Internet Law: Cases and Materials (2018)

Table of contents
Internet Law: Cases and Materials (2018)
1st Edition
Eric Goldman
Portions © Eric Goldman
Table Of Contents









Professor Eric Goldman




July 2018 version



Portions © Eric Goldman

Follow new developments in Internet Law at my Technology & Marketing Law blog [http://blog.ericgoldman.org/] and my Twitter feed [https://twitter.com/ericgoldman].

To make sure you always are looking at the most current version, I have excluded the text of most statutes and similar rulesets from the book and linked to the statutes in the table of contents. However, Internet law is principally a statute-driven course, and there’s no substitute for actually reading the statutes!

Editing Notes:

  • Textual omissions are noted with ellipses
  • Omitted footnotes are not indicated, but all footnote numbers are original
  • In-text citations are omitted without indication (including parenthetical explanations and some parallel citations)
  • Although I have tried to preserve the original formatting (such as italics, bold and blockquotes), some formatting may have changed or been lost.
  • I included the authoring judge’s name only when I think that may be interesting.
  • I’ve made minor edits to my blog posts without indicating those changes.

To improve readability, I have aggressively stripped out case citations and parenthetical explanations (more so than in most casebooks). If you are interested in the court’s actual words or intend to quote or cite one of these opinions, I STRONGLY recommend that you pull the actual opinion and read the unedited version.

There are a few review questions sprinkled throughout the book. Answers are at the end of the book, but no fair peeking until you’ve tried your best!

People disagree whether the “I” in Internet should be capitalized. See, e.g., Katherine Connor Martin, Should You Capitalize the Word Internet?Oxford Dictionaries, Apr. 5, 2016, https://blog.oxforddictionaries.com/2016/04/should-you-capitalize-internet/. Like most old-timers, I firmly believe “Internet” always should be capitalized!

If you are a professor and you’re adopting this book for your course, please email me at (egoldman@gmail.com). I can share my course notes and PowerPoint deck.

If you bought a hard copy of this book: I’ve done my best to make the hard copy version of the book useful to you, but it lacks color images, clickable links, and keyword searching. Please email me (egoldman@gmail.com) your hard copy purchase receipt showing which edition you bought, and I will happily email you a PDF at no extra cost to you.

I’m grateful for the many people over the years who have provided helpful comments to improve this book, including Venkat Balasubramani, James Grimmelmann, Daphne Keller, Jeff Kosseff, and Alex Levy. I welcome your comments or corrections at egoldman@gmail.com.

Chapter One
What is the Internet? Who Regulates It?

This book is about Internet Law. That assumes it’s possible to distinguish between “the Internet” and “not the Internet.” What defines this boundary? From a policy and regulatory standpoint, why does this boundary matter?

The following case excerpt describes the Internet circa 1996. When you read this case, think about how much has remained the same since 1996 and how much has changed. Does this excerpt accurately describe the Internet as you know it today? Think about the aspects of the Internet you use and love the most—are those discussed or contemplated by the court? If not, what does that tell you about our ability to anticipate how technology might evolve?

1.1. ACLU v. Reno (CDA I District Ct. Facts Only)

American Civil Liberties Union v. Reno, 929 F. Supp. 824 (E.D. Pa. 1996)

[Editor’s note: at Congress’ request, litigation against the Communications Decency Act proceeded to a three judge district court panel. This excerpt is Section II of that court’s decision, the Findings of Fact. The litigants stipulated to the first 48 paragraphs of these findings. The judges wrote the other paragraphs per curiam.]

…The Nature of Cyberspace

The Creation of the Internet and the Development of Cyberspace

1. The Internet is not a physical or tangible entity, but rather a giant network which interconnects innumerable smaller groups of linked computer networks. It is thus a network of networks. This is best understood if one considers what a linked group of computers—referred to here as a “network”—is, and what it does. Small networks are now ubiquitous (and are often called “local area networks”). For example, in many United States Courthouses, computers are linked to each other for the purpose of exchanging files and messages (and to share equipment such as printers). These are networks.

2. Some networks are “closed” networks, not linked to other computers or networks. Many networks, however, are connected to other networks, which are in turn connected to other networks in a manner which permits each computer in any network to communicate with computers on any other network in the system. This global Web of linked networks and computers is referred to as the Internet.

3. The nature of the Internet is such that it is very difficult, if not impossible, to determine its size at a given moment. It is indisputable, however, that the Internet has experienced extraordinary growth in recent years. In 1981, fewer than 300 computers were linked to the Internet, and by 1989, the number stood at fewer than 90,000 computers. By 1993, over 1,000,000 computers were linked. Today, over 9,400,000 host computers worldwide, of which approximately 60 percent located within the United States, are estimated to be linked to the Internet. This count does not include the personal computers people use to access the Internet using modems. In all, reasonable estimates are that as many as 40 million people around the world can and do access the enormously flexible communication Internet medium. That figure is expected to grow to 200 million Internet users by the year 1999.

4. Some of the computers and computer networks that make up the Internet are owned by governmental and public institutions, some are owned by non-profit organizations, and some are privately owned. The resulting whole is a decentralized, global medium of communications—or “cyberspace”—that links people, institutions, corporations, and governments around the world. The Internet is an international system. This communications medium allows any of the literally tens of millions of people with access to the Internet to exchange information. These communications can occur almost instantaneously, and can be directed either to specific individuals, to a broader group of people interested in a particular subject, or to the world as a whole.

5. The Internet had its origins in 1969 as an experimental project of the Advanced Research Project Agency (“ARPA”), and was called ARPANET. This network linked computers and computer networks owned by the military, defense contractors, and university laboratories conducting defense-related research. The network later allowed researchers across the country to access directly and to use extremely powerful supercomputers located at a few key universities and laboratories. As it evolved far beyond its research origins in the United States to encompass universities, corporations, and people around the world, the ARPANET came to be called the “DARPA Internet,” and finally just the “Internet.”

6. From its inception, the network was designed to be a decentralized, self-maintaining series of redundant links between computers and computer networks, capable of rapidly transmitting communications without direct human involvement or control, and with the automatic ability to re-route communications if one or more individual links were damaged or otherwise unavailable. Among other goals, this redundant system of linked computers was designed to allow vital research and communications to continue even if portions of the network were damaged, say, in a war.

7. To achieve this resilient nationwide (and ultimately global) communications medium, the ARPANET encouraged the creation of multiple links to and from each computer (or computer network) on the network. Thus, a computer located in Washington, D.C., might be linked (usually using dedicated telephone lines) to other computers in neighboring states or on the Eastern seaboard. Each of those computers could in turn be linked to other computers, which themselves would be linked to other computers.

8. A communication sent over this redundant series of linked computers could travel any of a number of routes to its destination. Thus, a message sent from a computer in Washington, D.C., to a computer in Palo Alto, California, might first be sent to a computer in Philadelphia, and then be forwarded to a computer in Pittsburgh, and then to Chicago, Denver, and Salt Lake City, before finally reaching Palo Alto. If the message could not travel along that path (because of military attack, simple technical malfunction, or other reason), the message would automatically (without human intervention or even knowledge) be re-routed, perhaps, from Washington, D.C. to Richmond, and then to Atlanta, New Orleans, Dallas, Albuquerque, Los Angeles, and finally to Palo Alto. This type of transmission, and re-routing, would likely occur in a matter of seconds.

9. Messages between computers on the Internet do not necessarily travel entirely along the same path. The Internet uses “packet switching” communication protocols that allow individual messages to be subdivided into smaller “packets” that are then sent independently to the destination, and are then automatically reassembled by the receiving computer. While all packets of a given message often travel along the same path to the destination, if computers along the route become overloaded, then packets can be re-routed to less loaded computers.

10. At the same time that ARPANET was maturing (it subsequently ceased to exist), similar networks developed to link universities, research facilities, businesses, and individuals around the world. These other formal or loose networks included BITNET, CSNET, FIDONET, and USENET. Eventually, each of these networks (many of which overlapped) were themselves linked together, allowing users of any computers linked to any one of the networks to transmit communications to users of computers on other networks. It is this series of linked networks (themselves linking computers and computer networks) that is today commonly known as the Internet.

11. No single entity—academic, corporate, governmental, or non-profit—administers the Internet. It exists and functions as a result of the fact that hundreds of thousands of separate operators of computers and computer networks independently decided to use common data transfer protocols to exchange communications and information with other computers (which in turn exchange communications and information with still other computers). There is no centralized storage location, control point, or communications channel for the Internet, and it would not be technically feasible for a single entity to control all of the information conveyed on the Internet.

How Individuals Access the Internet

12. Individuals have a wide variety of avenues to access cyberspace in general, and the Internet in particular. In terms of physical access, there are two common methods to establish an actual link to the Internet. First, one can use a computer or computer terminal that is directly (and usually permanently) connected to a computer network that is itself directly or indirectly connected to the Internet. Second, one can use a “personal computer” with a “modem” to connect over a telephone line to a larger computer or computer network that is itself directly or indirectly connected to the Internet. As detailed below, both direct and modem connections are made available to people by a wide variety of academic, governmental, or commercial entities.

13. Students, faculty, researchers, and others affiliated with the vast majority of colleges and universities in the United States can access the Internet through their educational institutions. Such access is often via direct connection using computers located in campus libraries, offices, or computer centers, or may be through telephone access using a modem from a student’s or professor’s campus or off-campus location. Some colleges and universities install “ports” or outlets for direct network connections in each dormitory room or provide access via computers located in common areas in dormitories. Such access enables students and professors to use information and content provided by the college or university itself, and to use the vast amount of research resources and other information available on the Internet worldwide.

14. Similarly, Internet resources and access are sufficiently important to many corporations and other employers that those employers link their office computer networks to the Internet and provide employees with direct or modem access to the office network (and thus to the Internet). Such access might be used by, for example, a corporation involved in scientific or medical research or manufacturing to enable corporate employees to exchange information and ideas with academic researchers in their fields.

15. Those who lack access to the Internet through their schools or employers still have a variety of ways they can access the Internet….

16. Individuals can also access the Internet through many local libraries. Libraries often offer patrons use of computers that are linked to the Internet. In addition, some libraries offer telephone modem access to the libraries’ computers, which are themselves connected to the Internet. Increasingly, patrons now use library services and resources without ever physically entering the library itself. Libraries typically provide such direct or modem access at no cost to the individual user.

17. Individuals can also access the Internet by patronizing an increasing number of storefront “computer coffee shops,” where customers—while they drink their coffee—can use computers provided by the shop to access the Internet. Such Internet access is typically provided by the shop for a small hourly fee.

18. Individuals can also access the Internet through commercial and non-commercial “Internet service providers” that typically offer modem telephone access to a computer or computer network linked to the Internet. Many such providers—including the members of plaintiff Commercial Internet Exchange Association—are commercial entities offering Internet access for a monthly or hourly fee. Some Internet service providers, however, are non-profit organizations that offer free or very low cost access to the Internet….

19. Another common way for individuals to access the Internet is through one of the major national commercial “online services” such as America Online, CompuServe, the Microsoft Network, or Prodigy. These online services offer nationwide computer networks (so that subscribers can dial-in to a local telephone number), and the services provide extensive and well organized content within their own proprietary computer networks. In addition to allowing access to the extensive content available within each online service, the services also allow subscribers to link to the much larger resources of the Internet. Full access to the online service (including access to the Internet) can be obtained for modest monthly or hourly fees. The major commercial online services have almost twelve million individual subscribers across the United States.

20. In addition to using the national commercial online services, individuals can also access the Internet using some (but not all) of the thousands of local dial-in computer services, often called “bulletin board systems” or “BBSs.” With an investment of as little as $2,000.00 and the cost of a telephone line, individuals, non-profit organizations, advocacy groups, and businesses can offer their own dial-in computer “bulletin board” service where friends, members, subscribers, or customers can exchange ideas and information. BBSs range from single computers with only one telephone line into the computer (allowing only one user at a time), to single computers with many telephone lines into the computer (allowing multiple simultaneous users), to multiple linked computers each servicing multiple dial-in telephone lines (allowing multiple simultaneous users). Some (but not all) of these BBS systems offer direct or indirect links to the Internet. Some BBS systems charge users a nominal fee for access, while many others are free to the individual users.

