CFO World

Facebook reportedly hit with US$5 billion fine for privacy breaches

Social media giant gets privacy fine and may face further restrictions and oversight

The Federal Trade Commission (FTC) in the US has reportedly hit Facebook with a record $5 billion settlement for privacy violations, according to a story first reported by The Wall Street Journal and numerous subsequent online reports.

After weeks of negotiation, the FCT voted to approve the fine against Facebook, according to anonymous reports. The agency has not yet released a formal statement with the details. It will be the largest such fine against a tech company for breaking its promises to improve its privacy practices. The US Justice Department must approve the fine and it’s unlikely to be reversed as US sources report fines are rarely overturned.

Critics in the US including Democrats and rights groups were quick to criticise the size of the fine, arguing it’s small in relation to the value of the company. Others believe it doesn’t go far enough in imposing structural reform to protect user’s privacy.

“The FTC should have forced Facebook to abandon plans to integrate Facebook Messenger, Instagram and WhatsApp; and it should have, at minimum, imposed severe privacy-protecting conditions on Facebook’s plans to launch a new global, privatized [sic] currency,” said president of Public Citizen, Robert Weissman, in a statement. 

Others, however, took a different view and see it as a substantial penalty. NetChoice, an association of ecommerce businesses which includes some of the biggest tech names in its ranks like Facebook, Google, PayPal and AirBnB praised the fine. 

“This breaks the record for privacy-related fines and is about 100 times larger than last year’s EU’s fine for Google. … [It]  is unprecedented and will undoubtedly motivate better privacy practices by all businesses,” said NetChoice general counsel, Carl Szabo, in a statement.

Facebook and the FTC have not made any comments to news outlets despite the widely published stories on the fine. Facebook’s share price was not negatively impacted by news of the fine and actually rose to its highest price in a year. Facebook may also face restrictions with some reports from the US speculating the social media giant may be up for stronger oversight in managing user data, although this is unlikely to prevent it from sharing information with third-party groups. 

The fine relates back to the social media giant’s involvement with third-party data agency Cambridge Analytica over its role in misusing data from millions of Facebook users. The firm developed a quiz in an app which, when installed, collected information on the users and also scooped up data on their friends. 

The FTC started its investigation after claims the data exchange broke Facebook's agreement with the agency to protect user privacy. The FTC probe expanded from Cambridge Analytica into Facebook privacy and security breaches.

At its annual conference this year and as reported by CMO, Facebook CEO, Mark Zuckerberg, admitted the platform doesn't have the best track record on privacy, but committed it to improving private interactions and encryption. 

“We don’t have the strongest reputation on privacy right now,” he said to the crowd. “The future is private. Privacy gives us the freedom to be ourselves.”

After spending 15 years becoming the digital equivalent of the town square, Facebook plans to become the digital equivalent of a living room. It will be focused on private interactions, end-to-end encryption to ensure no one sees messaging they are not supposed to, not even Facebook, Zuckerberg said. However, he didn't outline any changes in how it handles its user data within the platform and its sharing practices with third-parties.

The Association of Market and Social Research Organisations (AMSRO) told CMO after Google copped a GDPR fine for data breaches that personal information must be used with specific, unambiguous consent and a comprehensive explanation of how personal data will be used. If companies do not adhere to these practices, they face significant risk.

“The financial implications for a breach are significant and the reputational damage is potentially catastrophic. The liability that goes with data management should be top of mind for all leaders of organisations,” AMSRO president, Craig Young, told CMO when news of the Facebook Cambridge Analytica scandal broke.

Follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, follow our regular updates via CMO Australia's Linkedin company page, or join us on Facebook: https://www.facebook.com/CMOAustralia.