In a prior ruling, the court upheld Twitter’s TOS and sent the case from D. Conn. to N.D. Tex. In my prior post, I wrote: “The relocation of the case from Connecticut to N.D. Tex. only delays the inevitable. This case is doomed due to Section 230, among other reasons.” That denouement has now arrived. The court says simply: “§ 230 clearly bars Taddeo-Waite’s claims against X.”

Decision Not to Remove Third-Party Post. “Taddeo-Waite’s claims concerning X’s decision not to remove the anonymous user’s post neatly fall into the scope of § 230 immunity….X’s decision not to remove the anonymous user’s post treat X as the publisher of another’s information.”

Algorithmic Amplification of Third-Party Post (“But the Algorithms”). “§ 230 immunizes X from suit over its decision not to delete another’s post, and whether Taddeo-Waite notified X of the post’s harmful nature is immaterial to X’s § 230 immunity for that conduct.”

Taddeo-Waite highlighted the algorithmic amplification of the third-party post. No matter, same outcome:

Taddeo-Waite contends that X’s application of its algorithm to the anonymous user’s post constitutes the kind of material contribution to that post that can render X a developer and thus an information content provider…these arguments miss that no matter what amplification Taddeo-Waite alleges, this alleged activity has no bearing on the content of the anonymous user’s post…

Taddeo-Waite does not state facts showing how X’s alleged algorithmic amplification of the anonymous user’s post encouraged or contributed to the post’s message. Instead, he only alleges that X broadcast that message once the user had already composed and uploaded it….courts have consistently found that § 230 immunizes web-based defendants from claims that allege harms caused by content recommendation algorithms…

Taddeo-Waite’s claims that derive from X’s algorithmic amplification of a post merely accuse X of exercising the same editorial judgment a publication wields when it decides which writers’ articles to print on the front page and which to print on the back…

X’s algorithm’s role in establishing that reach does not, without more, state a claim against X that can overcome § 230 immunity

As you can see, this judge completely rejects the algorithmic exceptionalism underlying “but the algorithms” arguments. It shouldn’t matter if editorial decision-making is done manually by humans or if humans encode those values into the machines.

X’s Alleged Suppression of His Posts. Taddeo-Waite complained that his posts weren’t getting his desired visibility even though he was a paid X subscriber. Thus, he frames the claim as a contract breach claim. This doesn’t move the court: “it is immaterial that the duty here was contractual in nature. Section 230 does not provide any immunity exception for breach of contract claims.” While I agree with this statement, the Ninth Circuit’s Calise and YOLO cases plainly reach contrary conclusions. This is another example of lower courts deviating from the Ninth Circuit’s 230/promises absolutism.

Having sidestepped the 230-contract interplay, the rest of the case goes quickly:

courts in the Ninth Circuit have routinely held that the plain text of § 230(c)(1) does not foreclose immunity for claims premised on information the plaintiff himself provides…

The approach that courts in the Ninth Circuit have used is persuasive here….the operative question is whether X, the interactive computer service, provided the information at the heart of Taddeo-Waite’s suppression claims. It did not. Until he terminated his account, Taddeo-Waite was an X user and an X poster, and the posts whose suppression he sues over were his own. Because Taddeo-Waite’s claims concerning X’s post suppression concern information provided by “another information content provider,” and because X meets the other two elements of § 230 immunity, X is immune from these claims.

It is mind-blowing to see a Texas court expressly saying it found the Ninth Circuit persuasive. I thought it was a point of immutable Texan independence to knee-jerk reject everything California does, regardless of merit.

In the end, this claim becomes a routine account termination/content removal claim, and it fails like the many dozens preceding it.

Also, I don’t mean to be callous, but I have little sympathy for anyone who subscribed to Twitter’s premium services post-Musk. If you’re paying for greater status in Musk’s petri dish of racism and authoritarianism, I lean towards Team Caveat Emptor. You get what you get and shouldn’t get upset.

(I miss Twitter of old, but I don’t regret not participating in Musk’s X. Find me on Bluesky).

Case Citation: Taddeo-Waite v. X Corp., 2026 WL 1391897 (N.D. Tex. April 23, 2026). This is a report and recommendation by Magistrate Judge Ray, so it’s pending before supervising Judge O’Connor.

Taddeo-Waite is proceeding pro se. He’s a Democratic candidate for Congress, though I wonder about his odds of success.

The post Section 230 Ends Lawsuit by Twitter Premium Subscriber–Taddeo-Waite v. X appeared first on Technology & Marketing Law Blog.

YOLO stopped paying its lawyers and stopped fighting in court, so it defaulted in the case. That makes me wonder who can pay off any judgments against YOLO if YOLO is already gone?

Either way, the plaintiffs are proceeding without any opposition from YOLO. And yet…their case is so unmeritorious that the plaintiffs can’t get an unopposed default judgment. Obviously defective cases are what the Ninth Circuit thought was worth wrecking Section 230 to preserve…?

In the past 2 months, the district court has twice rejected a default judgment:

Bride v. Snap, Inc., 2026 WL 855148 (C.D. Cal. March 16, 2026)

In the March ruling, the court rejects class certification. The court flags numerous problems with class formation:

• if the defendant has defaulted, can a class claim really be adjudicated properly?;
• The class claims 26M users, but the plaintiffs based the numbers partially on vibes;
• the class includes non-bullied users and, remarkably, the alleged bullies;
• the named plaintiff’s suicide-based claim materially differs from other claims of bullying;
• the plaintiff lawyers’ interest in the case seems to be waning (maybe because YOLO is judgment-proof?);
• “What is “bullying” in this context? What are “harassing messages,” “objectionable content,” and “inappropriate usage”? Who are “abusive users”? How severe or frequent does a user’s conduct have to be for Yolo to be required to take action?”; and more.

Substantively, the court questions the claims’ merits:

here are Yolo’s statements that Plaintiffs challenge in this case as fraudulent misrepresentations:

• “YOLO is for positive feedback only. No bullying. If you send harassing messages to our users, your identity will be revealed.”

• “YOLO has no tolerance for objectionable content or abusive users. You’ll be banned for any inappropriate usage.”

• “Be kind, respectful, show compassion with other users, otherwise you will be banned.”

The court is hard pressed to conclude that the TAC adequately alleges that, as to element one, those statements were plausibly false promises to future bullying victims (as opposed to threats to bullies); that, as to element two, Yolo knew that by making these statements it was making false promises to future victims; as to element three, that Yolo intended to induce reliance from future victims that Yolo would take affirmative action if bullying, harassment, inappropriate usage, unkind, disrespectful, or noncompassionate behavior occurred; or, as to element four, that that any reliance Plaintiffs exhibited on these statements as promises that Yolo would take such action was justified.

The court adds: “there is a serious question regarding whether the statements challenged as misrepresentations are puffery.” Yes, claims about on-site safety are often puffery. All of this was obvious from the face of the complaint.

In other words, the district court is flummoxed by the aftermath of the venerable Ninth Circuit Section 230 switcheroo. The Ninth Circuit negated Section 230 for promise-based claims, but the “promises” here were never actually promises and thus could never form the proper basis of a claim. Thus, reviving the case gave false hope to the plaintiffs. The Ninth Circuit has made similar 230 switcheroos at least a dozen times, each time benefiting no one.

The court continues:

Yolo’s First Amendment defense also comes into play here. “Content moderation by social media platforms is generally considered expressive activity and is protected under the First Amendment.”…Consider, for example, a scenario in which this case had proceeded through discovery and Yolo contended that it reviewed some of the messages at issue and had determined that, for whatever reason, those messages did not violate Yolo’s community standards such that they should be taken down. The court’s review of that decision could implicate the First Amendment.

I have raised the same First Amendment concerns for many other cases against social media, including the social media addiction cases.

The court bottom-lines it:

at this stage of the proceedings, Plaintiffs have presented insufficient legal authority and evidence for the court to find it is appropriate to exercise its discretion to grant the relief Plaintiffs seek.

Bride v. Snap Inc., 2026 U.S. Dist. LEXIS 104978 (C.D. Cal. May 11, 2026)

Following the March ruling, the plaintiffs tried to address the judge’s concerns and sought class certification and summary judgment a second time. Their motion remains unopposed, yet it strikes out a second time.

Class Formation: Typicality

“The new class definition still includes people who were not bullied and the bullies themselves, and Plaintiffs are not typical of these groups or adequate to represent them.”

Also, “the court is concerned is that Ms. Bride would be so preoccupied with a wrongful death claim that she believes she (and she alone) has and its significant associated damages that she would give short shrift to her role, or be distracted in her role, as class representative on the class’s claims for misrepresentation and violation of state consumer protection statutes.”

Class Formation: Commonality/Predominance

Plaintiffs allege Yolo made misrepresentations including, “No bullying. If you send harassing messages to our users, your identity will be revealed,”  and “YOLO has no tolerance for objectionable content or abusive users. You’ll be banned for any inappropriate usage.” But for these statements to be false, a trier of fact would have to consider a host of questions regarding each individual situation: what is “bullying”? What are “harassing messages,” “objectionable content,” and “inappropriate usage”? Who are “abusive users”? How severe or frequent does a user’s conduct have to be for Yolo to be required to take action? These individualized issues go to the heart of Plaintiffs’ misrepresentation claims….

unlike statements like “this moisturizer is oil-free,” or “this supplement promotes healthy joints in dogs,” Yolo’s alleged misrepresentations add a critical predicate clause—one that indicates the representation will be true only in certain circumstances. In other words, “we will ban you” or “we will reveal your identity” might be sufficiently analogous to “this moisturizer is oil-free”; what sets this case apart from a case where a reliance inference might be appropriate is the portion of Yolo’s representations that tells users when (and only when) Yolo’s promises will be true. Those clauses—such as “if you send harassing messages”; “for any inappropriate usage”; and if you are not “kind, respectful” or do not “show compassion with other users”—involve individualized issues that make the reliance inference Plaintiffs seek inappropriate.

The court seems to be saying that if a marketing representation says “if you do X actions, you will get Y result,” it will hinder class formation because the examination of whether an individual plaintiff did the predicate X actions would require individualized determinations.

