Court’s definition of a “loss” can easily become a CFAA “loss” as long as a plaintiff alleges that they investigated it.

That’s a deeply circular definition of “loss”. But Moxie didn’t grapple with that deeper circularity head-on.

Making benign integrations and free speech criminal

Let me lay out a couple of different fact patterns where this often plays out.

Even though the defendants here are highly unsympathetic, that’s not always the case. The alleged conduct was plainly wrongful. It involved alleged bribery, misuse of credentials, and copying confidential information from a protected account. But the CFAA should be reserved for technological harms, not merely unauthorized taking of information. That distinction matters. The opinion blurs the line between digital trespass and ordinary misuse of access, even though the real injury alleged was the taking of valuable business information, not damage to the integrity or functioning of the computer system itself. If the system still worked as designed, was not impaired, and suffered no meaningful technological disruption, then this looks much more like a trade secrets or unfair competition case, not a CFAA claim.

That overexpansion matters beyond these bad facts. Once courts allow the CFAA to reach conduct that does not cause technological harm, the statute becomes a much more flexible weapon for private plaintiffs and platforms seeking to recharacterize disfavored access as computer intrusion.  There are countless software integrations whose primary business purpose is to integrate some sort of useful activity within another company’s platform. Lots of companies build these useful layers into and on top of other companies’ software. Most of the time, the purpose of these integrations is to provide something of value to end users, but of course, large platforms are often reluctant to cooperate with third parties.

Created by ChatGPT Dec. 2025

The panel says, almost in passing, that “we need not decide whether the conduct Moxie alleged violates the CFAA. It does,” because Nielsen used a pilfered password, and then goes on to hold that investigative costs alone can satisfy CFAA loss without any technological impairment. The problem is not that the defendants should win. They should not. The problem is that the opinion does nothing to distinguish credential theft from the far more ordinary reality of delegated access and platform integrations, where a user intentionally lets a third-party tool access an account through stored credentials, session continuity, or other account-linked mechanisms. In a world full of CRM plug-ins, analytics layers, scheduling tools, and middleware, courts should be careful not to let “access by someone other than the nominal account holder” plus “investigation” equal a federal crime. The “loss” element needs to be a meaningful filter. If it isn’t, lots of benign conduct becomes illegal.

If investigative expenses are enough, regardless of whether tethered to a technological harm, then a platform that objects to a researcher, watchdog, journalist, or advocacy group can more readily plead its way past dismissal by alleging unauthorized access plus the cost of figuring out what happened. Moxie sits uneasily beside X Corp. v. Center for Countering Digital Hate, where Judge Breyer recognized the basic danger directly, writing that the case was “about punishing the Defendants for their speech” and that X sued “in order to punish CCDH” for publications criticizing the platform.

To be clear, Moxie did not involve public-interest criticism. It involved commercial espionage. But doctrine built in hard cases does not stay in hard cases. Once courts make it easier to plead CFAA claims based on contested access and post hoc investigation costs, that logic can be repurposed by platforms seeking to suppress unfavorable reporting, auditing, or accountability research. The right lesson from Moxie should have been narrow, but instead it was unequivocal and unqualified.

Don’t get it twisted: If self-motivated, sponsored investigations untethered to technological harm qualify as losses under the CFAA, then any integration disfavored by a platform can be made illegal, regardless of how valuable or pro-social it may be. And any “access” that’s disfavored by a platform can be made illegal, too. Regardless of how benign or pro-social it may be.

That’s the legal landscape that Moxie creates.

In the coming months, the Ninth Circuit is likely to revisit this issue with Perplexity AI’s appeal of the preliminary injunction issued by the Northern District of California in its case against Amazon. When that case is decided, we can expect to get a clearer picture of whether there will be a consensus on this issue or a true circuit split.

The post Tenth Circuit Broadens CFAA ‘Loss’ Beyond Technological Harm–Moxie v. Nielsen (Guest Blog Post) appeared first on Technology & Marketing Law Blog.

Also, check out this line from the opinion: “Arkansas cannot sentence speech on the internet to death by a thousand cuts.” To be fair, most legislators would choose to sentence Internet speech to death in one swift, decisive blow if they could.]

* * *

This case involves NetChoice’s Constitutional challenge to Arkansas Act 900 of 2025, one of many Internet censorship laws coming out of Arkansas. I previously blogged about the injunctions against Act  689, the so-called Social Media Safety Act and Act 901. Does the Arkansas legislature do anything other than pass unconstitutional Internet censorship laws?

Act 900 tries to revive Act 689 by amending it after it was enjoined. Not surprisingly, the amendment doesn’t go well. The court preliminarily enjoins Act 900 too.

Who does the law “protect”?

“Act 900 has one particularly noteworthy problem: “users.” Act 900 has three different definitions for relationships a person can have with a platform….The addictive practices provision and the default provisions therefore apply to all Arkansas minors, whether they have a social media account or are merely a website visitor. Worse, the dashboard provision applies only to minor “users,” not account holders.”

This definitional problem is probably the result of a botched amendment, but it’s no less embarrassing. I guess you can’t make a censorship scramble without breaking a few eggs?

Addictive Practices

The addictive practices provision of Act 900 requires platforms to “ensure” that they “do[ ] not engage in practices to evoke any addiction or compulsive behaviors in an Arkansas user who is a minor, including without limitation through notifications, recommended content, artificial sense of accomplishment, or engagement with online bots that appear human.

The judge says this restriction is void for vagueness. Two problems with this language compared to Act 901: (1) “Act 900 is not limited to addiction to the platform itself.” (2) “Act 900 imposes liability on a strict liability basis, while Act 901 imposes liability on a negligence basis….a platform is liable for a practice the evokes addiction in a single child even if it could not have known through the exercise of reasonable care that the practice would have such an effect.”

The anti-addiction provision was coupled with quarterly audit requirements that services double-check they aren’t doing anything addictive. “This requirement is even more expansive with respect to what platforms must audit for—not just full-fledged “addiction,” but “addiction-driven behavior” caused by the platform—again, whether that behavior is on- or off-platform.”

Default Provisions

social media platforms must also “[e]nsure that, by default:” (1) “[n]otifications to an Arkansas user who is a minor, other than safety or privacy-related alerts, are ceased between the hours of 10:00 p.m. central standard time (CST) and 6:00 a.m. central standard time (CST) and allow a parent or guardian to modify this setting”; and (2) “[p]rivacy and safety settings for an Arkansas user who is a minor on a covered social media platform provides the most protective level of control for privacy and safety offered by the covered social media platform.” The Court assumes that the content-based exception to the notifications default for “safety or privacy-related alerts” is severable, so strict scrutiny does not apply to the remainder

The court sees the notification provisions as time-place-manner restrictions. “The State has a significant interest in ensuring minors get enough sleep, and this interest is unrelated to the suppression of free expression.”

The court nevertheless gets stuck on the lack of tailoring. “The notifications default applies to “Arkansas users”— account holders and platform visitors alike. It seems to the Court that platforms would therefore have to silence notifications between 10 p.m. and 6:00 a.m. for everyone in Arkansas unless they have become an age-verified adult account holder.”

The court also questions the parent override because “parents are part of the problem. If parents wanted to prevent their children’s sleep from being disrupted by late-night notifications, they have a readily available, free, no-tech solution already at their disposal: taking devices away at night.” This leads to a zinger:

The State has provided no evidence that parents lack the tools to assert their authority in this domain, so it appears unlikely that the State’s deferential approach to restricting nighttime notifications will actually serve its stated interest in ensuring minors get enough sleep. This “is not how one addresses a serious social problem.”

Thus, the notifications restriction “burdens platforms’ speech by silencing them for a third of the day without any indication that the burden will reduce nighttime social media use or otherwise serve the State’s asserted interest at all.”

[I don’t love the court’s methodology here. The main problem isn’t the ineffectiveness of the notification time restrictions; it’s that notifications are an integral part of the services’ editorial expression, i.e., how to communicate with their audiences. Meanwhile, states should be able to empower parents to make choices for their children, even if many parents choose not to restrict their children. The true problems lie elsewhere. For example, in my Segregate-and-Suppress paper, I identify functionally unsolvable problems with giving parents the right to decide how the children use the Internet.]

As for the heightened privacy settings requirement, the court says it’s not a time-place-manner restriction. Instead, the required settings “all restrict platforms’ ability to disseminate minors’ speech and to disseminate speech to minors and therefore implicate the First Amendment.” The court says the provision has to satisfy intermediate scrutiny.

The court says “the privacy default says nothing about who can change these settings, leaving the Court to conclude that, because the Act imposes a mere “default,” anyone—parent or child—can opt for less restrictive settings.” As a result, it’s not a parental control mechanism. The children’s agency over their own settings makes the provision “wildly underinclusive.” (Again, giving children agency may be a better approach than the alternative).

The court also has problems with the provision’s sweep:

Act 900 has a broad definition of “social media platform” that sweeps in websites like Nextdoor and Pinterest which are unlikely to be the site of sexual exploitation, burdening minors’ ability to speak and be spoken to on those platforms and burdening platforms’ ability to disseminate minors’ speech.

Thus, the court concludes:

the law, in effect, allows children to decide whether they need protection from sexual exploitation online because they are free to depart from the protective default. As Defendants’ evidence shows, teenagers’ developing brains make them less likely than adults to appreciate the risks associated with, for example, making their profiles public. Like the notification default, while the burdens imposed by the privacy default may be slight, they do not appear likely to serve the State’s asserted interest at all. Imposing small burdens on vast quantities of speech for no appreciable benefit is not consistent with the First Amendment. Arkansas cannot sentence speech on the internet to death by a thousand cuts

Dashboard Provision

Act 900 requires platforms to “[d]evelop an easily accessible online dashboard to allow a parent of a minor user to view and understand his or her child’s use habits.” This dashboard “shall also provide tools for a parent to restrict his or her minor child’s access to the covered social media platform, or logical portions of the covered social media platform.”

The court can’t decide if this is a Zauderer situation, but it doesn’t matter because “this provision is so unduly burdensome that it fails even” the Zauderer standard. A reminder that we desperately and urgently need a complete rethink of everything associated with Zauderer.

The court gets stuck on the fact that the dashboard only applies to unregistered users. (This appears to be a drafting mistake…? Who knows what the legislature was thinking. They cared more about censorship than making sense.). The court says providing this resource to unregistered users forces services to collect more personal information than they want:

This requirement would force platforms to compile scores of data about minor visitors to their websites, “somehow identify each minor’s parents” to provide dashboard access to them, and follow minors across devices to enforce parental restrictions. Such a requirement is unduly burdensome and seems likely to chill platforms’ dissemination of speech to or from anyone who is not an account holder.

[I would add that all of these problems are inherent in any parental control, supervision, or access provision, not just this particular situation where the legislature illogically extended these rights only to unregistered users.]

