The privacy investigation into Facebook’s major data breach last March is likely to result in a record fine against the social media giant, the Washington Post reported Friday. The story cited three unidentified people familiar with the discussions.
Reportedly considering a “record-setting” fine, the Federal Trade Commission (FTC) is yet to affix the amount against the California-based company though it is expected to top its previous record fine of $22.5 million on Google.
The fine will be levied for violating a 2011 settlement whereby the FTC had mandated Facebook to take commensurate steps to protect users personal information. According to the consent decree, the agency barred “Facebook from making any further deceptive privacy claims”.
With the probe months from completion, it’s not clear whether the nodal privacy watchdog has settled on how much to seek , and if it will direct additional changes to Facebooks data collection and sharing practices.
Ongoing investigations
Despite the agency’s limited powers, the former head of the FTCs consumer protection division said that the fine could reach hundreds of millions of dollars, while sources in the media have put the figure down to billions. Most of the agency’s employees, currently furloughed during the government shutdown, unavailable comment.
Besides the FTC, the attorney general for the District of Columbia, Karl Racine, also sued the company in December while other states have opened investigations. Facebook has said the Securities and Exchange Commission and the FBI are also investigating.
The FTC probe was launched in the wake of the data-breach scandal in March, which revealed that a data mining firm had harvested information on millions of Facebook users.
Multiple data breach scandals
Also known as the Cambridge Analytica controversy, the disclosure of this breach put Facebook in a tight spot, for allegedly giving the political consulting firm access to personal information on about 70 million American users, without their explicit consent.
Although the firm has denied any violation, the US government has since faced international pressure to introduce stronger privacy legislation. Since then, Facebook vowed to do protect its users data better but there have been more leakages over the last year.
Last month, the company admitted to allowing other major tech firms to read users’ private while denying that this was done without users’ consent. The company also acknowledged a software flaw had exposed the photos of about 7 million users to a wider audience than they had intended.
In September, the company reported another massive security breach that had an impact on as many as 50 million users, though the firm downplayed that number to reflect 30 million affected accounts.
Time to rein in
The company, despite facing multiple lawsuits over multiple date breach scandals, has managed to rake in $13 billion worth of profits last quarter. Founder and CEO Mark Zuckerberg has appeared before the US Congress and testified before European lawmakers, but was left seemingly unscathed in either case. The fine will, thus, effectively serve as the strongest rebuke of the company, since the scandal first broke
The heftiest fine imposed by the FTC in a privacy action lawsuit so far amounted to $22.5 million, against Google in 2012 for bypassing the privacy controls in Apples Safari browser and misleading users into thinking that advertising trackers or cookies were absent in the internet browser. Thus, in light of the magnitude of Facebook’s transgression, it is safe to say that the penalty for Facebook would be in excess of than that.
Prarthana Mitra is a staff writer at Qrius