No Substantive Merit

The “what is not allowed”-type statements in this case are “YOLO has no tolerance for objectionable content or abusive users,” “YOLO is for positive feedback only. No bullying,” and “[b]e kind, respectful, show compassion with other users.” These “statements of policy” that “simply describe what content is allowed on” YOLO cannot “be considered ‘false’ for purposes of Plaintiffs’ claims.” [cite to Bogard v. TikTok]

The “we remove” statements in this case are “[y]ou’ll be banned for any inappropriate usage,” “[i]f you send harassing messages to our users, your identity will be revealed,” and “otherwise you will be banned.” Plaintiffs’ argument that these statements are actionable because they say exactly what Yolo will do is only half the picture—Yolo said they would do those things when something else happened. Here, like Bogard, the vagueness of the critical threshold criteria renders the alleged misrepresentations too vague to be enforced. The Bogard court commented that “[i]t is difficult to imagine standards more subjective than ‘meaningful’ and ‘accurate enough.'” In the court’s view, “inappropriate usage,” “harassing messages,” “bullying,” and being not “kind, respectful, [or] show[ing] compassion with other users,” are equally subjective….

in each of the alleged misrepresentations, it is clear that Yolo is speaking directly to bullies, telling them that if they engage in certain disapproved behavior, “your identity will be revealed” or “you will be banned.” There is no indication that Yolo is speaking to, or making any representation to, anyone else, including the victims of any bullying, harassment, or unkind, disrespectful, or noncompassionate messages. The court finds insufficient factual allegations supporting the notion that Yolo meant for their threats to bullies—made speaking directly to bullies in the “you” voice—to be taken by victims as enforceable promises that they, people to whom Yolo was not speaking, could rely on….

Finally, the court finds insufficiently plausible Plaintiffs’ allegation that Plaintiffs’ reliance on Yolo’s statements—by using the app believing Yolo would protect them on it—was justifiable.

This time, the district court dismisses the case, so it’s now appealable to the Ninth Circuit–where, presumably, the plaintiffs’ filings will remain unopposed by the nonexistent YOLO. Will the plaintiffs appeal? I presume yes. Will the Ninth Circuit recognize how its bad prior ruling exacerbated this mess?

This case involves many tragedies, including the litigation itself. This lawsuit never should have been brought, and it should not have been revived on appeal. It shows the revictimization inherent in the Ninth Circuit 230 switcheroo. It set up the victims to waste extra time, money, and emotional energy to reach the always inevitable conclusion that this particular lawsuit isn’t the proper way to redress the victims’ harms.

The post The YOLO Remand Shows Why the 9th Circuit Should Stop Carving Up Section 230–Bride v. Snap appeared first on Technology & Marketing Law Blog.

Clicking on the “View your Mention” button leads to this screen:

In both cases, the fact statement that X mentioned Y is presumably true, and it provides a sample of how the Mentions service works for its subscribers. At the same time, it does use X’s name in what looks like advertisements to convert Y to a paying customer. This reminded me of Facebook’s sponsored stories, which similarly relayed a true fact statement (X bought an item from Y) in what was converted into a paid advertisement.

Academia also targeted non-accountholders who visited a professor’s profile, showing them house ads:

The plaintiffs filed a class action lawsuit over California’s publicity rights. Academia tries to send the case to arbitration three different ways (or, arguably, four different ways). They all fail.

Arbitration Attempt #1: Disclosure about Google’s Privacy Practices

In 2015, Judge used Academia’s “find your friends” feature to import his social graph from Google. Google displayed the following screen in the process:

The disclosure language never mentions Academia’s TOU at all, so…

(Also, Academia is trying to impose the arbitration requirement in its TOU, but the disclosure only permits Academia “to use your information”).

Arbitration Attempt #2: 2022 Google Pop-Out

In 2022, Judge signed into Academia using Google’s login functionality. Academia doesn’t know exactly what that process looked like but this is its “best estimation”:

The disclosure says to “see” Academia’s TOS but doesn’t have an if/then grammar, so….

A reminder that if you’re trying to form the TOS and can’t provide highly credible evidence of what the TOS formation screen looked like, bonne chance.

Arbitration Attempt #3: Judge was a power user

Academia argues that Judge: (1) viewed its website (which contains a link to its Terms of Use) tens of thousands of times, 29 times scrolling to the footer with the Terms link and twice clicking buttons immediately next to that link; (2) twice viewed the website when it had banners announcing that the Terms had changed; (3) opened thousands of emails from Academia containing a link to the Terms, and three times clicked an adjacent link; and (4) viewed the login page in 2016, which contained a notice that “By clicking Sign Up, you agree to our Terms,” and then subsequently created a new account in 2022.

The court says the first three don’t indicate an unambiguous manifestation of assent. As for #4, the court says there’s no temporal coupling (viewed disclosure in 2016, signed up in 2022. Heck, I can’t even remember what I had for breakfast this morning). Arbitration denied.

Section 230

Having denied arbitration, the court turns to the case’s merits. The Section 230 defense flames out:

Academia has materially contributed to the alleged unlawfulness of the conduct here. Judge alleges that Academia sends email advertisements to users stating that he has mentioned their work. The linked webpage in that email informs the user that several papers, “[i]ncluding one written by” Judge, mention the user and asks the user to “Try Premium for $1 and view your Mentions.” Additionally, after a user views Judge’s profile, Academia is alleged to provide that user with similar promotional advertisements. Judge therefore alleges that Academia unlawfully packages user-contributed content—his name and purported mention of the user—within its own solicitation to pay for its Mentions service. Thus, Academia “becomes the developer, at least in part, of that information.”

Academia contends that it is providing “notifications [that] truthfully conveyed user-generated citation information created by plaintiff himself.” Not so. Instead, Academia “transformed the character of Plaintiffs’ words . . . and actions into a commercial endorsement to which they did not consent.” [Cite to Fraley v. Facebook.] The advertisements disseminate Academia’s own message (subscribe to our Mentions service) with only a vague reference to user-generated content. As such, they are not akin to simply “disseminating the same content in essentially the same format to a search engine.” Section 230 does not allow a website to cloak its own advertisements as user-created content and thereby evade state-law liability.

Arbitration Attempt #4: Attempted TOU Amendment

After Judge filed the lawsuit, Academia purported to amend its TOU:

Also, “users must click an “Agree” button referencing the Terms of Use before continuing to use Academia.” The new TOU authorizes the use of accountholders’ names in advertising.

The court treats this purported amendment as a misleading communication to the putative class members, so it triggers the protective provisions of FRCP Rule 23(d). In other words, because the changes affected the rights of class members, sending the email after the lawsuit was filed constituted a regulated communication with putative class members. The court had issues with the lack of disclosure that users weren’t previously bound by the arbitration clause, the fact that clicking on the links apparently constituted the acceptance of “using your account,” and that the new consent-to-advertising provision would extinguish pending claims. So the court strikes the effects of the purported TOU amendments on putative class members.

I’m not sure if it’s novel for the court to treat TOU/TOS amendments during the pendency of a class action lawsuit as potentially improper communications to putative class members, but I can’t recall seeing it before. The court’s approach shuts down some of the potential gamesmanship that some defendants play where they amend the TOS post-filing to try to eviscerate pending claims, with provisions such as claims waivers or arbitration requirements. If you are a defendant in a pending lawsuit and you hope a post-filing TOS amendment can eliminate it, tread cautiously.

Structurally, this case resembles the yearbook and people-finder cases, and it goes about as well for the defendants as those cases have.

Case Citation: Judge v. Academia, Inc., 2026 WL 1256876 (N.D. Cal. May 7, 2026). Academia is represented by a defense team from Fenwick and Quinn Emanuel.

Prior blog posts on Yearbook and Genealogy Cases

• Section 230’s Application to Account Terminations, CSAM, and More
• Free-Trial Commercial Database Defeats Publicity Rights Claim–LaFleur v. Yardi
• Another Tough Ruling for People Search Databases–Camacho v. Control Group Media
• Three More Yearbook/People Database Cases Signal Trouble for Defendants
• Background Reports Protected by Section 230–Dennis v. MyLife
• Yearbook Defendants Lose Two More Section 230 Rulings
• Yearbook Database Cases Are Vexing the Courts–Sessa v. Ancestry
• Court Casts Doubt on the Legality of the Data Brokerage Industry–Brooks v. Thomson Reuters
• Section 230 Doesn’t Protect Yearbook Website’s Ads–Knapke v. Classmates
• Section 230 Covers Republication of Old Yearbooks–Callahan v. Ancestry
• Section 230 Doesn’t Protect Advertising “Background Reports” on People–Lukis v. Whitepages

The post TOS Formation Fails, and So Does Section 230–Judge v. Academia appeared first on Technology & Marketing Law Blog.

Tate v. Meta Platforms, Inc., 2026 WL 1146745 (N.D. Cal. April 28, 2026)

This case involves the manosphere enthusiasts the Tate bros, Andrew and Tristian. Instagram terminated six of their accounts for “promoting’ dangerous individuals or organizations’ or for inciting misogyny.” Due to the Tate bros’ legal entanglements in Romania, the bros claimed their deplatforming was connected to “a broader, ideologically motivated campaign, carried out under governmental and corporate pressure, to marginalize dissenting or controversial viewpoints—particularly those of prominent male figures criticizing modern social norms.” The bros sued Meta for a dozen causes of action. Meta defeats the claim based on Section 230.

ICS Provider. “Meta, as Instagram’s operator, is an interactive computer service provider.”

Third-Party Content. “the information at issue (Plaintiffs’ Instagram accounts) was provided by another (Plaintiffs).”

Publisher/Speaker Claim.

Plaintiffs challenge Meta’s decision to terminate Plaintiffs’ Instagram accounts. Meta’s conduct “can be boiled down to deciding whether to exclude material that third parties seek to post online,” and is therefore immune from liability under section 230.

The plaintiffs argued that 230 doesn’t apply to contract claims. Citing Barnes, the court calls their position “unpersuasive”:

The Complaint is replete with allegations challenging Meta’s decision to “deplatform Plaintiffs,” impose a “blanket ban and improper termination” thereby “sever[ing] them from critical commercial tools and millions of followers causing them substantial and irreplaceable financial loss and damage.” Plaintiffs further allege their removal was “not an isolated enforcement action grounded in neutral application of [the] Terms of Use.” So, drawing all reasonable inferences from the Complaint’s allegations in Plaintiffs’ favor, the duty Plaintiffs allege Meta violated derives from Meta’s decision not to publish Plaintiffs’ content online and thus falls squarely within Section 230.

