Please E-mail suggested additions, comments and/or corrections to Kent@MoreLaw.Com.

Help support the publication of case reports on MoreLaw

Date: 06-25-2009

Case Style: Zango, Inc. v. Kaspersky Lab, Inc.

Case Number: 07-35800

Judge: Pamela Ann Rymer

Court: United States Court of Appeals for the Ninth Circuit on appeal from the Western District of Washington, King County

Plaintiff's Attorney: Mike Rosenberger, Gordon Tilden Thomas & Cordell LLP, Seattle, Washington, for the plaintiff-appellant.

Defendant's Attorney: Erik Belt, Bromberg & Sunstein LLP, Boston, Massachusetts, for the defendant-appellee.

Description: We must decide whether a distributor of Internet security software is entitled to immunity under the safe harbor provision of the Communications Decency Act of 1996, 47 U.S.C. § 230, from a suit claiming that its software interfered with the use of downloadable programs by customers of an online media company.

Zango, Inc. (Zango) is an Internet company that provides access to a catalog of online videos, games, music, tools, and utilities to consumers who agree to view advertisements while they browse the Internet. It brought this action against Kaspersky Lab, Inc., (Kaspersky) which distributes software that helps filter and block potentially malicious software, for improperly blocking Zango’s software. Kaspersky invoked the protection of § 230(c)(2)(B)1 for “good samaritan” blocking and screening of offensive material. The district court granted summary judgment in Kaspersky’s favor, holding that it is a provider of an “interactive computer service” entitled to immunity for actions taken to make available to others the technical means to restrict access to objectionable material. We agree, and affirm.


Zango has four downloadable software programs — “Zango,” “Seekmo,” “Hotbar,” and “Spam Blocker Utility.” Zango provides free access to its catalog if customers agree to download and install one of these programs, and to receive online ads that are displayed as they browse the Internet. It also offers a premium version of “Hotbar” and “Spam Blocker Utility” for which customers may pay if they wish to access Zango’s catalog without having to view advertisements.

Kaspersky is the U.S. distributor of Internet security software developed by Kaspersky Lab ZAO, which is based in Russia. Among Kaspersky’s products are “Kaspersky Internet Security” (KIS) and “Kaspersky Anti-Virus” (KAV). Its software helps filter and block unwanted malicious software, known as “malware,” that can compromise the security and functionality of a computer. Malware works by, for example, compromising a user’s privacy, damaging computer files, stealing identities, or spontaneously opening Internet links to unwanted websites, including pornography sites.

The Kaspersky software classifies Zango’s programs as adware, a type of malware. Once installed on a user’s computer, adware monitors a user’s Internet browsing habits and causes “pop-up ads” to appear on a computer screen while the user browses the Internet. Adware can also open links to websites and computer servers that host malware and expose users’ computers to infection, and can swamp a computer’s memory and slow down computer speed and performance.

For these reasons, pop-up ads and adware are unpopular among computer users, and consumers often install security software specifically to block adware.

The Kaspersky software detects malware that may be present in an e-mail, web page, or software program that a computer user is about to download. If the Kaspersky software determines that the download has characteristics that are consistent with malware, the software warns the user that the download contains possible malware. Theoretically (though this is contested), the user of the Kaspersky software then has the option whether to allow or reject the download of the potential malware-carrying program.

The Kaspersky software is designed to communicate via the Internet with online databases and update services that Kaspersky’s Russian affiliate operates in Moscow. The security software is designed to be updated regularly in order to keep malware definitions current, because new forms of malware are constantly being developed. A Kaspersky customer may configure the software to communicate automatically with these online update servers. Customers may also manually instruct their Kaspersky software to communicate with the online update server.

