During almost ten hours of hearings this week, Facebook CEO Mark Zuckerberg faced questions from nearly 100 members of Congress. And more than a dozen of them brought up the Federal Trade Commission. While questions about that agency may not have made for the sexiest soundbites, its actions may prove to be one of the most important factors in whether Congress actually regulates Big Tech, or just continues to talk about doing so.
The FTC is more of a law enforcement agency than a rule-making one, and one of its primary mandates is protecting consumers from unfair and deceptive practices. Following revelations about Cambridge Analytica, a political marketing firm that improperly obtained personal information from approximately 87 million Facebook user profiles, the FTC announced that it was opening an investigation into Facebook’s privacy practices. Tom Pahl, the acting director of the FTC’s Bureau of Consumer Protection, said in a statement that the agency is “firmly and fully committed to using all of its tools to protect the privacy of consumers.”
This is a big deal — the company’s stock took a hit as reports of the investigation surfaced — in part because Facebook has been in the agency’s sights before. In 2012, the social media behemoth reached a final settlement with the FTC over charges that the company previously deceived consumers by saying their information would remain private “and then repeatedly allowing it to be shared and made public.” The complaint specifically references the fact that users’ data could be obtained by third-party app developers in ways that could have caught those users unaware, which is awfully reminiscent of Facebook’s current fiasco.
As part of an agreement known as a consent decree, Facebook promised to institute and maintain a comprehensive privacy program. William Kovacic, who was an FTC commissioner until 2011 and is now a professor at the George Washington University School of Law, says the agency viewed that privacy program as “a flagship” designed to show how serious the FTC was about making broad protections a rule of the road for the entire tech sector. “If there’s a violation and you don’t do something, your flagship policy is in jeopardy,” Kovacic says. “The stakes here are huge.”
So are the potential fines for violating that consent decree, one of the “tools” the FTC has at its disposal. Each violation could merit a fine of more than $40,000, per user, per day. Multiply that by the 87 million users affected by the Cambridge Analytica leak, and theoretical fines quickly jump into the trillions — a potentially devastating figure even for Facebook, which has a market capitalization of about $480 billion as of this writing. Though Kovacic says it’s unlikely the FTC would ever pursue such a ruinous amount, it could be a bargaining chip. The question, he says, is how big of a number would show that the FTC is very serious about its …read more
Source:: Time – Business