By Danielle Breen

Facebook and the Federal Trade Commission have come to a historic settlement of $5 billion for privacy-related violations. Facebook had previously settled with the Federal Trade Commission back in 2012 regarding claims for eight different consumer privacy violations. These new sanctions come in light of the fact that Facebook has reportedly violated the stipulations in the 2012 order, failing to enact true safeguards that prevented consumers from disclosing their personal information to third party app developers. Beyond the $5 billion sanctions, Facebook will also be required to create an independent privacy committee to ensure that the company fulfills its obligations to consumers in properly handling their data. The order also requires more stringent programs to monitor third-party app developers, consent with facial recognition technology, and encrypting passwords.

However, the most alarming allegation coming out of the recent settlement is that Facebook failed to even do minimal screening of third-party app developers before allowing them to use the platform. This means that these unknown third-party app developers had access to millions of unsuspecting users’ personal data, from what videos they were watching on Facebook live to their personal photos. Facebook has since suspended thousands of apps and is claiming to do an internal investigation regarding what consumer information may have been harvested by the app developers. The company is refusing to disclose the names of the suspended apps to the public, citing attorney-client privilege. In Massachusetts, Attorney General Maura Healey is seeking to unseal documents relating to this investigation in order to determine if consumer privacy has been violated.

In the wake of these privacy scandals, Facebook remains a powerhouse application, boasting billions of users across the world. Despite losing 15 million users since 2017, the platform remains largely popular. Significantly more people are continuing to use Facebook than popular applications like Instagram and Twitter. Even in the wake of many of these privacy breaches, including the Cambridge Analytica scandal which reportedly impacted 50 million Facebook users, reports show that Facebook membership is still continuing to grow. In 2018, monthly users were up year over year by 9%, with just over 2.3 billion users on the platform. Although scandals slowed the company’s expansion down periodically, its membership appears to be back on a steadily projected path of growth. This begs the question: are consumers even concerned with what is being done with their data? Or have we moved into a world where these occurrences have become so common that consumers are unaffected when they hear about them?

Consumer protection laws are enacted to prevent consumers from unfair and deceptive practices in the marketplace. The Federal Trade Commission’s purpose is not only to enforce these laws, but to ensure that when repeat violators such as Facebook continue with poor consumer privacy practices that those are corrected. With the secrecy behind which apps were harvesting user data, it is easy to see how consumers may feel as though little is being done to protect their privacy and transactions within the marketplace. Also given the frequency behind these data breaches, it appears that consumers are losing faith in the system and have become desensitized to the privacy scandals.

The Federal Trade Commission has an important responsibility in the coming years after this settlement to ensure that the 2012 order violations do not occur again. While the $5 billion settlement is no small amount, for a company like Facebook, financial sanctions do not mean much. Monetary sanctions for a company valued in the billions does not account for much more than a slap on the wrist. It will be much more telling as to whether the company can be actually held accountable for how it handles user data through the new commissions set to oversee Facebook. The 2012 order failed to have true accountability happen by leaving it in Facebook’s hands to oversee its data security. It will be interesting to see whether a truly independent commission, which requires reporting to both Facebook and the Federal Trade Commission, will be able to change the policies in place for protecting consumer data. Furthermore, if the independent committee goes well, it will hopefully become the model moving forward for other applications in order to give consumers more protection over their data.

 

Student Bio: Danielle Breen is a second-year law student at Suffolk University Law School.  She is currently a Journal of High Technology Law staff member.  Danielle holds a Bachelor of Arts in French Language & Literature and a Bachelor of Arts in Sociology from the University of Colorado Boulder.

Disclaimer: The views expressed in this blog are the views of the author alone and do not represent the views of JHTL or Suffolk University Law School.