Washington DC has sued Facebook for allowing political consultancy firm Cambridge Analytica access to the personal data of tens of millions of Facebook users without their permission.
“Facebook failed to protect the privacy of its users and deceived them about who had access to their data and how it was used,” Washington’s attorney general, Karl Racine, said in a statement released on Wednesday, December 19.
Racine added, “Facebook put users at risk of manipulation by allowing companies like Cambridge Analytica and other third-party applications to collect personal data without users’ permission.”
The suit, which was filed in DC Superior Court, invoked Facebook’s relationship with Cambridge Analytica, a firm that has been linked to President Donald Trump’s 2016 campaign.
The suit says the earlier data leak reflected a failure on Facebook’s behalf to protect user privacy and to follow DC’s own consumer protection rules.
In its lawsuit, Washington said it wanted to compel Facebook to take steps towards curbing any violation of consumer protection rules in the future, as well as pay restitution.
Racine told reporters that he wanted Facebook to develop “new protocols” to protect user data and said further that he hoped the suit would send a message to “other platforms in the broader technology space.”
“We’re reviewing the complaint and look forward to continuing our discussions with attorneys general in DC and elsewhere,” a Facebook spokesperson told CNN.
In March this year, reports emerged stating that Facebook exposed data of up to 87 million Facebook users to a researcher who worked at Cambridge Analytica, which worked for the Trump campaign.
Whistleblower Christopher Wylie revealed alleged malpractices within Cambridge Analytica. Wylie claimed that the data sold to Cambridge Analytica was then used to develop “psychographic” profiles of people and deliver pro-Trump material to them online. Cambridge Analytica has denied that any such data was used in connection to the Trump campaign.
How this could affect Facebook?
District attorney Racine said the maximum penalty under the act is $5,000 “per violation.” However, it was not immediately clear as to what may constitute a single violation according to the law.
Prosecutors said 852 users from Washington DC downloaded the misleading application provided by Cambridge Analytica, but data of approximately 3,40,000 people were collected because they were friends of those initial users through Facebook.
This could mean that Facebook could be staring at fines of up to $1.7 billion if all 3,40,000 instances are considered “violations” under the statute.
Facebook gave Netflix, Spotify access to personal data
The news of Facebook being sued comes after a recent report stated that the company “gave some of the world’s largest technology companies more intrusive access to users’ personal data than it has disclosed.”
As per the New York Times, Facebook allowed Microsoft’s Bing search engine to see the names of almost all Facebook users’ friends without consent. Facebook also allowed Netflix and Spotify to read Facebook users’ private messages.
In addition, the social network permitted Amazon to obtain users’ names and contact information through their friends. It also let Yahoo view streams of friends’ posts, despite public statements that it had stopped that type of sharing years earlier.
In all, the Times reported that between 2010 and 2018, Facebook gave more than 150 companies access to the personal data of its users. The range of intentionally shared data includes private messages, the identities of people in those messages, users’ contact information, friend lists, and even the content of friends’ posts.
Music streaming app Spotify still has the ability to access users’ Facebook Messenger content in order to allow people to share music through the platform.
Facebook’s recent struggles
Facebook has had a forgettable 2018. Several reports have debated whether a large platform like Facebook should be subject to regulation. Moreover, there has been increasing pressure on CEO Mark Zuckerberg to step down. This was after the company hired a Republican-owned political consulting and public relations firm that “dug up dirt on its competitors”.
In September 2018, Facebook witnessed its worst ever security breach after hackers stole digital login codes that gave them access to nearly 50 million user accounts. Reports stated that the company could face be fined up to $1.6 billion as a result of the breach.
Although Facebook claims to have taken steps to tackle misinformation, several employees oppose this statement. Journalists working as factcheckers for Facebook strongly wish to end the partnership with the social network, saying Facebook has ignored their concerns and has failed to use their expertise to combat misinformation.
“They’ve essentially used us for crisis PR,” said Brooke Binkowski, former managing editor of Snopes, a fact-checking site that partnered with Facebook for two years.
Binkowski told the Guardian, “They’re not taking anything seriously. They are more interested in making themselves look good and passing the buck … They clearly don’t care.”
Elton Gomes is a staff writer at Qrius