Facebook has filed a federal lawsuit in California court against OneAudience, a New Jersey-based data analytics company that Facebook says improperly accessed and collected user data from it and other social media companies by paying app developers to install a malicious Software Development Kit (SDK) in its apps.
In a blog post outlining the action, Jessica Romero, Facebook’s director of platform enforcement and litigation, said that security researchers first flagged OneAudience’s behaviour to the company as part of its data abuse bounty program. Facebook, and other affected companies then took enforcement measures against OneAudience. Facebook’s measures included disabling apps, sending the company a cease and desist letter, and requesting its participation in an audit, as required by its policies. OneAudience declined to cooperate.
“Through these lawsuits, we will continue sending a message to people trying to abuse our services that Facebook is serious about enforcing our policies, including requiring developers to cooperate with us during an investigation, and advance the state of the law when it comes to data misuse and privacy,” Romero wrote.