The court also questions if the bros stated any contract breach. “Plaintiffs have not identified any contractual promise that applies to their Instagram accounts, let alone a promise not to terminate their Instagram accounts without prior notice or a promise to provide a right to appeal.”

(Later, with obvious irritation, the court notes that “despite an hour-long oral argument with many minutes of silence while Plaintiffs’ counsel scrolled through all the potentially relevant documents on his computer, Plaintiffs could not identify any provision to support their assertion of a promise of prior notice and appellate rights”).

1983/First Amendment Claim. “Meta is a private actor and thus its conduct constitutes private abridgement of speech to which the First Amendment does not apply.”

In denying leave to amend the complaint, the court emphasizes that this lawsuit wasn’t close at all:

Plaintiffs’ oral argument statements reveal neither they nor their counsel have a factual basis for alleging state actors were working in concert with federal actors and Meta to violate Plaintiffs’ First Amendment rights. Nor do they have a factual basis for alleging Meta violated some contractual promise to provide advance notice prior to terminating Plaintiffs’ Instagram account and not providing appellate rights, let alone a basis for alleging such breach caused $50 million in damages.

Andrew allegedly “allocated 400,000,000 of personal funds to battle Google, Meta, TikTok,” yet all that money didn’t turn the Tate bros into lawmaxxers.

The unsuccessful plaintiffs’ lawyers include Raymond Brenneman of Brenneman Apc and Thomas Maniotis of Equity Legal, PLLC. Maybe the Tate bros would have had more courtroom success if they added some women lawyers to their litigation team.

Ligon v. Meta Platforms Inc., 2026 WL 1146091 (N.D. Cal. April 28, 2026)

This is a very long and detailed opinion in response to a pro se lawsuit.

Ligon was a 2024 Republican candidate for the Georgia state senate. He got 633 votes in the Republican primary. Ballotpedia also says that he survived two lightning strikes. Wowza. It made me wonder what message God may be trying to send to him…?

Ligon placed Facebook ads for his campaign, but Facebook quickly pulled the ads and then permanently suspended his personal and campaign accounts. In a footnote, the court recaps Facebook’s emails to Ligon that suggest a plethora of reasons why his ads may have been pulled, including trademarks, fake images of others, content that put others at risk, bypassing Facebook’s ad verification system, and copyright. Ligon sued Facebook pro se for eight different claims.

Section 230

In a footnote, the court rejects Ligon’s “but the algorithms” attempt to say that his content was Facebook’s first-party content:

Defendant’s “editorial decisions” includes publishing decisions, like whether to remove published material, which are covered by section 230(c)(1) when the content was created by a third-party, but such editorial decisions alone do not constitute content creation. Plaintiff does not allege that any content was made or contributed to by Defendant, except insofar as he alleges that Defendant created the algorithm that “drives” the enforcement of Defendant’s content moderation and that this constitutes Defendant’s own content.  However, Defendant’s use of an algorithm to assist in its publishing functions does not take those actions outside the scope of its conduct as publisher so long as the algorithm is not assisting in the creation of content, which Plaintiff does not allege is the case here

The court turns to the publisher/speaker element. The Tate court applied 230 to Meta’s alleged promises to provide pre-termination notice and an appellate right. This court says those are not publisher/speaker claims:

providing notice and an appeals process, even when related to publishing decisions, is not an activity necessarily derived from the status of publisher, and sending emails or other notices about a user’s content is similarly not a traditional element of publication

As a result, the claims predicated on the failed notice and appellate rights aren’t preempted by 230. From my perspective, both the notice and appellate rights would kick in only if Meta decides not to publish the content, so I think they are inextricably linked to publication decisions. In other words, I agree with the Tate decision and disagree with this one.

Section 230 ultimately applies to the other claims. As a general statement, the court notes that “The Ninth Circuit has consistently held that decisions to publish content, or not publish content, or revoke content from publication, are quintessential publishing functions for which interactive computer services cannot be held liable under section 230(c)(1).” [Cite to Roommates.]

The court evaluates Section 230’s application to each claim in significant detail:

Plaintiff’s Claim One is a constitutional cause of action alleging that Defendant violated his First Amendment rights; his Claims Three and Four are related federal statutory claims for conspiracy to violate his civil rights and failure to prevent the conspiracy. These claims are based squarely on Defendant’s decision to remove and suspend Plaintiff’s content. The First Amendment claim is based solely on Defendant’s publishing conduct inherent to its status as publisher and remedy would require it to undertake further publishing activity by reactivating or reposting Plaintiff’s content. The conspiracy claim is essentially an allegation that Defendant coordinated with other entities to make its publishing decisions, and the tools Defendant chooses to use when making publication decisions—including potential consultation with other actors—are part of Defendant’s discretion as publisher whether to publish content. Remedy for this claim would also require Defendant to undertake specific publication actions because the alleged outcome and goal of the conspiracy is the removal of Plaintiff’s content. It then follows that the failure to prevent conspiracy claim is merely an allegation that Defendant failed to prevent a particular editorial decision from being made and enacted, whose remedy would also require Defendant to undertake specific publishing actions. It is immaterial that these claims are premised on the removal of Plaintiff’s content for political reasons—Ninth Circuit courts have consistently held that Section 230(c)(1) immunizes the removal of political content. As such, Claims One, Three, and Four are inseparable from Defendant’s status or conduct as publisher and are barred by section 230(c)(1).

[Eric’s note: the court doesn’t address the seemingly obvious problem that a statute can’t override constitutional protections.]

Plaintiff’s Claim Seven is brought under 42 U.S.C. § 1981, alleging that Defendant discriminated against him in the making and enforcement of contracts “by suspending his ads and accounts based on his conservative political viewpoint.” As with the above claims, this claim is based solely on Defendant’s suspension and removal of Plaintiff’s content and profiles, which is essential publishing activity routinely protected by Section 230(c)(1)’s liability limitations….

Plaintiff’s breach of contract claim does not allege that Defendant or any of Defendant’s agents made specific, enforceable promises to him related to the suspension of his content; instead, he relies on the general contractual underpinnings of his use of Defendant’s platforms and payment to Defendant. His statement that Defendant’s acceptance of his payment created a duty to publish his content does not constitute an allegation that Defendant made a specific promise to publish Plaintiff’s content which was intended to supersede its discretion as publisher to make publication decisions. Whether based on an implied contract or a document like the Terms of Service, this type of general contract-based allegation has routinely been found insufficient to overcome section 230’s bar on liability for publishing conduct. As written, Plaintiff’s breach of contract claim is premised solely on Defendant’s decision to suspend his accounts and his advertisements.

[In a footnote, the court adds: “Other courts have gone even further when barring contract claims under section 230(c)(1) to broadly find that contract claims based on the removal of content are inseparable from internet platforms’ status as publishers and are therefore barred. In contrast, still other courts have found that contract claims based on an alleged contractual duty of any kind are not barred by section 230(c)(1).” A shoutout to the Calise and YOLO panels for ratcheting up courts’ confusion on this point.]

Similarly, Plaintiff’s sixth claim for breach of the implied covenant of good faith and fair dealing is also barred by section 230(c)(1), insofar as this claim seeks to hold Defendant liable for the suspension of Plaintiff’s accounts and ads, for Defendant’s decision to continue publishing other content while removing Plaintiff’s content, and for the frustration of the contract via Defendant’s removal of Plaintiff’s content. Any implied promise by Defendant to use “good faith” or any general statements in the terms of service/use about its criteria when making editorial decisions like removing content is not the type of specific, directed promise that could take this claim out from the umbrella of section 230(c)(1)….Plaintiff’s allegation that Defendant enacted the suspensions “in bad faith” does not thwart section 230(c)(1) immunity….

Plaintiff’s Claim Eight for intentional infliction of emotional distress is also barred by section 230(c)(1) to the extent that it is based on Defendant’s removal of his content from its platforms. Plaintiff cannot hold Defendant liable for preventing him from accessing its platforms to publish content or removing his content, as this would hold them liable for its quintessential publishing decisions regarding what information may be published and contained on their platforms

The court then also dismisses everything (both the 230-preempted claims and the non-preempted claims) for lack of merit.

Violations of Constitutional Rights

“Plaintiff’s constitutional claims fail because he has not alleged facts showing that Defendant Meta is a state actor for constitutional purposes.”

Contract Breach

“Plaintiff’s claim that Defendant’s acceptance of his payment created an implied contract by which they agreed to run his ads is directly contradicted by the Advertising Standards and terms of service/use, which reserve to Defendant the ability to reject or restrict advertisements “for violation of [its] policies at any time.””

Implied Covenant of Good Faith and Fair Dealing

“Defendant is explicitly allowed under the terms of the contract to reject Plaintiff’s ads for any reason whenever it wants.”

IIED

Plaintiff has not identified any conduct by Defendant beyond the sending of five emails: two of the emails were identical, informing Plaintiff that his accounts or advertisements had been identified as and restricted for using copyrighted music; four of the messages informed Plaintiff of Defendant’s findings upon reviewing the content; and one sent “on behalf of Universal Music Group” included information about the penalties for violations of copyright law and the possibility of a lawsuit. None of this conduct plausibly rises to the level of “outrageous” behavior. There are also no facts alleged to support the contention that Defendant’s conduct was intended to injure or committed with the knowledge that sending such emails was likely to cause extreme emotional distress

Ligon has a better chance of getting and surviving a third lightning strike than winning an account termination/content removal case against Facebook.

* * *

One final point. You may have noted that both plaintiffs in this blog post could be characterized as “right-wing” (I don’t know what qualifies as “conservative” any more). I haven’t crunched the stats, but I believe that “right-wing” plaintiffs are overrepresented in the account termination/content removal genre. Some possible hypotheses about why that could be the case:

• The plaintiffs would argue that it’s because the services are systematically biased against right-wingers.
• There have been numerous studies indicating that right-wingers more frequently post content that transgresses the applicable TOS. Essentially, as civility degrades across our society, right-wingers more frequently embrace content–racism, sexism, violent statements, etc.–that crosses previously set standards for civility.
• Right-wingers are more likely to sue as part of their self-identity as victims and overall feelings of grievance.

