Facebook settles FTC charges over 2009 privacy breaches
November 29, 2011
NEW YORK (CNNMoney) — Facebook has agreed to 20 years of privacy audits to settle a lengthy privacy complaint from the Federal Trade Commission, which says Facebook misled its members about its use of their private data.
Facebook “deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public,” the FTC said in its complaint.
The complaint cites several examples of alleged false promises from Facebook, most talking place several years ago. One example: In December 2009, Facebook changed its website so that some information that users had shared with a private group of friends was made public — and users weren’t warned about the change.
These events “were unfair and deceptive, and violated federal law,” the FTC said.
“Facebook’s innovation does not have to come at the expense of consumer privacy,” FTC chairman Jon Leibowitz said in a prepared statement.
Under the term of the settlement, Facebook will have to undergo a third-party privacy audit every two years for the next 20 years. Twitter and Google have recently signed similar deals with the FTC.
Facebook founder Mark Zuckerberg commented on the FTC settlement in a Facebook blog post on Tuesday afternoon.
“Overall, I think we have a good history of providing transparency and control over who can see your information,” he wrote. “That said, I’m the first to admit that we’ve made a bunch of mistakes. In particular, I think that a small number of high profile mistakes, like Beacon four years ago and poor execution as we transitioned our privacy model two years ago, have often overshadowed much of the good work we’ve done.”