Whereas the DMCA sets forth a complex schema of limited immunity for qualified Internet actors, the Communications Decency Act has been construed by the courts to provide blanket immunity for Internet actors, against liability for injuries caused by the dissemination of information generated by third-parties. Enacted in 1996, the CDA was originally passed to provide protection to Internet distributors of defamatory material (as distinguished from Internet publishers, i.e. the parties who actually generate Internet content).
Although the courts initially held that parties that merely distribute defamatory material on the Internet would only be held liable if they knew or should have known that the material was defamatory, one court held that where the distributor acted to edit or remove defamatory content, it would be held to the same strict liability standard as the generator/publisher of the material. See Cubby, Inc. v. CompuServe, Inc., 776 F. Supp. 135 (S.D.N.Y. 1991) and cf. Stratton Oakmont, Inc. v. Prodigy Services Co., 23 Media L. Rep. 1794 (N.Y. Sup. 1995). This led to the anomalous result that a distributor who merely passed defamatory content along the Internet would typically be immune from defamation liability, but a distributor who made some effort to police the content it distributed would render itself vulnerable to the same strict liability as the actual generator/publisher of the material.
In order to encourage self-regulation of Internet information dissemination conduct, the CDA provides that "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider." Consequently Internet information distributors, including those that monitor for defamatory or other objectionable content, are held only to the actual or constructive knowledge standard of liability. See e.g. Zeran v. America Online, 129 F. 3d 327 (4th Cir. 1997); Blumenthal v. Drudge, 992 F. Supp. 44, 51-52 (D.D.C. 1998) ("Congress has ... provid[ed] immunity even where the interactive service provider has an active, even aggressive role in making available content prepared by others. In some sort of tacit quid pro quo arrangement with the service provider community, Congress has conferred immunity from tort liability as an incentive to Internet service providers to self-police the Internet for obscenity and other offensive material, even where the self-policing is unsuccessful or not even attempted.")
Moreover, although the CDA expressly provides that its provisions have no effect on liability arising under the criminal, intellectual property, or Communications Privacy laws, or arising under any under state law that is consistent with the Act, the courts have construed the breadth of CDA immunity very broadly. For example in Doe v. America Online, Inc., 718 So. 2d 385 (Fla. Dist. Ct. 1998) plaintiff therein filed a negligence suit against AOL when her minor son was victimized by a sexual predator, who used the Internet to lure the boy into engaging in sexual acts, and then marketed photographs and videotapes of these activities through AOL chat rooms. Plaintiff alleged that but for AOL's negligence, these injuries would not have occurred. Nonetheless, the court granted AOL's motion to dismiss, on grounds that permitting recovery under state negligence law would be inconsistent with the CDA, in that it would effectively punish AOL for content it merely disseminated and had not generated, and thus, the CDA preempted state negligence law. See also Kathleen R. v. City of Livermore, 87 Cal. App. 4th 684 (Cal. Ct. App. 1998) (dismissing suit against municipality and public library for various claims arising in connection with plaintiff's minor son's downloading of pornographic material through the library's computers; the court held that permitting plaintiff to hold the library responsible for her son's access to the material would be akin to holding the library responsible for Internet disseminated content which the library did not itself generate.) See generally Cara J. Ottenweller, Cyberbullying: The Interactive Playground Cries for a Clarification of the Communications Decency Act, 41 Val. U. L. Rev. 1285 (2007).
In Stoner v. eBay, Inc., 2000 Extra LEXIS 156 (Cal Super. Ct. Nov. 7, 2000) plaintiff brought suit against eBay in connection with the sale of bootlegged audio recordings, asserting a variety of claims, including unfair competition. Once again, however, the court held that the defendant was entitled to CDA immunity, given that it was not the "content provider" but merely the content distributor. Accord, Carafano v. Metrosplash.com, Inc., 339 F. 3d 1119 (9th Cir. 2003); cf Fair Housing Council of San Fernando Valley v. Roomate.com, LLC, No. 04-56916, D.C. No. CV-03-09386-PA 2007 (holding that categorization of answers to housing questionnaire constitutes partial generation of information by ISP, and thus not entitled to CDA immunity). Interestingly, had plaintiff based its claims on copyright infringement he might have prevailed (recall that the CDA has no affect on intellectual property liability) unless one of the DMCA safe harbor's insulated eBay's conduct.
-Distribution of Material to Minors
Although the CDA provides broad immunity in connection with the dissemination of third-party generated information, it also imposes severe penalties in connection with the distribution of inappropriate material to minors. For example, pursuant to 47 U.S.C. 231, also referred to as the Child Online Protection Act, the knowing, commercial provision to minors of material harmful to minors is punishable by a $ 50,000 fine and up to six months in prison. Where such conduct is intention, the fine is $ 50,000 per day of the violation.
