Justia Communications Law Opinion Summaries

Verizon Communications Inc. provided mobile voice and data services to customers and, until 2019, operated a program that sold access to customer device-location data through third-party aggregators. These aggregators resold the data to various entities for uses such as call routing and roadside assistance. Verizon relied on contractual arrangements and an external auditor to ensure that customer consent was obtained before disclosing location data. In 2018, a news report revealed that a third party, Securus Technologies, enabled law enforcement to access customer location data without proper consent, exposing flaws in Verizon’s safeguards. Verizon subsequently terminated access for Securus and related entities, but continued the program for other providers for several months.Following the news report, the Federal Communications Commission (FCC) initiated an enforcement action, issuing a Notice of Apparent Liability and, after considering Verizon’s response, a forfeiture order. The FCC found that Verizon’s device-location data qualified as “customer proprietary network information” under § 222 of the Communications Act, and that Verizon failed to reasonably protect this information both before and after the Securus incident. The FCC imposed a $46.9 million penalty, calculated as 63 continuing violations—one for each third-party relationship that persisted after the breach was publicized—and included a 50% upward adjustment for egregious conduct. Verizon paid the penalty and petitioned the United States Court of Appeals for the Second Circuit for review.The United States Court of Appeals for the Second Circuit held that device-location data is protected under § 222, the FCC’s liability finding was not arbitrary or capricious, and the penalty did not exceed statutory limits. The court also found that Verizon’s Seventh Amendment right to a jury trial was not violated, as Verizon could have obtained a jury trial by declining to pay the penalty and contesting the forfeiture in federal district court. The petition for review was denied. View "Verizon Commc'ns Inc. v. Fed. Commc'ns Comm'n" on Justia Law

California enacted a law aimed at addressing concerns about minors’ addiction to social media by regulating how internet platforms provide personalized content to users under 18. The law restricts minors’ access to algorithmic feeds without parental consent, imposes default settings such as hiding like counts and requiring private accounts, and mandates future age-verification procedures. NetChoice, a trade association representing major internet companies, challenged the law on First Amendment grounds, arguing it unconstitutionally restricts both platforms’ and users’ speech, and that some provisions are unconstitutionally vague.The United States District Court for the Northern District of California granted a preliminary injunction against two provisions not at issue in this appeal, but otherwise denied NetChoice’s request for broader injunctive relief. The district court found that NetChoice lacked associational standing to challenge the personalized-feed restrictions as applied to its members, that the age-verification requirements were not ripe for review, and that the default settings provisions (including the like-count and private-mode requirements) were constitutional. The court also rejected NetChoice’s vagueness arguments and found that any unconstitutional provisions could be severed from the Act.On appeal, the United States Court of Appeals for the Ninth Circuit affirmed most of the district court’s rulings. The Ninth Circuit agreed that NetChoice lacked associational standing for as-applied challenges to the personalized-feed provisions and that the age-verification requirements were unripe. The court held that the private-mode default setting survived intermediate scrutiny, but found that the like-count default setting was a content-based restriction on speech and failed strict scrutiny. The court determined that the like-count provision was severable and ordered the district court to enjoin its enforcement, while affirming the denial of injunctive relief as to the other challenged provisions. View "NETCHOICE, LLC V. BONTA" on Justia Law

Capstone Studios Corp., a copyright holder, sought to identify 29 subscribers of CoxCom LLC, an Internet service provider, whose IP addresses were allegedly used to share pirated copies of Capstone’s movie via the BitTorrent peer-to-peer protocol. Capstone petitioned the clerk of the United States District Court for the District of Hawaii to issue a subpoena under § 512(h) of the Digital Millennium Copyright Act (DMCA) to compel Cox to disclose the subscribers’ identities. Cox notified its subscribers, and one, identified as “John Doe,” objected, claiming he had not downloaded the movie and that his Wi-Fi had been unsecured.A magistrate judge treated John Doe’s letter as a motion to quash the subpoena. The magistrate judge found that Cox’s involvement was limited to providing Internet access, qualifying it for the safe harbor under 17 U.S.C. § 512(a), which covers service providers acting solely as conduits for data transmission. The magistrate judge concluded that, as a matter of law, a § 512(h) subpoena cannot issue to a § 512(a) service provider. The district court adopted these findings and quashed the subpoena. Capstone’s motion for reconsideration was denied, and Capstone appealed.The United States Court of Appeals for the Ninth Circuit reviewed the case. It held that the DMCA does not permit a § 512(h) subpoena to issue to a service provider whose role is limited to that described in § 512(a), because such providers cannot remove or disable access to infringing content and thus cannot receive a valid notification under § 512(c)(3)(A), which is a prerequisite for a § 512(h) subpoena. The court also found no clear error in the district court’s factual finding that Cox acted only as a § 512(a) service provider. The Ninth Circuit affirmed the district court’s order quashing the subpoena. View "In re Subpoena Internet Subscribers of Cox Communications, LLC" on Justia Law

