Lawsuit Claims Facebook Scans Our Private Messages

Aaron Elliott Founder,, Social Barrel

Posted on January 7th 2014

Lawsuit Claims Facebook Scans Our Private Messages


Facebook is a lawsuit magnet. And this time the company is sued over claims of espionage, as the new lawsuit alleges that Facebook spied on messages and shared the data to third-party advertisers and marketers. 

The filing with a federal court in San Jose, California reads that Matthew Campbell and Michael Hurley are requesting a jury trial and relief against the social networking company.

On the last day of 2013, the plaintiffs’ attorneys filed the documents with the with the U.S. District Court claiming that Facebook infringed on two privacy laws: the California Invasion of Privacy Act (CIPA) and the Electronics Communication Privacy Act (ECPA).

Campbell and Hurley say that Facebook scans the content of private messages appended with links to a third-party website, following the link and finding data to profile the online activity between the sender and recipient. They think the act trenches the CIPA and ECPA because it queers privacy and weakens Facebook’s unprecedented security for private messages.

The plaintiffs cite findings from High-Tech Bridge, a Swiss security firm, to show that Facebook flicks through Universal Resource Locators in private messages without divulging to the unknowing account owner. In the study, High-Tech Bridge had a dedicated Web server and brought forth a secret URL for 50 social networking companies, email systems, and Web services. Afterward, the firm used the private messaging of each service with a new URL. And then it tracked the Web server to find which Web service clicks on the URL.

The filing doesn’t stop there. The filing lists other means that the social network uses to encrypt user data, including Likes, crawlers, and social plugins.

A Facebook spokesperson told Bloomberg the lawsuit banks on claims without merit.

Cases against social networking companies and other Internet service providers will continue to pile up, as Internet usage surges and as unknowing users become more mindful of the private details they serve on a silver plate. Other social networking sites such as LinkedIn also face claims of tapping into communications for profit.

The plaintiffs seek a class-action suit on behalf of Facebook users who sent or received private messages appended with URLs. They also hope the judge awards statutory damages of $100 for each day Facebook violates the ECPA and $5,000 or three times the actual damages they sustained. And, as may be expected, they want Facebook to stop scanning private messages and seek up to $10,000 in damages for each Facebook user.


Aaron Elliott

Founder,, Social Barrel

I'm 30 and live in Adelaide, Australia. I have a strong interest and passion for Social Media, Blogging and Online Marketing. To execute this passion I have created which aims to connect social media users and marketers, with the latest and most up-to-date news on the social media scene. Don't forget to check out for more Social Media News.

See Full Profile >


Gale Davy
Posted on January 7th 2014 at 7:35PM

In October, I had a private message exchange on Facebook with someone I had not seen since college. I mentioned my cat and she mentioned that the thought that I was allergic to cats. I said - no, never been allergic to cats etc.

The next day I had an ad in my right sidebar on Facebook that said "Allergic to Cats?"

I thought that this could not have been a coincidence and emailed a friend of mine who does SEO/marketing to ask her what she thought. (She thought it was highly likely that FB was creeping PMs).

I, like everyone else, had assumed that the content of my private messages to individuals was not tracked by FB. I think people will be suprised to learn that this is not the case.