21. Although commercial access to the Internet is growing rapidly, many users of the Internet—such as college students and staff—do not individually pay for access (except to the extent, for example, that the cost of computer services is a component of college tuition). These and other Internet users can access the Internet without paying for such access with a credit card or other form of payment.

Methods to Communicate Over the Internet

22. Once one has access to the Internet, there are a wide variety of different methods of communication and information exchange over the network. These many methods of communication and information retrieval are constantly evolving and are therefore difficult to categorize concisely….

23. One-to-one messaging. One method of communication on the Internet is via electronic mail, or “e-mail,” comparable in principle to sending a first class letter. One can address and transmit a message to one or more other people. E-mail on the Internet is not routed through a central control point, and can take many and varying paths to the recipients. Unlike postal mail, simple e-mail generally is not “sealed” or secure, and can be accessed or viewed on intermediate computers between the sender and recipient (unless the message is encrypted).

24. One-to-many messaging. The Internet also contains automatic mailing list services (such as “listservs”), [also referred to by witnesses as “mail exploders”] that allow communications about particular subjects of interest to a group of people. For example, people can subscribe to a “listserv” mailing list on a particular topic of interest to them. The subscriber can submit messages on the topic to the listserv that are forwarded (via e-mail), either automatically or through a human moderator overseeing the listserv, to anyone who has subscribed to the mailing list. A recipient of such a message can reply to the message and have the reply also distributed to everyone on the mailing list. This service provides the capability to keep abreast of developments or events in a particular subject area. Most listserv-type mailing lists automatically forward all incoming messages to all mailing list subscribers. There are thousands of such mailing list services on the Internet, collectively with hundreds of thousands of subscribers. Users of “open” listservs typically can add or remove their names from the mailing list automatically, with no direct human involvement. Listservs may also be “closed,” i.e., only allowing for one’s acceptance into the listserv by a human moderator.

25. Distributed message databases. Similar in function to listservs—but quite different in how communications are transmitted—are distributed message databases such as “USENET newsgroups.” User-sponsored newsgroups are among the most popular and widespread applications of Internet services, and cover all imaginable topics of interest to users. Like listservs, newsgroups are open discussions and exchanges on particular topics. Users, however, need not subscribe to the discussion mailing list in advance, but can instead access the database at any time. Some USENET newsgroups are “moderated” but most are open access. For the moderated newsgroups, all messages to the newsgroup are forwarded to one person who can screen them for relevance to the topics under discussion. USENET newsgroups are disseminated using ad hoc, peer to peer connections between approximately 200,000 computers (called USENET “servers”) around the world. For unmoderated newsgroups, when an individual user with access to a USENET server posts a message to a newsgroup, the message is automatically forwarded to all adjacent USENET servers that furnish access to the newsgroup, and it is then propagated to the servers adjacent to those servers, etc. The messages are temporarily stored on each receiving server, where they are available for review and response by individual users. The messages are automatically and periodically purged from each system after a time to make room for new messages. Responses to messages, like the original messages, are automatically distributed to all other computers receiving the newsgroup or forwarded to a moderator in the case of a moderated newsgroup. The dissemination of messages to USENET servers around the world is an automated process that does not require direct human intervention or review.

26. There are newsgroups on more than fifteen thousand different subjects. In 1994, approximately 70,000 messages were posted to newsgroups each day, and those messages were distributed to the approximately 190,000 computers or computer networks that participate in the USENET newsgroup system. Once the messages reach the approximately 190,000 receiving computers or computer networks, they are available to individual users of those computers or computer networks. Collectively, almost 100,000 new messages (or “articles”) are posted to newsgroups each day.

27. Real time communication. In addition to transmitting messages that can be later read or accessed, individuals on the Internet can engage in an immediate dialog, in “real time”, with other people on the Internet. In its simplest forms, “talk” allows one-to-one communications and “Internet Relay Chat” (or IRC) allows two or more to type messages to each other that almost immediately appear on the others’ computer screens. IRC is analogous to a telephone party line, using a computer and keyboard rather than a telephone. With IRC, however, at any one time there are thousands of different party lines available, in which collectively tens of thousands of users are engaging in conversations on a huge range of subjects. Moreover, one can create a new party line to discuss a different topic at any time. Some IRC conversations are “moderated” or include “channel operators.”

28. In addition, commercial online services such as America Online, CompuServe, the Microsoft Network, and Prodigy have their own “chat” systems allowing their members to converse….

The World Wide Web

33. A third approach, and fast becoming the most well-known on the Internet, is the “World Wide Web.” The Web utilizes a “hypertext” formatting language called hypertext markup language (HTML), and programs that “browse” the Web can display HTML documents containing text, images, sound, animation and moving video. Any HTML document can include links to other types of information or resources, so that while viewing an HTML document that, for example, describes resources available on the Internet, one can “click” using a computer mouse on the description of the resource and be immediately connected to the resource itself. Such “hyperlinks” allow information to be accessed and organized in very flexible ways, and allow people to locate and efficiently view related information even if the information is stored on numerous computers all around the world.

34. Purpose. The World Wide Web (W3C) was created to serve as the platform for a global, online store of knowledge, containing information from a diversity of sources and accessible to Internet users around the world. Though information on the Web is contained in individual computers, the fact that each of these computers is connected to the Internet through W3C protocols allows all of the information to become part of a single body of knowledge. It is currently the most advanced information system developed on the Internet, and embraces within its data model most information in previous networked information systems such as ftp, gopher, wais, and Usenet.

35. History. W3C was originally developed at CERN, the European Particle Physics Laboratory, and was initially used to allow information sharing within internationally dispersed teams of researchers and engineers. Originally aimed at the High Energy Physics community, it has spread to other areas and attracted much interest in user support, resource recovery, and many other areas which depend on collaborative and information sharing. The Web has extended beyond the scientific and academic community to include communications by individuals, non-profit organizations, and businesses.

36. Basic Operation. The World Wide Web is a series of documents stored in different computers all over the Internet. Documents contain information stored in a variety of formats, including text, still images, sounds, and video. An essential element of the Web is that any document has an address (rather like a telephone number). Most Web documents contain “links.” These are short sections of text or image which refer to another document. Typically the linked text is blue or underlined when displayed, and when selected by the user, the referenced document is automatically displayed, wherever in the world it actually is stored. Links for example are used to lead from overview documents to more detailed documents, from tables of contents to particular pages, but also as cross-references, footnotes, and new forms of information structure.

37. Many organizations now have “home pages” on the Web. These are documents which provide a set of links designed to represent the organization, and through links from the home page, guide the user directly or indirectly to information about or relevant to that organization….

39.…These links from one computer to another, from one document to another across the Internet, are what unify the Web into a single body of knowledge, and what makes the Web unique. The Web was designed with a maximum target time to follow a link of one tenth of a second.

40. Publishing. The World Wide Web exists fundamentally as a platform through which people and organizations can communicate through shared information. When information is made available, it is said to be “published” on the Web. Publishing on the Web simply requires that the “publisher” has a computer connected to the Internet and that the computer is running W3C server software. The computer can be as simple as a small personal computer costing less than $1500 dollars or as complex as a multi-million dollar mainframe computer. Many Web publishers choose instead to lease disk storage space from someone else who has the necessary computer facilities, eliminating the need for actually owning any equipment oneself.

41. The Web, as a universe of network accessible information, contains a variety of documents prepared with quite varying degrees of care, from the hastily typed idea, to the professionally executed corporate profile. The power of the Web stems from the ability of a link to point to any document, regardless of its status or physical location.

42. Information to be published on the Web must also be formatted according to the rules of the Web standards. These standardized formats assure that all Web users who want to read the material will be able to view it. Web standards are sophisticated and flexible enough that they have grown to meet the publishing needs of many large corporations, banks, brokerage houses, newspapers and magazines which now publish “online” editions of their material, as well as government agencies, and even courts, which use the Web to disseminate information to the public. At the same time, Web publishing is simple enough that thousands of individual users and small community organizations are using the Web to publish their own personal “home pages,” the equivalent of individualized newsletters about that person or organization, which are available to everyone on the Web.

43. Web publishers have a choice to make their Web sites open to the general pool of all Internet users, or close them, thus making the information accessible only to those with advance authorization. Many publishers choose to keep their sites open to all in order to give their information the widest potential audience. In the event that the publishers choose to maintain restrictions on access, this may be accomplished by assigning specific user names and passwords as a prerequisite to access to the site. Or, in the case of Web sites maintained for internal use of one organization, access will only be allowed from other computers within that organization’s local network.

44. Searching the Web. A variety of systems have developed that allow users of the Web to search particular information among all of the public sites that are part of the Web. Services such as Yahoo, Magellan, Altavista, Webcrawler, and Lycos are all services known as “search engines” which allow users to search for Web sites that contain certain categories of information, or to search for key words. For example, a Web user looking for the text of Supreme Court opinions would type the words “Supreme Court” into a search engine, and then be presented with a list of World Wide Web sites that contain Supreme Court information. This list would actually be a series of links to those sites. Having searched out a number of sites that might contain the desired information, the user would then follow individual links, browsing through the information on each site, until the desired material is found. For many content providers on the Web, the ability to be found by these search engines is very important.

45. Common standards. The Web links together disparate information on an ever-growing number of Internet-linked computers by setting common information storage formats (HTML) and a common language for the exchange of Web documents (HTTP). Although the information itself may be in many different formats, and stored on computers which are not otherwise compatible, the basic Web standards provide a basic set of standards which allow communication and exchange of information. Despite the fact that many types of computers are used on the Web, and the fact that many of these machines are otherwise incompatible, those who “publish” information on the Web are able to communicate with those who seek to access information with little difficulty because of these basic technical standards.

46. A distributed system with no centralized control. Running on tens of thousands of individual computers on the Internet, the Web is what is known as a distributed system. The Web was designed so that organizations with computers containing information can become part of the Web simply by attaching their computers to the Internet and running appropriate World Wide Web software. No single organization controls any membership in the Web, nor is there any single centralized point from which individual Web sites or services can be blocked from the Web. From a user’s perspective, it may appear to be a single, integrated system, but in reality it has no centralized control point.

47. Contrast to closed databases. The Web’s open, distributed, decentralized nature stands in sharp contrast to most information systems that have come before it. Private information services such as Westlaw, Lexis/Nexis, and Dialog, have contained large storehouses of knowledge, and can be accessed from the Internet with the appropriate passwords and access software. However, these databases are not linked together into a single whole, as is the World Wide Web.

48. Success of the Web in research, education, and political activities. The World Wide Web has become so popular because of its open, distributed, and easy-to-use nature. Rather than requiring those who seek information to purchase new software or hardware, and to learn a new kind of system for each new database of information they seek to access, the Web environment makes it easy for users to jump from one set of information to another. By the same token, the open nature of the Web makes it easy for publishers to reach their intended audiences without having to know in advance what kind of computer each potential reader has, and what kind of software they will be using….

72. Although parental control software currently can screen for certain suggestive words or for known sexually explicit sites, it cannot now screen for sexually explicit images unaccompanied by suggestive text unless those who configure the software are aware of the particular site.

73. Despite its limitations, currently available user-based software suggests that a reasonably effective method by which parents can prevent their children from accessing sexually explicit and other material which parents may believe is inappropriate for their children will soon be widely available.

