Why should Facebook’s recent data privacy crisis matter to my company?
By now everyone has heard about Facebook’s latest problem, involving the allegedly improper use by a data analytics company of the information of more than 50 million U.S. Facebook users. Just this week, the Federal Trade Commission (FTC) opened in investigation, claiming that Facebook may have breached a 2011 agreement with the FTC about the transfer of user data without their consent or knowledge.
Customer data privacy policies mean something
Why is this important to other companies, and not just the Facebooks and Googles of the world? It is important because it affects any company that collects, holds, and uses customer information, especially the information of customers who are individuals (as opposed to a corporate customer or client).
Most companies’ web pages have, tucked away at the bottom, links to a privacy policy and terms of conditions of use. These links take the user to online documents that, among other things, tell the user what kind of data the site collects, how it uses and maintains that data, and what steps it takes to protect it. If the company says it will take certain steps or observe certain practices, and then it does not, the FTC considers that a “misleading and deceptive practice” and has authority to investigate. In 2011, the FTC charged that Facebook had told its users they could keep their personal information public when in fact the company repeatedly shared the information and permitted it to become public. As a result, Facebook agreed to take certain steps to ensure that it would comply with what it told users it would do.
Facebook at risk of fines and other consequences from not following its privacy policy
The FTC is now investigating whether Facebook violated its agreement when it allowed user data to make its way to the data analytics firm. If the FTC finds a violation, it could fine Facebook as much as $40,000 a day per violation, which could amount to a huge fine. The company faces possible lawsuits from state attorneys general and users. All this is in addition to the losses Facebook has suffered to its stock price, advertising revenue, and reputation.
What should a company do about protecting customer data?
The FTC will go after smaller businesses as well as large, high-profile companies. If your company collects, holds, and/or uses customer data, it is critical to make sure that you are complying with the privacy policy and other terms and conditions you have included in your website. If you haven’t reviewed those online policies in a while, it may be a good idea to have an attorney (not your web developer) review and update them. If you don’t have such policies on your company website, and you collect customer data, you need to have one. Individuals are becoming more sensitive to their privacy rights and how their personal information is being used. If they believe that a company does not guard that information effectively, they may take their business elsewhere in the future.
If you would like more information, contact Mark Spitz at Spitz Legal Counsel LLC, by email at mark@spitzlegalcounsel.com, or by phone or text at 720-575-0440.