Sprint Corporation and T-Mobile USA, Inc., both wireless carriers, operated programs that sold customer location information (CLI) to third-party aggregators, who then resold the data to other service providers. Although the carriers’ contracts required these third parties to obtain customer consent before accessing CLI, in practice, the carriers did not verify compliance, and several third parties accessed the data without proper consent. After public reports revealed abuses—including unauthorized access by law enforcement and bounty hunters—the carriers terminated some third-party access but continued their programs for months without implementing effective new safeguards.The Federal Communications Commission (FCC) investigated and issued Notices of Apparent Liability (NALs) to both carriers, alleging violations of the Communications Act’s duty to protect the confidentiality of customer proprietary network information (CPNI), which includes CLI. The FCC found that the carriers’ reliance on contractual promises, without independent verification or effective monitoring, was unreasonable. The FCC also concluded that the carriers failed to promptly address their inadequate safeguards after learning of the breaches. The FCC assessed penalties totaling $92 million, calculating separate violations for each third-party relationship that allowed unauthorized access after the carriers were on notice of the problems.The United States Court of Appeals for the District of Columbia Circuit reviewed the carriers’ petitions challenging the FCC’s orders. The court held that CLI is CPNI under the Communications Act, that the carriers’ safeguards were inadequate, and that the FCC’s interpretation of the statute was the most natural reading, providing fair notice. The court also found the penalty calculations reasonable and rejected the carriers’ constitutional arguments, including their Seventh Amendment claim, because they had the statutory right to a jury trial but waived it by paying the penalties and seeking direct appellate review. The court denied the petitions for review. View "Sprint Corporation v. FCC" on Justia Law

Telecommunications industry groups and associations challenged a rule issued by the Federal Communications Commission (FCC) that imposed new data breach reporting requirements on telecommunications carriers and telecommunications relay service (TRS) providers. The rule expanded the definition of a reportable breach to include inadvertent disclosures of customer information and required notification to customers and government entities when breaches involved either customer proprietary network information (CPNI) or personally identifiable information (PII), such as names, Social Security numbers, and biometric data. The petitioners argued that the FCC exceeded its statutory authority and violated the Congressional Review Act (CRA) by issuing a rule they claimed was substantially the same as a prior rule Congress had disapproved.Previously, the FCC had issued a similar privacy rule in 2016, which Congress disapproved under the CRA in 2017, leading the FCC to revert to its earlier, narrower 2007 rules. In 2023, the FCC proposed and, after notice and comment, adopted the new 2024 rule. Multiple industry groups filed petitions for review in several circuit courts, which were consolidated in the United States Court of Appeals for the Sixth Circuit.The Sixth Circuit held that the FCC did not have authority under 47 U.S.C. § 222(a) to regulate PII, as that section’s text and structure did not encompass PII. However, the court found that 47 U.S.C. § 201(b) independently authorized the FCC to regulate unjust or unreasonable practices, including data breach notification requirements for PII, as such practices are directly connected to the provision of communication services. The court also held that the FCC had authority under 47 U.S.C. § 225 to apply these requirements to TRS providers. Addressing the CRA, the court concluded that the 2024 rule was not “substantially the same” as the disapproved 2016 rule and thus did not violate the CRA. The court denied the petitions for review, upholding the FCC’s 2024 rule. View "Ohio Telecom Association v. Federal Communications Commission" on Justia Law

A dispute arose between the National Association of Broadcasters (NAB) and the Federal Communications Commission (FCC) regarding a rule requiring broadcasters to disclose if any programming was paid for by a foreign governmental entity. The FCC's 2021 Rule mandated such disclosures and included specific diligence steps for broadcasters to follow. NAB challenged the rule, leading to a court decision that vacated part of the rule requiring broadcasters to search federal databases.The FCC then issued a revised rule in 2024, which retained the core disclosure requirements but modified the diligence steps. The new rule exempted commercial ads and political candidate ads from the disclosure requirement but included paid public service announcements (PSAs) and issue advertisements. NAB challenged the 2024 Rule, arguing it violated the Administrative Procedure Act (APA) and the First Amendment, and exceeded the FCC's statutory authority.The United States Court of Appeals for the District of Columbia Circuit reviewed the case. The court found that the 2024 Rule complied with the APA's notice-and-comment requirements and was neither arbitrary nor capricious. The court also held that the rule did not violate the First Amendment, as it was narrowly tailored to serve a significant governmental interest in preventing foreign influence in U.S. broadcasting. The court further determined that the FCC did not exceed its statutory authority with the reasonable diligence requirements, as the rule did not directly regulate lessees but required broadcasters to seek information from them.Ultimately, the court denied NAB's petition for review, upholding the FCC's 2024 Rule. View "National Association of Broadcasters v. FCC" on Justia Law

