The Los Angeles Post

FTC fines Facebook $5B in privacy settlement

by ·

Facebook will pay $5 billion as part of a record settlement with the Federal Trade Commission (FTC) over charges of extensive privacy violations in its handling of the Cambridge Analytica scandal, the agency announced Wednesday.

The allegations: The FTC found that Facebook deceived its users about their privacy protections while allowing third parties to harvest their data and that the company failed to establish a “reasonable privacy program that safeguarded the privacy, confidentiality, and integrity of user information” as required under a previous agreement with the agency.

The agency further alleged that Facebook illegally used phone numbers that users provided to protect their accounts’ security for advertising purposes without their consent. And Facebook was also charged with deceiving its users about its facial recognition technology.

“Despite repeated promises to its billions of users worldwide that they could control how their personal information is shared, Facebook undermined consumers’ choices,” FTC Chairman Joseph Simons said in a statement.

Blowback on FTC: The fine is by far the highest the U.S. government has ever imposed on a technology company for privacy violations, but the FTC’s Republican leadership was immediately put on the defensive against long-building criticism that the punishment was not severe enough for a company that has been besieged by privacy scandals.

Simons and his Republican colleagues stressed that the remedies in their order were restricted by the agency’s limited legal authority codified in a century-old law. And they also reiterated their call for Congress to grant the commission more power and resources.

“The extent to which Facebook, or any other company, should be able to collect, use, aggregate, and monetize data, is something Congress should evaluate in its consideration of federal privacy legislation,” the three GOP commissioners said in a joint statement.

What Facebook has to do: As part of the latest settlement, Facebook will have to create a privacy committee within its board of directors to review decisions within the company and provide more oversight of Chairman and CEO Mark Zuckerberg.

Facebook also agreed to pay the Securities and Exchange Commission $100 million to settle charges that it had misled investors about the material risks that its privacy practices posed.

The social media company — and its subsidiaries Instagram and WhatsApp — is also required to better oversee how third-party developers handle user data. And the settlement includes certain conditions imposed on Facebook’s own business practices, like a prohibition on using phone numbers that users provide for two-factor authentication for advertising and a requirement that it obtain affirmative consent from users before using facial recognition technology.

FTC divided: The FTC’s Republican commissioners approved the deal in a 3-2 party-line vote, with their Democratic colleagues dissenting.

One of those Democrats, Commissioner Rohit Chopra, argued in his dissent that the settlement does not go far enough to rein in what he sees as rampant privacy abuses within the company. Those abuses, Chopra said, are a feature or Facebook’s business model of monetizing information about its users for advertising.