Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook Sued For Violating Wiretap Laws

Posted by samzenpus on from the join-the-club dept.

An anonymous reader writes "Facebook is being sued in multiple states for tracking its users even after they logged out of the service. All the lawsuits allege the company violated federal wiretap laws. The most recent lawsuit, filed by a Mississippi woman, says: 'Leading up to September 23, 2011, Facebook tracked, collected, and stored its users’ wire or electronic communications, including but not limited to portions of their internet browsing history even when the users were not logged-in to Facebook. Plaintiff did not give consent or otherwise authorize Facebook to intercept, track, collect, and store her wire or electronic communications, including but not limited to her internet browsing history when not logged-in to Facebook.'"

17 of 284 comments (clear)

  1. sorry no by Osgeld · · Score: 4, Funny

    There is no way we can let go of this invaluable resource over a few lawsuits. Clearly the wiretap laws need to be changed or we will not have our greatest resource ... worthless information for dumb fuck advertising!

    1. Re:sorry no by MacGyver2210 · · Score: 3, Informative

      With one free plugin it becomes worthless information with no advertising.

      Or if you're in the entertainment or media business, it can become useful information with no advertising.

      http://www.adblockplus.com/

      --
      If the only way you can accept an assertion is by faith, then you are conceding that it can't be taken on its own merits
    2. Re:sorry no by rtb61 · · Score: 4, Insightful

      The best way to crack down on advertising is perhaps not to block it but to force total truth in advertising. No lies, no exaggerations, no false associations, no people recommending who do not provide proof on continued use of the product and required warnings for any known problems with the product to be included in the adds.

      Adds should be restricted to informing people about a product, not about manipulating people especially children, not about false product qualities, not about people lying about using the product and, in fact not about anything that company can not prove to be true about the product.

      --
      Chaos - everything, everywhere, everywhen
  2. Dumb Question by Anonymous Coward · · Score: 4, Interesting

    Dumb-question guy here: how can a web site gather users' "internet browsing history even when the users were not logged-in to Facebook"?

    1. Re:Dumb Question by Beryllium+Sphere(tm) · · Score: 5, Insightful

      Put a "Like" button on every page they visit and store the Referrer field when the button gets downloaded.

    2. Re:Dumb Question by icebraining · · Score: 4, Informative

      See those Facebook "Like" buttons everywhere? They have Javascript loaded from Facebook's website. Even if you're not logged in, it creates a cookie with a random ID, which is then read when you access other sites with the button.

      It's easy to reproduce, if they haven't changed it from a month ago: log off from FB, delete all cookies from their domains (fbcdn*, facebook*) and then load some pages with their button.
      It worked for me even though I didn't even have an account.

      --
      Dilbert RSS feed
    3. Re:Dumb Question by tomhudson · · Score: 4, Informative

      "when the button gets downloaded"

      Which you *do not have to do*.

      It happens automatically. See the "Like" button? It's because it's already been downloaded - even if you NEVER dealt with facebook. Facebook even tracks users vi IP+browser fingerprinting who they can't tie to an existing account so that if/when you DO sign up, they can match that history with you. Totally illegal.

    4. Re:Dumb Question by Jane+Q.+Public · · Score: 5, Insightful

      That is correct as far as it goes. But the problem there is that you have no way to know, ahead of time, what sites might have Like buttons and what sites not. By the time the page is downloaded, and you see the Like button there, it already has you tracked.

      Currently, the only way to prevent that is to use a script blocker to block Facebook's javascript from running. Which I do. But it's not a satisfactory solution... they should only be able to track you if you give your explicit permission. What they are doing now is sneaky and unethical, given that most people don't even know they're doing it.

    5. Re:Dumb Question by Jane+Q.+Public · · Score: 4, Informative

      Probably the most popular one for Firefox is NoScript. I don't know about Chrome.

    6. Re:Dumb Question by psiclops · · Score: 3, Insightful

      i could wear a suit of armour to prevent injury from someone stabbing me.

      that does not mean that someone should not be charged for stabbing me.

      --
      i spent five minutes thinking and all i got was this crappy sig
    7. Re:Dumb Question by houghi · · Score: 4, Informative

      In your hosts file:
      # Block Facebook
      127.0.0.1 www.facebook.com
      127.0.0.1 facebook.com
      127.0.0.1 static.ak.fbcdn.net
      127.0.0.1 www.static.ak.fbcdn.net
      127.0.0.1 login.facebook.com
      127.0.0.1 www.login.facebook.com
      127.0.0.1 fbcdn.net
      127.0.0.1 www.fbcdn.net
      127.0.0.1 fbcdn.com
      127.0.0.1 www.fbcdn.com
      127.0.0.1 static.ak.connect.facebook.com
      127.0.0.1 www.static.ak.connect.facebook.com

      This is an opt-out and should never be happening.