Zango alleges that KIS interferes with Zango customers’ concurrent use of the Zango software in two ways. First, KIS disables the “toolbar” feature of Zango’s software, which provides a bar positioned at the top of the user’s Internet browser page that displays links to relevant advertisers’ websites to users searching for data on a specific subject. Furthermore, Zango asserts, KIS does not actually permit Zango customers to consent to a Zango program’s ongoing operation. Zango avers that each time the Zango program attempts to access the Internet, KIS displays a warning that gives the computer user the option either to block the Zango program or “skip” the warning. However, while KIS’s warning includes an “apply to all” checkbox that presumably is meant to stop the repeated warnings if the user opts to “skip” and selects “apply to all,” Zango claims that the checkbox does not work. Consequently, a Zango user running KIS is forced to deal with constant warnings. According to Zango, the inevitable result is that a person using Zango and KIS concurrently gives up, thus permitting the Kaspersky software to block the Zango software.

Zango adds that individuals who were already running KIS and who sought to download Zango software were prevented from doing so by KIS. When a user attempted to download Zango software, KIS displayed a “Web Anti-Virus Warning” that advised the user to block the Zango download. The “Web Anti-Virus Warning” permitted the user to click “Allow” to override the warning and download the Zango program; however, once the user clicked “Allow,” a new “File Anti-Virus Warning” appeared, stating that the Zango software could not be disinfected and that “write access is denied.” Zango maintains that installation of Zango software was made impossible as a consequence.

Zango states that it has not experienced similar problems with market leaders in the anti-spyware industry such as McAfee, Norton (Symantec), and Webroot. Rather, Zango contends, these companies advise users of the presence of Zango’s programs and offer Zango customers the choice to ignore the advisory. Zango attributes the decline in the number of its customers between March 2007 and June 2007 to interference with Zango software by Kaspersky’s software and by other anti-spyware software that similarly blocks the operation of Zango programs.2

The degree of threat posed to users by Zango’s software is in dispute. Kaspersky contends that Zango’s software is adware, and possibly spyware. Spyware, which is often installed on a computer without the user’s knowledge or consent, covertly monitors the user’s activities and exposes the user to the risk that his or her passwords and confidential information may be stolen. Zango maintains that it installs its software only upon receiving user consent, and that it provides easy means of uninstalling Zango software from a user’s computer. For users of Microsoft’s Windows operating systems, these include a Zango icon in the system tray in the bottom right corner of a user’s computer screen, which leads to a link where users are informed how to uninstall Zango software, as well as “Uninstall Zango Instructions” available in the Start/programs menu.3

Zango initially brought this action in Washington state court, advancing claims for injunctive relief, tortious interference with contractual rights, violation of the Washington Consumer Protection Act, trade libel, and unjust enrichment. Kaspersky removed the case to federal court. The district court denied Zango’s request for a temporary restraining order, and Kaspersky subsequently filed a motion to dismiss under Fed. R. Civ. P. 12(b)(6), which the parties and the court treated as a motion summary judgment under Fed. R. Civ. P. 56. Summary judgment was granted on the ground that Kaspersky is entitled to immunity under § 230(c)(2)(B). Zango has timely appealed.4


The heart of Zango’s appeal is that Congress intended statutory immunity under § 230(c) to apply to Internet content providers, not to companies that provide filtering tools. We think the statute plainly immunizes from suit a provider of interactive computer services that makes available software that filters or screens material that the user or the provider deems objectionable.

[1] Section 230, which provides protection for private blocking and screening of offensive material, is part of the Communications Decency Act of 1996 (CDA), Pub. L. 104- 104. The CDA was enacted “to control the exposure of minors to indecent material” on the Internet. Batzel v. Smith, 333 F.3d 1018, 1026 (9th Cir. 2003). Section 230(c)(2)(B) provides:

(c) Protection for “good samaritan” blocking and screening of offensive material

. . .

(2) Civil Liability

No provider or user of an interactive computer service shall be held liable on account of —

. . .

(B) any action taken to enable or make available to information content providers or others the technical means to restrict access to the material described in paragraph (1). § 230(c)(2) & (c)(2)(B).

