Australian Action against Facebook for misuse of private information

July 10, 2018 |

The Australian in Facebook hit by Australian compensation case for data theft reports that the litigation funder IMF Bentham have lodged a representative complaint with the Office of the Information Commissioner arising out of the Cambridge Analytica use of personal information gleaned from Facebook.  One of the more egregious breaches of privacy by Facebook in recent times.  Which is saying something!  The story is also picked up by the Guardian in Compensation sought for Australians caught up in Facebook privacy breach.

Representative claims before the Information Commissioner is a rarely used provision.  The IMF Bentham quite lengthy statement relevantly provides:

IMF Bentham Ltd (ASX:IMF) and a leading Australian law firm have lodged a representative complaint with the Office of the Australian Information Commissioner (OAIC) seeking, among other things, compensation for Facebook users arising from Facebook’s alleged breaches of the Australian Privacy Principles contained in the Privacy Act 1988. The alleged breaches surround the circumstances in which a third party, Cambridge Analytica, gained unauthorised access to users’ profiles and information. The complaint seeks financial recompense for the unauthorised access to, and use of, their personal data.

If you had a Facebook account, which was the subject of the privacy breach, and used Facebook while in Australia from 2010 to March 2015, IMF invites you to join the class action and register your details, via its dedicated website here. Facebook users can find out if they are affected by using the tool available at Once affected users register their details in the IMF class action, they will receive further information and be advised next steps.


In 2013, ‘This is my Digital Life’ a personality quiz and software application (app), used Facebook to distribute its personality test. Facebook users who signed up to the personality test appear to have consented to the app accessing their Facebook data. However, unbeknown to these users, the app also harvested data from their Facebook friends, representing an estimated additional 87 million users. It is believed the data harvested includes the users’ political views, religious beliefs, friends, and ‘likes’.

It appears the data collected by ‘This is my Digital Life’ was then made available to British political consulting firm, Cambridge Analytica, who created a tool to predict personalities and used the harvested data for targeted advertising campaigns. It may have been made available to others also.

It appears that Facebook first discovered the breach in late 2015, but failed to alert users and took limited steps to recover and secure the data. 

On 17 March 2018, the New York Times and The Observer reported that Cambridge Analytica had accessed the Facebook profiles of approximately 50 million users. Following this media exposure, Facebook revealed on 4 April 2018 that over 300,000 Australian-based users were victims of the breach. Australians are some of the most prolific social media users in the world. Independent reports suggest up to 60% of Australia’s population are Facebook users. Australia was the 10th hardest hit by the breach globally.

Australia’s Privacy legislation requires companies holding personal information to take reasonable steps to ensure that personal information is held securely and that customers are adequately notified about the collection and handling of their personal information.


IMF is one of the leading global litigation funders, headquartered in Australia and with offices in the US, Singapore, Canada, Hong Kong and the UK.  IMF has built its reputation as a trusted provider of innovative litigation funding solutions and has established an increasingly diverse portfolio of litigation funding assets.

IMF has a highly experienced litigation funding team overseeing its investments. We have a 90% success rate over 166 completed investments and have recovered over A$1.3 billion for clients since 2001. 

The Australian article provides:

Litigation funder IMF Bentham says it has lodged a compensation case against Facebook on behalf of up to 300,000 Australian users whose private information was allegedly filched by notorious political consultancy Cambridge Analytica.

IMF said it and law firm Johnson Winter Slattery had filed a complaint with privacy watchdog the Office of the Australian Information Commissioner alleging breaches of the Privacy Act.

In 2013, Facebook app “This is my Digital Life” harvested the personal information of people who took the digital quiz and their friends – up to 87 million users of the social media platform.

The personal information of about 50 million people, including more than 300,000 Australians, was then made available to Cambridge Analytica, which is currently at the centre of a political storm in the UK over its role working for the leave campaign in 2016’s Brexit referendum.

Cambridge Analytica then allegedly used the data, which included political views, religious beliefs and “likes”, to build a tool that predicted personalities and for targeted advertising campaigns.

IMF Bentham said it appeared Facebook learned of the breach in late 2015, but failed to tell users about it until this year.

It said that if the oaic complaint against Facebook failed to produce compensation for victims it might also launch a class action through the courts.

The OAIC has already launched a separate investigation into the Cambridge Analytica breach.

Facebook has been contacted for comment.

