Facebook Sues Analytics Firms That Stole User Data Through Third-Party Apps

Posted on February 28, 2020 by Mehedi Hassan in Social with 4 Comments

Back in November, Facebook and Twitter reported about a security breach that allowed third-party analytics services to steal user data through third-party apps, without the user’s permission.

The breach was possible through malicious software development kits (SDKs) used by third-party apps, allowing the analytics firms to get users’ personal data without their permission.

At the time, both Facebook and Twitter took immediate actions against the developers of the malicious SDKs OneAudience and Mobiburn. The companies were paying app developers to use malicious SDKs on their apps. This week, Facebook announced that the company is suing OneAudience after the analytics firm refused to cooperate with Facebook as part of a security audit.

“Through these lawsuits, we will continue sending a message to people trying to abuse our services that Facebook is serious about enforcing our policies, including requiring developers to cooperate with us during an investigation, and advance the state of the law when it comes to data misuse and privacy,” said the company.

Facebook said the company disabled apps affected by the malicious SDKs immediately, and it also sent a cease and desist letter to OneAudience. The company then requested OneAudience to take part in an audit, which OneAudience had refused.

Tagged with ,

Join the discussion!

BECOME A THURROTT MEMBER:

Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Register
Comments (4)

4 responses to “Facebook Sues Analytics Firms That Stole User Data Through Third-Party Apps”

  1. anoldamigauser

    None of this will get the data back, though. This is the problem with the surveillance economy; you think you have a relationship with Facebook, and the application maker, but really there are a whole host of other companies like this that are paying to get your information.

    The argument could be made that these SDKs are a type of fraud, which might allow the companies to be prosecuted under RICO statutes.

  2. Thretosix

    Well Cambridge Analytica is back on the campaign trail. Facebook is such a crapshow.

  3. Greg Green

    Facebook is just disappointed they didn’t have a chance to sell it. Maybe that’ll be part of the out of court settlement. OneAudience will pay damages, then get a receipt for the data they have.

  4. nbplopes

    Through these lawsuits, we will continue sending a message to people trying to abuse our services that Facebook is serious about enforcing our policies, “


    So it’s about the message not the content :)

Leave a Reply