Published by The Lawfare Institute
in Cooperation With
On Oct. 3, the Supreme Court granted certiorari in two related cases exploring the interaction between anti-terrorism laws and Section 230 of the Communications Decency Act. Twitter v. Taamneh and Gonzalez v. Google alleged that several social media companies provided material support to ISIS, a designated foreign terrorist organization (FTO), by granting them access to communications infrastructure. Based on this provision, plaintiffs in each case sought to hold platforms liable for the deaths of their relatives in ISIS terror attacks in Paris and Istanbul. Algorithmic content recommendations, they argued, refer users to ISIS videos and curate composite content that transforms them from impartial interactive computer services (which are immunized under Section 230), to content developers (which are not). The U.S. Court of Appeals for the Ninth Circuit consolidated and considered appeals from Gonzalez, Taamneh, and a third case (Clayborn v. Twitter) but dismissed most of these claims with prejudice, remanding only claims that platforms aided and abetted ISIS by sharing the revenue from ads placed on the group’s content.
Supreme Court Justice Clarence Thomas has already written a handful of opinions calling for the Supreme Court to consider the judicial application of Section 230 immunity. In parallel, dozens of lawmakers have proposed reforms to Section 230; many are aimed squarely at creating accountability for computer services contributing to the proliferation of terrorist content online. It remains to be seen whether the legislature or the Supreme Court will address Section 230 first, but this may be the prologue to a watershed moment for the internet and its users.
Factual and Procedural Background
In November 2015, 12 shooters coordinated a series of strikes around Paris, killing 130 people. ISIS subsequently claimed responsibility for the attacks on YouTube. On New Year’s Day 2017, another ISIS-trained gunman fired into a crowd at the Reina nightclub in Istanbul. That attack killed 39 and injured 69 others. Relatives of Nohemi Gonzalez and Nawras Alassaf, victims in the Paris and Istanbul attacks, respectively, filed separate suits in the U.S. District Court for the Northern District of California, seeking to hold social media companies liable for their deaths under the Anti-Terrorism Act (ATA) and the Justice Against Sponsors of Terrorism Act (JASTA). Plaintiffs in both suits argued that social media platforms were communications infrastructure, which ISIS uses to publish terroristic content, radicalize and recruit new operatives, inspire stochastic terrorism, and plan and execute coordinated attacks. In both Gonzalez v. Google and Taamneh v. Twitter, plaintiffs argued, platforms materially supported a designated FTO by allowing ISIS to use their products. Similarly, plaintiffs emphasized that platforms generate and share revenue through the direct monetization of ISIS content and placement of targeted ads.
In Gonzalez, Google argued that these claims were barred by Section 230 and moved to dismiss the suit. Section 230 (c)(1), the operative provision, states that “[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” Case law has construed statutory language to immunize providers of interactive computer services (such as websites) against liability arising from content created and posted by third parties. Gonzalez argued Section 230 immunity did not apply because:
- Section 230 does not apply outside the territorial jurisdiction of the United States, and all the relevant conduct in Gonzalez occurred elsewhere.
- JASTA revoked Section 230 immunity from claims brought under the ATA when it amended that statute to include liability for aiding and abetting FTOs in 2016.
- Section 230(e)(1), which operates as an exception to immunity for federal criminal prosecutions, also exempts civil suits brought under criminal enforcement statutes (such as the ATA).
- YouTube’s placement of targeted ads and algorithmic recommendation of videos transforms YouTube from an interactive computer service (ICS) to an information content provider (ICP), stripping the platform’s Section 230 immunity. As defined by Section 230(f)(3), an ICP is any “person or entity that is responsible, in whole or in part, for the creation or development of information provided through the Internet.”
- In Taamneh, platforms moved to dismiss based on insufficiency of proximate causation and, secondarily, on the argument that these claims were barred under Section 230. The trial court never reached Section 230 analysis but held that a “direct relationship” was required to plausibly establish causation for the Taamneh direct liability claims. The court also held that platforms did not have the requisite intent to be held secondarily liable for their users under JASTA for aiding and abetting or for conspiracy.
In both cases, the district court weighed whether the revenue-sharing claims exposed platforms to secondary liability (under JASTA) but found these to be insufficiently pleaded. The entire Taamneh complaint was dismissed with prejudice, and the Taamneh plaintiffs appealed promptly. Gonzalez’s revenue-sharing claims were dismissed without prejudice, while the remainder were dismissed with prejudice.