I welcome other hypotheses. If anyone want to crunch the data to test my hypothesis, I can help. This could be a good paper topic.

My hypothesis poses some serious challenges to advocates of digital due process requirements. It’s an equity/equality dilemma. We might treat everyone equally with procedural protections for their online speech, but that may not produce equitable results. In practice, people with majority characteristics may be able to weaponize those legal tools to entrench their majority position. See, e.g., Lewis v. Google. If your goal is to raise up disenfranchised voices, watch out for any solution that can be turned around to benefit the majority.

The post Meta Defeats Two More Account Termination/Content Removal Lawsuits appeared first on Technology & Marketing Law Blog.

In a split opinion, a majority says this TOS formation failed:

Zeus chose to bury the page containing that agreement behind a hyperlink that itself was written in small, gray text that Tejon did not have to click. This text was located beneath large, red action buttons that Tejon did have to click. Was the hyperlink text enough to put Tejon on notice that clicking on the large, red buttons would subject him to binding arbitration? We find that it was not.

* * *

As usual, the majority starts with the wrap taxonomy. The majority says that there are only two wrap options: clickwrap or browsewrap. I wish there were zero nodes on the wrap taxonomy, but if we’re going to have a taxonomy, two nodes is too few to capture the diversity of TOS formation practices. Importantly, the majority doesn’t leave room to categorize the screen as a “sign-in-wrap,” which is how I think it would be how other circuits characterize it.

With only two choices, the majority says this TOS formation process is a “browsewrap.” (The dissent says the “parties agree that Zeus’s subscription page is a browsewrap agreement,” so the problem may lie in Florida/11th Circuit law forcing the binary choice). Once that wrap characterization is made, it’s pretty well accepted that browsewraps aren’t enforceable. In practice, the majority closely followed the Berman opinion from California, which was a sign-in-wrap opinion, and the majority had many other sign-in-wrap precedents to consider if it went looking. #EndTheWrapTaxonomy.

Despite the wrap tangent, the majority proceeds with the standard approach of reviewing whether the TOS disclosure was sufficiently conspicuous. The majority says no.

• “Zeus placed [the hyperlink] beneath two large, red action buttons that were prominently featured at the center of the page.”
• “Zeus’s terms of service hyperlink is printed in a small font on the bottom half of the page. It is easy to overlook given the larger font sizes and bolder colors of other elements on the page.”
• “all the text below the red action buttons, including the hyperlinked terms, appears in a dim, gray color.” The “dim” color phrase reminds me of the Chabolla reference to “timid” fonts.
• The underlined text was indistinguishable from the other text, and “Zeus’s hyperlink is not highlighted in a different color and is not in all capital letters.” CAPITAL LETTERS…SERIOUSLY?
• “Zeus’s terms of service notice simply does not say anything about arbitration. It would have been simple enough for Zeus to state plainly that clicking on one of the red buttons would subject any dispute between the user and Zeus to binding arbitration….Zeus chose instead to place the provision on a separate terms of service page. Having made that choice, it was required to design its website to ensure that a reasonable user would know to click to view the terms of service page, and it failed to do so.” Ugh, I’ve complained many times about this problem with layered notice. A court can always second-guess that the layered notice should have included the thing that is being contested by the plaintiff. This makes layered notices impossible because the top layer has to reference every possibly challengable term, which is all of them.

Notice that the majority doesn’t engage with the transaction context, another key part of the Ninth Circuit Chabolla/Godun tests. In general, the Ninth Circuit presumes that consumers signing up for a subscription will expect terms to govern their ongoing relationship. The majority doesn’t consider that possibility.

The majority summarizes:

None of the things that we have discussed—location on the page, font size, contrasting color, capital letters, underlining, informational content, and so forth—is individually required to pass a conspicuousness assessment. The point of these design elements is to place a reasonably prudent internet user on notice of the agreement at issue. The internet site owner may utilize some combination of these elements, or perhaps something else entirely, to bring attention to the agreement. Even better, the owner could use a clickwrap agreement. But Zeus chose to do none of this.

Judge Branch, a TAFS judge, dissented. She says the “hyperlink was centrally positioned directly beneath the action buttons, where the user’s attention is easily drawn; colored in light gray to contrast with the black background; underlined; appeared the same size as most of the text on the page; and set apart from a block of text below. A reasonably prudent person would not have missed it.”

(As usual, there was zero empirical support from either the majority or dissent for any assessment of what a reasonable consumer would think).

* * *

This ruling brings to mind the lament of Judge Bybee in the Chabolla decision: “Our decision today will drive websites to the only safe harbors available to them, the clickwrap or scrollwrap agreements.” You’ve been warned (repeatedly).

Case Citation: Tejon v. Zeus Networks, LLC, Case No. 24-11114 (11th Cir. May 1, 2026)

BONUS: U.S. v. Blocker, No. 25-1536 (7th Cir. May 5, 2026)

the fact that a contract is lengthy and poorly understood does not justify reading it with a thumb on the scale. The language of this contract unambiguously permits Dropbox to scan all files at its option and reveal the contents for five specified purposes—and Blocker does not deny that, having discovered child porn, one or more of these purposes applies.

The post 11th Circuit Rejects TOS Formation–Tejon v. Zeus appeared first on Technology & Marketing Law Blog.

Embed/in bed

The central question in the case is whether embedding is infringing. We don’t get an answer to that question. XXL chose to defend the case on other grounds at the district court, so it’s not at issue in the appeal. As a result, the panel assumes “for the purposes of this appeal, that embedding constitutes actionable use.”

[Note: normally my blog coverage would include a screengrab of one of the videos in question so you could see the content at issue in this dispute. Given this ruling, I worry I’ll join the defendant list if I do so. More chilling effects from legal uncertainty.]

Fair Use of Jordan Video

Nature of Use–Transformativeness

The court questions the transformativeness of XXL’s embedding:

Townsquare republished the Jordan Video in a news article describing a controversy surrounding the video, Townsquare’s reporting at times appears more focused on the mere existence and presentation of the video itself. No place is that more evident than in the article’s headline. Instead of referring to any of the article’s commentary, the headline presents the video as the article’s primary draw: “Michael Jordan Intervenes in Heated Confrontation Involving Wack 100 in Viral Video from 2015 —Watch.” The article then opens by explaining that the DailyLoud had posted the video on X just one day prior. That is the extent of the article’s discussion of the video’s online circulation. It moves on to describe the incident depicted in the video, but that portion of the article simply describes what viewers of the video can see for themselves….

there is a difference between gesturing towards a transformative message and actually communicating that message. Here, Townsquare’s commentary was limited to a few sentences explaining that a third party had republished the video and opined that an individual who does not appear in it was Charleston White. Notably, the article does not identify anything in the video that would corroborate that speculation for the viewer; instead it relies on the unexplained say-so of the DailyLoud’s post. It is therefore debatable whether the article meaningfully communicated any new commentary about the video (which could justify its copying) or instead merely summarized commentary about the fight depicted and relied on the video solely as an illustrative aid (in which case the copying served little transformative function)

Despite these musings, the court doesn’t definitively resolve the transformativeness question, saying the other factors negate fair use.

Nature of Use–Commerciality

“Townsquare is a for-profit entity, a fact that weighs against fair use….Townsquare ran advertising alongside its embedded depiction of the Jordan Video, but classic legacy news media such as newspapers, news magazines, and commercial television stations did, and do, the same.”

The court decides the nature of use factor is at best neutral.

Nature of Work

“The Jordan Video was largely factual, and, as Richardson concedes, did not involve meaningful creative choices. That Richardson was fortunate to be in the right place at the right time to record Jordan’s unexpected intervention does not make the work creative.” The court says this factor weighs in favor of fair use but “plays a minimal role in the fair-use assessment.”

Amount Taken

XXL republished the entire video, which it said was required by the embedding. The panel questions the necessity:

Townsquare could have, for example, republished the text of the post along with a portion of the video. Or it could have taken a screenshot of the post with a still of the video (as Townsquare did for the article’s headline). Or it could have simply reported on the controversy and included a hyperlink to the post, forgoing any reproduction of the video. While embedding the post may have been more expedient for Townsquare, nothing compels a conclusion (and certainly not at this stage) that embedding the post and, with it, the entire video was reasonable in relation to Townsquare’s limited news reporting.

I guess the panel is really that willing to second-guess XXL’s editorial processes? And the court says XXL could have taken a video screengrab instead of embedding the whole video, but later in the opinion it doesn’t resolve whether that screengrab would itself be infringing, so…is that a non-infringing option or not?

XXL also argued that viewers needed to see the entire video to evaluate its hypothesis about who’s in the video. The court responds that the person at issue never appears in the video (only off-camera).

XXL also argued that embedding allowed its audience to see the original comments. The court responds that XXL could have just done summary reporting of that information.

Instead, the court says “Perhaps discovery may offer further editorial or technological justification for Townsquare’s decision to use the entirety of the video.” Sounds expensive.

Market Effect

The court says this is the “most important” fair use factor.

The court says Richardson’s complaint didn’t make clear what the market for the video is. The court rewards this pleading omission: “Townsquare cannot decisively demonstrate the absence of an effect of its use of the Jordan Video on the market for the original video based on the allegations in a complaint that say little or nothing about the nature of that market.” It’s true that the defense has the burden to establish fair use, but the panel also rewards plaintiff drafting gamesmanship.

Without any guidance from the complaint, the panel then veers into speculation-land:

It is entirely unclear that a viewer of Townsquare’s story would gain anything from watching a version of the Jordan Video unencumbered by Townsquare’s reporting, advertising, and the X post text and border. And if viewers are unlikely to gain anything, they would have little reason to seek out the Jordan Video from Richardson. And without viewers, Richardson would experience market harm either by lost advertising revenue (if, like Townsquare, he had published the video online) or lost rental or purchase revenue (if he provided the video directly to consumers).

I can’t tell if the initial X poster (DailyLoud) was authorized or not. If it was an authorized post to X, then odds are that the X posting wouldn’t generate any of these revenues, in which case the court’s discussion is both hypothetical and wrong.