The material that can be blocked under the exemption includes “material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected[.]” § 230(c)(2)(A).5 The statute defines “interactive computer service” as “any information service, system, or access software provider that provides or enables computer access by multiple users to a computer server, including specifically a service or system that provides access to the Internet and such systems operated or services offered by libraries or educational institutions.” § 230(f)(2) (emphasis added).

“Access software provider” is defined in part as “a provider of software (including client or server software), or enabling tools that do any one or more of the following: (A) filter, screen, allow, or disallow content; (B) pick, choose, analyze, or digest content.” § 230(f)(4)(A), (B). [2] Thus, a provider of software or enabling tools that filter, screen, allow, or disallow content that the provider or user considers obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable may not be held liable for any action taken to make available the technical means to restrict access to that material, so long as the provider enables access by multiple users to a computer server.

[3] Going beyond the statute’s plain language, Zango relies on legislative history to show that Congress intended to grant immunity only to content providers. In particular, Zango points to the House Conference Report’s statement that “[o]ne of the specific purposes of [§ 230] is to overrule Stratton- Oakmont v. Prodigy and any other similar decisions which have treated [Internet service] providers and users as publishers or speakers of content that is not their own because they have restricted access to objectionable material.” H.R. Rep. No. 104-458, at 194 (1996) (Conf. Rep.). Stratton Oakmont v. Prodigy Services held that Prodigy, an Internet service provider that provided online bulletin boards, could be held responsible for libelous statements posted by others. 1995 WL 323710 (N.Y. Sup. Ct. May 24, 1995). From this, Zango infers that the good samaritan provision was intended only to protect information providers from liability they might otherwise have for defamatory or obscene content prepared by others. While certainly this was “one of the specific purposes” of § 230(c) and one of the protections it extended, the conference report goes on to make clear that good samaritan protections apply “to all access software providers, as defined in section 230(e)(5) [subsequently renumbered as section 230(f)(4)].” H.R. Rep. 104-458, at 194. And the definition of access software provider includes any “provider of software . . . or enabling tools that . . . filter, screen, allow, or disallow content.” Therefore, our reading of the text comports with the conferees’ expectations.6

[4] According protection to providers of programs that filter adware and malware is also consistent with the Congressional goals for immunity articulated in § 230 itself. Five policy objectives are identified. Of these, two read on the issues in this case: “to encourage the development of technologies which maximize user control over what information is received by individuals, families, and schools who use the Internet and other interactive computer services;” and “to remove disincentives for the development and utilization of blocking and filtering technologies that empower parents to restrict their children’s access to objectionable or inappropriate online material[.]” § 230(b)(3), (4). As more software is developed to block malware, users will be able to exercise more control over the content that is transmitted to their computers.

Thus, affording the safe harbor to providers of antimalware software aligns with the Congressional policy stated in § 230(b)(3). Malware may also expose users to objectionable content, including links to pornographic websites, or to software that can compromise the user’s privacy, computer security, or identity. Thus, the policy stated in § 230(b)(4), of removing disincentives for the development of software that filters out objectionable or inappropriate material, is served by a safe harbor for providers of malware-filtering software who otherwise fall within the terms of the statute.

[5] This is the first time we have considered this particular application of § 230, although we have previously addressed immunity under § 230(c)(1).7 See Barnes v. Yahoo!, Inc., 565 F.3d 560, 563-64 (9th Cir. 2009); Fair Housing Council v., LLC, 521 F.3d 1157, 1162 (9th Cir. 2008) (en banc); Carafano v., Inc., 339 F.3d 1119, 1122 (9th Cir. 2003); Batzel, 333 F.3d at 1030-31. Section 230(c)(1) is directly aimed at the problem created by the Stratton decision. Section 230(c)(2)(B), on the other hand, covers actions taken to enable or make available to others the technical means to restrict access to objectionable material. As we have discussed, the drafters’ purpose and the plainly articulated policies of the statute are served by applying 7Section 230(c)(1) states: “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.”

