Two Facebook users are suing the company to fight what they say is the company’s practice of scanning their personal, private messages to other users so the company can then target personalized on-screen ads to users based on keywords used in their posts.
In a 36-page, three-count lawsuit, plaintiffs Michael Campbell, of Pulaski County, Ark., and Michael Hurley, of North Plains, Ore., allege that Facebook’s actions violate several of that state’s privacy laws.
“Defendant Facebook, Inc. has systematically violated consumers’ privacy by reading its users’ personal, private Facebook messages [to other users] without their consent,” according to the lawsuit, which was filed in early January.
“Across the various services it offers, Facebook takes pains to promise a stark distinction in the types of communications it facilitates,” the lawsuit continues. “Users may choose to communicate publicly via individual Facebook pages, or privately via personal messages and chats,” depending on the audience that users want to communicate with, the suit states. “Facebook touts the privacy of its messaging function as ‘unprecedented’ in terms of user control and the prevention of unwanted contact.”
For users, though, that is an empty promise, according to the lawsuit. “Contrary to its representations, ‘private’ Facebook messages are systematically intercepted by the Company in an effort to learn the contents of the users’ communications,” the lawsuit continues. “In the course of the last year, independent security researchers discovered that Facebook reviews the contents of its users’ private Facebook messages for purposes unrelated to the facilitation of message transmission. When a user composes a Facebook message and includes a link to a third party website the Company scans the content of the Facebook message, follows the enclosed link, and searches for information to profile the message-sender’s web activity.”
Such scanning is not done with users in mind, the suit continues. “This practice is not done to facilitate the transmission of users’ communications via Facebook, but because it enables Facebook to mine user data and profit from those data by sharing them with third parties—namely, advertisers, marketers, and other data aggregators.”
The issue the plaintiffs have with this practice, according to the lawsuit, is that the scanning is done without users’ consent, according to the complaint. “Instead, to increase users’ comfort with the website and, thereby, increase the amount of information they share, the Company makes assurances of user control over privacy settings and messaging options,” the complaint read. “These assurances affirmatively state that only senders and intended recipients are privy to the contents of their nonpublic communications. In reality, Facebook never intended to provide this level of confidentiality. Instead, Facebook mines any and all transmissions across its network, including those it labels ‘private,’ in order to gather any and all morsels of information it can about its users.”
The plaintiffs are seeking class-action status for the lawsuit, which would allow other Facebook users who object to the practice to join the legal fight. The suit alleges that Facebook’s alleged behavior violates the Electronic Communications Privacy Act, the California Invasion of Privacy Act and California’s Unfair Competition Law.
A Facebook spokesperson, reached by eWEEK via email on Jan. 6, said: “The complaint is without merit and we will defend ourselves vigorously.”
This lawsuit is certainly not the first time that Facebook has been attacked for its privacy policies and practices.
In May 2012, the company was hit with a $15 billion class-action lawsuit in California for alleged privacy violations tied to the tracking of Web users. That lawsuit combined 21 privacy lawsuits filed against the social network in more than a dozen states into a single legal action. The case stems from accusations made in September 2011 that Facebook tracks user activity even after people have left the site.