Last week, a class action lawsuit was filed against eighteen technology and social networking companies in Texas federal district court for allegedly distributing privacy-invading mobile applications ("apps"). Opperman et. al. v. Path, Inc. et. al, Case No. 1:12-cv-00219-SS (W.D. Tex. March 12, 2012). The companies sued were Path, Twitter, Apple, Facebook, Beluga, Yelp!, Burbn, Instagram, Foursquare Labs, Gowalla, Foodspotting, Hipster, LinkedIn, Rovio Mobile Oy, ZeptoLab, Chillingo, Electronic Arts, and Kik Interactive. The 152-page class action complaint begins with an adage from Robert Fulghum’s book, All I Really Need to Know I Learned in Kindergarten: "Don’t take things that aren’t yours." The platitudes continue. The plaintiffs allege that the defendants, through these apps, "surreptiously harvest, upload and illegally steal the owner’s address book data without the owner’s knowledge or consent." Due to the ubiquity of wireless networks, the end result is that the defendants have "quite literally, turned the address book owners’ wireless mobile device into mobile radio beacons broadcasting and publicly exposing the unsuspecting device owner’s address book data to the world." The plaintiffs are thirteen Austin-area residents and primarily iPhone users. They have collectively installed all of the defendants’ apps that are allegedly conducting illegal reconnaissance on the information contained in their address books, including contact names, phone numbers, physical and email addresses, job titles, and birthdays. The illicit apps include the usual suspects such as Facebook, Twitter, and Foursquare, in addition to popular games such as Angry Birds and Cut the Rope.
The plaintiffs and the putative class members accordingly seek injunctive, equitable, statutory, and monetary relief for, inter alia, invasion of privacy and violations of numerous provisions of state and federal law, including the Electronic Communication Privacy Act (18 U.S.C. §§ 2701, et. seq.), the Computer Fraud and Abuse Act (18 U.S.C. § 1030(g)), along with violations of the Racketeer Influenced & Corrupt Organizations Act (including 18 U.S.C. § 1343 (wire fraud), §§ 1961-64 (civil liability for racketeering activities and conspiracies), and § 2314 (transportation of stolen property)). The putative class includes all owners of iOS- or Android-based wireless mobile devices who acquired any application that "without the owner’s prior effective consent accessed, copied, uploaded, transferred, broadcast and/or otherwise used any portion of the owner’s address book data . . . that the owner had transferred onto the owner’s wireless mobile device."
A copy of the complaint can be found here.