§ 230(c)(2)(B) to immunize the providers of blocking software. In sum, this case presents a different problem, and a statutory provision with a different aim, from ones we have encountered before.

Nevertheless, Zango reads Batzel to imply that the immunity in § 230(c)(2) was intended to reach website operators and Internet service providers who provide people with access to content, but not to companies that provide access to tools or mechanisms for filtering content. For this it relies on our remark in Batzel that § 230(c)(2) “insulates service providers from claims premised on the taking down of a customer’s posting such as breach of contract or unfair business practices.” 333 F.3d at 1030 n.14. Zango contends that Kaspersky does not maintain a service on which objectionable material may appear and so cannot “take down” a customer’s posting from its service; put differently, as Zango sees it, Kaspersky, which sells filtering software but does not provide access to content, was not an intended beneficiary of statutory immunity. We disagree that we meant to imply this in Batzel. As we recognized, § 230(c)(2) was “not relevant” to Batzel, and when we described how § 230(c)(2) “further encourages good samaritans” we obviously had in mind the circumstances at issue in that case. Id. Batzel involved a website and listserv, and potential immunity under § 230(c)(1). Id. at 1030-31. In that context, our comment about “the taking down of a customer’s posting” made sense. By contrast, this case involves providing the technical means for others to restrict access to material Kaspersky finds objectionable, which is a different problem with different potential immunity.


Kaspersky will receive protection under § 230(c)(2)(B) for civil liability so long as it is a “provider” or a “user” of “an interactive computer service.” No one has argued that Kaspersky is a “user.” In Zango’s view, Kaspersky is not a provider, either.

[6] We agree with the district court that Kaspersky is a “provider” of an “interactive computer service” under the plain terms of § 230(c). Kaspersky “provides” an interactive computer service because it is an “access software provider that provides or enables computer access by multiple users to a computer server.” § 230(f)(2). Kaspersky is an “access software provider” because, by providing anti-malware software, it “provide[s] software . . . or enabling tools that . . . filter, screen, allow, or disallow content.” § 230(f)(4), (f)(4)(A). And, under the literal provisions of § 230(f)(2), Kaspersky “provides or enables computer access by multiple users to a computer server” by providing its customers with online access to its update servers.

Zango argues that merely providing an online update feature does not satisfy § 230(f)(2)’s requirement that the interactive computer service “provide[ ] or enable[ ] computer access by multiple users to a computer server” because nearly every commercial software application has the capacity to be updated via the Internet. For this reason, it posits, updating capacity does not signify that the application itself is a service that enables access by multiple users to a server. Instead, Zango proposes a gloss on “interactive computer service” that would construe a computer service as “interactive” only if it enables people to access the Internet or access content found on the Internet. We decline to read the statute so narrowly. As written, § 230 does not limit the definition of “interactive computer service” to services that provide access to the Internet; rather, its singular requirement is for “access by multiple users to a computer server.” § 230(f)(2).

Zango further maintains that § 230(f)(2) requires Kaspersky to provide users (whom Zango would define as persons who volitionally seek access) with access to content that resides on a server. This argument is unavailing, for Kaspersky does provide users with access to the new malware definition content that is available on its servers. Nor does anything in the statute require users to seek access “volitionally”; § 230(f)(2) merely speaks of providing or enabling computer access “by multiple users to a computer server.” In any event, it is undisputed that Kaspersky users can manually, i.e., volitionally, access the Kaspersky servers for new malware definitions.

In addition, Zango questions whether the method by which Kaspersky updates itself matters at all, given that users could possibly be provided with updates by other means that would not be shielded by § 230(c)(2)(B), for example, by CD. While true, we do not see how the possibility that a similar service could be provided by unprotected means indicates that Kaspersky, which does provide updates that are via the Internet, falls outside the zone of protection.