Implications

This is a quirky opinion with some logic twists that an appeals court may not agree with. Personally, I wish that courts would strike down laws at their conceptual layer, such as saying that age authentication mandates are always unconstitutional, or efforts to define social media will always be fatally under- and over-inclusive, or parental controls over their children’s online behavior are always mistailored because of the impossibility of authenticating parental status and the risks that parents will weaponize that control in opposition to their children’s interests. (I could go on with other structural problems). This opinion hints at some of these concerns but never reaches these more definitive positions.

Having said that, the court reaches the right place. Essentially, the court makes it impossible for legislatures to push segregate-and-suppress laws because they can never navigate the vagueness and tailoring problems sufficiently. The legislature can read this opinion and try to iterate the law yet again to address the judge’s concern, and they will still fail. Of course, the response of every legislature seems to be: if censorship is on the line, CHALLENGE ACCEPTED.

Case Citation: NetChoice LLC v. Griffin, 5:25-cv-05140-TLB (W.D. Ark. April 20, 2026)

* * *

Blog Posts on Segregate-and-Suppress Obligations

• Too Many Courts Are Letting States Take Wrecking Balls to the Internet (Roundup)
• Texas Judge Enjoins App Store Authentication Law–CCIA and SEAT v. Paxton
• Courts Enjoin Internet Censorship Laws in Louisana and Arkansas
• Challenge to Maryland’s “Kid Code” Survives Motion to Dismiss–NetChoice v. Brown
• My Testimony Against Mandatory Online Age Authentication
• Read the Published Version of My Paper Against Mandatory Online Age Authentication
• Prof. Goldman’s Statement on the Supreme Court’s Demolition of the Internet in Free Speech Coalition v. Paxton
• Court Permanently Enjoins Ohio’s Segregate-and-Suppress/Parental Consent Law–NetChoice v. Yost
• Arkansas’ Social Media Safety Act Permanently Enjoined—NetChoice v. Griffin
• Why I Emphatically Oppose Online Age Verification Mandates
• California’s Age-Appropriate Design Code (AADC) Is Completely Unconstitutional (Multiple Ways)–NetChoice v. Bonta
• Another Conflict Between Privacy Laws and Age Authentication–Murphy v. Confirm ID
• Recapping Three Social Media Addiction Opinions from Fall (Catch-Up Post)
• District Court Blocks More of Texas’ Segregate-and-Suppress Law (HB 18)–SEAT v. Paxton
• Comments on the Free Speech Coalition v. Paxton SCOTUS Oral Arguments on Mandatory Online Age “Verification”
• California’s “Protecting Our Kids from Social Media Addiction Act” Is Partially Unconstitutional…But Other Parts Are Green-Lighted–NetChoice v. Bonta
• Section 230 Defeats Underage User’s Lawsuit Against Grindr–Doll v. Pelphrey
• Five Decisions Illustrate How Section 230 Is Fading Fast
• Internet Law Professors Submit a SCOTUS Amicus Brief on Online Age Authentication–Free Speech Coalition v. Paxton
• Court Enjoins the Utah “Minor Protection in Social Media Act”–NetChoice v. Reyes
• Another Texas Online Censorship Law Partially Enjoined–CCIA v. Paxton
• When It Comes to Section 230, the Ninth Circuit is a Chaos Agent–Estate of Bride v. YOLO
• Court Dismisses School Districts’ Lawsuits Over Social Media “Addiction”–In re Social Media Cases
• Ninth Circuit Strikes Down Key Part of the CA Age-Appropriate Design Code (the Rest is TBD)–NetChoice v. Bonta
• Mississippi’s Age-Authentication Law Declared Unconstitutional–NetChoice v. Fitch
• Indiana’s Anti-Online Porn Law “Is Not Close” to Constitutional–Free Speech Coalition v. Rokita
• Fifth Circuit Once Again Disregards Supreme Court Precedent and Mangles Section 230–Free Speech Coalition v. Paxton
• Snapchat Isn’t Liable for Offline Sexual Abuse–VV v. Meta
• 2023 Quick Links: Censorship
• Court Enjoins Ohio’s Law Requiring Parental Approval for Children’s Social Media Accounts–NetChoice v. Yost
• Many Fifth Circuit Judges Hope to Eviscerate Section 230–Doe v. Snap
• Louisiana’s Age Authentication Mandate Avoids Constitutional Scrutiny Using a Legislative Drafting Trick–Free Speech Coalition v. LeBlanc
• Section 230 Once Again Applies to Claims Over Offline Sexual Abuse–Doe v. Grindr
• Comments on the Ruling Declaring California’s Age-Appropriate Design Code (AADC) Unconstitutional–NetChoice v. Bonta
• Two Separate Courts Reiterate That Online Age Authentication Mandates Are Unconstitutional
• Minnesota’s Attempt to Copy California’s Constitutionally Defective Age Appropriate Design Code is an Utter Fail (Guest Blog Post)
• Do Mandatory Age Verification Laws Conflict with Biometric Privacy Laws?–Kuklinski v. Binance
• Why I Think California’s Age-Appropriate Design Code (AADC) Is Unconstitutional
• An Interview Regarding AB 2273/the California Age-Appropriate Design Code (AADC)
• Op-Ed: The Plan to Blow Up the Internet, Ostensibly to Protect Kids Online (Regarding AB 2273)
• A Short Explainer of Why California’s Social Media Addiction Bill (AB 2408) Is Terrible
• A Short Explainer of How California’s Age-Appropriate Design Code Bill (AB2273) Would Break the Internet
• Is the California Legislature Addicted to Performative Election-Year Stunts That Threaten the Internet? (Comments on AB2408)
• Omegle Denied Section 230 Dismissal–AM v. Omegle
• Snapchat Isn’t Liable for a Teacher’s Sexual Predation–Doe v. Snap
• Will California Eliminate Anonymous Web Browsing? (Comments on CA AB 2273, The Age-Appropriate Design Code Act)
• Minnesota Wants to Ban Under-18s From User-Generated Content Services
• California’s Latest Effort To Keep Some Ads From Reaching Kids Is Misguided And Unconstitutional (Forbes Cross-Post)
• Backpage Gets Important 47 USC 230 Win Against Washington Law Trying to Combat Online Prostitution Ads (Forbes Cross-Post & More)
• Backpage Gets TRO Against Washington Law Attempting to Bypass Section 230–Backpage v. McKenna
• MySpace Wins Another 47 USC 230 Case Over Sexual Assaults of Users–Doe II v. MySpace
• MySpace Gets 230 Win in Fifth Circuit–Doe v. MySpace
• Website Isn’t Liable When Users Lie About Their Ages–Doe v. SexSearch

The post Court Enjoins Another Arkansas Segregate-and-Suppress Law–NetChoice v. Griffin appeared first on Technology & Marketing Law Blog.

The court starts off with this broad proposition:

Section 230 compels dismissal of claims seeking to hold platforms liable for activity amounting to sexual exploitation of one user by another when the factual predicate is that the two users engaged in messaging using the platform’s service” [cites to Doe v. Grindr, Doe v. MySpace, Doe v. Snap, Doe 1 v. Backpage, Doe II v. MySpace, In re Facebook, LW v. Snap, Doe v. Grindr (S.D. Fla.), Doe v. Kik.]

Negligence

The plaintiff tried the standard set of arguments that Discord was defectively designed because it didn’t adhere to the plaintiff lawyers’ vision of how services should operate:

Plaintiff’s “Negligence” claims seek to impose liability on Discord for (i) designing its messaging service to facilitate harmful private communications; (ii) allowing “unsupervised” messaging between users; (iii) failing to require phone number verification or otherwise “screen users”; (iv) failing to “implement … parent controls” and “parental notifications” that would monitor and supervise messages; (v) failing to remove user profiles and block messages from adults who message teens; (vi) failing to set default safety settings that would block messages between unconnected users; (vii) offering an “open chat function” without sufficient moderation; and (viii) failing to monitor for, report and prevent the use of [its] app[ ] by sexual predators.”

The court says all of those configuration choices are editorial choices protected by Section 230:

These claims each amount to Plaintiff seeking to impose a duty on Discord to monitor, screen, and block Plaintiff’s communications with other Discord users. All of these duties would require Discord to alter or amend how it publishes, monitors, screens, flags, blocks, or removes users’ messages and profiles, including how it offers to its users “neutral tools” that allow users to communicate in different chat forums and formats. [cite to Jones v. Dirty World (6th Circuit)]

Notice how this court implicitly veers away from the social media addiction rulings in California and numerous other precedents saying that design choices can be agnostic about what content they apply to and therefore are not based on third party content.

Strict Liability

The court treats the products liability claim the same as the negligence claim. The plaintiff complained about the following practices:

The Complaint faults Discord for providing a service that “allow[s] children to come into contact with child predators, and asserts that Discord should provide “[e]ffective parental controls” to stop harmful message exchanges; reconfigure features to “block[ ] direct messaging between child and adult users”; block content from “known abusers”; and offer a more restrictive “[c]ontrolled chat” option.

The court responds that these claims “would require Discord to more perfectly screen for and block harmful messages and alter the operation of the neutral tools it provides users to send messages,” which Section 230 does not permit.

Concealment/Failure to Warn

The court says the concealment/failure to warn claims also second-guess Discord’s editorial decisions. The court says:

Courts cannot accept attempts to repackage what is in actuality “publisher” actions as “torts of omission” to evade Section 230

Thus, “these allegations appear to be simply a restatement of Plaintiff’s negligence claims and product liability claims already found to be barred by Section 230. Put another way, the only way that Discord could address these aspects of its platform would be “to take certain moderation actions” that would eliminate the alleged discrepancy between Discord’s description of its moderation efforts and the “reality” of its moderation – again, “publishing” actions.” [cite to Bride v. YOLO]

Failing to warn users that Discord is a “dangerous” app “is at root a claim based on “publication” choices related to moderation efforts, which fall within the immunity provided by Section 230.” Cites to Bride v. YOLO, Doe v. Grindr, Wozniak v. YouTube.

The court also questions if there was any actual omission: “Discord does disclose and issue transparency reports that – as is the case with any platform that handles an immensely high volume of messages each day – do show that its content moderation efforts are imperfect.”

Misrepresentation

Plaintiff’s claims seek to hold Discord liable for alleged “misrepresentations” by failing to conform its content moderation standards – based on what amounts to its general “aspirational” standards of seeking to provide a platform “safe for minors” – to a level defined by Plaintiff. [The Grindr court distinguished] claims based on actual specific and defined contractual promises [from] general aspirational goals regarding platform content moderation

The litigation over “safe” content moderation is decades-old and completely confused.

Third-Party Content

Nowhere in Plaintiff’s Complaint does it accuse Discord of creating the offensive messaging, but rather the Complaint seeks to hold Discord liable for facilitating – or failing to moderate – sexually exploitative offensive messaging created by others. The fact that Discord may have provided the “tools” by which Plaintiff and her alleged abusers exchanged messages, to “carry out what may be unlawful or illicit” does not make Discord a “content provider,” but rather treats Discord as a “publisher” of (offensive) messaging created by third parties.

