Meta won a significant legal case, and this could set a precedent for spyware which uses secret methods to gain access to personal data based on the information that users enter in various applications.
This case involved Meta’s largest messaging app, WhatsApp.
In 2019, WhatsApp warned over 1,000 users of the compromise and malware that had infected their devices. The attack was especially alarming because the users did not even need to accept a video calling to activate it.
Meta investigated the breach with the help of cybersecurity experts at Citizen Lab. This led Meta to take legal action against the developer NSO for using its Pegasus spyware tool. The software allows users to steal the data from apps.
Meta-explained:
” NSO Pegasus is a spyware that can be installed onto any phone and collect information. You can think of anything, from emails to text messages and financial information, as well as location and other data.
Meta does not suggest that NSO initiated the attack on WhatsApp. Meta, however, sought to take legal action because it was its own software that was used. This is in order to bring attention and highlight illegal uses of social media apps.
A federal jury was in agreement with Meta and granted $167.25 Million to Meta as damages. A jury also ordered MSO to pay Meta $444,719 more in compensation.
Meta has also noted that NSO software was used to carry out a variety of attacks. Apple has also filed a lawsuit against the developer. The Meta findings could lead to more legal cases and NSO removing its spyware.
This is an important victory, but the biggest one is the legal deterrent. It is the case which essentially bans the use spyware in order to steal information from people through unapproved methods.
The case has a greater impact because the perpetrator was not identified. It also forces similar programs to evaluate their viability and case outside such programs.
The developers have been able, in general, to claim that these tools could be used to scrape data for purposes other than scraping. This is the reason they were allowed to stay on the market. This case proves that social media apps and messaging applications are not exempt from legal implications, particularly now that our private information is so easily accessible.
It’s an important step that should impact the industry.
There are, of course, still different levels in terms of what data scraping is and how third-parties can get and use this data. In the case of malicious software, it could be an important step to addressing misuse.