contract, 230, and lack of specificity defeat "chat scam" claims against OnlyFans

N.Z. v. Fenix Int’l Ltd., 2026 WL 1425183, No. 8:24-cv-01655-FWS-SSC (C.D. Cal. May 19, 2026)

Plaintiffs sued OnlyFans (Fenix) and other entities who manage OnlyFans models based on allegations that they concealed the fact that plaintiffs weren’t authentically chatting with OnlyFans models, despite the centrality of the promise of authentic personal interaction to OnlyFans. One of OnlyFans’ “Core Values” is the following: “Giving creators control to own and monetize their content and to foster authentic relationships with their followers and fanbase.” Also, OnlyFans urges Fans to subscribe to specific Creators using the following language: “SUBSCRIBE AND GET THESE BENEFITS: Full access to this user’s content [/] Direct message with this user [/] Cancel your subscription at any time.”

The agency defendants allegedly “sell their services to OnlyFans Creators with promises that they can increase a Creator’s revenue exponentially—without the Creator ever having to actually do what OnlyFans promises: ‘directly connect’ with Fans.” They allegedly “contract with ‘Chatters’ to conduct most, if not all, of the communications between the Creators and the Fans. Without the Fans’ knowledge, the Chatters impersonate the Creators when direct messaging with Fans.” “Agencies even provide Chatters with actual ‘scripts’ similar to those used by telemarketers and call center employees, which give Chatters a specific workflow to follow in order to maximize the amount of money extracted from any given Fan.”

In recent years, agencies have allegedly developed specialized tools to facilitate the use of a single OnlyFans account by a team of Chatters. Further alleged: “OnlyFans is either aware of, or intentionally ignorant to, the use of CRM software on its platform—not least because its use violates OnlyFans’ Terms of Service—but chooses to do nothing to prevent the use of this software because of the increased revenues that CRM software facilitates.” And: “OnlyFans knew, and should have known, that its Creators were using Chatters to engage with Fans— including based on the revenue being generated by those Creators; the number of direct messages with Fans; the number of different login sessions to a given Creator’s account, often from many different locations and IP addresses; and the number of Fan complaints (which OnlyFans ignored).” As a result, they alleged, “the ‘Chatter Scams’ involve massive breaches of confidentiality and privacy violations in which intimate communications and private and/or personal information about Fans—including photos and videos—are distributed and/or accessible to numerous unauthorized parties.”

Plaintiffs sought to assert various claims against OnlyFans and the agencies, including RICO, VPPA, breach of contract, fraud, and California UCL/FAL claims.

§ 230: The VPPA and RICO claims against OnlyFans were barred because they sought to hold OnlyFans liable solely for facilitating, or failing to moderate, communications through the OnlyFans platform. (The other RICO claims failed because they were RICO claims.)

However, the breach of contract claim depended on claims of breach of  a contractual promise that OnlyFans “will use reasonable care and skill in providing OnlyFans” by collecting “data sufficient to identify Chatter-operated accounts—including multiple simultaneous logins from disparate geographic locations—and failed to act on this information.” That wasn’t seeking to hold OnlyFans liable solely for facilitating communications but rather to require it to ensure the users are operating OnlyFans properly and that OnlyFans acts on the simultaneous logins. (Eric Goldman will hate that!)

And, to the extent that misrepresentation claims were based on OnlyFans’ own representations that users can “ ‘direct message’ ..., chat ‘1 on 1’ ..., and build ‘genuine’ and ‘authentic’ connections” with Creators, those weren’t barred. The claims wouldn’t require OnlyFans to monitor third-party communications to avoid liability. (But the breach of contract claim would!) Anyway, although “content moderation [may be] one possible solution” for OnlyFans to fulfill its alleged duties, “the underlying duty being invoked by the Plaintiffs … is the promise” or representation itself.

VPPA: The VPPA provides that “[a] video tape service provider who knowingly discloses, to any person, personally identifiable information concerning any consumer of such provider shall be liable to the aggrieved person.” The Ninth Circuit has adopted the ordinary person standard to determine what constitutes PII, holding that “personally identifiable information means only that information that would readily permit an ordinary person to identify a specific individual’s video-watching behavior.” Under the TOS, plaintiffs agreed and acknowledged that their “[c]ontent may be viewed by individuals that recognise [their] identity” and that OnlyFans is “not in any way ... responsible” if Plaintiffs “are identified from [their] Content.” And plaintiffs failed to sufficiently allege OnlyFans’ knowledge.

However, they sufficiently pled that the agency defendants knowingly disclosed PII: they alleged that they shared personal information in chats with Creators, including their full legal name and photos of their face, and that the Chatter Scams function by “creating a communication history viewable by Chatters” which consists of “intimate knowledge of the Fan’s personal information, conversation history, and preferences,” and most importantly, “the specific content that they requested and/or viewed.” The agency defendants allegedly disclosed PII from Fans to Chatters by sharing login information or via CRM software.

Under the VPPA, “A video tape service provider may disclose personally identifiable information concerning any consumer ... to any person if the disclosure is incident to the ordinary course of business of the video tape service provider.” At this stage, that exclusion didn’t require dismissal.

Breach of contract: the statement “ ‘Direct message with this user [Creator]’ ” wasn’t part of the TOS, which contained an integration clause stating that users have “[n]o implied licenses or other rights are granted to [them] in relation to any part of OnlyFans, save as expressly set out in the Terms of Service” and that the TOS “form the entire agreement between [Fenix International] and [the user] regarding [the user’s] access to and use of OnlyFans,” and “govern [Plaintiffs’] use of OnlyFans.”

Failure to provide the platform with reasonable care and skill: It wasn’t enough to allege that OnlyFans allowed management agencies to use Chatters to impersonate Creators because this theory of liability imposed a monitoring obligation on Fenix Defendants. Nor was merely designing and providing tools for OnlyFans users sufficient to allege a breach; plaintiffs didn’t allege how tools such as Fan spending analytics and “inter-shift notes features” enable, or were specifically designed for, the Chatter Scam.

Implied covenant of good faith and fair dealing: Failed because plaintiffs sought to impose duties beyond those incorporated in the specific terms of the alleged contract.

Also, fans were not third-party beneficiaries of the Creator TOS, which required Creators to be individuals and safeguard their accounts given its express language saying there weren’t any third-party beneficiaries.

Fraud and deceit: Also failed against OnlyFans. OnlyFans made explicit disclosures about the use of third parties, its inability to control how Fan content is used, and the materials provided to Fans.

UCL/FAL: Not sufficiently alleged against agency defendants because plaintiffs didn’t allege the specific representations at issue.