230 protects anti-malware vendor against noncompetitors

Asurvio LP v. Malwarebytes Inc., No. 5:18-cv-05409-EJD, 2020 WL 1478345 (N.D. Cal. Mar. 26, 2020)

Despite unfavorable precedent, Malwarebytes secures dismissal of this Lanham Act false advertising (and common law disparagement/tortious interference/unfair competition/ violation of the Texas Theft Liability Act (TTLA)) case against its designation of software as malware or as a “potentially unwanted product” (PUP) on CDA §230 and other grounds.

According to the complaint, “Asurvio provides premium full-service technical support services to consumers.” Asurvio’s services include: “(i) software solutions that work in real time in the background of the operating system to optimize processing and locate and install all missing and outdated software drivers; and (ii) technical support services for the removal of Spyware and Malware and all other facets of personal computer use.” Asurvio’s software executes “fixes” including driver updates and provides the consumer access to telephone-based human assisted technical support.

In 2016, Malwarebytes categorized Asurvio’s DRIVER SUPPORT and DRIVER DETECTIVE software with a negative PUP rating and labeled it a security risk. “Asurvio’s customers who also used Malwarebytes received regular warnings from Malwarebytes that all folders of Asurvio’s software were ‘threats’ quarantined on their computers that should be uninstalled.” Asurvio tried to convince Malwarebytes that it complied with industry leading standards and requirements, including the Clean Software Alliance Guidelines, Microsoft and Google’s standards and other anti-malware vendor certifications by McAfee and Symantec, but Malwarebytes refused to delist the software as a PUP and referred Asurvio to AppEsteem for third party certification; when Asurvio secured that, Malwarebytes delisted its products.

In 2017, Asurvio began listing its technical support services in its boilerplate terms and conditions, including technical support for removing Spyware/Malware. Id. In 2018, Asurvio learned that Malwarebytes had relisted Asurvio’s products as PUPs and was barring customers from Asurvio’s websites.

Asurvio alleged that a Malwarebytes staff member identified as “Metallica” posted “Removal instructions for Driver Support” on Malwarebytes’ message board forum. The post stated that Asurvio’s DRIVER SUPPORT product uses “intentional false positives” and advised consumers that the best way to uninstall DRIVER SUPPORT is to use Malwarebytes’ software. Malwarebytes blog “moderators” identified as “Porthos” and “exile360” described DRIVER SUPPORT as “a bogus program” and “unnecessary snake oil with no real utility” that typically does more harm than good. A Malwarebytes blog “moderator” posted that “Driver Updates” (allegedly a generic term to describe Asurvio’s services) are a “pure scam,” a “useless product” and “can damage your system to the point where a reinstall of Windows will be needed.” Asurvio alleged similar statements on a different website by a person who allegedly received “monetary or in-kind benefits from Malwarebytes for each sales lead or software download generated from his post.”

And Malwarebytes allegedly wrongfully profited from the use of Asurvio’s products by redirecting clicks from Asurvio’s website to Malwarebytes’ website. “When a Malwarebytes free version software user opens a search engine in his own web browser and searches for DRIVER SUPPORT or ACTIVE OPTIMIZATION, Asurvio’s ads or website links will prominently appear in the search engine results. However, instead of going directly to Asurvio’s official website when clicking these links, it redirects consumers to the Malwarebytes website for the purpose of executing a Malwarebytes sale.”  This was the specific basis of the TTLA claim, which provides in pertinent part that an actor commits “theft of service” when, “having control over the disposition of services of another to which the actor is not entitled, the actor intentionally or knowingly diverts the other’s services to the actor’s own benefit or to the benefit of another not entitled to the services.”

  

§230(c)(2)(B) immunity applied to most of the conduct, including the redirection of consumers from Asurvio’s website.  (A previous order in the case explained that the redirect page notifies the user that Malwarebytes blocked driversupport.com “due to PUP.” It also informs the user: “Learn about PUP. If you don’t want to block this website, you can exclude it from website protection by accessing Exclusions.” This was a type of “action” that enables or makes available to others the “technical means” to restrict access to statutorily defined objectionable material. The court commented: “The statute does not contain qualifiers, conditions, or exceptions for ‘actions’ that have the secondary effect of depriving PC Drivers of the benefits of the page-click advertising it purchased from a third party.”)

Although Enigma Software Group USA, LLC v. Malwarebytes, Inc., 946 F.3d 1040 (9th Cir. 2019), held that (c)(2)(B) didn’t apply to “blocking a competitor’s program for anticompetitive reasons,” the parties here aren’t direct competitors. Each software security provider “generates its own criteria to determine what software might threaten users.” Asurvio, by contrast, didn’t sell malware detection software designed to scan a computer and report PUPs. Rather, Asurvio sells driver update software that doesn’t provide provide any anti-spyware or anti-malware functionality as Malwarebytes does. Its “technical support services for the removal of Spyware and Malware,” disclosed only in fine print, was “a secondary value added service … limited to removal of Spyware and Malware,” which was “significantly dissimilar from computer security software like Malwarebytes’ that once installed, automatically identifies and blocks Spyware and Malware.”  It was not direct competition merely because both parties offer software services “to assist in the overall performance of individual computers” and both sell to “self-help” computer users. Such a broad reading of competition would “render the statutory immunity meaningless.” Thus, all claims based on filtering were dismissed without leave to amend.

Comment: one of the original issues with the 9th Circuit's opinion in Enigma is that the source of the "anticompetitive" exclusion is not evidently grounded in any principle of law. Neither antitrust nor false advertising--the two best candidates for such a principle I can see--limit their protections to direct competitors. This case highlights the fact that Enigma invented a new exclusion and now we have to figure out what that means.

As for the other challenged statements, §230(c)(1) applied to the postings on its online forum. Asurvio failed to plead facts showing that “Porthos” and “exile360” were forum “moderators,” much less any facts showing they had any express or implied authority to speak on Malwarebytes’ behalf. The fact that the forum identifies “Porthos” as a “Trusted Advisor” and “exile360” as an “Expert” weren’t enough; the mere possibility that Malwarebytes made these designations didn’t support a plausible inference that Malwarebytes was responsible for the “Trusted Advisor” and “Expert” designations, and further that Malwarebytes is responsible for the content of the posts made by “Porthos” and “exile360.”

Even without immunity, the complaint failed to state a claim. The allegedly false and disparaging statements (e.g. that Asurvio’s products are PUPS, use “false positives,” are “bogus,” a “scam,” and “snake oil”) weren’t pled to be objectively verifiable as opposed to non-actionable opinion.  Tortious interference claims failed to allege facts showing that Malwarebytes willfully and intentionally interfered with a specific contractual obligation. Instead, the complaint alleged that Malwarebytes instructs computer users to choose whether to continue using Asurvio’s products.