FTC Examines Facebook’s Privacy Practices
Facebook has a problematic history when it comes to user privacy.
In 2007, Facebook introduced Facebook Beacon, a feature that broadcast users’ online purchases to their friends. Users initially had to opt out on each purchase to avoid sharing information.
In 2009, a group of nonprofit consumer and privacy groups, including the Electronic Privacy Information Center (EPIC), petitioned the Federal Trade Commission (FTC) to investigate how Facebook handled user data. The petitioners alleged that Facebook had violated a federal law that prohibits unfair and deceptive business practices.
The FTC charged Facebook with the following deceptive practices:
- Sharing users’ personal information with advertisers even though Facebook had said it wouldn’t do so
- Allowing third-party apps to have access to more personal information than was needed for the apps to operate, despite Facebook telling consumers this would not be the case
- Making details like friend lists public
- Stating that Facebook had certified the security practices of apps in its “Verified Apps program” without actually doing so
In 2011, Facebook agreed to settle charges that it had deceived consumers on privacy issues by entering into a federal consent decree.
The company agreed with the FTC that it would change its privacy practices.
The consent decree also required Facebook to undergo regular audits of its privacy program by an independent third party.
However, in light of recent revelations about how Facebook has handled personal information of its users, the FTC is taking another look at the company.
As the New York Times reported in March of 2018, a voter-profiling company called Cambridge Analytica collected private information from more than 50 million Facebook profiles without the users’ permission in 2014.
The company then used this data to influence voter behavior.
Cambridge Analytica collected the private information via an outside Russian-American researcher who told Facebook that he would be using it for academic purposes.
The researcher offered participants a personality survey app in exchange for their data, and 270,000 Facebook users agreed. However, the app also harvested personal details from millions of the users’ friends who hadn’t agreed to share their personal information.
According to a new article in the Times,
Privacy experts, law professors and at least one former F.T.C. official have argued that Facebook’s failure to prevent the survey app from obtaining the data of users’ friends violated the federal consent agreement. So did Facebook’s failure to prevent the app developer from sharing both users’ data and the data of users’ friends with Cambridge Analytica, these critics said.
In addition, numerous other Facebook-related privacy issues have been reported. For example,
- In June, a bug made up to 14 million private Facebook posts public.
- Facebook allowed device makers like Amazon to have access to users’ friends’ data without their consent.
- According to the Guardian, Facebook shared private user messages with Netflix and Spotify and even gave companies “the ability to read, write and delete users’ private messages [and] obtain email addresses of … users’ friends.”
As the Times reports, in addition to the FTC investigation,
Facebook is under investigation by the Justice Department, the Federal Bureau of Investigation, the Securities and Exchange Commission and several government agencies in Europe over Cambridge Analytica’s harvesting of user data.
Many consumers are quitting the app, unhappy about how their personal information has been handled.
According to The Verge,
44 percent of users between 18 and 29 told Pew they deleted Facebook’s app versus the 20 percent of people aged 50–64 who did so. For users over 65, that number dropped to 12 percent.