In re Facebook
- Court Approves FTC-Facebook Deal, But Says Data Protection Laws Need Updating: Despite objections from EPIC and other consumer groups, a federal judge has approved the Federal Trade Commission’s settlement with Facebook over the company’s alleged violations of the 2012 consent decree and the FTC Act. The court called Facebook’s alleged conduct “stunning,” “unscrupulous,” “shocking,” and “underhanded,” and even stated that it “might well have fashioned different remedies were it doing so out of whole cloth.” The court nevertheless approved the deal because of the “deferential” standard it felt bound to apply, but the court warned that, should the FTC accuse Facebook of further violations of the law, the court “may not apply quite the same deference to the terms of a proposed resolution.” EPIC had moved to intervene in the case and filed an amicus brief arguing that the deal imposes “few new obligations on the company that would limit the collection and use of personal data, nor will there be any significant changes in business practices.” The court denied EPIC’s motion to intervene but acknowledged that EPIC’s arguments as amicus “call into question the adequacy of laws governing how technology companies that collect and monetize Americans’ personal information must treat that information.” (Apr. 24, 2020)
- EPIC Uncovers 3,156 More Facebook Complaints at FTC—Over 29,000 Now Pending: Through a Freedom of Information Act Request, EPIC has obtained thousands of new consumer complaints (part 1, part 2)against Facebook. The most recent documents, released to EPIC, follow the Commission’s proposed $5 b settlement in July. Among the complaints uncovered by EPIC are those from consumer groups and members of Congress. EPIC also obtained records of new complaints in the FTC’s Consumer Sentinel database. EPIC earlier uncovered 26,000 complaints against Facebook since the announcement of the 2011 consent order. EPIC is formally challenging the proposed settlement with Facebook, charging that the Commission has failed to investigate thousands of complaints against the company. (Sep. 22, 2019)
- EPIC Pursues Intervention in FTC Facebook Case (Aug. 12, 2019) +
- EPIC Challenges FTC-Facebook Settlement, Asks Court to Hear from Privacy Groups (Jul. 26, 2019) +
- BREAKING - FTC Issues Facebook Fine, EPIC - "Too little, too late." (Jul. 24, 2019) +
- Court Rules D.C. Attorney General's Lawsuit Against Facebook Will Proceed (Jun. 3, 2019) +
- Facebook Anticipates $3B-$5B Fine (Apr. 26, 2019) +
- Senator Blumenthal Calls on FTC to Unwind Big Tech Mergers (Mar. 7, 2019) +
- EPIC, Open Markets, Civil Rights Groups Press FTC on Facebook Consent Order (Jan. 23, 2019) +
- Senators Urge FTC to Act Against Facebook (Jan. 18, 2019) +
- In Facebook Case, Ninth Circuit Ignores Privacy Risks of Visits to Healthcare Websites (Dec. 7, 2018) +
- Facebook's Response to Congress Provides More Evidence of Consent Order Violations (Jul. 2, 2018) +
- EPIC Urges Appeals Court to Protect Consumers Against Invasive Cookie Tracking Practices (Jun. 27, 2018) +
- US Consumer Groups Urge FTC To Examine 'Deceived by Design' Practices (Jun. 27, 2018) +
- At Senate Hearing, Former FTC CTO States That Facebook Violated FTC Consent Order (Jun. 19, 2018) +
- EPIC Urges Senate Committee to Focus on Consent Order with Facebook (Jun. 19, 2018) +
- Facebook Overrode Users’ Privacy Settings And Allowed Device Makers To Access Personal Data (Jun. 5, 2018) +
- EPIC Obtains Partial Release of 2017 Facebook Audit (Apr. 20, 2018) +
- Senator Blumenthal Calls On FTC To Enforce Consent Order Against Facebook (Apr. 20, 2018) +
- EPIC Urges Senate to Focus on FTC Consent Order with Facebook (Apr. 9, 2018) +
