Overview of Lawsuits Filed Against Facebook

Several lawsuits have been filed against Facebook, raising concerns about various aspects of the
company's practices and platforms. Below is a summary of some notable lawsuits:

In a joint lawsuit led by Colorado and California, 33 states filed a lawsuit against Meta, the parent
company of Facebook, Instagram, WhatsApp, and Messenger. The lawsuit alleges that Meta violated
consumer protection laws by unfairly targeting children and deceiving users about the safety of its
platforms1.

A class action lawsuit against Facebook reached a settlement. The lawsuit, titled "In re: Facebook,
Inc.," involved plaintiffs and defendant Facebook. The settlement was reached in the U.S. District
Court for the Northern District of California2.

Four individuals filed a lawsuit against Facebook in September 2020, alleging that the company failed
to remove two pages that incited violence against protesters3.

A total of 41 states, along with the District of Columbia, filed a lawsuit against Meta, accusing
Instagram and Facebook of causing harm to teenagers and children. The lawsuit highlights concerns
regarding the impact of these platforms on young users4.

The settlement of multiple lawsuits brought by users against Facebook has been reached. These
lawsuits alleged that Facebook improperly shared users' information. The settlement was announced
on August 25, 20235.

Another lawsuit against Facebook alleges that the company's developers sold user data to Cambridge
Analytica, a former political consulting firm. The settlement of this lawsuit has been reported6.

These lawsuits represent some of the legal challenges faced by Facebook in recent years, highlighting
concerns over consumer protection, privacy, and the impact on young users.

lawsuits filed against Facebook - Google Search

Logo

www.google.com

Facebook Privacy Settlement Information | United States District Court, Northern District of
California

Logo

www.cand.uscourts.gov

Lawsuits involving Meta Platforms - Wikipedia

Logo

en.wikipedia.org
3

Lawsuit against Meta: States say Facebook, Instagram harms teens, kids

Logo

www.usatoday.com

Facebook users can now claim settlement money. Here's how. - CBS News

Logo

www.cbsnews.com

Facebook users can apply for their portion of a $725 million lawsuit settlement : NPR

Logo

www.npr.org

Overview of Lawsuits Filed Against Facebook

Multiple lawsuits have been filed against Facebook, its parent company Meta, and its platforms
including Instagram, WhatsApp, and Messenger. These lawsuits have raised concerns about various
issues such as consumer protection, safety of platforms, content moderation, privacy violations, and
data sharing.

One joint lawsuit led by Colorado and California, filed by 33 states in the U.S. District Court for the
Northern District of California, accused Meta of violating consumer protection laws. The lawsuit
alleged that Facebook, Instagram, WhatsApp, and Messenger unfairly targeted children and deceived
users about platform safety1.

In September 2020, four individuals filed a lawsuit against Facebook, claiming that the company
failed to remove pages that encouraged violence against protesters2.

Another series of lawsuits were brought against Facebook by users who claimed that the company
improperly shared their data. These lawsuits resulted in a settlement3.

Furthermore, a total of 41 states and the District of Columbia filed a lawsuit against Meta, specifically
targeting Instagram and Facebook. The lawsuit alleged that these platforms have harmed teenagers
and children4.

Additionally, a $725 million privacy settlement related to Facebook has received half a million
rejection letters from claimants. This ongoing settlement has raised concerns about Facebook's
privacy practices5.

One lawsuit against Facebook alleged that the company's developers sold user data to Cambridge
Analytica, a former political consulting firm. This lawsuit led to a settlement6.
These lawsuits and settlements highlight the legal challenges Facebook and its platforms have faced
regarding various aspects such as consumer protection, content moderation, privacy, and data
sharing. The outcomes of these legal actions have significant implications for the company's practices
and the protection of users' rights.

lawsuits filed against Facebook - Google Search

Logo

www.google.com

Lawsuits involving Meta Platforms - Wikipedia

Logo

en.wikipedia.org

Facebook users can now claim settlement money. Here's how. - CBS News

Logo

www.cbsnews.com

Lawsuit against Meta: States say Facebook, Instagram harms teens, kids

Logo

www.usatoday.com

$725M Facebook Settlement Receives Final Approval | Kiplinger

Logo

www.kiplinger.com

Facebook users can apply for their portion of a $725 million lawsuit settlement : NPR

Logo

www.npr.org

6
https://www.reuters.com/legal/facebook-parent-meta-pay-725-mln-settle-lawsuit-
relating-cambridge-analytica-2022-12-23/
https://en.wikipedia.org/wiki/Facebook
%e2%80%93Cambridge_Analytica_data_scandal

Dec 23 (Reuters) - Facebook owner Meta Platforms Inc (META.O) has agreed to
pay $725 million to resolve a class-action lawsuit accusing the social media giant
of allowing third parties, including Cambridge Analytica, to access users' personal
information.