The court summarizes its view on the market effect at early litigation stages: “because Townsquare has not shown that its use of the Jordan Video is not a market substitute for the Jordan Video itself, the fourth statutory factor weighs against fair use.”

Summary of Fair Use

To whatever extent Townsquare’s use of the Jordan Video is transformative (if at all), that fact is outweighed by Townsquare’s decision to republish the entire video. That choice rendered its use of the video a plausible market substitute for the video itself. Discovery may further explicate the relevant market factors, and thus demonstrate that Townsquare’s use of the full video was reasonably justified or that customers interested in watching the video would still seek out the original to avoid the article’s text and advertising

As this passage indicates, XXL could still win fair use–it will just take more time and money to find out. But notice how the court had to twist the factors to make them (other than the amount taken) actually weigh against fair use. Perhaps reflecting the pleading burdens, the court was extraordinarily charitable to the plaintiff–almost certainly more than the plaintiff deserved. This is how bad cases survive in court longer than they should.

Screenshots as Infringement

The lower court said the screengrabs were de minimis copying. The court says that doctrine doesn’t apply because “By taking screenshots, Townsquare made literal copies of video “frames” and incorporated those copies into its articles.” The court sees the de minimis exception quite narrowly: “we have typically found de minimis use where the defendant’s inclusion of the copyrighted work was incidental or unidentifiable in the secondary work.” In contrast, “Townsquare prominently displayed the screenshots, which are clearly recognizable as taken from the embedded videos (as Townsquare intended them to be), to communicate the subject matter of its articles.”

The court doesn’t address fair use for the screengrabs because the lower court didn’t rule on that topic. Nevertheless, the court cautions the lower court that “fair-use analysis is generally ill-suited to the pleading stage.”

It’s truly mind-blowing to believe that it could be infringing to display a screengrab from a video when discussing the video. I expect courts will bless the republication of screengrabs eventually, but not using the de minimis doctrine.

Permission to Embed the Melle Mel Video

Art of Dialogue uploaded the Melle Mel video to YouTube. YouTube’s upload TOS expressly authorizes third-party embedding, which seemingly extends permission to XXL. Richardson said the court couldn’t consider these facts, but the court responds that Richardson:

does not, for example, assert that the Melle Mel Video was uploaded onto YouTube without his consent or that the version of the Terms that Townsquare attached was in any way inaccurate. Had he done so, the resulting factual dispute would have rendered the Terms premature for consideration at the pleading stage. But his failure to do so confirms that he sought to rely on “clever drafting” to render his complaint “invulnerable to Rule 12[c].”

A reminder that the court just accepted similar “clever” drafting in the fair use considerations…so I guess pleading cleverness only works sometimes? Also, the court saying that all Richardson had to do was contest the initial upload authorization or the TOS terms (which they would only do in good faith per Rule 11–wink wink) and the court would survive the case to summary judgment provides plaintiffs with yet more leverage.

To the extent that XXL didn’t comply with any conditions from YouTube’s TOS embedding license, the court says that’s YouTube’s issue to enforce, not Richardson’s.

Implications

I could recapitulate this decision:

• The Second Circuit doesn’t like to decide fair use on motions to dismiss. (XXL requested judgment on the pleadings, but the court sidestepped the difference in stages by collapsing the two into a single “pleading stage”).
• The de minimis defense is a niche exception.
• Social media TOSes authorize third-party embedding. If the uploader had the permission to upload, then downstream embedders aren’t liable.

Stated this way, perhaps this opinion doesn’t look so bad.

However, the court’s reticence to resolve fair use early is problematic in light of Richard Liebowitz’s recent litigation rampage in Second Circuit-governed courts, where courts had to resolve fair use early to clear out his trash lawsuits. Rulings like this help copyright trolls and other copyright owners weaponize the litigation process and increase defense costs. Even if the lower court rules for Townsquare/XXL on remand, significant damage is done simply by letting unmeritorious cases get that far.

All of these litigation efforts could be avoided if the Second Circuit followed the Ninth Circuit’s approach to embedding, a question that wasn’t before this panel. In the 9th Circuit, embedding isn’t copyright infringement, so defendants don’t need to justify fair use or try to make the de minimis doctrine something more than it is. We’ve been waiting a long time for the Second Circuit to clarify its stance on embedding. Until then, we get rulings like this and expensive litigation cycles.

Similarly, we need stronger judicial pronouncements that screengrabs aren’t infringing. The entire meme and GIF ecosystem is riding on that issue.

Case Citation: Richardson v. Townsquare Media, Inc., 2026 WL 1097502 (2d Cir. April 23, 2026)

The post We Still Don’t Know the Second Circuit’s Position on Embedding and Copyright Infringement–Richardson v. Townsquare appeared first on Technology & Marketing Law Blog.

After the Supreme Court’s first and only CFAA decision in Van Buren v. US in 2021, I wrote that the Court “could have done 10% more work here and provided clarity on very key questions….[but SCOTUS] declined the opportunity to do so. In the end, there are remarkably few clear, declarative sentences in this opinion that provide guidance for future cases.”

The Court intentionally left open many key questions. And so it should come as no surprise that there has been an emerging doctrinal divergence related to key concepts with the CFAA. Perhaps most notably, Courts have been applying the concept of “technological harm” in the CFAA differently in different circuits.

In Van Buren, Justice Barrett wrote:

…§1030(a)(2) also gives rise to civil liability, §1030(g), with the statute defining ‘damage’ and ‘loss’ to specify what a plaintiff in a civil suit can recover. ‘[D]amage,’ the statute provides, means ‘any impairment to the integrity or availability of data, a program, a system, or information.’ §1030(e)(8). The term ‘loss’ likewise relates to costs caused by harm to computer data, programs, systems, or information services. §1030(e)(11). The statutory definitions of ‘damage’ and ‘loss’ thus focus on technological harms—such as the corruption of files—of the type unauthorized users cause to computer systems and data. Limiting ‘damage’ and ‘loss’ in this way makes sense in a scheme ‘aimed at preventing the typical consequences of hacking.’ Royal Truck, 974 F. 3d, at 760. The term’s definitions are ill fitted, however, to remediating ‘misuse’ of sensitive information that employees may permissibly access using their computers.

Van Buren v. United States, 141 S. Ct. 1648, 1659–60 (2021) (quoting 18 U.S.C. § 1030(e)(8), § 1030(e)(11)).

Multiple district courts, especially in SDNY and the Northern District of California, began to interpret Van Buren to demand that any CFAA “loss” be tethered to technological harm. Meanwhile, some other district courts read the statute to allow any claim to proceed that included an allegation that a plaintiff had investigated an offense and incurred $5,000 in so doing.

Where this comes up most consistently is in the context of an internal investigation related to alleged unauthorized access. Courts increasingly have disagreed about whether an internal investigation, untethered to “technological harm,” meets the standard for a qualifying loss under §1030(e)(11). While not quite rising to the level of a circuit split, lower courts in the 2d, 3d, and 9th Circuits have increasingly required specific pleading at the motion to dismiss stage to allege that the internal investigation posited as a “loss” was tethered to “harm to computer data, programs, systems, or information services.” In the 5th, 7th, and 11th circuits, courts were much less inclined to require that specific pleading.

—

On Jan. 21, 2026, the Tenth Circuit became the first circuit court to squarely reject the CFAA interpretation that investigations must be tethered to technological harm. It did so with Moxie Pest Control (Utah), LLC v. Nielsen, and it concluded that investigative costs qualify as a CFAA “loss” even when the plaintiff does not show or even allege “technological harm” like corrupted data or damage to systems.

According to the Tenth Circuit, under § 1030(e)(11)’s plain text, any reasonable cost of responding to an offense qualifies.

—

This was the general divide that had emerged around the country pre-Moxie.

The first camp suggests that costs must be tethered to clear evidence of technological harm to qualify as a loss.

The courts in this camp do not reject investigative costs as a category. But conclusory pleadings related to investigations in the absence of technological harm often get dismissed. These courts have demanded specifics about what was done, why the investigation was necessary, how it ties to the intrusion, and evidence that the “loss” was tethered to “harm to computer data, programs, systems, or information services.”

Many recent decisions have been pushing in that direction:

• CoStar Group, Inc. v. Leon Capital Group, LLC (D.D.C. 2022) dismissed where the claimed loss was time and money spent “identifying, investigating, and attempting to block and otherwise respond,” but the allegations did not adequately plead cognizable CFAA loss.
• The Phoenix Co., Inc. v. Castro-Badillo (D.P.R. Aug. 9, 2024) dismissed where the plaintiff relied on “investigation” but did not plead what investigative measures were taken and what damage, if any, was actually caused.
• Sylabs Inc. v. Rose (N.D. Cal. Sep. 26, 2024) dismissed where “loss” was pegged to forensic analysis but the allegations were essentially conclusory and failed Rule 12(b)(6) specificity expectations.
• William Gottlieb Mgmt. Co., LLC v. Carlin (S.D.N.Y. Mar. 26, 2024) dismissed where the “investigation” just confirmed what the plaintiff already knew and did not involve analyzing effects on computer systems.
• X Corp. v. Center for Countering Digital Hate (N.D. Cal. 2024) dismissed X Corp.’s CFAA claim at the motion-to-dismiss stage because the court found that X failed to allege technological harm necessary under § 1030’s loss definition, and that internal costs and reputational advertising revenue losses tied to CCDH’s reports and investigations did not allege harm to computer data, systems, or programs as contemplated by the statute. Also, the broader complaint was treated as a SLAPP aimed at punishing criticism rather than bona fide CFAA conduct.

If you read those cases as a group, you find situations where courts are skeptical of internal investigations because they seem pretextual. According to these cases, an alleged investigation is not a blank check to proceed with a CFAA claim. Courts want to see that the investigation was a response to an access violation causing technological harm and not just a litigation prep exercise.

The second camp is more of a magic words approach. If there’s alleged unauthorized access, and you say there was an investigation that cost $5k, the case moves to discovery.

This was pretty much the consensus around the country pre-Van Buren. But lower courts were fairly evenly divided about that concept of loss post-Van Buren.

The Tenth Circuit in Moxie is now a clean appellate-level entry for this camp.