Content on the Internet

74. The types of content now on the Internet defy easy classification. The entire card catalogue of the Carnegie Library is on-line, together with journals, journal abstracts, popular magazines, and titles of compact discs. The director of the Carnegie Library, Robert Croneberger, testified that on-line services are the emerging trend in libraries generally. Plaintiff Hotwired Ventures LLC organizes its Web site into information regarding travel, news and commentary, arts and entertainment, politics, and types of drinks. Plaintiff America Online, Inc., not only creates chat rooms for a broad variety of topics, but also allows members to create their own chat rooms to suit their own tastes. The ACLU uses an America Online chat room as an unmoderated forum for people to debate civil liberties issues. Plaintiffs’ expert, Scott Bradner, estimated that 15,000 newsgroups exist today, and he described his own interest in a newsgroup devoted solely to Formula 1 racing cars. America Online makes 15,000 bulletin boards available to its subscribers, who post between 200,000 and 250,000 messages each day. Another plaintiffs’ expert, Howard Rheingold, participates in “virtual communities” that simulate social interaction. It is no exaggeration to conclude that the content on the Internet is as diverse as human thought.

75. The Internet is not exclusively, or even primarily, a means of commercial communication. Many commercial entities maintain Web sites to inform potential consumers about their goods and services, or to solicit purchases, but many other Web sites exist solely for the dissemination of non-commercial information. The other forms of Internet communication—e-mail, bulletin boards, newsgroups, and chat rooms—frequently have non-commercial goals. For the economic and technical reasons set forth in the following paragraphs, the Internet is an especially attractive means for not-for-profit entities or public interest groups to reach their desired audiences. There are examples in the parties’ stipulation of some of the non-commercial uses that the Internet serves. Plaintiff Human Rights Watch, Inc., offers information on its Internet site regarding reported human rights abuses around the world. Plaintiff National Writers Union provides a forum for writers on issues of concern to them. Plaintiff Stop Prisoner Rape, Inc., posts text, graphics, and statistics regarding the incidence and prevention of rape in prisons. Plaintiff Critical Path AIDS Project, Inc., offers information on safer sex, the transmission of HIV, and the treatment of AIDS.

76. Such diversity of content on the Internet is possible because the Internet provides an easy and inexpensive way for a speaker to reach a large audience, potentially of millions. The start-up and operating costs entailed by communication on the Internet are significantly lower than those associated with use of other forms of mass communication, such as television, radio, newspapers, and magazines. This enables operation of their own Web sites not only by large companies, such as Microsoft and Time Warner, but also by small, not-for-profit groups, such as Stop Prisoner Rape and Critical Path AIDS Project. The Government’s expert, Dr. Dan R. Olsen, agreed that creation of a Web site would cost between $1,000 and $15,000, with monthly operating costs depending on one’s goals and the Web site’s traffic. Commercial online services such as America Online allow subscribers to create Web pages free of charge. Any Internet user can communicate by posting a message to one of the thousands of newsgroups and bulletin boards or by engaging in an on-line “chat”, and thereby reach an audience worldwide that shares an interest in a particular topic.

77. The ease of communication through the Internet is facilitated by the use of hypertext markup language (HTML), which allows for the creation of “hyperlinks” or “links”. HTML enables a user to jump from one source to other related sources by clicking on the link. A link might take the user from Web site to Web site, or to other files within a particular Web site. Similarly, by typing a request into a search engine, a user can retrieve many different sources of content related to the search that the creators of the engine have collected.

78. Because of the technology underlying the Internet, the statutory term “content provider,” which is equivalent to the traditional “speaker,” may actually be a hybrid of speakers. Through the use of HTML, for example, Critical Path and Stop Prisoner Rape link their Web sites to several related databases, and a user can immediately jump from the home pages of these organizations to the related databases simply by clicking on a link. America Online creates chat rooms for particular discussions but also allows subscribers to create their own chat rooms. Similarly, a newsgroup gathers postings on a particular topic and distributes them to the newsgroup’s subscribers. Users of the Carnegie Library can read on-line versions of Vanity Fair and Playboy, and America Online’s subscribers can peruse the New York Times, Boating, and other periodicals. Critical Path, Stop Prisoner Rape, America Online and the Carnegie Library all make available content of other speakers over whom they have little or no editorial control.

79. Because of the different forms of Internet communication, a user of the Internet may speak or listen interchangeably, blurring the distinction between “speakers” and “listeners” on the Internet. Chat rooms, e-mail, and newsgroups are interactive forms of communication, providing the user with the opportunity both to speak and to listen.

80. It follows that unlike traditional media, the barriers to entry as a speaker on the Internet do not differ significantly from the barriers to entry as a listener. Once one has entered cyberspace, one may engage in the dialogue that occurs there. In the argot of the medium, the receiver can and does become the content provider, and vice-versa.

81. The Internet is therefore a unique and wholly new medium of worldwide human communication.

Sexually Explicit Material On the Internet

82. The parties agree that sexually explicit material exists on the Internet. Such material includes text, pictures, and chat, and includes bulletin boards, newsgroups, and the other forms of Internet communication, and extends from the modestly titillating to the hardest-core.

83. There is no evidence that sexually-oriented material is the primary type of content on this new medium. Purveyors of such material take advantage of the same ease of access available to all users of the Internet, including establishment of a Web site.

84. Sexually explicit material is created, named, and posted in the same manner as material that is not sexually explicit. It is possible that a search engine can accidentally retrieve material of a sexual nature through an imprecise search, as demonstrated at the hearing. Imprecise searches may also retrieve irrelevant material that is not of a sexual nature. The accidental retrieval of sexually explicit material is one manifestation of the larger phenomenon of irrelevant search results.

85. Once a provider posts content on the Internet, it is available to all other Internet users worldwide. Similarly, once a user posts a message to a newsgroup or bulletin board, that message becomes available to all subscribers to that newsgroup or bulletin board. For example, when the UCR/California Museum of Photography posts to its Web site nudes by Edward Weston and Robert Mapplethorpe to announce that its new exhibit will travel to Baltimore and New York City, those images are available not only in Los Angeles, Baltimore, and New York City, but also in Cincinnati, Mobile, or Beijing—wherever Internet users live. Similarly, the safer sex instructions that Critical Path posts to its Web site, written in street language so that the teenage receiver can understand them, are available not just in Philadelphia, but also in Provo and Prague. A chat room organized by the ACLU to discuss the United States Supreme Court’s decision in FCC v. Pacifica Foundation would transmit George Carlin’s seven dirty words to anyone who enters. Messages posted to a newsgroup dedicated to the Oklahoma City bombing travel to all subscribers to that newsgroup.

86. Once a provider posts its content on the Internet, it cannot prevent that content from entering any community. Unlike the newspaper, broadcast station, or cable system, Internet technology necessarily gives a speaker a potential worldwide audience. Because the Internet is a network of networks (as described above in Findings 1 through 4), any network connected to the Internet has the capacity to send and receive information to any other network. Hotwired Ventures, for example, cannot prevent its materials on mixology from entering communities that have no interest in that topic.

87. Demonstrations at the preliminary injunction hearings showed that it takes several steps to enter cyberspace. At the most fundamental level, a user must have access to a computer with the ability to reach the Internet (typically by way of a modem). A user must then direct the computer to connect with the access provider, enter a password, and enter the appropriate commands to find particular data. On the World Wide Web, a user must normally use a search engine or enter an appropriate address. Similarly, accessing newsgroups, bulletin boards, and chat rooms requires several steps.

88. Communications over the Internet do not “invade” an individual’s home or appear on one’s computer screen unbidden. Users seldom encounter content “by accident.” A document’s title or a description of the document will usually appear before the document itself takes the step needed to view it, and in many cases the user will receive detailed information about a site’s content before he or she need take the step to access the document. Almost all sexually explicit images are preceded by warnings as to the content. Even the Government’s witness, Agent Howard Schmidt, Director of the Air Force Office of Special Investigation, testified that the “odds are slim” that a user would come across a sexually explicit site by accident.

89. Evidence adduced at the hearing showed significant differences between Internet communications and communications received by radio or television. Although content on the Internet is just a few clicks of a mouse away from the user, the receipt of information on the Internet requires a series of affirmative steps more deliberate and directed than merely turning a dial. A child requires some sophistication and some ability to read to retrieve material and thereby to use the Internet unattended.

Obstacles to Age Verification on the Internet

90. There is no effective way to determine the identity or the age of a user who is accessing material through e-mail, mail exploders, newsgroups or chat rooms. An e-mail address provides no authoritative information about the addressee, who may use an e-mail “alias” or an anonymous remailer. There is also no universal or reliable listing of e-mail addresses and corresponding names or telephone numbers, and any such listing would be or rapidly become incomplete. For these reasons, there is no reliable way in many instances for a sender to know if the e-mail recipient is an adult or a minor. The difficulty of e-mail age verification is compounded for mail exploders such as listservs, which automatically send information to all e-mail addresses on a sender’s list. Government expert Dr. Olsen agreed that no current technology could give a speaker assurance that only adults were listed in a particular mail exploder’s mailing list.

91. Because of similar technological difficulties, individuals posting a message to a newsgroup or engaging in chat room discussions cannot ensure that all readers are adults, and Dr. Olsen agreed. Although some newsgroups are moderated, the moderator’s control is limited to what is posted and the moderator cannot control who receives the messages.

92. The Government offered no evidence that there is a reliable way to ensure that recipients and participants in such fora can be screened for age. The Government presented no evidence demonstrating the feasibility of its suggestion that chat rooms, newsgroups and other fora that contain material deemed indecent could be effectively segregated to “adult” or “moderated” areas of cyberspace.

93. Even if it were technologically feasible to block minors’ access to newsgroups and similar fora, there is no method by which the creators of newsgroups which contain discussions of art, politics or any other subject that could potentially elicit “indecent” contributions could limit the blocking of access by minors to such “indecent” material and still allow them access to the remaining content, even if the overwhelming majority of that content was not indecent….

95. Unlike other forms of communication on the Internet, there is technology by which an operator of a World Wide Web server may interrogate a user of a Web site. An HTML document can include a fill-in-the-blank “form” to request information from a visitor to a Web site, and this information can be transmitted back to the Web server and be processed by a computer program, usually a Common Gateway Interface (cgi) script. The Web server could then grant or deny access to the information sought. The cgi script is the means by which a Web site can process a fill-in form and thereby screen visitors by requesting a credit card number or adult password.

96. Content providers who publish on the World Wide Web via one of the large commercial online services, such as America Online or CompuServe, could not use an online age verification system that requires cgi script because the server software of these online services available to subscribers cannot process cgi scripts. There is no method currently available for Web page publishers who lack access to cgi scripts to screen recipients online for age.

The Practicalities of the Proffered Defenses

Note: The Government contends the CDA makes available three potential defenses to all content providers on the Internet: credit card verification, adult verification by password or adult identification number, and “tagging”.

Credit Card Verification…

100. Using credit card possession as a surrogate for age, and requiring use of a credit card to enter a site, would impose a significant economic cost on non-commercial entities. Critical Path, for example, received 3,300 hits daily from February 4 through March 4, 1996. If Critical Path must pay a fee every time a user initially enters its site, then, to provide free access to its non-commercial site, it would incur a monthly cost far beyond its modest resources. The ACLU’s Barry Steinhardt testified that maintenance of a credit card verification system for all visitors to the ACLU’s Web site would require it to shut down its Web site because the projected cost would exceed its budget.

101. Credit card verification would significantly delay the retrieval of information on the Internet. Dr. Olsen, the expert testifying for the Government, agreed that even “a minute is [an] absolutely unreasonable [delay] ... [P]eople will not put up with a minute.” Plaintiffs’ expert Donna Hoffman similarly testified that excessive delay disrupts the “flow” on the Internet and stifles both “hedonistic” and “goal-directed” browsing.

102. Imposition of a credit card requirement would completely bar adults who do not have a credit card and lack the resources to obtain one from accessing any blocked material. At this time, credit card verification is effectively unavailable to a substantial number of Internet content providers as a potential defense to the CDA.

