Taking Legal Action Against Those Who Abuse Our Services

By Jessica Romero, Director of Platform Enforcement and Litigation

Update on August 12, 2020 at 11:50AM PT:

Last week, the Commercial Court in Madrid, Spain, granted Facebook Inc. and Facebook Ireland’s request for a court order directing MGP25 Cyberint Services and its founder to cease their fake engagement operations immediately. The Court found that Facebook demonstrated the defendants had violated Instagram’s Terms of Use and Spanish law by operating a service designed to automate various activities on Instagram, including the creation of accounts and posting of likes, comments and other fake engagement.

The Court’s decision confirms that this conduct is a violation of our Terms and is an important milestone in our global legal enforcement against fake engagement and the use of automation on Instagram. We will continue to pursue these cases to protect people and our platform from those who engage in abuse and disregard our cease and desist letters.

Originally published on June 18, 2020 at 8:00AM PT:

Today we filed separate lawsuits in Europe and the United States to enforce our Terms of Service against the use of unauthorized automation software on Facebook and Instagram. 

This is one of the first times a social media company is using coordinated, multi-jurisdictional litigation to enforce its Terms and protect its users. The defendants in the European lawsuit operated a Spain-based fake engagement service, and the defendant in the US lawsuit operated a data scraping service with ties to California.  

These lawsuits also allege the defendants violated the laws of Spain and the US, including Spain’s protections for databases and online platforms and the Computer Fraud and Abuse Act in the US. We are seeking injunctions to reinforce our permanent ban against their use of our platform.

Facebook Inc. and Facebook Ireland sued MGP25 Cyberint Services and its founder in the commercial court of Madrid for providing automation software to distribute fake likes and comments on Instagram. The defendant’s service was designed to evade Instagram’s restrictions against fake engagement by mimicking the official Instagram app in the way that it connected to our systems. The defendants did this for profit, and continued to do so even after we sent a Cease and Desist letter and disabled their accounts.

Facebook Inc. also sued Mohammad Zaghar in federal court in San Francisco for operating a data scraping service called Massroot8. This service asked people to provide their Facebook login credentials on the Massroot8 website. The credentials were then used by Zaghar’s service to scrape user data from Facebook. Zaghar collected the data by using a computer program to control a network of bots, which pretended to be an Android device connected to the official Facebook mobile app. The defendant engaged in this abuse even after Facebook sent a Cease and Desist letter and disabled his accounts.

Today’s legal actions demonstrate our commitment to enforcing our policies and holding people accountable for abusing our services.



To help personalize content, tailor and measure ads, and provide a safer experience, we use cookies. By clicking or navigating the site, you agree to allow our collection of information on and off Facebook through cookies. Learn more, including about available controls: Cookies Policy