May 31, 2019
(Reuters) – A U.S. judge ordered Facebook Inc to give shareholders emails and other records concerning how the social media company handles data privacy, after data for an estimated 87 million users was accessed by the British political consulting firm Cambridge Analytica.
In a decision on Thursday, Vice Chancellor Joseph Slights of the Delaware Chancery Court said shareholders demonstrated a “credible basis” to infer that Facebook board members may have committed wrongdoing in connection with data privacy breaches.
He noted that Facebook had, at the time of the 2015 Cambridge Analytica breach, been subject to a consent decree with the U.S. Federal Trade Commission, under which the Menlo Park, California-based company promised to bolster its data security measures.
Facebook and its lawyers did not immediately respond on Friday to requests for comment. Lawyers for the shareholders did not immediately respond to similar requests.
Allegations of improper use of Facebook user data by Cambridge Analytica, hired by Donald Trump’s 2016 U.S. election campaign, prompted a series of U.S. and European regulatory probes. The breach was disclosed in March 2018 and Cambridge later shut down https://www.reuters.com/article/us-facebook-privacy/cambridge-analytica-and-british-parent-shut-down-after-facebook-scandal-idUSKBN1I32L7.
Shareholders said they sued Facebook in September to obtain records related to Cambridge Analytica and other breaches, and upon finding wrongdoing might later sue company officers and directors through a so-called derivative lawsuit.
In a footnote, Slights said his decision stopped “well short” of concluding that officers or directors engaged in wrongdoing, and any such determination “awaits another day.”
(Reporting by Jonathan Stempel in New York; Editing by Bernadette Baum)