CNET on Libel and User-Generated Content

Before the Thanksgiving holiday, Steve Tobak at CNET published a useful post -- "Bloggers beware: You're liable to commit libel." In it, he gives a straightforward and largely accurate account of the elements of a defamation claim and some good general advice:

First, people usually ask the wrong question: "Can a blogger be sued for defamation?" The sad truth is that almost anybody can sue you for almost anything these days. So, don't ask that question; it's dumb. What you want to know is your responsibility under the law, and therefore, how best to protect yourself from successful litigation.

Well put. But I have to disagree with his assessment of the risks involved in hosting user comments:

Then there's the question of who's responsible for comments on a blog. Whoever publishes the Web site is responsible for content on the site. That includes comments. However, many bloggers have independent agreements to indemnify the site that publishes their blog. That may or may not include comments.

Plaintiffs can certainly sue everybody in the chain and see what sticks, though they will likely go after those with the deepest pockets. You can avoid the entire question by turning comments off.

Mr. Tobak's remarks entirely fail to take CDA 230 into consideration. "CDA 230" refers to a federal statute, 47 U.S.C. § 230, which Congress enacted as part of the Communications Decency Act of 1996. It states that "[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider" and preempts state law causes of action, like defamation claims, based on this kind of "publisher" liability. Courts and commentators widely agree that CDA 230 protects website operators and bloggers from liability based on the defamatory statements of commenters. The defense applies even if you edit comments (so long as your edits do not change the meaning) and/or exercise discretion in selecting which comments to post. So, there is no call for "turning comments off" out of fear of a defamation lawsuit.

CDA 230 also applies to legal claims other than defamation, including publication of private facts, false light, negligence, tortious interference with business relations or expectancy, and intentional infliction of emotional distress, to name a few. It does not, however, apply to intellectual property claims (such as copyright infringement), federal criminal law, or claims under the Electronic Communications Privacy Act. If copyright is your worry, website operators and bloggers are potentially insulated from copyright liability based on user-posted material, if they meet the requirements of the "safe harbor" provisions of the Digital Millennium Copyright Act, 17 U.S.C. § 512.

We'll be addressing CDA 230 and the DMCA safe harbor provisions in our forthcoming legal guide, but for now there's a useful, if slightly technical, article on these topics at Additionally, the EFF has a helpful FAQ on CDA 230.

Subject Area: 


who is an interactive computer service?


I'm not a lawyer, but I'm a content provider and I wanted to look into this statement.

Alan Friel wrote in the article:
"Web sites have been held to be an 'interactive computer service' under the Act." Such websites cited are Amazon, eBay, and MySpace. I think a case can be made that publications and personal blogs are on the other end of the scale.

I guess my worry is that DMCA requires a publisher/ICS to react immediately to potentially copyright infringing material, but it gives them safe harbor for potentially libellous material. From reading 230(c)(2), it appears that good faith efforts to restrict harassing content is neutral in the eyes of the law.

On eBay or Amazon, if one user is harassing another, it often violates the ICS's TOS and they take punitive steps against the user. But if it's a small-time blog and the blog publisher doesn't have anything in the way of user management, and there's little they can do to dissuade harassing users from hijacking a community. There are many cases of this and I don't believe that the law has offered adequate protections for those harmed.

who is an interactive computer service?

Thanks for your comment, Jon. 

You are right that most of the reported cases involving CDA 230 involve slightly larger websites like eBay and MySpace, but there is nothing in the language of CDA 230 that would limit its application to larger websites.  Any website that allowed users to submit comments is, by definition, providing an interactive computer service.  If you're interested, you should do a search of our Legal Threats Database using the CDA 230 subject-area tag, and you should see some cases involving smaller websites.  One that immediately comes to mind is Doe v. Ciolli -- although there was no court opinion on the question, the plaintiffs dropped Ciolli (the website administrator for AutoAdmit) from the lawsuit, and the general consensus is that they did so because he was immune under CDA 230.

The DMCA is a whole separate question.  My sense is that the definition of an "internet service provider" under the DMCA is more uncertain, and you might be correct that smaller websites don't fit that definition.  But the thrust of safe harbor found at 17 U.S.C. sec. 512(c) is to protect online operators from liability for "information residing on systems or networks at [the] direction of user," and this is precisely what happens when someone posts a comment on an interactive website.  

A Tangent... possibly

I think that the real issue bloggers should be worried about is not Section 230 (although that is important) but insurance coverage. Many homeowners policies cover defamation, and some do not. My personal homeowners insurance did not until I added a rider. Annual cost? $3.00.

Most bloggers don't get crushed because their case is bad, or because 230 doesnt apply, but because they can't afford to fight back.

legal v. ethical


Thanks for responding. Note that since I'm more citizen-programmer than lawyer, I tend to think like so: How do we engineer systems that can minimize harm? I worry about ethics more than legalities, and certainly there are lawyers who do as well.

I'm familiar with Doe v. Ciolli; I've emailed with Jarret Cohen on it back in June. Jarret told me that he's probably removed thousands of thread as per people's requests (though he has no records of that.) But if I'm right that "good faith efforts" are neutral, than it doesn't have to be done. Should a local community website have a regime where all comments are anonymous? It's possible in this case that permissive aspects of the law encourage societal mores.

Thanks for suggesting I look through the legal threats database-- it's a great resource. New Jersey's Donato v. Moldow (2005) is a muche better example. The court said that Moldow's site had 230 exemption. But when I visit the "Eye on Emerson," it looks like Stephen Moldow has now abandoned running a forum and chat board.

judicial corruption

broward county florida courts outsource and privatize arbitrations to evade the americans with disabilities act and the bill of rights..... kangaroo