Class action suit hits Facebook and affiliates with breach of privacy
The biggest and most significant legal action against now-leading social network Facebook was filed on Tuesday, and will actually test the theory of whether its Beacon behavior sharing program constituted a criminal conspiracy.
On Tuesday, a group of 18 California residents including some who publicly complained last year that Facebook's controversial Beacon feature was sharing too much of their personal online habits with the rest of the world, sued Facebook and many of its more prominent Beacon partners, including Blockbuster and Overstock.com. They're not only claiming Facebook and its partners conspired to invade their privacy, but they're citing a California penal code that may have been originally intended to outlaw information-gathering Trojan horse programs, in a move which could leave Beacon's participants criminally liable.
"Pursuant to California Penal Code...a 'computer contaminant' means any set of computer instructions that are designed to...record, or transmit information within a computer, computer system, or computer network without the intent or permission of the owner of the information," Tuesday's lawsuit filing reads. "Defendants have violated California Penal Code...by knowingly and without permission introducing a computer contaminant into the transactions between Plaintiffs and the...defendants."
What Beacon did -- and what nobody is disputing -- is deploy a Web browser-based scheme that waited until it received an indication that its user was doing something on a Beacon affiliate's Web site, such as purchasing an item or looking through a given catalog page or watching a video. There was a particular event code for each action, and that code was then transmitted to Facebook. Although users were supposed to be notified that this was happening by way of pop-ups, the lawsuit claims, no such pop-ups generally appeared.
The suit claims that Beacon transmitted behavior data on all users of Facebook's affiliate sites, not just Facebook subscribers, to the databases for those sites.
One of the plaintiffs is the person who complained about Overstock.com spoiling his Christmas surprise for his wife by broadcasting his purchase to everyone on his Facebook list (early reports had the roles reversed).
Using boilerplate language that appears gleaned from lawsuits against suspected hackers, the class-action suit seeks restitution for plaintiffs, including full disgorgement of the defendants' ill-gotten gains that the alleged "contaminant" may have pilfered. Specifically, the suit attempts to classify Facebook's cookies and its reporting mechanism as this contaminant.
Defendants specifically named in the suit include Overstock.com; Blockbuster; movie ticket service Fandango; travel services Hotwire and Travel, Inc.; shoe retailer Zappos; and video game retailer Gamefly. Forty other unnamed defendants were listed as "John Does 1-40."