In Federal Trade Commission v. LeadClick Media, LLC, 2016 U.S. App. LEXIS 17383 (2nd Cir. 2016), the Second Circuit recently held that an affiliate marketing network provider could be subjected to liability under the Federal Trade Commission Act (“FTC Act”) for deceptive marketing materials published by the affiliates.  It also concluded that Section 230 of the Communications Decency Act (“CDA”) did not immunize the network provider from liability.  In doing so, the Second Circuit emphasized that the network provider had knowledge of and the authority to control the content of the affiliate websites.  This ruling could increase the exposure of internet businesses to liability for deceptive acts or practices engaged in by third-party vendors or independent contractors.

LeadClick Media, LLC (“LeadClick”)  generated revenue by connecting its merchant clients to advertising affiliates, who advertised the merchants’ products on websites that included fake news sites.  LeadClick did not dispute that the fake news sites were deceptive.  Instead, it argued that it could not be held liable because it did not create the sites.  The Second Circuit, however, found that “[w]hile LeadClick did not itself create fake news sites to advertise products, [] it (1) knew that fake news sites were common in the affiliate marketing industry and that some of its affiliates were using fake news sites, (2) approved of the use of these sites, and, (3) on occasion, provided affiliates with content to use on their fake news pages.”

LeadClick Directly Liable Under the FTC Act

The Second Circuit found that LeadClick’s knowledge and approval of the fake news sites, as well as its occasional content suggestions, warranted imposing liability on LeadClick:  “A defendant may be held liable for deceptive practices that cause consumer harm if, with knowledge of the deceptive nature of the scheme, he either participate[s] directly in the practices or acts or ha[s] authority to control them.  A defendant directly participates in deception when it engages in deceptive acts or practices that are injurious to customers with at least some knowledge of the deception.  Similarly, a defendant who knows of another’s deceptive practices and has the authority to control those deceptive acts or practices, but allows the deception to proceed, may be held liable for engaging in a deceptive practice injurious to consumers.”  In response to LeadClick’s argument that this was really a form of aiding and abetting liability, which would be inappropriate under the FTC Act, the Second Circuit noted that LeadClick engaged in deceptive practices “through its own actions.”

The facts of the cases the Second Circuit relied on to impose liability are worth mentioning, because they cast some light on the Second Circuit’s decision.  In an Eleventh Circuit case, FTC v. IAB Mktg. Assocs. LP, 746 F.3d 1228 (11th Cir. 2014), the FTC alleged that the defendants led consumers to believe “that they were purchasing major medical insurance, but what they actually received were memberships in a trade association that offered only limited discounts for certain medical care.”  The memberships were advertised by defendants and third-party telemarketers.  Defendants’ representatives informed consumers (and the FTC during its covert investigation) that the memberships were “functionally equivalent to major medical insurance.”  The defendants argued “that liability cannot attach for misrepresentations made by third-party telemarketers absent direct participation in, knowledge of, and the ability to control the telemarketers’ behavior.”  The Eleventh Circuit assumed that this was the standard―but didn’t expressly say that it was.  The only cases cited by the Eleventh Circuit to support this proposition involved extending liability for the allegedly deceptive practices of a corporation to its founders or owners.  See FTC v. Gem Merch. Corp., 87 F.3d 446 (11th Cir. 1996); FTC v. Amy Travel Serv., Inc., 875 F.2d 564 (7th Cir. 1989).  Nonetheless, the Eleventh Circuit found that the FTC satisfied the standard by offering evidence that the defendants “knew that the telemarketers were making material misrepresentations,” without addressing whether the defendants directly participated in, or had the ability to control, the telemarketers’ behavior.

In the Ninth Circuit case, FTC v. Neovi, Inc., 604 F.3d 1150 (9th Cir. 2010), the defendant operated a website that allowed customers to create checks and send them by post or email.  The service, and the defendant’s failure to implement proper security controls, allowed “con artists and fraudsters” to withdraw millions of dollars in unauthorized funds from unsuspecting consumers.  The FTC brought suit alleging that this was an unfair practice under the FTC Act.  The Ninth Circuit held that the defendant (1) “caused harm through its own deeds [by] creating and delivering unverified checks,” (2) the harm was substantial, (3) the harm was reasonably avoidable, and (4) there was no consumer benefit to providing unverified checks.

The IAB and Neovi decisions both involved―and turned on―”direct participation” by the defendants in the deceptive practices.  The Second Circuit’s decision arguably holds that directive participation is not required, if the defendant has knowledge of and the ability to control the deceptive conduct.  However, the Second Circuit found that LeadClick had directly participated.  LeadClick  did not “create and deliver” the fake news sites.  Rather, it connected its advertising affiliates with its merchant clients, in order to promote the merchant clients’ products and services.  But LeadClick knew fake news sites were prevalent, and its employees scouted the fake news sites, required alterations to be made to their content, recommended other alterations where the claims on a site were too far-fetched, and ran banner ads for the fake news sites on legitimate sites.

Internet businesses should take note:  the Second Circuit may have given the FTC a broader net to fish for deep-pocketed defendants allegedly responsible for deceptive acts or practices.  The language of the LeadClick decision represents a significant extension of FTC Act liability in the Second Circuit.  The precise reach of that extension, however, is unclear.  In LeadClick, IAB, and Neovi, the defendants all materially participated in the deception by suggesting content edits, making telemarketing calls, and creating and delivering fraudulent checks.  It remains to be seen whether liability for knowledge of and authority to control deceptive acts or practices will extend to circumstances in which the defendant did not also directly participate in the deception.

LeadClick Not Immune Under The CDA

LeadClick also claimed that it was immune under Section 230 of the CDA.  The Second Circuit rejected this argument as well.

As the Second Circuit noted, “[s]ection 230 provides that ‘[n]o provider or user of an interactive computer service shall be treated as the published or speaker of any information provided by another information content provider.’”  The CDA defines “information content provider” as “any person or entity that is responsible, in whole or in part, for the creation or development of information provided through the Internet or any other interactive computer service.”  The Second Circuit explained that this means Section 230’s “grant of immunity applies only if the interactive service provider is not also an ‘information content provider’ of the content which gives rise to the underlying claim.”  In other words, a defendant who assists “in the development of what made the content unlawful” is not entitled to immunity, and so faces potential liability.

The Second Circuit held that “LeadClick is not entitled to immunity [under Section 230 of the CDA] because it participated in the development of the deceptive content posted on fake news pages.  . . .  LeadClick’s role in managing the affiliate network far exceeded that of neutral assistance.  Instead, it participated in the development of its affiliates’ deceptive websites, ‘materially contributing to [the content’s] alleged unlawfulness.’”  LeadClick’s material contributions to the unlawfulness of the fake news sites included “providing edits to affiliate webpages [and] purchasing media space on real news sites with the intent to resell that space to its affiliates using fake news sites.”  LeadClick was also responsible for the deceptive practices “because it had the authority to control [its] affiliates and allowed them to publish deceptive statements.”

This conclusion should give media businesses and advertisers cause for concern.  If merely having authority to control the content distributed by affiliates or independent contractors can result in forfeiture of CDA immunity, the Second Circuit may have taken a big bite out of the “vibrant and competitive free market” for interactive computer services that the CDA was supposed to preserve.