Facebook hit with $15 billion class action user tracking lawsuit
Summary: Facebook is once again being sued for tracking its users even after they logout of the service. The latest class action lawsuit demands $15 billion from Facebook for violating federal wiretap laws.
Facebook is being sued for $15 billion for tracking users, even after they have logged out of the social network, and violating federal wiretap laws. If that sounds familiar, that's because it is: Facebook faces nationwide class action tracking cookie lawsuit.
Today's lawsuit, filed in Federal Court in San Jose, California, combines 21 separate cases across the U.S. in 2011 and early 2012. It's an amended consolidated class-action complaint that claims the company is invading the privacy of its users by tracking them across the Internet. If the claimants are successful in their case against Facebook, they could prevent Menlo Park from collecting the huge amount of data it collects about its users to serve ads back to them.
Like the previous lawsuits, Facebook is once again being accused of violating the Federal Wiretap Act, which provides statutory damages per user of $100 per day per violation, up to a maximum per user of $10,000. The complaint also asserts claims under the Computer Fraud and Abuse Act, the Stored Communications Act, various California Statutes, and California common law. It's worth noting that similar cases against Facebook and others filed under the wiretap law have been thrown out because browser cookies are simply not considered wiretaps and plaintiffs have difficulty proving any harm.
Stewarts Law is one of the firms leading the claim. "This is not just a damages action, but a groundbreaking digital-privacy rights case that could have wide and significant legal and business implications," David Straite, a partner at Stewarts Law, said in a statement.
Facebook has been accused multiple times of using cookies to track users even after they log out of the service. Menlo Park has since twice denied the allegations, and has also twice fixed the issue. Nevertheless, the lawsuits just keep coming. In additional to national lawsuits, there have been several lawsuits filed in multiple states, including Kansas, Kentucky, Louisiana, and Mississippi.
In September 2011, self-proclaimed hacker Nik Cubrilovic accused Facebook of tracking its users even if they log out of the social network. He explained that even after logging out of the service, whenever he visited a website that had a Facebook plugin, information including his account ID was still being sent to Palo Alto.
The company responded by denying the claims and offering an explanation as to why its cookies behave the way they do. Menlo Park explained that it does not track users across the Web and its cookies are used to personalize content. As for the logged-out cookies, Facebook said they are used for safety and protection.
After a long technical discussion, Cubrilovic confirmed Facebook made changes to the logout process, and that the cookies in question behave as they should. They still exist, but they no longer send back personally-identifiable information after you log out. The company also took the time to explain what each cookie is responsible for.
Later that month, 10 privacy groups and US congressmen sent letters asking the Federal Trade Commission (FTC) to investigate Facebook for these and other practices. Note that the FTC settlement from November 2011 was over charges that date back to December 2009, meaning the tracking cookie issue was never discussed.
In October 2011, the issue came back. It was discovered that the datr cookie, which can be used for tracking users, was once again being set on third-party websites with a Facebook social plugin – whether you are logged in or logged out of the service. Facebook confirmed the bug, said only some third-party websites were affected, and fixed it.
Also in September, Ireland's Data Protection Commissioner (DPC) agreed to conduct a privacy audit of Facebook. Since the social network giant's international headquarters is in Dublin, the larger majority of the site's users are affected by any of the DPC's decisions (see Europe versus Facebook). Thankfully for Facebook, when the DPC completed his three-month privacy audit of Facebook's activities in December 2011, he said Facebook makes "innovative use of cookies to identify unusual or suspicious activity" on an account.
All that being said, Facebook still needs to worry about this lawsuit and all the previous ones related to cookie tracking. I have contacted Facebook and will update you if I hear back.
See also:
- Facebook: Cookie tracking issue is limited, fix coming today
- Facebook tracking cookie returns, according to hacker
- Facebook denies patent is used for tracking logged-out users
- Facebook tracks you online even after you log out
- Facebook denies cookie tracking allegations
- Facebook fixes cookie behavior after logging out
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Snore..........
I'm sure the government is tracking everybody
Privacy on the internet is an illusion
if you really want to be anonymous use a TOR server but who's to say they aren't tracking you too?
Lame
What a vicious and cowardly remark... are you American?
troll bait much?
I guess people don't understand the saying "nothing in life is free"
And when most people use it and then the company decides to
And given how these cats already get corporate welfare to prop themselves up with... I made a very straightforward post including a link you ought to read.
But, out here in real life, "DON'T USE IT" as if your caps lock key is broken or something, doesn't cut it. We've seen how companies don't bother to self-regulate so people have to stand up for each other.
Which is okay, can we be sure that we don't stand up for you or that, as a facebook users yourself I suspect, you won't get any settlement money if it's proven facebook made a big no-no at your expense?
We know these businesses can't run for free. But who started the mindset everything should be free? Hopefully not the people who still expect to see their salaries high while everyone else has to endure theirs stagnating or dropping... ;)
re
Seems too low
Some lawyer waited until the IPO
I see nothing happening with this.
Internet Tracking
This is really no different than the telemarketer do not call list.
Who enforces it?
When is it enforced?
I still get tons of telemarketers calling with caller id blocked,
and it costs me money to havew their calls blocked.
One day I was looking for a 60 amp GFI breaker.
3 months later I was still gettting nextag popups
for 60AMP GFI breakers.
Another evil participant - Tiger Direct.
I decided to play the same game. I correspond with the advertisers, tell them what
I'm looking for and because they have been so in my face with popup ads, I bought it elsewhere.
That works for most stuff excepting the online pimping (dating) services and the gambling sites. As I have no desire for either there is no comeback I have been able to think up yet.
Do Not Track
You don't have to be tracked or see ads if you take a few minutes to harden up your online experience.
RE: Do Not Track
WRT to trackers, the 'wall of shame' for this page includes:
AdMeld
CBS Interactive (expected, as ZDNet is owned by CBS)
Crowd Science
DoubleClick
Facebook Social Plugins
Google Analytics
[b]all blocked[/b]
Google Analytics
Google Tracking!!!
facebook
facebook is dead, long live reddit
ranban sunglasses
Good luck on the lawsuit
clear your cookies
Well do that after visiting facebook then.
But so many websites have facebook apps on their websites, so facebook could track ip address. And they know what ip address you were logged in with and win. So either way they could track you if they want. its 3rd party websites fault for integrating facebook apps such as the like button. So its not facebooks fault directly.
Why should people
seems like the big prob is "ads"?
step 2: add ad-blocker plugin to Firefox
step 3: Search MVPS host and update it once in a wile
step 4: forget what "ads" are!!!