Facebook made of Teflon when it comes to privacy, analysts say

Social network sued for allegedly scanning users' private messages

Facebook is being sued for allegedly intercepting users' private messages, following links and sharing the information with advertisers and marketers.

But analysts are doubtful that such accusations will be enough to make users abandon the social networking site.

Facebook scans users' private messages, follows any links in the messages to third-party Web sites and uses the information to build user profiles that are then shared with third parties, according to the suit brought by Facebook users Matthew Campbell and Michael Hurley on Dec. 30 in federal court in San Jose. The suit also seeks to be certified as a class action on behalf of all Facebook users in the U.S. who have sent or received private Facebook messages that included a URL in the content of the message.

"The right of privacy is a personal and fundamental right in California and the United States," the complaint states. "An individual's privacy is directly implicated by the collection, use, and dissemination of personal information. Defendant Facebook, Inc. has systematically violated consumers' privacy by reading its users' personal, private Facebook messages without their consent."

The complaint further states that contrary to Facebook's claims of offering users the ability to send and receive private messages, those messages are intercepted to cull information about the users' communications, not to facilitate communications but to make money off users' messages.

Independent security researchers looked into Facebook's practices, according to the plaintiffs. The lawsuit seeks an injunction against Facebook's practices and either $100 a day for each day of alleged violation or $10,000, for each user affected.

"The complaint is without merit and we will defend ourselves vigorously," said a Facebook spokeswoman in an email to Computerworld.

Jeff Kagan, an independent industry analyst, noted that if the allegations are upheld in court, it will be another instance of Facebook disregarding users' privacy.

"This is yet another slap in the face to customers," said Kagan. "Previous slaps have not cost them anything. Will this? I don't think so. However at some point, some day, they will cross over the line and when they do, they will start losing customers quickly."

Today, though, is not likely to be that day, he added.

Privacy is dead, Kagan said, and it's largely because users don't read the multi-page and often confusing terms of use agreements before signing up to any site or service.

"Users leave themselves open to this kind of abuse," he said. "That's the problem. The marketplace complains, but doesn't go away. So with no real price to pay, Facebook keeps misbehaving. Who's fault is it? Theirs for doing it and ours for letting them get away with it."

Rob Enderle, an analyst with the Enderle Group, said users should be aware that free services aren't really free. If people aren't paying out of their pocket, they'll pay another way.

"Ad-funded companies need to generate revenue, and they do so by mining the content they have access to," Enderle said. "In exchange, you get access to the product for free. Once you know this is going on, you can either decide not to use the service or to moderate what you share with them. This hurts because most folks don't really understand what they signed up for and feel violated as a result. Sometimes you do need to read the fine print."

Consumers need to remember that with services like Facebook, the real customers are the advertisers, not the users, he said.

Enderle, like Kagan, said users aren't going to leave Facebook for this kind of infraction. They haven't in the past and it's unclear what privacy infraction would force users, who connect with family and friends on the world's largest social network, to ditch it for another site.

This article, Facebook made of Teflon when it comes to privacy, analysts say, was originally published at Computerworld.com.

Sharon Gaudin covers the Internet and Web 2.0, emerging technologies, and desktop and laptop chips for Computerworld. Follow Sharon on Twitter at @sgaudin, on Google+ or subscribe to Sharon's RSS feed. Her email address is sgaudin@computerworld.com.

See more by Sharon Gaudin on Computerworld.com.

Read more about social media in Computerworld's Social Media Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags Internet-based applications and servicessecuritylegalsocial mediainternetprivacyFacebook

More about FacebookGoogleInc.Topic

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Sharon Gaudin

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place