The Federal Trade Commission (FTC) formally announced its US$5 billion settlement with Facebook on Wednesday morning, July 24, which is the culmination of a years-long investigation into the Cambridge Analytica scandal and other privacy breaches.
In the agreement filed Wednesday, the FTC alleges that Facebook violated the law by failing to protect data from third parties, serving ads through the use of phone numbers provided for security, and lying to users that its facial recognition software was turned off by default. In order to settle those charges, Facebook will pay US$5 billion and agree to a series of new restrictions on its business.
Aside from the multibillion-dollar fine, Facebook will be required to conduct a privacy review of every new product or service that it develops, and these reviews must be submitted to the CEO and a third-party assessor every quarter. As it directly relates to Cambridge Analytica, Facebook will now be required to obtain purpose and use certifications from apps and third-party developers that want to use Facebook user data. However, there are no limits on what data access the company can authorize to those groups once the disclosure is made.
“The Order imposes a privacy regime that includes a new corporate governance structure, with corporate and individual accountability and more rigorous compliance monitoring,” the three supporting FTC commissioners wrote in a statement. “This approach dramatically increases the likelihood that Facebook will be compliant with the Order; if there are any deviations, they likely will be detected and remedied quickly.”
Want more news? Subscribe to CPI’s free daily newsletter for more headlines and updates on antitrust developments around the world.