Handing a victory to Facebook, a federal judge has ruled that the company won't have to face a class-action lawsuit for allegedly violating its privacy policy by "leaking" people's personal information to advertisers.
U.S. District Court Judge Ronald Whyte said this week that class-action treatment isn't appropriate because "individualized questions will predominate" in the dispute. Most of Whyte's 15-page opinion hasn't yet been made publicly available, so the basis for his findings isn't yet clear.
The ruling stems from a privacy lawsuit first filed against Facebook in 2010, shortly after allegations surfaced that Facebook transmitted people's personal information in the referer headers -- URLs transmitted by publishers when users click on ads. Those headers allegedly included people's Facebook IDs, among other information.
A group of consumers sued Facebook for allegedly violating federal wiretap laws and breaching its privacy policy.
U.S. District Court Judge James Ware dismissed all claims at a preliminary stage in 2011, ruling that the consumers lacked “standing” to proceed in federal court because they didn't allege they were hurt by the leaks.
But in 2014 the 9th Circuit Court of Appeals reinstated the consumers' claims for breach of contract and fraud. The panel ruled that the consumers were entitled to proceed based on allegations that they were harmed by both “the dissemination of their personal information,” and “losing the sales value of that information.”
Facebook said in papers filed with Whyte last December that the case shouldn't proceed as a class-action. Among other arguments, Facebook said the issues in contention need to be litigated on a user-by-user basis.
"The relevant evidence needed to prove plaintiffs’ claims is necessarily individual to each putative class member and each advertiser," Facebook wrote.
The social networking service added that the consumers who are suing never presented evidence about which User IDs (if any) were sent to advertisers. "Plaintiffs do not have a scintilla of proof that any advertiser used the allegedly disclosed User IDs and usernames at all, much less evidence showing whether any class member was affected by such use," the company wrote.