A US court has revived a proposed lawsuit against Meta in connection with the Cambridge Analytica data breaches that rocked the company in 2018.
The class-action suit, reinstated on Wednesday by the 9th Circuit Court of Appeals in San Francisco, revolves around Meta’s controversial handling of user data with Cambridge Analytica, a now defunct political consultancy firm. It was brought by a group of Meta shareholders who accused the company of misleading users about the management of their personal data with the involvement of Cambridge Analytica.
The lawsuit claims Meta was aware that Cambridge Analytica had violated its policies, yet the tech conglomerate misleadingly suggested a potential “compromise” of user data when the reports of data leak surfaced. “The problem is that Facebook represented the risk of improper access to or disclosure of Facebook user data as purely hypothetical when that exact risk had already transpired,” the judge remarked.
The data breaches were first reported in 2015, and fully came to light in 2018. The episode elevated intense regulatory and critical scrutiny around Meta, which stood accused of violating the privacy of millions of its users. Meta faced allegations that it violated its own consumer privacy laws by sharing user data with Cambridge Analytica, which was allegedly misused by the firm to build voter profiles in the 2016 US presidential election.
In August 2022, Meta settled a major Cambridge Analytica privacy lawsuit for a staggering $725 million. The settlement arrived just weeks before Meta CEO Mark Zuckerberg, along with former Meta COO Sheryl Sandberg, was scheduled to be cross-examined in court. A number of tech accountability and digital safety experts termed the settlement a strategy to shield Zuckerberg from the court.
The lawsuit accused Meta (then known as Facebook) of harvesting and sharing “highly personal and revealing” data of users, including photos, videos posted or viewed, religious and political views, information regarding relationships, and even the exact words used by them in their messages. Meta responded by saying users could not claim privacy violations if they themselves posted their information on publicly accessible websites.
Meta’s arguments were later rejected by the court. The breaches reportedly impacted nearly 87 million users.
Meta was also fined a record $5 billion for the violations by the Federal Trade Commission (FTC).