March 26, 2020, the Ninth Circuit consolidated and reviewed Gonzalez and Taamneh appeals with a third case, Clayborn v. Twitter (which concerned similar claims regarding the 2015 shooting attack at the Inland Regional Center in San Bernardino, California). When considering each of these appeals, arising from motions to dismiss, the Ninth Circuit accepts any factual allegations as true for the purposes of their analysis. Wherever these allegations (taken as true) constitute a plausible claim, it would be improper to uphold their dismissal.
Ninth Circuit Judgment
Circuit Judge Morgan Christen wrote the majority opinion, which Judge Marsha S. Berzon joined, and Judge Ronald M. Gould joined in part. Berzon wrote a separate concurrence. Gould also wrote a separate opinion, concurring in part and dissenting in part. All three of these are detailed below.
The majority opinion begins by contextualizing the congressional intent behind Section 230. Congress designed Section 230 “‘to promote the free exchange of information,’” while allowing interactive computer services “‘to perform some editing on user-generated content without thereby becoming liable for all defamatory or otherwise unlawful messages that they didn't edit or delete.’” Against this backdrop, the circuit court considered the district court’s basis for dismissal of the Gonzalez claims.
First, as the opinion explains, the court refuted the argument against extraterritorial application of Section 230. Gonzalez relied on RJR Nabisco, Inc. v. European Cmty., arguing that statutory “focus” is an immaterial consideration in an instance where all the relevant conduct occurred outside the United States. The court disagreed with this characterization. Because Section 230 is aimed at limiting liability, “the relevant conduct occurs where immunity is imposed … rather than the place where the claims principally arose.” In other words, the relevant conduct in Gonzalez is not the ISIS attack, but the domestic operations of the platforms.
Second, Gonzalez contended that JASTA abrogated immunity from claims brought under the ATA. The opinion states that JASTA broadened the ATA to “‘to provide civil litigants with the broadest possible basis … to seek relief’ for acts of international terrorism.” Gonzalez asserts that this language, taken from JASTA’s statement of purpose, impliedly supersedes Section 230 immunity in terrorism suits. The Ninth Circuit opinion clarifies that “‘repeals by implication are not favored,’” and there is a presumption that parallel statutes continue to operate and coexist unless one is “‘clearly intended as a substitute,’” or they are in “‘irreconcilable conflict.’”
Third, the court considered Section 230(e)(1), which operates as an exception to Section 230 immunity where it might “impair the enforcement of ... any ... Federal criminal statute” (emphasis added). Here, plaintiffs argued that, because the ATA is a criminal statute, the civil claims against Google (based on the ATA) were improperly barred. The Ninth Circuit precedent has consistently held that Section 230(e)(1) applies only to criminal prosecutions and, in Jane Doe 1 v. Backpage.com, explicitly “excludes civil statutes.”
Fourth, the court considered the plaintiffs’ assertion that YouTube’s placement of targeted ads and algorithmic recommendation of videos makes YouTube an ICP, rather than an ICS. An ICS is immunized from liability for third-party content, but not from content of its own creation or development. In Gonzalez, the plaintiffs argued that the YouTube suite of technology curates “new unique content,” in the form of a “composite page for specific viewer, ” from which Google generates revenue.
Previously, in Fair Housing Council of San Fernando Valley v. Roommates.com, LLC, the Ninth Circuit held that an ICS’s provision of “neutral tools” is not content development, even when those tools are used unlawfully by third parties. An ICS does not become an ICP if it “augment[s] the content generally,” but may become an ICP if it “materially contribut[es] to [the content’s] alleged unlawfulness.” In the majority opinion, the Gonzalez court reasoned that content recommendations, “whether the recommended content is an ISIS video or a cat video,” does not turn Google into an ICP. Notably, the court expressly “do[es] not hold that ‘machine-learning algorithms can never produce content within the meaning of Section 230,’” but they remained unpersuaded that Google’s “targeted ad algorithm is anything but content neutral.” Based on Section 230 immunity, the Ninth Circuit affirmed the district court’s dismissal of all Gonzalez’s claims that were not premised on revenue sharing.
