View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Data
July 24, 2019updated 13 Jul 2022 12:35pm

Facebook Fined a Record $5 Billion – FTC Commissioner Slams “Blanket Immunity” for Zuckerberg, Sandberg

FTC Commissioner: "There are no restrictions on data harvesting tactics -- just paperwork. Facebook gets to sign off on what’s acceptable"

By CBR Staff Writer

The US government has fined Facebook a record $5 billion to settle Federal Trade Commission (FTC) charges that the company deceived users about how it was using their private information. The fine makes few changes likely to impact Facebook’s advertising business, and is the equivalent to a third of its advertising revenue in Q1.

Among the Department of Justice’s new requirements in a 20-year settlement:

  • Facebook is banned from using for advertising telephone numbers it obtained from users setting up two-factor authentication.
  • Facebook must provide “clear and conspicuous notice” of its use of facial recognition technology, and obtain affirmative express user consent
  • It must set up and maintain a comprehensive data security program;
  • Facebook must encrypt user passwords
  • Facebook is prohibited from asking for email passwords to other services when consumers sign up for its services.

Facebook had anticipated a fine of between $3-$5 billion.

The penalty against Facebook is the largest ever imposed on any company for violating consumers’ privacy and almost 20 times greater than the largest privacy or data security penalty ever imposed worldwide, the FTC said today. The Department of Justice said it “expects Facebook to treat its privacy obligations with the utmost seriousness.”

FTC commissioner, Rohit Chopra, was scathing about the settlement, saying: “I voted no.

“It doesn’t fix the incentives causing these repeat privacy abuses. It doesn’t stop Facebook from engaging in surveillance or integrating platforms. There are no restrictions on data harvesting tactics — just paperwork. Facebook gets to sign off on what’s acceptable”, he tweeted today.

“Mark Zuckerberg, Sheryl Sandberg, and other executives get blanket immunity for their role in the violations. This is wrong and sets a terrible precedent”, he added.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Highest Penalties in Privacy Enforcement Actions - $148 million States vs. Uber, $230 million British Authority vs. British Airways (proposed), $275 million CFPB and States vs. Equifax, $5 billion FTC vs. Facebook. Source: Federal Trade Commission.

Source: Federal Trade Commission

The government says the settlement order imposes “unprecedented new restrictions on Facebook’s business operations and creates multiple channels of compliance.”

The fine follows a year-long investigation by the FTC into allegations that Facebook repeatedly used deceptive disclosures and settings to undermine users’ privacy preferences in violation of a 2012 FTC order to desist.

These tactics allowed the company to share users’ personal information with third-party apps that were downloaded by the user’s Facebook “friends.” The FTC alleges that many users were unaware that Facebook was sharing such information, and therefore did not take the steps needed to opt-out of sharing.

Facebook Record Fine – And New Requirements

The FTC’s new 20-year settlement order overhauls the way the company makes privacy decisions and establishes “overlapping channels of compliance.”

It establishes an independent privacy committee of Facebook’s board of directors, removing “unfettered control” by Facebook’s CEO Mark Zuckerberg over decisions affecting user privacy, and sets up a new order-mandated privacy programme which covers WhatsApp and Instagram. As part of that plan Facebook must conduct a privacy review of every new or modified product, service, or practice before it is implemented, and document its decisions about user privacy.

In a related, but separate development, the FTC also announced separate law enforcement actions against data analytics company Cambridge Analytica, its former Chief Executive Officer Alexander Nix, and Aleksandr Kogan, an app developer who worked with the company, alleging they used false and deceptive tactics to harvest personal information from millions of Facebook users.

Kogan and Nix have agreed to a settlement with the FTC that will restrict how they conduct any business in the future. With Cambridge Analytica having filed for bankruptcy, the two merely face a prohibition from “making false or deceptive statements regarding the extent to which they collect, use, share, or sell personal information”.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.