Adult Verification by Password

103. The Government offered very limited evidence regarding the operation of existing age verification systems, and the evidence offered was not based on personal knowledge. AdultCheck and Verify, existing systems which appear to be used for accessing commercial pornographic sites, charge users for their services. Dr. Olsen admitted that his knowledge of these services was derived primarily from reading the advertisements on their Web pages. He had not interviewed any employees of these entities, had not personally used these systems, had no idea how many people are registered with them, and could not testify to the reliability of their attempt at age verification.

104. At least some, if not almost all, non-commercial organizations, such as the ACLU, Stop Prisoner Rape or Critical Path AIDS Project, regard charging listeners to access their speech as contrary to their goals of making their materials available to a wide audience free of charge.

105. It would not be feasible for many non-commercial organizations to design their own adult access code screening systems because the administrative burden of creating and maintaining a screening system and the ongoing costs involved is beyond their reach. There was testimony that the costs would be prohibitive even for a commercial entity such as HotWired, the online version of Wired magazine.

106. There is evidence suggesting that adult users, particularly casual Web browsers, would be discouraged from retrieving information that required use of a credit card or password. Andrew Anker testified that HotWired has received many complaints from its members about HotWired’s registration system, which requires only that a member supply a name, e-mail address and self-created password. There is concern by commercial content providers that age verification requirements would decrease advertising and revenue because advertisers depend on a demonstration that the sites are widely available and frequently visited.

107. Even if credit card verification or adult password verification were implemented, the Government presented no testimony as to how such systems could ensure that the user of the password or credit card is in fact over 18. The burdens imposed by credit card verification and adult password verification systems make them effectively unavailable to a substantial number of Internet content providers.

The Government’s “Tagging” Proposal

108. The feasibility and effectiveness of “tagging” to restrict children from accessing “indecent” speech, as proposed by the Government has not been established. “Tagging” would require content providers to label all of their “indecent” or “patently offensive” material by imbedding a string of characters, such as “XXX,” in either the URL or HTML. If a user could install software on his or her computer to recognize the “XXX” tag, the user could screen out any content with that tag. Dr. Olsen proposed a “-L18” tag, an idea he developed for this hearing in response to Mr. Bradner’s earlier testimony that certain tagging would not be feasible.

109. The parties appear to agree that it is technologically feasible—“trivial”, in the words of plaintiffs’ expert—to imbed tags in URLs and HTML, and the technology of tagging underlies both plaintiffs’ PICS proposal and the Government’s “-L18” proposal.

110. The Government’s tagging proposal would require all content providers that post arguably “indecent” material to review all of their online content, a task that would be extremely burdensome for organizations that provide large amounts of material online which cannot afford to pay a large staff to review all of that material. The Carnegie Library would be required to hire numerous additional employees to review its online files at an extremely high cost to its limited budget. The cost and effort would be substantial for the Library and frequently prohibitive for others. Witness Kiroshi Kuromiya testified that it would be impossible for his organization, Critical Path, to review all of its material because it has only one full and one part-time employee.

111. The task of screening and tagging cannot be done simply by using software which screens for certain words, as Dr. Olsen acknowledged, and we find that determinations as to what is indecent require human judgment.

112. In lieu of reviewing each file individually, a content provider could tag its entire site but this would prevent minors from accessing much material that is not “indecent” under the CDA.

113. To be effective, a scheme such as the -L18 proposal would require a worldwide consensus among speakers to use the same tag to label “indecent” material. There is currently no such consensus, and no Internet speaker currently labels its speech with the -L18 code or with any other widely-recognized label.

114. Tagging also assumes the existence of software that recognizes the tags and takes appropriate action when it notes tagged speech. Neither commercial Web browsers nor user-based screening software is currently configured to block a -L18 code. Until such software exists, all speech on the Internet will continue to travel to whomever requests it, without hindrance. Labelling speech has no effect in itself on the transmission (or not) of that speech. Neither plaintiffs nor the Government suggest that tagging alone would shield minors from speech or insulate a speaker from criminal liability under the CDA. It follows that all speech on any topic that is available to adults will also be available to children using the Internet (unless it is blocked by screening software running on the computer the child is using).

115. There is no way that a speaker can use current technology to know if a listener is using screening software.

116. Tags can not currently activate or deactivate themselves depending on the age or location of the receiver. Critical Path, which posts on-line safer sex instructions, would be unable to imbed tags that block its speech only in communities where it may be regarded as indecent. Critical Path, for example, must choose either to tag its site (blocking its speech in all communities) or not to tag, blocking its speech in none.

The Problems of Offshore Content and Caching

117. A large percentage, perhaps 40% or more, of content on the Internet originates outside the United States. At the hearing, a witness demonstrated how an Internet user could access a Web site of London (which presumably is on a server in England), and then link to other sites of interest in England. A user can sometimes discern from a URL that content is coming from overseas, since InterNIC allows a content provider to imbed a country code in a domain name. Foreign content is otherwise indistinguishable from domestic content (as long as it is in English), since foreign speech is created, named, and posted in the same manner as domestic speech. There is no requirement that foreign speech contain a country code in its URL. It is undisputed that some foreign speech that travels over the Internet is sexually explicit.

118. The use of “caching” makes it difficult to determine whether the material originated from foreign or domestic sources. Because of the high cost of using the trans-Atlantic and trans-Pacific cables, and because the high demand on those cables leads to bottleneck delays, content is often “cached”, or temporarily stored, on servers in the United States. Material from a foreign source in Europe can travel over the trans-Atlantic cable to the receiver in the United States, and pass through a domestic caching server which then stores a copy for subsequent retrieval. This domestic caching server, rather than the original foreign server, will send the material from the cache to the subsequent receivers, without placing a demand on the trans-oceanic cables. This shortcut effectively eliminates most of the distance for both the request and the information and, hence, most of the delay. The caching server discards the stored information according to its configuration (e.g., after a certain time or as the demand for the information diminishes). Caching therefore advances core Internet values: the cheap and speedy retrieval of information.

119. Caching is not merely an international phenomenon. Domestic content providers store popular domestic material on their caching servers to avoid the delay of successive searches for the same material and to decrease the demand on their Internet connection. America Online can cache the home page of the New York Times on its servers when a subscriber first requests it, so that subsequent subscribers who make the same request will receive the same home page, but from America Online’s caching service rather than from the New York Times’s server.

120. Put simply, to follow the example in the prior paragraph, America Online has no control over the content that the New York Times posts to its Web site, and the New York Times has no control over America Online’s distribution of that content from a caching server.


121. Anonymity is important to Internet users who seek to access sensitive information, such as users of the Critical Path AIDS Project’s Web site, the users, particularly gay youth, of Queer Resources Directory, and users of Stop Prisoner Rape (SPR). Many members of SPR’s mailing list have asked to remain anonymous due to the stigma of prisoner rape.

Plaintiffs’ Choices Under the CDA

122. Many speakers who display arguably indecent content on the Internet must choose between silence and the risk of prosecution. The CDA’s defenses—credit card verification, adult access codes, and adult personal identification numbers—are effectively unavailable for non-commercial, not-for-profit entities.

123. The plaintiffs in this action are businesses, libraries, non-commercial and not-for-profit organizations, and educational societies and consortia. Although some of the material that plaintiffs post online—such as information regarding protection from AIDS, birth control or prison rape—is sexually explicit and may be considered “indecent” or “patently offensive” in some communities, none of the plaintiffs is a commercial purveyor of what is commonly termed “pornography.”


Later in the book, you’ll read the Reno v. ACLU opinion, where the Supreme Court confirmed that portions of the Communications Decency Act were unconstitutional.

How did the court define “cyberspace”? How did the court define “the Internet”? How do the terms differ? According to the court, what makes the Internet unique? And what makes the Web unique?

The case’s facts describe the basic infrastructure and functions of the Internet today, but you can see how much the Internet has evolved by enumerating what’s not mentioned in the opinion: Wi-Fi, Google, eBay, iTunes, Spotify, Snapchat, Instagram, Facebook, Twitter, Pinterest, YouTube, Wikipedia, craigslist, Yelp, consumer reviews, blogs, RSS, malware, cellphones/smart phones, mobile apps, fake news, artificial intelligence (AI), blockchains, or Bitcoin. Even spam barely gets a mention. What major services and functions of the Internet do you use daily that the court doesn’t mention?

For a more recent (but still dated) primer on Internet technology, see the appendix to Hal Abelson et al, Blown to Bits (2008),
You might also watch this 36 minute video from the HarvardX CS50B Computer Science for Business Professionals course (free registration required):

At the time of the opinion, it was time-consuming, tedious and expensive to get online through a dial-up modem. Now, between your computer and your phone, you’re probably connected to the Internet virtually all the time, and you may not even know when you’re interacting with an Internet service or content/software on your hard drive.

The emergence of the “Internet-of-Things” further blurs the boundaries between “the Internet” and “not the Internet.” Physical items are now routinely Internet-enabled, including cars, thermostats, juicers (the Juicero), even adult toys (the “We-Vibe”). As the Internet pervades physical items in the “offline” world, does the distinction between “the Internet” and “not the Internet” make any sense?

Do users today ever stumble onto pornography unintentionally? Have you ever done it?

The opinion says: “There is no centralized storage location, control point, or communications channel for the Internet, and it would not be technically feasible for a single entity to control all of the information conveyed on the Internet.” Later it says, “No single organization controls any membership in the Web, nor is there any single centralized point from which individual Web sites or services can be blocked from the Web.” This might still be true in a literal sense, but governments are surprisingly adept at innovating new ways of regulating technologies that are initially considered unregulable. Indeed, foreign governments now routinely block individual websites, usually by pressuring local Internet access providers.

The opinion indicates that it was technically challenging for children to get online. Do you still think that’s true? Have you ever watched a 2 year old use an iPad?

More than twenty years later, do you think we have overcome the challenge of authenticating Internet users’ ages? If not, why does that remain such a challenge?

Mobile Devices as Computers. From Riley v. California, 134 S.Ct. 2473 (2014):

The term “cell phone” is itself misleading shorthand; many of these devices are in fact minicomputers that also happen to have the capacity to be used as a telephone. They could just as easily be called cameras, video players, rolodexes, calendars, tape recorders, libraries, diaries, albums, televisions, maps, or newspapers.

One of the most notable distinguishing features of modern cell phones is their immense storage capacity. Before cell phones, a search of a person was limited by physical realities and tended as a general matter to constitute only a narrow intrusion on privacy. Most people cannot lug around every piece of mail they have received for the past several months, every picture they have taken, or every book or article they have read—nor would they have any reason to attempt to do so. And if they did, they would have to drag behind them a trunk of the sort held to require a search warrant in Chadwick rather than a container the size of the cigarette package in Robinson.

But the possible intrusion on privacy is not physically limited in the same way when it comes to cell phones. The current top-selling smart phone has a standard capacity of 16 gigabytes (and is available with up to 64 gigabytes). Sixteen gigabytes translates to millions of pages of text, thousands of pictures, or hundreds of videos. Cell phones couple that capacity with the ability to store many different types of information: Even the most basic phones that sell for less than $20 might hold photographs, picture messages, text messages, Internet browsing history, a calendar, a thousand-entry phone book, and so on. We expect that the gulf between physical practicability and digital capacity will only continue to widen in the future.

The storage capacity of cell phones has several interrelated consequences for privacy. First, a cell phone collects in one place many distinct types of information—an address, a note, a prescription, a bank statement, a video—that reveal much more in combination than any isolated record. Second, a cell phone’s capacity allows even just one type of information to convey far more than previously possible. The sum of an individual’s private life can be reconstructed through a thousand photographs labeled with dates, locations, and descriptions; the same cannot be said of a photograph or two of loved ones tucked into a wallet. Third, the data on a phone can date back to the purchase of the phone, or even earlier. A person might carry in his pocket a slip of paper reminding him to call Mr. Jones; he would not carry a record of all his communications with Mr. Jones for the past several months, as would routinely be kept on a phone.

