` Federal Court Approves the Record FTC Settlement with Facebook over Privacy Violations - Clarip Privacy Blog
ENTERPRISE    |    CONSUMER PRIVACY TIPS    |    DATA BREACHES & ALERTS    |    WHITEPAPERS

Federal Court Approves the Record FTC Settlement with Facebook over Privacy Violations

Federal Court Approves Record FTC Settlement

On April 23, 2020, a federal court officially approved the $5 billion settlement the FTC reached with Facebook last year following a lengthy investigation into the company’s privacy practices and the Cambridge Analytica scandal.

On top of the specific changes to its practices that were subject of the FTC complaints, the settlement is noteworthy for requiring Facebook to implement a comprehensive privacy program that promotes accountability and independence of privacy-related decision-making.

Facebook’s Board of Directors must appoint an Independent Privacy Committee which will be briefed on material privacy risks and issues at the company and will have approval-removal authority over company’s privacy compliance officers and independent third-party assessor.  The compliance officers will be responsible for carrying out a day-to-day privacy program, documenting all privacy-related decisions, providing periodic reports to the third-party assessor and the CEO, as well as certifying compliance to the FTC.  A third-party assessor appointed with the FTC’s approval will, in turn, present an independent evaluation of Facebook’s privacy practices.

Facebook will be required to conduct regular privacy risk assessments in each area of its operations and implement safeguards that control for the identified material privacy risk.   Furthermore, Facebook will need to conduct privacy risk assessments prior to implementing new or modified products and services and produce Privacy Review Statements.

As part of the settlement, Facebook will be required to encrypt user passwords, would not be able to use phone numbers given as part of two-factor authentication for advertising, would not be able to retain personal information that users deleted on its servers, would not let employees have free access to user information, and would be required to obtain users’ permission on facial recognition matters.

Ask Clarip today how we can solve your biggest compliance pain points, Call Clarip at 1-888-252-5653

Contact

  • 1521, Concord Pike, Suite #301,
    Wilmington, DE 19803 USA
  • 20 Montchanin Road, Suite 20,
    Greenville, DE 19807 USA
  • Contact Online

888-252-5653

About

Consumers

Businesses

The pixel
Show Buttons
Hide Buttons