Section 230(c)(1) of the Communications Decency Act of 1996 (CDA) was enacted to facilitate the growth of the Internet, by immunizing Internet service providers (ISPs) from liability in connection with third party content that appeared on their “interactive computer service.” It states: “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” The benefit of immunizing ISPs from liability for third party content that violates widely shared social values or laws has been increasingly questioned—especially when that content promotes terrorism, sexual exploitation, or hate speech.

Recently, the U.S. Court of Appeals for the Second Circuit ruled that §230(c)(1) shielded Facebook from civil liability for claims brought under federal law by U.S. citizen victims, and their representatives, of certain terrorist attacks committed by Hamas in Israel. The plaintiffs contended that Facebook unlawfully provided Hamas, a U.S.-designated foreign terrorist organization, with a communications platform that enabled those attacks, particularly in connection with Facebook’s use of its famous algorithm to serve content to specific Facebook users.