According to Moxie, the CFAA’s definition of “loss” explicitly includes response and damage-assessment costs. So district courts should not treat Van Buren as silently rewriting the civil-remedies threshold into limiting investigations to those tethered to technological harm.

Moxie is now the most prominent post-Van Buren statement on this question, and because it is a circuit court opinion, and not a one-off district court order, it will carry significant weight, and may permanently tip the scales in favor of this camp.

—

The facts of Moxie are as follows:

The plaintiffs were a group of affiliated pest-control companies that alleged employees of their competitor, Aptive Environmental, bribed current and former Moxie representatives to turn over confidential, password-protected sales data (including leaderboards) stored in Moxie’s system, which Aptive then allegedly used to recruit door-to-door sales representatives. Moxie sued Aptive and several individuals under the Computer Fraud and Abuse Act (CFAA), RICO, the Defend Trade Secrets Act (DTSA), and Utah’s Uniform Trade Secrets Act (UTSA).

The district court dismissed Moxie’s CFAA claim for failure to plead a qualifying “loss” post-Van Buren, denied motions to compel broad damages discovery, and granted summary judgment on the other claims for lack of causation. On appeal, the Tenth Circuit reversed the dismissal of the CFAA claim, holding that Moxie’s allegations of over $5,000 in investigative costs incurred in response to unauthorized access plausibly satisfied the CFAA’s “loss” definition even absent technological harm, affirmed the discovery ruling, affirmed summary judgment on RICO, and reversed in part the DTSA/UTSA rulings on remedies and remanded for further proceedings.

—

For practitioners in this space, it isn’t hard to see how Moxie could be problematic.

There is a chicken-or-the-egg conundrum with the statutory language cited by the Tenth Circuit. While § 1030(e)(11)’s definition of loss includes any reasonable cost of responding to an offense, the statute itself does not offer any guidance on what the *offense* must be that provokes the investigation. By the Tenth Circuit’s definition, it doesn’t matter. Any conduct associated with unwanted access will do. And so, activity that does not cause technological harm can give rise to a CFAA claim if a plaintiff investigates it and incurs $5,000 in expenses.

The problem is twofold: (1) It lets plaintiffs convert a whole range of non-technological harms into federal computer crimes, thus seemingly contradicting the guidance of the Supreme Court and the statute itself, which requires harm to computer data, programs, systems, or information services; and (2) The $5,000 threshold becomes nigh-meaningless. Any plaintiff with a lawyer and an incident-response vendor can hit $5,000 by lunchtime. Indeed, a recent case found that a pro se plaintiff spending 25 hours of his own time was sufficient to establish a “loss” under the CFAA. Karcz v. Mezouak, 2026 WL 622679 (D.N.J. March 5, 2026).

In other words, conduct that would not give rise to a CFAA violation because the alleged harm is not technological in nature under the Supreme Court’s definition of a “loss” can easily become a CFAA “loss” as long as a plaintiff alleges that they investigated it.

That’s a deeply circular definition of “loss”. But Moxie didn’t grapple with that deeper circularity head-on.

Making benign integrations and free speech criminal

Let me lay out a couple of different fact patterns where this often plays out.

Even though the defendants here are highly unsympathetic, that’s not always the case. The alleged conduct was plainly wrongful. It involved alleged bribery, misuse of credentials, and copying confidential information from a protected account. But the CFAA should be reserved for technological harms, not merely unauthorized taking of information. That distinction matters. The opinion blurs the line between digital trespass and ordinary misuse of access, even though the real injury alleged was the taking of valuable business information, not damage to the integrity or functioning of the computer system itself. If the system still worked as designed, was not impaired, and suffered no meaningful technological disruption, then this looks much more like a trade secrets or unfair competition case, not a CFAA claim.

That overexpansion matters beyond these bad facts. Once courts allow the CFAA to reach conduct that does not cause technological harm, the statute becomes a much more flexible weapon for private plaintiffs and platforms seeking to recharacterize disfavored access as computer intrusion.  There are countless software integrations whose primary business purpose is to integrate some sort of useful activity within another company’s platform. Lots of companies build these useful layers into and on top of other companies’ software. Most of the time, the purpose of these integrations is to provide something of value to end users, but of course, large platforms are often reluctant to cooperate with third parties.

Created by ChatGPT Dec. 2025

The panel says, almost in passing, that “we need not decide whether the conduct Moxie alleged violates the CFAA. It does,” because Nielsen used a pilfered password, and then goes on to hold that investigative costs alone can satisfy CFAA loss without any technological impairment. The problem is not that the defendants should win. They should not. The problem is that the opinion does nothing to distinguish credential theft from the far more ordinary reality of delegated access and platform integrations, where a user intentionally lets a third-party tool access an account through stored credentials, session continuity, or other account-linked mechanisms. In a world full of CRM plug-ins, analytics layers, scheduling tools, and middleware, courts should be careful not to let “access by someone other than the nominal account holder” plus “investigation” equal a federal crime. The “loss” element needs to be a meaningful filter. If it isn’t, lots of benign conduct becomes illegal.

If investigative expenses are enough, regardless of whether tethered to a technological harm, then a platform that objects to a researcher, watchdog, journalist, or advocacy group can more readily plead its way past dismissal by alleging unauthorized access plus the cost of figuring out what happened. Moxie sits uneasily beside X Corp. v. Center for Countering Digital Hate, where Judge Breyer recognized the basic danger directly, writing that the case was “about punishing the Defendants for their speech” and that X sued “in order to punish CCDH” for publications criticizing the platform.

To be clear, Moxie did not involve public-interest criticism. It involved commercial espionage. But doctrine built in hard cases does not stay in hard cases. Once courts make it easier to plead CFAA claims based on contested access and post hoc investigation costs, that logic can be repurposed by platforms seeking to suppress unfavorable reporting, auditing, or accountability research. The right lesson from Moxie should have been narrow, but instead it was unequivocal and unqualified.

Don’t get it twisted: If self-motivated, sponsored investigations untethered to technological harm qualify as losses under the CFAA, then any integration disfavored by a platform can be made illegal, regardless of how valuable or pro-social it may be. And any “access” that’s disfavored by a platform can be made illegal, too. Regardless of how benign or pro-social it may be.

That’s the legal landscape that Moxie creates.

In the coming months, the Ninth Circuit is likely to revisit this issue with Perplexity AI’s appeal of the preliminary injunction issued by the Northern District of California in its case against Amazon. When that case is decided, we can expect to get a clearer picture of whether there will be a consensus on this issue or a true circuit split.

The post Tenth Circuit Broadens CFAA ‘Loss’ Beyond Technological Harm–Moxie v. Nielsen (Guest Blog Post) appeared first on Technology & Marketing Law Blog.

The court starts off with this broad proposition:

Section 230 compels dismissal of claims seeking to hold platforms liable for activity amounting to sexual exploitation of one user by another when the factual predicate is that the two users engaged in messaging using the platform’s service” [cites to Doe v. Grindr, Doe v. MySpace, Doe v. Snap, Doe 1 v. Backpage, Doe II v. MySpace, In re Facebook, LW v. Snap, Doe v. Grindr (S.D. Fla.), Doe v. Kik.]

Negligence

The plaintiff tried the standard set of arguments that Discord was defectively designed because it didn’t adhere to the plaintiff lawyers’ vision of how services should operate:

Plaintiff’s “Negligence” claims seek to impose liability on Discord for (i) designing its messaging service to facilitate harmful private communications; (ii) allowing “unsupervised” messaging between users; (iii) failing to require phone number verification or otherwise “screen users”; (iv) failing to “implement … parent controls” and “parental notifications” that would monitor and supervise messages; (v) failing to remove user profiles and block messages from adults who message teens; (vi) failing to set default safety settings that would block messages between unconnected users; (vii) offering an “open chat function” without sufficient moderation; and (viii) failing to monitor for, report and prevent the use of [its] app[ ] by sexual predators.”

The court says all of those configuration choices are editorial choices protected by Section 230:

These claims each amount to Plaintiff seeking to impose a duty on Discord to monitor, screen, and block Plaintiff’s communications with other Discord users. All of these duties would require Discord to alter or amend how it publishes, monitors, screens, flags, blocks, or removes users’ messages and profiles, including how it offers to its users “neutral tools” that allow users to communicate in different chat forums and formats. [cite to Jones v. Dirty World (6th Circuit)]

Notice how this court implicitly veers away from the social media addiction rulings in California and numerous other precedents saying that design choices can be agnostic about what content they apply to and therefore are not based on third party content.

Strict Liability

The court treats the products liability claim the same as the negligence claim. The plaintiff complained about the following practices:

The Complaint faults Discord for providing a service that “allow[s] children to come into contact with child predators, and asserts that Discord should provide “[e]ffective parental controls” to stop harmful message exchanges; reconfigure features to “block[ ] direct messaging between child and adult users”; block content from “known abusers”; and offer a more restrictive “[c]ontrolled chat” option.

The court responds that these claims “would require Discord to more perfectly screen for and block harmful messages and alter the operation of the neutral tools it provides users to send messages,” which Section 230 does not permit.

Concealment/Failure to Warn

The court says the concealment/failure to warn claims also second-guess Discord’s editorial decisions. The court says:

Courts cannot accept attempts to repackage what is in actuality “publisher” actions as “torts of omission” to evade Section 230

Thus, “these allegations appear to be simply a restatement of Plaintiff’s negligence claims and product liability claims already found to be barred by Section 230. Put another way, the only way that Discord could address these aspects of its platform would be “to take certain moderation actions” that would eliminate the alleged discrepancy between Discord’s description of its moderation efforts and the “reality” of its moderation – again, “publishing” actions.” [cite to Bride v. YOLO]

Failing to warn users that Discord is a “dangerous” app “is at root a claim based on “publication” choices related to moderation efforts, which fall within the immunity provided by Section 230.” Cites to Bride v. YOLO, Doe v. Grindr, Wozniak v. YouTube.

The court also questions if there was any actual omission: “Discord does disclose and issue transparency reports that – as is the case with any platform that handles an immensely high volume of messages each day – do show that its content moderation efforts are imperfect.”

