Facebook To Pay $90m Penalty For Tracking Users

Uploaded on 2022-02-21 in TECHNOLOGY-Key Areas-Social Media, FREE TO VIEW, BUSINESS-Services-Law

Facebook's parent compant Meta has agreed to pay $90 million to settle a decade-old lawsuit alleging Facebook kept tracking users' internet activity after they'd logged off of the platform. 

Users accused the Facebook of violating federal and state privacy and wiretapping laws by using plug-ins to store cookies that tracked when they visited outside websites containing Facebook “like” buttons.

The proposed settlement, which was filed on 14th February still requires court approval. If approved, it would be one of the 10 biggest data-privacy class-action settlements ever. Facebook agreed to delete all the data at issue.

Initiated in 2012, the case centered on Facebook’s use of proprietary browser plug-ins to track users’ visits to third-party sites.  Facebook obtained consent to track subscribers while logged in but promised to stop the tracking once the subscriber logged out, which according to the class-action suit, was not the case. Facebook violated privacy and wiretapping laws by using plug-ins to store cookies tracking users' visits to third-party websites that contained "like" buttons.

The social media site had users' permission to track them while they were logged in and promised to stop when they logged out, but failed to do so.

Besides the $90 million sum, which would be distributed among affected users, the settlement would require that Facebook delete data improperly collected on users through the use of this practice. Facebook's parent company, Meta, said, "Reaching a settlement in this case, which is more than a decade old, is in the best interest of our community and our shareholders and we're glad to move past this issue." 

As part of the settlement, Meta denies any wrongdoing.

The case dates back to a 2010 update by Facebook called “Open Graph,” which was designed to give users’ friends a closer look at their activity and interests across the internet. That lawsuit was dismissed in 2017 when a US  federal judge said the plaintiffs failed to show they had a reasonable expectation of privacy or that they suffered economic harm. 

In 2020, a federal appeals court revived the case, saying there is economic harm in such a situation. Facebook tried to have the Supreme Court take up the case, but it declined, allowing the federal appeals court's decision to stand.

Last year, Facebook agreed to pay $650m to settle a separate private lawsuit alleging the company's tagging feature violated an Illinois law prohibiting the collection of biometric data without prior notification and written consent. 

Business Insider:     Variety:     The East African:     Dawn:   The Citizen:     Haute Lawyer:     Image: Unsplash

You Might Also Read: 

Facebook Tanks:

 

« Ukraine Defence Ministry & Banks Under Cyber Attack
The New Security Demands Of Our Hybrid Working Future  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Council on Foreign Relations (CFR)

Council on Foreign Relations (CFR)

CFR is dedicated to better understanding the world and the foreign policy choices facing the USA and other countries. Cyber security is covered within the CFR topic areas.

Gigamon

Gigamon

Gigamon provides intelligent Traffic Visability solutions that provide unmatched visbility into physical & birtual networks without affecting the performance or stability of production environments.

tunCERT

tunCERT

TunCERT is the National Computer Emergency Response Team of Tunisia.

AGAT Software

AGAT Software

AGAT Software is an innovative security provider specializing in external access authentication and data protection solutions.

Intersec Worldwide

Intersec Worldwide

Intersec Worldwide is a boutique Information Security Firm specializing in PCI Compliance, Assessment, Remediation, Forensics, Data Breach Investigations, Incident Response and IT Managed Services.

Swiss CyberSecurity

Swiss CyberSecurity

Swiss CyberSecurity is a non-profit group based in Geneva, set up to provide information and as a forum for discussion of topics related to CyberSecurity.

United Nations Office on Drugs & Crime (UNODC)

United Nations Office on Drugs & Crime (UNODC)

UNODC promotes long-term and sustainable capacity building in the fight against cybercrime through supporting national structures and action.

CyberFortress

CyberFortress

CyberFortress is an insuretech startup offering a new kind of online business interruption policy designed for small business.

Venari Security

Venari Security

Venari is an award-winning cybersecurity SaaS provider that has developed an ETA (Encrypted Traffic Analysis) platform which fundamentally changes the way encrypted traffic is analysed.

SharkStriker

SharkStriker

SharkStriker is a US based managed security services provider with SOCs and offices across the globe.

Zeva

Zeva

Zeva solves complex identity and encryption challenges for the federal government and corporations around the globe.

eCloudvalley Digital Technology

eCloudvalley Digital Technology

eCloudvalley Digital Technology is a born-in-the-cloud partner focused entirely on AWS services across APAC region.

Digital Security Authority (DSA)

Digital Security Authority (DSA)

The establishment of the Digital Security Authority, which incorporates the National CSIRT, is crucial to significantly raising the cybersecurity posture and capabilities of Cyprus.

Cyber Explorers

Cyber Explorers

Cyber Explorers is a fun, free and interactive learning platform for future digital superstars. An exciting addition to UK curriculum delivery or after school activities.

Camms

Camms

Camms are a team of experienced professionals dedicated to providing innovative GRC software solutions that help organizations manage risk, make informed decisions, and drive positive change.

Tuskira

Tuskira

Tuskira is a Preemptive Cyber Defense & Response Platform powered by Agentic AI, designed to go beyond traditional vulnerability management.