Finally, there is an element of pervasiveness that characterizes cell phones but not physical records. Prior to the digital age, people did not typically carry a cache of sensitive personal information with them as they went about their day. Now it is the person who is not carrying a cell phone, with all that it contains, who is the exception. According to one poll, nearly three-quarters of smart phone users report being within five feet of their phones most of the time, with 12% admitting that they even use their phones in the shower. A decade ago police officers searching an arrestee might have occasionally stumbled across a highly personal item such as a diary. But those discoveries were likely to be few and far between. Today, by contrast, it is no exaggeration to say that many of the more than 90% of American adults who own a cell phone keep on their person a digital record of nearly every aspect of their lives—from the mundane to the intimate. Allowing the police to scrutinize such records on a routine basis is quite different from allowing them to search a personal item or two in the occasional case.

Although the data stored on a cell phone is distinguished from physical records by quantity alone, certain types of data are also qualitatively different. An Internet search and browsing history, for example, can be found on an Internet-enabled phone and could reveal an individual’s private interests or concerns—perhaps a search for certain symptoms of disease, coupled with frequent visits to WebMD. Data on a cell phone can also reveal where a person has been. Historic location information is a standard feature on many smart phones and can reconstruct someone’s specific movements down to the minute, not only around town but also within a particular building.

Mobile application software on a cell phone, or “apps,” offer a range of tools for managing detailed information about all aspects of a person’s life. There are apps for Democratic Party news and Republican Party news; apps for alcohol, drug, and gambling addictions; apps for sharing prayer requests; apps for tracking pregnancy symptoms; apps for planning your budget; apps for every conceivable hobby or pastime; apps for improving your romantic life. There are popular apps for buying or selling just about anything, and the records of such transactions may be accessible on the phone indefinitely. There are over a million apps available in each of the two major app stores; the phrase “there’s an app for that” is now part of the popular lexicon. The average smart phone user has installed 33 apps, which together can form a revealing montage of the user’s life.

In 1926, Learned Hand observed that it is “a totally different thing to search a man’s pockets and use against him what they contain, from ransacking his house for everything which may incriminate him.” If his pockets contain a cell phone, however, that is no longer true. Indeed, a cell phone search would typically expose to the government far more than the most exhaustive search of a house: A phone not only contains in digital form many sensitive records previously found in the home; it also contains a broad array of private information never found in a home in any form—unless the phone is.

Have We Fallen Out of Love With the Internet? This opinion reflects a certain amazement with Internet technology, for good reason. The Internet is a major advance in human technology, and it enables functionality that truly would have seemed like science fiction to people before the Internet. That’s why most people still love the Internet. Yet, over time, the Internet’s brand has been degrading:

Americans have grown somewhat more ambivalent about the impact of digital connectivity on society as a whole. A sizable majority of online adults (70%) continue to believe the internet has been a good thing for society. Yet the share of online adults saying this has declined by a modest but still significant 6 percentage points since early 2014, when the Center first asked the question….

Those who think the internet has had a good impact on society tended to focus on two key issues, according to follow-up items which allowed respondents to explain their views in their own words. Most (62% of those with a positive view) mentioned how the internet makes information much easier and faster to access. Meanwhile, 23% of this group mentioned the ability to connect with other people, or the ways in which the internet helps them keep more closely in touch with friends and family.

By contrast, those who think the internet is a bad thing for society gave a wider range of reasons for their opinions, with no single issue standing out. The most common theme (mentioned by 25% of these respondents) was that the internet isolates people from each other or encourages them to spend too much time with their devices. These responses also included references to the spread and prevalence of fake news or other types of false information: 16% mentioned this issue. Some 14% of those who think the internet’s impact is negative cited specific concerns about its effect on children, while 13% argued that it encourages illegal activity. A small share (5%) expressed privacy concerns or worries about sensitive personal information being available online.   

Declining Majority of Online Adults Say the Internet Has Been Good for Society, Pew Research Сenter, Apr. 30, 2018, http://www.pewinternet.org/2018/04/30/declining-majority-of-online-adults-say-the-internet-has-been-good-for-society/.

Consider how these changing sentiments might affect regulatory impulses, both in the 1990s and now.

1.2. Noah v. AOL (E.D. Va.)

In the next case, the court legally distinguishes an online chatroom from an offline restaurant. How and why?

Noah v. AOL Time Warner Inc., 261 F. Supp. 2d 532 (E.D. Va. 2003)

Plaintiff, on behalf of himself and a class of those similarly situated, sues his Internet service provider (ISP) for damages and injunctive relief, claiming that the ISP wrongfully refused to prevent participants in an online chat room from posting or submitting harassing comments that blasphemed and defamed plaintiff’s Islamic religion and his co-religionists. Specifically, plaintiff claims his ISP’s failure to prevent chat room participants from using the ISP’s chat room to publish the harassing and defamatory comments constitutes a breach of the ISP’s customer agreement with plaintiff and a violation of Title II of the Civil Rights Act of 1964, 42 U.S.C. § 2000a et seq.

At issue on a threshold dismissal motion are

(i) the now familiar and well-litigated question whether a claim, like plaintiff’s, which seeks to hold an ISP civilly liable as a publisher of third party statements is barred by the immunity granted ISP’s by the Communications Decency Act of 1996, 47 U.S.C. § 230,

(ii) the less familiar, indeed novel question whether an online chat room is a “place of public accommodation” under Title II, and

(iii) the rather prosaic question whether plaintiff’s breach of contract claim is barred by the very contract on which he relies, namely the Member Agreement contract.

For the reasons that follow, plaintiff’s claims do not survive threshold inspection and must therefore be dismissed.


Plaintiff Saad Noah, a Muslim, is a resident of Illinois and was a subscriber of defendant America Online, Inc. (“AOL”)’s Internet service until he cancelled the service in July of 2000. AOL, which is located in the Eastern District of Virginia, is, according to the complaint, the world’s largest Internet service provider, with more than 30 million subscribers, or “members,” worldwide. Defendant AOL Time Warner Inc. is the parent company of AOL.

Among the many services AOL provides its members are what are popularly known as “chat rooms.” These occur where, as AOL does here, an ISP allows its participants to use its facilities to engage in real-time electronic conversations. Chat room participants type in their comments or observations, which are then read by other chat room participants, who may then type in their responses. Conversations in a chat room unfold in real time; the submitted comments appear transiently on participants’ screens and then scroll off the screen as the conversation progresses. AOL chat rooms are typically set up for the discussion of a particular topic or area of interest, and any AOL member who wishes to join a conversation in a public chat room may do so.

Two AOL chat rooms are the focus of plaintiff’s claims: the “Beliefs Islam” chat room and the “Koran” chat room. It is in these chat rooms that plaintiff alleges that he and other Muslims have been harassed, insulted, threatened, ridiculed and slandered by other AOL members due to their religious beliefs. The complaint lists dozens of harassing statements made by other AOL members in these chat rooms on specified dates, all of which plaintiff alleges he brought to AOL’s attention together with requests that AOL take action to enforce its member guidelines and halt promulgation of the harassing statements. The statements span a period of two and one-half years, from January 10, 1998 to July 1, 2000, and are attributable to various AOL chat room participants only by virtue of a screen name. A representative sample of the reported offensive comments follows:

(i) On January 10, 1998 the AOL Member with the screen name “Aristotlee” wrote “islam is meaniglessssss thought,” “allahsdick cut offfffffff,” “dumballah bastard,” “allah assssshole,” “allajs dick is in holy dick place hey.” “FUCK ALLAH,” etc.  


(ii) On April 26, 1998, “Twotoneleg” wrote “I HATE MUSLIMS,” “THE KORAN SUCKS,” etc., and “BOSS30269” wrote “I LIKE SHOOTING MUSLIMS,” “I WILL BOMB THE MIDDLE EAST,” and “FUCK ISLAM.”

(iii) On November 4, 1998, “Hefedehefe” wrote “SMELLY TOWEL HEADS” and “MUSLIM TOWEL HEADS.”

(iv) On July 11, 1999, “Jzingher” wrote “The Koran and Islam are creations of Satan to distract people from the true faith which is Judaism. Mohammed was merely a huckster who found a simple people he could manipulate.”

(v) On July 18, 1999 “SARGON I” wrote “Qura’n lies about everything—a Satan made verses of darkness and destruction!”, “Mohammed was no shit, only a killer, thief, a liar and a adulterer!”, and “BYE STUPID MUSLIMS....ALL GO TO HELL.”

(vi) On July 1, 2000, “DXfina3000 wrote “muslims suck,” “they suck ass,” “korans is use to wipe ass,” “fuckin muslins,” and “well allah can suck my dick you peice of ass.”

Plaintiff understandably complained about these offensive, obnoxious, and indecent statements, initially through the channels provided by AOL for such complaints and eventually through emails sent directly to AOL’s CEO Steve Case. Plaintiff alleges that although he reported every one of the alleged violations to AOL, AOL refused to exercise its power to eliminate the harassment in the “Beliefs Islam” and “Koran” chat rooms. Moreover, plaintiff contends that AOL gave a “green light” to the harassment of Muslims in these forums, claiming that such harassment was not tolerated in chat rooms dealing with other subjects and faiths. In protest, plaintiff cancelled his AOL account in July 2000. Plaintiff further alleges that other Muslim members of AOL have also complained to AOL about similar harassing statements.

The relationship between AOL and each of its subscribing members is governed by the Terms of Service (“TOS”), which include a Member Agreement and the Community Guidelines. The Member Agreement is a “legal document that details [a member’s] rights and obligations as an AOL member,” and it requires, inter alia, that AOL members adhere to AOL’s standards for online speech, as set forth in the Community Guidelines. These Guidelines state, in pertinent part, that

... You will be considered in violation of the Terms of Service if you (or others using your account) do any of the following: ....

* Harass, threaten, embarrass, or do anything else to another member that is unwanted. This means: ... don’t attack their race, heritage, etc....

* Transmit or facilitate distribution of content that is harmful, abusive, racially or ethnically offensive, vulgar, sexually explicit, or in a reasonable person’s view, objectionable. Community standards may vary, but there is no place on the service where hate speech is tolerated.

* Disrupt the flow of chat in chat rooms with vulgar language, abusiveness, ...

The Member Agreement states that AOL has the right to enforce these Community Guidelines “in its sole discretion.” In response to a violation, “AOL may take action against your account,” ranging from “issuance of a warning about a violation to termination of your account.” AOL’s Community Action Team is responsible for enforcing the content and conduct standards and members are encouraged to notify AOL of violations they observe online. Importantly, however, the Member Agreement states that AOL members “... also understand and agree that the AOL Community Guidelines and the AOL Privacy Policy, including AOL’s enforcement of those policies, are not intended to confer, and do not confer, any rights or remedies upon any person.”…


Plaintiff’s Title II claim fails for two alternate and independent reasons. First, plaintiff’s claim against AOL is barred because of the immunity granted AOL, as an interactive computer service provider, by the Communications Decency Act of 1996, 47 U.S.C. § 230. Second, plaintiff’s claim fails because a chat room is not a “place of public accommodation” as defined by Title II, 42 U.S.C. § 2000a(b). Each dismissal ground is separately addressed….

[Editor’s note: after studying Section 230, you might revisit this case to think about why Section 230 applied to Noah’s claims.]


Even assuming, arguendo, that plaintiff’s Title II claim is not barred by § 230, it must nonetheless be dismissed for failure to state a claim because AOL’s chat rooms and other online services do not constitute a “place of public accommodation” under Title II.

Title II provides that “[a]ll persons shall be entitled to full and equal enjoyment of the goods, services, facilities, privileges, advantages, and accommodations of any place of public accommodation, as defined in this section, without discrimination or segregation on the ground of race, color, religion, or national origin.” 42 U.S.C. § 2000a(a). Title II defines a “place of public accommodation” as follows:

Each of the following establishments which serves the public is a place of public accommodation within the meaning of this subchapter ...

