(CN) — The Federal Trade Commission accused Facebook parent Meta of violating a 2020 privacy agreement with the agency and wants the social media behemoth barred from profiting altogether from data it collects from underage users.
“Facebook has repeatedly violated its privacy promises,” Samuel Levine, director of the FTC’s Bureau of Consumer Protection, said in a statement Wednesday. “The company’s recklessness has put young users at risk, and Facebook needs to answer for its failures.”
According to the FTC, Facebook continued to give app developers access to users’ private information after promising in 2018 to cut off such access if users had not used those apps in the previous 90 days. In certain circumstances, the FTC said, Facebook continued to allow third-party app developers to access that user data until mid-2020.
The FTC also claims Facebook has misrepresented that parents could control whom their children communicated with through Messenger Kids. Children using the app in some circumstances were able to communicate with unapproved contacts in group text chats and group video calls, according to the FTC.
In an order to show cause filed Wednesday, the FTC seeks a blanket prohibition against Meta monetizing data of children and teens under 18. The prohibition, which would also apply to Meta's Instagram and WhatsApp products, will restrict the company to only collecting and using data from underage users to provide its services or for security purposes, and it will also bar Meta from using the data for commercial gain even after those users turn 18.
Meta called the FTC's announcement a "political stunt."
"Despite three years of continual engagement with the FTC around our agreement, they provided no opportunity to discuss this new, totally unprecedented theory," the company said in a statement. "Let’s be clear about what the FTC is trying to do: usurp the authority of Congress to set industry-wide standards and instead single out one American company while allowing Chinese companies, like TikTok, to operate without constraint on American soil."
The FTC slammed Facebook with a record $5 billion fine in 2019 over lapses in user privacy and unauthorized access to data reports. That civil penalty came after a long-running investigation into Facebook’s privacy failings, including the news that British political consulting firm Cambridge Analytica gained unauthorized access to the personal information of 87 million Facebook users.
As part of the 2020 order, which modified a 2012 agreement with the FTC to beef up its privacy policies, Facebook committed to conducting a privacy review of every new or modified product, service, or practice before implementation. The 2020 order also required Facebook to implement greater security for personal information, and imposed restrictions on the use of facial recognition and telephone numbers obtained for account security, according to the FTC.
The independent assessor, which is tasked with reviewing the company’s adherence to the 2020 order, however, has identified several "gaps and weaknesses" in Facebook’s privacy program, the FTC said, which pose substantial risks to the public.
The commission voted 3-0 to issue the order to show cause, but one of them, Commissioner Alvaro Bedoya, released a separate statement expressing some reservations — namely that the coding errors underlying Facebook's alleged misrepresentations concerning Messenger Kids were resolved before the commission issued its 2020 order.
"There are limits to the commission’s order modification authority," Bedoya said. "Here, the relevant question is not what I would support as a matter of policy. Rather, when the commission determines how to modify an order, it must identify a nexus between the original order, the intervening violations, and the modified order."Follow @edpettersson
Read the Top 8
Sign up for the Top 8, a roundup of the day's top stories delivered directly to your inbox Monday through Friday.