Implications

A reminder that sexual predation cases involve heartbreaking facts. Section 230 often arises in tragic circumstances.

The Section 230 jurisprudence is coming apart at the seams, as illustrated by this ruling. I think this court got it right and disagreeing courts got it wrong. However, there is now enough precedent on both sides of every issue to vex everyone. This opinion carefully prioritized appellate rulings, which have largely rejected the design defect workarounds to Section 230. However, many more design defect cases are heading to appellate courts across the country, and any appellate deviation in any one of those cases will tear Section 230 even further apart.

Case Citation: Jane Doe v. Discord Inc., 2026 WL 1067574 (N.D. Ohio April 20, 2026). The complaint.

The post Section 230 Helps Discord Defeat “Defective Design” Claims Regarding Sexual Predation–Jane Doe v. Discord appeared first on Technology & Marketing Law Blog.

If you think the courts always curb these abuses, recall Judge Doughty’s 155 page MAGA screed against the Biden administration’s purported jawboning, “patriotically” issued on July 4, 2023. Judge Doughty claimed he was redressing the “most massive attack against free speech in United States’ history,” only to be badly exposed as a partisan hack/fool when the Supreme Court reviewed those facts.

MAGA culture warriors have repeatedly decried Biden-era jawboning, but far worse behavior from the Trump administration is often just downplayed as no big deal or kakistocrats being kakistocrats. Techdirt covers this duality/hypocrisy. We should not grade the Trump administration’s censorship on some sort of downward-adjusted curve. As this case illustrates, the Trump 2.0 administration has been unstintingly and gleefully censorial, both expressly and using indirect means like jawboning.

* * *

This case involves former-AG Bondi and former-Secretary Kristi Noem. Both of them arrogantly thought they could successfully navigate having the famously mercurial and unreasonable Trump as a boss. Instead, both of them transactionally served as Trump’s use-and-discard useful idiots and have been shitcanned.

This case is part of the detritus of shadow president Stephen Miller’s highly unpopular deployment of ICE as a weapon against the American public. In response, truly patriotic Americans self-organized to fight back against ICE’s abuses, including providing online tools to track, document, and push back against ICE.

“Plaintiff Kassandra Rosado created ‘ICE Sightings – Chicagoland’ in January 2025 as a
Facebook group for people to post videos and information regarding ICE activity.” LARPing as a concerned American , Laura Loomer (a well-known figure on this blog) publicly flagged the group for Bondi and Noem. Bondi responded that the DOJ got Facebook to remove the group:

Noem responded almost identically:

[Another semantic note: like the term “jawboning,” the term “doxxing” is ambiguous and weaponizable. Bondi and Noem falsely claimed that citizens’ efforts to increase the transparency of government activities constituted nefarious or even illegal “doxxing,” when it’s really the kind of power-checking efforts our country was founded on.]

In a second jawboning incident,

Plaintiff Kreisau Group created “Eyes Up” in August 2025 as a phone application for people to post videos and information regarding ICE activity. Around October 2, 2025, Apple removed several apps that shared information regarding ICE activity, including ICEBlock, Red Dot, and Eyes Up. Speaking to Fox News on October 2, Defendant Bondi stated: “We reached out to Apple today demanding they remove the ICEBlock app from their App Store – and Apple did so.” And on October 8 Bondi made a public statement that “we had Apple and Google take down the ICEBlock apps.”

Apple informed Kreisau Group that Apple had removed Eyes Up from the App Store after receiving “information” from “law enforcement” that the app violated Apple’s guidelines. Apple stated that the app violated guideline 1.1.1, which prohibits “defamatory, discriminatory, or mean-spirited content.” But Apple had previously and independently reviewed Eyes Up in August 2025. During that previous review, Eyes Up was already available on its website, and Apple had knowledge of the purpose of Eyes Up, of actual videos available on it, and how it worked.

Traceability

The court is satisfied with the allegations of the federal government’s responsibility for the removals:

First, Facebook had previously reviewed the Chicagoland group, and Apple had previously reviewed Eyes Up. In both cases, Facebook and Apple had determined that the content met their requirements. Second, Facebook and Apple changed their positions and removed the content immediately after Defendants contacted them about it. And third, Defendants made public statements taking credit for the fact that Facebook and Apple had removed the content.

Injunction Merits 

The court says there’s enough evidence to enjoin the censorship:

[Bondi and Noem] reached out to Facebook and Apple and demanded, rather than requested, that Facebook and Apple censor Plaintiff’s speech. See R. 10-4 at 29 (“‘We reached out to Apple today demanding they remove the ICEBlock app from their App Store – and Apple did so,’ Bondi said in a statement to Fox News Digital.”); R. 10-4 at 36 (emphasis added) (Loomer posting on social media that “DOJ source tells me . . . they have contacted Facebook . . . to tell them they need to remove these ICE tracking pages.”); R. 10-4 at 65 (Noem posting on social media that “[p]latforms like Facebook must be PROACTIVE [sic] in stopping the doxxing of our [ICE] law enforcement.”).

Bondi and Noem also intimated that Facebook and Apple may be subject to prosecution for failing to comply with Bondi and Noem’s demands. For example, after stating that we “had Apple and Google take down the ICEBlock apps,” Bondi further stated: “We’re not going to stop at just arresting the violent criminals we can see in the streets.” And in the same social media post where Noem wrote that “[p]latforms like Facebook must be PROACTIVE in stopping the doxxing of our [ICE] law enforcement,” she added: “We will prosecute those who dox our agents to the fullest extent of the law.” Although these statements may not be direct threats to prosecute Facebook and Apple, they are intimations of a threat. And thinly veiled threats such as these constitute sufficient evidence on which Plaintiffs are likely to succeed on their claim. [cite to Bantam Books]

The judge didn’t set the precise terms of the injunction (that will happen soon). However, the judge cannot compel Facebook or Apple to restore ICE Sightings or Eyes Up. Restoring the services is, after all, their editorial prerogative. Indeed, there’s no guarantee the services will be restored. As discussed below, both Facebook and Apple have repeatedly and expressly prioritized their fealty to government censors over serving their audiences. Thus, either way, the government has already won the case by sidelining two ICE accountability tools for many months–and possibly indefinitely. This would have been a good enough reason to fire Bondi and Noem, but oops, Trump already did that for far less legitimate reasons.

Implications

This is not a difficult case legally or factually. The court didn’t need to engage in any nuanced inquiry or explore subtle differences between government requests and coercion. Bondi and Noem wanted the Facebook group and apps gone. They told Facebook and Apple to remove them and coupled that instruction with promises to exercise their enforcement powers. This is a textbook example of censorship via jawboning.

The bigger question is: why did we get such a clean example of jawboning? Typically, government officials would not have made their censorship demands so brazenly; nor would government officials take a very public celebratory victory lap after executing their censorship. Imagine a counterfactual where Bondi and Noem simply posted a thank you to Facebook and Apple for helping ICE out. Would that have changed the outcome?

So why didn’t Bondi and Noem execute their goals more smartly? An Occam’s Razor guess is that they are incompetent. A realpolitik guess is that Bondi and Noem only cared about a single-person audience, Pres. Trump. They needed to very visibly demonstrate their censorship in order for Trump to recognize and appreciate it. An darker guess is that Bondi and Noem didn’t fear any repercussions from abusing their government position. Indeed, other than their shitcanning (which was inevitable from the first day they took the positions), I doubt Bondi or Noem will suffer any personal consequences for any of their misdeeds in office.

While Bondi and Noem (and Stephen Miller and ICE) are the real villains in this story, let’s not overlook Facebook and Apple’s complicity. Facebook and Apple showed zero backbone in the face of Bondi and Noem’s unreasonable demands. The companies willingly served as useful idiots to the censors. Their spinelessness is not new; recall how Apple and Google didn’t do a damn thing to push back against the TikTok ban, even though it stripped away their editorial discretion. Apple and Facebook lack any editorial integrity and have intentionally decided to placate MAGA censors instead. That deserves more condemnation than the court can provide.

Case Citation: Rosado v. Bondi, 2026 WL 104778 (N.D. Ill. April 17, 2026)

BONUS: Along similar lines as the Rosado case, see Oregon v. RFK Jr., 6:25-cv-02409-MTK (D. Ore. April 18, 2026), where the judge unloads on RFK Jr. for threatening to block all federal funding to hospitals if they provided any gender-affirming care. I thought this quote from the judge was really beautiful:

Secretary Kennedy’s unlawful declaration harmed children. This case illustrates that when a leader acts without authority and in the absence of the rule of law, he acts with cruelty.

Selected Jawboning Posts

• COVID Jawboning Lawsuit Dismissed (For Now)–Dressen v. Flaherty
• Section 230 (Still) Applies to Contract Breach Claim–NJCCC v. McAleer
• Facebook Defeats Armslist’s Account Termination Lawsuit–Armslist v. Facebook
• Robert F. Kennedy Jr. Is Breaking Internet Law Faster Than I Can Blog It
• Plaintiffs Lack Standing to Sue Over Government Jawboning When Their Evidence is Based on Vibes–Murthy v. Missouri
• Jawboning Defendants Are 6-for-6 in the Ninth Circuit–Hart v. Facebook
• Another Jawboning Case Fails in the 9th Circuit (But a TAFS Judge Doesn’t Like the Biden Administration)–Rogalinksi v. Meta
• Sixth Circuit Dismisses Online Jawboning Case–Changizi v. DHHS
• “Twitter Files” Don’t Help Revive Jawboning Case–Hart v. Facebook
• Another Jawboning Case Fails in the Ninth Circuit–Kennedy v. Warren
• Government Submissions to a Trusted Flagger Program Aren’t Unconstitutional Jawboning–O’Handley v. Weber
• Ninth Circuit Easily Rejects Another Jawboning Case–Huber v. Biden
• Ninth Circuit Easily Rejects Jawboning Claims Against YouTube–Doe v. Google
• Facebook Defeats Jawboning Lawsuit Over COVID Misinformation Removal–Rogalinski v. Meta
• COVID Skeptics’ Anti-Jawboning Lawsuit Fails–Changizi v. Department of HHS
• Facebook & Twitter Defeat Lawsuit Over Account Terminations of COVID/Mask Skeptic–Hart v. Facebook
• Twitter Defeats Trump’s Deplatforming Lawsuit–Trump v. Twitter
• Section 230 Survives Yet Another Constitutional Challenge–Huber v. Biden
• Another Anti-Vaxxer Jawboning Lawsuit Fails–ICAN v. YouTube
• The First Amendment Protects Twitter’s Fact-Checking and Account Suspension Decisions–O’Handley v. Padilla
• One More Time: Facebook Isn’t a State Actor–Atkinson v. Facebook
• Government Jawboning Doesn’t Turn Internet Services into State Actors–Doe v. Google
• Facebook Defeats Lawsuit By Publishers of Vaccine (Mis?)information–Children’s Health Defense v. Facebook
• Another Must-Carry Lawsuit Against YouTube Fails–Daniels v Alphabet
• Congressional Jawboning of Internet Services Isn’t Actionable–AAPS v. Schiff
• Facebook Isn’t a Constructive Public Trust–Cameron Atkinson v. Facebook
• Section 230 Ends Demonetized YouTuber’s Lawsuit–Lewis v. Google

The post The Federal Government Used Jawboning to Censor ICE Transparency Initiatives–Rosado v. Bondi appeared first on Technology & Marketing Law Blog.

