Facebook sued over alleged private message 'scanning'
Facebook is facing a class action lawsuit over allegations that it monitors users' private messages.
The lawsuit claims that when users share a link to another website via a private message, Facebook scans it to profile the sender's web activity.
It alleges that Facebook systematically intercepts messages to mine user data and profits by sharing it with data aggregators, advertisers and marketers.
Facebook said the allegations were "without merit".
"We will defend ourselves vigorously," the world's biggest social networking site added.
The lawsuit is claiming the greater of either $100 (£61) a day for each day of alleged violations or $10,000, for each user.
The lawsuit, filed earlier this week, cites independent research that, it claims, found Facebook reviews the contents of its users' private messages "for purposes unrelated to the facilitation of message transmission".
"Representing to users that the content of Facebook messages is "private" creates an especially profitable opportunity for Facebook," it says.
It says this is "because users who believe they are communicating on a service free from surveillance are likely to reveal facts about themselves that they would not reveal had they known the content was being monitored.
"Thus, Facebook has positioned itself to acquire pieces of the users' profiles that are likely unavailable to other data aggregators."
However, others have come forward to defend Facebook.
Writing on his blog, security expert Graham Cluley said that if the site was not examining links shared privately, Facebook would be failing a "duty of care" to its users.
"If you didn't properly scan and check links there's a very real risk that spam, scams, phishing attacks, and malicious URLs designed to infect recipients' computers with malware could run rife," he argued.
Facebook has come under attack over its privacy policies in the past.
Facebook undertook to change the wording in the wake of a legal action launched in 2011 which saw it pay $20m to compensate users who claimed it had used their data without explicit permission.