A lawsuit filed against Facebook this week claims that the popular social network leaked users’ personal data to advertisers. If true, this would mean Facebook breached its own privacy policy.

The suit, filed in California by two Facebook users, alleges that the company shared information linking users’ browsing history to their real names with businesses advertising on the site.

When a user clicks on a banner ad within the site, Facebook tells the advertiser what page the user was looking at when they clicked. The lawsuit alleges that after the site was upgraded in February 2010, the data sent to the advertisers included the user’s real name and that this practice lasted until May 2010.

The suit argues that this represents a significant breach of user privacy. "This unauthorised disclosure of a person’s identity and what Facebook page they were viewing could have the effect of revealing to advertisers confidential and sometimes highly sensitive information, including a user’s private interests," it reads. "For example, if a Facebook user who was gay and struggling to come out of the closet was viewing the Facebook page of a gay support group, and then clicked on an ad, the advertiser would know the exact identity of that person."

Facebook denies the claims.

Earlier this week, renowned security expert Bruce Schneier accused Facebook executives of "deliberately killing privacy" by prioritising the needs of its advertisers over users.

In response to Schneier’s remarks, Facebook’s head of UK press Sophy Silver commented on www.information-age.com saying: "We never share personally identifiable information with advertisers nor do we sell personal information to anyone. Advertisers only ever see anonymised and aggregated data."