MAHENDRA
LIMAYE ASSOCIATES’S TAKE ON FACEBOOK FTC JUDGEMENT
It is one of the biggest penalties inflicted
in History of USA or anywhere in world on Social Media Company. Surprisingly it
was neither debated nor discussed in India as if India has nothing to do with
it. Most of the digital intellectuals as well as legal luminaries didn’t utter
a word either praising or criticizing the FTC judgement, which is a compromise settlement.
Neither the more vocal supporters of Digital India made any comments on the
same favouring their blue eyed boy Marc. When most of the Indian population is trapped
in CATCH 22 situation created by Digital Revolution in India and Whatsapp
trying to enter Indian payment market, this FTC judgement needs to be carefully
scrutinised and must be understood by one and all, irrespective of whether you
are concerned or not !!!!! And specially when meeting of Whatsapp Global Head
Will Cathcart meeting Mr Ravi Shankar Prasad making headlines in India.
This silence is the strange and
startling and hence more dangerous!!!
Nothing in human history has
reached 2.4 billion people, roughly one out of every three living humans, with
the regularity and influence of Facebook. The only company close to that
influence is Google, which controls YouTube and its nearly 2 billion
regular users. Both of these companies have developed advertising
platforms that deliver carefully targeted messages more effectively and
efficiently than anything else in the world. On this backdrop recent compromise
judgement of FTC becomes more relevant.
When USA Federal Trade Commission has found the much beloved Marc
Zuckerberg’s Facebook guilty on various counts including “Misrepresenting
the Extent to Which Users Could Control the Privacy of Their Data and the
Extent to Which Facebook Made User Data Accessible to Third Parties” and “ Failure
to Implement and Maintain a Reasonable
Privacy Program”, the country having maximum number of
users on Mark Zuckerberg’s FB/WA/Insta taken together, none is concerned. Rather
it is extending red carpet welcome to Whatsapp global CEO Will Cathcart.
DOES IT INDIVIDUALLY AFFECT ME?
WHY SHOULD I BE CONCERNED AND CARING
ABOUT SOCIETY?
This is why we prefer to remain silent on
many issues happening in the society and that’s where we are being exploited by
these anti-social elements.FTC decision’s likely impact on Indian netizens is
far reaching and if we don’t debate it now, future generation will never excuse
us!!!!!
“ The parties have reached a settlement of
the Complaint’s allegations and the Order
requires Facebook to pay a $5 billion civil penalty and imposes significant
injunctive relief, primarily in the form of an amended administrative order
that will be entered by the FTC”
is the order in brief which needs more debate.
This
judgement of FTC was by 3-2 margin and if we just go through excerpts of
dissenting statement of federal
trade commissioner REBECCA KELLY SLAUGHTER, it will be easier for us to
understand and we may be compelled to introspect.
1) “During the years of Facebook’s continuous
alleged lawlessness, its gross annual revenue increased from $5 billion to over
$55 billion. Facebook’s collection and use of personal data have grown in
unprecedented, unchecked, and often unseen ways.”
2) My principal
objections are: (1) the negotiated civil penalty is insufficient under the
applicable statutory factors we are charged with weighing for order violators:
injury to the public, ability to pay, eliminating the benefits derived from the
violation, and vindicating the authority of the FTC. (2) While the order
includes some encouraging injunctive relief, I am sceptical that its terms will
have a meaningful disciplining effect on how Facebook treats data and privacy.
Specifically, I cannot view the order as adequately deterrent without both
meaningful limitations on how Facebook collects uses, and shares data and
public transparency regarding Facebook’s data use and order compliance. (3)
Finally, my deepest concern with this
order is that its release of Facebook and its officers from legal liability is
far too broad. Rather than accepting this settlement, I believe we should
have initiated litigation against Facebook and its CEO Mark Zuckerberg. The
Commission would better serve the public interest and be more likely to
effectively change Facebook by fighting for the right outcome in a public court
of law. For these reasons, I respectfully dissent.
3) I will not
recite the facts before the Commission, other than to note that there was extremely compelling evidence of a series of
significant, substantial order violations and law violations. In addition
to the evidence the Commission reviewed against Facebook, I believe there was sufficient evidence to name Mr.
Zuckerberg in a lawsuit.
