SAfe harbour ex § 230 CDa per danni da database informativo su privati messo in vendita?

Dice di no l’appello del 4 circuito n. 21-1678, TYRONE HENDERSON, SR e altri c. THE SOURCE FOR PUBLIC DATA, L.P. (dal distretto est della Virginia)

Attività dei convenuti:

<< Public Data’s business is providing third parties with information about individuals.
Plaintiffs allege that it involves four steps.
First, Public Data acquires public records, such as criminal and civil records, voting
records, driving information, and professional licensing. These records come from various
local, state, and federal authorities (and other businesses that have already collected those
records).
Second, Public Data “parses” the collected information and puts it into a proprietary
format. This can include taking steps to “reformat and alter” the raw documents, putting
them “into a layout or presentation [Public Data] believe[s] is more user-friendly.” J.A.
16. For criminal records, Public Data “distill[s]” the data subject’s criminal history into
“glib statements,” “strip[s] out or suppress[es] all identifying information relating to the
charges,” and then “replace[s] this information with [its] own internally created summaries
of the charges, bereft of any detail.” J.A. 30.
Third, Public Data creates a database of all this information which it then
“publishes” on the website PublicData.com. Public Data does not look for or fix
inaccuracies in the database, and the website disclaims any responsibility for inaccurate
information. Public Data also does not respond to requests to correct or remove inaccurate
information from the database.
Fourth, Public Data sells access to the database, “disbursing [the] information . . .
for the purpose of furnishing consumer reports to third parties.” J.A. 19. All things told,
Plaintiffs allege that Public Data sells 50 million consumer searches and reports per year.
Public Data knows that traffic includes some buyers using its data and reports to check
creditworthiness and some performing background checks for employment pURPOSE
>>

La domanda di danno è basata su violazioni di alcune disposizioni del Fair Credit Reporting Act (“FCRA”), anche  ma non    solo di tipo data protection.

L’invocazione del safe harbout è rigettata su due dei tre requisiti di legge.

RAvvisata la qualità di  internet provider, è però negato sia (per alcuni claims)  che venisse trattaato come publisher o speaker sia (per altri claims) che le infomazioni fossero di terzi.

Analisi dettagliata ma forse nell’esito poco condivisibile.

Le informazioni erano pur sempre tutte di terzi, solo che il convenuto le formattava in modalità più fruibili ai propri scopi (magari con qualche omissione …)-

Soprattutto, dir che non erano trattati come puiblisher/speaker è dubbio.

 

(notizia e link alla sentenza dal blog del prof. Eric Goldman)