Social Media Class Actions Buy the Farm(Ville): Ninth Circuit Dismisses Consumer Claims Against Zynga and Facebook for Sharing User Information with Advertisers


Farmville is a game that celebrates the digital harvest: players earn Farm Coins by diligently and systematically harvesting their virtual crops. Yet a different kind of digital harvest – the harvest of user data – was at the heart of two unsuccessful class action suits users filed against Facebook and Zynga. While the Ninth Circuit ultimately dismissed both claims with prejudice in a consolidated opinion, this case is another important battle in an ongoing war between consumers and social media sites over user data.

Marking a victory for Facebook and Zynga, the Ninth Circuit held that sharing information about users’ identity and the last Facebook page they visited with third party advertisers did not violate the Electronic Communications Privacy Act (“ECPA”). But consumer unrest over data use remains. A Canadian woman recently brought a class action suit against Facebook in Ontario for profiting from users’ private messages. In the United States, the FTC recently signaled its intent to police Facebook’s use of data in light of a proposed merger with WhatsApp.

This battle, recently waged on the fields of FarmVille, may influence the struggles to come.

Class plaintiffs alleged that Facebook and Zynga violated two provisions of the ECPA by divulging the “contents” of their communications to third party advertisers without permission. Indeed, the federal statute prohibits knowing or intentional disclosure of “the contents of any communication” to unauthorized third parties.

The putative classes premised their argument on two pieces of information a third party advertiser automatically receives as a result of the protocol initiated whenever users click on that third party’s link: the user’s Facebook ID and the address of the Facebook page the user accessed their link from.

The Ninth Circuit rejected this argument, without touching on the question of whether either service violated its respective terms of use. The Court held that the user IDs and URLs are not “contents” under the ECPA, but are actually “records,” which parties can divulge without consent. This distinction rests in part on the fact that “Facebook and Zynga divulged identification and address information contained in a referer header automatically generated by the web browser,” as opposed to content that users generate themselves, such as a wall post, a private message or a picture of lunch.

This case signals that courts may be reluctant to hold social media sites like Facebook liable for the transmission of the user metadata that these sites generate automatically as they function. But information that users affirmatively enter themselves may compel a different response.

In any case, this is unlikely to be the last time consumers accuse Facebook and other social media outlets of reaping data where they did not sow.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Proskauer - Advertising Law | Attorney Advertising

Written by:


Proskauer - Advertising Law on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.