Facebook has a bad rap across the digital world for its lack of respect for user privacy. Indeed Facebook is often juggling its privacy settings and introducing new, confusing features; Mark Zuckerberg himself has admitted Facebook has made “high-profile mistakes” in regards to user privacy. With all the personal information people reveal on Facebook, it is no surprise the US Federal Trade Commission began talks last November with Facebook to hold it accountable for privacy violations.
In particular, the FTC is concerned with Facebook actions in 2009 when Facebook made a series of changes to privacy controls. The changes overrode users’ privacy settings and revealed, to the public, personal user data such as list of friends, profile picture, etc. regardless of if a user had opted to protect their information from the public. Another point of tension is how Facebook shared private user data with advertisers between September 2008 and May 2010 despite claiming not to.
Facebook and FTC have now agreed to a settlement which sees Facebook not admitting guilt or paying a fine but agreeing to government audits of Facebook’s privacy practices every two years for the next twenty years. Facebook has also agreed that going forward it will explicitly ask for user permission before sharing any private data with outside parties.
The agreement between Facebook and the FTC is similar to agreements the FTC has already hashed with Facebook rivals Google and MySpace. In fact Google has already been fined $22.5 million for violating the agreement with the FTC. If Facebook violates its agreement with the FTC, it will face the same penalty as Google and MySpace — a fine of up to US$16,000 per day of violation. It remains to be seen how effective this threat will be in making Facebook respect user privacy.