The U.S. Federal Trade Commission today announced it had finalized its settlement with Facebook, which is  now subject to biennial privacy audits for the next 20 years and requires its nearly 1 billion users opt in to any future privacy policy changes.

The settlement announcement follows news that the FTC this week fined Google $22.5 million this week for failing to comply with an earlier settlement over tracking cookies it installed on Safari users’ machines.

Though the Facebook settlement was reached last November, it required a public comment period before it could be approved.

The focus was on a late 2009 change in the social network’s privacy controls that exposed content such as profile pictures and lists of online friends that users had previously opted to hide. The FTC also alleged Facebook shared its users’ personal information with third-party advertisers from September 2008 through May 2010 after publicly vowing it wouldn’t do so.

The company maintained those instances were limited to users clicking ads on their wall or while visiting someone else’s profile page.

Failure to comply with the conditions set in the settlement could result in fines of $16,000 daily per infraction.

In a statement released today, the FTC hinted it would vigorously enforce the settlement. It also noted the vote to finalize was 3-1 with Commissioner Thomas Rosch issuing the lone dissent vote, mainly because of concern over the handling of users’ privacy by third-party apps on the social network.

“These provisions make clear that Facebook will be liable for conduct by apps that contradicts Facebook’s promises about the privacy or security practices of these apps,” the FTC said.

Rosch also apparently was concerned that Facebook never admitted guilt in the case.

“As Commissioner Rosch is aware, an extensive investigation and detailed staff recommendation has given the Commission a strong — not just a reasonable — basis to issue its complaint in this case and to conclude that both the complaint and the resulting settlement are in the public interest,” the statement responded.

Later in the statement, the panel concludes: “We view the final consent order in this matter to be a major step forward for consumer privacy and hereby approve it.” 

Categories: Compliance, Government

Comment (1)

  1. Anonymous
    1

    I find this section very interesting:

    “These provisions make clear that Facebook will be liable for conduct by apps that contradicts Facebook’s promises about the privacy or security practices of these apps,” the FTC said.

    How many times do you see a web-based service which states a term of use policy, but fails to enforce it? I wonder if this will have far reaching implications into court cases which could refer back to a violation of a terms of use, and hold the business accountable for failure to enforce that policy. It would certainly help eleviate the convenience factor for enforcement which companies appear to like to take. From a consumer perspective, it appears as if they will tolerate the policy violation as long as it makes them money.

Comments are closed.