A judge for the US District Court for the Northern District of California [official website] on Friday rejected a settlement [order, PDF] proposed by Facebook [website; JURIST news archive] in a class action lawsuit over the social networking company's "Sponsored Stories" program. The lawsuit accuses Facebook [Bloomberg report] of appropriating the names, photographs and identities of users through the Sponsored Stories program to advertise products to users, all without their explicit permission. Judge Richard Seeborg refused to grant preliminary approval of the settlement, which provided for changes to Facebook's Statement of Rights and Responsibilities and for $10 million in cy pres payments to be shared among advocacy groups for children, consumers and electronic privacy, but not the Facebook users themselves:
California Civil Code §3344 ... under which plaintiffs' claims are brought, provides for statutory damages of $750 for any violation. It very well may be, as Facebook argues, that plaintiffs' chances of obtaining a judgment awarding such statutory damages to class members are remote, but their potential availability must be considered in evaluating the fairness of any settlement. Merely pointing to the infeasibility of dividing up the agreed-to $10 million recovery, or the relatively small per-use revenue Facebook derived, is insufficient, standing alone, to justify resort to purely cy pres payments.Seeborg also expressed concern over the settlement provision that allows payments of up to $10 million in attorney's fees, again excluding the users who make up the class of injured parties. Praising the ruling was Consumer Watchdog [advocacy website; press release], a consumer advocacy non-profit that had sent a missive [letter; PDF] to Seeborg opposing the agreement "on the grounds that the proposed settlement is not fair, adequate or reasonable and provides no direct or indirect benefit to class members." Seeborg's order allows for the parties to modify the settlement for fresh consideration or to resubmit the rejected settlement accompanied by additional legal arguments in its favor.
The ubiquitous social networking giant faces legal challenges around the world. Last week German data privacy authorities reopened an investigation into Facebook facial recognition software that automatically recognizes facial features in pictures and "tags" users when others upload photos of them. Hamburg Commissioner for Data Protection and Freedom of Information Johannes Caspar [official website, in German] claims that Facebook is illegally compiling a huge database [JURIST report] of members' photos without their consent, and the archive should be destroyed because European data protection laws require explicit consent of users for a company to employ such analytic software to compile a photographic database of human faces. Mirroring Caspar's position, Patricia Rogosch, a research assistant for the EU Project CONSENT Institute for Information, Telecommunication and Media Law, wrote in August 2011 that the Facebook facial recognition feature violates European data protection laws [JURIST comment] because the software was introduced without notifying users and it requires users to opt out instead of opting in. In July 2010 Caspar initiated legal proceedings [JURIST report] against Facebook for accessing and saving non-users' personal information, stated the social networking site could be fined tens of thousands of euros for violating Germany's strict privacy laws. Caspar was alerted that non-users had been contacted by Facebook because their e-mail addresses were listed in Facebook users' e-mail contacts.