Facebook Must Face Wiretap Claims, Court Confirms

Handing a defeat to Facebook, a federal appellate court has refused to revisit its earlier ruling that the company may have violated federal and state privacy laws by tracking people via the “Like” button.

In a short order issued this week, the 9th Circuit Court of Appeals rejected Facebook's request for a new hearing in the matter. The appellate court said in the order that none of the judges in the 9th Circuit requested to vote on Facebook's application for reconsideration.

The decision leaves in place a ruling issued in April by a three-judge panel, which revived a class-action complaint claiming that Facebook violated several laws, including a federal statute that makes it illegal to intercept electronic communications without the consent of at least one party.

The battle dates to 2011, when several users alleged in a class-action complaint that Facebook infringed their privacy by collecting data about people through its social widget.



The consumers said Facebook gathered data about its users whenever they visited sites with a "Like" button, even if the users were logged out of the service.

The lawsuit came shortly after Australian developer Nic Cubrilovic reported that Facebook was able to identify users whenever they visited sites with the "Like" button. At the time, Facebook said that a "bug" allowed the company to receive data about logged-out users.

The company also promised to fix the bug, and said it never retained data that tied users' IDs to the sites they visited. (Facebook's practices subsequently changed; it currently collects some information from logged-out users.)

U.S. District Court Judge Edward Davila in San Jose, California dismissed the matter in 2017.

He ruled at the time that the complaint didn't support a conclusion that Facebook violated the federal wiretap law by interception communications, and that the users could prevent data transmissions by blocking cookies, using “incognito mode” browser settings, or installing privacy plug-ins.

Davila also said the users hadn't shown that they suffered an economic injury as a result of the alleged privacy violations.

The users then appealed to the 9th Circuit, which revived the bulk of the claims. The appellate judges ruled that the allegations, if true, could show that Facebook the federal wiretap law by intercepting communications without at least one party's consent.

The judges specifically rejected the idea that the “Like” button on a publishers' site meant Facebook was itself a party to the communications between the publishers and users.

The judges also said the users could proceed with allegations that Facebook violated California privacy laws, including one that prohibits companies from engaging in “intrusion upon seclusion” -- which occurs when companies intentionally make a “highly offensive” intrusion into a private matter.

But the judges noted that the “ultimate question” of Facebook's liability couldn't be decided without more facts.

Last month, Facebook asked for a new hearing in front of at least 11 of the Circuit's total judges. The company argued that the allegations, even if true, wouldn't prove a violation of the federal wiretap law.

“Numerous companies use cookies and referer header data to improve content they deliver to users,” Facebook wrote in a petition seeking review. “If entities are deemed to unlawfully 'intercept' a referer header each time a user is unaware that his browser sent it, many content providers will be subject to lawsuits seeking steep awards of statutory damages.”

Next story loading loading..