The 10th Circuit has upheld (pdf) a ruling against Accusearch that the company violated federal law when it sold telephone records on its web site, Abika.com. The Federal Trade Commission had alleged that Accusearch’s trade in telephone records constituted an unfair practice in violation of § 5(a) of the Federal Trade Commission Act (FTCA).
Accusearch had appealed the lower court’s ruling on three grounds, including that the FTC’s unfair-practice claim should have been dismissed because Accusearch broke no law and because the FTC had no authority to enforce the Telecommunications Act. They also appealed on the grounds that they were immunized from suit by the protections provided websites in the Communications Decency Act (CDA), 47 U.S.C. § 230 (2006). The court rejected all arguments, concluding that Accusearch is not immunized under the CDA because it acted as an “information content provider.”
Judge Tymkovich wrote a separate concurring opinion to express his concern that the court was widening the scope of what constitutes an “information content provider” with respect to particular information under the CDA, and provided another way to approach the case:
As is clear from the complaint, the FTC’s allegations of FTCA violations stemmed not from the content of the information Accusearch was disclosing (or developing), but from Accusearch’s own conduct in (1) offering the information for sale, (2) soliciting and encouraging third-parties to violate the law in obtaining the information, and (3) ultimately paying these third parties and selling the information to consumers. Accusearch’s duty to refrain from engaging in these unfair business practices does not derive from its status or conduct as an Internet website that publishes content.5 Rather, the duty the FTC alleged Accusearch violated derives from the expectations that a business would not engage in unlawful or unfair business practices in general (whether the business is a conventional bricks-and-mortar operation or exists entirely on the World Wide Web). See Barnes, 565 F.3d at 566. While Internet publication of the confidential phone data, by itself, may very well be protected by the CDA, the CDA does not immunize, expressly or implicitly, the manner in which Accusearch conducted its business. In sum, the CDA does not extend to immunize a party’s conduct outside the realm of the Internet just because it relates to the publishing of information on the Internet.
Rather than follow the majority’s disposition of this issue—extending the definitions of “responsible” and “develop” to include solicitation of information based on consumer selections off of Accusearch’s website—I would limit the analysis to whether the CDA even applies in the first place. I would conclude that it does not, and that Accusearch therefore was liable for its unfair business practices in violation of the FTCA.
Jennifer Stoddart, the Privacy Commissioner of Canada, filed a friend of the court brief in the case. The case is Federal Trade Commission v. Accusearch