Risk
6/11/2012
01:44 PM
Connect Directly
RSS
E-Mail
50%
50%

British Judge Forces Facebook To Identify Trolls

Harassment case billed as the first instance in Britain in which a private suit is used to unmask people who allegedly made offensive, anonymous taunts.

Facebook's History: From Dorm To IPO Darling
Facebook's History: From Dorm To IPO Darling
(click image for larger view and for slideshow)
A British judge has ruled that Facebook must help identify multiple people who allegedly created a fake Facebook page and used it to harass a British woman.

According to court documents, the online abuse began minutes after Nicola Brookes, 45, left a message in support of U.K. X Factor participant Frankie Cocozza. "The abuse was vile and unwarranted to the extent that anonymous Internet trolls set up a fake Facebook profile account in Nicola's name and image to post indecent comments and lure young girls," read a statement released by British law firm Bains Cohen, which argued the case before an English high court.

On May 30, the high court agreed with Brookes' request that Facebook should be forced to reveal the identities of the alleged harassers, including their names, email addresses, and IP addresses, allowing her to trace their real identities via requests to their service providers. As a result, Brookes would be able to file a private suit against at least four people who allegedly wrote the harassing online posts.

According to legal experts, her case is the first-ever private prosecution in Britain involving online harassment, although Facebook reportedly has yet to receive the official legal papers, which must be served in the United States, since that's the primary place Facebook stores its data.

[ Does Facebook care what its users think? Read How Facebook Ignores Its Users. ]

Reached for comment about the case, a Facebook official stressed that the social network encourages people to use their real names when creating accounts. "Nothing is more important to us than the safety of the people [who] use our service. Unlike many other websites and forums, Facebook has a real-name culture, which provides greater accountability and a safer and more trusted environment," said Facebook spokesman Iain Mackenzie via email.

What happens when harassment or other types of inappropriate posts get made online? "We are clear that there is no place for bullying or harassment on Facebook and we respond aggressively to reports of potential abuse," Mackenzie said. "We provide our users with the tools to report abuse on every page and the option to block people from having any further contact with them. Reports involving harassment are prioritized, reviewed by a trained team of reviewers, and [the harasser is] removed if they violate our terms."

But Brookes contended that Facebook's complaint-reporting system was unequal to the task of dealing with serious cases of harassment, especially since she had trouble keeping up with--and reporting all of--the abusive content, and she couldn't block the abuse because she needed to make screen grabs to illustrate to Facebook what was happening.

"A few days after the fake profile started, I realized I needed proper legal help about this because the reporting system on Facebook doesn't work. There's nowhere else for you to contact," Brookes told The Telegraph newspaper in Britain. She also told the newspaper that her attackers were well-organized and appeared to operate with impunity. "These people are not random people who are bored. These are a group of people that share information and pick people out and target them on purpose," she said.

Brookes' law firm said the case highlighted the need--at least in Britain--for some type of mechanism that would help police Internet abuse and unmask taunters. In particular, it noted that after Brookes went to local police in Sussex, England, with hundreds of pages of printouts of the abusive comments, they'd told her that there was nothing they could do. "After getting involved, we contacted Facebook on several occasions and the fake profile page that was set up in Ms. Brookes' name was successfully taken down," read some of the details of the case released by Bains Cohen.

But after that takedown, someone posted new comments--not on Facebook--using Brookes' name, image, and real address, along with lewd comments about her daughter. When Brookes again alerted local police, they offered to install panic alarms in her home, but according to her lawyers, otherwise they "had no idea what to do."

"There is a clear anomaly in the law and the way in which Internet abuse is treated and investigated by the police--depending on whether the victim is in the public eye, or an ordinary member of the public," said Bains Cohen.

According to the law firm, "The only long-term solution is for the government to establish a body with some judicial powers to make it easier and cheaper for individuals or the police to have the identity of their abusers revealed to them, for the police to have specialist divisions trained to deal with this issue, and having the tools and powers to obtain identities from the likes of Facebook and Twitter."

New apps promise to inject social features across entire workflows, raising new problems for IT. In the new, all-digital Social Networking issue of InformationWeek, find out how companies are making social networking part of the way their employees work. Also in this issue: How to better manage your video data. (Free with registration.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0914
Published: 2014-07-30
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 6.x and 7.x through 7.5.0.6, Maximo Asset Management 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 6.2 through 6.2.8 for Tivoli IT Asset Management f...

CVE-2014-0915
Published: 2014-07-30
Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management 6.2 through 6.2.8, 6.x and 7.1 through 7.1.1.2, and 7.5 through 7.5.0.6; Maximo Asset Management 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk; and Maximo Asset Management 6.2 through 6.2.8...

CVE-2014-0947
Published: 2014-07-30
Unspecified vulnerability in the server in IBM Rational Software Architect Design Manager 4.0.6 allows remote authenticated users to execute arbitrary code via a crafted update site.

CVE-2014-0948
Published: 2014-07-30
Unspecified vulnerability in IBM Rational Software Architect Design Manager and Rational Rhapsody Design Manager 3.x and 4.x before 4.0.7 allows remote authenticated users to execute arbitrary code via a crafted ZIP archive.

CVE-2014-2356
Published: 2014-07-30
Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request.

Best of the Web
Dark Reading Radio