The proposed settlement, which was disclosed in a court filing late on Thursday,
would resolve a long-running lawsuit prompted by revelations in 2018 that
Facebook had allowed the British political consulting firm Cambridge Analytica to
access data of as many as 87 million users.

Lawyers for the plaintiffs called the proposed settlement the largest to ever be
achieved in a U.S. data privacy class action and the most that Meta has ever paid to
resolve a class action lawsuit.

"This historic settlement will provide meaningful relief to the class in this complex
and novel privacy case," the lead lawyers for the plaintiffs, Derek Loeser and
Lesley Weaver, said in a joint statement.

Meta did not admit wrongdoing as part of the settlement, which is subject to the
approval of a federal judge in San Francisco. The company said in a statement
settling was "in the best interest of our community and shareholders."

"Over the last three years we revamped our approach to privacy and implemented a
comprehensive privacy program," Meta said.

Cambridge Analytica, now defunct, worked for Donald Trump's successful

presidential campaign in 2016, and gained access to the personal information from
millions of Facebook accounts for the purposes of voter profiling and targeting.

Cambridge Analytica obtained that information without users' consent from a

researcher who had been allowed by Facebook to deploy an app on its social media
network that harvested data from millions of its users.

The ensuing Cambridge Analytica scandal fueled government investigations into

its privacy practices, lawsuits and a high-profile U.S. congressional hearing where
Meta Chief Executive Mark Zuckerberg was grilled by lawmakers.
In 2019, Facebook agreed to pay $5 billion to resolve a Federal Trade Commission
probe into its privacy practices and $100 million to settle U.S. Securities and
Exchange Commission claims that it misled investors about the misuse of users'
data.

Investigations by state attorneys general are ongoing, and the company is fighting a
lawsuit by the attorney general for Washington, D.C.

Thursday's settlement resolved claims by Facebook users that the company

violated various federal and state laws by letting app developers and business
partners harvest their personal data without their consent on a widespread basis.

The users' lawyers alleged that Facebook misled them into thinking they could
keep control over personal data, when in fact it let thousands of preferred outsiders
gain access.

Facebook argued its users have no legitimate privacy interest in information they
shared with friends on social media. But U.S. District Judge Vince Chhabria called
that view "so wrong" and in 2019 largely allowed the case to move forward.

The settlement covers an estimated 250 to 280 million Facebook users, according
to Thursday's court filing. How much an individual user receives will depend on
how many people submit valid claims for a share of the settlement.

Lawyers for the plaintiffs say they plan to ask the judge to award them up to 25%
of the settlement as attorneys' fees, equalling about $181 million.

Facebook–Cambridge Analytica data scandal1

1
https://www.reuters.com/legal/facebook-parent-meta-pay-725-mln-settle-lawsuit-relating-cambridge-analytica-2022-12-

23/
Meta Platforms Inc, the corporation behind Facebook, has agreed to pay $725 million to
resolve a lawsuit accusing them of allowing third companies to access users' personal
information, including Cambridge Analytica. This agreement follows reports in 2018 that
Facebook allowed Cambridge Analytica access to data from approximately 87 million users.
The payment, reported in a recent court filing, is thought to be the largest in a data privacy
class action in the United States. However, as part of the deal, the business did not admit any
wrongdoing. They said that reaching an agreement was in the best interests of their
community and stockholders.
During Donald Trump's 2016 presidential campaign, Cambridge Analytica gathered user data
without authorization for the purpose of profiling and targeting voters. The data was gathered
using a Facebook-approved app on its platform. This agreement addresses charges that
Facebook violated federal and state regulations by enabling third parties to access users'
personal information without their consent. Based on legitimate claims, the settlement cash
will be awarded to an estimated 250 to 280 million impacted users.
Several governments demanded accountability from Cambridge Analytica regarding how
they used breached data in politics. Meanwhile, affected people in various parts of the US
took legal action. The UK fined Facebook for not safeguarding user data, and the US
Attorney General accused Facebook of knowing about these practices in advance.
Responding to the breach, the FTC slapped Facebook with a $5 billion fine for repeated
privacy breaches and enforced a 20-year settlement order. They also sued individuals linked
to Cambridge Analytica, leading to agreements limiting their future business and deleting
collected data. Additionally, Facebook settled with the SEC for $100 million over claims of
misleading investors about data risks since 2015.

To the extent stated, the motion to dismiss is GRANTED IN PART AND DENIED IN PART . Only plaintiff
Adkins may proceed with his claims. Plaintiff Bass has not adequately alleged standing. For plaintiff
Bass to proceed, he must specify a connection to the data breach. Leave to amend will be allowed for
him to attempt to do so. Excluding standing, the order holds as follows.