On March 25, the U.S. Supreme Court unanimously held that Cox Communications, an internet access provider, is not liable for file-sharing infringements committed by its users.  Cox Communications, Inc. v. Sony Music Entertainment, No. 24-171  (U.S. March 25, 2026).  In so holding, the Court rejected a $1 billion jury verdict in favor of Sony and other copyright owners (which the Fourth Circuit had already held should be remanded for retrial, but only on damages).  The majority opinion (by Justice Thomas, for seven justices) also seemingly rejected the “knowledge plus material contribution” standard for contributory infringement that has been used by the Courts of Appeals in case law for over 50 years.  Two concurring justices (Sotomayor, joined by Jackson) would have preserved that standard, but they would have interpreted it more narrowly than the Fourth Circuit had done.

The decision is a decisive victory for Cox and other internet access providers, and it will be welcomed by any defendant facing claims of contributory infringement.  (The Court did not purport to decide any issues regarding vicarious liability, but the opinion may be helpful to those defendants as well.)  The decision is also a stinging loss for major copyright owners, who have been trying for years to get courts to hold internet service providers and other intermediaries liable for copyright infringements committed by their users.  The opinion makes it significantly harder to do that.  Copyright owners will likely seek legislative relief, but it seems unlikely that Congress will be able to agree on legislation that will satisfy the major interest groups.  I also predict that defendants facing secondary liability claims in trademark cases will try to use the opinion to narrow contributory infringement in trademark law as well.

If you are not already familiar with secondary liability in copyright law, some background is needed to understand the full implications.  If you are already familiar with the existing law and the facts, you can skip straight to my analysis of the majority opinion.

Secondary Liability Before the 1976 Act

The first Supreme Court case to find contributory infringement was Kalem Co. v. Harper Brothers, 222 U.S. 55 (1911).  The Second Circuit explained the facts:

The late Gen. Lew Wallace wrote a story called ‘Ben Hur,’ the copyright of which belongs to the complainants Harper & Bros. The complainants Klaw & Erlanger caused the story to be dramatized, and Harper & Bros. duly copyrighted the dramatization and thereupon granted Klaw & Erlanger the sole right of producing the same upon the stage. The defendant the Kalem Company also employed a writer to read the story, without having any knowledge of the copyrighted drama, and to write a description of certain portions of it. It then produced persons and animals, with their accouterments, to perform the actions and motions so described … from which a positive film suitable for exhibition purposes was reproduced.

Harper & Bros. v. Kalem Co., 161 F. 61, 62 (2d Cir. 1909).  Under the 1870 Act (as amended), the copyright owner of a book had “the sole liberty of printing, reprinting, publishing, completing, copying, executing, finishing, and vending the same; and, in the case of a dramatic composition, of publicly performing or representing it, or causing it to be performed or represented by others. And authors or their assigns shall have [the] exclusive right to dramatize or translate any of their works for which copyright shall have been obtained.”  The Second Circuit held that the 15-minute film did not itself infringe the publisher’s rights: “as pictures only represent the artist’s idea of what the author has expressed in words, they do not infringe a copyrighted book or drama, and should not as a photograph be enjoined.”  161 F. at 63.  When the film was exhibited in theaters, however, that violated the exclusive rights to dramatize and to publicly perform the novel, and the producers were liable for those actions:

It is next objected that the defendant cannot be held as a contributory infringer, because its films are capable of innocent use; e.g., exhibitions for private amusement. This fact only compels the complainants to prove that the defendant does promote a guilty use of them. Inasmuch as it advertises the films as capable of producing a moving picture spectacle of Ben Hur, and sends its advertisements to proprietors of theatoriums with the expectation and hope that they will use them for public exhibitions, charging an entrance fee, and inasmuch as many of these proprietors have so used them, the defendant is clearly guilty of contributory infringement.

161 F. at 64.  On appeal, the Supreme Court assumed without deciding that the first holding was correct, and it then affirmed the second holding:

It is said that pictures of scenes in a novel may be made and exhibited without infringing the copyright, and that they may be copyrighted themselves. Indeed, it was conceded by the circuit court of appeals that these films could be copyrighted, and, we may assume, could be exhibited as photographs. Whether this concession is correct or not, in view of the fact that they are photographs of an unlawful dramatization of the novel, we need not decide. We will assume that it is. But it does not follow that the use of them in motion does not infringe the author’s rights. The most innocent objects … may be used for unlawful purposes. And if, as we have tried to show, moving pictures may be used for dramatizing a novel, when the photographs are used in that way, they are used to infringe a right which the statute reserves.

… [I]t is said that the defendant did not produce the [dramatic] representations, but merely sold the films to jobbers, and on that ground ought not to be held. In some cases where an ordinary article of commerce is sold nice questions may arise as to the point at which the seller becomes an accomplice in a subsequent illegal use by the buyer. It has been held that mere indifferent supposition or knowledge on the part of the seller that the buyer of spirituous liquor [is] contemplating such unlawful use is not enough to connect him with the possible unlawful consequences….  But no such niceties are involved here. The defendant not only expected but invoked by advertisement the use of its films for dramatic reproduction of the story. That was the most conspicuous purpose for which they could be used, and the one for which especially they were made. If the defendant did not contribute to the infringement, it is impossible to do so except by taking part in the final act. It is liable on principles recognized in every part of the law.

222 U.S. at 62-63.

Six decades later, the Second Circuit set forth the standard formulation of secondary liability used in the Courts of Appeals (until now), in Gershwin Publishing Corp. v. Columbia Artists Management, Inc., 443 F.2d 1159 (2d Cir. 1971).  The Gershwin court held there are two types of secondary liability: “vicarious” liability (based on the relationship between the direct infringer and the person to be held liable) and “contributory” infringement:

Although the Act does not specifically delineate what kind or degree of participation in an infringement is actionable, it has long been held that one may be liable for copyright infringement even though he has not himself performed the protected composition. For example, a person who has promoted or induced the infringing acts of the performer has been held jointly and severally liable as a “vicarious” infringer, even though he has no actual knowledge that copyright monopoly is being impaired. Although vicarious liability was initially predicated upon the agency doctrine of respondeat superior, this court recently held that even in the absence of an employer-employee relationship one may be vicariously liable if he has the right and ability to supervise the infringing activity and also has a direct financial interest in such activities. Shapiro, Bernstein & Co., Inc. v. H. L. Green Co., [316 F.2d 304, 307 (2d Cir. 1963)].

Similarly, one who, with knowledge of the infringing activity, induces, causes or materially contributes to the infringing conduct of another, may be held liable as a “contributory” infringer….

443 F.2d at 1161-62.

Meanwhile, in Patent Law

In patent law, two sub-types of “contributory” infringement were separated and codified in the 1952 Patent Act, at 35 U.S.C. § 271:

(b) Whoever actively induces infringement of a patent shall be liable as an infringer.

(c) Whoever offers to sell or sells within the United States or imports into the United States a component of a patented machine, manufacture, combination or composition, or a material or apparatus for use in practicing a patented process, constituting a material part of the invention, knowing the same to be especially made or especially adapted for use in an infringement of such patent, and not a staple article or commodity of commerce suitable for substantial noninfringing use, shall be liable as a contributory infringer.

In Global-Tech Appliances, Inc. v. SEB S.A., 563 U.S. 754 (2011), the Supreme Court reaffirmed “that induced infringement under § 271(b) requires knowledge that the induced acts constitute patent infringement.” 563 U.S. at 766. Thus, “deliberate indifference to a known risk that a patent exists is not the appropriate standard under § 271(b).” Id.  Nonetheless, the Court affirmed the holding that Pentalpha was liable for active inducement, holding that “willful blindness” can substitute for actual knowledge of a patent. Id. at 766, 768.  For willful blindness, “[t]he defendant must subjectively believe that there is a high probability that a fact exists and (2) the defendant must take deliberate actions to avoid learning of that fact.” 563 U.S. at 769.  In other words, “a willfully blind defendant is one who takes deliberate actions to avoid confirming a high probability of wrongdoing.” Id.  Neither recklessness (“one who merely knows of a substantial and unjustified risk of such wrongdoing”) nor negligence (“one who should have known of a similar risk but, in fact, did not”) is sufficient to show inducement. Id. at 770.

Secondary Liability After 1976 and Before Cox

The 1976 Copyright Act did not expressly address secondary liability.  Section 106 of the Act grants the copyright owner “the exclusive rights to do and to authorize” five activities (reproduction, prepare derivative works, public distribution, public performance, and public display); and the legislative history stated “[u]se of the phrase ‘to authorize’ is intended to avoid any question as to the liability of contributory infringers. For example, a person who lawfully acquires an authorized copy of a motion picture would be an infringer if he or she engages in the business of renting it to others for purposes of unauthorized public performance.”  H.R. Rep. No. 94-1476, at 61 (1976).

Another paragraph in the legislative history addressed vicarious liability:

The committee has considered and rejected an amendment to this section intended to exempt the proprietors of an establishment … from liability for copyright infringement, committed by an independent contractor.…  A well-established principle of copyright law is that a person who violates any of the exclusive rights of the copyright owner is an infringer, including persons who can be considered related or vicarious infringers. To be held a related or vicarious infringer in the case of performing rights, a defendant must either actively operate or supervise the operation of the place wherein the performances occur, or control the content of the infringing program, and expect commercial gain from the operation and either direct or indirect benefit from the infringing performance. The committee has decided that no justification exists for changing existing law, and causing a significant erosion of the public performance right.

H.R. Rep. 94-1476, at 159-60 (1976).  Apparently, Congress did not anticipate the rise of so-called textualism as a dominant (but inconsistently applied) principle of statutory interpretation, with the concomitant reluctance of textualist judges to read and rely on legislative history, or to interpret a statute in light of existing common-law principles.

The first major case that arose under the 1976 Act was Sony Corp. of America v. Universal City Studios, Inc., 484 U.S. 417 (1984). (The case actually was filed before the effective date of the new Act; but the trial included two instances of infringement that occurred after the effective date, January 1, 1978; and both the Ninth Circuit and the Supreme Court primarily cited and relied on the 1976 Act.)

