Meta has launched two new legal actions against data scraping sites, which have extracted user data from both Instagram and Facebook for unauthorized use, while it’s also seen a new victory in its battle against platform misuse, with a court ruling in its favor in another case related to clone sites.
First off, on its new actions – Meta has launched legal proceedings against two companies that offer data scraping services, which illegally use people’s uploaded info for unintended purpose.
As explained by Meta:
“The first action is against a company called Octopus, a US subsidiary of a Chinese national high-tech enterprise that claims to have over one million customers. Octopus offers scraping services and access to software that customers can use to scrape any website. For a fee, Octopus customers can launch scraping attacks from its cloud-based platform or hire Octopus to scrape websites directly. Octopus offers to scrape data from Amazon, eBay, Twitter, Yelp, Google, Target, Walmart, Indeed, LinkedIn, Facebook and Instagram.”
Meta says that Octopus’ system is able to extract data about people’s Facebook Friends ‘such as email address, phone number, gender and date of birth, as well as Instagram followers and engagement information, such as name, user profile URL, location and number of likes and comments per post’.
That’s information that users never intended to be utilized in this way, and Meta’s looking to establish clearer legal standing on this type of misuse.
The second company that Meta has launched legal action against is managed by a single operator in Turkey, and has been using automated Instagram accounts to scrape data from the profiles of over 350,000 Instagram users.
“These profiles were viewable to logged-in Instagram users. The Defendant published the scraped data on his own websites or “clone sites.” A clone site is a website that copies and displays Instagram profiles, posts and other information without authorization.”
Both seem like fairly clear-cut violations of Meta’s terms of service, but the legal technicalities of online data scraping are not so definitive, with LinkedIn currently engaged in a years-long battle over a similar data-scraping case, in which users' publicly available LinkedIn info is being used to power an external employee database and recruitment site.
In the most recent finding in this case, the Ninth Circuit of Appeals ruled that scraping data that’s publicly accessible on the internet isn’t in violation of the Computer Fraud and Abuse Act, despite users not explicitly providing consent for their information to be utilized by third-party providers in this way.
That case will no doubt also be used in the defense against Meta’s latest legal actions - but as Meta outlines, there is a variance here in that the information gathered by these tools is not publicly accessible, as such, which is part of the reason why Meta has gradually locked down Facebook and Instagram data more and more over the years, giving the company more definitive legal grounding in any such misuse.
That could lead to a new legal precedent for such, which may not necessarily help in LinkedIn’s case – but then again, LinkedIn has also been moving to lock down more of its user data to combat the same, which could eventually see any ruling apply to all such cases.
Either way, the misuse of user data in this way is clearly a violation of privacy, as it’s taking people’s personal info without consent. One way or another, it seems that the laws around such need to be updated - and maybe, these new cases from Meta can advance the argument in this respect.
Which is what Meta’s been trying to do with its various legal cases against platform misuse. And recently, it had a victory, with a court ruling that another operator that had been scraping Instagram user data to fuel clone sites was guilty of misuse.
As per Meta:
“In 2020, we filed an action against a defendant scraping people’s publicly-visible information from Instagram in order to create a network of clone sites. This was a violation of our Terms of Service and we filed a lawsuit in order to protect our users. The Court recently issued a final judgment in our favor and found Defendant liable for scraping data from Instagram users and republishing it on his clones sites. The Defendant was ordered by the Court to pay over $200,000 and is banned from using Facebook or Instagram.”
Each ruling in Meta’s favor helps to establish clearer precedent, and as it continues to launch new legal proceedings in order to reiterate the significance of data scraping and misuse, that, ideally, will further build Meta’s broader case load to solidify legal standing.
Which will see more of this type of activity outlawed and penalized, and will ultimately disincentive fraud in the space. It takes time, as each case needs to go through the legal process (as per this recent ruling), but Meta continues to establish stronger foundations for future cases with every step.
Which is another way to evolve the laws around such, embedding rulings by proxy, which will help to address such as clear legal violations in future.
There’s a way to go, on several fronts, but Meta’s legal procedures help to build the foundations of law around these evolving forms of data misuse.