What just happened? Enigma Software Group has won a crucial case in the U.S. Court of Appeals for the Ninth Circuit, allowing it to proceed with its lawsuit against Malwarebytes for flagging its anti-spyware software as a 'potentially unwanted program.' The lawsuit alleges that Malwarebytes has engaged in anti-competitive conduct under the Lanham Act and tortious interference with Enigma's business.
The 2-1 split verdict from the Ninth Circuit came after Enigma appealed a 2017 California district court ruling that held cybersecurity firms can classify any software as harmful, even if they are from their competitors. However, the ruling was reversed by the Ninth Circuit in 2019, raising many questions about how this could affect anti-malware programs from correctly labeling harmful software masquerading as security apps.
While the Supreme Court did not take up the case following an appeal from Malwarebytes, the California district court once again dismissed Enigma's complaint in 2021, even after being told by the Ninth Circuit to reconsider the lawsuit. However, after another appeal from Enigma, the Ninth Circuit revived the case last week, and has now ruled that the company can proceed with its lawsuit.
The ruling has been lambasted by some legal experts, who believe it could hamper cybersecurity service providers from doing their job effectively. Talking to The Register, Eric Goldman, professor at Santa Clara University School of Law, claimed that the Ninth Circuit's decision was erroneous, as it failed to differentiate between facts and opinions properly.
According to him, in deciding in favor of Enigma, the Ninth Circuit failed to comprehend how the cybersecurity industry operates, and how security companies use the terms "malicious" and "threat." He also felt that thanks to the judgment, there will now be more disputes over such classifications in the future, making the job of cybersecurity companies tougher than ever before.
Goldman further argued that the Ninth Circuit's decision would mean anti-malware software vendors will now simply minimize their financial and legal risks by leaving out supposed anti-threat programs from their list of suspect apps even if they display dangerous behavior, which could pose a major threat to consumers. Some smaller players could also exit the industry altogether, which would further hurt consumers by reducing competition.
Goldman was also critical of the Supreme Court for denying Malwarebytes' appeal, and called out Justice Clarence Thomas in particular for writing what he called a "gratuitous error-riddled statement about Section 230 that spurred many regulators to pursue their censorship agendas."
Malwarebytes is yet to comment on the decision, but Enigma is celebrating the verdict, as expected. In a statement released following the ruling, the company said, "Malwarebytes (has) disparaged Enigma's products for commercial advantage by making misleading statements of fact. ... Trying to wrap them in a First Amendment flag does not make them any less offensive or any less actionable."