Misrepresentation

Plaintiff’s claims seek to hold Discord liable for alleged “misrepresentations” by failing to conform its content moderation standards – based on what amounts to its general “aspirational” standards of seeking to provide a platform “safe for minors” – to a level defined by Plaintiff. [The Grindr court distinguished] claims based on actual specific and defined contractual promises [from] general aspirational goals regarding platform content moderation

The litigation over “safe” content moderation is decades-old and completely confused.

Third-Party Content

Nowhere in Plaintiff’s Complaint does it accuse Discord of creating the offensive messaging, but rather the Complaint seeks to hold Discord liable for facilitating – or failing to moderate – sexually exploitative offensive messaging created by others. The fact that Discord may have provided the “tools” by which Plaintiff and her alleged abusers exchanged messages, to “carry out what may be unlawful or illicit” does not make Discord a “content provider,” but rather treats Discord as a “publisher” of (offensive) messaging created by third parties.

Implications

A reminder that sexual predation cases involve heartbreaking facts. Section 230 often arises in tragic circumstances.

The Section 230 jurisprudence is coming apart at the seams, as illustrated by this ruling. I think this court got it right and disagreeing courts got it wrong. However, there is now enough precedent on both sides of every issue to vex everyone. This opinion carefully prioritized appellate rulings, which have largely rejected the design defect workarounds to Section 230. However, many more design defect cases are heading to appellate courts across the country, and any appellate deviation in any one of those cases will tear Section 230 even further apart.

Case Citation: Jane Doe v. Discord Inc., 2026 WL 1067574 (N.D. Ohio April 20, 2026). The complaint.

The post Section 230 Helps Discord Defeat “Defective Design” Claims Regarding Sexual Predation–Jane Doe v. Discord appeared first on Technology & Marketing Law Blog.

This case is a different lawsuit against Classpass, this time over unredeemable Classpass credits. Despite the unmistakable message from the Ninth Circuit that TOS formation screens should be reviewed exactingly, Judge Orrick of the N.D. Cal. district seems to be living in the past. He surprisingly holds that Classpass successfully formed its TOS and sends the case to arbitration. Why did Classpass succeed here when it failed last year at the Ninth Circuit? (If you expect a logical and sensible answer to that question, you must be new to the blog).

* * *

The named plaintiff, Blackburn, navigated through three relevant TOS formation screens. The opinion never precisely identifies which one successfully formed the TOS. It seems like all three did?

(The TOS contained an arbitration clause that everyone agrees applies to this lawsuit if the TOS was properly formed).

Blackburn created her Classpass account in 2019 by navigating this screen and choosing the option to continue with her Facebook credentials (the 2019 Sign Up Screen):

A few days later, in the next screen, she acquired her subscription membership through Classpass’ refer-a-friend program (which entitled her to additional credits) (the 2019 Checkout Screen):

In 2023, Blackburn reactivated her Classpass membership by navigating this screen (the 2023 Reactivation Checkout Screen):

Everyone seems to accept the court’s characterization that all three screens are “sign-in-wraps.” That turns us over to the now-familiar three-part test for evaluating sign-in-wrap formation.

Element 1: Reasonably Conspicuous Notice

Blackburn challenged the 2019 Login Screen’s visibility on three grounds:

• It was part of a 5-screen signup sequence. The court responds “the screens are not cluttered and follow a logical flow.”
• The TOS offer was the smallest font size on the screen. The court says it was the same size as other fonts on the screen.
• The TOS offer language was below the “Continue with Facebook” button she clicked. The court says “the “Terms of Use” is bolded, underlined, and in traditional hyperlink blue. That offsets any real concern that a reasonably prudent Internet user would not know or be aware that those hyperlinks existed just below the “Continue with Facebook” button.”

The court is also OK with the 2019 Checkout Screen visibility. The court acknowledges the TOS offer language in grey font, but says the:

text is still visually set apart from the other font that appears on the screen, despite the fact that it does not appear in blue font….

the hyperlinks are denoted by a bolded light grey font and underline, sufficiently contrasting the white background. Further, the “large text block[]” to which Blackburn refers is actually a two-sentence paragraph separated in space by the one-sentence paragraph denoting the Terms of Use, which makes the presentation of the Terms of Use hyperlink even more noticeable

The court is similarly OK with the 2023 Reactivation Checkout Screen visibility:

The text referring to the Terms of Use is once again just above the commitment button, written in light grey, but bolded font, and while not denoted in traditional hyperlink blue, is set apart from the rest of the text on the screen such that its presence draws the eye. The primary difference between the 2023 Reactivation Checkout Screen and the 2019 Checkout Screen, as Blackburn points out, is that the 2023 Reactivation Checkout Screen includes a black and bolded pronouncement to the user that “you’ll automatically be charged for a full-priced monthly credit plan subscription” and includes, in blue and underlined hyperlinked font, access to information about which Fees may apply. Those decisions to add additional notice of specific terms do not take away from ClassPass’s efforts to make the Terms of Use conspicuous by setting them apart in bolded, underlined font, in a separate paragraph with font color that contrasts the white background.

Element 2: Transaction Context

The Ninth Circuit punted on this factor in Chabolla (wrongly, IMO, because it’s clearly intended to create a long-term subscription), so this court does too. This court adds: “unlike in Chabolla, Blackburn took the additional step and created a ClassPass account by logging in with her Facebook account.”

Element 3: Manifestation of Assent

“Blackburn clicked a button after being presented with a hyperlink to the Terms of Use.”

The court distinguishes Chabolla:

in Chabolla, there was no indication that a user was ever signing up. Here, at the top of the 2019 Sign Up Screen there is a heading that unambiguously reads in bold lettering: Sign up

Blackburn pointed out that in the 2019 Signup Screen, the disclosures inconsistently and ambiguously refer to both “the” TOS and “our” TOS. The court responds that the argument “makes no sense. If a user is signing up through a preexisting Facebook account, that user must have necessarily already agreed to be bound to any Terms of Use or other terms of Facebook. It is not ambiguous to a reasonable Internet user signing up for an account or membership with ClassPass, even by way of Facebook, that any newly presented Terms of Use are those of ClassPass, not Facebook.”

With respect to the 2023 Reactivation Checkout Screen, Blackburn pointed out that the TOS offer language referred to “the” button but there were two buttons below it. The court responds:

“the” in the context of the 2023 Reactivation Screen must mean “either,” because a user attempting to access the 45 free Credits can only click one button to do so, or as the 2023 Reactivation Screen denotes, “the button.”

Normally, “the” connotes a singular reference. Here, the court reads it to connote plural references.  ¯\_(ツ)_/¯

In a footnote, the court says: “I do agree with Blackburn that the 2019 Checkout Screen’s language (“By clicking the Redeem now button, I agree to the Offer Terms and Terms of Use . . .”) is curious because it leaves out whether a user who chooses to pay using G Pay is likewise bound. But a reasonable Internet user would likely understand that payment using either method would bind the user to the visibly hyperlinked Terms of Use and it is clear that Blackburn manifested assent via the 2019 Sign Up Screen and 2023 Reactivation Screen in any event.”

Implications

I view the Chabolla and Godun opinions as companion cases. They came out just a couple of months apart, and they both took highly skeptical approaches to online TOS formation. Remarkably, this court doesn’t cite Godun even once. That is a conspicuous omission.

To me, this ruling is another reminder of how TOS formation analysis has descended into Calvinball. As Judge Bybee warned in dissent in the 9th Circuit Chabolla case: “minor differences between websites will yield opposite results….That sows great uncertainty in this area.” Here, comparing this lawsuit to Chabolla, we have the exact same defendant and similar formation processes from around the same historical time period, yet Classpass gets TOS formation when the Ninth Circuit denied it last year. The outcome appears to flip based on tiny differences.

I will also note how many of the court’s assessments turn fundamentally on consumer expectations, except the court doesn’t cite a shred of empirical evidence about what consumers think. The missing empiricism plays a major role in the Calvinball phenomenon.

If the court had been inclined to do so, it could have picked apart each screen and found deficiencies in each. After all, that’s what the Ninth Circuit did in its Chabolla case. Some examples:

• In the 2019 Signup Screen, the TOS offer language refers to “sign up with Facebook” and the button says “continue with Facebook.” Plus, there is a second “sign up” button lower on the screen that the court ignores even though it matches the TOS offer language. All of this may sound ticky-tack, but…in the Chabolla case, the court rejected a screen where the TOS offer said “I agree to” and the button said “redeem now,” and in the Godun case, one of the screens failed because the TOS offer said “I agree” and the button said “connect now.”
• In the 2019 Checkout Screen, the TOS offer language is stacked below a large paragraph of offer terms, and it appears to be a slightly smaller or lighter font than those. The court could say that reasonable consumers would spot it anyway, but that’s an empirical question without empirical support. Many other courts would have treated the text block as so monolithic that no sentence stood out.
• The 2023 Reactivation Confirmation Screen had the text block problem plus (as the court discussed) the imprecision of a reference to “the” button when there were two button options.

To be fair, I don’t necessarily support courts doing this degree of ticky-tack pixel policing. However, that level of exactitude drove the Chabolla and Godun decisions.

The screenshots at issue all predate the Chabolla and Godun decisions. Today, there’s no excuse for weak sign-in-wraps like this. I expect you to do better. The courts will expect that too.

As Judge Bybee said in dissent in Chabolla, “Our decision today will drive websites to the only safe harbors available to them, the clickwrap or scrollwrap agreements.” Want to opt-out of the TOS formation Calvinball? Take the certainty of clickwraps over the chaos of sign-in-wraps.

Case Citation: Blackburn v. Classpass USA Inc., 2026 WL 962734 (N.D. Cal. April 9, 2026)

The post Remember When the Ninth Circuit Rejected Classpass’ TOS Formation? About That…–Blackburn v. Classpass appeared first on Technology & Marketing Law Blog.

Weiss v. Google LLC, 2026 WL 733788 (Cal. App. Ct. March 16, 2026)

Weiss’ business started running financial services ads on Google in 2015. Google suspended the ads multiple times, until Google issued a final suspension in 2024. The court says Section 230 protects Google’s suspension decisions.

The court starts with standard context-setting: “California’s appellate courts and federal courts have also generally interpreted section 230 to confer broad immunity on interactive computer services.”

