Facebook is suing two Portuguese nationals for developing browser extensions that scraped user data from Facebook’s sites.
The suit was brought Facebook against the two people using the business name Oink and Stuff. The developer creates a range of extensions for browsers, including Chrome, Firefox, and Microsoft Edge.
Four of their extensions — Web for Instagram plus DM, Blue Messenger, Emoji keyboard and Green Messenger were malicious and contained hidden computer code that functioned like spyware.
The four extensions have been downloaded and installed over 54,000 times from the Chrome Web Store.
“When people installed these extensions on their browsers, they were installing concealed code designed to scrape their information from the Facebook website, but also information from the users’ browsers unrelated to Facebook — all without their knowledge,” said Facebook Director of Platform Enforcement and Litigation Jessica Romero.
“If the user visited the Facebook website, the browser extensions were programmed to scrape their name, user ID, gender, relationship status, age group and other information related to their account.”
She added that the extensions were installed on the users’ devices to collect information, so Facebook’s security systems were not compromised.
“We are seeking a permanent injunction against defendants and demanding that they delete all Facebook data in their possession. This case is the result of our ongoing international efforts to detect and enforce against those who scrape Facebook users’ data, including those who use browser extensions to compromise people’s browsers.”
- WhatsApp extends deadline on Facebook data sharing update
- Google finalises Fitbit acquisition – despite data privacy concerns
- 150,000 arrest records lost in police data accident
This is not the first time that Facebook has sued third-party app and extension developers over scraping data from its platform. The Cambridge Analytica scandal, where up to 87 million Facebook users had their data exposed to the political consulting firm, placed the danger of a data leak firmly in the public imagination.
With data frequently touted as being the new oil, Facebook, along with the other big techs, are the primary gatekeepers of most of our data. As such, it is no surprise that bad actors would target those companies to access such a valuable commodity.
However, even the ‘legitimate’ use of user data by the big techs is coming under growing scrutiny.
For the big techs, data is their lifeblood. Google and Facebook rely on accessing, processing, and combining user data to help target advertising. Even Apple and Amazon, which have more traditional, physical business models, use data on their customers to give them an edge.
As such, faced with a growing movement that threatens the core of their business model, some big techs are starting to push their privacy credentials and take action to reassure customers that their data is in safe hands.