First , the four breach of contract *1041 claims and the breach of confidence claim cannot move
forward because of the limitation-of-liability clause. Leave to amend will be allowed, however,
because facts may conceivably be alleged which go towards determining whether procedural
unfairness existed upon entering into the contract. Second , turning to the next two claims,
negligence and negligence per se, these survive the motion to dismiss as a single claim. The
limitation-of-liability clause does not preclude negligence here because contracts that limit liability
without mentioning negligence specifically narrow the scope of liability based on a severe factual
determination. Some circumstances will bar the claim under the clause. Some will cause the claim to
survive the clause. So, this order takes a discovery-first approach to whether the clause applies to the
negligence claim. Moving past the waiver, negligence has been plausibly alleged. Third , turning to
the next two claims, the Section 17200/CLRA claims are barred because the only harm plaintiff
plausibly alleged is risk of future harm and loss of time. Both of these statutes, however, require
economic injury (money/property). Plaintiff Adkins may seek leave to amend. Fourth , the last claim
is for declaratory judgment. This claim survives because the rights of the parties remain unknown at
this early stage. In sum, only the dual claims for negligence and declaratory judgment survive the
motion to dismiss. Negligence per se survives as a theory of the asserted negligence claim but not as
a standalone claim. The rest of the claims are dismissed with leave to amend as set forth below.
Discovery should be moving with alacrity.

- Learning objectives for students

The Facebook Data Breaches involve breaches of several laws and regulations pertaining to privacy, data
protection, and ethical standards. Some of the key laws and regulations that might have been breached include:

General Data Protection Regulation (GDPR):

GDPR, implemented by the European Union, governs the protection and privacy of personal data. Breaches in
obtaining proper user consent, inadequate data security leading to unauthorized access, and failure to report
breaches within the stipulated time could violate GDPR.

Consumer Data Protection Laws:

Various countries have specific consumer data protection laws that regulate how companies handle user data.
Breaches might include unauthorized data collection, insufficient data security measures, or failure to provide
users with control over their data.

Federal Trade Commission (FTC) Act:

In the United States, the FTC Act prohibits unfair or deceptive practices in commerce. Facebook's handling of user
data, especially if it involves deceptive practices or inadequate protection despite promises made to users, could
be a breach of this act.

Data Breach Notification Laws:

Many jurisdictions have laws requiring companies to notify users and authorities about data breaches within a
certain timeframe. Failure to promptly report the breach could violate these laws.

Securities Laws and Regulations:

Misleading investors or withholding material information related to data security and breaches could breach
securities laws, requiring companies to provide accurate and timely information to shareholders and investors.

Ethical Guidelines and Codes of Conduct:

Violations of ethical standards related to user trust, transparency in data handling, and respecting user privacy
expectations can also be considered breaches, even if not explicitly regulated by law.

Communications Privacy Laws:

Depending on the specifics of the breach, laws that protect the privacy of electronic communications might be
relevant if unauthorized access to communications or user accounts occurred.
These breaches touch on various legal and regulatory frameworks designed to protect user privacy, ensure data
security, and maintain ethical standards in the handling of personal information. The complexity of the breaches
often involves violations across multiple jurisdictions and regulations, leading to significant challenges in
addressing the aftermath and holding accountable the responsible entities.

- Discussion questions for class engagement

- Analysis of key concepts and principles

1. Data Privacy and Protection:
 Understanding the significance of safeguarding personal information,
user consent, data encryption, and secure storage practices.
2. Ethical Considerations:
 Evaluating the ethical implications of data handling, including
transparency in data usage, respecting user privacy, and the ethical use
of data for targeted advertising or political purposes.
3. Regulatory Compliance:
 Exploring compliance with data protection laws like GDPR, CCPA, or the
FTC Act, and analyzing how breaches align with regulatory frameworks.
4. Breach Impact and Notification:
 Assessing the impact of breaches on affected users, the timeliness and
adequacy of breach notifications, and the steps taken to mitigate
damages.
5. User Trust and Engagement:
 Analyzing the effect of breaches on user trust in the platform, changes
in user behavior, and the subsequent impact on user engagement and
platform loyalty.
6. Legal Implications and Accountability:
 Examining the legal consequences, including potential fines, lawsuits,
and regulatory actions against the company responsible for the breach.
7. Corporate Responsibility and Governance:
 Assessing the role of corporate responsibility in ensuring data
protection, examining governance structures, and evaluating corporate
responses to breaches.
8. Technological Safeguards:
 Discussing technological measures such as encryption, access controls,
and authentication methods to prevent breaches and secure user data.
9. Public Policy and Regulatory Changes:
  Analyzing how breaches influence public policy discussions, regulatory
changes, and the evolution of data protection laws to prevent similar
incidents.
10. Consumer Education and Awareness:
 Highlighting the importance of consumer education on data privacy,
promoting awareness about data protection practices, and
empowering users to safeguard their information.

- Recommended additional readings and resources