State AGs Ask Congress to Gut Critical CDA 230 Online Speech Protections
Earlier today, 47 state attorneys general asked Congress to severely undermine the most important law protecting free speech on the Internet. In a letter to Congressional leaders, the AGs asked Congress to amend Section 230 of the Communications Decency Act -- which protects online service providers from liability for the vast majority of what their users do -- to carve all state criminal laws from the statute's protection. The letter highlights long-cited concerns about the use of the Internet by child sex traffickers, legitimate concerns shared by law enforcement officials and advocates who dedicate significant time and resources towards fighting this practice.
In their enthusiasm, however, the AGs have gone far, far beyond these concerns by asking Congress to gut existing protections and put online platforms and the diverse array of legitimate speech that they enable in harm's way. Moreover, unfortunately, the AGs' letter is also remarkably misleading, not only about the nature and purpose of Section 230 but also about the state of the law and -- by not mentioning it at all -- the consequences of their proposal. Their approach is wrong, and dangerously so, but even if the AGs disagree and want a debate about how state criminal laws fit into the regulation of the Internet, they owe the public a more honest discussion.
First, while Congress indeed passed the Communications Decency Act in large part to encourage the removal of "indecent" content, it did so as part of a much larger legislative package that affirmatively ensured that the dynamic nature of the Internet was not sacrificed. In addition to barring the dissemination of indecent materials to minors (a requirement that was promptly struck down on constitutional grounds by the Supreme Court in 1997), Congress separately built powerful structural protections to guide the development of the Internet over time: service providers would be clearly protected from liability (in a minimally-regulatory and uniform national manner) based on most user behavior, but if service providers wanted to voluntarily remove objectionable content, they could do so without fear of legal consequences. These protections, enshrined in Section 230 of the CDA, have protected a diverse range of providers -- companies and individuals who did not directly participate in the creation of illegal content, from ISPs to web hosts to domain name registrars to operators of individual websites -- from the persistent threat of liability for the better part of two decades. The vast proliferation over that time of services that allow not only Americans but individuals throughout the world to engage in protected speech for little to no cost is due in very large part to the existence of Section 230's clear and categorical protections.
The AGs, however, tell a different and remarkably selective story, one in which they assert that the CDA solely "was intended to protect children from indecent material on the internet" and recite legislative history out of context to imply that "encouraging" service providers to "do everything possible" to protect children from offensive material meant something less like clearing a legal path for providers to be good corporate citizens than threatening to throw them in jail if they didn't get with the program. Indeed, the letter implies that it is only as "it has most recently been interpreted" that the CDA "prevents State and local law enforcement agencies from prosecuting" online providers such as online classified sites who did not directly author offending material. To the contrary, not a single court has ever ruled otherwise in the radical manner that the letter suggests would be appropriate.
Second, while the attorneys general focus only on trafficking laws and portray their suggested amendment as a minor alteration that would not fundamentally alter the legal landscape, the reality is anything but. Passed as part of a national policy that makes only a handful of exceptions for certain federal laws, Section 230 ensures that service providers who host or disseminate content from users from across the country and the world have a single set of minimally-invasive rules. By contrast, the AGs' proposal would effectively make service providers -- from Facebook to a solo blogger -- responsible for enforcing every relevant state and local criminal law in the country against their users, fracturing that national policy into one that effectively cedes a significant degree of control over Internet regulation to state and local law enforcement officials.
If the prospect of ensuring user compliance with over 50 sets of competing criminal laws does not sound daunting in the abstract, consider the range of unique, potentially inconsistent, and outright bizarre state criminal laws on the books, including those criminalizing libel, the publication of gun permit information, and even the sharing of Netflix passwords. Faced with expensive and inconsistent obligations, service providers with any significant national reach will continue to feel race-to-the-bottom pressure to conform their services to comply with the most restrictive statute or perhaps the one with the highest potential criminal sentence, even if the conduct is legal elsewhere.
Even state anti-trafficking laws that have targeted online providers have proven to be unworkable and subject to considerable overreach. Last year, the state of Washington passed a statute that took aim at online trafficking by targeting websites that hosted third party advertisements. Under the statute and the state's rules of statutory interpretation, a website operator could be convicted of a felony if a user posted an "advertisement for a commercial sex act" and the advertisement included a depiction of a minor, even if he or she had nothing to do with authoring the advertisement or indeed did not even know (but arguably should have known) that the advertisement was posted on its platform. Even worse, liability extended not only to website operators but to anyone who "indirectly caused to be disseminated" the advertisement. Even worse, the advertisement did not need to be explicit: service providers could be sent to prison if the advertisement in question was even "implicit."
Fortunately, the district court correctly found that enforcement of Washington's vague and overreaching statute was barred by Section 230. Perhaps offering a glimpse into a future in which Section 230 does not protect service providers from state criminal law liability, however, and feeling pressure to go along with misguided laws for fear of being cast as supporters of human trafficking, states are lining up to do it all over again. In May, notwithstanding the Washington state ruling, New Jersey passed a virtually identical version of the statute, triggering yet another lawsuit in yet another jurisdiction over the same flawed approach. Connecticut, Texas, and New York have all considered or passed similar laws as well. (Curiously, New Jersey's Acting Attorney General John Hoffman is simultaneously arguing in the new lawsuit that Section 230 doesn't apply to the state's new statute while all but acknowledging as a signer to the new letter that it does.) Absent Section 230's protections, service providers would face the continual prospect of competing, inconsistent threats of criminal liability from every state in the country for not their own misdeeds but for what their users do.
Finally, and perhaps most troubling about their letter, the AGs simply misrepresent the problem they are seeking to solve:
The undersigned Attorneys General respectfully request that the U.S. Congress amend the CDA so that it restores to State and local authorities their traditional jurisdiction to investigate and prosecute those who promote prostitution and endanger our children.
After reading the AGs' letter, the casual observer might believe that state law enforcement officials are powerless to prosecute criminals, such as reprehensible pimps who advertise children on the Internet, based on some imagined "loophole" in Section 230. Nonsense. The CDA imposes no barrier preventing states from enforcing state laws against those who directly participate in the promotion of prostitution or trafficking online, nor does it even bar prosecution of those service providers who actually aid and abet the illegal conduct of others. To the contrary. As Cook County (Illinois) Sheriff Thomas Dart demonstrated in 2009 in his own ill-conceived lawsuit, not only can law enforcement officials prosecute criminals based on their online behavior, online platforms such as Craigslist can provide critical aid in the form of the digital footprints that those criminals leave. Instead, the AGs are really proposing to do something far more revolutionary in scope: make service providers criminally responsible for what their users do, even if they don't intend for any illegal activity to take place on or through their services (or even have specific knowledge about it).
Much can be done to combat trafficking of all kinds but the attorneys general have instead suggested a course of action that would turn the Internet's greatest protection for the facilitation of legitimate speech into its most vulnerable weakness. The cost would be too great and would undermine our collective commitment to ensuring that speech-enabling tools are available as far and as wide as possible. Other approaches to combating trafficking may be far less glamorous and dramatic than threatening service providers over their users' behavior -- such as lobbying Congress and state legislatures for additional law enforcement resources, working with Internet platform providers to identify and arrest criminals, and encouraging the development of corporate best practices -- but those approaches have the virtue of targeting the actual lawbreakers and minimizing the collateral impact on platforms and by extension the speakers who use them. The AGs need to find a better way.