Meanwhile, an ocean or two away in the United States Congress legislators are pressing Alphabet and Apple on privacy with smart phones as the Wall Street Journal Reports in  Lawmakers Press Alphabet and Apple on Smartphone Users’ Privacy.

It provides:

House lawmakers are demanding information from Alphabet Inc. and Apple Inc. about how the companies handle users’ personal information, including spoken words, email content and location data.

In letters to the companies’ CEOs, leaders of the powerful House Energy and Commerce Committee said recent media reports and related information obtained by the panel have raised questions about how the companies gather and use consumers’ information.

The letters show that consumer-privacy concerns in Washington have spread beyond Facebook Inc., which has been in regulators’ and lawmakers’ crosshairs this past year over the sharing of user information with a data-analytics firm that had ties to the Donald Trump presidential campaign.

The lawmakers’ letter to Alphabet CEO Larry Page said recent reports indicate that its Android smartphone operating system collects extensive user-location data and reports it back to Alphabet’s Google unit even when location services are disabled.

The European Union’s General Data Protection Regulation on data privacy will come into force on May 25, 2018. This video explains how it could affect you, even if you don’t live in the EU. (Originally Published May 16, 2018)

Considering that many consumers likely believe that their phones aren’t actively tracking them when the location services are turned off, “this alleged behavior is troubling,” according to the letter, which was signed by the committee’s chairman, Greg Walden (R., Ore.), as well as three subcommittee chairmen, Reps. Gregg Harper (R., Miss.), Marsha Blackburn (R., Tenn.) and Robert Latta (R., Ohio).

The letter to Alphabet also raised questions concerning a report last week in The Wall Street Journal that Google continues to allow third parties to access content of users’ emails, even though the company itself said last year it would halt scanning the contents of emails to “keep privacy and security paramount.”

The lawmakers’ letter to Apple CEO Tim Cook raised fewer issues, but posed similar questions about whether Apple smartphones collect and transmit extensive location data. The letter says that Apple’s actions “raise questions about how Apple device users’ data is protected and when it is shared and compiled,” given that Apple provides access to apps that appear contradictory to its own privacy principles, the letter says.

Both letters also noted that some recent media reports have suggested that smartphones in general can and sometimes do collect extensive audio data that can be accessed by third parties, even when users might not be talking to the phone’s virtual assistant.

Google said in a statement on Monday: “Protecting our users’ privacy and securing their information is of the utmost importance to Google. We look forward to answering the committee’s questions.”

Apple declined to comment. The company provides information on its data practices online that answer some of the questions.

The letters go on to seek detailed information about the companies’ practices, particularly when it comes to tracking users’ locations, collecting audio data from users’ conversations and sharing their data with third parties, such as app developers.

The letters to both firms ask whether their devices “have the capability to listen to consumers” even when the user isn’t engaging a virtual assistant. If so, lawmakers want to know how that data is being used.

The letters ask whether the firms could control or limit the data collected by third-party apps available on their devices.

Congress also is asking Google for “a comprehensive list of the companies with access to a user’s email contents on Gmail,” as well as details about what restrictions it places on the use of email data by app makers.

Hundreds of app developers scan the inboxes of millions of Gmail users who signed up for email-based services, commonly using free apps and services to hook users into giving up access to their inboxes without clearly stating what data they collect and what they are doing with it, current and former employees of these companies told The Journal.

In a Google blog post last week, the company said: “Transparency and control have always been core data privacy principles, and we’re constantly working to ensure these principles are reflected in our products.”

Apple says it has aimed to protect user privacy by encrypting some sensitive information such as iMessages and randomizing other information it gathers such as map navigation so that it can’t be linked to an individual’s device.

In an aim to bolster user privacy, the company last month issued new rules for apps available on its App Store, saying apps that access users’ photos and contact lists can’t use that information to build databases. However, the new rules also raised concerns that the company’s previous policies contained loopholes allowing apps to collect and resell sensitive information such as photo locations, privacy advocates say.

Agencies including the Federal Trade Commission already are investigating Facebook, and some privacy groups have called for other technology companies’ practices to be probed as well.

The letters also dial up pressure on major tech firms to tell lawmakers and the public more about their privacy practices.

The Energy and Commerce Committee has been urging other firms to send their CEOs to testify at a hearing about their practices. But so far, no hearing has been scheduled.

The letters mark the first time the committee has queried companies besides Facebook concerning specific consumer-privacy issues. The committee has been looking more broadly at other topics, including the use of algorithms for a number of services such as content sharing.

Leave a Reply

Verified by MonsterInsights