Communications Litigation Today was a Warren News publication.
Efforts to ‘Conceal’

Voyager Scraped Data From 600,000 Facebook Users, Alleges Meta

Defendant Voyager Labs, beginning no later than July, developed, distributed and used surveillance software that relied on fake accounts and “unauthorized automated means” to scrape data from Facebook and Instagram, and other websites such as Twitter, YouTube, LinkedIn and Telegram, alleged Meta in a complaint Thursday (docket 3:23-cv-00154) in U.S. District Court for Northern California in San Francisco.

Voyager created and used more than 38,000 fake Facebook user accounts and its surveillance software to scrape more than 600,000 Facebook users’ “viewable profile information,” including posts, likes, friends lists, photos and comments, alleged Meta. Voyager designed the surveillance software “to conceal its presence and activity from Meta and others, and “sold and licensed for profit the data it scraped,” it said.

Voyager’s actions weren't authorized by Meta, and they violate Facebook’s and Instagram’s terms, plus California law, alleged the complaint. Meta is demanding a jury trial, and seeks compensatory, statutory and punitive damages, plus an injunction requiring Voyager to identify the location of any and all data obtained from Meta or its services, and to name any and all individuals and entities with whom Voyager shared that data. Voyager didn’t comment Friday.

Voyager licensed the surveillance software to customers on a “perpetual or term basis for a fee and by charging fees for maintenance, customer support, and other related services,” said the complaint. According to Voyager’s 2020 annual report, the company generated nearly $15.4 million in revenue through surveillance software license fees and related maintenance and service fees, it said.

Voyager took a number of steps to scrape data from Facebook, first by creating fake Facebook user accounts, alleged Meta. It then set up “various computer infrastructure,” including IP addresses and servers in the U.S., that Voyager and its customers use to initiate data scraping requests and obtain data from Facebook, it said. It then used, distributed, tested and maintained its surveillance software and used the fake accounts to scrape data, it said.

The defendant’s fake Facebook accounts “generally had no friends, no followers, did not include profile information such as hometown or city, and engaged in unauthorized automated activity” on Voyager’s behalf, said the complaint. The fake accounts generally were registered using phone numbers with the 972 Israel country code, “or similar email addresses that shared a pattern of containing letters from the first name, followed by letters from the last name, and then a string of random letters or numbers,” it said.

Voyager acted to troubleshoot the fake accounts’ ability to access Facebook, alleged Meta. The complaint cites one example when, on Aug. 23, Meta required 11 fake accounts to complete a technical test or check to confirm the accounts were authentic by requiring those users to log in to Facebook. The next day, Aug. 24, Voyager, through one of its agents or employees, logged in to each of the 11 accounts using the same computer and browser, it said.

Between July and September, Voyager used the fake Facebook user accounts it controlled and the surveillance software “to scrape information from Facebook associated with more than 600,000 Facebook users, including more than 15,000 users in California,” alleged Meta. Among Facebook users in California who had their information scraped were employees of nonprofits, universities, news media organizations, healthcare facilities, the U.S. armed forces and local, state and federal government agencies, it said.