- UPDATE - EPIC, Consumer Groups Urge FTC to Investigate Facebook's Use of Facial Recognition (Apr. 6, 2018) +
- EPIC, Consumer Groups to Urge Federal Trade Commission to Investigate Facebook's Use of Facial Recognition (Apr. 5, 2018) +
- State AGs Launch Facebook Investigation (Mar. 26, 2018) +
- FTC Confirms Investigation Into Facebook about 2011 Consent Order (Mar. 26, 2018) +
- EPIC FOIAs FTC, Seeks Facebook's Privacy Assessments (Mar. 20, 2018) +
- EPIC, Consumer Groups Urge FTC To Investigate Facebook (Mar. 20, 2018) +
- Facebook "Breach" Highlights Failure of FTC to Enforce Consent Orders (Mar. 19, 2018) +
- EPIC Offers Recommendations for Future of FTC Ahead of Senate Hearing on Nominees (Feb. 13, 2018) +
- EPIC Calls for Greater FTC Enforcement (Sep. 28, 2017) +
- EPIC Urges Public Comments on FTC Settlement with Uber (Sep. 6, 2017) +
- Following EPIC Complaint, Uber Agrees To Stop Tracking Riders (Aug. 29, 2017) +
- After EPIC Privacy Complaint, Uber Settles with FTC (Aug. 15, 2017) +
- Rep. Blackburn Proposes Online Privacy Bill, Would Preempt Stronger State Protections (May. 19, 2017) +
- EPIC, CDD Charge WhatsApp Policy Change Unlawful, Urge FTC to Act (Aug. 29, 2016) +
- With New Policy Changes, Facebook Tracks Users Across the Web (Feb. 4, 2015) +
- Facebook Responds to EPIC Complaint About "Emotions Study" (Oct. 2, 2014) +
- European Facebook Users Privacy Lawsuit Moves Forward (Aug. 26, 2014) +
- Following EPIC Complaint, Senator Seeks Investigation of Facebook User Manipulation Study (Jul. 17, 2014) +
- EPIC Challenges Facebook's Manipulation of Users, Files FTC Complaint (Jul. 3, 2014) +
- EPIC Urges FTC to Protect Snapchat Users' Privacy (Jun. 10, 2014) +
- Federal Trade Commission Urges Court to Protect Student Privacy (May. 29, 2014) +
- EU Court Rules Google Must Respect Right to Delete Links (May. 13, 2014) +
- EPIC's Snapchat Privacy Complaint Results in 20-Year FTC Consent Order (May. 8, 2014) +
- FTC Responds to EPIC Complaint on WhatsApp and Privacy (Apr. 10, 2014) +
- Federal Trade Commission Backs Users in Facebook Privacy Case (Mar. 21, 2014) +
- WhatsApp Founder Responds to EPIC Privacy Complaint (Mar. 18, 2014) +
- EPIC Urges FTC Investigation of WhatsApp Sale to Facebook (Mar. 6, 2014) +
- EPIC Files Amicus Brief in Facebook Consumer Privacy Case, Urges Rejection of Settlement (Feb. 21, 2014) +
- Instagram Retreats on Changes to Terms of Service, Cites User Opposition (Dec. 21, 2012) +
- Facebook Updates Privacy Controls, Removes Profiles Safeguard (Dec. 13, 2012) +
- Judge Rejects Settlement in Facebook "Sponsored Stories" Case (Aug. 21, 2012) +
- FTC Finalizes Settlement with Facebook (Aug. 10, 2012) +
- Judge Skeptical of Facebook Settlement (Aug. 3, 2012) +
- Facebook Timeline Changes User Privacy Settings. Again. (Dec. 15, 2011) +
- Federal Trade Commission Announces Settlement in EPIC Facebook Privacy Complaint (Nov. 29, 2011) +
- FTC Releases Agenda for Facial Recognition Workshop (Nov. 22, 2011) +
- WSJ: Facebook Close to Settlement with FTC over EPIC Complaint (Nov. 10, 2011) +
- Sen. Rockefeller Requests FTC Report on Facial Recognition Technology (Oct. 20, 2011) +
- Facebook Makes Some Changes, Privacy Complaints Still Pending (Aug. 29, 2011) +
- Facebook Makes Changes to Facial Recognition; Still Relying on Opt-Out (Jul. 27, 2011) +
- Congressman Markey Commends EPIC, Privacy Groups for Filing Facebook Complaint (Jun. 14, 2011) +
- EPIC Files Complaint, Urges Investigation of Facebook's Facial Recognition Techniques (Jun. 10, 2011) +
- Facebook Resumes Plan to Disclose User Home Addresses and Mobile Phone Numbers (Mar. 2, 2011) +
- Congressman Barton and Markey Challenge Facebook on Disclosure of Home Addresses, Mobile Phone Numbers (Feb. 2, 2011) +