Lastly, Gonzalez suggested that Google should be held directly liable for providing material support to ISIS, and secondarily liable for providing substantial assistance to ISIS, because it shared advertising revenue with ISIS. In a case of first impression, the Ninth Circuit ruled that Section 230 does not shield a defendant from revenue-sharing claims. Plaintiffs alleged that Google’s AdSense program requires review and approval before a video is permitted to profit from advertisements. As stated in the opinion, the court agrees that these allegations are premised on Google “giving ISIS money,” rather than the content of the videos.
A finding of primary liability under the ATA requires intent to intimidate, influence, or affect the conduct of a government by intimidation or coercion, and Gonzalez relies on Boim v. Holy Land Foundation for Relief & Development as an analogous case. In Boim, individual donors to Hamas (and Hamas-related charities) were later held liable for the 1994 killing of an American teenager in Israel. There, the court reasoned that “[a] knowing donor to Hamas,” who used its resources to finance the killing of Israeli Jews, was ideologically aligned for the purposes of the statute. The Gonzalez court accepted that Google was generally aware of ISIS’s “violent and life-endangering activities” and knowingly contributed money to the group. In its opinion, however, the Ninth Circuit disagreed with Gonzalez’s assertion that material support qualified itself as an “act of international terrorism,” as defined by the ATA, because Google was motivated by “economic self-enrichment” rather than a sympathetic ideology. As a result, the majority was unconvinced that Google was the proximate cause of Nohemi Gonzalez’s death.
Based on the revenue-sharing activity, Gonzalez also asserted secondary liability under JASTA, which created a cause of action for aiding and abetting a designated foreign terrorist group. The Taamneh appeal (which only considered secondary liability under JASTA) was subject to the same analysis: Did plaintiffs sufficiently allege that platforms knowingly provided “substantial assistance” to the person who committed an “act of international terrorism?” In Halberstam v. Welch, the U.S. Court of Appeals for the District of Columbia Circuit identified six factors relevant to assessing whether the assistance was “substantial.” These include “the nature of the act encouraged; the amount of assistance given; the defendant’s absence or presence at the time of the tort; [the defendant’s] relation to the tortious actor; … the defendant’s state of mind; and … [the] duration of the assistance provided.”
Based on differences in the specificity of the Gonzalez and Taamneh pleadings, the court reached different results. In both cases, the court characterized the nature of the platforms’ relationship with ISIS as being at “arms-length” and “transactional.” The majority was reluctant to draw conclusions regarding the extent of Google’s support from the Gonzalez complaint; it alleges Google gave some money to ISIS but is otherwise “devoid of any allegations about how much assistance Google provided.” The Taamneh complaint asserted more pointedly that platforms had constructive knowledge that ISIS was using their services. The majority affirmed the dismissal of the Gonzalez complaint. Concurrently, the Ninth Circuit found that Taamneh had adequately stated a claim for aiding and abetting, and reversed the district court’s dismissal.
Both in the concluding passages and interspersed throughout the opinion, the majority voiced unanimous “concerns about the breadth of § 230.” Judge Christen also acknowledged that Section 230 “shelters more activity than Congress envisioned it would,” but the Ninth Circuit’s decision is deferential to Congress to reform its “sweeping scope.”
Judge Berzon’s Concurrence
While joining the majority in full, Judge Berzon writes that she does so only because the court is bound by precedent. Berzon calls for a more limited reading of Section 230, extending immunity only to “traditional activities of publication and distribution—such as deciding whether to publish, withdraw, or alter content.” Algorithms that curate news and ads, Berzon argues, should fall outside of this category. Social network algorithms are more analogous to that of a direct marketer than a publisher, she concludes: “‘Facebook uses the algorithms to create and communicate its own message: that it thinks you, the reader—you, specifically—will like this content.’” Berzon echoes the majority, explicitly calling for the court to take the case en banc and reconsider case law regarding the treatment of algorithms under Section 230.
Judge Gould’s Dissent
Judge Gould concurs with the majority’s disposition on the Gonzalez territoriality, implied repeal, and criminal exemption arguments, but he asserts a dissenting opinion (primarily) regarding the role of algorithms under Section 230. Like the plaintiffs in both Gonzalez and Taamneh, Gould would hold that algorithms are “content-generating,” and, because “the message itself is the danger,” the spread of ISIS propaganda does inherently contribute to its alleged unlawfulness under the ATA. For this reason, Gould asserts that recommendation algorithms would no longer be “neutral tools” and should not receive Section 230 immunity.
