InfoBytes Blog
District Court approves data scrape settlement
On October 20, the U.S. District Court for the Northern District of California granted final approval to a class action settlement resolving claims that a social media platform (defendant) scraped consumer data for advertising purposes. According to the plaintiffs’ motion for preliminary approval, the defendant allegedly scraped a group of mobile company users’ call and text logs without consent by exploiting a vulnerability in the permission settings for the defendant’s message application. In its third amended complaint, the plaintiffs argued that consumers granted the defendant permission to access their phones’ contact lists, but did not consent to scraping their call and text logs, which included the date and time of phone calls, the phone numbers dialed, the names of the individuals called and the duration of each call, as well as whether each call was incoming, outgoing or missed. The plaintiffs further alleged that the defendant did not explicitly notify them that their data was being collected prior to the vulnerability being patched in October 2017, when the defendant ceased its scraping practice. The settlement requires the defendant to delete all call and text history data that it is not legally obligated to preserve, and provides for a $1.08 million attorney fee request and $1,500 incentive awards for class representatives.