Federal investigators are turning their eye toward Mark Zuckerberg as a way to hold the company accountable for its data breaches.
The discussions about how to hold Zuckerberg accountable for Facebook’s data lapses have come in the context of wide-ranging talks between the Federal Trade Commission and Facebook that could settle the government’s more than year-old probe, according to two people familiar with the discussions. Both requested anonymity because the FTC’s inquiry is confidential under law.
The purpose of targeting Zuckerberg “could send a message to other tech giants that the agency is willing to hold top executives directly accountable for their firms’ repeated data misdeeds.”
“The days of pretending this is an innocent platform are over, and citing Mark in a large scale enforcement action would drive that home in spades,” said Roger McNamee, an early investor in the Facebook.
In the past, Zuckerberg was spared federal scrutiny and recently obtained documents show that the FTC considered a Zuckerberg probe but backed away back in 2011. Had the agency moved forward, Zuckerberg would have been responsible for Facebook’s future data breaches. The FTC began investigating the Facebook chief back in 2018 after questions were raised about the practices of Cambridge Analytica, a political firm that used Facebook data for various political purposes. Zuckerberg told congress “I started Facebook, I run it, and I’m responsible for what happens here,” he told lawmakers. But Zuckerberg also maintained that he did not violate the original consent decree from 2011 that required the company to fortify their privacy practices.
Brokered in 2011, the FTC’s consent decree with Facebook requires the company to be more upfront with consumers about the data it collects and give them permission before it overrides their existing privacy settings. Facebook also is barred from misrepresenting what it does with users’ data, while submitting to 20 years of privacy checkups.
Now, billions of dollars in fines are a real possibility.
Settling that federal inquiry, now more than a year old, could force Facebook to make significant concessions, including paying a fine ranging into the billions of dollars, the Post previously has reported. It could result in new obligations targeting Zuckerberg, too. One idea that has been raised could require him or other executives to certify the company’s privacy practices periodically to the board of directors, two people familiar with the matter said, along with heightened oversight by the FTC.
Lawmakers are also not pleased with Zuckerberg. “Holding Mark Zuckerberg and other top Facebook executives personally at fault and liable for further wrongdoing would send a powerful message to business leaders across the country: You will pay a hefty price for skirting the law and deceiving consumers,” Richard Blumenthal (D-Conn.) said.
Facebook has had two, very recent, serious privacy breaches. Earlier this month, the company announced it had discovered hundreds of millions of Facebook passwords stored in plaintext where any employee could see them. Earlier this week, the company company announced that Instagram was also storing passwords in plaintext.
Image from Getty Images.