Menu

News

Amicus Brief Argues that Consumer Reporting Agency Is Not Legally Shielded from Fair Credit Reporting Act by Section 230 of the Communications Decency Act

  • North Carolina AG Josh Stein, the Consumer Financial Protection Bureau (“CFPB”), and the Federal Trade Commission (“FTC”) filed an amicus brief in the United States Court of Appeals for the Fourth Circuit in support of the consumer plaintiffs’ position in Henderson v. The Source for Public Data, L.P. (“Public Data”), No. 21-1678, that Section 230 of the Communications Decency Act (“CDA”) does not bar the application of the Fair Credit Reporting Act’s (“FCRA”) procedural requirements to the consumer reporting agency.
  • In their second amended complaint in the United States District Court for the Eastern District of Virginia, the plaintiffs alleged that Public Data, an online public-record provider, is a consumer reporting agency and that it violated the FCRA by including false and inaccurate criminal information in background check reports that it produced and offered for sales on its website. Public Data raised Section 230 of the CDA as a defense, arguing that it was entitled to Section 230 immunity as the publisher of third-party information.
  • In his opinion, Judge Hudson of the U.S. District Court for the Eastern District of Virginia agreed with Public Data, finding that the FCRA is not listed in the CDA’s list of statutory exemptions from immunity and that Public Data qualified for Section 230 immunity because it did not produce the content of the reports, but the information is derived from other content providers. Plaintiffs appealed.
  • The amicus brief argues, among other things, that Section 230 does not provide immunity to Public Data because the plaintiffs’ FCRA claims do not seek to hold Public Data liable on the basis of the inaccurate data itself but on the basis of Public Data’s failure to follow the process-oriented requirements that the FCRA imposes on consumer reporting agencies. In addition, the brief argues that the plaintiff’s claims sufficiently alleged that Public Data created and developed its reports, including by collecting, sorting, summarizing, and assembling public-records information, and that it was not merely the publisher or speaker of another person’s content.