The extensions contained hidden code that caused them to function like spyware
bsd555/iStock


By David Cohen

1 hour ago

Facebook and Facebook Ireland filed a lawsuit in Portugal against two individuals for scraping user profiles and other data from its website, calling their actions a violation of the social network’s terms of service, as well as Portugal’s Database Protection Law.

Director of platform enforcement and litigation Jessica Romero said in a Newsroom post Thursday that the two individuals developed browser extensions under the name Oink and Stuff and made them available on the Google Chrome store, misleading users by stating in its privacy policy that personal information was not being collected.

Romero added that four extensions—Blue Messenger, Emoji Keyboard, Green Messenger and Web for Instagram Plus DM—contained hidden code that caused them to function like spyware.

She explained, “When people installed these extensions on their browsers, they were installing concealed code designed to scrape their information from the Facebook website, but also information from the users’ browsers unrelated to Facebook—all without their knowledge. If the user visited the Facebook website, the browser extensions were programmed to scrape their name, user ID, gender, relationship status, age group and other information related to their account. The defendants did not compromise Facebook’s security systems. Instead, they used the extensions on the users’ devices to collect information.”

Facebook is seeking a permanent injunction against the two defendants and demanding that they delete all Facebook data in their possession.