(1) any inn, hotel, motel, or other establishment which provides lodging to transient guests, other than an establishment located within a building which contains not more than five rooms for rent or hire and which is actually occupied by the proprietor of such establishment as his residence;

(2) any restaurant, cafeteria, lunchroom, lunch counter, soda fountain, or other facility principally engaged in selling food for consumption on the premises, including, but not limited to, any such facility located on the premises of any retail establishment; or any gas station;

(3) any motion picture house, theater, concert hall, sports arena, stadium or other place of exhibition or entertainment; and

(4) any establishment (A)(i) which is physically located within the premises of any establishment otherwise covered by this subsection, or (ii) within the premises of which is physically located any such covered establishment, and (B) which holds itself out as serving patrons of such covered establishment.

42 U.S.C. § 2000a(b).

The theory of plaintiff’s Title II claim is that he was denied the right of equal enjoyment of AOL’s chat rooms because of AOL’s alleged failure to take steps to stop the harassing comments and because of AOL’s warnings to plaintiff and brief termination of plaintiff’s service. In this regard, plaintiff contends that the chat rooms are “place[s] of ... entertainment” and thus within the public accommodation definition. Yet, as the relevant case law and an examination the statute’s exhaustive definition make clear, “places of public accommodation” are limited to actual, physical places and structures, and thus cannot include chat rooms, which are not actual physical facilities but instead are virtual forums for communication provided by AOL to its members.

Title II’s definition of “places of public accommodation” provides a list of “establishments” that qualify as such places. This list, without exception, consists of actual physical structures; namely any “inn, hotel, motel, ... restaurant, cafeteria, lunchroom, lunch counter, soda fountain, ... gasoline station ... motion picture house, theater, concert hall, sports arena [or] stadium.” In addition, § 2000a(b)(4) emphasizes the importance of physical presence by referring to any “establishment ... which is physically located within” an establishment otherwise covered, or “within ... which” an otherwise covered establishment “is physically located.” (emphasis added) Thus, in interpreting the catchall phrase “other place of exhibition or entertainment” on which plaintiff relies, the statute’s consistent reference to actual physical structures points convincingly to the conclusion that the phrase does not include forums for entertainment that are not physical structures or locations.

As the Supreme Court has held, § 2000a(b)(3) should be read broadly to give effect to the statute’s purpose, namely to eliminate the “daily affront and humiliation” caused by “discriminatory denials of access to facilities ostensibly open to the general public.” (emphasis added). This broad coverage stems from a “natural reading of [the statute’s] language,” which should be “given full effect according to its generally accepted meaning.” As such, it is clear that the reach of Title II, however broad, cannot extend beyond actual physical facilities. Given Title II’s sharp focus on actual physical facilities, such as inns, motels, restaurants, gas stations, theaters, and stadiums, it is clear that Congress intended the statute to reach only the listed facilities and other similar physical structures, not to “regulate a wide spectrum of consensual human relationships.”

This emphasis on actual physical facilities is reinforced by the cases rejecting Title II claims against membership organizations. In Welsh, the plaintiffs, who were atheists, claimed that the Boy Scouts of America violated Title II in denying them membership, arguing that the Boy Scouts were a “place of ... entertainment.” The majority of the Seventh Circuit panel in Welsh concluded that the Boy Scouts of America is not a “place of public accommodation” under Title II because it is not “closely connected to a particular facility.” In doing so, the Welsh majority distinguished the Boy Scouts from membership organizations in which membership “functions as a ‘ticket’ to admission to a facility or location,” that have been consistently held to be places of public accommodation under Title II. Similarly, the Ninth Circuit in Clegg held that the Cult Awareness Network, a nonprofit organization that provides information to the public concerning cults and supports former cult members, was not a “place of public accommodation” because it had “no affiliation with any public facility.” In short, it is clear from the cases considering membership organizations that status as a place of public accommodation under Title II requires some connection to some specific physical facility or structure. As noted in Welsh and Clegg, to ignore this requirement is to ignore the plain language of the statute and to render the list of example facilities provided by the statute superfluous.

In arguing that places of public accommodation are not limited to actual physical facilities under Title II, plaintiff turns to the case law interpreting the analogous “place of public accommodation” provision under Title III of the Americans With Disability Act (ADA). While the case law concerning places of public accommodation under the ADA is more abundant than that under Title II, it is not entirely uniform. Yet, a detour into the parallel ADA cases is instructive and ultimately supports the conclusion that “places of public accommodation” must consist of, or have a clear connection to, actual physical facilities or structures.

The circuits are split regarding the essential question whether a place of public accommodation under the ADA must be an actual concrete physical structure. On the one hand, as plaintiff notes, the First Circuit has held that “places of public accommodation” under Title III of the ADA are not limited to actual physical facilities. See Carparts Distribution Center, Inc. v. Automotive Wholesaler’s Assoc. of New England, Inc., 37 F.3d 12, 18-20 (1st Cir. 1994) (holding that a trade association which administers a health insurance program, without any connection to a physical facility, can be a “place of public accommodation”).1 On the other hand, the Third, Sixth and Ninth Circuits, in similar cases involving health insurance programs, followed the logic of Welsh and Clegg in holding that places of public accommodation under Title III of the ADA must be physical places. Thus, it appears that the weight of authority endorses the “actual physical structure” requirement in the ADA context as well.

Most significantly, two more recent ADA cases involving fact situations much closer to those at bar reaffirm the principle that a “places of public accommodation,” even under the ADA’s broader definition, must be actual, physical facilities. In one case, the plaintiffs claimed that Southwest Airlines was in violation of the ADA because its “southwest.com” web site was incompatible with “screen reader” programs and thus inaccessible to blind persons. See Access Now, Inc. v. Southwest Airlines, Co., 227 F. Supp. 2d 1312, 1316 (S.D. Fla. 2002). Thus, the question presented was whether the airline’s web site, which serves as an online ticket counter, constitutes a “place of public accommodation” under the ADA. The Access Now court held that places of public accommodation under the ADA are limited to “physical concrete structures,” and that the web site was not an actual physical structure. Rejecting the invitation to endorse the Carparts approach and apply the ADA to Internet web sites despite their lack of physical presence, the Access Now court concluded that “[t]o expand the ADA to cover ‘virtual’ spaces would create new rights without well-defined standards.”2 Similarly, in another case, plaintiff contended that the defendant’s digital cable system was in violation of the ADA because its on-screen channel guide was not accessible to the visually impaired. Here too, the district court rejected the notion that the digital cable system was a “place of public accommodation,” because “in no way does viewing the system’s images require the plaintiff to gain access to any actual physical public place,” Furthermore, the Torres court sensibly concluded that the mere fact that the digital cable system relied on physical facilities to support and transmit its services did not convert the cable service into a “physical public place.”

In sum, whether one relies on the Title II case law or looks to the broader ADA definition of public place of accommodation, it is clear that the logic of the statute and the weight of authority indicate that “places of entertainment” must be actual physical facilities. With this principle firmly established, it is clear that AOL’s online chat rooms cannot be construed as “places of public accommodation” under Title II. An online chat room may arguably be a “place of entertainment,” but it is not a physical structure to which a member of the public may be granted or denied access, and as such is fundamentally different from a “motion picture house, theater, concert hall, sports arena, [or] stadium.” Although a chat room may serve as a virtual forum through which AOL members can meet and converse in cyberspace, it is not an “establishment,” under the plain meaning of that term as defined by the statute. Unlike a theater, concert hall, arena, or any of the other “places of entertainment” specifically listed in § 2000a(b), a chat room does not exist in a particular physical location, indeed it can be accessed almost anywhere, including from homes, schools, cybercafes and libraries. In sum, although a chat room or other online forum might be referred to metaphorically as a “location” or “place,” it lacks the physical presence necessary to constitute a place of public accommodation under Title II. Accordingly, even if plaintiff’s Title II claim were not barred by § 230’s grant of immunity to service providers, it would be fail [sic] on the independent ground that AOL’s chat rooms are not places of public accommodation….

[The court rejected Noah’s breach of contract claim based on various limitations in the contract terms. The court also rejected Noah’s First Amendment claims because AOL is not a state actor.]


Were you more sympathetic to Noah or AOL?

Why didn’t AOL do more (per the terms of its user agreement) to clean up its chatrooms?

Internet Exceptionalism. “Internet exceptionalism” means regulating the Internet differently than other media. In some cases, the Internet is sufficiently different from other media that we can justify Internet exceptionalist regulation. In other cases, the differences between the Internet and other media are exaggerated, making the different legal treatment impossible to justify.

Internet exceptionalism can cut both ways—we could give legal preferences to Internet actors (like 47 U.S.C. §230, discussed later in the book), or we could burden Internet actors more than other media actors. More commonly, as part of a “techno-panic,” regulators overreact to emerging Internet technologies and seek to burden the new development because it’s new and scary, not because the legal distinctions are analytically justifiable.

Is Internet exceptionalism justified? In 2017, Justice Kennedy wrote:

While we now may be coming to the realization that the Cyber Age is a revolution of historic proportions, we cannot appreciate yet its full dimensions and vast potential to alter how we think, express ourselves, and define who we want to be. The forces and directions of the Internet are so new, so protean, and so far reaching that courts must be conscious that what they say today might be obsolete tomorrow.

Packingham v. North Carolina, 137 S. Ct. 1730 (2017). In a concurrence, Justice Alito added: “Cyberspace is different from the physical world.”

A November 2017 online survey asked: “Should the federal government regulate large social media platforms (eg Facebook/Twitter) that display, but don't produce, content in the way the government regulates media companies?” Respondents answered yes 34% and no 62%. (see https://drive.google.com/file/d/0B-OW6-tDrcdMN0h4THpwUnJadFE/view). But does this survey result mean that respondents believed that social media platforms should be subject to greater—or lesser—protection than offline media?

Can you think of any content or services online that lack an offline analogue? These might be proof that Internet exceptionalism is justified. One example might be consumer reviews of goods and services. What do you think is the closest offline analogy to consumer reviews, and what properties of the Internet have contributed to the success of online consumer reviews?

Social Media Exceptionalism. In exploring social media exceptionalism (we’ll define and discuss “social media” later) as a subset of Internet exceptionalism, researcher danah boyd identified four key attributes of social media:

  • persistence: the durability of online expressions and content;
  • visibility: the potential audience who can bear witness;
  • spreadability: the ease with which content can be shared;
  • and searchability: the ability to find content.

DANAH BOYD, It’s Complicated: the Social Lives of Networked Teens (2014). She adds that these attributes “are not in and of themselves new….What is new is the way in which social media alters and amplifies social situations by offering technical features that people can use to engage in these well-established practices.” What do you think of this?

Cyber-Bullying. Was Noah “cyber-bullied” or “cyber-harassed” (based on whatever those terms mean to you)? Stated differently, do you think the hostile comments experienced by Noah were a problem that the law should recognize? Have you ever experienced similar online remarks directed towards you? If you’re not Muslim, do you think your first-hand experiences might differ from Noah’s? Does the discourse around the 2016 Presidential Election, and subsequent anti-Muslim rhetoric from the federal government, highlight why Muslim-Americans might feel targeted?

Cyberspace and “Places of Public Accommodation.” What policy rationales did the court provide in rejecting Noah’s argument that AOL was a place of public accommodation? Because of the court’s ruling, AOL has more favorable legal treatment than certain categories of offline retail establishments. Can you think of persuasive reasons to treat online venues like AOL differently than physical venues like restaurants?

Regarding the boundary between cyberspace and real space, many cases have reached a similar conclusion to the Noah ruling. See, e.g., Young v. Facebook, Inc., 790 F. Supp. 2d 1110 (N.D. Cal. 2011):

Despite its frequent use of terms such as “posts” and “walls,” Facebook operates only in cyberspace, and is thus is not a “place of public accommodation” as construed by the Ninth Circuit. While Facebook’s physical headquarters obviously is a physical space, it is not a place where the online services to which Young claims she was denied access are offered to the public.

