Facebook: Audit finds privacy practices sufficient (Update)

Apr 25, 2013 by Barbara Ortutay

Facebook says that an independent audit found its privacy practices sufficient during a six-month assessment period that followed a settlement with federal regulators.

Facebook Inc. said it submitted the findings to the Federal Trade Commission on Monday evening. The audit was a required part of the social networking company's settlement with the FTC last summer. The settlement resolved charges that Facebook exposed details about its users' lives without getting the required legal consent.

Facebook provided a copy of its letter to the FTC, along with a redacted copy of the auditor's letter, to The Associated Press on Wednesday. The redacted portion contains trade secret information and does not alter the auditor's findings, the company said. The audit, which found that Facebook's privacy program met or exceeded requirements under the FTC's order, covered written policies as well as samples of its data.

"We're encouraged by this confirmation that the controls set out in our privacy program are working as intended," said Erin Egan, Facebook's chief privacy officer for policy," in an emailed statement. "This assessment has also helped us identify areas to work on as Facebook continues to evolve as a company, and improve upon the privacy protections we already have in place. We will keep working to meet the changing and evolving needs of our users and to put user privacy and security at the center of everything we do."

Facebook did not disclose the full, 79-page report or specific details on shortcomings in its privacy practices that were revealed by the audit. Spokeswoman Jodi Seth said Facebook declined to disclose such details "based on contractual obligations and the possibility of security and competitive vulnerabilities."

The company has asked the FTC to keep the redacted information private, saying it would put it and its auditor at a competitive disadvantage and because it could reveal possible limitations of its privacy program.

The name of the accounting firm is also redacted but that information will be released when the FTC responds to the audit.

A representative for the FTC did not immediately return a message for comment on Thursday morning.

Facebook has made several high-profile mistakes over user privacy, especially in its early years. Much of the FTC's complaint against the company centered on a series of changes that Facebook made to its privacy controls in late 2009. The revisions automatically shared information and pictures about Facebook users, even if they previously programmed their privacy settings to shield that content. Among other things, people's profile pictures, lists of online friends and political views were suddenly available for the world to see, the FTC alleged.

The complaint also charged that Facebook shared users' personal information with third-party advertisers from September 2008 through May 2010 despite several public assurances from company officials that it wasn't passing the data along for marketing purposes. Facebook said this only happened in limited instances.

Facebook did not admit any wrongdoing as part of the settlement, but it agreed to submit to audits of its privacy practices for 20 years. This was the first of those audits. Google Inc. earlier agreed to a similar settlement, but was fined $22.5 million last August to resolve allegations that it did not comply with it.

Explore further: Putin signs law seen as crimping social media

not rated yet
add to favorites email to friend print save as pdf

Related Stories

Facebook settles with FTC over deception charges

Nov 29, 2011

Facebook is settling with the Federal Trade Commission over charges it deceived consumers with its privacy settings to get people to share more personal information than they originally agreed to.

Privacy groups ask FTC to investigate Facebook

Sep 29, 2011

(AP) -- Nine privacy groups have sent a joint letter to the Federal Trade Commission saying it should investigate the ways Facebook collects data about users' online activity after recent changes to its site.

Facebook near privacy settlement with FTC: report

Nov 10, 2011

Facebook will agree to independent privacy audits for 20 years under a proposed settlement with US regulators over changes to its privacy settings, The Wall Street Journal reported Thursday.

Myspace settles privacy probe with FTC

May 08, 2012

(AP) -- Myspace, the once mighty social network, settled a privacy investigation by the Federal Trade Commission and agreed to submit to privacy audits over the next 20 years.

Recommended for you

Google made failed bid for Spotify

6 hours ago

Internet titan Google tried last year to buy streaming music service Spotify but backed off for reasons including a whopping price tag, the Wall Street Journal reported on Tuesday.

Thieves got into 1,000 StubHub accounts

7 hours ago

(AP)—Cyber thieves got into more than 1,000 StubHub customers' accounts and fraudulently bought tickets for events through the online ticket reseller, a law enforcement official and the company said.

Putin signs law seen as crimping social media

19 hours ago

President Vladimir Putin on Tuesday signed a law requiring Internet companies to store all personal data of Russian users at data centres in Russia, a move which could chill criticism on foreign social networking ...

User comments : 0