May 02, 2019

A federal judge in California must consider whether personal information is a form of currency and determine whether to advance a class action over a massive Facebook data breach.

Fighting litigation over a September 2018 hack that affected 29 million users, Facebook argues a liability-limiting clause in its terms of service is particularly strong and enforceable for a company that provides a free service, as the Ninth Circuit held last year in Darnaa LLC v. Google.

But five named plaintiffs say they pay for access to Facebook’s social network in the form of valuable personal data, which the company uses for targeted advertising and sells to third parties to make more than $40 billion in 2017 alone.

“Is it a cost to the consumer that they hand over all this personal information which is used by Facebook to sell to other people?” U.S. District Judge William Alsup asked in court Thursday.

. . .

In a hearing Thursday at the U.S. District Court for the Northern District of California, lawyers for a proposed class of hacked Facebook users urged Alsup to take a long, hard look at the social network’s business model as he decides whether the service is actually free of charge.

“The notion that this is a free service is a little outdated,” plaintiffs’ attorney Douglas McNamara said. “The currency is your information.”

McNamara, of Cohen Milstein Sellers Toll in New York, insisted that Facebook’s limitation-of-liability clause should be deemed “unconscionable” and “unenforceable” because it directly contradicts pledges the company has made about protecting user privacy.

Quoting the “Privacy Principles” posted on Facebook’s website, McNamara cited representations that the company “work[s] hard to keep your information secure” and is “accountable.”

The complete article can be accessed here.