A federal investigation into Facebook could find Mark Zuckerberg directly responsible for any privacy failings on the social network, according to a new report in the Washington Post.
The Federal Trade Commission (FTC) is investigating Facebook over the mishandling of user data on the platform, stemming from the Cambridge Analytica scandal in 2018 which revealed that 50 million Facebook users had their data improperly shared with outside parties without their knowledge or consent.
Two sources speaking with the Washington Post said that the FTC is considering whether to, "seek new, heightened oversight" of Zuckerberg's leadership, in addition to potentially seeking a multibillion-dollar fine for the social network. Facebook said in a statement to the Washington Post and to Business Insider that it hopes to "reach an appropriate and fair resolution." The FTC declined to comment.
While Facebook has found itself in the crosshairs of federal investigators in the past, Zuckerberg hasn't been specifically targeted or sanctioned.
The investigation is looking into whether Facebook violated the terms of a 2011 settlement with the FTC, specifically something called the "consent decree," which essentially made Facebook responsible for being transparent with users about how their data was being used on the platform — with future violations leading potentially to huge fines for the company, but not Zuckerberg himself. Facebook has said in the past that it has not violated the consent decree.
But now Zuckerberg's past comments on Facebook privacy are being examined, the Washington Post reports, and the FTC could try to send a message to corporate leaders that they could be held liable for their company's mishaps.
If the FTC decides to hold Zuckerberg personally responsible for any Facebook failings when it comes to user privacy, it would represent a marked increase in the scrutiny of his leadership.
It's been a bad week for Facebook
The report comes in the wake of recent revelations discovered by Business Insider that Facebook collected the email contact lists of 1.5 million new users without their knowledge of permission.
Due to a discontinued email verification system used by Facebook with new users, the tech giant inadvertently collected email contact information from 1.5 million new users.
The documents, which include emails, webchats, presentations, spreadsheets and meeting summaries, show how Zuckerberg, along with his board and management team, found ways to tap Facebook’s trove of user data — including information about friends, relationships and photos — as leverage over companies it partnered with.
That data includes potentially tens or hundreds of millions of email addresses, that were used without permission by Facebook to "improve Facebook's ad targeting, build Facebook's web of social connections, and recommend friends to add," Business Insider's Rob Price wrote on Wednesday .
Worse: That violation could lead to yet more investigations by government regulators around the world.
What Facebook knows about you
Experts speaking with Business Insider said that the company could be violating a variety of regulations, including a US Federal Trade Commission (FTC) consent decree; the EU General Data Protection Regulation (GDPR), the European Union's data-privacy regulation; and perhaps even the Computer Fraud and Abuse Act (CFAA), a US criminal statute involving computer fraud and abuse.
- Facebook says it 'unintentionally uploaded' 1.5 million people's email contacts without their consent
- Facebook may have broken the law by harvesting 1.5 million users' email contacts, experts say
- Everyone is talking about Cambridge Analytica, the Trump-linked data firm that harvested 50 million Facebook profiles — here's what's going on
Here's how much Facebook knows about you