The court continues:

Weiss seeks to adjudicate Google’s characterization of his business and its decision to suspend its ads. However, this conduct, i.e., Google’s “refusal to allow certain content on its platform,” is “typical publisher conduct protected by section 230” regardless of the reason for that refusal….

even if Google’s characterization of Weiss’s advertisements does not align with Weiss’s characterization, section 230 still affords Google immunity from liability for its decision to suspend his content…

all the content Weiss claims Google wrongfully suspended was admittedly created by Weiss, not Google…

Google’s determination that Weiss’s ads violated its general policies is not equivalent to contributing to the ads’ content.

In a footnote, the court adds: “Weiss seeks to hold Google liable for its enforcement of its own general policies, rather than a breach of a specific promise.”

When the dust settles, this becomes just another failed lawsuit over account terminations and content removals.

A reminder of the content moderation dilemma Google faces here. A few courts have said that Facebook doesn’t qualify for Section 230 protection for running scammy ads (e.g., Forrest v. Facebook). As a result, Google has good reason to suspend Weiss’ ads to manage its own liability exposure. At the same time, if Weiss succeeded with his claims here, then Google would have been potentially liable for removing ads based on Google’s fears that they are scammy. This would force Google to deploy a Goldilocks version of content moderation: Google would have to get its ad removal policy “just right,” with potential liability for mistakes in either direction. An impossible challenge.

Thompson v. The Meet Group, 2026 WL 730134 (E.D. Pa. March 16, 2026)

Thompson said Tagged deactivated his livestreaming account and stole $10k from him.

For reasons that aren’t obvious to me, Tagged defended on Section 230(c)(2)(A) grounds instead of 230(c)(1). Maybe this has something to do with trying to navigate around the abysmal Anderson v. TikTok case? EDPa courts are bound by that decision.

The court says Tagged can’t establish the 230(c)(2)(A) defense elements on a motion to dismiss: “application of CDA immunity in this case requires assessment of facts that are not in the pleadings—such as the reason why Thompson’s account was disabled and the content of Thompson’s posts.” Also, Thompson’s allegations of theft might defeat 230(c)(2)(A)’s good faith prerequisite. Cites to Smith v. TRUSTe and e-ventures v. Google.

No matter, the case fails anyway. (Another example of Section 230 not being the only reason why lawsuits lose). The court says the plaintiff had no property interest in his social media account that could be converted (cite to Eagle v. Morgan). The plaintiff’s TOS breach claim fails multiple ways, including the TOS’s reservation of termination rights and damages waiver.

So this becomes yet another failed lawsuit over account terminations, just not due to Section 230. You already know this, but if you’re a defendant in these cases, you should be focusing on 230(c)(1), not 230(c)(2)(A).

Gehringer v. Ancestry.com Operations Inc., 2026 WL 734526 (N.D. Cal. March 16, 2026)

Plaintiffs are individuals who have not subscribed to the Ancestry.com service and have not consented to the use of their name or photograph. They allege Ancestry not only includes their yearbook information on a searchable database, but also utilizes their likenesses as part of advertisements for Ancestry.com services…

Plaintiffs contend Ancestry used their likeness in three forms of “advertising”: 1) publication of the yearbook information on a database that contains a paywall for certain features; 2) dissemination of emails to potential Ancestry.com subscribers, noting Ancestry Hints® can expand their family tree, and using the names and images of Plaintiffs as examples; and 3) an Ancestry free trial program that allows potential subscribers to access Plaintiffs’ yearbook information for a limited time.

The court nixes claims over category #1 and #3 ads due to copyright preemption.

As for the category #2 ads:

Plaintiffs allege Ancestry crafted email advertisements that included their likenesses to encourage potential customers to subscribe to Ancestry’s service. The email advertisements were not created by a third-party user of Ancestry.com—Ancestry authored the content, and as such, it is “responsible, in whole or in part, for the creation” of that offending content. To avoid this conclusion, Ancestry attempts to recast the allegations in the First Amended Complaint, asserting Ancestry merely “republish[es] yearbook photos taken and first published by Esperanza High School.” But as the screenshots in the Complaint confirm, the emails sent by Ancestry to prospective users include far more than republished images of Plaintiffs; they incorporate those images into an advertisement for the Ancestry Hints® functionality and Ancestry’s subscription service. Drawing all inferences in Plaintiffs’ favor, Section 230 does not immunize Ancestry against liability for the content of the alleged email advertisements

Notice that Ancestry’s ad creation practices go further than Facebook’s sponsored stories, which also didn’t qualify for Section 230 protection.

State v. Sharak, 2026 WI 4 (Wis. Supreme Ct. Feb. 24, 2026)

Google scanned Sharak’s Google Photo uploads, identified what it thought was CSAM, and submitted a CyberTip. Sharak argued that Google was conducting the search on the state’s behalf. The court disagrees and upholds Sharak’s conviction.

That isn’t unusual. What’s more unusual is the court’s discussion of Section 230. “Rauch Sharak argues that [Section 230(c)(2)’s safe harbor] encourages ESPs to scan for CSAM by granting immunity to ESPs that moderate content and creating civil and criminal liability if ESPs do not scan for CSAM.”

The court responds:

Though § 230(c) may grant immunity to ESPs that choose to scan for CSAM, it does not require, reward, or incentivize scanning for CSAM in the first place. Moreover, § 230(c)(2)(A) grants immunity for “any action voluntarily taken in good faith to restrict access to” obscene material, which sweeps far more broadly than would be required to induce Google’s CSAM scan at issue here….

Even if the statutes encourage Google to scan for CSAM or provide a law-enforcement purpose, Rauch Sharak has not shown that they are enough to turn Google into an instrument or agent of the government.

Alice Rosenblum v. Passes Inc., 2026 WL 711837 (C.D. Cal. Feb. 3, 2026)

[The fact allegations are based on the court’s summary of the complaint.] Passes is a competitor to OnlyFans. Unlike its rivals, Passes allows 15-17 year olds to create accounts with parental consent. Guo is the CEO, and Celestin is a content acquisition specialist. At Guo’s direction, Celestin personally reached out to 17-year-old Alice Rosenblum to create a Passes account. Celestin did a photoshoot of Rosenblum and (with Guo’s help) created a Passes account for her without requiring parental consent.

“Over the next month, while Plaintiff was still 17 years old, Celestin and Ginoza [another Passes employee] allegedly directed Plaintiff to create sexually explicit images and videos of herself….the FAC provides over 14 examples of child sexual abuse material (“CSAM”) involving Plaintiff, being marketed on the Passes platform for $69 to $4,000. Furthermore, Passes agents posing as Plaintiff allegedly communicated via direct message to “big spenders” to continue to market and sell CSAM involving Plaintiff.”

The court rejects Passes’ and Guo’s Section 230 defense:

Section 230 immunity plainly does not apply to Plaintiff’s claims. To be sure, Plaintiff does largely seek to hold Passes Defendants liable as providers of an interactive computer service, and several allegations treat Passes as a publisher, as they involve Passes’ distribution of CSAM involving Plaintiff…Plaintiff alleges that Passes and its agents were directly responsible for the creation and portrayal of the CSAM on the Passes platform: Plaintiff alleges that Celestin, acting as an agent of Passes, personally took at least one photo of Plaintiff which was uploaded to Passes, and further instructed her to create specific photographs and videos and upload them to Passes, which he later marketed under specific captions and sold. Plaintiff further alleges that Passes itself hosted a banner featuring a sexually explicit photo of Plaintiff, which marketed CSAM involving Plaintiff. Plaintiff therefore seeks to hold Passes liable for harm allegedly arising out of its own creation of harmful content.

Passes claimed that Celestin and Ginoza were third parties, but “As alleged, Celestin was
not merely another third-party user of Passes; rather, he acted as an agent and employee of Passes.” Cite to Quinteros.

The court summarizes:

Section 230 immunity does not apply to Passes, a platform which has allegedly, through its agents, deliberately created, marketed, and sold illegal content, acting as an “information content provider” that uses its own “interactive computer service.”

In a footnote, the court adds regarding Guo: “Plaintiff’s allegation that Guo encouraged Plaintiff over the phone to post content, which supports Plaintiff’s claims for IIED and California Civil Code § 52.5, does not hold Guo accountable for Passes’ publishing activity.”

Doe v. X Corp., 2026 WL 772384 (N.D. Tex. Feb. 25, 2026)

“A third party copied commercial pornographic content from Plaintiff’s OnlyFans and studio-based productions and uploaded it to X without his consent, violating the OnlyFans terms and conditions and the studios’ licensing agreements.” He sued pursuant to 15 U.S.C. § 6851(b)(1)(A), a private right of action for nonconsensual production of intimate visual imagery. Doe produced the porn consensually, but he claims the restrictions extended to nonconsensual distribution.

The court says X qualifies for Section 230. Doe responded that he owned the IP in the works, so the IP exception applies. The court says:

The [IP] exception applies only when the claims arise from a law directly implicating intellectual property rights, not merely when intellectual property is involved in the claim. And the statute under which Plaintiff sues—§ 6851—is not an intellectual property law. Rather, it is concerned with “whether the depicted individual consented to a specific disclosure of an intimate visual depiction—regardless who holds the copyright to the image.” Thus, § 6851 creates a privacy-based tort right of action, not an intellectual-property based one.

The boundary between privacy and IP laws remains amorphous–increasingly so with all of the concerns about “deepfakes,” “virtual replicas,” and other AI-related regulations that use privacy framing to create what look like sui generis IP rights. This could be a good student paper topic.

For more discussion of the IP exception to Section 230, see this article.

Teague v. Google, 2026 WL 746996 (D. S.D. March 17, 2026)

Plaintiff claims Google committed defamation based upon the fact that “people think I raped [redacted]. This case (sic) been dismissed in 2021 but it still show (sic) on Google and caused me to (sic) threaten and attacked a few times.” Plaintiff further claims his image is on Google and it is difficult to get a job because the rape charges still appear on Google.”…

Google is not a “publisher or speaker” under the CDA and therefore “cannot be liable under any state-law theory to the persons harmed by the allegedly defamatory material.”

Google is immune from suit for defamation claims arising out of other content providers’ posts on the internet.

The post Section 230’s Application to Account Terminations, CSAM, and More appeared first on Technology & Marketing Law Blog.