Facebook: Audit finds privacy practices sufficient (Update)

Apr 25, 2013 by Barbara Ortutay

Facebook says that an independent audit found its privacy practices sufficient during a six-month assessment period that followed a settlement with federal regulators.

Facebook Inc. said it submitted the findings to the Federal Trade Commission on Monday evening. The audit was a required part of the social networking company's settlement with the FTC last summer. The settlement resolved charges that Facebook exposed details about its users' lives without getting the required legal consent.

Facebook provided a copy of its letter to the FTC, along with a redacted copy of the auditor's letter, to The Associated Press on Wednesday. The redacted portion contains trade secret information and does not alter the auditor's findings, the company said. The audit, which found that Facebook's privacy program met or exceeded requirements under the FTC's order, covered written policies as well as samples of its data.

"We're encouraged by this confirmation that the controls set out in our privacy program are working as intended," said Erin Egan, Facebook's chief privacy officer for policy," in an emailed statement. "This assessment has also helped us identify areas to work on as Facebook continues to evolve as a company, and improve upon the privacy protections we already have in place. We will keep working to meet the changing and evolving needs of our users and to put user privacy and security at the center of everything we do."

Facebook did not disclose the full, 79-page report or specific details on shortcomings in its privacy practices that were revealed by the audit. Spokeswoman Jodi Seth said Facebook declined to disclose such details "based on contractual obligations and the possibility of security and competitive vulnerabilities."

The company has asked the FTC to keep the redacted information private, saying it would put it and its auditor at a competitive disadvantage and because it could reveal possible limitations of its privacy program.

The name of the accounting firm is also redacted but that information will be released when the FTC responds to the audit.

A representative for the FTC did not immediately return a message for comment on Thursday morning.

Facebook has made several high-profile mistakes over user privacy, especially in its early years. Much of the FTC's complaint against the company centered on a series of changes that Facebook made to its privacy controls in late 2009. The revisions automatically shared information and pictures about Facebook users, even if they previously programmed their privacy settings to shield that content. Among other things, people's profile pictures, lists of online friends and political views were suddenly available for the world to see, the FTC alleged.

The complaint also charged that Facebook shared users' personal information with third-party advertisers from September 2008 through May 2010 despite several public assurances from company officials that it wasn't passing the data along for marketing purposes. Facebook said this only happened in limited instances.

Facebook did not admit any wrongdoing as part of the settlement, but it agreed to submit to audits of its privacy practices for 20 years. This was the first of those audits. Google Inc. earlier agreed to a similar settlement, but was fined $22.5 million last August to resolve allegations that it did not comply with it.

Explore further: IBM dips into Twitter stream for business insights

not rated yet
add to favorites email to friend print save as pdf

Related Stories

Facebook settles with FTC over deception charges

Nov 29, 2011

Facebook is settling with the Federal Trade Commission over charges it deceived consumers with its privacy settings to get people to share more personal information than they originally agreed to.

Privacy groups ask FTC to investigate Facebook

Sep 29, 2011

(AP) -- Nine privacy groups have sent a joint letter to the Federal Trade Commission saying it should investigate the ways Facebook collects data about users' online activity after recent changes to its site.

Facebook near privacy settlement with FTC: report

Nov 10, 2011

Facebook will agree to independent privacy audits for 20 years under a proposed settlement with US regulators over changes to its privacy settings, The Wall Street Journal reported Thursday.

Myspace settles privacy probe with FTC

May 08, 2012

(AP) -- Myspace, the once mighty social network, settled a privacy investigation by the Federal Trade Commission and agreed to submit to privacy audits over the next 20 years.

Recommended for you

HTML5 reaches 'Recommendation' status

20 hours ago

W3C stands for World Wide Web Consortium, and the W3C HTML Working Group is responsible for this specification's progress. As the title suggests, they have a far-reaching job of watching out for the progress ...

Online dating service admits to fake profiles

23 hours ago

A British-based online dating service admitted to US regulators Wednesday that it created fake, computer-generated profiles to lure users into upgraded memberships.

NY voters to decide on digital legislation

Oct 28, 2014

If New York voters approve proposition No. 2 on the ballot next week, their 213 legislators will join the digital age. Their desks in the ornate chambers of the Capitol will have computers instead of thick stacks of bills ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.