[7] Neither does clothing Kaspersky with good samaritan protection open the door to immunity for any and all software providers that offer online updates, as Zango fears. The second requirement of § 230(c) in subparagraph (2)(B) cuts off that slippery slope. By its terms, to qualify for immunity, the interactive computer service must provide the technical means to restrict access to objectionable material. Thus, non-filtering programs such as word processors or video games would not be subject to good samaritan immunity. The universe is further limited by the definition of “interactive computer service,” which includes only “information service[s], system[s], or access software provider[s].” § 230(f)(2). As we have explained, the reason Kaspersky falls within the statutory definition of “access software provider” is that it is a provider of software that permits users to “filter, screen, allow, or disallow content.” § 230(f)(4)(A).


Zango argues that § 230(c)(2)(B) cannot apply for the additional reason that Kaspersky, rather than the customer, determines that Zango is malware such that it overrides the customer’s desire to use Zango. In this situation, Zango sub- mits, subparagraph (B), which extends immunity to Internet computer services that provide filtering tools to others, is not applicable.

To repeat, § 230(c)(2)(B) provides protection for “any action taken to enable or make available . . . the technical means to restrict access” to material covered by § 230(c)(2)(A). By providing its anti-malware software and malware definition update services, Kaspersky both enables and makes available the technical means to restrict access to malware. Users choose to purchase, install, and utilize the Kaspersky software. Regardless of whether Zango is correct in its allegation that Kaspersky does not provide users of Kaspersky products a choice to override the security software and download and use Zango, there is no question that Kaspersky has “made available” for its users the technical means to restrict access to items that Kaspersky has defined as malware. Therefore, Kaspersky satisfies the requirements of subsection (B) so long as the blocked items are objectionable material under § 230(c)(2)(A). Zango has waived any argument on appeal that Kaspersky does not consider Zango’s software to be “otherwise objectionable,” which is one of the specified statutory categories. See § 230(c)(2)(A), (B).8 Zango also suggests that § 230 was not meant to immunize business torts of the sort it presses. However, we have interpreted § 230 immunity to cover business torts. See Perfect 10, Inc. v. CCBill, LLC, 488 F.3d 1102, 1108, 1118-19 (9th Cir. 2007) (holding that CDA § 230 provided immunity from state unfair competition and false advertising actions). In any event, what § 230(c)(2)(B) does mean to do is to immunize any action taken to enable or make available to others the technical means to restrict access to objectionable material. If a Kaspersky user (who has bought and installed Kaspersky’s software to block malware) is unhappy with the Kaspersky software’s performance, he can uninstall Kaspersky and buy blocking software from another company that is less restrictive or more compatible with the user’s needs. Recourse to competition is consistent with the statute’s express policy of relying on the market for the development of interactive computer services. § 230(b)(1), (2).9


As Zango notes, the district court based its dismissal exclusively on subparagraph (B). Zango urges us not to affirm on the alternative basis of subparagraph (A), maintaining that a triable issue of fact exists as to Kaspersky’s good faith. However, we have no need to consider subparagraph (A) immunity because we agree with the district court’s disposition under subparagraph (B).

To the extent that Zango in reply raises a different issue — whether subparagraph (B), which has no good faith language, should be construed implicitly to have a good faith component like subparagraph (A) explicitly has — the argument is waived. See Eberle, 901 F.2d at 818. For present purposes, we note that subparagraph (B) comes with only one constraint: the protection afforded extends only to providers who “enable or make available to . . . others” the technical means to restrict access to material that either the user or the provider deems objectionable.10

* * *


Outcome: [8] The district court correctly held that Kaspersky is a provider of an “interactive computer service” as defined in the Communications Decency Act of 1996. We conclude that a provider of access tools that filter, screen, allow, or disallow content that the provider or user considers obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable is protected from liability by 47 U.S.C. § 230(c)(2)(B) for any action taken to make available to others the technical means to restrict access to that material. As its software qualifies, Kaspersky is entitled to good samaritan immunity. AFFIRMED.

Plaintiff's Experts:

Defendant's Experts:


Find a Lawyer


Find a Case