Facebook To Pay $90m Penalty For Tracking Users

Facebook's parent compant Meta has agreed to pay $90 million to settle a decade-old lawsuit alleging Facebook kept tracking users' internet activity after they'd logged off of the platform. 

Users accused the Facebook of violating federal and state privacy and wiretapping laws by using plug-ins to store cookies that tracked when they visited outside websites containing Facebook “like” buttons.

The proposed settlement, which was filed on 14th February still requires court approval. If approved, it would be one of the 10 biggest data-privacy class-action settlements ever. Facebook agreed to delete all the data at issue.

Initiated in 2012, the case centered on Facebook’s use of proprietary browser plug-ins to track users’ visits to third-party sites.  Facebook obtained consent to track subscribers while logged in but promised to stop the tracking once the subscriber logged out, which according to the class-action suit, was not the case. Facebook violated privacy and wiretapping laws by using plug-ins to store cookies tracking users' visits to third-party websites that contained "like" buttons.

The social media site had users' permission to track them while they were logged in and promised to stop when they logged out, but failed to do so.

Besides the $90 million sum, which would be distributed among affected users, the settlement would require that Facebook delete data improperly collected on users through the use of this practice. Facebook's parent company, Meta, said, "Reaching a settlement in this case, which is more than a decade old, is in the best interest of our community and our shareholders and we're glad to move past this issue." 

As part of the settlement, Meta denies any wrongdoing.

The case dates back to a 2010 update by Facebook called “Open Graph,” which was designed to give users’ friends a closer look at their activity and interests across the internet. That lawsuit was dismissed in 2017 when a US  federal judge said the plaintiffs failed to show they had a reasonable expectation of privacy or that they suffered economic harm. 

In 2020, a federal appeals court revived the case, saying there is economic harm in such a situation. Facebook tried to have the Supreme Court take up the case, but it declined, allowing the federal appeals court's decision to stand.

Last year, Facebook agreed to pay $650m to settle a separate private lawsuit alleging the company's tagging feature violated an Illinois law prohibiting the collection of biometric data without prior notification and written consent. 

Business Insider:     Variety:     The East African:     Dawn:   The Citizen:     Haute Lawyer:     Image: Unsplash

You Might Also Read: 

Facebook Tanks:

 

« Ukraine Defence Ministry & Banks Under Cyber Attack
The New Security Demands Of Our Hybrid Working Future  »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

GTB Technologies

GTB Technologies

GTB Technologies is a cyber security company that focuses on providing enterprise class data protection and data loss prevention solutions.

Sepior

Sepior

Our vision is to make Sepior the leading provider of cloud-encryption software in the world.

Khipu Networks

Khipu Networks

Khipu Networks is an award winning Cyber Security Company delivering a wide range of network, wireless and security solutions, technologies and services across multiple sectors.

TI Safe

TI Safe

TI Safe provide cybersecurity solutions for industrial networks of main critical infrastructures in Latin America.

totemo

totemo

Totemo offers solutions for the secure exchange of business information.

Sphonic

Sphonic

Sphonic provides regulated institutions of any size a powerful compliance & risk platform to quickly and securely onboard new customers and manage ongoing AML and Fraud & Risk trends.

Veritas Technologies

Veritas Technologies

Veritas provide industry-leading solutions that cover all platforms with backup and recovery, business continuity, software-defined storage and information governance.

CyberCX

CyberCX

CyberCX provides services from strategic consulting, security testing and training to world-class managed services and engineering solutions.

Finnish Security & Intelligence Service (SUPO)

Finnish Security & Intelligence Service (SUPO)

The Finnish Security and Intelligence Service is a government agency tasked with combating serious threats to national security in Finland.

Cyber Security Canada

Cyber Security Canada

Cyber Security Canada is an accredited Certification Body for government-backed Cyber Security Certification Programs, designed specifically for small and medium-sized Canadian businesses.

senhasegura

senhasegura

senhasegura is a global Privileged Access Management vendor. Our mission is to eliminate privilege abuse in organizations around the globe and build digital sovereignty.

Cufflink

Cufflink

Cufflink makes your business more secure, compliant and trusted. We limit the likelihood and impact of a data breach by controlling exactly what can and can't be done with personal data.

Technation

Technation

Technation proudly represents the Canadian technology companies that are furthering our nation and the world into the future through innovation, creativity and ingenuity.

Harrison Clarke

Harrison Clarke

Harrison Clarke is a leading staffing and recruiting firm in the Cloud, Cybersecurity, Data & AI space.

ABPGroup

ABPGroup

ABPGroup is Asia’s leading cybersecurity technology provider focusing on providing best-of-breed solutions that address today’s pressing challenges.

Gleam Cloud Security Solutions (GCSS)

Gleam Cloud Security Solutions (GCSS)

GCSS Security is an information security firm providing cyber security protection with a highly skilled and experienced team focused on technology that creates best-in-class customer experiences.