Application security, Compliance Management, Threat Management

Facebook slapped with class action suit over privacy, data gathering infractions

Share

Facebook “stood idly by” while Cambridge University professor Aleksandr Kogan raided user accounts through a quiz app and shared the information with data analytics firm Cambridge Analytica and “made only the weakest attempts to prevent further access to this data,” according to a class action lawsuit filed in a U.S. District Court in California.

The complaint accuses the social media firm – whose CEO Mark Zuckerberg is testifying before Congress today about the Cambridge Analytica fiasco, the company's data collection and sharing practices and the steps it has taken to tighten privacy and data protection – of violating its own policies and privacy law.

“Facebook has repeatedly failed to uphold its own privacy agreements and policies, and it's brazenly neglected the data security of the billions of those who use its social media service,” Steve Berman, managing partner of Hagens Berman law firm, which is representing plaintiffs in the suit, said in a release. “Instead of choosing to be vigilant, making appropriate investments in data security and stopping this massive harvesting of users' information by third parties, Facebook stood by as the private information of millions was funneled into the hands of bad actors.”

Berman noted that “had a brave whistleblower not come forward with this information, tens of millions of Facebook users would have never known the truth.” The complaint noted that “the price of entry to Facebook's social network is personal information” and the suit is seeking what it maintains are the unjust gains gotten by the company at the expense of its users.

“Facebook has made immense profits off of the data of our plaintiffs and the rest of the estimated 70 million U.S. Facebook users whose data was freely given to third parties without their knowledge or consent,” said Berman. “We believe they deserve payback. Facebook should not have been allowed to profit from this data, and it violated its own terms for profit.”

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.