Facebook To Pay $90m Penalty For Tracking Users

Facebook's parent compant Meta has agreed to pay $90 million to settle a decade-old lawsuit alleging Facebook kept tracking users' internet activity after they'd logged off of the platform. 

Users accused the Facebook of violating federal and state privacy and wiretapping laws by using plug-ins to store cookies that tracked when they visited outside websites containing Facebook “like” buttons.

The proposed settlement, which was filed on 14th February still requires court approval. If approved, it would be one of the 10 biggest data-privacy class-action settlements ever. Facebook agreed to delete all the data at issue.

Initiated in 2012, the case centered on Facebook’s use of proprietary browser plug-ins to track users’ visits to third-party sites.  Facebook obtained consent to track subscribers while logged in but promised to stop the tracking once the subscriber logged out, which according to the class-action suit, was not the case. Facebook violated privacy and wiretapping laws by using plug-ins to store cookies tracking users' visits to third-party websites that contained "like" buttons.

The social media site had users' permission to track them while they were logged in and promised to stop when they logged out, but failed to do so.

Besides the $90 million sum, which would be distributed among affected users, the settlement would require that Facebook delete data improperly collected on users through the use of this practice. Facebook's parent company, Meta, said, "Reaching a settlement in this case, which is more than a decade old, is in the best interest of our community and our shareholders and we're glad to move past this issue." 

As part of the settlement, Meta denies any wrongdoing.

The case dates back to a 2010 update by Facebook called “Open Graph,” which was designed to give users’ friends a closer look at their activity and interests across the internet. That lawsuit was dismissed in 2017 when a US  federal judge said the plaintiffs failed to show they had a reasonable expectation of privacy or that they suffered economic harm. 

In 2020, a federal appeals court revived the case, saying there is economic harm in such a situation. Facebook tried to have the Supreme Court take up the case, but it declined, allowing the federal appeals court's decision to stand.

Last year, Facebook agreed to pay $650m to settle a separate private lawsuit alleging the company's tagging feature violated an Illinois law prohibiting the collection of biometric data without prior notification and written consent. 

Business Insider:     Variety:     The East African:     Dawn:   The Citizen:     Haute Lawyer:     Image: Unsplash

You Might Also Read: 

Facebook Tanks:

 

« Ukraine Defence Ministry & Banks Under Cyber Attack
The New Security Demands Of Our Hybrid Working Future  »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Titus

Titus

Titus is a global leader in enterprise-grade data protection solutions.

Datiphy

Datiphy

Datiphy's data-centric security platform uses behavioral analytics, and data-centric auditing and protection capabilities to mitigate risk.

Adlink Technology

Adlink Technology

ADLINK is a leading provider of embedded computing products and services for applications including IoT and industrial automation.

Auth0

Auth0

Auth0 is a cloud service that provides a set of unified APIs and tools that instantly enables single sign-on and user management for any application, API or IoT device.

CRU Data Security Group (CDSG)

CRU Data Security Group (CDSG)

CRU is a pioneer in devices for data mobility, data security, encryption, and digital investigation.

Sweepatic

Sweepatic

The Sweepatic reconnaissance platform discovers and analyses all internet facing assets and their exposure to risk.

Crosspring

Crosspring

Crosspring is an incubator/accelerator for people who have the ambition to start a successful business or want to extend their existing business in the areas of FinTech, AR, VR, Cybersecurity and SaaS

Evolution Equity Partners

Evolution Equity Partners

Evolution Equity Partners is an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies.

Arcanna.ai

Arcanna.ai

Using a wide range of out-of-the box integrations, Arcanna.ai continuously learns from existing enterprise cybersecurity experts and scales your team’s capacity to deal with threats.

Cyber Security Partners (CSP)

Cyber Security Partners (CSP)

Cyber Security Partners specialise in the provision of Cyber Security Consultancy, Data Protection and Certification and Compliance services.

Infiot

Infiot

Infiot is a pioneer in enabling secure, reliable access with zero trust security, network optimization, edge-intelligence and AI driven operations for all remote users, devices, sites and cloud.

Arctic Group

Arctic Group

Arctic Group is a Swedish service provider focusing on cybersecurity, integration services and deployment of software development tools.

Hawk AI

Hawk AI

Hawk AI’s mission is to help financial institutions detect financial crime more effectively and efficiently using AI to enhance rules and find anomalies.

Saudi Information Technology Company (SITE)

Saudi Information Technology Company (SITE)

SITE is a forward-thinking enterprise, which aims at revitalizing Saudi Arabia’s digital infrastructure, cybersecurity, software development, and big data and analytics capabilities.

Anetac

Anetac

Developed by seasoned cybersecurity experts, the Anetac Identity and Security Platform protects threat surface exploited via service accounts.

Fraud.net

Fraud.net

Fraud.net operates the first end-to-end fraud management and revenue enhancement ecosystem specifically built for digital enterprises and fintechs globally.