Facebook, FTC settle over privacy, consumer data charges

The Federal Trade Commission and Facebook have finalized a settlement regarding allegations of privacy missteps lodged against the social networking giant.

The charges against Facebook included that it ran a deceptive application verification program, under which the company charged developers between $175 and $375  to earn a "Verified Apps" badge, which was supposed to signal that the app is more "trustworthy" from a security and transparency perspective.

Apps carrying the badge earn preferential treatment through perks like higher search-result rankings. However, the FTC found that Facebook didn't conduct any vetting beyond what the non-verified apps already received.

Facebook also was accused of not warning users when a change to its "Friend List" allowed private information to be exposed; stating that third-party apps would not access personal information beyond what they needed to operate; promising users it would not share personal data with advertisers; and insisting that it complied with the U.S.-European Union Safe Harbor Framework that governs data transfer between the United States and certain European nations.

Facebook is forbidden to issue any further misleading privacy claims, and it is required to obtain users' approval before changing settings that affect personal data sharing. Facebook also must conduct periodic assessments of its privacy practices by independent, third-party auditors for the next 20 years and, further, must allow the FTC to monitor compliance with its order.

The settlement was approved 3 to 1, with one FTC commissioner not participating. Commissioner Thomas Rosch was the lone dissenter.

A Facebook spokesperson could not immediately be reached for comment.