Raccolta, a fini di successiva vendita, di informazioni personali altrui: right of publicity e safe harbour ex 230 CDA

La corte distrettuale del Nord California, 16.08.2021, 21cv01418EMC , Cat Brooks e altri c. THOMSON REUTERS CORPORATION (poi, TR), decide la lite iniziata dai primi per raccolta e sucessiva vendita a terzi di loro dati personali.

Il colosso dell’informazione TR , data broker, raccoglieva e vendeva informazioni altrui a imprese interessate (si tratta della piattaforma CLEAR).

Precisamente: Thomson Reuters “aggregates both public and nonpublic information about millions of people” to create “detailed cradletograve dossiers on each person, including names, photographs, criminal history, relatives, associates, financial information, and employment information.” See Docket No. 11 (Compl.) ⁋ 2. Other than publicly available information on social networks, blogs, and even chat rooms, Thomson Reuters also pulls “information from thirdparty data brokers and law enforcement agencies that are not available to the general public, including live cell phone records, location data from billions of license plate detections, realtime booking information from thousands of facilities, and millions of historical arrest records and intake photos.”

1) Tra le vari causae petendi, considero il right of publicity.

La domanda è rigettata non tanto perchè non ricorra l’uso (come allegato da TR) , quanto perchè non ricorre l'<Appropriation of Plaintiffs’ Name or Likeness For A Commercial Advantage>: Although the publishing of Plaintiffs’ most private and intimate information for profit might be a gross invasion of their privacy, it is not a misappropriation of their name or likeness to advertise or promote a separate product or servic, p. 8.

2) safe harbour ex § 230 CDA, invocato da TR

Dei tre requisiti necessari (“(1) a provider or user of an interactive computer service (2) whom a plaintiff seeks to treat, under a state law cause of action, as a
publisher or speaker (3) of information provided by another information content
), TR non ha provato la ricorrenza del 2 e del 3.

Quanto al 2, la giurisprudenza insegna che <<a plaintiff seeks to treat an interactive computer service as a “publisher or speaker” under § 230(c)(1) only when it is asking that service to “review[], edit[], and decid[e] whether to publish or withdraw from publication thirdparty content.” Id. (quoting Barnes, 570 F.3d at 1102). Here, Plaintiffs are not seeking to hold Thomson Reuters liable “as the publisher or speaker” because they are not asking it to monitor thirdparty content; they are asking to moderate its own conten>>

Quanto al requisito 3, l’informazione non è fornita da terzi ma da TR: the “information” at issue herethe dossiers with Plaintiffs’ personal informationis not “provided by another information content provider.” 47 U.S.C. § 230(c)(1). In Roomates.com, the panel explained that § 230 was passed by Congress to “immunize[] providers of interactive computer services against liability arising from content created by third parties.” 521 F.3d at 1162 (emphasis added). The whole point was to allow those providers to “perform some editing on usergenerated content without thereby becoming liable for all defamatory or otherwise unlawful messages that they didn’t edit or delete. In other  words, Congress sought to immunize the removal of usergenerated content, not the creation of content.” Id. at 1163 (emphases added). Here, there is no usergenerated contentThomson Reuters generates all the dossiers with Plaintiffs’ personal information that is posted on the CLEAR platform. See Compl. ⁋⁋ 13. In other words, Thomson Reuter is the “information content provider” of the CLEAR dossiers because it is “responsible, in whole or in part, for the creation or development of” those dossiers. 47 U.S.C. § 230(f)(3). It is nothing like the paradigm of an interactive computer service that permits posting of content by third parties.