Meta Pays $725M To Settle Facebook Privacy Suit

Facebook’s corporate parent company Meta has agreed to pay $725 million to settle a long-running lawsuit that accused the social network of allowing third parties, including Cambridge Analytica, to access users' private data and support Donald Trump’s Presidential campaign.

The settlement is the largest recovery ever for a data privacy class action lawsuit and is the most Facebook has ever paid out to settle a private class action. Facebook has not admitted to any wrong action as part of the settlement.

In August, the social media giant had reportedly reached a preliminary agreement regarding the lawsuit, however, the terms and amount were kept private until now. 

Plaintiffs alleged that Facebook “granted numerous third parties access to their Facebook content and information without their consent, and that Facebook failed to adequately monitor the third parties’ access to, and use of, that information,” according to the law firm behind the lawsuit.

The lawsuit was initiated in 2018, when Facebook was accused of violating privacy rules by sharing data with third parties. The information was ultimately accused of being used to steer US voters in favor of Donald Trump in the 2016 elections. The case was subsequently broadened to focus on Facebook’s overall data-sharing practices which focused on Cambridge Analytica, which has since shut down, which collected and exploited the personal data of 87 million Facebook users without their consent. That information was allegedly used to develop software to steer US voters in support of Trump.

Facebook has not admitted any wrongdoing as part of the settlement, which still requires approval by a judge in the San Francisco division of the US District Court. "We pursued a settlement as it's in the best interest of our community and shareholders... Over the last three years we revamped our approach to privacy and implemented a comprehensive privacy program." Meta said in a statement.

Besides the class action settlement, Facebook has agreed to pay $5 billion to the U.S. Federal Trade Commission following the scandal. In response to a similar inquiry, Facebook has also paid $100 million to the U.S. Securities and Exchange Commission. Both cases arose because the company had previously agreed to inform users when their data was being shared with third parties. FTC and SEC findings alleged that Facebook either failed to do so or allegedly used misleading tactics.

Facebook has since removed access to its data from thousands of apps suspected of abusing it, restricted the amount of information available to developers, and made it easier for users to calibrate restrictions on personal data sharing.

Last year, Meta paid US Federal authorities a fine $90m in settlement after Facebook kept tracking users' internet activity after they'd logged off from the platform.

PBS:    CNBC:     Oodaloop:      Security Week:      Telegraph:    Screenrant:  

You Might Also Read:

EU & US Agree New Data Rules To Replace Privacy Shield:

 

« Looking Back - Top 10 Most Read Articles Of 2022
2023 Tech Predictions »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

SecurityScorecard

SecurityScorecard

SecurityScorecard provides the most accurate security ratings & continuous risk monitoring for vendor and third party risk management.

BetterCloud

BetterCloud

BetterCloud puts IT in control of the modern workplace through user lifecycle management, data discovery, and IT and security automation purpose-built for SaaS.

Cimcor

Cimcor

Cimcor’s flagship software product, CimTrak, helps organizations to monitor and protect a wide range of physical, network and virtual IT assets in real-time.

Randori

Randori

Randori is an attack platform that provides "red-teaming" as a service - basically, staging simulated hack attacks to test for vulnerabilities and gaps in the security response.

S4x Events

S4x Events

S4x are the most advanced and largest ICS cyber security events in the world.

Global Cyber Security Capacity Centre (GCSCC) - Oxford University

Global Cyber Security Capacity Centre (GCSCC) - Oxford University

GCSCC's work is focused on developing a framework for understanding what works, what doesn’t work and why – across all areas of cybersecurity capacity.

Axxum Technologies

Axxum Technologies

Axxum Technologies is a premier provider of Network Communications and Information Technology Security Solutions.

C2SEC

C2SEC

C2Sec provides an innovative analytics platform that assesses and quantifies cyber risks in financial terms based on combining patented big data, AI, and cybersecurity technologies.

Point Predictive

Point Predictive

Point Predictive build Predictive Models using Artificial Intelligence and Machine Learning techniques that help our customers stop fraud and early payment default (EPD).

LogMeIn

LogMeIn

LogMeIn makes it possible for millions of people and businesses around the globe to do their best work simply and securely—on any device, from any location and at any time.

F1 Security

F1 Security

F1 Security provides a family of web security solutions including web application firewalls, web shell detection solutions, and web shell scanners.

Intellinexus

Intellinexus

Intellinexus turns data into actionable insights to revolutionise decision-making in your business.

Corix Partners

Corix Partners

Corix Partners is a Boutique Management Consultancy Firm focused on assisting CIOs and other C-level executives in resolving Cyber Security Strategy, Organisation and Governance challenges.

True Corporation

True Corporation

True Corporation is Thailand’s leading Telecom-Tech company, empowering people and businesses with connected solutions that advance society sustainably.

DefectDojo

DefectDojo

DefectDojo is a DevSecOps and vulnerability management tool.

LiveAction

LiveAction

LiveAction’s Network Intelligence platform transforms complex data into actionable insights, providing organizations with a comprehensive view of their network.