- Facebook Drops Plan to Disclose Users' Home Addresses and Personal Phone Numbers (Jan. 18, 2011) +
- Congressmen Question Facebook About Latest Privacy Breach (Oct. 20, 2010) +
- Facebook "Places" Embeds Privacy Risks, Complicated and Ephemeral Opt-Out Unfair to Users (Aug. 19, 2010) +
- Federal Trade Commission Takes Action Against Twitter, Social Network Service Settles Charges It Deceived Consumers (Jun. 24, 2010) +
- Congress Pursues Investigation of Google and Facebook's Business Practices (Jun. 1, 2010) +
- Facebook Expected to Announce Privacy Changes (May. 25, 2010) +
- New Facebook Privacy Complaint Filed with Trade Commission (May. 5, 2010) +
- Senators Oppose Facebook Changes, Schumer Urges Trade Commission to Regulate Social Network Services (Apr. 27, 2010) +
- EPIC’s Facebook Complaint of "particular interest" to FTC (Jan. 19, 2010) +
- Privacy Groups File Amended Complaint regarding Facebook (Jan. 14, 2010) +
- EPIC Seeks Facebook Communications Detailing Privacy Changes (Dec. 29, 2009) +
- EPIC Defends Privacy of Facebook Users: Files Complaint with the Federal Trade Commission (Dec. 17, 2009) +
- Facebook Asks Users to Review Privacy Settings, Recommends Privacy Options, Questions Remain (Dec. 9, 2009) +
More top news
Facebook is a social networking site founded in 2004 by Harvard student Mark Zuckerberg. The site “connects people with friends and others who work, study and live around them.” As of December 2009, Facebook has nearly 150 million users in the United States.
Facebook offers a service called Facebook Platform, referred to as “Facebook-enhanced” applications. Facebook Platform “enables anyone to build social applications on Facebook and the web” in order to “make the web more open and social.” The Facebook Platform allows Facebook to transfer user personal data to other entities without their knowledge or meaningful consent.
Facebook and Privacy
Facebook has had a controversial history with respect to privacy. In 2006, Facebook launched a feature called “News Feed” which allowed users to track their friends’ Facebook updates and activity in real time. Within 24 hours, hundreds of thousands of the site’s users protested the feature. One Facebook group, “Students against Facebook News Feed” grew to 284,000 members within just a few days. As a result of the widespread protest, Mark Zuckerberg wrote an open letter to Facebook users, apologizing for doing a “bad job of explaining what the new features were and an even worse job of giving you control of them." Facebook then updated its privacy settings to allow for more user control over the News Feed Feature.
In 2007, Facebook launched Facebook Beacon, which allowed a Facebook user’s purchases to be publicized on their friends’ News Feed after transacting with third-party sites. Users were unaware that such features were being tracked, and the privacy settings originally did not allow users to opt out. As a result of widespread criticism, Facebook Beacon was shut down in 2009.
In February 2009, Facebook changed its Terms of Service. The new TOS allowed Facebook to use anything a user uploads to the site for any purpose, at any time, even after the user ceased to use Facebook. Further, the TOS did not provide for a way that users could completely close their account. Rather, users could “deactivate” their account, but all the information would be retained by Facebook, rather than deleted. EPIC planned to file an FTC complaint, alleging that the new Terms of Service violated the FTC Act Section 5, and constituted “unfair and deceptive trade practices.” In response to this planned complaint, and user criticism, Facebook returned to its previous Terms of Service.