It must be noted that the "child protection" provisions of the CDA and related federal statutes intended to prevent the Internet dissemination of material harmful to minors have been repeatedly challenged as unconstitutional. See e.g. Reno v. ACLU, 521 U.S. 844 (1997) (holding 47 U.S.C. 223 of the CDA unconstitutional on First Amendment grounds); Ashcroft v. Free Speech Coalition, 535 U.S. 234 (2002) (holding the Child Pornography Prevention Act, 18 U.S.C. 2251 et. seq., which prohibited the transmission or possession of computer generated child pornography images, unconstitutional); Ashcroft v. American Civil Liberties Union, 542 U.S. 656 (2004) (enjoining enforcement of the successor provision to 47 U.S.C. 223, the Child Online Protection Act, 47 U.S.C. 231, on grounds that the statute is likely unconstitutional.) In response to these decisions, Congress has repeatedly revised the relevant statutes, only to begin anew the legal chase. See e.g. Ashcroft v. American Civil Liberties Union, 542 U.S. 656 supra; American Civil Liberties Union v. Gonzales, 478 F.Supp.2d 775 (E.D. Pa. 2007). Consequently the "liability thicket" in this area is particularly dense and uncertain.
In addition to intellectual property and "information injury" liability, e-commerce entities can incur liability for violations of consumer rights and interests. Given that the same universe of commercial conduct and consumer protection laws that apply to "brick and mortar" transactions apply with equal force to e-commerce, however, it would be impossible to summarize here every commercial or consumer protection law that can give rise to liability in connection with Internet consumer transactions. A more practical approach would be to identify legal authority especially attuned to addressing infractions and injuries likely to arise in the Internet context. See Thomas B. Leary, Unfairness and the Internet, 46 Wayne L. Rev. 1711, 1723-24 (2000) "The Internet poses significant challenges to [the] consumer protection mission. The characteristics of cyberspace that create such remarkable potential for economic growth have also made it an incubator for fraud. Low barriers to entry, immediate and global access to innumerable consumers, and the low marginal costs of communications with potential customers make it possible for anonymous con artists with a transitory presence to take advantage of consumers, without the discipline of normal market correctives. Mail order and telemarketing have some of the same characteristics-i.e., transactions between parties who do not know one another-but cyberspace involves another level of separation. In addition, the borderless nature of commerce poses significant law enforcement problems which increase the incentives to engage in cross-border fraud." (Commissioner, Federal Trade Commission.)
Just as is the case for brick and mortar business, the Federal Trade Commission has general jurisdiction to ensure proper business practices in connection with e-commerce, including Internet consumer transactions. See Mary Dee Pridgen, Consumer Protection and the Law CONPROT 12:58 (October 2006) "Thus far, the FTC has not sought any new regulations governing internet sales, but instead has used a case-by-case method, enforcing existing rules and/or general precedents against online marketers. At the present time, the FTC does not have a specific regulation covering marketing practices on the Internet."
Section 5(a)(1) of the Federal Trade Commission Act declares unlawful "[u]nfair or deceptive acts or practices in or affecting commerce." See 15 U.S.C. s 45(a)(1). The prohibition against such practices extends to advertising and marketing, and applies to all forms of media. Disclaimers and disclosures must be clear and conspicuous, however, they will not remedy false or deceptive statements. Moreover, advertising agencies and web designers are obligated to investigate the representations made in advertising materials and can not avoid liability by relying on their clients.
"To prove a deceptive act or practice under s 5(a)(1), the FTC must show three elements: " a representation, omission, or practice, that  is likely to mislead consumers acting reasonably under the circumstances, and , the representation, omission, or practice is material."....The deception need not be made with intent to deceive; it is enough that the representations or practices were likely to mislead consumers acting reasonably." FTC v. Verity, Intern, 443 F. 3d 48 (2d Cir. 2006). The FTC has to show only that the practice has or is likely to deceive, not that the defendant intended to deceive.
In policing e-commerce, the FTC has issued a set of guidelines for the conduct of Internet consumer transactions, Advertising and Marketing on the Internet: the Rules of the Road, available at http://www.ftc.qov/bcp/conline/pubs/buspubs/ruleroad.shtm. Guidelines are included therein in connection with topics ranging from General Offers and Claims, Protecting Consumers Privacy Online, and for the sale of jewelry online. The Guidelines also include information regarding specific rules enforced by the FTC, such as The Franchise and Business Opportunity Rule, which requires that disclosure documents in connection with such opportunities be provided to consumers at least 10 days before they pay out any monies; The Truth in Lending Act, which requires the provision of written disclosures regarding finance and related charges; The Wool and Textiles Act, which requires disclosure as to the country of origin of such products; The Electronic Fund Transfer Act, which requires the adoption of specific procedures in connection with preauthorized transfers and sets liability limits for losses resulting from unauthorized transfers; and the "mail order rule", which has been updated to apply to telephone and Internet orders, and requires that goods be provided within the time advertised or a reasonable time.
In addition to enforcing pertinent rules and statutes, the FTC has also outlawed specific disreputable practices. For example, the FTC prohibits the use of "negative option marketing", the practice through which merchandise is shipped without request, forcing the recipient to either pay for the merchandise or return it at her own expense or inconvenience. AOL, CompuServe, and Prodigy all were challenged by the FTC for offering "free trials" which eventually became automatically billed services, which practices were terminated pursuant to a Consent Decree. See also F. T.C. v. Crescent Pub. Group, Inc., 129 F. Supp. 2d 311 (S.D. N.Y. 2001) (injunction obtained where "free tour" of pornographic website results in undisclosed charges to consumers' credit cards.)
