In Federal Trade Commission v. LeadClick Media, LLC, 2016 U.S. App. LEXIS 17383 (2nd Cir. 2016), the Second Circuit recently held that an affiliate marketing network provider could be subjected to liability under the Federal Trade Commission Act (“FTC Act”) for deceptive marketing materials published by the affiliates.  It also concluded that Section 230 of the Communications Decency Act (“CDA”) did not immunize the network provider from liability.  In doing so, the Second Circuit emphasized that the network provider had knowledge of and the authority to control the content of the affiliate websites.  This ruling could increase the exposure of internet businesses to liability for deceptive acts or practices engaged in by third-party vendors or independent contractors.

LeadClick Media, LLC (“LeadClick”)  generated revenue by connecting its merchant clients to advertising affiliates, who advertised the merchants’ products on websites that included fake news sites.  LeadClick did not dispute that the fake news sites were deceptive.  Instead, it argued that it could not be held liable because it did not create the sites.  The Second Circuit, however, found that “[w]hile LeadClick did not itself create fake news sites to advertise products, [] it (1) knew that fake news sites were common in the affiliate marketing industry and that some of its affiliates were using fake news sites, (2) approved of the use of these sites, and, (3) on occasion, provided affiliates with content to use on their fake news pages.”

LeadClick Directly Liable Under the FTC Act

The Second Circuit found that LeadClick’s knowledge and approval of the fake news sites, as well as its occasional content suggestions, warranted imposing liability on LeadClick:  “A defendant may be held liable for deceptive practices that cause consumer harm if, with knowledge of the deceptive nature of the scheme, he either participate[s] directly in the practices or acts or ha[s] authority to control them.  A defendant directly participates in deception when it engages in deceptive acts or practices that are injurious to customers with at least some knowledge of the deception.  Similarly, a defendant who knows of another’s deceptive practices and has the authority to control those deceptive acts or practices, but allows the deception to proceed, may be held liable for engaging in a deceptive practice injurious to consumers.”  In response to LeadClick’s argument that this was really a form of aiding and abetting liability, which would be inappropriate under the FTC Act, the Second Circuit noted that LeadClick engaged in deceptive practices “through its own actions.”  The actions that LeadClick engaged in, however, such as purchasing advertising space and editing the fake news sites, appear indistinguishable from an aiding and abetting fact pattern.

The facts of the cases the Second Circuit relied on to impose liability are worth mentioning.  In an Eleventh Circuit case, FTC v. IAB Mktg. Assocs. LP, 746 F.3d 1228 (11th Cir. 2014), the FTC alleged that the defendants led consumers to believe “that they were purchasing major medical insurance, but what they actually received were memberships in a trade association that offered only limited discounts for certain medical care.”  The memberships were advertised by third-party telemarketers who informed consumers (and the FTC during its covert investigation) that the memberships were “functionally equivalent to major medical insurance.”  The defendants argued “that liability cannot attach for misrepresentations made by third-party telemarketers absent direct participation in, knowledge of, and the ability to control the telemarketers’ behavior.”  The Eleventh Circuit assumed that this was the standard―but didn’t expressly say that it was.  The only cases cited by the Eleventh Circuit to support this proposition involved extending liability for the allegedly deceptive practices of a corporation to its founders or owners.  See FTC v. Gem Merch. Corp., 87 F.3d 446 (11th Cir. 1996); FTC v. Amy Travel Serv., Inc., 875 F.2d 564 (7th Cir. 1989).  Nonetheless, the Eleventh Circuit found that the FTC satisfied the standard by offering evidence that the defendants “knew that the telemarketers were making material misrepresentations,” without addressing whether the defendants directly participated in, or had the ability to control, the telemarketers’ behavior.

In the Ninth Circuit case, FTC v. Neovi, Inc., 604 F.3d 1150 (9th Cir. 2010), the defendant operated a website that allowed customers to create checks and send them by post or email.  The service, and the defendant’s failure to implement proper security controls, allowed “con artists and fraudsters” to withdraw millions of dollars in unauthorized funds from unsuspecting consumers.  The FTC brought suit alleging that this was an unfair practice under the FTC Act.  The Ninth Circuit held that the defendant (1) “caused harm through its own deeds [by] creating and delivering unverified checks,” (2) the harm was substantial, (3) the harm was reasonably avoidable, and (4) there was no consumer benefit to providing unverified checks.  LeadClick, on the other hand, did not “create and deliver” the fake news sites.  It merely connected its advertising affiliates with its merchant clients, albeit with knowledge of the advertising methods used to drive traffic to the client’s websites.

Internet businesses should take note:  the Second Circuit has given the FTC a broader net to fish for deep-pocketed defendants allegedly responsible for deceptive acts or practices.

LeadClick Not Immune Under The CDA

LeadClick also claimed that it was immune under Section 230 of the CDA.  The Second Circuit rejected this argument as well.

As the Second Circuit noted, “[s]ection 230 provides that ‘[n]o provider or user of an interactive computer service shall be treated as the published or speaker of any information provided by another information content provider.’”  The CDA defines “information content provider” as “any person or entity that is responsible, in whole or in part, for the creation or development of information provided through the Internet or any other interactive computer service.”  The Second Circuit explained that this means Section 230’s “grant of immunity applies only if the interactive service provider is not also an ‘information content provider’ of the content which gives rise to the underlying claim.”  In other words, a defendant who assists “in the development of what made the content unlawful” is not entitled to immunity, and so faces potential liability.

The Second Circuit held that “LeadClick is not entitled to immunity [under Section 230 of the CDA] because it participated in the development of the deceptive content posted on fake news pages. . . .  LeadClick’s role in managing the affiliate network far exceeded that of neutral assistance.  Instead, it participated in the development of its affiliates’ deceptive websites, ‘materially contributing to [the content’s] alleged unlawfulness.’”  LeadClick’s material contributions to the unlawfulness of the fake news sites included “providing edits to affiliate webpages [and] purchasing media space on real news sites with the intent to resell that space to its affiliates using fake news sites.”  LeadClick was also responsible for the deceptive practices “because it had the authority to control [its] affiliates and allowed them to publish deceptive statements.”

This conclusion should give media businesses and advertisers cause for concern.  If merely having authority to control the content distributed by affiliates or independent contractors can result in forfeiture of CDA immunity, the Second Circuit may have taken a big bite out of the “vibrant and competitive free market” for interactive computer services that the CDA was supposed to preserve.