Privacy Settings Update
In response to a complaint prompted by the Canadian Internet Policy and Public Interest Clinic (CIPPIC) and submitted to Canadian Privacy Commissioner Jane Stoddart, Facebook announced plans to change its privacy policies and settings to provide for more user control over information and stronger privacy settings for its users. The changes were introduced in November 2009, and each Facebook user was prompted to review and update his privacy settings. Facebook also made changes to its privacy settings, which included making certain information, such as name, gender, friends lists, and current city, publicly available, with no option to limit searchability. Facebook submitted a complaint to the Federal Trade Commission, alleging that Facebook engages in unfair and deceptive trade practices. The complaint "urges the Commission to investigate Facebook, determine the extent of the harm to consumer privacy and safety, require Facebook to restore privacy settings that were previously available as detailed below, require Facebook to give users meaningful control over personal information, and seek appropriate injunctive and compensatory relief." For more information, visit EPIC's FAQ page on Facebook's new privacy settings.
EPIC’s FTC complaint is signed by a number of other organizations, including the American Library Association, the Center for Digital Democracy, the Consumer Federation of America, FoolProof Financial Education, Patient Privacy Rights, Privacy Activism, the Privacy Rights Now Coaltion, the Privacy Rights Clearinghouse, and the U.S. Bill of Rights Foundation. The complaint highlights several aspects of Facebook’s recent changes that threaten its users’ privacy. The complaint focuses on the unfair and deceptive trade practices of Facebook with respect to sharing of user information with third-party application developers. First, the complaint argues that Facebook’s mandatory disclosure of information is an unfair practice. Second, the complaint argues that Facebook’s policies regarding third-party developers are misleading and deceptive.
Facebook does not allow for an easy way to opt out of Facebook Platform, or opt out of having information shared when a friend uses an application. Even when a user unchecks all boxes, which should prohibit applications from accessing any user data, Facebook notes that “applications will always be able to access your publicly available information (Name, Profile Picture, Gender, Current City, Networks, Friend List, and Pages) and information that is visible to Everyone.” Therefore, the “Everyone” setting overrides the settings a user chooses for third-party applications and websites.
Under Facebook’s previous privacy settings, Facebook allowed for more control over personal information. Facebook users were able to choose not to share “any information about me” to third-party application developers. This opt-out button is no longer available under Facebook’s new privacy settings.
The FTC's primary enforcement authority with regards to privacy is derived from 15 U.S.C. § 45, commonly known as section 5 of the Federal Trade Commission Act (FTCA). Section 5 of the FTCA allows the FTC to investigate "unfair methods of competition in or affecting commerce, and unfair or deceptive acts or practices in or affecting commerce." This law provides a legal basis for the FTC to regulate business activities that threaten consumer privacy.
The FTC released its formal complaint and proposed consent order with Facebook on November 29, 2011. Read more at https://epic.org/privacy/ftc/facebook/
- EPIC's Supplemental Complaint in In re Facebook (filed January 14, 2010).
- EPIC's FTC Complaint in In re Facebook (filed December 17, 2009).
- Federal Trade Commission, ChoicePoint Settles Data Security Breach Charges; to Pay $10 Million in Civil Penalties, $5 Million for Consumer Redress (December 6, 2006).
- United States v. ChoicePoint, No. 06-CV-0198 (N.D. Ga. Feb. 10, 2006).
- Federal Trade Commission, Microsoft Settles FTC Charges alleging False Security and Privacy Provisions (August 8, 2002).
- In re Microsoft Corp. (Fed. Trade Comm'n Dec. 20, 2002).
- Federal Trade Commission: Section 5 Enforcement Actions
- Notable Commentary on EPIC's Facebook Complaint
- Chloe Albanesius, FTC Examines Privacy Complaint Against Facebook, PC Mag (January 19, 2010).
- Peter Kafka, Feds to Facebook Privacy Critics: Let's Talk, All Things Digital (January 19, 2010).
