Facebook Lawsuit After Hack Must Not Include Damages – US Judge

A US federal judge has ruled that Facebook should not face financial damages in a lawsuit when hackers stolen user data last year.

Facebook was slapped with the lawsuit in August this year, after a breach in September 2018, when hackers were able to steal data from the Facebook accounts of 29 million people.

Facebook initially thought that the hackers had accessed 50 million accounts, but after an investigation the company revised this figure down to 29 million accounts.

Financial damages

The hackers were able to access a range of data depending on what people had on their profiles.

The stolen data included names, contact details (phone number, email etc); and in some cases username; gender; locale/language; relationship status; religion; hometown; self-reported current city; birthdate; device types used to access Facebook; education; work; the last 10 places they checked into or were tagged in; website, people or Pages they follow; and the 15 most recent searches.

The lawsuit had been filed in the US District Court for the Northern District of California in San Francisco.

But now Reuters reported that US District Judge William Alsup in San Francisco on Tuesday night ruled that neither credit monitoring costs nor the reduced value of stolen personal information was a “cognizable injury” that supported a class action for damages.

Judge Alsup also said damages for time users spent to mitigate harm required individualized determinations rather than a single classwide assessment.

However he did permit affected users to sue as a group to require Facebook to employ automated security monitoring, improve employee training, and educate people better about hacking threats.

Judge Alsup also reportedly rejected Facebook’s claim that these were unnecessary because it had fixed the bug that caused the breach.

“Facebook’s repetitive losses of users’ privacy supplies a long-term need for supervision,” at least at this stage of the litigation, Alsup wrote.

Allowing a damages class action could have exposed Facebook to a higher total payout.

Lawyers for the Facebook users, as well as Facebook itself, did not respond to Reuters request for comment.

GDPR fine?

It is not clear how many of those hacked are in Europe, but the data breach does raise the nightmare possibility for Facebook’s management of a General Data Protection Regulation (GDPR) fine in Europe.

The Irish Data Protection Commission, which is acting as the lead investigator on this side of the pond as Facebook has its European headquarters in Ireland, is investigating the breach.

Similar investigations are also reportedly underway in the US states of Connecticut and New York.

In Europe, the hack could result in Facebook being issued with a maximum fine of up to $1.63bn (£1.25bn), which is approximately 4 percent of its annual global revenue.

Quiz: Think you know all about Facebook?

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Google Jarvis AI Extension Leaked On Chrome Store

Seemingly accidental leak reveals Google is developing Jarvis AI extension that can browse the web…

3 hours ago

Amazon Mulls New Multi-Billion Dollar Investment In Anthropic – Report

Amazon is reportedly in talks to pump billions of dollars more into AI start-up Anthropic,…

6 hours ago

FTX’s Caroline Ellison Begins Her Two Year Prison Sentence

Star witness for the US prosecution of FTX founder Sam Bankman-Fried, has begun her two…

7 hours ago

More Layoffs For iRobot Staff After Abandoned Amazon Deal

After axing 31 percent of its workforce when it failed to be acquired by Amazon,…

24 hours ago

Mozilla Foundation Confirms Layoffs, Eliminates Advocacy Division

Mozilla Foundation axes 30 percent of its staff, and is eliminating its Advocacy Division that…

1 day ago

Google To Make MFA Mandatory Next Year

Improving security. Mandatory multi-factor authentication (MFA) is coming to the Google Cloud by the end…

1 day ago