Have any recent court rulings (2023-2025) clarified liability for viewing CSAM without saving it?
Executive summary
Federal courts and recent litigation through 2025 have not produced a single, clear ruling that uniformly resolves whether mere viewing or “browsing” of CSAM without saving it creates criminal or civil liability; instead, courts and lawmakers are wrestling with related issues—hash-based identification, provider reporting duties, and liability for mistaken reports—while Congress has proposed broad new liability standards in bills like the STOP CSAM and REPORT Acts (see debate over provider obligations and “recklessness”) [1] [2] [3] [4]. Recent district-court decisions show risk for providers who report or forward unconfirmed material (Lawshe), and multiple bills would expand reporting and civil exposure, but available sources do not show a definitive appellate or Supreme Court ruling that settles private liability for passive viewing alone [2] [4] [5].
1. No tidy judicial answer — litigation has focused on adjacent problems, not “mere viewing”
Courts since 2023 have split on aspects of provider conduct—how automated detection, hash-matching, and subsequent law-enforcement review interact with the Fourth Amendment and statutory privacy protections—yet the available reporting shows appellate courts are deciding whether provider and government reviews require warrants or exceed constitutional limits, not issuing a blanket rule that passive viewing without saving is per se criminal or civil liability [1] [6]. Legal analysis in the sources emphasizes circuit disagreements and procedural rulings rather than a categorical new standard on casual viewing [1].
2. Lawfare: providers at legal risk for reporting or forwarding “unconfirmed” files
A 2025 district-court opinion in Lawshe v. Verizon (discussed by Perkins Coie) held that a provider may face claims under the Stored Communications Act if it discloses material tagged “unconfirmed” to NCMEC without reviewing it first; the opinion stressed that the NCMEC disclosure exception is coextensive with reporting duties and that “good faith” defenses may not dispose of claims at early stages [2]. That ruling signals litigation risk not because someone merely viewed CSAM, but because a provider’s reporting or forwarding of unverified files can trigger statutory exposure [2].
3. Statutory and policy fights in Congress complicate the picture
Congressional activity has been aggressive: the REPORT Act expands provider reporting duties and grants limited liability protections for certain actors retained by NCMEC, while successive STOP CSAM proposals (2023–2025) would broaden civil liability and alter the mental-state standards (including “recklessness”) for platforms and vendors—changes that would affect when a platform can be sued even absent specific knowledge of saved copies [4] [5] [7] [3]. Those legislative proposals would change the legal landscape if enacted, but they are not judicial rulings and have provoked strong objections from digital-rights groups [3] [8].
4. Criminal law remains focused on possession/distribution; courts still ask what counts as “possession”
Federal statutes and case law long criminalize possession, distribution, and production of CSAM; courts and commentators continue to debate whether transient access, in-device thumbnails, or streaming count as “possession” in specific prosecutions. The sources show courts and scholars wrestling with technological realities (hashes, cloud storage, streaming) rather than issuing a new universal rule that mere viewing is criminally culpable [1] [6]. Available sources do not mention a 2023–2025 high-court decision declaring passive viewing criminal liability.
5. Two practical takeaways for providers, platforms, and users
First, providers that rely on automated detection or forward materials to NCMEC face litigation risk if they report unconfirmed content without appropriate review—the Lawshe discussion is a concrete warning [2]. Second, pending and proposed statutes would lower the threshold for civil exposure (adding “recklessness” or expanded “facilitate/promote” language), increasing incentives for platforms to act conservatively and for plaintiffs to sue—this is a policy choice pending in Congress, not settled law [3] [5].
6. Competing viewpoints and hidden agendas in the sources
Child-protection advocates and many legislators press for broader reporting duties and civil remedies on grounds that victims suffer ongoing harm when images are viewed or circulated (Paroline is cited in legislative text) [9] [10]. Civil-liberties and industry groups counter that broad liability and low mental-state standards will chill encryption, privacy, and lawful speech and could force platforms to over-remove content, an argument visible in ACLU/EPIC/EFF and tech-industry critiques [3] [11] [8]. Those disagreements reveal normative trade-offs—victim remediation versus privacy/security—that are shaping both litigation strategy and legislative drafting [3] [11].
Limitations: reporting used here does not include every district or state decision in 2023–2025; sources provided do not contain a single, controlling appellate or Supreme Court ruling that definitively resolves liability for simple viewing without saving. Available sources do not mention any unanimous high-court decision that criminalizes mere viewing in that period [2] [1].