Internet Library of Law
and Court Decisions

Social Networking Sites - Internet Library of Law and Court Decisions - Updated January 26, 2008

Court dismisses negligence and gross negligence claims asserted against defendant Myspace, Inc. (“Myspace”) arising out of the alleged sexual assault of a minor made possible by her posting of a “user profile” on Myspace.com.  As a result of this posting, a male, age 19, made contact with the minor who falsely represented she was 18, obtained her telephone number and arranged a meeting at which she was allegedly sexually assaulted.  The Court held Myspace immunized from such claims by application of the Communications Decency Act, 47 U.S.C. Section 230, because, at bottom, plaintiffs’ claims sought to hold Myspace liable as a result of its role in the publication of the minor’s user profile.  The Court also held plaintiffs’ claims barred by Section 230(c)(2)(A), as they sought to hold Myspace liable for its purported negligence in failing to verify the minor’s age.  The minor was 13 at the time she posted a user profile in which she falsely claimed to be 18.  Myspace does not permit those below 14 to use its services.

The Court also dismissed plaintiffs’ negligence claims, which sought to hold Myspace liable for its purported negligent failure to institute measures designed to protect minors from sexual predators and to take appropriate steps to verify their age.  The Court held that, like Federal Express and other common carriers, Myspace owed no duty to the minor which could form the basis of such a claim.

Finally, the Court dismissed plaintiffs’ fraud and negligent misrepresentation claims as a result of plaintiffs’ failure to plead such claims with the requisite particularity.

Finding plaintiff MySpace likely to prevail on its claims that defendant Sanford Wallace violated the CAN-SPAM Act, 15 U.S.C. Section 7704, as a result of his transmission of unsolicited commercial emails to MySpace users, the Court issued a preliminary injunction, enjoining defendant, inter alia, from further use of MySpace or its internet messaging service, from establishing or maintaining MySpace accounts, or from using MySpace for commercial purposes.

Defendant sent email messages to MySpace users that redirected them to a website containing a MySpace logo at which defendant solicited their user name and passwords.  Defendant used this information to hijack and log onto those users’ profiles, from which he then sent messages to the users’ MySpace ‘friends’ inviting them to visit defendant’s websites.  These email messages did not comply with CAN-SPAM.  Among other things, they did not contain a valid physical address for defendant, did not provide opt out instructions, or provide a valid return email address at which defendant could be contacted to request that no further emails be sent.  Moreover, they did not, in their header information, identify defendant as their source.  As such, held the Court, plaintiff was likely to establish a number of violations of CAN-SPAM, and was accordingly entitled to injunctive relief. 

In reaching this result, the Court found that CAN-SPAM applied to emails sent from one MySpace user to another, over the MySpace network.  The Court also noted that CAN-SPAM applied to instant messages.

Court holds that defendant’s creation and use of 95 MySpace accounts to transmit unsolicited commercial email promoting its communications products runs afoul of both the CAN-SPAM Act, and California Business and Professions Code Section 17529.5, and violates MySpace’s Terms of Service.  Defendant created these accounts without identifying itself as the account holder.  The emails violated CAN-SPAM because they failed to contain either a valid physical address for defendant the Globe.com, or instructions on how to avoid receiving further email solicitations.  In addition, they were impermissibly sent to MySpace user email addresses generated by use of a script software program, another violation of CAN-SPAM.  They were also sent from email accounts obtained through false or fraudulent pretenses, as a result of defendant’s failure to accurately identify itself as the account holder.   

The Court found that these emails also violated California B & P Code Section 17529.5, both because they contained false header information that failed to identify the Globe.com as their source, and because they contained misleading subject lines that failed to accurately describe the emails’ contents.

Finally, the Court found defendant’s conduct violated MySpace’s Terms of Service, which prohibited the use of MySpace accounts both for commercial purposes and to transmit spam, and prohibited the use of scripts to generate email addresses for the transmission of commercial email to MySpace account holders.  As such, the Court held defendant liable for liquidated damages of $50 for each email sent as mandated by the Terms of Service.  In reaching this result, the Court rejected defendant’s challenge to such clause on the ground that it was an unenforceable penalty provision.

Quick Hits

Court allows the social networking site Facebook Inc. (“Facebook”) to proceed with claims charging its competitor ConnectU with improperly harvesting email addresses of Facebook users from its site, who were then sent emails soliciting their patronage. 

Denying in part defendant’s motion to dismiss, the Court held that Facebook had stated a valid claim under California Penal Code Section 502 by alleged that defendant knowingly accessed Facebook’s site and, in violation of the site’s prohibitions, copied user email addresses.  One violates this section when he “knowingly accesses and without permission takes, copies, or makes use of any data from a computer, computer system or computer network, or takes or copies any supporting documentation, whether existing or residing internal or external to a computer, computer system, or computer network.”  This claim was valid notwithstanding the fact that ConnectU obtained such access by using, with their permission, authorized passwords given Facebook users. 

The Court also allowed Facebook to proceed with common law misappropriation claims arising out of such activities, holding the same were not preempted by the Copyright Act.

The Court did grant so much of ConnectU’s motion to dismiss which sought relief under California Business & Profession’s Code Sections 17529.4 and 17538.45, holding those statutes preempted by the Federal CAN-SPAM Act.  Cal. Bus. & Prof. Code Section 17529.4 makes it unlawful “for any person or entity to collect electronic mail addresses posted on the Internet if the purpose of the collection is for the electronic mail addresses to be used to … initiate or advertise in an unsolicited commercial email advertisement …”.  Because, under CAN-SPAM, the Act “supersedes any statute, regulation or rule of a State or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages, except to the extent that any such statute, regulation or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto,” the Court held these California statutes preempted, and accordingly dismissed Facebook’s claims thereunder.  The Court reached that result because “neither section 17529.4 nor section 17538.45 purport to regulate false or deceptive email, or require such falsity or deception as an element of the statutory violation.”

Finally, the Court dismissed, with leave to replead, Facebook’s CAN-SPAM Act claims, holding that the Act prohibited the use of materially false or misleading header information concerning the originating address of the emails, which had not yet been alleged here.  A claim alleging deception in the manner in which destination email addresses were obtained did not state a claim under CAN-SPAM, held the Court.   

Download PDF of Court Decision