Facebook tries to recover bulk user data seized by New York law enforcement

Facebook has filed an appeal for the return of the data and for a ruling on several legal points

Facebook user data in bulk was sought last year by the New York County District Attorney's office and a court directed it to produce virtually all records and communications for 381 accounts, the company disclosed Thursday.

The social networking giant is now asking the court for the return or destruction of the data as well as a ruling on whether the bulk warrants violated the Fourth Amendment to the U.S. Constitution and other laws. The Fourth Amendment prohibits unreasonable searches and seizures of property.

The company said that since last July it has been fighting a set of sweeping search warrants issued by the Supreme Court for New York County that demanded that it turn over to law enforcement nearly all data from the accounts of the 381 people, including photos, private messages and other information.

Facebook was also prohibited from informing the targeted persons, who included "high schoolers to grandparents, from all over New York and across the United States," and electricians, school teachers, and members of the country's armed services.

Of the 381 people whose accounts were covered under the warrants, 62 were later charged in a disability fraud case, Facebook's deputy general counsel Chris Sonderby wrote in a post on Thursday.

The request from New York is described by the company as the largest it has received, "by a magnitude of more than ten."

The social networking company last Friday asked the appellate division of the New York State Supreme Court to force the government to return the data it has seized and retained.

The government's own investigation confirms "that most of the Facebook user data seized by the Government is irrelevant to the charges alleged, and the search warrants are overbroad and constitutionally defective," the company wrote in the court filing.

After Facebook filed the appeal, the government unsealed the warrants and all court filings, which has enabled Facebook to notify the people whose accounts were affected about the warrants and its ongoing legal efforts, Sonderby wrote.

Facebook's appeal focuses on whether it has the standing to challenge the warrants, whether the warrants, which authorized collection of large amounts of personal information and communications without an "apparent connection to the crimes under investigation, or procedures requiring the return of the seized information" are in violation of the Fourth Amendment, and whether the gag provisions of the warrants violate the Stored Communications Act and the First Amendment.

The trial court had ruled in the negative on these issues, Facebook wrote in the filing. In an order dated Sept. 17 last year, Judge Melissa C. Jackson denied Facebook's motion to quash the 381 search warrants and required Facebook to locate and produce user information.

Facebook claims it has standing to contest the warrants for a number of reasons, including third-party standing that "will avoid diluting the constitutional rights of hundreds of individuals whose personal information has now been seized by the Government without their knowledge."

"The vast scope of the Government's search and seizure here would be unthinkable in the physical world," Facebook wrote in its filing, comparing the demand for all communications and information in 24 broad categories from the 381 targeted accounts as the digital equivalent of seizing everything in someone's home.

"Sometimes 'come back with a warrant' is not enough," wrote digital rights group Electronic Frontier Foundation in a blog post. "The warrant must also conform to constitutional limitations, narrowly seeking evidence of a crime with particularity, based on probable cause."

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com

Join the CSO newsletter!

Error: Please check your email address.

Tags regulationsecuritylegalgovernmentprivacyFacebook

More about Electronic Frontier FoundationFacebookIDG

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John Ribeiro

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts