US Court Rules Facebook Widgets Can Be Considered Wiretaps

For a long time, different people would typically give you different answers about which Silicon Valley giant is, definitively, The Worst. Recently though, Facebook seems to be the name that comes up first in a lot of people's minds, for any number of reasons. Maybe it's the way the company's CEO just stood there while a sitting American president actively called for people of colour to be murdered on his platform. Maybe it's because one of the chairs on its Oversight Board throws around the occasional racial slur. Maybe it's just because you think VR headsets look like shit.

Or maybe it's because there's a pretty good chance the company may have kind of accidentally wiretapped you. Repeatedly. At least, that's according to the 9th Circuit of Appeals in the US, who issued a short order earlier this week ignoring the company's plea to reconsider whether it potentially violated multiple US federal and state privacy laws by stuffing across the web.

This is the latest leg of a long-running legal saga that stretches all the way back to 2011, when a handful of Facebookers filed their own class action suits against the company, claiming that the bevy of plugins Facebook offers websites and apps looking to make a quick buck are hardwired to target and track any visitor that might be passing through – regardless of whether or not they might have a Facebook profile themselves.

In the nine years(!) since this was written, we've all seen the real, substantial harm political or otherwise – that can come packaged with something as boring as a little Facebook “Like” button squeezed somewhere on a page. This is why it might be kind of a shock to hear that this lawsuit was eventually dismissed back in 2017. There are a few reasons that the judge overseeing the case, Edward Davila, decided to throw things out of court, but the one that aged the worst – at least in my opinion – is that anyone who's creeped out by a Facebook widget can just use something like “incognito” mode, or install an ad blocker: basic practices that we've seen time and again mean nothing to Facebook's data-driven machine.

This led to a new appeal with the 9th Circuit with a new judge that was a bit less forgiving about the whole potential wiretap thing. Facebook, for its part, denied that any of its trackers “intercepted” or got in the way of any web surfers and the sites where that surfing happened. Without interception, wiretapping can't happen – at least if you take the law literally.

But ultimately, that's not the point, as the judge points out in his response (emphasis ours):

The most Facebook does is to identify (and then exaggerate) a circuit split on a narrow issue of law, but never explains why any Justice […] would [support] Facebook's position. Facebook antiseptically frames the question as whether a defendant can “wiretap” a communication that it receives directly from a plaintiff. But Facebook's business practices (and the allegations in the complaint) present a very different question.

Plaintiffs were not communicating with Facebook but instead communicating with other websites. Plaintiffs then alleged (and Facebook does not dispute) that Facebook code embedded on those sites secretly directed Plaintiffs' browsers to copy the communications in real time (to “intercept” them) and send the copies to Facebook

Or put another way, if you're browsing around a site where there might be a little hidden widget quietly tracking who you are and the actions you take and then sending that data somewhere else, well, that sure does sound a lot like the wiretapping of yesteryear, just put under another name. It's almost like, at long last, the legal system understands just how much power these companies have – and it looks like they're just as tired of them as the rest of us.

You might also like

Comments are closed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. AcceptRead More