Facebook Settles U.S. Privacy Violation Charges
Facebook has agreed to tighten its privacy policies and submit to external audits in order to settle charges that it abused users' personal data, U.S. authorities said Tuesday.
In a deal with the Federal Trade Commission, the social networking giant promised to honor users' privacy preferences and to stop making claims about the security of personal information that are untrue.
The deal settles two year old accusations that Facebook -- which has some 800 million users -- had allowed advertisers access to users' personal data when users were told it was being kept private.
"The proposed settlement requires Facebook to take several steps to make sure it lives up to its promises in the future," the FTC said in a statement.
That includes giving consumers "clear and prominent notice and obtaining consumers' express consent before their information is shared beyond the privacy settings they have established."
Facebook did not admit guilt and was not fined in the case, which arose from an investigation by privacy groups in December 2009 that it had deceived users over the protection of their personal data -- such as their name, age, location, gender and friends -- when it changed its privacy settings.
The FTC said Facebook had deceived users in several ways: promising it would not share personal data with advertisers and then doing so; saying that third party apps had limited access to personal data when they had full access; and making public data users specifically chose to remain private.
Facebook was barred from "making any further deceptive privacy claims" and ordered to regularly undergo a third party audit over the next 20 years to ensure it is keeping its promises.
It also must shut down all access to accounts deleted by customers in 30 days or less -- an issue many users have become focused on as employers often try to access potential employees' Facebook pages to find out more about them.
Facebook founder and chief executive Mark Zuckerberg said in a statement to users on his own Facebook page that the company had already implemented many of the promises it made in the FTC settlement.
"I'm the first to admit that we've made a bunch of mistakes," he wrote.
"I also understand that many people are just naturally skeptical of what it means for hundreds of millions of people to share so much personal information online, especially using any one service."
"We're making a clear and formal long-term commitment to do the things we've always tried to do and planned to keep doing -- giving you tools to control who can see your information and then making sure only those people you intend can see it."
He meanwhile announced two new chief privacy officer positions in the company.
Chris Conley, an attorney with the American Civil Liberties Union, which has pressed Facebook since 2009 over privacy issues, called the settlement "an important step."
"But to keep pace with new technology, we also need new laws and tools... and comprehensive privacy legislation to help us safeguard our own personal information," he said in a statement.
"We shouldn't have to struggle with complicated and constantly shifting privacy settings just to keep control of our own personal information."
The settlement clears up one issue that could have clouded Facebook's launch on the stock exchange, which might come as early as April 2012.
The Wall Street Journal said preparations are under way for an initial public offering during the April-June quarter that would raise $10 billion and value the company at more than $100 billion.