- John Letzing, FTC has 'particular interest' in Facebook Privacy, MarketWatch (January 19, 2010).
- Frank Reed, Facebook Gets the Attention of the FTC, Marketing Pilgrim (January 19, 2010).
- Wendy Davis, FTC Probes Facebook's EPIC Privacy Fail, Mediapost (January 18, 2010).
- Benny Evangelista, As Facebook Thrives, Does Privacy Have to Fade?, San Francisco Chronicle (December 30, 2009).
- Scott Duke Harris, Facebook: Social Networking Giant Extends Reach, Plans to Grow More in 2010, Chicago Tribune (December 24, 2009).
- Jacqui Cheng, FTC Complaint says Facebook's Privacy Changes are Deceptive, Ars Technica (December 21, 2009).
- Rahul Chatterjee, Facebook Faces Privacy Backlash with FTC Complaint, EBrandz (December 21, 2009).
- Jenna Greene, Privacy Advocates Target Facebook, Law.com (December 21, 2009).
- Lesly Simmons, EPIC Files FTC Complaint against Facebook over Latest Privacy Changes, BlackWeb 2.0 (December 21, 2009).
- Brian Prince, Facebook Privacy: Just How Much do Users Want?, eWeek (December 20, 2009).
- Wendy Grossman, Little Black Facebook, Pelican Crossing (December 19, 2009).
- Mark Hefflinger, Privacy Groups File FTC Complaint over Changes to Facebook, Digital Media Wire (December 18, 2009).
- Alexei Oreskovic, Facebook Privacy Backlash in FTC's Hands, Reuters (December 18, 2009).
- Lalee Sadighi, Facebook Faces FTC Complaint, Red Herring (December 18, 2009).
- Lora Bentley, Watchdog Files FTC Complaint on Facebook Privacy Changes, IT Business Edge (December 17, 2009).
- Larry Dignan, Privacy Groups File Complaint with FTC over Facebook Settings, ZDNet (December 17, 2009).
- Fox 5 Top 5, Fox 5 News (December 17, 2009).
- Kashmir Hill, Did Facebook Break the Law when it Changed Privacy Settings?, True Slant (December 17, 2009).
- Tim Jones, The World Reacts to the New Facebook, EFF News Roundup (December 17, 2009).
- Peter Kafka, Next Step in Facebook Privacy Blowback: The FTC Complaint. The Real Question: Will Advertisers Care?, All Things Digital (December 17, 2009).
- Scott Kleinberg, Privacy has Facebook in Hot Water, Chicago Now (December 17, 2009).
- Richard Koman, FTC Complaint Escalates Facebook's Privacy Woes, Newsfactor (December 17, 2009).
- John Letzing, Privacy Groups File FTC Complaint against Facebook, MarketWatch (December 17, 2009).
- Paul McDougall, Facebook Hit with FTC Complaint, InformationWeek (December 17, 2009).
- Robert McMillan, Privacy Groups Bring Facebook Complaints to FTC, Computerworld (December 17, 2009).
- Barbara Ortutay, Privacy Watchdog Files Complaint against Facebook, Washington Post (December 17, 2009).
- Privacy Groups Complain to FTC about Facebook, Silicon Valley/San Jose Business Journal (December 17, 2009).
- JC Raphael, Facebook Privacy Complaint Ignites War of Words, PC World (December 17, 2009).
- Mark Sachoff, Privacy Group Files FTC Complaint about Facebook, WebProNews (December 17, 2009).
- Ryan Singel, Facebook Privacy Changes Break the Law, Privacy Groups Tell FTC, Wired (December 17, 2009).
- Brad Stone, Privacy Group Files Complaint on Facebook Changes, N.Y. Times (December 17, 2009).
- Berin Szoka, Facebook Privacy Controls Change & EPIC's FTC Complaint, The Technology Liberation Front (December 17, 2009).
- Joseph Tartakoff, Groups File Complaint with FTC over Facebook's New Privacy Settings, paidContent (December 17, 2009).