Two minor boys, referred to as John Doe 1 and John Doe 2, were coerced by a trafficker into producing pornographic content, which was later posted on Twitter. Despite reporting the content to Twitter, the platform did not immediately remove it, leading to significant views and retweets. The boys and their mother made multiple attempts to have the content removed, but Twitter only acted after being prompted by the Department of Homeland Security.The United States District Court for the Northern District of California dismissed the plaintiffs' complaint, primarily based on the immunity provided under § 230 of the Communications Decency Act of 1996. The court found that Twitter was immune from liability for most of the claims, including those under the Trafficking Victims Protection Reauthorization Act (TVPRA) and California product-defect claims, as these claims treated Twitter as a publisher of third-party content.The United States Court of Appeals for the Ninth Circuit reviewed the case. The court held that Twitter is immune from liability under § 230 for the TVPRA claim and the California product-defect claim related to the failure to remove posts and the creation of search features that amplify child-pornography posts. However, the court found that the plaintiffs' claims for negligence per se and their product-liability theory based on defective reporting-infrastructure design are not barred by § 230 immunity, as these claims do not arise from Twitter's role as a publisher. Consequently, the court affirmed the dismissal of the TVPRA and certain product-defect claims, reversed the dismissal of the negligence per se and defective reporting-infrastructure design claims, and remanded the case for further proceedings. View "DOE 1 V. TWITTER, INC." on Justia Law

Plaintiffs, including Eugene Volokh and two social media companies, challenged New York's Hateful Conduct Law, which mandates social media networks to provide mechanisms for reporting hateful conduct and to disclose policies on how they address such reports. The law defines hateful conduct as speech that vilifies, humiliates, or incites violence against groups based on protected characteristics. Plaintiffs argued that these requirements compel speech and chill protected speech, violating the First Amendment.The United States District Court for the Southern District of New York granted a preliminary injunction, halting the law's enforcement. The court found that the law likely violates the First Amendment by compelling social media networks to engage in speech and by being overly broad and vague, thus chilling users' speech.The United States Court of Appeals for the Second Circuit reviewed the case. The court noted that the constitutionality of the Hateful Conduct Law hinges on its interpretation. If the law requires social media networks to adopt the state's definition of hateful conduct, it would be subject to strict scrutiny and likely fail. However, if the law merely requires disclosure of any content moderation policy without specific reference to the state's definition, it might survive under the more relaxed Zauderer standard.The Second Circuit deferred its decision and certified three questions to the New York Court of Appeals: whether the law requires explicit reference to the state's definition of hateful conduct in social media policies, whether the reporting mechanism must specifically address hateful conduct, and whether social media networks must respond to reports of hateful conduct. The answers to these questions will determine the law's constitutionality. View "Volokh v. James" on Justia Law

A group of television and radio broadcasters challenged the Federal Communications Commission's (FCC) 2023 Order, which retained all existing media ownership rules and tightened one of them following the 2018 Quadrennial Review. The broadcasters argued that the FCC erred by defining the relevant video and audio markets too narrowly, retaining all parts of the radio and television ownership rules, and tightening Note 11 of the television ownership rule.The FCC's 2023 Order was issued after the 2018 Quadrennial Review, which included a notice of proposed rulemaking and a public comment period. The FCC retained the Local Radio Ownership Rule and the Local Television Ownership Rule, defining the markets narrowly to exclude non-broadcast sources. The FCC justified its decision by emphasizing the unique aspects of broadcast sources and the need to prevent excessive consolidation. The FCC also modified Note 11 to prevent circumvention of the Top-Four Prohibition by including low-power TV stations and multicast streams.The United States Court of Appeals for the Eighth Circuit reviewed the case. The court found that the FCC acted arbitrarily and capriciously in retaining the Top-Four Prohibition part of the television ownership rule and improperly tightened Note 11. The court vacated and remanded the Top-Four Prohibition and the amendment to Note 11 but withheld the issuance of the mandate for 90 days to allow the FCC an opportunity to provide adequate justification. The court denied the remainder of the petition, upholding the FCC's market definitions and retention of the Local Radio Ownership Rule and the Two-Station Limit. View "Zimmer Radio of Mid-Missouri, Inc. v. Federal Communications Commission" on Justia Law

A Virginia statute established procedures for internet broadband service providers to access railroad property and lay cable across tracks. The Association of American Railroads (AAR) challenged the statute, arguing it was preempted by federal law and violated the Takings Clause of the U.S. Constitution. The district court dismissed the case, ruling that AAR lacked standing to bring the claims because they required the participation of individual member railroads.The United States District Court for the Eastern District of Virginia held that AAR lacked associational standing for both its preemption and Takings Clause claims. The court found that the preemption claim required a fact-intensive inquiry into whether the statute unreasonably burdened rail transportation, necessitating individual member participation. Similarly, the Takings Clause claim required individualized proof of inadequate compensation for each crossing, which also required member participation.The United States Court of Appeals for the Fourth Circuit reviewed the case. The court held that AAR had standing to pursue its preemption claims, as these could be litigated without the participation of individual members. The court reasoned that the preemption claims involved general judgments about the statute's nature and operation, not specific operations of individual railroads. However, the court affirmed the district court's ruling on the Takings Clause claim, agreeing that it required individualized proof of compensation for each crossing, necessitating member participation.The Fourth Circuit thus affirmed the district court's judgment in part, reversed it in part, and remanded the case for further proceedings consistent with its opinion. View "Association of American Railroads v. Hudson" on Justia Law