See also Jancik v. Redbox Automated Retail, LLC, 2014 WL 1920751 (C.D. Cal. 2014).

However, courts are now regularly finding that websites need to comply with the Americans with Disabilities Act, typically (but not always) when the website acts an extension of the defendant’s physical-space facilities. See, e.g., National Association of the Deaf v. Netflix, Inc., 869 F. Supp. 2d 196 (D. Mass. 2012) (Netflix is a place of public accommodation for purposes of the Americans with Disabilities Act); Andrews v. Blick Art Materials, 268 F. Supp. 3d 381 (E.D.N.Y. 2017) (physical space retailer’s e-commerce site is a place of public accommodation for purposes of the Americans with Disabilities Act); Del-Orden v. Bononos, Inc., 2017 WL 6547902 (S.D.N.Y. 2017) (“Congress’s purposes in adopting the ADA would be frustrated were the term ‘public accommodation’ given a narrow application, under which access to the vast world of Internet commerce would fall outside the statute's protection. Today, few areas are more integral to ‘the economic and social mainstream of American life’ than the Internet’s websites”); Carroll v. Fedfinancial Federal Credit Union, 2018 WL 3212023 (E.D. Va. 2018) (“the Court finds that Defendant’s website is offered as a service or privilege of Defendant’s brick-and-mortar location, and is subject to the requirements of Title III of the ADA on those grounds”).

The “Company Town” Analogy. Because of the robust social discourse they enable, commentators have sometimes analogized Internet communication venues to traditional government-operated public forums, such as streets and sidewalks, where the First Amendment robustly protects citizens’ speech. Because the “virtual streets and sidewalks” are owned by private companies, these commentators have extended the analogy to characterize the online venues as company towns, which may be required to comply with the First Amendment when policing onsite speech. These arguments have not fared well in court. See, e.g., Prager University v. Google LLC, 2018 WL 1471939 (N.D. Cal. 2018):

Defendants do not own all the property and control all aspects and municipal functions of an entire town. Far from it, Defendants merely regulate content that is uploaded on a video-sharing website that they created as part of a private enterprise….

Defendants do not appear to be at all like, for example, a private corporation that governs and operates all municipal functions for an entire town, or one that has been given control over a previously public sidewalk or park, or one that has effectively been delegated the task of holding and administering public elections. Instead, Defendants are private entities who created their own video-sharing social media website and make decisions about whether and how to regulate content that has been uploaded on that website….The Court likewise declines to find that Defendants in the instant case are state actors that must regulate the content on their privately created website in accordance with the strictures of the First Amendment.

See also Johnson v. Twitter, Inc., No. 18CECG00078 (Cal. Superior Ct. June 6, 2018) (Twitter isn’t a shopping mall for First Amendment purposes).

What Does Physical Presence Mean? In Minnesota, it’s a crime to “engage in masturbation or lewd exhibition of the genitals in the presence of a minor under the age of 16, knowing or having reason to know the minor is present.” Does the statute refer to physical presence, virtual presence (whatever that means), or both? In other words, does texting a dick pic to a minor violate this statute? Compare State v. Decker, 2017 WL 1833239 (Minn. Ct. App. 2017) (yes, but the court did a poor job considering how a genital display in-person might differ from a dick pic) with State v. Legassie, 171 A.3d 589 (Me. 2017) (no conviction for Maine’s “indecency” crime).

Another scenario: Journalist Kurt Eichenwald has epilepsy, something he’s discussed many times publicly. A Twitter troll knows of Eichenwald’s epilepsy, and the troll tweet-replies to Eichenwald’s Twitter account a strobing animated GIF with goal—and effect—of triggering an epileptic seizure.

Eichenwald brought a civil lawsuit against the troll, including a claim for battery. The legal standard for civil battery: “intentionally, knowingly, or recklessly caus[ing] bodily injury [or] intentionally or knowingly caus[ing] physical contact with another when the person knows or should reasonably believe that the other will regard the contact as offensive or provocative.” Did sending the GIF constitute a “battery”?

The court rejected the motion to dismiss. “Plaintiff has alleged that light waves emitted from the GIF touched Plaintiff’s retina, generated an electric signal, and caused a seizure. Taking, as the Court must, Plaintiff’s allegations as true, including his characterization of the science and Plaintiff’s physical condition, there was physical contact.” Eichenwald v. Rivello, 2018 WL 2462874 (D. Md. 2018). What do you think of that rationale?

The court explained:

Defendant here allegedly chose to use the electronic capabilities of a computer as a weapon—as a means of causing physical harm. Defendant’s tweet, activating certain harmful capabilities of the transmitting computer, converted the computer into a weapon to inflict physical injury. The computer and the tweet were no longer merely a mode of communication. Something more, and separate, from mere communication occurred...an offensive touching.


Which of the following regulations reflect Internet exceptionalism?

a) A court opinion holding that Uber must treat its drivers as employees instead of independent contractors

b) A city regulation imposing a “bed tax” on hotel stays, and defining the word “hotel” to include Airbnb rentals

c) A federal law (the “Internet Tax Freedom Act”) banning states from imposing sales tax collection obligations on e-commerce transactions

d) A state law excluding e-books from sales tax, even if the same material published in hard copy form would be subject to sales tax

e) A state law requiring online dating websites to check the criminal backgrounds of all paying members

1.3. Determining the Geography of Internet-Connected Devices

The “geography question” is one of the most crucial issues in Internet law. How should we overlay our traditional schemes of geographically “bordered” regulation and enforcement onto an electronic network that isn’t restricted to geographic borders?

The answer partially depends on technological facts: how easy it is to know the geographic location of an Internet user, and how easy is it to restrict/limit interactions with users in “unwanted” locations? The answers to these questions are continually evolving.

Every device connected to the Internet has a unique identifier, called an “IP address,” that functions as the address for sending packets to it. An IP address serves the same purpose as a postal mailing address or a telephone number, which similarly help identify the destination for incoming communications by mail and telephony, respectively. As you’ll see in a moment, it is possible to determine a computer’s location using its IP address, even if the computer’s user never affirmatively reveals his/her location.

The following explainer, a series of 2012 blog posts by Ben Kneen (http://www.adopsinsider.com/), discusses some ways an online service can determine the geographic location of its users. What are the legal consequences if a website or mobile app tries to obtain this geographic information? Should we hold websites or mobile apps accountable for choosing not to use such technologies, or should we require them to do so?

Geotargeting Explained: How Ad Servers Understand Physical Locations (May 7, 2012)

by Ben Kneen


How is an IP Address Associated with a Geographic Location?

By and large, IP addresses are arbitrary – meaning they could be anywhere, and there isn’t much rhyme or reason to their values from a geographic perspective. It isn’t as though if the IP address starts with a 1 it is always located in the United States, for example. Instead, companies like Digital Envoy use a multi-layered approach to assign geographic qualities to a user, some highly technical, and some which are just common sense, and some that are a combination of the two.

On the common sense side, a fair amount of geolocation companies can leverage Regional Internet Registries, or RIRs, to assign high level qualities, like country or continent. The RIRs each own dedicated ranges of IP values and exist to allocate IP addresses within their regions, and cooperate among each other to ensure that the same IP isn’t being used in more than one place. So placing the IP address within a specific RIR’s range allows the service to identify location at a very high level. Some geolocation services are rumored to work with large registration based sites as well, and have zip code information that a user might manually enter during a sign up process.

Pings, Traceroutes, Reverse DNS, and Other Technical Methods of Geolocation

From there though, the heavy lifting is usually done through a combination of three technical processes known as pings, traceroutes, and reverse DNS lookups. Let’s run through a high level explanation of all three processes, and then explain how they work in concert to geographically locate a single IP address.

A ping is just a small piece of information sent from one computer to another, with a request to call the originating computer back. Pings can also record the round trip time of the journey, and are used for a variety of administrative network processes. Think of it like a submarine’s sonar technology, applied to the internet.

Tracerouting is basically a way to record the network routing process of the ping service, or the detail behind how the ping got from one machine to its destination. Tracerouting records how a ping is routed, who it is routed through, and the time it takes at each step. When information travels across the internet, be it a ping or just regular surfing, it moves through a series of very high speed fiber optic networks owned by various public and private entities. Now, when the information gets physically close to a user, it passes down to an Internet Service Provider (ISP),3 which sells internet access to consumers. The ISP eventually moves the packet of information to a nearby network router to the user, which connects directly to the user. By using the traceroute utility, the geolocation service can know every system the information was passed through in order to get to its final destination. The important piece of information the service gets from a traceroute is the IP address of that final network router, geographically nearest to the user….

With the network router’s IP address in hand, the geolocation service can finally use a technique known as a reverse DNS lookup to identify who owns that network router, which it can use to lock in on the physical location of the user. Reverse DNS is simply a service to identify the hostname of an IP address, that is, who owns an IP address. For many home computers, the host ends up being the ISP. For businesses, the host ends up being the company’s domain…. 

Geolocation in Action

Now that you understand the basic approach, here’s how it all works together at a high level.

When a geolocation service wants to triangulate an IP, it starts by pinging that IP address from a central server it owns, and then looking at the traceroute. From the traceroute, the service can identify the nearest network router to the user by IP, labeled point A on the diagram below. Then, using a reverse DNS lookup, the service can find out which ISP owns that router, and then query the location from public data, the ISP itself if the service has a business relationship in place, or failing that, triangulate the location with the process below.

In all likelihood, the geolocation service already knows the location of this network router, either by working with an ISP directly, or through previous triangulation efforts. With that location in hand, the geolocation service hands off the triangulation process to servers closest to that network router, of which it also knows the exact geographic location. Now, the service sends a ping from at least three of its own separate servers (1, 2, 3), and records the time it takes to reach the user. Only time can be recorded from a ping, not distance, but using time as a radius, the geolocation service can draw a circle around each server, and know that the target location must exist at some point on the arc.

With three separate locations, the target location should exist at the one point where all the arcs meet, which also gives the service the exact vector to the target from each server. And, since information runs through fiber optic cable at a known, constant speed (about 2/3 the speed of light), the service can now translate that time into a distance, and with the vector and a known server location, calculate the exact location of the target, within a certain margin of error, depending on the exact method used, and how many points of triangulation are employed. Currently, the most advanced geolocation triangulation methods employ as many as 36 points to eliminate problem data and increase accuracy, and can accurately map an IP address within 700m….

Network Maps & WHOIS Lookups

Using either piece of information, the ISP or the business domain, the geolocation service can further refine the geographic values of a given IP. Geolocation services may also work directly with ISPs to get the general physical location, when available of a given IP, since the ISP will know the exact address of the customer using that connection at any given time. It’s important to note that no PII [personally identifiable information] is exchanged in that process, a zip code is just mapped to the IP address, and not all ISPs participate, or may simply provide the location of the final network router instead of the end-user’s zip.

Some of the more sophisticated geolocation services may be able to deduce the physical location of an ISPs network routers, also known as the ISP’s network map, by pinging those routers from various servers with known geographic locations, measuring the time it takes to get a response, and using that information to triangulate the router.

Businesses may also have a specific address, available through a WHOIS lookup, which allows country, state, city, and zip to be assigned. The WHOIS directory is a public registry of who owns what domain, along with their name, and importantly, address. Through this information, geolocation services can get a better idea of the physical location of each machine….

Limitations of IP-Based Geolocation (May 21, 2012)

by Ben Kneen


Despite the complexity and scientific approach of IP based geolocation identification, there are well known limitations and inaccuracies with the current methodology. While geolocation data is usually extremely accurate down to the state or city level, as services demand more granular data, many of the current geolocation services start to break down. The loss in overall coverage is quite small, but accuracy can be another story.