      --
      Don't fight for your country, if your country does not fight for you.
  3. Misuse of wiretapping law. by BitterOak · · Score: 3, Insightful

    As much as I dislike Facebook's rampant disregard for users' privacy, this is simply not what the wiretapping law is about. The wiretapping law is meant to cover interception by a third party of communications between two other non-consenting parties. What Facebook did is entirely different. With the consent of certain websites, the cookie mechanism is used to inform Facebook when users visit these sites. Facebook is not intercepting and recording any communications.

    Many of us might not like Facebook, and may see this lawsuit as a victory, but misapplication of federal computer and communication laws sets a dangerous precedent for anyone who uses the Internet. Do something that pisses someone off? The Feds will find a law and twist it to make it fit your actions. If new laws are needed to cover emerging technologies, they should be considered by appropriate legislative and regulatory bodies. Then people can comply with the law or face the consequences. But if laws can be twisted to cover any behavior we don't like, it makes it difficult for anyone to be sure they are in compliance with the law.

    --
    If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
    1. Re:Misuse of wiretapping law. by Nidi62 · · Score: 5, Interesting

      If new laws are needed to cover emerging technologies, they should be considered by appropriate legislative and regulatory bodies. Then people can comply with the law or face the consequences. But if laws can be twisted to cover any behavior we don't like, it makes it difficult for anyone to be sure they are in compliance with the law.

      But how can you know if a new law is required to cover a new technology without a judicial test of the existing laws? That is what the courts are designed to do: test and apply the laws to a given situation. Let this go to trial. If the courts shoot down the lawsuit due to these laws not applying, then you can go ahead and get new legislation passed.

      --
      The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
    2. Re:Misuse of wiretapping law. by Bill+Dimm · · Score: 5, Insightful

      With the consent of certain websites, the cookie mechanism is used to inform Facebook when users visit these sites.

      Is that true? Did the website operators displaying a Facebook "like" button actually know that it allowed their site users to be tracked by Facebook even if the button was not clicked? The tech-savvy ones might have realized that that was a possibility, but I would guess that a lot of website operators put the button on their pages to allow their users to "like" a page, not for the purpose of allowing Facebook to track them. Car analogy: If I give my car keys to a mechanic to change the car's oil, that doesn't mean I've consented to having him install a GPS tracker so he can monitor me.

    3. Re:Misuse of wiretapping law. by Jane+Q.+Public · · Score: 3, Informative

      "Facebook is not intercepting and recording any communications."

      Yes, it is, at least in a sense.

      Facebook is recording your IP, What sites you visit, and when. While it isn't recording any other communications, it doesn't need to in order to violate privacy.

      What Facebook is doing is equivalent to a Pen Register used on telephones. The Pen Registers record what calls are being made, when, and to what number. But they don't record any actual conversations.

      But even Pen Registers are illegal, and can only be used by Law Enforcement under strict conditions. The standard of evidence for allowing use of a Pen Register is lower than for actually tapping a phone line and listening to the conversations, but it is still legal only for law enforcement and it still requires due process, meaning they have to petition a judge for permission, and explain their evidence.

  4. Re:Cookies cannot "unlawfully intercept" anything by hedwards · · Score: 3, Informative

    That's not true. Unless you avoid websites that have those obnoxious like buttons on them there's no way of avoiding them without blocking those domains and the related cookies. Which most people wouldn't do as they have no idea that they're being tracked by them.

    Worse is that historically they track people who are logged out of FB or don't have an account to begin with.

  5. Re:Cookies cannot "unlawfully intercept" anything by Jane+Q.+Public · · Score: 5, Informative

    "The user is intentionally using software that sends tracking information (cookies) to Facebook"

    No, that is not the case at all. If it were, this would be a different story.

    We're talking here about third-party cookies. These are images that come from servers OTHER THAN the one you are visiting. But when that image is downloaded from that foreign server, it gets a record of your ip and what the referring domain is.

    The issue here is that while you can control what websites you visit, you have no control over what image bugs or javascript they install on their site, nor is there any way to tell in advance what they are. So you aren't voluntarily doing anything at all; in fact most of the time you probably don't even know it is happening. That does not fit the definition of "intentional". On the contrary; it is downright sneaky.

    Tracking bugs like that are completely unethical, and if they are not in fact illegal they should be.