Exactly this. I run a small computer help forum on the side. Two terrorists could easily create accounts and PM each other with plans to blow up something and I'd never ban their accounts because I'd never see the messages. Technically speaking, I can look in the database and read all of the messages, but I never do this unless there's some really out-of-the-ordinary event. I might have done this one time while looking into a troll account.
By the plantiff's argument, I'm providing aid to ISIS by running a forum that they could use to trade secret messages.