Facebook And Its Massive Fraud: The Cook County Lawsuit

facebook

Facebook isn’t as likable as before it seems.

According to one lawyer, Facebook represents something other than a social networking site.

It is actually the biggest data mining operation that’s in existence at the moment.

Perhaps that isn’t surprising.

Cook County, Illinois, isn’t the only entity filing lawsuits against Facebook.

It has actually joined a parade of various lawsuits that different actors have filed against Facebook.

It doesn’t take a genius to figure out that these lawsuits have come in the wake of the recent and still ongoing scandal related to Cambridge Analytica.

However, there are good reasons to believe that Cook County is perhaps the first public entity that has sued Facebook, the social media giant, along with its former business partner based in London.

Lawyers filed the case in the official Circuit Court of Cook County, Illinois, on Friday (more precisely, March 23).

The case laid out very similar allegations against Facebook to the other six cases which are currently pending in the United States federal court.

So what is Cook County’s main argument against Facebook?

How is this case different from all the other cases against Facebook?

Well, Cook County, in its case, argued that the social media giant Facebook along with Cambridge Analytica and its corporate parent, the SCL Group, actually violated the privacy of their users en masse.

According to Cook County the trio did that when they failed to comply with the Illinois laws that deal with problems such as fraud.

About a week ago, publications such as The Observer (which is a British newspaper) and The New York Times broke the huge story which described in detail how the British data analytics contractor actually retained private user data from over 50 million Facebook accounts.

That is despite the fact that earlier it had claimed to have removed all that private user data.

Readers should also know that this same data analytics contractor also worked with Donald Trump and his presidential campaign for the 2016 US presidential elections.

Many Facebook executives including the likes of the CEO of the company, Mark Zuckerberg, have taken the opportunity to call out Cambridge Analytica.

They have said that the contractor’s actions are tantamount to breach of trust.

Cook County Lawyers explained all the problems they had with Facebook in a written complaint.

The lawyer also wrote that Facebook knowingly encouraged and allowed the unreasonable kind of mass data collection.

The social media giant also sought to keep engaging developers to work on its platform and build stuff.

Facebook also did not back away from providing companies with any and all tools that they needed in order to manipulate and influence various kinds of user behaviors.

The lawyer also wrote that the reason why Facebook did all of that was only because it was not a social media platform or company anymore.

According to the lawyer, Facebook had transformed from the largest social media platform to the largest data-mining operation in the world.

Cook County includes areas such as Chicago and that is one of the reasons why it is the second-largest county in the United States of America by population.

It lags just behind Los Angeles County in terms of population.

Meanwhile, after British investigators raided Cambridge Analytica offices in London, the contractor denied any and all wrongdoing.

Currently, Edelson PC is representing the County.

facebook_data_scandal

Facebook has not exercised proper caution in handling user data.

Edelson PC is a law firm based in Chicago which has made a name for itself in bringing huge lawsuits related to privacy against big technology companies.

Back in the year 2015, the law firm represented another Chicago man who had previously claimed that the social media giant Facebook had not conformed to the Illinois Biometric Information Privacy Act.

And thus had violated US Law.

When Ars Technica reporters contacted Facebook for a comment, the social media giant did not respond.

In previous weeks, reporters at Ars Technica had also asked Facebook to make a comment on the lawsuits (specifically, the first two lawsuits) that were filed against it earlier in the week.

Then too, Facebook declined to comment on the issue.

Facebook has repeatedly denied Ars Technica reporters any answers.

It hasn’t provided reporters with much details about the issue either.

All that the company has done is make public statements via its top executives along with its lawyers.

It is pretty clear that Facebook does not want to disclose precisely what kind of data it shared with different contractors and companies.

And when did it do so.

On March 20, a report published in The Washington Post said that a trove of data that they had found included information such as,

  • Names
  • Likes
  • Religious affiliations
  • Hometowns

Along with many other pieces of data.

The current deputy general counsel, Paul Grewal, made a statement on the issue on March 17.

In the statement, he said that the company had a commitment to vigorously enforce its policies in order to protect the information of their people.

In other words, the people who used Facebook.

