Facebook Reaches a Settlement with the FTC Regarding Its Privacy Policies

Facebook has agreed to settle FTC claims that it deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing the information to be shared publicly. The settlement shows the FTC's intentions to enforce its privacy mandate in the social media world.

    The FTC charges stemmed from changes Facebook made to its privacy settings in December 2009 to make aspects of users' profiles public by default, despite the fact that users had deliberately programmed their privacy settings to confine that information to a specific group of friends or family.

    The proposed FTC settlement bars Facebook from making any further deceptive privacy claims, requires that it get consumers' express consent before it changes the way it shares their data, requires that it prevent anyone from accessing a user's material more than 30 days after the user has deleted his or her account; requires that it establish and maintain a comprehensive privacy program; and requires that it undergo a third-party privacy audit every two years for the next 20 years.

    The FTC vote to accept the Facebook settlement agreement was 4-0. The FTC will publish a description of the agreement in the Federal Register and it will be subject to public comment through December 30, 2011, after which time the FTC will decide whether to make the proposed consent order final.

    Google Inc. agreed to a similar deal with outside audits every other year for the next 20 years after an investigation into Google's handing of personal information in its launch of its Buzz service. Twitter Inc. also agreed to outside audits every other year for 10 years after it was charged with "serious lapses" in its data-security practices after hackers broke into accounts, including one belonging to President Barack Obama.

    Take away: The government is pushing to hold companies more accountable for the personal data they collect, store and trade. Companies need to be vigilant about implementing comprehensive privacy programs that are tailored to their individual needs. In addition, once a company makes a material change in its policies, it needs to consider whether the consumer's affirmative consent will be required.

Add a comment

Type the following characters: foxtrot, niner, whisky, hotel

* Indicates a required field.

Subscribe

Recent Posts

Contributors

Archives

Jump to Page

Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.