• Connect
  • Bookmark Us
  • AF Twitter
  • AF YouTube
  • AF LinkedIn
  • Subscribe
  • Subscription Link
Arent Fox
  • Firm

    • History

    • Awards & Recognitions

    • Diversity

      • Overview
      • Diversity Scholarship
      • Employees on Diversity
      • LGBT Initiative
      • Women’s Leadership Development Initiative
    • Alumni

    • Pro Bono

      • Overview
      • Current Pro Bono Work
      • Community Involvement
      • Pro Bono Newsletter
      • Pro Bono Awards & Honors
      • FAQ: Pro Bono & Working at Arent Fox
    • Leadership

      • Firm Management
      • Administrative Leadership
  • Deals & Cases

  • People

  • Practices & Industries

    • Practices

      • Advertising, Promotions & Data Security
      • Government Relations
      • Antitrust & Competition Law
      • Health Care
      • Appellate
      • Insurance & Reinsurance
      • Bankruptcy & Financial Restructuring
      • Intellectual Property
      • Commercial Litigation
      • International Trade
      • Communications, Technology & Mobile
      • Labor & Employment
      • Construction
      • Municipal & Project Finance
      • Consumer Product Safety
      • OSHA
      • Corporate & Securities
      • Political Law
      • ERISA
      • Real Estate
      • Environmental
      • Tax
      • FDA Practice (Food & Drug)
      • Wealth Planning & Management
      • Finance
      • White Collar & Investigations
      • Government Contractor Services
    • Industries

      • Automotive
      • Energy Law & Policy
      • Fashion, Luxury Goods & Retail
      • Government Real Estate & Public Buildings
      • Hospitality
      • Life Sciences
      • Long Term Care & Senior Living
      • Media & Entertainment
      • Medical Devices
      • Nonprofit
      • Sports
  • Newsroom

    • Alerts

    • Events

    • Media Mentions

    • Press Releases

    • Social Media

    • Subscribe

  • Careers

    • Lawyers

    • Law Students

    • Professional Staff

  • Contact

    • Washington, DC

    • New York, NY

    • Los Angeles, CA

    Alerts

    • Newsroom Overview
      • Alerts

        Alerts by Criteria

        E.g., 1 / 21 / 2013
        E.g., 1 / 21 / 2013
      • Events
      • Media Mentions
      • Press Releases
      • Social Media
      • Subscribe

    You are here

    Home » Newsroom » Alerts

    Share

    • Printer-friendly version
    • Send by email
    • A Title
    • A Title
    • A Title
    • A
    • A
    • A

    FTC and Facebook May No Longer be Friends

    January 5, 2012

    The Federal Trade Commission (FTC) recently agreed upon a settlement with Facebook, Inc., operator of Facebook.com, regarding the company's privacy practices. In its 8-count complaint, the FTC accused Facebook of several unfair and deceptive practices related to the privacy of user information, including misleading its users about its privacy practices and the extent to which users were able to control the information shared with others through the site. As a result of the settlement, Facebook will have to be more up front about its privacy practices and cannot make retroactive changes to its privacy settings without consent from its users.

    The FTC's first argument against Facebook was that it provided misleading information to users regarding their control of their own information. In this regard, the FTC made several explicit charges against the social media provider. First, the FTC accused Facebook of failing to notify users that certain privacy settings did not hide all information that users would think was hidden and thus misled users as to the extent of control they had over their information. For example, despite privacy settings limiting the visibility of a user's "Friends List," such information was still visible through third-party applications used by their friends. Second, the FTC accused Facebook of making retroactive changes to its privacy settings without obtaining consumer consent. Essentially, this means that the FTC alleged that Facebook changed its privacy policy – sometimes in ways that were material – and enforced those changes against all of its current users without requiring the users to consent tothe change. Third, Facebook continued to provide third parties with access to deactivated accounts—including photographs and videos—despite indications that those user profiles would no longer be visible.

    The FTC's second argument involved the applications on the site. The FTC claimed that these applications, such as third party platforms used for games, advertisements, and promotions, were provided with more information than necessary. This was a contradiction to Facebook's statement in its privacy policy, which stated that Facebook would only disclose as much user information to the application owners as they needed to operate. Likewise, Facebook was accused of sharing information with advertisers despite representations that such information was not being shared. The FTC also accused Facebook of suggesting that certain applications had been through more extensive security vetting than others by providing them with permission to display a "Verified Apps badge" where many of those applications had not been reviewed any more than other applications operating on the site.

    Finally, the FTC accused Facebook of falsely self-certifying itself to the Department of Commerce despite its failure to adhere to the U.S. Safe Harbor Privacy Principles, including the principles of Notice and Choice, as part of the U.S.-E.U. Safe Harbor Framework that allows U.S. companies to transfer consumer information outside of the European Union.

    As part of the settlement, Facebook is prohibited from misrepresenting the extent to which it protects consumer information, especially with respect to the practices described in the counts listed above. Facebook must also clearly inform users about its data disclosure practices and delete user information within 30 days of the time that a user deactivates an account. In addition to requiring more privacy controls, the FTC has also imposed auditing and reporting requirements to ensure compliance.

    All website operators collecting user information should be aware of the FTC's settlement with Facebook as it is a sign of the FTC's views on data collection and privacy policies. For one, it shows the FTC's preference for privacy by design, whereby privacy considerations are built into a company's business model and companies have individuals and programs designated to protect consumer information. It is also an indication of the importance of ensuring that a company's privacy policy is accurate, and that consumers consent to any material changes to the policy. Failure to adhere to a company's own privacy policy can lead to an action by the FTC based on unfair and deceptive business practices.

    Arent Fox is continuing to monitor issues related to privacy. Please contact Anthony V. Lupo, Sarah L. Bruno, orEva J. Pulliam with questions.

    Related People

    • Sarah L. Bruno
    • Anthony V. Lupo
    • Eva J. Pulliam

    Related Practices

    Advertising, Promotions & Data Security
    • Firm
    • Deals & Cases
    • People
    • Practices & Industries
    • Newsroom
    • Careers
    • Contact

    Footer Main

    • Firm
    • Deals & Cases
    • People
    • Practices & Industries
    • Newsroom
    • Careers
    • Subscribe
    • Alumni
    • Diversity
    • Legal Notice
    • Privacy Policy
    • Social Media Disclaimer
    • Nondiscrimination
    • Site Map
    • Client/Staff Login

    Offices

    • Washington, DC
      1717 K Street, NW
      Washington, DC 20036
      Tel: 202.857.6000
    • New York, NY
      1675 Broadway
      New York, New York 10019
      Tel: 212.484.3900
    • Los Angeles, CA
      555 West Fifth Street, 48th Floor
      Los Angeles, California 90013
      Tel: 213.629.7400
    • © Copyright 2013 Arent Fox LLP. All Rights Reserved.

      Legal Disclaimer
      Contents may contain attorney advertising under the laws of some states. Prior results do not guarantee a similar outcome.