- Jessica Vascellaro, Privacy Groups File Complaint on Facebook to FTC, Wall Street Journal (December 17, 2009).
- Mark Walsh, Follow the Bouncing Valuation, MediaPost (December 17, 2009).
- Jason Kincaid, Facebook Suggests You Lie, Break Its Own Terms Of Service To Keep Your Privacy, Washington Post (December 16, 2009).
- Julia Angwin, How Facebook Is Making Friending Obsolete, Wall Street Journal (December 15, 2009).
- Taylor Buley, Facebook's Privacy Success, Forbes (December 15, 2009).
- Ed Felten, Another Privacy Misstep from Facebook, Freedom to Tinker Blog (December 14, 2009).
- Brian Prince, 7 Facebook Privacy Facts to Remember, eWeek (December 13, 2009).
- Shelly Palmer, Facebook Privacy: An Oxymoron, Shelly Palmer Blog (December 13, 2009).
- Ian Paul, Facebook's Privacy Settings: 5 Things You Should Know, ABC News (December 12, 2009).
- Brian Womack, Facebook's New Information-Sharing Options Attract Criticism, Bloomberg (December 12, 2009).
- Joseph Bonneau, Facebook Tosses Graph Privacy into the Bin (December 11, 2009).
- E.B. Boyd, The Week in Privacy: Google and Facebook Fall on their Faces, Bay Newser (December 11, 2009).
- Larry Downes, Note to Silicon Valley: How Not to Manage Privacy, CNet (December 11, 2009).
- Scott Fulton, Google, Facebook, and our Privacy: We're All in Denial, BetaNews (December 11, 2009).
- David Gelles, Facebook Draws Criticism for Privacy Changes, Financial Times (December 11, 2009).
- Riva Richmond, The New Facebook Privacy Settings: A How-To, N.Y. Times Blog (December 11, 2009).
- Danny Sullivan, Now Is It Facebook’s Microsoft Moment? (December 11, 2009).
- Graham Cluley, Facebook privacy settings: What you need to know (December 10, 2009).
- Facebook Faces Criticism on Privacy Change, BBC News (December 10, 2009).
- Facebook Unveils Privacy Changes, CNN (December 10, 2009).
- Gemma Fox, Facebook Faces Widespread Criticism Over Privacy Changes, Digital Journal (December 10, 2009).
- Kashmir Hill, Either Mark Zuckerberg got a whole lot less private or Facebook’s CEO doesn’t understand the company’s new privacy settings, True Slant (December 10, 2009).
- Stefanie Hoffman, Facebook Info Exposed on Web with 'Everyone' Setting, Channel Web (December 10, 2009).
- Renay San Miguel, Facebook App Devs Can See Your Privacy Parts, Tech News World (December 10, 2009).
- Patrick Miller, Protect Your Privacy Settings with the New Facebook Settings, PC World (December 10, 2009).
- Rafe Needleman, How to Fix Facebook's New Privacy Settings, CNet (December 10, 2009).
- Ryan Singel, Facebook Will Never Get Privacy Right, ZD Net (December 10, 2009).
- Robert McMillan, Facebook Privacy Changes Draw Mixed Reviews, Computer World (December 9, 2009).
- Jennifer Leggio, New Privacy, Schmivacy - Facebook Photo Tagging Still a Big Fail, ZD Net (December 2, 2009).
- Brett Levy and Claudia Morales, TechBytes: Facebook Privacy Changes, ABC News (December 2, 2009).
- Katherine Noyes, Facebook Hones Privacy Settings, Scraps Regional Networks, Tech News Crunch (December 2, 2009).
- Jason Kincaid, Facebook to Roll out New Privacy Controls to its 350 Million Users, Kills Regional Networks, Washington Post (December 1, 2009).
- Caroline McCarthy, Facebook Ratchets Up Privacy Controls (Again), CNet (August 27, 2009).
For more information, visit EPIC's FAQ page on Facebook's new privacy settings.
Share this page:
Subscribe to the EPIC Alert
The EPIC Alert is a biweekly newsletter highlighting emerging privacy issues.