Friday, April 19, 2024

Facebook Agreed to Pay Historic Penalty of $5 Billion & Provides New Tools For FTC To Monitor Facebook

By Balaji

Facebook Agreed to Pay Historic Penalty of Billion & Provides New Tools For FTC To Monitor Facebook

Facebook finally agreed to pay $5 billion penalty from the Federal Trade Commission for the failure to protect its user’s privacy and FTC also imposes new restrictions to change the Facebook privacy model and creating multiple channels of new compliance.

$5 Billion is the highest penalty ever imposed on any other companies for violating consumers’ privacy or any type of violation by U.S Government, and it is 20 times biggest than the highest penalty for the violation of user privacy.

The $5 billion fine is not a big deal for Facebook which made a profit of $22 billion last year on $56 billion in total revenue through the business model advertisement for its customer’s product and service among more than billion Facebook users.

According to FTC Chairman Joe Simons “The magnitude of the $5 billion penalty and sweeping conduct relief are unprecedented in the history of the FTC. The relief is designed not only to punish future violations but, more importantly, to change Facebook’s entire privacy culture to decrease the likelihood of continued violations.

New Restrictions on Facebook’s Privacy Model

Other than the Penalty, Facebook required to create multiple channels of compliance and imposes the new privacy requirements.

In order to prevent the user’s privacy in the future, Facebook Committed to FTC with the settlement order for 20 years that requires to makes privacy decisions by boosting the transparency of decision making and holding Facebook accountable via overlapping channels of compliance.

Independent privacy committee – Facebook must set up the independent privacy committee in the board of directors level and removing unfettered control by Facebook’s CEO Mark Zuckerberg over decisions affecting user privacy.

Members of the privacy committee must be independent and will be appointed by an independent nominating committee.

Facebook’s privacy program- Facebook requires to set up Facebook’s privacy program to strengthens external oversight of Facebook by enhances the independent third-party assessor’s who can help Facebook’s privacy program based on the fact-gathering, sampling, and testing.

The independent assessor will be required to report directly to the new privacy board committee on a quarterly basis. 

Privacy program should cover the WhatsApp and Instagram, Facebook must conduct a privacy review of every new or modified product before implementation.

Accountability at the individual level – Under this Compliance, Facebook required to set up new compliance officers who will be responsible for Facebook’s privacy program and officers can be appointed by the new board privacy committee, not by Facebook’s CEO or Facebook employees.

Compliance officers and Facebook CEO must submit the FTC quarterly certifications with the report of compliance with the privacy program and the annual certification that the company is in overall compliance.

“The order also authorizes the FTC to use the discovery tools provided by the Federal Rules of Civil Procedure to monitor Facebook’s compliance with the order.”

Other Privacy Requirements Imposed By FTC

1. Facebook must exercise greater oversight over third-party apps, including by terminating app developers that fail to certify that they are in compliance with Facebook’s platform policies or fail to justify their need for specific user data;

2. Facebook is prohibited from using telephone numbers obtained to enable a security feature (e.g., two-factor authentication) for advertising;

3. Facebook must provide clear and conspicuous notice of its use of facial recognition technology, and obtain affirmative express user consent prior to any use that materially exceeds its prior disclosures to users;

4. Facebook must establish, implement, and maintain a comprehensive data security program;

5. Facebook must encrypt user passwords and regularly scan to detect whether any passwords are stored in plaintext;

6. Facebook is prohibited from asking for email passwords to other services when consumers sign up for its services.

Statement From Mark Zuckerberg

Facebook released an official statement about the penalty and new major changes in structure and privacy controls.

“We’ve formally reached a settlement with the Federal Trade Commission about privacy. We’ve agreed to pay a historic fine, but even more important, we’re going to make some major structural changes to how we build products and run this company.”

“We have a responsibility to protect people’s privacy. We already work hard to live up to this responsibility, but now we’re going to set a completely new standard for our industry.”

Overall, these changes go beyond anything required under US law today. The reason I support them is that I believe they will reduce the number of mistakes we make and help us deliver stronger privacy protections for everyone. Mark said in his Facebook statement.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Managed WAF Protection

Website

Latest articles

Uncategorized

Alert! Windows LPE Zero-day Exploit Advertised on Hacker Forums

A new zero-day Local Privilege Escalation (LPE) exploit has been put up for sale...
Vulnerability

Palo Alto ZeroDay Exploited in The Wild Following PoC Release

Palo Alto Networks has disclosed a critical vulnerability within its PAN-OS operating system, identified...
Cyber Attack

FIN7 Hackers Attacking IT Employees Of Automotive Industry

IT employees in the automotive industry are often targeted by hackers because they have...
Cyber Attack

Russian APT44 – The Most Notorious Cyber Sabotage Group Globally

As Russia's invasion of Ukraine enters its third year, the formidable Sandworm (aka FROZENBARENTS,...
Android

SoumniBot Exploiting Android Manifest Flaws to Evade Detection

A new banker, SoumniBot, has recently been identified. It targets Korean users and is...
cyber security

LeSlipFrancais Data Breach: Customers’ Personal Information Exposed

LeSlipFrancais, the renowned French underwear brand, has confirmed a data breach impacting its customer...
Cisco

Cisco Hypershield: AI-Powered Hyper-Distributed Security for Data Center

Cisco has unveiled its latest innovation, Cisco Hypershield, marking a milestone in cybersecurity.This groundbreaking...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

WAAP/WAF ROI Analysis

Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

    • Book Your Spot

Related Articles

Connect with GBHackers On Security

Join 70,000 Security Professionals

Stay safe online with free daily cybersecurity updates. Sign up now!

GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.

Menu

Contact US:

Email : [email protected]