tl;dr – Offline Antecedents for Platform Liability
Background… Legal history offers examples of areas where attempting to apply liability directly to bad actors is likely to be ineffective, but where certain related parties might be able to either control the bad actors or mitigate the damage they cause. In such cases, the common law has long embraced indirect or vicarious liability, holding one party liable for wrongs committed by another. The purpose of this kind of indirect liability is to align incentives where they can be most useful by placing responsibility on the least-cost avoider.
But… The immunity from liability granted to online platforms by Section 230 of the Communications Decency Act is a departure from normal rules governing intermediary behavior. It is impossible to know exactly how a robust common law of online intermediary liability would have developed in a world where Section 230 immunity never existed.
However… Lessons can be drawn from how the offline world has dealt with third-party liability, especially when an intermediary operates under a duty of care. The common law offers several examples of duties that business owners owe to their customers or, sometimes, to the outside world. Central among these is the legal obligation to take reasonable steps to curb harm from the use of a business’ goods and services. If the business has created a situation or environment that puts people at risk, it has an obligation to mitigate that risk. It also can have obligations to prevent risk of harm to customers or others with whom it has entered into a relationship, even if the business did not directly create the risk.