The FTC has used its authority to pursue a variety of e-entrepreneurs for Internet based unfair and deceptive practices. Perhaps the most important point to keep in mind is that an unfair or deception practice is not necessarily one that is per se illegal. For example, in FTC v. Verity, Intern, 124 F. Supp. 2d 193 (S.D.N.Y. 2000) aff'd in pertinent part, 443 F. 3d 48 (2d Cir. 2006), the FTC brought an action against Internet pornographer for unfair and deceptive billing practices, in which telephone account holders were billed for the service whether or not they were the individuals who actually used the service. (The defendant's system automatically billed the telephone number called from by temporarily disconnecting it from its original ISP and connecting it to the website by placing a "long distance call", whether or not a call was actually placed to a foreign local.) Thus the telephone account holder was billed even if she hadn't authorized the transaction. The FTC obtained an injunction and also an asset freeze, on the grounds that informing telephone account holders that they were obligated simply because the called had been made from their was untrue, and thus deceptive and unfair. See also FTC v. Aylon Technologies, Inc., No. 1:03-CV-1297-RWS (N.D. Ga.7/16/03) (same) available at http://www.ftc.gov.; FTC v. ClickForMail.com, Inc., No. 03C 3033, Stipulated Permanent Injunction (N.D. Ill. 10/2/03) (Internet offers for unsecured credit cards in exchange for a fee; consumer receives only a hyperlink to creditors offering only secured credit cards or catalog charge cards.)
In FTC. v. Pereira, No. 99-1367-A (E.D. Va. filed Sept. 14, 1999) the FTC challenged two Internet technology frauds, "pagejacking" and "mousetrapping." The defendants therein were Internet pornographers who had obtained unauthorized copies of prominent websites such as the Harvard Law Review and created web copies that were indexed by Internet search engines. Consumers searching for the authentic websites were instead "pagejacked" to defendants' pornographic sites. To add insult to injury, once at defendants' site, consumers were then "mousetrapped", that is technologically prevented from leaving the site (or they were diverted to other pornography sites). See also FTC v. Skybiz.com, Inc., No. 01-CV-396-EA(M), Stipulated Final Judgment (N.D. Okla. 1/20/04) (online pyramid scheme) available at http://www.ftc.gov.
-Spam and CAN-SPAM
The legal issues arising in connection with e-mail potential implicate virtually every facet of the intellectual property law, as well as a wide variety of state common law and statutory unfair competition causes, from commercial disparagement to trespass to chattels. While many enterprising individuals have found some often interesting ways to run afoul of the law using e-mail, the salient e-mail issue in the commercial context however, is that of "spamming".
Spamming is the widely condemned practice of sending multiple copies of unauthorized or unsolicited commercial (and other) e-mail, e.g., electronic junk mail. Where the spammer has included unauthorized protected information and/or intellectual property in the e-mail such as trademarks, or misleading information as to the origin of the e-mail (i.e., where an AOL subscriber sends a pornographic advertisement which includes the Internet header "aol.com") the courts have had little difficulty finding violations of the relevant intellectual property and/or unfair competition law. See e.g. Verizon Online Services, Inc. v. Ralsky, 203 F. Supp. 2d 601 (E.D. Va. 2002); America Online, Inc. v. LCGM, Inc., 46 F. Supp. 2d 444 (E.D. Va. 1998); America Online, Inc. v. IMS, et al, 24 F. Supp. 2d 548 (E.D. Va. 1998); Hotmail Corp. v. Van$ Money Pie Inc., 47 U.S.P.Q. 2d 1020 (N.D. Ca. 1998); America Online, Inc. v. Prime Data Systems, Inc., 1998 U.S. Dist. LEXIS 20226 (E.D. Va. 1998); CompuServe Incorporated v. Cyber Promotions, Inc., 962 F Supp. 1015 (S.D. Ohio 1997). Even where there are no substantive intellectual property rights involved, the courts have held spamming to constitute a breach of the spammer's agreement with the Internet access/service provider, a trespass against the ISP's computer system and/or violations of such general cyber conduct statutes such as the Computer Fraud and Abuse Act, the Electronic Communications Privacy Act, and/or state anti-spamming legislation. Id.
In addition to state anti-spam laws, in 2003 the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM) was enacted, which prohibits the sending of email with false or misleading header information, and provides for fines of up to $ 2 million (which can be trebled) and imprisonment, and also authorizes the FTC to investigate allegations of spam abuse and to file suit against violators (however, there is no private right of action under CAN-SPAM).
The foregoing summarizes some of the salient jurisdictional, copyright and digital information, and consumer protection "e-commerce liability" issues and jurisprudence. The legal landscape evolves daily, however, and constant review is essential to stay abreast of new developments and legal challenges.