Facebook recently filed lawsuits against developers who were abusing their platform, including both Facebook and Instagram. One of them was selling fake likes, comments, views, and followers. But the other is way more dangerous, as it collected users’ personal information from Facebook.
Let’s start with the fake engagement. It’s widely known that people use services like this to cheat Instagram. Facebook and Instagram sued Nikolay Holper, the founder Nakrutka, in federal court in San Francisco. Nakrutka is, simply put, a fake engagement service. It’s a service network of bots and automation software that Holper developed and used to sell fake likes, comments, views, and followers on Instagram. “We previously disabled accounts associated with Holper and his service, formally warned him that he was in violation of our Terms, and sent a cease and desist letter,” Facebook writes in a statement.
This isn’t the first time Facebook filed a lawsuit based on the same grounds. Last year, it sued another company that earned approximately $9.43 million from selling fake likes, comments, and followers on Instagram. “By filing the lawsuit, we are sending a message that this kind of fraudulent activity is not tolerated on our services, and we will act to protect the integrity of our platform,” Facebook stated back then. And it appears that they are being consistent in these efforts.
Another lawsuit was filed by Facebook Inc. and Facebook Ireland. They sued MobiBurn, OakSmart Technologies and its founder Fatih Haltas in the High Court of Justice. The lawsuit was filed after MobiBurn reportedly “collected user data from Facebook and other social media companies by paying app developers to install a malicious Software Development Kit (SDK) in their apps.”
When people would install those malicious apps on their devices, MobiBurn collected personal information from them and requested data from Facebook. This information included the person’s name, time zone, email address, and gender. “MobiBurn did not compromise Facebook, instead they used the malicious SDK on the users’ devices to collect information,” Facebook writes.
“Security researchers first flagged MobiBurn’s behavior to us as part of our data abuse bounty program,” Facebook explains. The company adds that they then took enforcement action, “including disabling apps, sending a cease and desist letter, and requesting MobiBurn’s participation in an audit.” However, MobiBurn reportedly “failed to fully cooperate” so Facebook decided to sue.
According to Facebook, these lawsuits are the latest in their efforts “to protect people who use our services, hold those who abuse our platform accountable, and advance the state of the law around data misuse and privacy.” Although, funnily enough, Facebook itself was in the center of privacy scandals before.