According to a new report from Bloomberg, a federal judge has ruled to proceed with a 2015 class action lawsuit accusing the techno-monopoly Facebook of violating state laws regarding data harvesting through facial recognition software — and the damages may just cost the company billions.
Following the aftermath of the Cambridge Analytica scandal, which saw the personal data of over 87 million users exploited by a Trump-linked political consultancy firm, controversial CEO Mark Zuckerberg tried to explain away the difference between his company’s service and the conduct of some overreaching surveillance state:
“The difference is extremely clear,” the billionaire nervously said. “The content that you share [on Facebook], you put there. The information that we collect, you can choose to have us not collect. You can delete any of it, and of course, you can leave Facebook if you want. I know of no surveillance organization that gives people the option to delete the data that they have or even know what they’re collecting.”
And neither do Facebook’s users, alleging the company is no exception to the surveillance rule. Millions are potentially set to sue the tech giant for violations of the Illinois Biometric Information Privacy Act of 2008 (otherwise known as BIPA) which could demand between $1,000 to $5,000 per offensive use of data. In this case, an offense would be every time DeepFace, the company’s facial recognition software, uses a photo or a person’s likeness without the user's consent.
Part of Facebook’s appeal, from cringey relatives to mocking friends, is tagging friends in photos. Gone are the days of human consent when doing this, however, given the DeepFace software automatically tags faces that meet their match among their billions of users — without any consent given. Facebook alleges their facial recognition software was shut down in Europe around 2012, but it’s hard to take an untruthful company at their word when the proper checks and balances aren’t there to deter such a powerful private market empire from using data self-servingly.
It’s worth considering the report from The Guardian revealing new company policies that allow European users to give consent prior to having their faces scanned in the system —a clear result of Facebook being forced to comply with the European Union’s new strict data laws. Known as the General Data Protection Regulation (GDPR), this would require the techno-anarchical Zuckerberg to seek the consent of EU users that would otherwise be exploited in America, Canada, Australia and similar nations around the globe.
Voters should demand their governments finally play catch up with the bureaucratic EU and mid-western Illinois to see if they truly care about data violations and privacy rights. The case’s ruling judge, James Donato, stated that “damages could amount to billions of dollars” should the company be forced to compensate every violated user as a group, rather than paying hush money to select few individuals or outright stamping cases out of court — like what happened when the 2016 advertisement lawsuit was dismissed.
“A class action is clearly superior to individual proceedings here,” Judge Donato wrote. “While not trivial, BIPA’s statutory damages are not enough to incentivise individual plaintiffs given the high costs of pursuing discovery on Facebook’s software and code base and Facebook’s willingness to litigate the case… Facebook seems to believe that a class action is not superior because statutory damages could amount to billions of dollars.”
Shawn Williams, the lawyer representing the users, wrote:
“As more people become aware of the scope of Facebook’s data collection and as consequences begin to attach to that data collection, whether economic or regulatory, Facebook will have to take a long look at its privacy practices and make changes consistent with user expectations and regulatory requirements.”
It’s universally apparent that Facebook’s scandals, which grow by the day, are the result of a two-tier justice system when it comes to policy. They’ve established one set of principles for you, the common consumer with no money or power, and another set for the executives ruling over Silicon Valley’s wild west coast.
While Zuckerberg and COO Sheryl Sandberg offer evasive policy answers on their apology tours, users are sick of the hypocrisy. You can’t permanently your delete messages sent through the messenger system, but they made damn sure key company executives had control over their data to do just that. Commoners pay fines and face jail-time when they refuse to pay taxes, unlike the “tax havens” of these companies that go unpunished. It’s considered a private property violation when creepy individuals store data for their own whims, but just consider the top nations who could easily use AI to spot a face among a crowd and harvest this face among the sea of others in their database, able to do with such stolen body property whatever they so choose.
But this is no nation state — this is the state of Facebook. It’s a private company “free to do what they want,” so say the corporate apologists. I argue it strikes at people’s fears of the liberty paradox, where powerful entities have the liberty to take away the liberty of others. This form of exploitation is not without historical precedent, after all. Confederates fought and died for a country built on this paradox. Segregation was based on this paradox. Both sides of the gay wedding cake and abortion debates maintain the paradox. Now magnify this paradox to the point of biometric body theft.
What’s to stop this social media platform, with more users than any nation-state, from using the liberty of data storage to use our data in ways that we don’t like? With Facebook’s deceptive practices that echo the NSA, where are the neo-trust laws stopping deep state actors and powerful tech giants from sharing data for means violating individual rights?
We must ask ourselves: do we truly own our faces?