In Sony, Universal and Disney sued Sony for making and distributing the Sony Betamax, the first VCR for home use.  They argued that consumers used the VCR to make reproductions of its over-the-air broadcast programs without its consent (direct infringement), and that Sony should be held liable for contributory infringement for providing the means to make those infringements. The District Court refused to grant a preliminary injunction and held after a bench trial that Sony was not liable; but the Ninth Circuit reversed, holding that Sony was liable; and the Supreme Court granted certiorari.

At the time of trial, there were only about 800,000 VCRs in the United States; but by the time the case reached the Supreme Court (it was argued in January 1983), about 10 million VCRs had been sold.  As Prof. Jessica Litman has previously reported, the Justices initially voted 5-4 to affirm, and Justice Blackmun was assigned the majority opinion, while Justice Stevens undertook to pen the dissent.  Justice O’Connor, however, had second thoughts and could not agree with Justice Blackmun’s opinion.  The Court could not reach a consensus by June, so the case was reargued in October 1983.  When the opinion was issued in January 1984, Justice O’Connor had switched her vote, giving Justice Stevens a 5-4 majority.

Justice Stevens’s majority opinion borrowed the “staple article of commerce” doctrine from patent law (codified in 35 U.S.C. § 271(b)), saying:

We recognize there are substantial differences between the patent and copyright laws. But in both areas the contributory infringement doctrine is grounded on the recognition that adequate protection of a monopoly may require the courts to look beyond actual duplication of a device or publication to the products or activities that make such duplication possible. The staple article of commerce doctrine must strike a balance between a copyright holder’s legitimate demand for effective — not merely symbolic — protection of the statutory monopoly, and the rights of others freely to engage in substantially unrelated areas of commerce. Accordingly, the sale of copying equipment, like the sale of other articles of commerce, does not constitute contributory infringement if the product is widely used for legitimate, unobjectionable purposes. Indeed, it need merely be capable of substantial noninfringing uses….

The question is thus whether the Betamax is capable of commercially significant noninfringing uses….

464 U.S. at 442.  Note that the majority opinion worded its standard in three different ways in three consecutive sentences, and that none of those three sentences exactly matches the wording of the patent statute (“suitable for substantial non-infringing use”).

The majority then held there were two “substantial noninfringing uses” for the Betamax VCR: authorized time-shifting, and unauthorized time-shifting. First, Justice Stevens noted that although Universal and Disney objected to consumers recording broadcast television on their VCRs, other copyright holders consented to such use. Representatives of the four major sports leagues (NFL, NBA, MLB, and NHL) all testified that they had no objection to consumers recording their broadcasts and watching them at a later time.  464 U.S. at 444.  What may have sealed the case was the testimony of children’s television host Mr. Rogers, who testified he thought it was great that parents could record his show and watch it with their children together when they were all at home. Id. at 445 & n.27. Second, Justice Stevens also held that even unauthorized time-shifting was a fair use under Section 107 of the newly-enacted Copyright Act of 1976. Id. at 447-55.

One decade later, internet service providers faced a real possibility of being held liable for infringements committed by their users.  They succeeded in getting Congress to enact the Online Copyright Infringement Liability Limitation Act at Title II of the Digital Millennium Copyright Act (or DMCA).  Codified at 17 U.S.C. § 512, the Act established four “safe harbors” for internet service providers engaging in certain types of activities: (a) “transitory digital network communications” (internet access and “backbone”); (b) “system caching” (temporary storage of material to facilitate access); (c) “hosting” of information posted by users; and (d) “information location tools” (indexing and linking).

To qualify for the (b), (c), and (d) safe harbors, a service provider must comply with the “notice-and-takedown” provisions in section 512(c).  (Notably, internet access providers like Cox are not required to comply with the notice-and-takedown provisions, because there is nothing for them to “take down”: by the time Cox is notified of infringing activity, it has already occurred; whereas the other three categories of service provider can take steps to prevent further infringement.)  And to qualify for any of the safe harbors, a service provider must have “adopted and reasonably implemented … a policy that provides for the termination in appropriate circumstances of subscribers and account holders … who are repeat infringers.”  [17 U.S.C. § 512(i)(1)(A).]  However, the safe harbors do not require a service provider to “monitor[] its service or affirmatively seek[] facts indicating infringing activity” [17 U.S.C. § 512(m)(1)]; and “[t]he failure … to qualify for limitation of liability under this section shall not bear adversely upon the consideration of a defense by the service provider that the service provider’s conduct is not infringing.”  [17 U.S.C. § 512(l).]

The section 512(c) and (d) safe harbors were also conditioned on the absence of facts that might otherwise make the service provider liable for infringement.  For those safe harbors, the service provider must show it:

(A) (i) does not have actual knowledge that the material or an activity using the material on the system or network is infringing;

(ii) in the absence of such actual knowledge, is not aware of facts or circumstances from which infringing activity is apparent; or

(iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material;

(B) does not receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity; and

(C) upon notification of claimed infringement …, responds expeditiously to remove, or disable access to, the material that is claimed to be infringing….

17 U.S.C. § 512(c)(1), (d)(1).  Courts have interpreted these conditions narrowly.  Both “actual knowledge” and so-called “red flag” knowledge have to be knowledge of specific infringing activity to trigger the duty “expeditiously to remove,” because otherwise, the service provider would have to “affirmatively seek[] facts indicating infringing activity.” And the “right and ability to control such activity” has to mean “something more” than the mere ability “to remove or disable access to” the infringing material, because otherwise, satisfaction of condition (A)(iii) would render it impossible to satisfy condition (B).  See Viacom Int’l, Inc. v. YouTube, Inc., 679 F.3d 19, 30-32, 37-38 (2d Cir. 2012); UMG Recordings, Inc. v. Shelter Capital Partners, 718 F.3d 1006, 1020-23, 1029-30 (9th Cir. 2013).

Between the enactment of the DMCA and the cases interpreting it, courts had to confront secondary liability in a series of cases involving peer-to-peer file-sharing.  In A&M Records, Inc. v. Napster, Inc., 239 F.3d 1004 (9th Cir. 2001), for example, Napster provided software that uploaded the file names (but not the files themselves) of all MP3 files on a user’s system to a central index on the Napster website.  A user could search the file-name index; and when the user clicked on a file name, the Napster software would initial a transfer of the file itself from one user to another (“peer to peer”).  The infringing files themselves were never uploaded to or stored on the Napster servers.  The Ninth Circuit discussed whether and how Napster should be held liable for the infringing conduct of its users:

[C]ontributory liability may potentially be imposed only to the extent that Napster: (1) receives reasonable knowledge of specific infringing files with copyrighted musical compositions and sound recordings; (2) knows or should know that such files are available on the Napster system; and (3) fails to act to prevent viral distribution of the works….

Conversely, Napster may be vicariously liable when it fails to affirmatively use its ability to patrol its system and preclude access to potentially infringing files listed in its search index. Napster has both the ability to use its search function to identify infringing musical recordings and the right to bar participation of users who engage in the transmission of infringing files.

239 F.3d at 1027. The Ninth Circuit affirmed that copyright owners were likely to succeed on both theories, although it modified the preliminary injunction.  Unable to comply with the modified injunction, Napster was forced to shut down.

In Metro-Goldwyn-Mayer, Inc. v. Grokster, Inc., 545 U.S. 913 (2005), the U.S. Supreme Court confronted two successors to Napster, Grokster and StreamCast (Morpheus), both of whom tried to avoid Napster’s fate by providing peer-to-peer file-sharing software that did not rely on a centralized index.  (Grokster’s software stored the index on various “supernodes,” while Morpheus passed a user’s search request from computer-to-computer and sent matching file names to the requesting user.)  It was thus impossible to enjoin the operation of the software, because once it was distributed, Grokster and StreamCast had no control over how it was used.  The Ninth Circuit held that distribution of the software was lawful under Sony because the software was capable of substantial non-infringing uses, even though it was being used primarily to infringe.  The Supreme Court reversed; and in doing so, it re-interpreted Sony as a case about intent:

Sony barred secondary liability based on presuming or imputing intent to cause infringement solely from the design or distribution of a product capable of substantial lawful use, which the distributor knows is in fact used for infringement. The Ninth Circuit has read Sony’s limitation to mean that whenever a product is capable of substantial lawful use, the producer can never be held contributorily liable for third parties’ infringing use of it[,] … even when an actual purpose to cause infringing use is shown by evidence independent of design and distribution of the product….

Sony’s rule limits imputing culpable intent as a matter of law from the characteristics or uses of a distributed product. But nothing in Sony requires courts to ignore evidence of intent if there is such evidence, and the case was never meant to foreclose rules of fault-based liability derived from the common law….

545 U.S. at 933-35.  The Court added that “[t]he classic case of direct evidence of unlawful purpose occurs when one induces commission of infringement by another, or entices or persuades another to infringe, as by advertising.” Id. at 935 (cleaned up).  Accordingly,

For the same reasons that Sony took the staple-article doctrine of patent law as a model for its copyright safe-harbor rule, the inducement rule, too, is a sensible one for copyright. We adopt it here, holding that one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties.

545 U.S. at 936-37. The Court cautioned, however, that “mere knowledge of infringing potential or of actual infringing uses would not be enough here to subject a distributor to liability.” Id. at 937 (emphasis added).  Instead, “[t]he inducement rule … premises liability on purposeful, culpable expression and conduct.” Id.

The Court found such “purposeful, culpable expression and conduct” in three types of evidence. “First, each company showed itself to be aiming to satisfy a known source of demand for copyright infringement, the market comprising former Napster users.” 545 U.S. at 939. “Second, … neither company attempted to develop filtering tools or other mechanisms to diminish the infringing activity using their software.” Id.  Third, the software streamed ads to active users, so “the more the software is used, the more ads are sent out and the greater the advertising revenue becomes.” Id. at 940.  The Court cautioned that the second type of evidence would not be sufficient by itself, id. at 939 n.12; but combined with the other types of evidence, “the unlawful objective is unmistakable.” Id. at 940.

Over time, the substantive law of contributory infringement started to converge with the statutory standard for the § 512(c) safe harbor.  For example, in Perfect 10, Inc. v. Amazon.com, Inc., 508 F.3d 1146 (9th Cir. 2007), the Ninth Circuit held that

[A] computer system operator can be held contributorily liable if it has actual knowledge that specific infringing material is available using its system, and can take simple measures to prevent further damage to copyrighted works, yet [it] continues to provide access to infringing works.

508 F.3d at 1172 (internal quotes and citations omitted; emphasis in original). Accord, UMG Recordings, Inc. v. Grande Comms. Network, LLC, 118 F.4th 697, 715-16 (5th Cir. 2024).  Note that after Cox, the Supreme Court granted certiorari in UMG v. Grande, vacated the decision, and remanded for reconsideration in light of Cox v. Sony. UMG v. Grande, No. 24-967 (U.S. April 6, 2026).

