EPIC Tells Court that Privacy Protections Don’t Violate the First Amendment

On December 13, EPIC submitted an amicus brief in NetChoice v. Bonta, an important case about the constitutionality of kids’ online privacy and safety protections. Together with briefs from Common Sense Media and legal and tech experts led by the Tech Justice Law Project, amici urged the district court to reject NetChoice’s haphazard attempt to revive its lawsuit after a series of rebukes from appellate courts about its overbroad litigation strategy.

Case Background

In NetChoice v. Bonta,NetChoice—a tech industry lobbying group—is trying to prevent the enforcement of California’s Age Appropriate Design Code (AADC). The AADC orders certain companies to provide minors with privacy protections and to design their platforms in ways that don’t manipulate minors. NetChoice broadly argues that the entire law violates the First Amendment.

Last year, the Northern District of California granted NetChoice’s request for an injunction in a disastrously overbroad opinion, which would have made almost any privacy law presumptively unconstitutional. While the injunction was on appeal, the Supreme Court decided Moody v. NetChoice, holding that NetChoice’s strategy of bringing facial challenges to regulation with nothing more than barebones records was unacceptable. The Court also rejected NetChoice’s overbroad legal rule: that everything platforms do to publish content is protected speech. The Court directed NetChoice to be specific on remand: to explain with specificity what the law’s provisions regulate, whether what is being regulated is expressive, and whether any unconstitutional applications of the law outweigh the constitutional ones.

When it came time for the Ninth Circuit to review Bonta, the panel overturned the district court’s decisionunder Moody except with respect to the AADC’s data protection impact assessment requirement. Instead of following the appellate courts’ instructions to be more specific in its First Amendment challenge and to build a robust record on remand, NetChoice instead added a few rhetorical flourishes to its legal arguments.

EPIC’s Brief

EPIC’s amicus brief focuses on NetChoice’s challenge to the AADC’s data protection provisions. As EPIC’s amicus brief explains, NetChoice has once again failed to meet its burden. It makes broad, abstract arguments about the First Amendment instead of concretely explaining what the AADC regulates and why it burdens expression. NetChoice also failed to supplement the record in any meaningful way. For this reason, the district court should deny NetChoice’s motion for a preliminary injunction.

EPIC’s brief also explains why the AADC’s privacy protections don’t violate the First Amendment. Surveilling users to feed their data into black box machine-learning algorithms is not inherently expressive. Collecting more data about users than they expect in order to gain ad revenues is not expressive. When the AADC regulates these practices, it does not trigger heightened First Amendment scrutiny.

EPIC helped organize two other amicus briefs in support of the California Attorney General. A group of First Amendment and tech experts led by the Tech Justice Law Project explained that dark pattern design practices are not expressive and can thus be regulated consistent with the First Amendment. Common Sense Media’s brief explained how age estimation—necessary to distinguish between minors and adults—does not automatically trigger First Amendment scrutiny. As EPIC has explained in amicus briefs and comments, the devil of age assurance constitutionality is in the details, and NetChoice did not provide the Court with any details on which to base its decision. EPIC regularly submits amicus briefs in cases about the intersection of free speech and online safety laws.