Commentary

Class-Action Lawyers Accuse Facebook Of Tracking Logged-Out Users

Facebook has been hit with two separate potential class-action lawsuits alleging that it unlawfully tracked users after they had logged out of the service.

Both cases were filed on Friday by users who allege that the social networking company violates various laws, including the federal wiretap one. One lawsuit was brought by Web user Chandra Thompson in federal district court in Missouri. The other case, filed in federal court in San Jose, Calif., was brought by a coalition of seven users -- Perrin Aikens Davis, Petersen Gross, Tommasina Iannuzzi, Brian K Lentz, Lisa Sabato, Jennifer Sauro and Tracy Sauro.

The lawsuits were filed the same week that Australian developer Nic Cubrilovic publicized research showing that Facebook received information about users -- including their IDs -- whenever they visited sites with a Like button or other social widget, even when the users had logged out.

After he blogged about his findings, Facebook quickly said it would fix the "bug" that allowed it to receive data about logged-out users. The company also denied "tracking" users, saying that it immediately destroyed any information it received about people who were logged out.

Nonetheless, the fact remains: Facebook received data about sites visited by logged-out users. What's more, even though Cubrilovic says he reported the matter to Facebook on at least two occasions in the last year, the company didn't take action until he posted about his findings.

The revelations didn't just spur class-action lawyers to action. Last week Reps. Ed Markey (D-Mass.) and Joe Barton (R-Texas) called for the Federal Trade Commission to probe the company for allegedly tracking users who had logged out. A coalition of privacy groups additionally called for an investigation.

Now that the matter is in court, Facebook could be forced to rethink its approach to privacy even if the FTC doesn't investigate. In the last few years, class-action lawyers have successfully challenged other questionable privacy practices. Consider the history of Flash cookies. In 2009 researchers detailed how some Web companies were able to use hard-to-delete Flash cookies to circumvent users' privacy settings. FTC officials criticized that practice, but haven't yet publicly brought an enforcement action.

Class-action lawyers, however, filed four lawsuits. All of them resulted in settlements and promises to avoid using Flash cookies to track people who don't wish to be tracked.

Next story loading loading..