In February 1996, faced with increasing public concern about the availability of pornography on the internet, as well as recent court decisions that seem to deter efforts to filter out such content, Congress enacted the Communications Decency Act (“CDA”).  As part of the CDA, Congress granted immunity to internet service providers from liability for actions they took to help users block online content that a user found to be offensive or objectionable.  Congress further declared its goals in enacting the CDA, and its immunity provision, were “to encourage the development of technologies which maximize user control;” “to empower parents to restrict their children’s access to objectionable or inappropriate online content;” and “to preserve the vibrant and competitive free market that presently exists for the internet and other interactive computer services.”  In 2009, the Ninth Circuit decided the case, Zango, Inc. v. Kaspersky Lab, Inc., 568 F.3d 1169, which held that the immunity provisions of the CDA applied to computer software developers whose programs were intended to help users filter out or block objectionable material.  It is against the backdrop of the history of the CDA and its decision in the Zango case that the Ninth Circuit was called upon to explore the limits of the immunity provided by the CDA in the case, Enigma Software Group USA, LLC v. Malwarebytes, Inc., decided December 31, 2019.  In essence, the Ninth Circuit was called upon to determine whether the immunity provisions of the CDA, specifically section 230(c)(2), immunizes a software company whose blocking and filtering decisions are driven “by anti-competitive animus,” i.e., to deter users from accessing or using a competitor’s software products.James Kachmar

Enigma Software and Malwarebytes develop and sell computer security software nationwide and are direct competitors. This type of computer security software is intended to help users identify and block malicious or threatening software, often called “malware.”  Generally, the software developer creates its own criteria to determine what software programs could threaten users and designs its programs to search for and block such programs.  For instance, Malwarebytes’ security software would, once it was purchased and installed on a user’s computer, scan for potentially unwanted programs and then, if the user tries to download that program, a pop up alert would appear on the user’s computer warning of a security risk and advising them not to proceed with the download.  In late 2016, Malwarebytes revised its security software in a manner such that it started to identify Enigma Software programs as being potentially unwanted and causing the pop up alert and advice to the users not to download Enigma Software.

In early 2017, Enigma sued Malwarebytes alleging various claims under New York state law and the federal Lanham Act claiming false and misleading statements to deceive consumers into choosing Malwarebytes security software over Enigma’s.  (This article will not address the portion of the Court’s opinion that concerns whether the claims at issue dealt with intellectual property and fell within a separate exception to the immunity provisions of the CDA.)

After the case was transferred to the Northern District of California, Malwarebytes moved to dismiss Enigma’s claims for failure to state a claim arguing that because the Ninth Circuit in the Zango case had held that a “subjective” standard applied in determining whether material was “otherwise objectionable,” Enigma could not sue Malwarebytes, even if Malwarebytes’ decision to block Enigma’s software was done solely for anti-competitive reasons.  The trial court, holding that the language set forth in the CDA’s immunity provisions, as well as the Ninth Circuit’s ruling in Zango, was to be interpreted broadly, granted Malwarebytes motion to dismiss.  Enigma appealed that decision to the Ninth Circuit.

After reviewing the legislative and case history described above, as well as the factual allegations set forth in Enigma’s complaint, the Ninth Circuit turned to whether a security software provider could block a competitor’s program solely for alleged anti-competitive reasons. The Ninth Circuit began by noting that the phrase “otherwise objectionable” set forth in the immunity provision of the CDA was not really at issue in the Zango case, but rather, whether immunity under the CDA could apply to filtering software providers like Kaspersky.  The Ninth Circuit then turned its attention to Judge Fisher’s concurring opinion in Zango, which presciently warned that a broad reading of “objectionable” in the CDA could lead to unintended consequences such as filtering program providers setting up their programs to filter out a competitor’s programs. Judge Fisher had written in 2009 that, “an `unbounded’ reading of the phrase `otherwise objectionable’ would allow a content provider to `block content for anti-competitive purposes or merely at its malicious whim’.”

The Ninth Circuit then noted that several district courts that had grappled with this issue had come to different conclusions.  For example, in two other cases involving Malwarebytes, one in California and one in Texas, the federal courts in reliance on the broad language in Zango, granted motions to dismiss by recognizing that Malwarebytes was entitled to broad immunity.  However, other federal courts in California had come out the other way, holding that the language in Zango should be read “to be less expansive.”  The Ninth Circuit continued by finding that those decisions recognizing limitations on the scope of immunity were more persuasive and that the Courts that had interpreted the language in Zango more broadly, “seem … to have stretched our opinion in Zango too far.”

The Ninth Circuit then turned to Malwarebytes argument that the language in section 230 was to be read broadly and grant Malwarebytes immunity “regardless of any anti-competitive motives.”  The Ninth Circuit rejected this argument on the ground that it appeared to be contrary to the CDA and its history and purpose. The Ninth Circuit recognized that Congress had expressly stated its goals for the CDA, which included preserving “the vibrant and competitive free market that presently exists for the internet and other interactive computer services” and for removing “disincentives for the development and utilization of blocking and filtering technologies.”  The Ninth Circuit expressed concern that adopting Malwarebytes’ reasoning would be contrary to Congress’s intent of encouraging the development of filtering programs and could “enable software developers to drive each other out of business.”  The Ninth Circuit continued by recognizing that adopting a broad immunity that would include practices aimed at suppressing competition would, “rather than protecting internet users … lessen user control over what information they received contrary to Congress’ stated policy.”  Further, allowing such motives in the design of filtering programs could affect user trust in the adoption of such programs if users became concerned that they were being driven by anti-competitive reasons as opposed to solely trying to target content of a violent or sexual nature.  The Ninth Circuit concluded that to the extent there was to be some breadth to the catchall “otherwise objectionable,” it was to make sure that certain “forms of unwanted online content that Congress could not identify in the 1990s” would later be covered.  The Ninth Circuit cautioned that its ruling in the Enigma Software case was limited to those cases where the filtering program provider’s basis for objecting to or seeking to block programs was solely for anti-competitive reasons.

Malwarebytes tried to argue that it had additional legitimate reasons for blocking Enigma’s software that did not include solely anti-competitive behavior.  Given that the case was still at the pleading stage, the Ninth Circuit said that these issues would be for the trial court to resolve.  It ordered that the trial court’s granting of dismissal would be reversed and the case remanded back to the district court.

Judge Johnnie B. Rawlinson dissented in the Enigma Software case and would have affirmed the dismissal.  The issue as she saw it was that Congress needed to correct any problems with the CDA’s terms given the broad language it had included in the CDA’s immunity provisions.  In fact, she pointed out that Judge Fisher in the Zango concurring opinion had acknowledged that it was up to Congress to clarify the statute and whether “otherwise objectionable” should be broadly interpreted. Given that Congress had not taken such action in the intervening years, Judge Rawlinson concluded, “that defect, if it is a defect, is one beyond our authority to correct.”

It remains to be seen whether the Enigma Software case opens the door for more claims similar to Enigma Software’s.  As filter program providers struggle to block new forms of spam or malware, the Enigma decision may allow companies affected by these blocking decisions to claim that the reason their programs are being blocked are not for any legitimate spam or malware purpose, but rather solely for anti-competitive reasons that may allow them to at least advance past the pleading stage of litigation.