The lawsuit has been filed against two individuals working for application development company Oink and Stuff. Facebook sued these two European individuals for violating its terms of service by scraping user data with help of Chrome extension.
Jessica Romero, Facebook's Director of Platform Enforcement and Litigation, said, “When people installed these extensions on their browsers, they were installing concealed code designed to scrape their information from the Facebook website, but also information from the users' browsers unrelated to Facebook — all without their knowledge,"
“If the user visited the Facebook website, the browser extensions were programmed to scrape their name, user ID, gender, relationship status, age group, and other information related to their account. The defendants did not compromise Facebook’s security systems. Instead, they used the extensions on the users’ devices to collect information.”
Oink and Stuff extension products are available for Chrome, Firefox, Edge, Opera, and Android, and have over one million active users. They are also specialized in creating Android apps.
All of the accused extensions were developed by this company. According to Facebook, they found data collection-related malicious behavior inside four extensions named Web for Instagram plus DM, Blue Messenger, Emoji keyboard, and Green Messenger, which Facebook said: "functioned like spyware."
All of these extensions can still be seen on the official Chrome Web Store and have more than 54,000 installs.
Facebooking is now demanding to delete all the Facebook users' data they have acquired by using these four extensions. This is not the first time that Facebook has sued a third-party app for violating its terms of services.
In March 2019 - Facebook sued (Gleb Sluchevsky and Andrey Gorbachov) two Ukrainian browser extension makers scraping user data.
In August 2019 - Facebook sues two Android application developers on allegations of advertising click fraud (LionMobi and JediMobi
In October 2019 - For developing and selling a WhatsApp zero-day that was used in May 2019 to attack attorneys, journalists, human rights activists, political dissidents, diplomats, and government officials, Facebook sued Israeli surveillance vendor NSO Group
In December 2019 - Facebook sued two Chinese nationals and ILikeAd for tricking users into downloading malware by using Facebook ads.
In February 2020 - Facebook sued OneAudience, an SDK maker that was secretly collecting data on Facebook users.
In March 2020 - Facebook sued Namecheap, one of the biggest domain name registrars on the internet, to unmask hackers who registered malicious domains through its service.
In April 2020 - Facebook sued LeadCloak for providing software to cloak deceptive ads related to COVID-19, pharmaceuticals, diet pills, and more.
In June 2020 - Facebook sued the owner of Massroot8.com, a website that stole Facebook users' passwords.
In June 2020 - Facebook sued to unmask and take over 12 domains containing Facebook brands and used to scam Facebook users.
In June 2020 - Facebook sues MGP25 Cyberint Services, a company that operated an online website that sold Instagram likes and comments.
In August 2020 - Facebook sued the owner of Nakrutka, a website that sold Instagram likes, comments, and followers.
In August 2020 - Facebook sued MobiBurn, the maker of an advertising SDK accused of scraping user data.
In October 2020 - Facebook sued the maker of two Chrome extensions for scraping user data.
In November 2020 - Facebook sues a Turkish national for operating a network of at least 20 Instagram clones.