Everyone Seems To Be Getting The Story About PayPal And Its Supposed $2,500 Fines For Misinfo Wrong

Techdirt. 2022-10-11

Over the years, we’ve posted so many different stories about questionable decisions by PayPal to cut off services from users it objected to, or even seizing the money in their account that it’s impossible to dig up all of those stories. But, by now, we’ve seen well over a decade of PayPal acting as some sort of morality police. It has every legal right to do so, though we could point out that there is much less competition for easy to use, consumer-friendly payment options. It is also an example of the trickiness that ensues when people look to infrastructure layer providers to get involved in content moderation.

Given all that, it wasn’t necessarily unprecedented, but still a bit shocking, to hear that PayPal had notified users of an updated Acceptable Use Policy that included two things that people (reasonably) connected, and then worried about. The first, was a new policy saying that (among other things) promoting “misinformation” was a violation of the policy.

The misinformation part got all the attention, but the whole policy is pretty broad:

involve the sending, posting, or publication of any messages, content, or materials, that in PayPal’s sole discretion, (a) are harmful, obscene, harassing, or objectionable, (b) depict or appear to depict nudity, sexual or other intimate activities, (c) depict or promote illegal drug use, (d) depict or promote violence, criminal activity, cruelty, or self-harm (e) depict, promote, or incite hatred or discrimination of protected groups or of individuals or groups based on protected characteristics (e.g. race, religion, gender or gender identity, sexual orientation, etc.) (f) present a risk to user safety or wellbeing, (g) are fraudulent, promote misinformation, or are unlawful, (h) infringe the privacy, intellectual property rights, or other proprietary rights of any party, or (i) are otherwise unfit for publication.

So… this actually reads like a fairly typical set of terms or acceptable use policies for lots of different websites, giving the sites broad leeway to ban you for a bunch of different things, totally at the discretion of the company and its own morals. Of course, you can make arguments for why lots of it is crazy. Depicting illegal drug use? So if you have created a short film that includes someone smoking pot, they can lose their PayPal account? Is kissing an “otherwise intimate” activity? And, of course, misinformation can mean very different things to very different people.

Of course, where this became viral as news is because people realized that PayPal’s Acceptable Use Policy already includes a claim that if you violate its policy they can take $2,500 from your account. While PayPal walked back some of these newly announced changes (we’ll get to that in a second), the policy about the $2,500 has existed for at least a year:

Here’s the policy I just grabbed from their website, showing it was last updated on September 20, 2021, with the $2,500 “liquidated damages” clause in there:

That notes that the policy dating back to at least September 20, 2021 includes the following:

You are independently responsible for complying with all applicable laws in all of your actions related to your use of PayPal’s services, regardless of the purpose of the use. In addition, you must adhere to the terms of this Acceptable Use Policy. Violation of this Acceptable Use Policy constitutes a violation of the PayPal User Agreement and may subject you to damages, including liquidated damages of $2,500.00 U.S. dollars per violation, which may be debited directly from your PayPal account(s) as outlined in the User Agreement (see “Restricted Activities and Holds” section of the PayPal User Agreement).

So, some of the uproar over the weekend came from people seeing the new “misinformation” line and then the (already existing) claim about the $2,500 and assuming both were new and connected. Soon after much of this went viral (some driven by potentially disingenuous misinformation grifters who feared for their own livelihoods), PayPal insisted that the notice of the new policies “went out in error.”

“An AUP notice recently went out in error that included incorrect information. PayPal is not fining people for misinformation and this language was never intended to be inserted in our policy. Our teams are working to correct our policy pages. We’re sorry for the confusion this has caused,” a spokesperson told National Review in a written statement.

Lots of sites reported that PayPal had retracted its plan to fine people $2,500 for misinformation, but… the $2,500 amount is still in the policy. It’s just that the misinformation part is not going live… yet.

Of course, this raises another question: if the $2,500 liquidated damages thing has been in there since at least 2021… has PayPal ever actually done that? It seems like if it had, that would be a big story in its own right.

The fact that the $2,500 damages clause is still in the PayPal policy today still seems like a pretty big deal. Hiding the fact that a company might take $2,500 from you by burying it in an acceptable use policy no one is going to read seems like not a great thing, whether or not the policy includes “misinformation” as a triggering event.

PayPal’s statement about the misinformation bit is also… difficult to believe. The idea that it was “never intended to be inserted in our policy” doesn’t explain how it was inserted in the policy that was sent out to users. I would think that a company as large as PayPal has, you know, a few lawyers who look over this stuff before they update their policies. It seems clear that somewhere along the line someone at PayPal did very much intend to have this kind of policy, it’s just that they probably didn’t realize that they were putting it into the same section that included the threatened $2,500 cash grab.

My guess is that PayPal has that $2,500 number in there just in case they come across a more egregious situation, but I’m not sure even that justifies this kind of policy, especially where there is no real affirmative agreement with users that they know they’re putting that much money on the line.

PayPal can do whatever it wants, of course, but the sneaky $2,500 threat seems like really bad and confusing policy. The temporary inclusion of misinformation also seems somewhat sketchy, but could make sense in other contexts. Walking back the misinfo part without walking back the $2,500 part seems like the real problem.