A U.S. judge ordered Facebook Inc to give shareholders emails and other records concerning how the social media company handles data privacy after the company’s lawyers argued users ‘have no expectation of privacy.’
In a 57-page decision on Thursday, which followed a one-day trial in March, Vice Chancellor Joseph Slights of the Delaware Chancery Court said shareholders demonstrated a ‘credible basis’ to believe Facebook board members may have committed wrongdoing related to data privacy breaches.
The ruling comes despite contention from Facebook’s attorney, Orin Snyder, that users have no legal right to privacy, as reported by Law360.
‘There is no invasion of privacy at all, because there is no privacy,’ Snyder said, according to the outlet.
The decision relates to a massive data breach in which 87 million users were compromised by the British political consulting firm Cambridge Analytica without their knowledge.
Slights noted that Facebook had at the time of the 2015 Cambridge Analytica breach been subject to a U.S. Federal Trade Commission consent decree that required it to bolster its data security measures.
The breach was not revealed until March 2018.
‘Evidence presented at trial provides a credible basis to infer the board and Facebook senior executives failed to oversee Facebook’s compliance with the consent decree and its broader efforts to protect the private data of its users,’ Slights wrote.
The ruling comes after shareholders sued Facebook last September to obtain records related to Cambridge Analytica and other breaches, and said that upon finding wrongdoing, they might sue company officers and directors through a so-called derivative lawsuit.
Derivative lawsuits are brought on behalf of companies, with money recovered from officers and directors, or their insurers, going to the companies themselves.
Facebook declined to comment on Friday. Daniel Rehns, a lawyer for the shareholders, also declined to comment.
Facebook’s share price sank 19 percent, wiping out $120 billion of shareholder wealth, last July 26 after the Menlo Park, California company posted disappointing results in the first full quarter since the Cambridge Analytica breach was revealed, and said it was spending more on security measures.
Cambridge Analytica, hired by U.S. President Donald Trump’s 2016 election campaign, used profiling techniques to predict and influence voter behavior.
It shut down after the breach was disclosed, and several U.S. and European regulatory probes into Facebook ensued.
Facebook Chief Executive Mark Zuckerberg told a U.S. Senate panel in April 2018 that his company discovered the Cambridge Analytica breach in 2015, but neither conducted an audit nor told users and the FTC, Slights wrote.
Slights denied some of the shareholders’ record requests as over broad.
In a footnote, he said his decision stopped ‘well short’ of concluding that Facebook officers or directors engaged in wrongdoing, and any such determination ‘awaits another day.’