Lane v. Facebook, Inc.
Lane v. Facebook | |
---|---|
United States District Court for the Northern District of California | |
Full case name | Sean Lane, et al. v. Facebook, Inc., Blockbuster Inc., Fandango Inc., Hotwire, Inc., STA Travel Inc., Overstock.com, Inc., Zappos.com, GameFly, Inc. |
Date decided | March 17, 2010 |
Judge sitting | Richard G. Seeborg |
Case holding | |
Settled under court order; Facebook shut down its Beacon Service and created a $9.5M privacy fund. | |
Keywords | |
internet privacy |
Lane v. Facebook was a class-action lawsuit in the United States District Court for the Northern District of California regarding internet privacy and social media.[1] In December 2007, Facebook launched Beacon, which resulted in user's private information being posted on Facebook without consent. A simultaneous class-action lawsuit in Texas, Harris v. Blockbuster Inc., also alleged injuries based on Facebook's Beacon. Facebook ended up terminating the Beacon program, and created a $9.5 million fund for privacy and security. There was no money awarded to Facebook users that were affected negatively by the Beacon program.
Background
Plaintiff Sean Lane represented the class of Facebook users who had visited Beacon sites. In 2007, he purchased an intended surprise diamond ring from Overstock.com for his wife. Without his knowledge, this purchase was broadcast to hundreds of people in his network on Facebook, including his wife. The Beacon feature was opt-out; in order to disable the feature, one had to understand the privacy controls on Facebook as well as all of its 40+ affiliate sites.[2] There was also no option to turn off the service permanently.[3] For Facebook, the feature was intended to be a "completely new way of advertising online."[3]
The Beacon feature remained turned on by default, until December 2007, when Facebook instituted new privacy controls. The lawsuit concerns the window of time before those easier-to-understand controls were implemented.[4]
The feature was heavily criticized by security experts and privacy advocates.[5] Security researchers found that Beacon transmitted data even if the user was logged out of Facebook.[6] MoveOn.org, a civic action political group, posted a petition objecting to the new program, that gathered the signatures of over 50,000 Facebook members in 10 days.[7]
Litigants
The class that the plaintiffs represented were all Facebook users who visited Beacon affiliate sites, a class of about 3.6 million users.[8] The law firm involved was also behind the lawsuits involving digital rights management on the Amazon Kindle, Spore, and the Sony rootkit.[9]
The Beacon affiliated companies were Blockbuster Inc., Fandango.com Inc, Hotwire Inc, STA Travel Inc, Overstock.com Inc, Zappos.com Inc, and GameFly Inc.
Claims
The motion was brought individually on behalf of all Facebook users that had been affected by this service, and used it without their knowledge between November and December 2007.[10] The Plaintiffs claimed that Beacon had breached several federal and state privacy laws.
Electronic Communications Privacy Act
Plaintiffs alleged that Electronic Communications Privacy Act was violated, since the browsing information sent between a Facebook user's computer and the websites of Beacon affiliates was intercepted, and this communication was disclosed for an unlawful purpose. Furthermore, the plaintiffs alleged that this intercepted communication was used to enhance profitability through advertising. By the ECPA, plaintiffs and the Class were entitled to statutory damages of the greater of $10,000 or $100 a day for each day of violation, as well as profits and legal fees.[2]
Video Privacy Protection Act
Plaintiffs alleged that the Video Privacy Protection Act was violated by Fandango, Blockbuster, Overstock, and Gamefly, since those companies are "video tape service providers" within the meaning of the Act, and they knowingly disclosed personally identifiable information to Facebook without informed consent. They also alleged Facebook aided in this violation.[2]
California Consumer Legal Remedies Act
Plaintiffs alleged that Facebook and its Beacon affiliates violated the California Consumer Legal Remedies Act since the terms of the Beacon Affiliates did not state that personally identifiable information was being transmitted to Facebook. The CLRA applies to transactions that are intended to result in the sale of goods to customers. Plaintiffs alleged that this information in conjunction with the disclosure of their identity inflicted irreparable harm.[2]
Other
The plaintiffs alleged that Facebook and its Beacon affiliates violated the California Computer Crime Law and the Computer Fraud and Abuse Act by collecting the information.[2]
Throughout this entire process, Facebook denied any wrongdoing whatsoever on their part or on the part of any of the companies involved with them.
Settlement
Facebook established a cash settlement fund of $9.5 MM.[11] The money was used to establish and operate a privacy foundation which was devoted to funding and sponsoring programs designed to educate users. The privacy foundation has sole responsibility over the management and distribution of its funds. Facebook also had to provide the following relief:
- Termination of the Beacon Program - Facebook was forced to shut down the Beacon program within 60 days of the Preliminary Approval Date.
- Payment of Notice and Administrative Fees - All of the fees for the administration and effectuation of the Settlement Agreement were paid from the settlement fund (9.5 MM dollars).
- Compensation of Class Representatives - Sean Lane received $15,000. Sean Martin and Mohammed Sheikha received $7500. The other representative Plaintiffs each received $1,000. All of this money also came out of the Facebook settlement fund.[12]
- Payment of Attorneys' Fees and Expenses.
Reaction to settlement
The decision to let Facebook have one seat on the newly established privacy funds' three-person board was controversial.[4] Several nonprofit organizations, including the Electronic Privacy Information Center and Center for Digital Democracy wrote an objection to the settlement, on the grounds that the proposed foundation would not satisfactorily represent the interests of Facebook users.[13]
See also
Google Buzz, another service where privacy issues resulted in a class action lawsuit
References
- ↑ "Court Docket - Lane et al v. Facebook, Inc. et al, 5:08-cv-03845, No. 133 (N.D.Cal.)". Docket Alarm, Inc.
- ↑ 2.0 2.1 2.2 2.3 2.4 Lane et al v. Facebook, Inc. et al., Class Action Complaint. Filed August 12, 2008.
- ↑ 3.0 3.1 Nakashima, Ellen. Feeling Betrayed, Facebook Users Force Site to Honor Their Privacy. The Washington Post, November 30, 2007.
- ↑ 4.0 4.1 McCarthy, Caroline. Class action suit means Facebook's Beacon just won't go away. CNET News., August 14, 2008.
- ↑ Perez, Juan Carlos. Facebook Will Shut Down Beacon to Settle Lawsuit. The New York Times, September 19, 2009.
- ↑ Perez, Juan Carlos. Facebook's Beacon More Intrusive Than Previously Thought IDG News, November 30, 2007.
- ↑ Story, Louise. Facebook Retreats on Online Tracking. The New York Times, November 30, 2007.
- ↑ Beacon Class Action Settlement Approved -- Lane v. Facebook
- ↑ Milian, Mark. What Facebook's Beacon settlement means for those involved. The Los Angeles Times Technology Blog, December 10, 2009.
- ↑ Preliminary Order
- ↑ Settlement Agreement
- ↑ Bylaw and Formation
- ↑ Re: Lane et al. v. Facebook et al. proposed settlement