Regarding the revenue-sharing claims, Gould notes that Google had constructive knowledge that it was providing financial support to ISIS, and asserts that providing monetary support to an FTO, with the constructive knowledge that that money would likely be used as part of the terrorist enterprise, itself qualifies as an “act of international terrorism.” The majority dismisses Google’s primary liability, distinguishing it from Boim, because Google is motivated by economics rather than ideological sympathies. Gould, however, relies on the text of the ATA, which “does not attempt to draw a line based on motivation.” He also quotes the Seventh Circuit decision in Boim: “A knowing donor to Hamas” is “a donor who knew the aims and activities of the organization.” Based on this, he reasons that “it was the donor’s knowledge of Hamas’ activities, rather than his approval of it, that gave rise to liability.” Even under the majority’s reasoning, Gould disagrees that the assistance was insubstantial, and he takes issue with the juncture of the dismissal as doing a “disservice” to the legal system by dismissing “before considering the evidence that can arise in a properly monitored discovery period.”
As with the majority, Gould calls for the Ninth Circuit to “take this case en banc to modify or clarify the rule that machine-learning algorithms can never produce content within the meaning of Section 230.” He broadly opines that it “would be preferable if the political branches of government, the legislature or the Executive Branch, would seriously grapple with the issue of unregulated social media power” and suggests that a regulatory regime is desirable. Congress adopted a minimalist regulatory posture to facilitate the growth of the early internet, Gould acknowledges, but he questions the merit of broad Section 230 immunity when internet companies are “remarkably large” and have “perhaps the best technical capabilities.” He likens the continued self-regulation of social media companies as asking “the fox to guard the henhouse.” Gould suggests that a federal common law claim should be available where content providers “fail to review and self-regulate” their websites.
Finally, Gould petitions the Supreme Court to take up judicial interpretation of Section 230.
Petitions for Certiorari
To date, the Supreme Court has never taken up the interpretation of Section 230. As noted in the Gonzalez petition for certiorari, Justice Thomas’s dissenting opinion in Malwarebytes v. Enigma Software Group USA states that, “in an appropriate case, we should consider whether the text of this increasingly important statute aligns with the current state of immunity enjoyed by Internet platforms” (emphasis added). The petition explores the evolving character of the internet in relation to the decades-old statutory construction of Section 230 and explicitly asserts that “[t]his is that case.” In particular, the petition implores the Supreme Court to consider whether Section 230 immunity extends beyond traditional editorial functions (such as recommendation algorithms).
In Taamneh, Twitter’s petition for certiorari maintains that the Supreme Court should not take up Gonzalez but, if it does, it should also review Taamneh. The parties stipulated to dismiss the suit if Gonzalez was granted cert, reasoning that Section 230 would bar any claims on remand (under the Ninth Circuit’s current interpretation of the statute). If the Supreme Court did grant cert in Gonzalez and reinterpret 230, Twitter argued, the Court should also consider the Ninth Circuit’s application of the ATA. Per Twitter’s filing, Taamneh is an outlier; a dozen other ATA cases against social media platforms have been dismissed, and those dismissals have been upheld in the U.S. Courts of Appeals for the Second, Fifth, Sixth, and Eleventh Circuits. They contend that the Ninth Circuit mischaracterized the platform’s “attenuated relationship” with an act of international terrorism as “knowing.” Twitter argues that “they provided generic, widely available services to billions of users who allegedly included some supporters of ISIS” and are not liable under JASTA for aiding or abetting.
Implications of Supreme Court Review
On Oct. 3, the Supreme Court granted certiorari, perhaps signaling it shares some of the concerns voiced by the Ninth Circuit judges.
The contemporary Supreme Court has overturned several settled precedents in the past few years, including those related to criminal juries and access to abortion. The Ninth Circuit’s review of Gonzalez v. Google principally addressed the treatment of algorithms under Section 230. Gonzalez is a case of first impression for the Supreme Court, and implications of the Court’s review are yet to be seen.
Lawmakers from both sides of the aisle have condemned Section 230, and the current Congress has introduced more than 20 bills that propose to amend or repeal it. Many of these, including the See Something, Say Something Online Act of 2021 and the Protecting Americans from Dangerous Algorithms Act, are aimed squarely at creating accountability for interactive computer services that contribute to the proliferation of terrorist content online. It remains to be seen whether the legislature or the Supreme Court will address these questions first, and to what extent one may affect the outcome of the other.