He further added that the company would take all the steps that it needs to take in order to ensure that their data protection plan happened in due time.

Users who are concerned about whether Facebook has collected too much of their data, shouldn’t worry anymore.

Because it seems like Facebook collected everything they could about their users.

Recent reports have suggested that Facebook actually scraped text message data along with call data for many years from users who used Android smartphone devices.

In such a situation, the best course of action for anyone is to check their data archive.

That archive can show whether Facebook and the company’s algorithms know who the concerned user called.

The very cute screen where Facebook Messenger application offers the user to conveniently track all of the user’s messages and calls is actually the culprit here.

As it turns out, Facebook had already involved itself in surreptitiously collecting data on some smartphone devices running Android.

But the company did that only until October 2017.

Reports say that the company exploited the way an earlier and much older API of the Android system handled certain permissions.

images

The social media platform isn’t working to help people connect. It is working to sell data to advertisers to satisfy its shareholders, according to some.

Update:

 

Facebook has finally decided to come up and respond to all the new stories talking about the company’s policies regarding the collection of SMS and call data.

It has done that via a blog post.

Click here to read that.

In the blog post, Facebook has denied that it collected any call data surreptitiously.

Moreover, the company has also said that it has never sold its user data.

Furthermore, Facebook also mentioned in the blog post that the company made sure that users had full control of their data.

That is, the data that users have uploaded to the social media platform, Facebook.

Facebook might think of the blog post as a “fact check” document.

But it isn’t.

Or maybe it is.

The problem with the blog post is that it contradicts many details that publications such as Ars Technica found in the complete analysis of many testimonies from users who had provided their data and Facebook data downloads.

Later in the article, readers will be able to know more about how Facebook has responded to all the recent criticism.

 

Original Story:

Last week, reports came into the media about a man in New Zealand who looked through some of the data that Facebook had collected on him (or from him) via an archive that the man in New Zealand had managed to download from Facebook, the social networking site.

The man scanned the information that Facebook had collected on him.

While scanning he found out that Facebook had stored information about the man’s contacts.

The man, Dylan McKay, discovered some other things which distressed him.

Apparently, Facebook had stored around two years worth of metadata of his phone call record from his smartphone device running Android.

That metadata included information such as,

  • Phone numbers
  • Names
  • Length of each and every call that Dylan received or made.

Ars Technica reported that many other Facebook users shared with them similar experiences.

Moreover, Ars Technica had found evidence of this fact in their independent research as well.

For example, one Ars Technica reporter said that his Facebook data archive also contained data related to call logs for a particular Android smartphone device that he had used in 2016 and 2015.

He also found that Facebook had also stored metadata related to his MMS messages and SMS messages.

Ars Technica then reached out to Facebook via email in which Ars talked about the company’s data gathering procedures.

In a response to that email, a Facebook spokesperson did eventually reply.

The spokesperson said that the most important part of the company’s services and apps was that it helped users to make connections.

A Facebook spokesperson also said that the company wanted to make it easy for people to find other people that they wanted to connect with.

Because of that, it had become a widely used practice for apps to begin the process by uploading all of the user’s phone contacts to the app.

This only happens the first time the user tries to sign in on a smartphone device to a social and/or messaging application.

The spokesperson from Facebook also pointed out that the company had made contact uploading totally optional.

Moreover, the installation process of the application made an explicit request for permission to access the user’s contacts.

Furthermore, users had the option of deleting contact data which belonged to their profiles.

All they had to do was to use the right tool.

pexels-photo-262545

The social media giant has adamantly defended its data collection methods.

Facebook had made that tool accessible via the user’s web browser.

So why does Facebook want the user’s phone contact data anyway?

Apparently, Facebook makes use of the phone-contact data because of the process it follows.

That process has a part where the company has to feed its friend recommendation algorithms.

Perhaps readers should also know that in the recent version of Facebook Lite devices and the Messenger application for smartphones running Android, the company requests a more explicit permission from the user.

Now, these apps want access to all SMS and call logs on the user’s Android device.

The same goes for Facebook Lite devices as well.

So what’s wrong with that?

The user can simply NOT given permission to Facebook apps and they’ll have plenty of privacy right?

