Facebook To Pay $90m Penalty For Tracking Users

Facebook's parent compant Meta has agreed to pay $90 million to settle a decade-old lawsuit alleging Facebook kept tracking users' internet activity after they'd logged off of the platform. 

Users accused the Facebook of violating federal and state privacy and wiretapping laws by using plug-ins to store cookies that tracked when they visited outside websites containing Facebook “like” buttons.

The proposed settlement, which was filed on 14th February still requires court approval. If approved, it would be one of the 10 biggest data-privacy class-action settlements ever. Facebook agreed to delete all the data at issue.

Initiated in 2012, the case centered on Facebook’s use of proprietary browser plug-ins to track users’ visits to third-party sites.  Facebook obtained consent to track subscribers while logged in but promised to stop the tracking once the subscriber logged out, which according to the class-action suit, was not the case. Facebook violated privacy and wiretapping laws by using plug-ins to store cookies tracking users' visits to third-party websites that contained "like" buttons.

The social media site had users' permission to track them while they were logged in and promised to stop when they logged out, but failed to do so.

Besides the $90 million sum, which would be distributed among affected users, the settlement would require that Facebook delete data improperly collected on users through the use of this practice. Facebook's parent company, Meta, said, "Reaching a settlement in this case, which is more than a decade old, is in the best interest of our community and our shareholders and we're glad to move past this issue." 

As part of the settlement, Meta denies any wrongdoing.

The case dates back to a 2010 update by Facebook called “Open Graph,” which was designed to give users’ friends a closer look at their activity and interests across the internet. That lawsuit was dismissed in 2017 when a US  federal judge said the plaintiffs failed to show they had a reasonable expectation of privacy or that they suffered economic harm. 

In 2020, a federal appeals court revived the case, saying there is economic harm in such a situation. Facebook tried to have the Supreme Court take up the case, but it declined, allowing the federal appeals court's decision to stand.

Last year, Facebook agreed to pay $650m to settle a separate private lawsuit alleging the company's tagging feature violated an Illinois law prohibiting the collection of biometric data without prior notification and written consent. 

Business Insider:     Variety:     The East African:     Dawn:   The Citizen:     Haute Lawyer:     Image: Unsplash

You Might Also Read: 

Facebook Tanks:

 

« Ukraine Defence Ministry & Banks Under Cyber Attack
The New Security Demands Of Our Hybrid Working Future  »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

HDI

HDI

HDI is the worldwide professional association and certification body for the technical service and support industry.

EclecticIQ

EclecticIQ

EclecticIQ is a global provider of threat intelligence, hunting and response technology and services.

SISA

SISA

SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive and corrective cybersecurity solutions.

TrustInSoft

TrustInSoft

TrustInSoft develops solutions that validate mission-critical software and eliminate attack vectors.

Anglo African

Anglo African

Anglo African is an information technology firm providing end-to-end solutions to different industries, from IT Infrastructure to DataCom as well as Cloud & InfoSec services.

Philippine National Police Anti-Cybercrime Group (PNP-ACG)

Philippine National Police Anti-Cybercrime Group (PNP-ACG)

The mission of the PNP Anti-Cybercrime Group is to implement and enforce pertinent laws on cybercrime and other cyber related crimes and pursue an effective anti-cybercrime campaign.

GuardianKey

GuardianKey

GuardianKey is a solution to protect systems against authentication attacks.

Level Effect

Level Effect

Level Effect is developing new capabilities to bring a unique perspective on proactive network defense and advanced security analytics.

Blackwall

Blackwall

Blackwall (formerly BotGuard) is a security infrastructure company focused on protecting web ecosystems from automated threats, while optimizing performance for hosting environments.

Ribbon Communications

Ribbon Communications

Ribbon Communications delivers global communications software and network solutions to service providers, enterprises, and critical infrastructure sectors.

JaCIRT

JaCIRT

JaCIRT is the national Cyber Incident Response Team for Jamaica, established to deliver on the mandate outlined in the GoJ’s National Cyber Security Strategy.

Red Goat Cyber Security

Red Goat Cyber Security

Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff.

Apollo Information Systems

Apollo Information Systems

Apollo is a value-added reseller that provides our clients with the complete set of cybersecurity and networking services and solutions.

Royal United Services Institute (RUSI)

Royal United Services Institute (RUSI)

The Royal United Services Institute is an independent think tank engaged in cutting edge defence and security research. Areas of research include cyber security and resilience.

CommScope

CommScope

CommScope is pushing the boundaries of technology to create the world’s most advanced wired and wireless networks.

Qwiet AI

Qwiet AI

At Qwiet AI we enable you to prevent cyberattacks by securing code from the start. Secure code in three steps.