Facebook faces class-action suit over Beacon

A class-action suit filed in California charges Facebook and a handful of other companies, including Blockbuster, Fandango and Overstock, with violating online privacy and computer fraud laws related to Facebook's controversial Beacon system.

Beacon is a program designed by Facebook that shares information about Facebook users' Internet activities with friends. When a Facebook user who has Beacon turned on buys an item on Overstock.com, for example, a message appears on their Facebook page about the purchase, so that all the user's friends can see the message.

But Beacon came under fire from the start from privacy advocates, some of whom wondered how much information Facebook was gathering about how many Internet users.

The lawsuit alleges that Facebook gathered information about its users' online activities before it even asked them whether they wanted that information to appear on their profiles. "By the time any user was notified that Facebook was (at a minimum), an observing party to the transaction, and that Facebook was asking for an approval to publicly broadcast identifying information regarding the event, personally identifying information had already been communicated to Facebook," the suit reads.

In addition, the program was initially set up as an opt-out system, but it was very cumbersome to do so, the suit alleges. Facebook users had to visit each Beacon affiliate Web site, of which there were initially 44, and opt out of the program on each site.

Also, Beacon collected information about all visitors -- not just Facebook users -- who conducted certain activities on the third-party sites that were part of the program, according to the suit, which was filed on Tuesday in the U.S. District Court for the Northern District of California. For example, any time someone bought or rented a movie or placed a movie in their queue on Blockbuster.com, a notification about the activity was sent to Facebook. That happened regardless of whether the person using the Blockbuster site was a Facebook customer.

"Thus, non-Facebook persons who utilized the Facebook Beacon Activated Affiliate Websites were not told that their transaction, and indeed, every transaction they engaged in upon the Website was being communicated to a third party (Facebook) with whom they had no relationship whatsoever," the suit reads.

The suit covers the period of Nov. 7, 2007, through Dec. 5, 2007, when Facebook changed the way the program works. After Dec. 5, Beacon became an opt-in system and users could turn it off completely.

The class purports to represent all Facebook members who during that period visited any of the Beacon affiliate Web pages and did something that would trigger Beacon to send a message to Facebook. The suit estimates there are tens of thousands of people affected.

A Facebook spokesman said the company had not been served the suit but planned to review it closely when it receives it.

The suit asks the court to require Facebook and the other affiliate sites to delete any of the data they collected without user knowledge, award restitution to class members and return any "ill-gotten gains" from the activities that allegedly violated privacy and fraud laws.

The IDG News Service is a Network World affiliate.