Not really.

Because many users may have already given the explicit permission to Facebook inadvertently.

How?

By using Facebook mobile apps on their devices for the past many years.

All of this is not the user’s fault.

Some of the blame should also go to the Android system.

Facebook basically exploits how the Android system handles certain permissions for accessing SMS and call logs.

That is especially true for older Android versions.

Any user who granted Facebook’s installation interface the ability to read contacts during the process on Android on some of the older versions, (and especially before the official Jelly Bean Android 4.1 version) actually gave Facebook the permission to access message and call logs by default.

Now, fortunately, the Android platform did address the issue in its later versions.

The Android API changed the permission structure a little bit in its version 16.

But here is the problem.

Even if Android had changed its permission structure, apps could still access data.

How?

Well, Android applications that developers had written in previous versions of the API could actually bypass the modifications.

Hence, Facebook API had the opportunity to continue gaining access to the user’s SMS and call data.

All it had to do was to specify the Android SDK to an earlier version.

In October 2017, Google deprecated Android API version 4.0.

This is the point when investigations had found the latest call metadata related to Facebook’s user data.

Users who access Facebook from the Apple iOS platform fared much better.

Why?

Because the iOS has never made the mistake of allowing silent call data access.

Readers should know though that Facebook does go through the pains of providing a method to users who want to purge their collected data.

Yes.

Users can delete all contact data from their Facebook accounts.

But what isn’t clear is if the user does so, does that delete just the contacts data or does it purge all of the other metadata related to SMS and calls as well?

One Ars Technica reporter said that even after purging his contact data, he found data related to his calls and contacts in the archive the next day when he downloaded it.

The likely reason is that Facebook’s web browser tool did not regenerate the archive for the reporter’s new request.

Later, the same reporter informed that Facebook’s tool generated the cached archive.

And hence did not update the archive upon the second request.

With that said, the reporter found that even after two days of requesting the tool to delete all of his contact data, the contact management tool still lists his contacts.

So what’s the lesson here?

The lesson here is what we tell users all the time.

If someone is really concerned about his/her privacy, then that user should not share call-log data and address book data with any application on his/her device.

Moreover, users may also want to re-examine what they can found in their downloadable archive on Facebook.

Why?
Because the archive contains information about all the advertisers that the social media giant, Facebook, shared the user’s contact information with.

Of course, Facebook shared a lot more than just contact information with various advertising firms.

Update:

As mentioned at the top as well, Facebook did eventually respond to all the reports coming in the media about how the company collects SMS and phone data.

Apparently, the company did so without prior knowledge of the user.

Facebook responded to all these allegations with a fact check blog post.

It published the article on Sunday.

In the official response, one spokesperson from Facebook made some interesting comments.

The spokesperson said that the company considered text and call history logging as a part of a feature that was totally optional for users of Facebook Lite and Messenger on the Android platform.

Such features help users to find and then stay connected with people that they care about.

Moreover, it also allows Facebook to provide users with a better experience across the company’s social media platform.

The spokesperson reiterated that people first have to actually expressly agree to Facebook’s terms in order to use this feature.

Users who, at any given time, don’t wish to make use of this feature have the facility of turning it off.

They can go here and do it themselves.

Users who are essentially Facebook Lite users can do the same by clicking here.

Users have the option of deleting all shared text and call history from the app via the links mentioned above.

The blog post specifically mentioned that the company did receive specific permissions from the Android platform itself.

But as far as uploading the user’s information was concerned, it had always been an opt-in feature.

 

Zohair

Zohair

Zohair is currently a content crafter at Security Gladiators and has been involved in the technology industry for more than a decade. He is an engineer by training and, naturally, likes to help people solve their tech related problems. When he is not writing, he can usually be found practicing his free-kicks in the ground beside his house.
Zohair

Latest posts by Zohair (see all)

COMMENTS

WORDPRESS: 2
  • Bad article ! How can you write about what is going on in the United States when you DO NOT live here

    • Thank you for the comment John.
      Facebook’s handling of its user data affects people all around the world but especially those who live in the US.
      It should do more to not collect more than the absolute minimum amount of data that is required for its services and apps.