The Cox Facts and Procedural Posture

In 2013-2014, Sony and other record labels sent over 163,000 notices of claimed infringement to Cox, an internet access provider.  The notices claimed that infringing files were being made available online by users of the BitTorrent protocol, and Sony’s agent MarkMonitor identified the allegedly infringing users (or accounts) by their Internet Protocol (IP) addresses.  Although internet access providers like Cox are not subject to the DMCA’s notice-and-takedown provisions, Sony argued that Cox had a common-law obligation to do something about infringing users.

Cox responded with a 13-strike policy, starting with polite requests to subscribers that they should not infringe and ultimately escalating to terminating subscribers’ accounts.  During the two-year period, Cox terminated only 32 subscribers for alleged repeat infringement; it also terminated hundreds of thousands of subscribers for nonpayment.

As a result, in a previous decision, the Fourth Circuit held that Cox was ineligible for the section 512 safe harbor, because it had not “adopted and reasonably implemented … a policy that provides for the termination in appropriate circumstances of subscribers and account holders … who are repeat infringers.” 17 U.S.C. § 512(i)(1)(A); see BMG Rights Mgmt. (US) LLC v. Cox Comms., Inc., 881 F.3d 293 (4th Cir. 2018).

After a 12-day jury trial, the jury found against Cox on both contributory infringement and vicarious liability, and it further found that the infringement was willful.  The jury awarded slightly less than $100,000 in statutory damages for each of the 10,017 works at issue, for a total of $1 billion in statutory damages.  On post-trial motions, the district court largely upheld the verdict; but it agreed there was overlap in the number of works (only one award of statutory damages may be made for a sound recording of a musical work, even though there are two copyrights), so the total verdict had to be adjusted.  Sony Music Entertainment vs. Cox Comms., Inc., 464 F. Supp. 3d 795 (E.D. Va. 2020).

On appeal, “Cox argue[d] that it does not profit directly from its subscribers’ infringement because ‘[a]ll subscribers pay Cox a flat monthly fee for their internet access package no matter what they do online.’ Whether a subscriber uses her internet access for lawful or unlawful purposes, Cox receives the same monthly fee, and a subscriber’s decision to download or distribute a copyrighted song without permission does not benefit Cox.”  Sony Music Entertainment vs. Cox Comms., Inc., 93 F.4th 222, 230 (4th Cir. 2024).

The Fourth Circuit agreed: “The continued payment of monthly fees for internet service, even by repeat infringers, was not a financial benefit flowing directly from the copyright infringement itself. As Cox points out, subscribers paid a flat monthly fee for their internet access no matter what they did online. Indeed, Cox would receive the same monthly fees even if all of its subscribers stopped infringing.” Id. at 232 (emphasis in original).  Evidence that 13% of Cox’s network traffic was attributable to peer-to-peer file-sharing, and that users who were the subject of 20 or more notices of claimed infringement paid higher monthly fees for increased data usage, did not “raise[] a reasonable inference that any Cox subscriber paid more for faster internet in order to engage in copyright infringement. As Sony’s expert testified, other data intensive activities include legally streaming movies, television shows, and music, as well as playing video games. Subscribers may have purchased high speed internet for lawful streaming and downloads or because their households had many internet users…. Sony has not identified any evidence that customers were attracted to Cox’s internet service or paid higher monthly fees because of the opportunity to infringe Plaintiffs’ copyrights.”  Id. at 233.

The Fourth Circuit, however, did uphold the verdict of contributory infringement.  It first upheld the district court’s ruling on summary judgment that Sony had established the knowledge element as a matter of law, because “Cox did not argue to the district court, as it does now on appeal, that notices of past infringement failed to establish its knowledge that the same subscriber was substantially certain to infringe again.” Id. at 234.  On the material contribution prong, Cox argued “that it cannot be liable for materially contributing to copyright infringement because the internet service it provides is capable of substantial lawful use and not designed to promote infringement.” Id. at 236.  The Fourth Circuit agreed that “what matters is not simply whether the product has some or even many non-infringing uses, but whether the product is distributed with the intent to cause copyright infringement.” Id. (emphasis in original, citing Grokster). And it further agreed that “‘mere failure to take affirmative steps to prevent infringement’ does not establish contributory liability ‘in the absence of other evidence of intent.’” Id. (quoting Grokster).  Nonetheless, it held there was sufficient evidence of intent:

The evidence at trial, viewed in the light most favorable to Sony, showed more than mere failure to prevent infringement. The jury saw evidence that Cox knew of specific instances of repeat copyright infringement occurring on its network, that Cox traced those instances to specific users, and that Cox chose to continue providing monthly internet access to those users despite believing the online infringement would continue because it wanted to avoid losing revenue.

Id.  Finally, “[h]aving reversed on one theory of liability and affirmed on the other,” the Fourth Circuit held that the case had to be remanded for a new trial on damages.

Both parties filed petitions for certiorari.  The Supreme Court denied Sony’s petition, which sought review on the question: “Whether the profit requirement of vicarious copyright infringement permits liability where the defendant expects commercial gain from the enterprise in which infringement occurs …, or whether the profit requirement of vicarious copyright infringement permits liability only where the defendant expects commercial gain from the act of infringement itself.” Petition for a Writ of Certiorari , Sony Music Entertainment v. Cox Comms., Inc., No. 24-181 (U.S. filed Aug. 16, 2024), cert. denied, 145 S.Ct. 2844 (U.S. June 30, 2025). But on the recommendation of the Solicitor General, the Supreme Court granted Cox’s petition, which presented two questions:

Did the Fourth Circuit err in holding that a service provider can be held liable for “materially contributing” to copyright infringement merely because it knew that people were using certain accounts to infringe and did not terminate access, without proof that the service provider affirmatively fostered infringement or otherwise intended to promote it?

Did the Fourth Circuit err in holding that mere knowledge of another’s direct infringement suffices to find willfulness under 17 U.S.C. § 504(c)?

Petition for a Writ of Certiorari, Cox Comms., Inc. v. Sony Music Entertainment, No. 24-171 (U.S. filed Aug. 15, 2024), cert. granted, 145 S.Ct. 2841 (U.S. June 30, 2025).  The second question received little attention at oral argument, and the Court did not directly address it in the written opinion. Nonetheless, given the Court’s holding on the first question, one can infer that “mere knowledge of another’s direct infringement” will not suffice to find that a contributory infringer acted “willfully” for purposes of statutory damages.

The Majority Opinion

Justice Thomas’ majority opinion (for seven justices) is brief: just ten pages, four of which are devoted to the facts and procedural posture.  At the end of a short introduction, he states the Court’s conclusion: “a company is not liable as a copyright infringer for merely providing a service to the general public with knowledge that it will be used by some to infringe copyrights.” [Slip op. at 1]  That brief conclusion breaks little new ground; it is essentially a restatement of the holding of the Sony Betamax case, with “service” substituted for “product.” It is the application of that standard to these facts that is controversial, especially since the Fourth Circuit had specifically held there was sufficient evidence that Cox intended to cause infringement.

On the second page, the majority restates some basic principles from Grokster:

The provider of a service is contributorily liable for a user’s infringement if it intended its service to be used for infringement. To establish that a provider intended its service to be used for infringement, a copyright owner must show one of two things. First, it can show that a party affirmatively “induc[ed]” the infringement. Ibid. Or, second, it can show that the party sold a service tailored to infringement. Id., at 942 (Ginsburg, J., concurring). Patent law, with which copyright law has a “historic kinship,” … tracks these two requirements. See 35 U. S. C. §§271(b), (c). [Slip op. at 2]

Previous opinions (Grokster and Sony) had established there was liability if either of those two things was shown.  What is new is that these are apparently the only two means that will render a service provider contributorily liable.  The majority is so committed to textualism that it restricts contributory liability in copyright law to the two avenues (inducement and “tailoring”) that are codified in patent law, a different statute.

(It is worth noting that Justice Ginsburg’s concurring opinion in Grokster nowhere mentions the word “tailored.”  Here is what she said on page 942: “Liability under our juris­prudence may be predicated on actively encouraging (or inducing) infringement through specific acts … or on distributing a product [that] distributees use to infringe copyrights, if the product is not capable of ‘substantial’ or ‘commercially significant’ noninfringing uses.” Her opinion does not suggest that those are the only two ways of proving contributory liability. And even that statement was only for three justices (Ginsburg, Rehnquist, and Kennedy), not for the Court.)

After explaining the facts and procedural posture, the majority opinion returned to Justice Thomas’s “textualism” theme:

The Copyright Act does not expressly render anyone liable for infringement committed by another.” Sony, 464 U. S., at 434. Ordinarily, when Congress intends to impose secondary liability, it does so expressly….  Although our precedents have recognized specific forms of secondary copyright liability that predated the Copyright Act, we are loath to expand such liability beyond those precedents. [Slip op. at 6-7]

Why would the Court be “loath to expand such liability,” especially when the Court said in Grokster that Sony “was never meant to foreclose rules of fault-based liability derived from the common law”? 545 U.S. at 934-35.  Again, the only answer I can find is textualism: the Court thinks Congress should write the rules for secondary liability (even though Congress in 1976 believed that courts should continue the common-law tradition in many respects).  In the Court’s view, Congress did what it was supposed to do in codifying secondary liability in patent law; so the majority does not want to go beyond those boundaries in the related field of copyright law, notwithstanding the “rules of fault-based liability derived from the common law.”

That the majority is limiting contributory infringement to those two means is made abundantly clear in the next paragraph: “The provider of a service is contributorily liable for the user’s infringement only if it intended that the provided service be used for infringement. The intent required for contributory liability can be shown only if the party induced the infringement or the provided service is tailored to that infringement.” [Slip op. at 7, emphasis added]  The majority then discusses the two relevant examples from its own case law [Grokster and Sony]:

A provider induces infringement if it actively encourages infringement through specific acts. For example, in Grokster, … [t]he companies promoted and marketed their software as a tool to infringe copyrights … [and] [t]he “principal object” of their business models “was use of their software to download copyrighted works.” …

A service is tailored to infringement if it is “not capable of ‘substantial’ or ‘commercially significant’ noninfringing uses.” …

These two forms of contributory infringement track patent law…. [Slip op. at 7-8]

There is no analysis here: no discussion of Congressional intent, legislative history, or public policy.  There is no discussion of the two decades of lower court cases that had addressed the issue.  No discussion of the “(specific) knowledge plus material contribution” standard.  The majority opinion is nothing more than assertion: here are two types of contributory infringement that the Court has previously recognized, and we are not going to go beyond them.

In the next paragraph, the Court rejects a “straw man” argument, saying:

This Court has repeatedly made clear that mere knowledge that a service will be used to infringe is insufficient to establish the required intent to infringe. In Kalem Co., the Court explained that “mere indifferent supposition or knowledge on the part of the seller” that the buyer will use the product unlawfully is “not enough” to make the seller liable for the buyer’s conduct. 222 U. S., at 62…. And, in Grokster, the Court confirmed that “a court would be unable to find contributory infringement liability merely based on a failure to take affirmative steps to prevent infringement.” 545 U.S. at 939, n.12. [Slip op. at 8-9]

Here, the majority fails to grapple with the difference between a product and a service.  In Sony, the manufacturer sold VCRs to customers and had no further involvement with them.  It had constructive knowledge that some of them would use the product to infringe, but it had no way of knowing which ones.  But a service provider has an ongoing relationship with its users.  The service provider may lack specific knowledge at the outset; the question is whether it needs to terminate the ongoing relationship once it learns that a specific user intends to infringe.

