In a Facebook post
published shortly after the FTC’s announcement Wednesday, company CEO Mark Zuckerberg said, “We’ve agreed to pay a historic fine, but even more important, we’re going to make some major structural changes to how we build products and run this company. We have a responsibility to protect people’s privacy. We already work hard to live up to this responsibility, but now we’re going to set a completely new standard for our industry.”
Separately Wednesday, the Securities and Exchange Commission announced that Facebook had agreed to pay $100 million to settle “charges… for making misleading disclosures regarding the risk of misuse of Facebook user data.”
Facebook’s stock was down slightly when the market opened Wednesday morning.
The FTC settlement — which also covers Facebook subsidiaries Instagram and WhatsApp — could set the tone for a wave of further action by policymakers worldwide as they seek to rein in the most powerful players in Silicon Valley.
The $5 billion fine is nearly 30 times the FTC’s largest-ever civil penalty to date — $168 million, which was levied on Dish Network (DISH
) in 2017 — reflecting the tremendous scale of Facebook’s operations, as well as the enormity of its self-admitted mistakes.
In addition to the record civil penalty, Facebook also agreed to accept greater oversight of its privacy practices. Under the FTC deal, Facebook’s board will form a privacy oversight committee made up of independent members who cannot be fired by Zuckerberg alone. That committee will be charged with appointing still other officials who must periodically and truthfully certify that Facebook is complying with the FTC agreement, or risk being held personally liable. Zuckerberg will also be required to make those same certifications, the FTC said.
“False certifications would subject Mr. Zuckerberg and the [designated compliance officers] to personal liability, including civil and criminal penalties,” Simons said in a statement written jointly with the Commission’s two other Republican members, Christine Wilson and Noah Phillips.
The FTC also required that regular third-party assessments of Facebook’s privacy practices not rely on company materials but instead on the auditor’s own fact-finding.
The FTC voted 3-2 to approve the settlement, with the agency’s two Democrats dissenting because they believed the measure did not go far enough. In dissents, Commissioners Rohit Chopra and Rebecca Slaughter said they believed the fines were far too small, and that the FTC wrongfully gave Zuckerberg and Facebook COO Sheryl Sandberg a pass.
“Failing to hold them accountable only encourages other officers to be similarly neglectful in discharging their legal obligations,” wrote Chopra. “In my view, it is appropriate to charge officers and directors personally when there is reason to believe that they have meaningfully participated in unlawful conduct, or negligently turned a blind eye toward their subordinates doing the same.”
Other prominent tech critics, including Democratic Sen. Richard Blumenthal of Connecticut and Missouri Republican Sen. Josh Hawley, have said a $5 billion fine would be “a bargain” for Facebook. In an earnings report earlier
this year, Facebook said it was setting aside $3 billion to help cover expenses related to the expected penalty. It reported quarterly revenues of $15 billion at the time and its stock rose after it announced the charge, signaling investors were relieved by the probable outcome.
Facebook initially offered to pay $0 to resolve the Federal Trade Commission’s investigation into the tech giant’s privacy practices, according to details of the closed-door negotiations obtained by CNN.
The company later increased that number to $100 million, but its highest offer in the talks topped out at $1 billion, James Kohm, director of the FTC’s enforcement division and a lead agency negotiator, told CNN in an interview Wednesday.
That is far less than the $5 billion Facebook eventually agreed to pay. But it also pales in comparison to the tens of billions that the FTC initially sought from Facebook for violating a 2012 privacy-related consent order.
Kohm described that stage of the talks as early and said that Facebook’s proposals at the time were not serious. When the two sides reached a ballpark amount, the talks became more serious and shifted to other proposed measures such as changes the FTC wanted from Facebook’s governance and accountability structures.
“At several points we walked out or threatened to walk out,” said Kohm. “It was contentious, but it was professional and adult.”
Neither Zuckerberg nor COO Sheryl Sandberg were deposed as a part of the investigation, Kohm said. But, he added, the Justice Department interviewed roughly two dozen company officials, including some senior officials, and provided notes to the FTC.
The final settlement stretched on for 20 pages, said Kohm, and “every single word was negotiated.”