The settlement revealed Wednesday involves a New Zealand firm, called Social Media Series Limited, that artificially inflated the popularity of photos and accounts on Instagram, which belongs to Facebook, despite repeated warnings from the tech giant. In its initial court filing, Facebook said the operation may have raked in $9.4 million from its fake-engagement scheme, violating 1980s federal cybersecurity law.
The deal -- a portion of which must be approved by a judge -- bans the three individuals who ran the company from Facebook’s services and requires the defendants to pay $500,000, according to court documents filed in federal court in California.
The penalty shows how Facebook’s new legal team is “dedicated to furthering the company’s enforcement efforts,” said Jessica Romero, a former prosecutor who oversees the team.
For Facebook, safeguarding its social network remains one of its most fundamental challenges: The very features that allow users to share posts and photos freely or take advantage of third-party apps can easily become vectors for fraud, misinformation and privacy abuses, putting people in jeopardy -- and earning the scorn of regulators.
The enormity of its task became apparent last month, when court documents in a fight between Facebook and the state of Massachusetts revealed the company discovered tens of thousands of apps that may have broken its rules, some of which may have improperly handled users’ personal data. Facebook discovered the potential abuse as a result of an internal investigation it launched following the Cambridge Analytica scandal.
That same app review also has resulted in at least three lawsuits brought by Romero's team, the company said in recent weeks.
In August, Facebook took aim at two developers -- one in Hong Kong, and another in Singapore -- who allegedly created tools available on Google's app store that infected smartphones with malware for the purpose of creating fake clicks on Facebook ads. Another brought in March charged that two Ukranian men used duplicitous software, which could be installed on a user's browser, to scrape information from Facebook users' profiles. Both are pending resolution in court.
Going forward, Romero said Facebook planned to target “anything that impacts our user safety whether it be because of privacy reasons, fraud or misleading information on our platforms.”