An independent audit has given Facebook’s privacy practices a clean bill of health after a six-month investigation following a settlement with federal regulators
The social networking company submitted the audit’s findings to the Federal Trade Commission (FTC) on Monday. The audit was included in Facebook’s settlement with the FTC last summer.
The findings established Facebook’s privacy programme met or exceeded the FTC order, covering both the company’s written policies and samples if its data.
Facebook furnished the Associated Press (AP) with a copy of its letter to the FTC and the redacted copy of the auditor’s letter on Wednesday. According to the company, the redacted part contains trade secret information and does not change the findings of the audit.
"We're encouraged by this confirmation that the controls set out in our privacy program are working as intended," said Erin Egan, Facebook's chief privacy officer for policy, in an emailed statement to the AP.
"This assessment has also helped us identify areas to work on as Facebook continues to evolve as a company, and improve upon the privacy protections we already have in place. We will keep working to meet the changing and evolving needs of our users and to put user privacy and security at the center of everything we do."
Facebook did not however disclose the specific details of shortcomings in its privacy policies as contained in the 79-page report. Spokeswoman Jodi Seth cited contractual obligations and the possibility of security as well as competitive obligations as the reasons for not revealing the details.
The social networking company has also asked the regulatory body not to reveal the redacted information, arguing it would put both the company and the auditor at a competitive disadvantage. The name of the audit firm has also been withheld but will be revealed when the FTC responds to the audit.
In the past Facebook has made a number of high profile mistakes as far as user privacy is concerned. Some of the changes made to their privacy controls in 2009 were among the major complaints by the FTC. The changes automatically shared user’s information and pictures despite them previously programming their privacy settings to hide the content. The FTC added that people’s profile pictures, lists of online friends and political views were also open for anyone to see.
In the complaint were also allegations that Facebook shared its user’s personal information with third party advertisers from September 2008 to May 2010. This is despite company officials assuring the public it was not passing their data along for marketing purposes. In its defense Facebook said this only happened in a number of instances.
Facebook has agreed to submit to audits of its privacy policies for 20 years, with this being the first to be completed.