The Court then restated its conclusion:

Thus, Cox is not contributorily liable for the infringement of Sony’s copyrights. Cox provided Internet service to its subscribers, but it did not intend for that service to be used to commit copyright infringement. Holding Cox liable merely for failing to terminate Internet service to infringing accounts would expand secondary copyright liability beyond our precedents.

… As for inducement, … Sony provided no “evidence of express promotion, marketing, and intent to promote” infringement … [and] Cox repeatedly discouraged copyright infringement by sending warnings, suspending services, and terminating accounts.  As for providing a service tailored to infringement, … Cox simply provided Internet access, which is used for many purposes other than copyright infringement. [Slip op. at 9]

The Court disapproved the Fourth Circuit’s holding that “supplying a product with knowledge that the recipient will use it to infringe copyrights is . . . sufficient for contributory infringement.”  That standard was based on the Second Circuit’s Gershwin opinion, which was cited in Grokster with apparent approval; and it had been adopted by all of the Courts of Appeals to consider the issue.  The Supreme Court did not grapple with any of that case law; instead, it simply said that the Fourth Circuit’s standard “went beyond the two forms of liability recognized in Grokster and Sony.” [Slip op. at 9-10]

Finally, the Court brusquely dismissed Sony’s argument that “Congress must have enacted the DMCA on the presumption that Internet service providers could be held liable in cases such as these” [Slip op. at 10], saying: “The DMCA merely creates new defenses from liability for such providers. And, the DMCA made clear that failure to comply with the safe-harbor rules ‘shall not bear adversely upon . . . a defense by the service provider that the service provider’s conduct is not infringing.’ §512(l).”

The Court could have noted (but didn’t) that, unlike other service providers, internet access providers like Cox are not subject to the notice-and-takedown provisions of section 512(c).  Sony’s attempt to make them liable by sending Cox tens of thousands of notices of claimed infringement therefore contradicts the implicit assumption that Congress made that hosting, caching, or linking to infringing material should be treated differently from internet “backbone” providers and internet access providers, like Cox.

The Concurring Opinion

Justice Sotomayor, joined by Justice Jackson, concurred in the result only.  Her concurring opinion criticized the majority for abandoning other common-law species of contributory liability:

The majority holds that Cox is not liable solely because its conduct does not fit within the two theories of secondary liability previously applied by this Court. In so doing, the majority, without any meaningful explanation, unneces­sarily limits secondary liability even though this Court’s precedents have left open the possibility that other common-law theories of such liability, like aiding and abetting, could apply in the copyright context.

I nonetheless agree with the majority that Cox cannot be held liable here for a different reason. Plaintiffs cannot prove that Cox had the requisite intent to aid copyright infringement for Cox to be liable on a common-law aiding-­and-abetting theory.

[Conc. op. at 1-2]

The concurring justices agreed that “this Court’s cases have held that contributory liability for copyright infringement may attach in at least two circumstances”: “distributing or providing a product or service that is incapable of “commercially significant noninfringing uses” [Conc. op. at 2] and inducement [Conc. op. at 3]. They also agreed with the majority that “neither of the[se] two prior theories of secondary liability … covers Cox’s conduct” [id.], and that “[t]he provider of a service is contributorily liable for the user’s infringement only if it intended that the provided service be used for in­fringement.” [Id.]  They disagreed, however, with the majority’s assertion that “[t]he intent required for contributory liability can be shown only if the party induced the infringement or the provided service is tailored to that infringement.” [Conc. op. at 3-4 (emphasis added)]  “The inflexible limit the majority imposes is nowhere to be found in either Sony or Grokster.” [Id. at 4]

Instead, “[p]roperly understood, Sony and Grokster preserved other forms of secondary liability derived from the common law.” [Conc. op. at 4]  In Sony, the Court stated that “‘[t]he absence of such express language in the copy­right statute does not preclude the imposition of’ secondary liability, … be­cause both forms of liability are ‘imposed in virtually all areas of the law.’ 464 U. S., at 434-35.” [Id.]  And in Grokster, the Court explained “that Sony neither ‘displace[d] other theories of secondary liability’ nor ‘foreclose[d] rules of fault-based li­ability derived from the common law.’ 545 U. S., at 934-35.” [Id.]

After reviewing 17 U.S.C. § 512, the concurring opinion then complained that the majority opinion undermines the “safe harbors”: “The majority’s new rule completely upends that balance and consigns the safe harbor provision to obsolescence…. After today, … ISPs no longer face any realistic probability of secondary liability for copyright infringement, regardless of whether they take steps to address infringement on their networks and re­gardless of what they know about their users’ activity.” [Conc. op. at 6]

The concurring opinion sensibly concludes that the majority should have applied “the common-law doctrine of aiding and abetting.”  It cautioned, however, that “aiding-and-abetting liability requires proof that the defendant aided another with the intent of helping that other person succeed in committing wrongful conduct.” [Conc. op. at 7]  It cited Twitter, Inc. v. Taamneh, 598 U. S. 471 (2023), for the proposition that “the defendant has to take some ‘affirmative act’ ‘with the intent of facilitating the offense’s commission.’” [Conc. op. at 8]  It also explained that:

The common law … recognizes that intent can sometimes be inferred from what the defendant knew when he acted. The Second Re­statement of Torts explains that this kind of knowledge-based intent can be found where “the actor knows that the consequences are certain, or substantially certain, to result from his act, and still goes ahead. [Conc. op. at 8]

Applying this standard, the concurring opinion found insufficient evidence of any specific intent to infringe:

Cox is merely supplying internet service to its cus­tomers. Nothing about that conduct is inherently culpable: Most internet traffic is lawful, and supplying an internet connection is just as consistent with lawful purposes as it is with unlawful purposes….

Nor have plaintiffs shown that Cox intended to aid spe­cific instances of infringement. That is because, based on plaintiffs’ evidence, Cox does not actually know that specific users will commit infringement using Cox’s network….

… Take, for example, a connection sold to a single-family home. Cox, after receiving three notices of copyright violations, would know only that that home’s connection is substantially certain to be used again in the future to com­mit infringement. Yet Cox would have no knowledge … who within the household committed infringe­ment. Nor … have plaintiffs shown any way for Cox to know if the infringer was a neighbor who might have the Wi-Fi password. Without that knowledge, it is not reasonable to infer that Cox intended to aid infringement committed by another person just because it provided an internet connection to some unknown infringer. [Conc. op. at 10-11]

“Cox [also] provides internet service to regional ISPs who in turn supply internet service to thousands of users.” [Conc. op. at 11-12]  There is no way for either Cox or the regional ISPs to know which of the thousands of users are “substantially certain” to infringe based on the notices. “The same is true for connections Cox provides to university housing, hospitals, military bases, and other places that are likely to have many different users.” [Conc. op. at 12]

What About Trademark Law?

In Cox, the Supreme Court expressly disapproved the Fourth Circuit’s holding that “supplying a product with knowledge that the recipient will use it to infringe copyrights is . . . sufficient for contributory infringement.”  It failed to note, however, that the standard it disapproved is virtually identical to the Supreme Court’s own standard for contributory infringement in trademark law.

In Inwood Labs., Inc. v. Ives Labs., Inc., 456 U.S. 844 (1982), the Supreme Court expressed the standard for contributory infringement as follows:

[I]f a manufacturer or distributor intentionally induces another to infringe a trademark, or if it continues to supply its product to one whom it knows or has reason to know is engaging in trademark infringement, the manufacturer or distributor is contributorially responsible for any harm done as a result of the deceit.

456 U.S. at 854.  Two features of this statement are notable.  First, unlike in patent law, it is not limited to defendants who have actual knowledge of the infringement (or willful blindness), but it includes those who have “reason to know” of infringement. That sounds like a negligence standard, rather than an intent standard.  Second, except for the “reason to know” language, it is virtually identical to the standard that the Supreme Court just disapproved in Cox.  This raises the question whether the Cox case will be used to call into question the trademark standard.

On the one hand, the Court has repeatedly referred to the “historic kinship” that patent law shares with copyright law.  Both are authorized in the same Constitutional clause (Art. I, §8, cl. 8), and both are intended to provide creators with a financial incentive to create and disseminate new inventions (patent) and new creative works (copyright).  By contrast, federal trademark law rests on a very different Constitutional foundation (the Interstate Commerce Clause, Art. I, §8, cl. 3) and serves different purposes (preventing consumer confusion and allowing a producer to reap the benefit of a reputation for quality). Indeed, in The Trademark Cases, 100 U.S. 82 (1879), the Supreme Court held that trademarks were neither “inventions” nor “writings,” so that federal trademark law could not be authorized by the Patent and Trademark Clause.  A lower court could certainly distinguish Inwood on those grounds.  On the other hand, there seems to be no good reason why general principles of secondary liability that are applicable to statutory torts generally should not be applied in the same manner to both copyrights and trademarks.

It remains to be seen whether Cox will upset the Inwood standard for contributory liability that has been widely cited and relied upon in trademark law.  I predict that defendants in trademark cases will challenge the Inwood standard, based on Cox; and it seems likely that a circuit split will develop on the question of whether Cox changes the law of contributory infringement in trademark law or not.  If so, the Supreme Court may have to take another case to resolve this conundrum of its own making.

Other Implications

The Cox v. Sony decision is a huge victory for internet access providers, who otherwise faced the possibility of either terminating lots of users or facing large statutory damage awards.  It is also a victory for consumers, who are far less likely to be threatened with loss of internet access, which is a practical necessity in today’s society. It also reinforces the previous 2-1 decision of the Ninth Circuit that credit-card companies are not contributorily or vicariously liable for providing payment-processing services to allegedly infringing websites. See Perfect 10, Inc. v. VISA Int’l Serv. Ass’n, 494 F.3d 788 (9th Cir. 2007).

In my opinion, however, the Court should have taken the approach of the two concurring justices.  That approach would have preserved existing case law and the common-law approach to judicial rule-making, while still making it clear that losing internet access is a disproportionate penalty for alleged acts of copyright infringement.

One of the few benefits of the Cox decision is that it states a clear rule that ought to be relatively easy for lower courts to apply.  As Prof. Rub explained, the real question is whether lower courts will follow Cox literally, or whether they will find ways to distinguish its holding from other common situations.  When you squeeze a balloon, it tends to bulge out in other directions.  It is easy to predict that copyright owners will now focus on “inducement,” trying to argue that specific knowledge of infringing material leads to an inference of intent.  If one takes Cox literally, even knowledge of specific infringing files is not enough to constitute “inducement” without some affirmative steps to promote infringement; but one court has already distinguished Cox on similar (albeit tenuous) legal grounds.

