Facebook, Zynga Wiretap Claims Fail

Zynga Inc and Facebook won’t have to face class action claims that they violated federal wiretap law by alleged disclosure of confidential user information to advertisers, a federal appeals court said Thursday.

But the 9th U.S. Circuit Court of Appeals, in a separate opinion, reinstated a breach of contract claim against Facebook for alleged violation of its privacy agreement with consumers.  Only that state law claim survived.

In the Zynga case, the appeals court upheld dismissal of the class action claims because the customers failed to allege that either Zynga or Facebook disclosed the “contents” of communications, which is a necessary element to claim violation of the Electronic Communications Privacy Act.

The opinion favoring the Zynga Game Network Inc and Facebook, a social networking platform, rejects appeal of several combined lawsuits filed in 2010 in San Francisco.

Users who sign up for these online gaming or social media companies provide personal data such as name, address, birth date, relationship status, location, religion and other interests.  The information is linked to a number within Facebook.  The information is valuable to advertisers.

To generate revenue, Facebook sells advertising to third parties who want to target advertising to a specific demographic group.  Facebook’s privacy policy states it will not reveal a user’s specific identity but only anonymous information is provided to advertisers.

Zynga is a developer of game applications that run on Facebook and until November 2010 it promised not to sell or rent personal ID information to third parties.

When Facebook users or Zynga users click on an ad the website sends the unique user number to the advertising third party.

According to the complaint, Zynga programmed its gaming applications to collect information contained in the referrer header and then transmit the information to advertisers and other third parties.

As a result Facebook and Zynga allegedly disclosed information that would link to Facebook user IDs, according to the lawsuit.

“We hold that under ECPA, the term ‘contents’ refers to the intended message conveyed by the communication, and dooes not include record information regarding the characteristics of the message that is generated in the course of the communication,” wrote Judge Sandra Ikuta.

There is no language in the ECPA equating “contents” with personally identifiable information, she said.

Joining Ikuta in the ruling were Judges Arthur Alarcon and Richard Tallman.

Case: In re Facebook Privacy Litigation, No. 11-18044

Unpublished Memo:  In re: Facebook Privacy Litigation, No. 12-15619



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s