Facebook is facing a class-action lawsuit in Northern California over allegations that the company systematically scans its users' private messages on the social network without their consent and makes the profit by sharing the data with advertisers and marketers.
According to the lawsuit filing, Facebook might have violated federal privacy laws by scanning users' private messages.
Facebook routinely scans the URLs within users' private messages for several purposes like anti-malware protection and industry-standard searches for child pornography, but it has been claimed that the company is also using this data for advertising and other user-targeting services.
Also Read: Google to Face a Record $3.4 Billion AntiTrust Fine in Europe
The plaintiffs, Matthew Campbell, and Michael Hurley argue that the Facebook is scanning and collecting URLs-related data in a searchable form, violating both the Electronic Communications Privacy Act and California Invasion of Privacy Act, reported the Verge.
Facebook argues that the company scans users' private messages in bulk, and maintains the URL records in an anonymized way, which is only used in aggregate form.
However, according to a technical analysis done on behalf of the plaintiffs, each URL-related message is stored in "Titan," a private message database that displays the date and time the message was sent, along with the user IDs of both the sender and the recipient.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!Join the Session
However, it turns out that Facebook used this practice in past, but the company claimed to have stopped such practices a long time ago.
"We agree with the court's finding that the alleged conduct did not result in any actual harm and that it would be inappropriate to allow plaintiffs to seek damages on a class-wide basis," a Facebook spokesperson told CNET.
"The remaining claims relate to historical practices that are entirely lawful, and we look forward to resolving those claims on the merits."However according to the plaintiffs, Facebook is still continuing to collect links from users' private messages.
"Facebook's source code not only reveals that Facebook continues to acquire URL content from private messages, but that it also continues to make use of the content it acquires."Meanwhile, you can check out the lawsuit here. The lawsuit was originally filed in 2012 and for now, the case is expected to proceed.
Plaintiffs have until June 8 to file an amended complaint, following a scheduled conference toward the end of the month.