Server Location vs. Machine Location

One of the more challenging aspects of IP based geolocation is that often times, geolocation services end up using the location of the server on which that IP is accessing the internet, not necessarily the location of the end user’s machine. So however impressive you may have found the diagram [above] on IP triangulation, the method may end up targeting the wrong location. The classic example of this…was AOL dial up service, which in its heyday represented a large share of internet users. AOL’s servers were all physically located near its headquarters in Virginia, so every IP address hosted by AOL was often shown to be located in Virginia, even though users were spread throughout the country. Today, this is much less of a problem because most consumers have a high speed connection serviced by a locally hosted ISP, but it exposed the problem in a big way at the time.

That said, local ISPs network routers, while usually quite close, are frequently in different zip codes, so while coverage remains high for most IPs at a granular level, accuracy can be less reliable. When researching this article from my location in New York City, most services were more than 7 miles off my actual physical location, perhaps a small difference in much of the country, but an enormous gulf in as dense an area as Manhattan. Every service however was correct about my location at a country, state, and city level….

Source Data Corruption

The WHOIS directly also has some notable downsides – registrants aren’t forced to keep their information current with their domain registrar, so the information can quickly lose accuracy as businesses move, open new locations, or even sell to a different owner.

QA Geotargeting with Proxy Servers

Finally, it is fairly simple to manipulate your IP address to seemingly change the location of your device online. Using a proxy server, for example, any user can fool geotargeting services with minimal effort. Proxy servers simply create a middleman in the network routing process, a sort of forced detour through a particular server in a particular location, which redirects the information to the end user in a separate process, which is kept hidden from the information provider. If you have access to a VPN service at your workplace, you are using one form of a proxy service….

The Future of Geotargeting is Hyperlocal (May 28, 2012)

by Ben Kneen


So called hyperlocal geotargeting, particularly on mobile platforms, is the real promise of geotargeting in the future. Hyperlocal is far more granular than just a zip code; it’s as specific as your exact location, within a 10 meter radius. If you own a smartphone, chances are you’ve already taken advantage of these systems to find a nearby restaurant, get directions while lost, or figure out the best mass transit route from one place to another. From a mobile perspective, many services and apps depend on hyper-accuracy to work correctly, though the information also provides a huge potential to innovate to the advertising community. For example, a company might run a campaign that serves a unique offer to someone if they are within a certain distance of their stores. While likely not all that scalable, it might be particularly appealing for local, brick and mortar businesses.

Hyperlocal Geotargeting Via GPS

Technically speaking, hyperlocal is also likely to be far more reliable than traditional geotargeting on the desktop because unlike the desktop, IP address won’t be the mechanism anymore, the device signal itself will. What does that mean exactly? In some cases, geotargeting will leverage a device’s GPS receiver in concert with a customized table of coordinate ranges to identify targetable impressions. Up until a few years ago, using GPS signals to deliver advertising would have been all but impossible due to the significant latency, up to 30 seconds for a so-called time to first fix (TTFF), which is when a location of the GPS satellite constellation (the physical location of the GPS satellites in orbit above the earth) is finally known and is a result of how often the GPS satellites broadcast a ping. While generally reliable, 30 seconds is an eternity to ad delivery systems, and hardly a realistic solution to deliver a timely message.

Today however, TTFF is usually only required for non-cellular devices, like standalone GPS systems. For things like smartphones, the GPS coordinates are determined by a process known as ‘assisted GPS’, which speeds up geolocation by referencing a saved copy of the satellite constellation locations known as an almanac. The almanac details the exact locations of every GPS satellite in orbit at regular intervals, as well as the health of the signal. Every day, the cell towers download a fresh copy of the almanac, so instead of needing to acquire a first fix, your smartphone can simply rely on the cell towers to acquire its GPS coordinates in no time at all.

Hyperlocal Geotargeting via Triangulation

In addition to GPS, one concept gaining traction is the notion of signal triangulation by a dedicated 3rd party. The idea here is that every mobile device has an antenna that not only broadcasts a signal but recognizes other wireless signals like Wi-Fi routers and cell phone towers in addition to the GPS satellite signals. Now, if someone were to read those signals off the device, could identify those other devices, and also knew the physical location of each device, they could use that information to triangulate the mobile device’s exact location, all with incredible accuracy.

If that sounds like science fiction, take a moment to familiarize yourself with a company called Skyhook Wireless, which is doing just that, and has been for years. They already have millions of wireless signals mapped for virtually every street in the country, and have a response time that is a fraction of GPS, around 1 second….Google and Microsoft for their part have opted to build their own systems that work on a similar process of triangulating user location based on Wi-Fi signals. In many ways, the future is now!

Hyperlocal Desktop?

Outside of mobile, there’s a similar thread of innovation happening on the desktop side, though it isn’t nearly as advanced, and still relies on IP address since many desktop systems are directly cabled to their networks and don’t broadcast or receive a wireless signal. Just this year, computer scientist Yong Wang demonstrated that by using a multi-layered technique combining ping triangulation and traceroutes with the locations of well-known web landmarks like universities and government offices that locally host their services and publically provide their physical addresses, he could accurately map an IP address within 700m versus the 34km that traditional traceroute triangulation produces. While this method isn’t in production as of yet, it could be soon, since Wang’s process is quite similar to the existing methodology, but at a much higher frequency.


As the article suggests, your cellphone can disclose your location information with third parties in numerous ways: it’s constantly pinging cellphone towers; it may be trying to establish Wi-Fi connections; and if you’re connected to the Internet, it will have an IP address. You’ve probably heard stories of lost hikers rescued because of cellphone tower triangulation. But did you know that offline retailers, using Wi-Fi pinging, can trace your footsteps as you walk through their stores? Stephanie Clifford & Quentin Hardy, Attention, Shoppers: Store Is Tracking Your Cell, N.Y. Times, July 14, 2013.

Bypassing Geographic Restrictions. The article references “proxy servers,” sometimes also called “VPNs.” VPN services allow users to “rent” an IP address from them. Using such services can allow a user to appear to third party websites as if they are coming from a different country than the user’s actual country. For example, if the BBC tries to restrict its online content only to viewers in the United Kingdom, people in other countries can rent an IP address from a UK-based VPN service and gain access BBC’s content by appearing to be located in the UK.

Geofencing. “Geofencing” means to restrict the availability of an online service to a specific physical location. Some mobile apps use it extensively. For example, the now-defunct app Yik Yak used geofencing to allow participation in a college’s network only by people physically on campus (or very close by).

How Accurate Does IP Address Analysis Need to Be? AF Holdings v. Does 1-1058, 752 F.3d 990 (D.C. Cir. 2014):

AF Holdings’s discovery demands were overbroad because it made no attempt to limit its inquiry to those subscribers who might actually be located in the District. It could have easily done so using what are known as geolocation services, which enable anyone to estimate the location of Internet users based on their IP addresses. Such services cost very little or are even free. See Amicus Br. of Electronic Frontier Foundation, et al. 24 (observing that “Neustar IP Intelligence . . . provides on-demand geolocation services for $8 per 1,000 addresses); see also http://freegeoip.net (last visited May 22, 2014) (providing this service for free). While perhaps not precise enough to identify an Internet user’s street address, these services “can be accurate”—certainly sufficiently accurate to provide at least some basis for determining whether a particular subscriber might live in the District of Columbia rather than, say, Oregon.

Does the increasing availability and accuracy of geolocation technology make it more likely that regulators will compel its usage? See Marketa Trimble, To Geoblock, or Not To Geoblock – Is That Still a Question?, Tech. & Marketing L. Blog, May 9, 2017,

Geographic Reidentification. Here is a fairly standard example of how law enforcement can use online databases to figure out the location, and ultimately the identity, of criminal suspects:

On November 10, 2014, Detective William Arnold, Jr. of the Junction City Police Department received a tip from the Wichita Police Department. Tumblr—a website typically used to post image blogs—reported to the Wichita Police Department that an account titled “dadydaughtertimes” uploaded an image suspected to be child pornography. Tumblr disabled the account and reported the IP address— i.e., the internet service provider's address, or the location to which the internet sends information—and the associated email address from which the image was uploaded.


Detective Arnold confirmed the image appeared to be child pornography. He researched the IP address and determined it was located in Junction City, Geary County, Kansas and was registered to Cox Communications. By researching the email address provided by Tumblr, Arnold discovered an associated account with Google Picasa—a cloud-based photo archive website—which displayed the name “Jimmy Henning.” Believing the name “Jimmy” to be a nickname for “James,” Arnold searched the Junction City Police Department internal database records and identified James Henning living at a residence on 12th Street in Junction City.

Detective Arnold also searched the IP address in the Child Protective System (CPS) database. He found the IP address was associated with a Globally Unique Identifier (GUID)—an internet-capable machine, such as a computer—for a period of time including October 11, 2014, which was the date of the last login to the Tumblr account. Therefore, he concluded that the IP address and GUID were connected on the same date as the last login of the Tumblr account that uploaded the child pornography image. Arnold identified two images of suspected child pornography associated with the GUID and IP address together. In addition, CPS records indicated the GUID had been in possession of 1,612 images of known or suspected child pornography and was associated with several other network or proxy IP addresses, which could indicate an attempt to hide online activity.

Detective Arnold drafted a probable cause affidavit, upon which the district court issued a search warrant to Cox Communications seeking account information—name, address, date of birth, and social security number—for the account assigned to the IP address on October 11, 2014. Cox Communication’s response revealed the account in question was registered to Mary Henning, who resided at the same address Arnold had previously identified as James Henning's residence. Arnold added the information received from Cox Communications to his probable cause affidavit in support of a search warrant for his residence on 12th Street, which was issued by the district court.

State v. Henning, 401 P.3d 185 (Kan. Ct. App. 2017). Why did Tumblr believe the IP address was located in the Wichita, Kansas area? This is not especially accurate; Wichita is over 110 miles from Junction City. What is the Child Protective System database, who has access to it, and how reliable is its information? Notice how law enforcement used the Tumblr email address to find a seemingly related account in Google Picasa that revealed the suspect’s real name. Do you find this encouraging, or disturbing, that law enforcement can gather clues to the suspect’s identity that easily? (To state the obvious, many criminals, especially those in the child pornography community, use email addresses that are not linked to any other accounts).


Go to http://www.maxmind.com/app/locate_my_ip. There, you will get your computer’s IP address and an estimate of your geographic location. How accurate is the estimate? For more fun, try playing around with the tools at http://www.dnsstuff.com/tools.

To get a sense of how much people’s lives can be reversed-engineered by tracking their phone’s location and combining it with publicly available information about their activities, see this visual representation of the life of German politician Malte Spitz: http://www.zeit.de/datenschutz/malte-spitz-data-retention.

  • 1

    In reaching this conclusion, the First Circuit in Carparts relied on the ADA’s more expansive definition of “place of public accommodation,” in particular its inclusion of a “travel service,” “insurance office,” and “other service establishments” as places of public accommodation. Focusing on these terms, the First Circuit concluded that “Congress clearly contemplated that ‘service establishments’ include providers of services which do not require a person to physically enter an actual physical structure,” and thus that the Title III of the ADA is not limited to “physical structures which person must enter to obtain goods and services.” Simply put, the Carparts court found it irrational to conclude that Title III of the ADA reaches those who enter an office to purchase insurance services, but not those who purchase them over the mail or by telephone. Notably, Title II of the Civil Rights Act does not include a “travel service,” “insurance office,” or “other service establishments” in its definition, making the relevance of Carparts and its progeny to Title II questionable, at best.

  • 2

    But see Doe v. Mutual of Omaha Ins. Co., 179 F.3d 557, 559 (7th Cir. 1999) (citing Carparts approvingly and stating, in dicta, that Title III of the ADA reaches “the owner or operator of a store, hotel, restaurant, dentist’s office, travel agency, theater, Web site, or other facility (whether in physical space or in electronic space)”) (emphasis added) (citation omitted).

  • 3 Editor’s note: I discourage my students from using the ambiguous term “Internet Service Provider,” which has multiple meanings. Usually, “ISP” is used as a synonym for the more precise term “Internet Access Providers” (IAPs), which is how Mr. Kneen uses it.
Showing only first chapter for book preview.