Judge faults Facebook in privacy case
A judge scolded Facebook for misconstruing his own rulings as he ordered the company to face a high-stakes trial accusing it of violating user privacy.
Monday’s ruling came the same day that the Menlo Park company suspended 200 apps that may have leaked private data on large groups of users without their consent, as it looks for potential breaches similar to the one involving Cambridge Analytica.
Facebook has misinterpreted prior court orders by continuing to assert the “faulty proposition” that users can’t win their lawsuit under an Illinois biometric privacy law without proving an “actual injury,” U.S. District Judge James Donato said in a ruling Monday. Likewise, the company’s argument that it’s immune from having to pay a minimum of $1,000, and as much as $5,000, for each violation of the law is “not a sound proposition,”
Meanwhile, the company suspended 200 apps, more fallout from the discovery that personal information from as many as 87 million Facebook users was improperly shared.
he said.
Under the Illinois Biometric Information Privacy Act, the damages in play at a jury trial set for July 9 in San Francisco could easily reach into the billions of dollars for the millions of users whose photos were allegedly scanned without consent.
Apart from his concerns about the “troubling theme” in Facebook’s legal arguments, Donato ruled a trial must go forward because there are multiple factual issues in dispute, including a sharp disagreement over how the company’s photo-tagging software processes human faces.
The users argue the technology necessarily collects scans of face geometry because it uses “regions” of faces to recognize them, according to the order. Facebook claims its software “learns for itself” what distinguishes different faces, he said.
“This is a quintessential dispute of fact for the jury to decide,” Donato wrote.
The judge said the users have “identified more than enough evidence to allow a reasonable jury to conclude their biometric data was harvested.”
Donato cited a Facebook research paper on its DeepFace program that he said the company agrees is “descriptive of its technology.” The users have also unearthed internal emails “indicating that Facebook understood it was collecting what is ‘normally referred to as biometric data,’ ” Donato wrote.
The users last month won the right to sue as a group. Donato referred to the ruling granting class-action status to again reject Facebook’s arguments that the case should be thrown out because it would require the company to change its practices for users outside of Illinois.
Facebook didn’t immediately respond to a request for comment on the ruling.
Meanwhile, the company suspended the 200 apps, more fallout from the discovery this year that personal information from as many as 87 million Facebook users was improperly shared with political consulting firm Cambridge Analytica. Facebook has begun looking back over thousands of apps that had similar access before the service’s policies changed in 2014.
CEO Mark Zuckerberg promised an examination of all its apps on March 21. As it goes through them, when concerns are flagged the company will conduct interviews and request more information about the details the app has access to and possibly perform on-site inspections of those app providers. The disclosure Monday in a blog post indicates the widespread impact of Facebook’s data sharing with developers.
The 200 apps are suspended pending an investigation into whether they did in fact misuse data. If evidence proves that they did, the apps will be banned from Facebook and people who used them will be notified, similar to the steps Facebook took in contacting people to let them know if their data was transferred to Cambridge Analytica.