Ninth Circuit Holds CDA Immunity Does Not Extend to Anti-Competitive Conduct

A recent decision by the Ninth Circuit, Enigma Software Grp. USA, LLC v. Malwarebytes, Inc. (9th Cir. 2019), holds that immunity under the Communications Decency Act (CDA) does not extend to claims of anti-competitive conduct by a software manufacturer.

The parties to the case are competitors in the market for software used by parents to protect minors from undesirable online content, such as pornography, violence and “otherwise objectionable conduct.”

Malwarebytes allegedly programmed its software to flag Enigma’s software products as “Potentially Unwanted Programs” or PUPs. Enigma sued for false advertising under the Lanham Act and three state-law theories.

The district court held that these claims were protected by the CDA’s immunity for providers of means to block objectionable conduct, codified at 47 USC § 230(c)(2). But the Ninth Circuit reversed, holding that the immunity did not reach blocking of content done for anti-competitive purposes, as the complaint alleged.

The Enigma Software decision is important in that it shows the limits of the immunities contained in the CDA.


Congress passed the Communications Decency Act in 1996 to regulate online content.

Among other things, Section 230(c)(2) provides that “[n]o provider or user of an interactive computer service shall be held liable on account of any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected.”

The intent was to allow websites and other hosts to screen out objectionable content, without incurring liability for what remains, such as defamation and other torts.

In a prior opinion, the Ninth Circuit had held that this immunity establishes a “subjective standard” whereby internet users and software providers decide what online material is objectionable. See Zango Inc. v. Kaspersky Labs, Inc., 568 F.3d 1169 (9th Cir. 2009).

In Enigma Software, Enigma alleged that its competitor, Malwarebytes, had programmed its software to flag content that included Enigma’s software products as “Potentially Unwanted Programs,” but that such was not motivated by how objectionable the content was (it was not violent or pornographic), but simply as an anti-competitive measure. Relying on Zango, the district court dismissed the complaint, holding that the CDA immunity applied.

The Ninth Circuit reversed, holding that the catchall phrase “or otherwise objectionable” did not stretch so far as to include anti-competitive motivations. (The Ninth Circuit, however, refused to construe the extent of that term.) Thus, Enigma’s one federal Lanham Act claim, and three state law tort claims, could proceed.

The Ninth Circuit did reject one argument by Enigma. The CDA contains a carveout from immunity for intellectual property claims. That did not extend, the Ninth Circuit held, to false advertising claims under the Lanham Act. Although the Lanham Act mainly deals with trademarks, a form of intellectual property, false advertising, also covered by the Lanham Act, is not included. Nevertheless, Engima’s Lanham Act claims could proceed for the same reason its state law claims could – because the CDA immunity does not cover removal of “otherwise objectionable” content for anti-competitive purposes.

Not discussed in Enigma Software is another immunity provided for in the same portion of the CDA, which provides that “[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” 47 USC § 230(c)(1).

This is intended to immunize websites and other hosts of third-party content from defamation and similar tort liability based on allowing some, but not, all content. One can expect future cases to try to limit that immunity as well.

The CDA provides broad immunity for certain actors, which Congress granted to encourage policing of the internet from negative content. But the Ninth Circuit’s decision in Enigma Software indicates a willingness by courts to limit that immunity if it is perceived to be abused, such as to engage in false advertising or other forms of unfair competition. How far that limitation will go remains to be seen in future case decisions.

Although the issue in Engima Software concerned distribution of blocking software, a closely related CDA immunity has often been invoked by websites and other hosts of third-party content. That immunity allows websites to remove or retain content without fear of liability. But the new decisions suggest that there are limits to how far the courts will allow these immunities to apply.