Facebook’s $5 billion settlement with the Federal Trade Commission over the Cambridge Analytica data-sharing scandal, originally agreed upon last July, is now official following approval by a federal court Thursday.
In addition to the fine, the agreement requires executive leaders at the company, including CEO Mark Zuckerberg, to certify compliance with the FTC quarterly and annually.
Facebook will also create a new privacy committee on its board of directors, made up entirely of independent directors, and the company will work with an independent third-party assessor who will regularly report on compliance to that committee.
Chief privacy officer for public policy Erin Egan will continue to lead engagement in global public discussion around privacy and ensure that feedback from governments and experts globally is incorporated into the company’s practices and policies.
Vice president of engineering Vladimir Fedorov continues to lead the team behind all of the necessary product, tools and infrastructure changes.
Vp of infrastructure Delfina Eberly leads the privacy program management team, which is responsible for driving design, implementation and testing.
Protti said Facebook’s legal team continues to grow, and the company created dozens of technical and non-technical teams solely focused on privacy.
He wrote, “This means we analyze how data is collected, used and stored from the moment people share new data with us all the way to when that data is deleted. We make sure it’s used properly through a risk-assessment process—a comprehensive audit of how we use data across the entire company, assessing risks and putting safeguards in place to address them. We currently have thousands of people working on these privacy-related projects, and we’re hiring many more.”
Protti said the process of onboarding new employees has been updated to ensure that they have privacy in mind when they think about their role and design products and features, and consider potential privacy risks. He added that new and existing employees must complete annual privacy training.
Protti concluded, “The agreement approved today goes beyond anything required by U.S. law, and we believe that it can and should serve as a roadmap for more comprehensive privacy regulation, as other parts of the world have explored. We hope this leads to further progress on developing consistent legislation in the U.S. and elsewhere. Ultimately, our goal is to honor people’s privacy and focus on doing what’s right for people. We believe that’s what the billions of people who use our products expect from us, and we’re going to keep doing that work for them.”