The recent district court decision in NetChoice v. Bonta (N.D. Cal., Sept. 18, 2023) holding that the California Age-Appropriate Design Code (CAADC) likely violates the First Amendment is a ridiculously expansive interpretation of the First Amendment, one that would annihilate most regulation if applied elsewhere. This decision is one of a new breed of opinions that I will call “First Amendment expansionism,” which turn nearly everything in the universe into a free speech issue. The Fifth Circuit recently held that the government’s encouraging platforms to take down misinformation and harmful content was a First Amendment violation because somehow it was unduly coercive . . . as if these platforms, which are some of the most powerful organizations the world has ever seen, will lack the courage to stand their ground whenever the government says “boo.” But I digress . . .
For example, according to the court, a DPIA implicates free speech because it “requires a business to express its ideas and analysis about likely harm.” The court argues:
It therefore appears to the Court that NetChoice is likely to succeed in its argument that the DPIA provisions, which require covered businesses to identify and disclose to the government potential risks to minors and to develop a timed plan to mitigate or eliminate the identified risks, regulate the distribution of speech and therefore trigger First Amendment scrutiny.
This reasoning could apply to any requirement that a business to document its policies and procedures or conduct risk analysis or have contracts with vendors. According to Judge Freeman, requirements to provide information about privacy practices is “requiring speech.” Requirements to estimate age “impede the ‘availability and use’ of information and accordingly to regulate speech.” According to Judge Freeman, nearly everything law might require can be recast in terms of requiring speech or affecting speech. For example, under Judge Freeman’s reasoning, data security requirements such as having policies or documenting processes would involve requiring speech. Doing a risk assessment would involve required speech. Under this reasoning, it’s hard to imagine what wouldn’t be involve speech. Beyond privacy, much other regulation would implicate speech, such as required nutrition labels, product warnings, and mandatory disclosures. One could argue that requirements to cooperate with regulators for inspections and investigations would involve speech — after all, these require that someone at a company communicate with regulators.
Back by popular demand, it’s another installment of the funniest hacker stock photos. Because I create 
