A federal appeals court, in the first decision of its kind, said Thursday that companies providing malware, spyware and adware blocking services are immunized by the Communications Decency Act of 1996 from lawsuits claiming unfair business practices.
A three-judge panel of the 9th U.S. Circuit Court of Appeals found that the CDA treats security software makers the same as internet service providers when they block material they find objectionable, granting them so-called "good Samaritan" immunity from civil lawsuits. Like an ISP, such companies provide an "interactive computer service" because they pull updates from a central server, the San Francisco-based appeals court said.
"We conclude that a provider of access tools that filter, screen, allow, or disallow content that a provider or user considers obscene, lewd, lascivious, filthy, or excessively violent, harassing or otherwise objectionable is protected from liability," the court ruled. (.pdf)
The case concerned adware-maker Zango, which provided access to online videos, games, music, tools and utilities to web surfers who agreed to view advertisements while surfing the internet. Among other charges, the Washington State company accused Kaspersky Lab of illegally blocking a toolbar program that displayed links to advertisers.
Zango also said Kaspersky users were prevented from installing Zango software altogether, if Kaspersky was already on the computer -– a situation that did not occur with other security software programs.
The court noted that Kaspersky, of Russia, had a good faith belief that it was blocking adware, and that its users could allow pop-ads if they wanted or unlock the toolbar. The court noted that Zango was fined $3 million in 2006 for deceiving web surfers into installing its pop-up software.
Zango contended that immunity was meant to cover only internet service providers, not companies that provide access to tools for filtering content.
But the law, the court noted, "does not limit the definition of 'interactive computer service' to services that provide access to the internet." Rather, the court said, "its singular requirement is for access by multiple users of a computer server."
Security software is covered because it " enables computer access by multiple users to a computer server by providing its customers with online access to its update servers," the court said.
The ruling could have a dark side, however, potentially opening the door for anti-competitive practices. A browser-maker, for example, could choose to block access to competing websites, or filter out search engine results critical of the company.
That danger was not lost on the court, which wrote that "extending immunity beyond the facts of this case could pose serious problems if providers of blocking software were to be given free license to unilaterally block the dissemination of material by content providers under the literal terms" of the law.
The law might empower a software company to "abuse immunity to block content for anti-competitive purposes or merely at a malicious whim."
The court urged Congress to clarify the statute.
Hat Tip: Bashman
Photo: Beth Rakin
See Also:
- Security Guru Gives Hackers a Taste of Their Own Medicine
- Burning Question: How Much Computer Security Is Enough?
- America's Dilemma: Close Security Holes, or Exploit Them Ourselves
- Secret Crush Facebook App Installing Adware, Security Firm Charges ...
- Critics Blast MS Security
- In Message to Industry, Government Fines Adware Purveyor $3 ...
