Facebook CEO Faces Moment of Truth; Regulators Pursue Answers

Did Facebook violate the terms of its 2011 settlement with the Federal Trade Commission (FTC) over the handling of personal data? The agency has reportedly opened an investigation looking for answers on how the London-based political consultant Cambridge Analytica (CA) was able to harvest personal information belonging to millions of Facebook users without their knowledge or permission.

The controversy over user privacy has hit Facebook's stock hard this week. Some Wall Street pundits expect regulators to potentially clamp down on the social media giant and its rivals. CEO Mark Zuckerberg is expected to break his silence on the issue within 24 hours, according to multiple reports.

User Privacy: The Long and Winding Road

The background: Starting in 2015, CA harvested private information — names, location, email, friends list, from which psychological profiles could be built — both directly and indirectly from the Facebook information of more than 50 million users. The data was used to help Donald Trump’s 2016 presidential campaign. Neither CA nor Facebook asked permission of those users but instead quietly exploited the social media giant’s relatively open customer data privacy policy.

There are some big questions here and thus far wholly insufficient answers. What did Facebook know and when did it know it? How did CA so easily skirt Facebook’s default privacy settings? Did Facebook wink and nod at the whole operation and conveniently look the other way? Can Facebook be trusted to protect user privacy?

“We are aware of the issues that have been raised but cannot comment on whether we are investigating. We take any allegations of violations of our consent decrees very seriously as we did in 2012 in a privacy case involving Google,” an FTC spokesperson told Bloomberg. Should the FTC ultimately find that Facebook broke the settlement, it could penalize the company up to $40,000 for each incident, the Washington Post reported.

Seven years ago, an under-fire Facebook, charged with duping consumers into revealing more personal information than they intended, agreed to get user approval for certain changes to its privacy settings. Maybe we’ll know more soon: The social networking kingpin is slated to brief U.S. Senate and House aides on Wednesday, Reuters reported.

UK regulators reportedly have similar questions. “We are looking at whether or not Facebook secured and safeguarded personal information on the platform and whether when they found out about the loss of the data they acted robustly and whether or not people were informed,” Elizabeth Denham, the head of the watchdog UK Information Commission, told BBC Radio (via Reuters).

Of note, Facebook tried on Monday to carry out what it called a forensic audit of CA’s offices but was rebuffed by UK authorities, CNBC reported.

Facebook's Biggest Crisis Yet?

That Facebook is in the middle of yet another data privacy issue as the May 25th compliance deadline for the Global Data Protection Regulation (GDPR) fast approaches is ironic in no small way. The iconic social media giant that built its brand on people sharing personal information is now twice under scrutiny for misusing its very centerpiece.

Along those lines, EU Justice Commissioner Vera Jourova said she will meet with Facebook during a visit in the US this week and ask the same questions. “From a European Union perspective, the misuse for political purposes of personal data belonging to Facebook users -- if confirmed -- is not acceptable,” the EU said in a statement, Bloomberg reported. EU data privacy authorities reportedly discussed the issue at a meeting in Brussels Tuesday.

Meanwhile, Facebook CEO Mark Zuckerberg has been invited by Damian Collins, head of  a UK parliament committee investigating the CA flap, to testify on a "catastrophic failure of process," Bloomberg reported. Antonio Tajani, European Parliament president, has offered a similar invitation to Zuckerberg, the report said. Tajani reportedly said EU lawmakers want Zuckerberg “to clarify before the representatives of 500 million Europeans that personal data is not being used to manipulate democracy.”

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.