Facebook is a lawsuit magnet. And this time the company is sued over claims of espionage, as the new lawsuit alleges that Facebook spied on messages and shared the data to third-party advertisers and marketers. 

The filing with a federal court in San Jose, California reads that Matthew Campbell and Michael Hurley are requesting a jury trial and relief against the social networking company.

On the last day of 2013, the plaintiffs’ attorneys filed the documents with the with the U.S. District Court claiming that Facebook infringed on two privacy laws: the California Invasion of Privacy Act (CIPA) and the Electronics Communication Privacy Act (ECPA).

Campbell and Hurley say that Facebook scans the content of private messages appended with links to a third-party website, following the link and finding data to profile the online activity between the sender and recipient. They think the act trenches the CIPA and ECPA because it queers privacy and weakens Facebook’s unprecedented security for private messages.

The plaintiffs cite findings from High-Tech Bridge, a Swiss security firm, to show that Facebook flicks through Universal Resource Locators in private messages without divulging to the unknowing account owner. In the study, High-Tech Bridge had a dedicated Web server and brought forth a secret URL for 50 social networking companies, email systems, and Web services. Afterward, the firm used the private messaging of each service with a new URL. And then it tracked the Web server to find which Web service clicks on the URL.

The filing doesn’t stop there. The filing lists other means that the social network uses to encrypt user data, including Likes, crawlers, and social plugins.

A Facebook spokesperson told Bloomberg the lawsuit banks on claims without merit.

Cases against social networking companies and other Internet service providers will continue to pile up, as Internet usage surges and as unknowing users become more mindful of the private details they serve on a silver plate. Other social networking sites such as LinkedIn also face claims of tapping into communications for profit.

The plaintiffs seek a class-action suit on behalf of Facebook users who sent or received private messages appended with URLs. They also hope the judge awards statutory damages of $100 for each day Facebook violates the ECPA and $5,000 or three times the actual damages they sustained. And, as may be expected, they want Facebook to stop scanning private messages and seek up to $10,000 in damages for each Facebook user.