Facebook Obtains Order Barring Phishing, Spamming Scheme

This posting was written by Cheryl Beise, Editor of CCH Guide to Computer Law, and Thomas A. Long, Editor of CCH Privacy Law in Marketing.

Social networking website operator Facebook, Inc. was entitled to an ex parte temporary restraining order against Internet marketers that allegedly used Facebook's website to engage in a phishing and spamming scheme, in violation of the CAN-SPAM Act, the Computer Fraud and Abuse Act, and California law, the federal district court in San Jose has determined. Facebook asserted that the scheme compromised the accounts of a substantial number of Facebook users.

The marketers allegedly sent out seemingly legitimate e-mails to multiple Facebook users, asking them to click on a link, which led to a phishing site designed to trick users into divulging their Facebook login information. The marketers then allegedly used the information to send spam to the users' "friends." As the cycle was repeated, the number of compromised Facebook accounts increased exponentially.

A TRO was warranted because of the strong possibility of irreparable injury to Facebook's reputation and to the personal privacy of Facebook users, the court said.

The balance of hardships clearly favored Facebook because it was required to expend significant time and resources to combat the marketer's activities. The marketers would suffer little or no hardship if enjoined from conducting their allegedly illegal scheme.

The order granting a temporary restraining order is Facebook, Inc. v. Wallace, CCH Guide to Computer Law ¶49,699 and CCH Privacy Law in Marketing ¶60,308.