Social media apps including WhattsApp, LinkedIn, Twitter, FaceBook, Instagram, SnapChat and Periscope are displayed in a social media folder on the screen of an Apple (Photographer: Chris Ratcliffe/Bloomberg)

Facebook's Long History of Resolving Privacy Claims on the Cheap

(Bloomberg) -- Facebook Inc.’s deepening crisis over how the British political-advertising firm Cambridge Analytica misused the social network’s customer user data took another turn Tuesday with the news that the U.S. Federal Trade Commission is investigating. That’s on top of probes by multiple state attorneys general and the U.K. data-protection watchdog.

It’s not the first time Facebook has been targeted for its privacy policies. In fact, the FTC probe is looking at whether the incident shows the company violated an 2011 settlement with the agency over its data protections -- any violation of the so-called consent decree could cost Facebook millions of dollars. But that’s a tiny fraction of the company’s nearly $493 billion market value, and a review of some of the major penalties and settlements it’s paid in recent years shows more often than not, these cases don’t end in painfully large payouts:

  • March 29, 2018: Facebook users will ask a San Francisco judge next week to let their claims that the company’s photo-scanning technology gathered and stored biometric data without their consent proceed as a class action. While Facebook potentially faces liability in the billions of dollars under a unique Illinois law, certification isn’t guaranteed and the company has a history of defeating privacy lawsuits entirely or settling them for a fraction of what’s sought.
  • March 2018: Spain’s data protection watchdog fines Facebook and WhatsApp 300,000 euros ($367,650) each for processing user data without people’s consent.
  • September 2017: The same watchdog fines Facebook 1.2 million euros for failing to obtain proper consent to collect and store sensitive personal data, including information on gender, religion and internet use.
  • August 2017: Facebook wins U.S. court approval of a non-monetary settlement of allegations that it systemically scanned users’ private messages. The accord requires the company to not collect demographic and other personal information associated with links shared in Facebook messages.
  • May 2017: France’s privacy regulator fines Facebook 150,000 euros for misusing user data for targeted advertising and illegally tracking what users do on and off the site via cookies.
  • May 2017: The European Union’s antitrust regulator fines Facebook 110 million euros after it changed its privacy policy, in contradiction to the pledge it made to segregate WhatsApp data from other Facebook platforms to win approval for its 2014 takeover of the messaging service.
  • February 2016: A German court fines Facebook 100,000 euros for failing to comply with a 2012 order related to its policies on data usage.
  • December 2012: Facebook’s $20 million settlement of a U.S. class action over claims it used subscribers’ names without their permission to advertise products in its “Sponsored Stories” is approved.
  • November 2011: Facebook agrees to resolve complaints by the U.S. FTC that it failed to protect users’ privacy or disclose how their data could be used. The accord didn’t include a fine, but it required Facebook to get users’ consent for certain changes to privacy settings, among other measures.
  • March 2010: Facebook wins approval of another U.S. class-action settlement, this time for $9.5 million to resolve claims regarding its Beacon feature, which tracked what users buy online and shared the information with their friends.

©2018 Bloomberg L.P.