Facebook fined $5 billion by FTC for failing to protect users’ privacy

Updated on 25-Jul-2019
HIGHLIGHTS

​Facebook to pay $5 billion to settle privacy concerns.

The FTC has told the company to establish an independent privacy committee.

After being in the spotlight for quite some for its involvement in several data leak cases, Facebook has been awarded a settlement fine of $5 billion (approx Rs 35,000 crore). The fine was imposed by the Federal Trade Commission (FTC) after it concluded an investigation into the Cambridge Analytica scandal and other privacy breaches in which the social media giant was mired in. The US government agency also told the company to establish an independent privacy committee that Mark Zuckerberg, Facebook Chief Executive Officer, will not have control over. The FTC alleged that Facebook violated the law by failing to protect users’ data from third parties, serving ads through the use of phone numbers provided for security, and lying to users that its facial recognition software was turned off by default.

“The Commission’s career enforcement staff conducted an extremely thorough investigation for over a year that focused on all potential violations of the FTC’s 2012 order and Section 5 of the FTC Act. The sweeping settlement announced today is based on the staff’s recommendation, and includes three major components: a record-breaking $5 billion penalty; new substantive privacy and data security requirements; and significant structural reforms to ensure greater corporate accountability, more rigorous compliance monitoring, and increased transparency,” FTC said in a joint statement by Chairman Joe Simons, and Commissioners Noah Joshua Phillips and Christine S. Wilson.

The fine is said to be the biggest ever imposed on any company for violating its consumers' privacy. The $5 billion penalty is approximately 9 percent of Facebook’s 2018 revenue and approximately 23 percent of its 2018 profit. FTC also told Facebook to enforce its platform terms against app developers on the basis of the severity of the violation. “Pursuant to the Order, Facebook must expand its existing privacy program to cover WhatsApp and any Facebook product or service that receives personal information from Facebook, WhatsApp and Instagram. Moreover, this is the first FTC order to address biometric information, requiring Facebook to get consumers’ option consent before using or sharing such information in ways that exceed prior disclosures and consents,” the FTC said.

Meanwhile, Facebook reiterated that it had made large strides in privacy, had given people more control over their data, and had closed down apps and applied more resources in protecting people’s information. “But even measured against these changes, the privacy program we are building will be a step change in terms of how we handle data. We will be more robust in ensuring that we identify, assess and mitigate privacy risk. We will adopt new approaches to more thoroughly document the decisions we make and monitor their impact. And we will introduce more technical controls to better automate privacy safeguards. As part of this effort, we will be undertaking a review of our systems,” Facebook said in a statement.

Soon after the whole Cambridge Analytica scandal got uncovered, Facebook announced an overhaul of its privacy tools that, it promised, would make it easier for users to find and edit the personal information that the social media firm holds. In the scandal, it emerged that data of about 50 million users had been harvested and passed on the London-based political consultancy firm. It was alleged that the firm, which collaborated with the election campaign of now US President Donald Trump in the runup to the 2016 US elections, used the information to develop a computer programme to predict the choice of US voters and influence them.

In January this year, Facebook announced a new Privacy and Data Use Business Hub for businesses that is said to centralise resources, which organisations can use for protecting user's information when using the platform. The new hub will host topics like Ads and Privacy Principles, how data is used in company's ad products, and guidance to help companies understand rules like European Unions’ General Data Protection Regulation (GDPR). Even at this year’s F8 Conference, Zuckerberg reiterated his previous stance stressing on privacy-focussed social platform, and announced several features that will let users “interact privately.”

Sourabh Kulesh

A journalist at heart; has knowledge of a wide gamut of topics related to enterprise and consumer tech.

Connect On :