Meta Pays $725M To Settle Facebook Privacy Suit

Facebook’s corporate parent company Meta has agreed to pay $725 million to settle a long-running lawsuit that accused the social network of allowing third parties, including Cambridge Analytica, to access users' private data and support Donald Trump’s Presidential campaign.

The settlement is the largest recovery ever for a data privacy class action lawsuit and is the most Facebook has ever paid out to settle a private class action. Facebook has not admitted to any wrong action as part of the settlement.

In August, the social media giant had reportedly reached a preliminary agreement regarding the lawsuit, however, the terms and amount were kept private until now. 

Plaintiffs alleged that Facebook “granted numerous third parties access to their Facebook content and information without their consent, and that Facebook failed to adequately monitor the third parties’ access to, and use of, that information,” according to the law firm behind the lawsuit.

The lawsuit was initiated in 2018, when Facebook was accused of violating privacy rules by sharing data with third parties. The information was ultimately accused of being used to steer US voters in favor of Donald Trump in the 2016 elections. The case was subsequently broadened to focus on Facebook’s overall data-sharing practices which focused on Cambridge Analytica, which has since shut down, which collected and exploited the personal data of 87 million Facebook users without their consent. That information was allegedly used to develop software to steer US voters in support of Trump.

Facebook has not admitted any wrongdoing as part of the settlement, which still requires approval by a judge in the San Francisco division of the US District Court. "We pursued a settlement as it's in the best interest of our community and shareholders... Over the last three years we revamped our approach to privacy and implemented a comprehensive privacy program." Meta said in a statement.

Besides the class action settlement, Facebook has agreed to pay $5 billion to the U.S. Federal Trade Commission following the scandal. In response to a similar inquiry, Facebook has also paid $100 million to the U.S. Securities and Exchange Commission. Both cases arose because the company had previously agreed to inform users when their data was being shared with third parties. FTC and SEC findings alleged that Facebook either failed to do so or allegedly used misleading tactics.

Facebook has since removed access to its data from thousands of apps suspected of abusing it, restricted the amount of information available to developers, and made it easier for users to calibrate restrictions on personal data sharing.

Last year, Meta paid US Federal authorities a fine $90m in settlement after Facebook kept tracking users' internet activity after they'd logged off from the platform.

PBS:    CNBC:     Oodaloop:      Security Week:      Telegraph:    Screenrant:  

You Might Also Read:

EU & US Agree New Data Rules To Replace Privacy Shield:

 

« Looking Back - Top 10 Most Read Articles Of 2022
2023 Tech Predictions »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

RISA

RISA

RISA solutions help to secure networks, improve overall network security, and achieve government regulatory compliance.

Redicom

Redicom

Redicom is an independent consulting agency focusing on identity management, strong authentication and single-sign-on.

Somansa

Somansa

Somansa is a global leader in Data Security and Compliance solutions designed to protect valuable company information from leakage and help meet regulatory compliance requirements.

Trustless Computing Association (TCA)

Trustless Computing Association (TCA)

TCA is is a non-profit organization promoting the creation and wide availability of IT and AI technologies that are radically more secure and accountable than today’s state of the art.

Level Effect

Level Effect

Level Effect is developing new capabilities to bring a unique perspective on proactive network defense and advanced security analytics.

International Cybersecurity Institute (ICSI)

International Cybersecurity Institute (ICSI)

ICSI is a UK company offering specialized and accredited professional qualifications in cybersecurity for young IT graduates as well as mature professionals.

Hawk Network Defense

Hawk Network Defense

HAWK.io is the First Fully Automated, Multi-Tenant, Cloud-Based, MDR Service Company.

SafeCipher

SafeCipher

At SafeCipher, we pride ourselves on being your single vendor-neutral resource for navigating the complexities of cryptographic data encryption.

ClassNK Consulting Service (NKCS)

ClassNK Consulting Service (NKCS)

ClassNK Consulting provides consulting services to the maritime industry with a focus on safety, security and compliance.

Securolytics

Securolytics

Securolytics offers the simplest, most complete and affordable IoT security for all organizations. Securolytics quickly identifies unmanaged devices to reduce security and compliance risks.

CYMOTIVE Technologies

CYMOTIVE Technologies

Combining Israeli cyber innovation with a century of German automotive engineering. CYMOTIVE operates under the assumption that connectivity is a game changer for the automotive industry.

GoodAccess

GoodAccess

GoodAccess is the cybersecurity platform that gives your business the security benefits of zero trust without the complexities so your users can securely access digital resources anytime, anywhere.

Cynical Technology

Cynical Technology

Cynical Technology is a Nepalese cybersecurity company with expertise in security consulting, auditing, testing and compliance.

Mindsprint

Mindsprint

Mindsprint (formerly Olam Technology and Business Services - OTBS) are a leading edge technology and business services firm.

RAD Security

RAD Security

RAD Security (formerly KSOC) is a cloud native security company that empowers engineering and security teams to drive innovation so they can focus on growth versus security problems.

Incode

Incode

Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online.