In 2012, Facebook was sued by the Federal Trade Commission (FTC) for misleading consumers about their privacy. One example of their misleading promises was the extent to which they shared user information. Mobile applications used by one consumer were allowed to access the information of that consumer’s friends even though the friends did not grant permission. The 2012 settlement from the FTC required Facebook to tighten its privacy policies and put penalties in place for misleading statements to consumers.
Some of these standards include creating a system of checks and balances within the company to ensure consumer privacy is being properly handled, and removing CEO Mark Zuckerberg from complete control over privacy decisions. They also outline specific rules Facebook, Inc. must abide by when it comes to consumer privacy.
More Control Over Third-Party Apps
The FTC is requiring Facebook to exercise more control over applications granted access to their platforms. App developers who want to integrate with Facebook must certify compliance with Facebook’s policies and justify the need for consumer data. The social media giant must regulate the acceptance of their policies and stop creators from accessing the platform who do not meet the standards.
Prohibited to Sell Phone Numbers
The settlement ruled that Facebook is not allowed to use or sell user-provided phone numbers for advertising. This pertains to phone numbers given to Facebook for security reasons, like getting texted a code when you are logging in to a new device for two-factor authentication. This does not mean advertisers are prohibited from collecting your contact information in other ways. For example, if you fill out a form on Facebook where a company asks for your phone number and you provide it willingly, that company is entitled to use your phone number as in accordance with Facebook and their privacy policies.
Restrict Facial Recognition Technology
You have probably noticed facial recognition technology when uploading photos to Facebook. The platform often auto-suggests friends for you to tag in the pictures. The FTC is requiring Facebook to provide clear notice, absent of misleading messaging, to consumers and obtain consent from users when it uses facial recognition software.
Implement a Data Security Program
While the FTC does not go into very much detail about this requirement, Facebook will be forced to maintain a “comprehensive data security program.” Meaning it will not only have limits on how they can use and sell consumer information, but they will also be held to a high standard to protect user-information from outside sources.
Encrypt User Passwords
Facebook notified the public earlier this year of misuse of stored user passwords. The passwords for some users were stored as plain text for anyone in the company to access easily. Part of the FTC settlement requires Facebook to encrypt passwords and regularly check whether they are stored in plain text.
Limit Asked Information
According to the FTC press release, “Facebook is prohibited from asking for email passwords to other services when consumers sign up for its services.” Meaning Facebook cannot require users to disclose information about other platforms they might be a part of, even if owned by Facebook, Inc.
If you are a victim of identity theft in need of assistance, you can receive free remediation services from ITRC. Call one of our expert advisors toll-free at 888.400.5530 or LiveChat with us. For on-the-go assistance, check out the free ID Theft Help App from ITRC.
You might also like…