FTC, Facebook Reach Privacy Settlement

By Stephanie Rabiner, Esq. on November 30, 2011 | Last updated on March 21, 2019

Facebook has reached a settlement agreement with the Federal Trade Commission over claims that the social network deceived consumers when it promised to keep personal information private. Most allegations stem from the 2009 privacy changes, which had much of the Internet up in arms.

Those changes reset search settings and made a number of items public even when a user had set them to "Friends Only." This included the publishing of friends lists, network information, and profile pictures.

The Facebook settlement ensures that this won't happen again.

This is because the settlement requires Facebook to obtain approval before it changes the way it shares data. Each user must provide explicit consent before Facebook publishes his or her non-public personal data. Users would thus be required to sign up for a privacy control change.

The company must also stop providing access to user information within 30 days after an account is deleted, according to a statement released by the FTC. This is contrary to the current situation, which leaves some information, such as photos and wall posts, accessible post-deletion.

Facebook also may no longer make false claims about its dealings with third-party applications. It told users that apps could only access necessary information, when it reality they could access almost all personal data. Facebook also claimed to have verified the security of a number of apps, but the FTC asserts that it failed to do so.

To ensure that the company complies with the above, the final terms of the Facebook settlement impose a monitoring requirement. The network must now create a comprehensive privacy program and conduct biannual third-party audits.

Related Resources:

Copied to clipboard