No Section 230 immunity for healthcare software provider

Company could be liable for modifications made to its software that provided abbreviated third-party warnings for prescription drugs.

Cases dealing with the Communications Decency Act often involve websites. See, for example, the recent decision from the Sixth Circuit involving thedirty.com, and earlier cases about Roommates.com and Amazon. But this case considered a sort of unique suggested application of Section 230 immunity. The question was whether a provider of software that facilitated the delivery of prescription monographs (including warning information) could claim immunity. It’s unusual for Section 230 to show up in a products liability/personal injury action, but that is how it happened here.

Plaintiff suffered blindness and other injuries allegedly from taking medication she says she would not have taken had it been accompanied with certain warnings. She sued several defendants, including a software company that provided the technology whereby warnings drafted by third parties were provided to pharmacy retailers.

Defendant software company moved to dismiss on several grounds, including immunity under the Communications Decency Act, 47 U.S.C. 230. The trial court denied the motion to dismiss and defendant sought review. On appeal, the court affirmed the denial of the motion to dismiss, holding that Section 230 immunity did not apply.

At the request of the retailer that sold plaintiff her medicine, defendant software company modified its software to provide only abbreviated product warnings. Plaintiff’s claims against defendant arose from that modification.

Defendant argued that Section 230 immunity should protect it because defendant did not play any role in the decisions of the product warning. Instead, defendant was an independent provider of software that distributed drug information to pharmacy customers. Its software enabled pharmacies to access a third party’s database of product warnings. Defendant did not author the warnings but instead, provided the information under an authorization in a data license agreement. Defendant thus functioned as a pass through entity to distribute warnings that were prepared by third parties to retailers selling prescription drugs, and were printed and distributed to the individual customer when a prescription was filled.

The court found unpersuasive defendant’s claim that Section 230 immunized it from liability for providing electronic access to third party warnings. Section 230 provides, in relevant part, that (1) “[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider” and (2) “[n]o cause of action may be brought and no liability may be imposed under any State or local rule that is inconsistent with this section.”

It held that plaintiff’s claim against defendant did not arise from defendant’s role as the software or service provider that enabled the retailer to access the third-party drafted warnings. Instead, the court found that plaintiff’s claim arose from defendant’s modification of its software to allow the retailer to distribute abbreviated drug monographs that automatically omitted warnings of serious risks. The appellate court agreed with the trial court which found, “this is not a case in which a defendant merely distributed information from a third party author or publisher.” Instead, in the court’s view, defendant’s conduct in modifying the software so that only abbreviated warnings would appear, it participated in creating or modifying the content.

Hardin v. PDX, Inc., 2014 WL 2768863 (Cal. App. 1st June 19, 2014)