Facebook Wins Dismissal Of $15 Billion Privacy Lawsuit

It’s been more than three years since a federal judge in California heard arguments in a large class-action lawsuit filed against Facebook over its questionable privacy practices. Finally, on Friday that judge sided with the social network and threw out the case — while leaving open the option for plaintiffs to revise and re-file their case.

The complaint involves Facebook’s tracking of users both while they are logged in as Facebook users and after they log off.

The plaintiffs argued that, in exchange for offering free access to Facebook, the company “conditions its membership upon users providing sensitive and personal information… including name, birth date, gender and e-mail address,” and requires that users accept numerous Facebook “cookies” on their web browsers that allow Facebook to track that a user’s Internet browsing history — which is then marketed to advertisers.

Of particular concern to the plaintiffs was Facebook’s continued tracking of users even after they had logged out of Facebook.

According to the plaintiff, “[f]rom the first time a Facebook user logs into Facebook and the… tracking cookie is set on his machine, all of that user’s browsing to Facebook partner sites using that browser is linked by Facebook back to that user.”

The complaints — later consolidated in a multidistrict case — alleged violations of multiple federal and state laws, including the Federal Wiretap Act, the Stored Communications Act, the Computer Fraud and Abuse Act, California’s Unfair Competition Law, the California Computer Crime Law, the California Invasion of Privacy Act, and California’s Consumer Legal Remedies Act.

On the Wiretap Act violations alone, the plaintiffs believed that Facebook could have faced around $15 billion in penalties.

In the end, while the judge agreed that there was some intrinsic value to the personal information being gathered by Facebook, the plaintiffs had not demonstrated they were deprived of anything by Facebook’s actions.

“[W]hat Plaintiffs have failed to do is adequately connect this value to a realistic economic harm or loss that is attributable to Facebook’s alleged conduct,” writes the judge in his 19-page dismissal order [PDF]. “In other words, Plaintiffs have not shown… that they personally lost the opportunity to sell their information or that the value of their information was somehow diminished after it was collected by Facebook.”

Additionally, the judge found plaintiffs’ allegations of violations of the Wiretap Act and the Stored Communications Act to be “deficient.”

To make a Wiretap Act claim, the plaintiffs would have to allege that Facebook intercepted actual “content” of users’ Internet browsing, but the judge sided with Facebook and agreed that intercepting only the header information of a web page does not constitute content under the law.

Likewise, while the SCA involves stored electronic data like e-mail messages, the judge found that it does not apply to tracking cookies.

If the plaintiffs can make actual Wiretap Act and SCA claims, the judge has given them until Nov. 30 to file an amended complaint.

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.