Cambridge’s clients had included U.S. President Donald Trump’s 2016 election campaign.
Davis said Facebook
did not show that most of the material Healey sought, including the identities of developers behind suspect apps, was protected by attorney-client privilege or an attorney “work product” that did not need to be disclosed.
“Only Facebook knows the identity of these apps and developers, and there is no other way for the attorney general to obtain this information on her own,” Davis wrote.
Facebook said it was reviewing its options and may appeal. “We are disappointed that the Massachusetts Attorney General and the court didn’t fully consider our arguments on well-established law, including the work product doctrine,” it said.
According to court papers, the Menlo Park, California-based company’s own probe led it to suspend 69,000 apps last September, mostly because their developers did not cooperate.
About 10,000 of these apps were found to have potentially misused user data. Healey welcomed Davis’ decision, which is dated Jan. 16.
“Facebook simply telling its users that their data is safe without the facts to back it up does not work for us,” Healey said in a statement. “We are pleased that the court ordered Facebook to tell our office which other app developers may have engaged in conduct like Cambridge Analytica.
The judge gave Facebook 90 days to turn over the material Healey sought.
Healey’s probe is one of several by state attorneys general regarding Facebook’s ability to protect user data.
Last July, Facebook agreed to pay a record $5 billion fine to resolve a U.S. Federal Trade Commission probe into its privacy practices.