It is also easy to predict that copyright owners will now focus on “vicarious” liability, which formally remains untouched by Cox.  It is already the case that vicarious liability in copyright law has been stretched far beyond its origins in agency law: there is no requirement that there be a principal-agent relationship, only that one party have the “right and ability to control” (or “supervise”) the other party.  Most courts have held that is satisfied by a showing that the party has the ability to terminate access.  Cox would likely have been held vicariously liable if the plaintiff could have shown that it received a financial benefit from infringement.  Will advertiser-supported services fall into this category?  It seems likely that some lower courts will say “yes.”  I think an honest reading of Cox should lead to the conclusion that imposing vicarious liability on internet access providers should be equally problematic; but because the Court expressly did not address vicarious liability, copyright holders will surely try to use it.

Consequently, I think “hosting” providers will still want to follow the “notice-and-takedown” procedures in 17 U.S.C. § 512.  Unlike access providers, hosting providers face the possibility of “direct” liability under the “server” test that the Ninth Circuit uses for “direct” liability.  Unlike contributory infringement, “direct” liability and vicarious liability do not require knowledge or intent, so the absence of an intent to infringe will not save a “hosting” provider.  Compliance with the § 512(c) safe harbor, however, will keep the provider from being held liable for direct and vicarious liability as well as for contributory infringement.  That gives such providers a strong incentive to maintain their “notice-and-takedown” procedures.  It also helps with appearances, because at least it looks like the defendant is trying to do something to discourage blatant infringement.

The hard test will come when a hosting provider doesn’t qualify for the safe harbor: will courts let them off the hook under Cox, or will they find ways to work around the Cox opinion, as Prof. Guy Rub recently argued in this space?  Only time will tell.

Conclusion

Cox v. Sony is undoubtedly a landmark opinion on contributory infringement that will now appear in all copyright and IP casebooks.  It seemingly limits contributory infringement to just two theories: inducement (from Grokster) and “tailoring” (from Sony).  It seemingly rejects the “knowledge and material contribution” standard that has been used by the lower courts for over 50 years, and that the Supreme Court itself has used in trademark law.  Whether it ultimately has that effect remains to be seen; but it certainly raises multiple avenues for argument that are likely to occupy the lower courts for years to come.

Blog Coverage of Cox v. Sony

The Cox Shock: A Tectonic Shift or Just a Tremor? (Guest Blog Post)

Will Lower Courts Find Ways Around Cox v. Sony? You Betcha

Prof. Goldstein on Cox v. Sony (Excerpt from His Treatise)

Quick Comments on the SCOTUS Cox v. Sony Ruling

The post U.S. Supreme Court Narrows Secondary Liability in Copyright Law–Cox v. Sony (Guest Blog Post) appeared first on Technology & Marketing Law Blog.

This case is a different lawsuit against Classpass, this time over unredeemable Classpass credits. Despite the unmistakable message from the Ninth Circuit that TOS formation screens should be reviewed exactingly, Judge Orrick of the N.D. Cal. district seems to be living in the past. He surprisingly holds that Classpass successfully formed its TOS and sends the case to arbitration. Why did Classpass succeed here when it failed last year at the Ninth Circuit? (If you expect a logical and sensible answer to that question, you must be new to the blog).

* * *

The named plaintiff, Blackburn, navigated through three relevant TOS formation screens. The opinion never precisely identifies which one successfully formed the TOS. It seems like all three did?

(The TOS contained an arbitration clause that everyone agrees applies to this lawsuit if the TOS was properly formed).

Blackburn created her Classpass account in 2019 by navigating this screen and choosing the option to continue with her Facebook credentials (the 2019 Sign Up Screen):

A few days later, in the next screen, she acquired her subscription membership through Classpass’ refer-a-friend program (which entitled her to additional credits) (the 2019 Checkout Screen):

In 2023, Blackburn reactivated her Classpass membership by navigating this screen (the 2023 Reactivation Checkout Screen):

Everyone seems to accept the court’s characterization that all three screens are “sign-in-wraps.” That turns us over to the now-familiar three-part test for evaluating sign-in-wrap formation.

Element 1: Reasonably Conspicuous Notice

Blackburn challenged the 2019 Login Screen’s visibility on three grounds:

• It was part of a 5-screen signup sequence. The court responds “the screens are not cluttered and follow a logical flow.”
• The TOS offer was the smallest font size on the screen. The court says it was the same size as other fonts on the screen.
• The TOS offer language was below the “Continue with Facebook” button she clicked. The court says “the “Terms of Use” is bolded, underlined, and in traditional hyperlink blue. That offsets any real concern that a reasonably prudent Internet user would not know or be aware that those hyperlinks existed just below the “Continue with Facebook” button.”

The court is also OK with the 2019 Checkout Screen visibility. The court acknowledges the TOS offer language in grey font, but says the:

text is still visually set apart from the other font that appears on the screen, despite the fact that it does not appear in blue font….

the hyperlinks are denoted by a bolded light grey font and underline, sufficiently contrasting the white background. Further, the “large text block[]” to which Blackburn refers is actually a two-sentence paragraph separated in space by the one-sentence paragraph denoting the Terms of Use, which makes the presentation of the Terms of Use hyperlink even more noticeable

The court is similarly OK with the 2023 Reactivation Checkout Screen visibility:

The text referring to the Terms of Use is once again just above the commitment button, written in light grey, but bolded font, and while not denoted in traditional hyperlink blue, is set apart from the rest of the text on the screen such that its presence draws the eye. The primary difference between the 2023 Reactivation Checkout Screen and the 2019 Checkout Screen, as Blackburn points out, is that the 2023 Reactivation Checkout Screen includes a black and bolded pronouncement to the user that “you’ll automatically be charged for a full-priced monthly credit plan subscription” and includes, in blue and underlined hyperlinked font, access to information about which Fees may apply. Those decisions to add additional notice of specific terms do not take away from ClassPass’s efforts to make the Terms of Use conspicuous by setting them apart in bolded, underlined font, in a separate paragraph with font color that contrasts the white background.

Element 2: Transaction Context

The Ninth Circuit punted on this factor in Chabolla (wrongly, IMO, because it’s clearly intended to create a long-term subscription), so this court does too. This court adds: “unlike in Chabolla, Blackburn took the additional step and created a ClassPass account by logging in with her Facebook account.”

Element 3: Manifestation of Assent

“Blackburn clicked a button after being presented with a hyperlink to the Terms of Use.”

The court distinguishes Chabolla:

in Chabolla, there was no indication that a user was ever signing up. Here, at the top of the 2019 Sign Up Screen there is a heading that unambiguously reads in bold lettering: Sign up

Blackburn pointed out that in the 2019 Signup Screen, the disclosures inconsistently and ambiguously refer to both “the” TOS and “our” TOS. The court responds that the argument “makes no sense. If a user is signing up through a preexisting Facebook account, that user must have necessarily already agreed to be bound to any Terms of Use or other terms of Facebook. It is not ambiguous to a reasonable Internet user signing up for an account or membership with ClassPass, even by way of Facebook, that any newly presented Terms of Use are those of ClassPass, not Facebook.”

With respect to the 2023 Reactivation Checkout Screen, Blackburn pointed out that the TOS offer language referred to “the” button but there were two buttons below it. The court responds:

“the” in the context of the 2023 Reactivation Screen must mean “either,” because a user attempting to access the 45 free Credits can only click one button to do so, or as the 2023 Reactivation Screen denotes, “the button.”

Normally, “the” connotes a singular reference. Here, the court reads it to connote plural references.  ¯\_(ツ)_/¯

In a footnote, the court says: “I do agree with Blackburn that the 2019 Checkout Screen’s language (“By clicking the Redeem now button, I agree to the Offer Terms and Terms of Use . . .”) is curious because it leaves out whether a user who chooses to pay using G Pay is likewise bound. But a reasonable Internet user would likely understand that payment using either method would bind the user to the visibly hyperlinked Terms of Use and it is clear that Blackburn manifested assent via the 2019 Sign Up Screen and 2023 Reactivation Screen in any event.”

Implications

I view the Chabolla and Godun opinions as companion cases. They came out just a couple of months apart, and they both took highly skeptical approaches to online TOS formation. Remarkably, this court doesn’t cite Godun even once. That is a conspicuous omission.

To me, this ruling is another reminder of how TOS formation analysis has descended into Calvinball. As Judge Bybee warned in dissent in the 9th Circuit Chabolla case: “minor differences between websites will yield opposite results….That sows great uncertainty in this area.” Here, comparing this lawsuit to Chabolla, we have the exact same defendant and similar formation processes from around the same historical time period, yet Classpass gets TOS formation when the Ninth Circuit denied it last year. The outcome appears to flip based on tiny differences.

I will also note how many of the court’s assessments turn fundamentally on consumer expectations, except the court doesn’t cite a shred of empirical evidence about what consumers think. The missing empiricism plays a major role in the Calvinball phenomenon.

If the court had been inclined to do so, it could have picked apart each screen and found deficiencies in each. After all, that’s what the Ninth Circuit did in its Chabolla case. Some examples:

• In the 2019 Signup Screen, the TOS offer language refers to “sign up with Facebook” and the button says “continue with Facebook.” Plus, there is a second “sign up” button lower on the screen that the court ignores even though it matches the TOS offer language. All of this may sound ticky-tack, but…in the Chabolla case, the court rejected a screen where the TOS offer said “I agree to” and the button said “redeem now,” and in the Godun case, one of the screens failed because the TOS offer said “I agree” and the button said “connect now.”
• In the 2019 Checkout Screen, the TOS offer language is stacked below a large paragraph of offer terms, and it appears to be a slightly smaller or lighter font than those. The court could say that reasonable consumers would spot it anyway, but that’s an empirical question without empirical support. Many other courts would have treated the text block as so monolithic that no sentence stood out.
• The 2023 Reactivation Confirmation Screen had the text block problem plus (as the court discussed) the imprecision of a reference to “the” button when there were two button options.

To be fair, I don’t necessarily support courts doing this degree of ticky-tack pixel policing. However, that level of exactitude drove the Chabolla and Godun decisions.

The screenshots at issue all predate the Chabolla and Godun decisions. Today, there’s no excuse for weak sign-in-wraps like this. I expect you to do better. The courts will expect that too.

As Judge Bybee said in dissent in Chabolla, “Our decision today will drive websites to the only safe harbors available to them, the clickwrap or scrollwrap agreements.” Want to opt-out of the TOS formation Calvinball? Take the certainty of clickwraps over the chaos of sign-in-wraps.

Case Citation: Blackburn v. Classpass USA Inc., 2026 WL 962734 (N.D. Cal. April 9, 2026)

The post Remember When the Ninth Circuit Rejected Classpass’ TOS Formation? About That…–Blackburn v. Classpass appeared first on Technology & Marketing Law Blog.