From the hotline
From the Spring 2003 issue of The News Media & The Law, page 18.
Q: I am the manager of a news organization’s Web site. In addition to providing news reports, our site hosts a discussion board where readers can contribute their thoughts and ideas on various newsworthy topics. The bulletin board is open to all viewers, and we do not screen contributions before they are posted on the site. I am worried about my news organization’s potential liability for defamatory statements posted on the discussion board. What should I do to protect our interests?”
A: We asked three attorneys who handle these issues for clients how they would address this question.
Pat Carome, Wilmer, Cutler & Pickering, Washington, D.C. In general, the operator of a Web site faces only a minimal risk of being held liable for defamatory content posted by a third party on a bulletin board. A federal statute enacted in 1996, Section 230 of Title 47 of the United States Code, immunizes providers and users of “interactive computer services” from most civil claims based on content that originates with a third party, including, in particular, claims of defamation. While some have argued that only Internet service providers enjoy protection under this statute, the emerging consensus is that the statute applies to providers of all sorts of online services, including interactive Web sites. As a result of this immunity, a Web site operator is generally free to decide for itself — based on its own policy considerations — whether or not to take steps to try to prevent its site from carrying defamatory or similarly harmful material submitted by third parties.
A Web site operator can lose Section 230’s protection, however, if it is deemed to have participated in the “creation or development” of a harmful posting submitted by a third party. This raises the question of whether it is wise for a Web site operator to edit or rewrite postings submitted by third parties, as opposed to confining any self-policing activity to the all-or-nothing approach of blocking or deleting objectionable postings in their entirety. It is clear that immunity cannot be lost through policing at the all-or-nothing level — indeed, the statute was designed to give service providers breathing room to do just that. But if a Web site operator alters the content of a particular posting, and especially if it does so in a way that adds to or changes the meaning of the posting, then the operator may be deemed to have been involved in the “creation or development” of the posting and therefore lose immunity. So, if a Web site operator wants to self-police third-party content on its bulletin boards, a “meat ax” approach of blocking or deleting problematic postings in their entirety is safer than a “scalpel” approach of editing postings to make them less objectionable.
The Web site operator may choose to post a set of content guidelines, indicating that users should not post unlawful, harmful or even uncivil content. But if it does so, the service also should declare that it enforces any such guidelines at its sole discretion, to rebut any later claim that a failure to enforce somehow breached a contractual promise to do more than the law requires.
Finally, the operator should be aware that a bulletin board service that allows anonymous postings may occasionally find itself on the receiving end of subpoenas seeking the identity of anonymous posters. Whether the operator resists or cooperates with these subpoenas involves both policy judgments and legal requirements. The operator also should make sure that its practices in handling such subpoenas are consistent with any privacy policy or other representations it has made to its users.
Stephanie S. Abrutyn, Tribune Company, New York. If you are located in the United States and the subject of the bulletin board resides in the United States, you do not have to worry about liability for defamation arising from bulletin board postings made by anyone who is not an employee of or acting on behalf of your news organization. To encourage the free exchange of ideas on the Internet, in 1996 Congress enacted Section 230 of the Communications Decency Act, which grants immunity to Web site operators for liability arising from material written by a third party and posted on the Web site. You do not lose this immunity even if you decide to edit or pre-screen postings for the discussion board, as long as you do not play any role in the creation or drafting of the comment.
You also do not lose this immunity if the postings are anonymous. Although if you permit anonymous postings, you may receive a subpoena seeking the identity of the individual who posted the material. Web site operators and Internet Service Providers who have fought subpoenas seeking the identity of the authors of anonymous postings have experienced mixed results.
If the subject of the postings resides outside the United States and brings a claim where she lives, Section 230 does not apply. Although you may have no connection to the country where the case is brought other then in cyberspace, one recent case in Australia suggests that some foreign courts will hear libel cases brought by their citizens against overseas Web site operators. In those cases, the court is likely to apply its own laws, nearly all of which tend to be less protective of speech than our own.
Megan Gray, Gray Matters, Washington, D.C. The host of an online message board is not legally responsible (at least, in the United States) for defamatory posts made by someone else. This is quite different from the print or broadcast scene. For example, a talk radio show can be liable for defamatory statements made by someone who calls into the show, and a newspaper can be liable for the defamatory statements contained in a letter to the editor. But to encourage development of the Internet, Congress passed a special law. Under this statute, a message board host has almost complete immunity against defamation claims based on what someone else has posted.
This immunity is retained regardless of whether the host screens messages before they are posted, and regardless of whether the host allows anonymous postings. But this immunity goes only so far. The host may still be liable for other legal claims, such as trademark infringement, invasion of privacy and harassment. In addition, judges are inclined to try very hard to get around this immunity, especially when the host is informed of the objectionable post and does not act quickly to delete it.
So, even though you are immune from defamation lawsuits as a result of this special law, you should consider additional protections.
First, it is best to screen messages before they are posted. This makes good business and legal sense — even if you aren’t sued, you will likely anger many readers if someone posts an obscene message, a racist graphic, a bomb threat, another person’s social security number or unlisted home phone number, or a teenager’s SAT scores. If you don’t have the manpower to screen messages before they are posted, consider software packages that will do some of the screening automatically.
Second, you should have a “terms of use” or “terms of service” agreement posted, and require all users to affirmatively agree to these terms (such as by clicking “I agree”). This TOS should define objectionable content, give you sole discretion to decide what to post or delete, provide directions on how to delete a message, and state what you will do if you receive formal and informal requests to identify a poster.
Third, you should ensure that you are acting in accordance with industry standards on retaining technical information on posters, such as the Internet protocol address of the poster. The victim of an offensive post is less likely to target you if he is able to track down the party who is truly responsible for the post.
Fourth, make sure a complaining party is able to contact you easily, and that you act quickly on any complaints. Some message boards now have “report abuse” or “report TOS violation” buttons readily accessible on every page of the message board.
Finally, it’s always a good idea to have an insurance policy that covers your Web site activities.