4)
I
believe litigation was the best course of action in this matter. Litigation
would have provided public transparency and accountability for the company, its
leaders, and the Commission. It would send a message to the market and the
public that the Commission is willing to go to the mat to ensure compliance
with its orders. Under the jurisdiction and mandate of a federal court, the
Commission would have been able to seek, and if necessary move to compel,
discovery of important documents and testimony to inform a court’s assessment
of liability. A finding of liability at
the end of litigation would deter the company from further violations of the
law even without substantial monetary or injunctive relief. If a
hard-fought litigation against Facebook produced a result that fell short of
public expectations, the public would have every incentive to demand that
Congress take steps to address deficiencies in the law.
5)
Five billion dollars represents an astronomical penalty
compared to prior Commission settlements or to the financial position of most
individuals and firms. In the context of Facebook’s financial position and
scope of violations, it is a
substantially less significant sum. From the time of the original 2012
Facebook order to 2018, Facebook’s gross annual revenue increased more than 1000% from $5 billion to over $55
billion. Its 2019 revenues indicate continued growth, posting first-quarter
earnings of over $15 billion. Put another way, as of this year, Facebook brings
in around $5 billion on a monthly basis.
6)
In this case, the injury to the public, the defendant’s ability to
pay, the desire to eliminate the benefits derived from the violations, and the
necessity of vindicating the FTC’s authority—all drive the conclusion that $5 billion is an insufficient civil penalty.
Injury to the public can be difficult to quantify in monetary terms in the case
of privacy violations. That said, I regard the injury to the public and the
institutions of our democracy to be quite substantial. Facebook’s conduct that
the Commission alleges violated the order also facilitated Cambridge
Analytica’s expropriation of data and manipulation of voters.
7)
My colleagues in the majority note that civil penalties have
exceeded $5 billion only in instances of serious environmental disaster or
widespread financial fraud. I believe
that the injury to the public from damaging the integrity of our elections is
as serious if not more serious than
environmental and financial harms because it threatens the very systems that
stand to protect Americans from those harms. Concern over this fact pattern
should be bipartisan; the manipulative tactics weaponized in favour of a
particular party in one election can just as easily be turned against it in the
next.
8)
The order the Commission voted to accept does not impose any
limitations on whether Facebook can
transfer information to third parties or to other Facebook subsidiaries.
Instead, the order requires Facebook to
demand certain purpose and use certifications from third parties that
request information, giving Facebook free rein to maintain control over what
constitutes a permissible purpose and use. In other words, if Facebook wants
third parties to have certain data, it can permit that under its Platform
Terms; if Facebook wants to withhold access to that data, it can do so. But
there may be a gulf between what is good for Facebook and what is good for its
users. I believe that the order itself should limit third-party data access to
information necessary to provide or operate the product or service for which
the third party is requesting the information—it should not just rely on
Facebook’s malleable developer standards.
9) Finally, the order also fails to impose any substantive
restrictions on Facebook’s collection and use of data from or about users (and
non-users). This failure, in addition to allowing Facebook to aggregate
rich data stores across its platform unfettered, may exacerbate competition as
well as privacy concerns. We should strive to ensure that all our enforcement
efforts are cognizant of, and not inconsistent with, both our consumer
protection and competition missions.
10) In sum, many
of the problems identified in our investigation and in the related Cambridge
Analytica investigation arose from the use
of data beyond consumers’ expectations or permissions to enhance Facebook’s
partnerships and therefore its bottom line. I believe that it is important
and appropriate for the order to apply stringent limitations to how Facebook
collects, uses, and shares data.
If we go through few reactions about this judgement we can be more
enlightened.
House Commerce Committee Chairman Frank Pallone (D-NJ): “While
$5 billion is a record fine for the FTC, monetary damages are not enough.
Facebook has repeatedly demonstrated that it prioritizes profit over people.
Tough oversight is needed to prevent the abuse of consumer information by
Facebook and other companies. Comprehensive privacy legislation is necessary to
strengthen the FTC’s authorities and give it more enforcement tools and
resources so that violating consumers’ privacy and breaking public trust isn’t
just the cost of doing business.”
Senate Commerce Committee Chairman Roger Wicker (R-MS): “The
settlement between the FTC and Facebook further stresses the need for a strong
federal data privacy law. The details of Facebook’s conduct that were
illuminated by the FTC’s investigation are troubling. This investigation and
settlement, including a fine significantly larger than has ever been assessed
by a privacy enforcer anywhere in the world, are examples of the great work the
FTC can do. However, without a robust, comprehensive federal privacy law
covering data collectors and consumers, bad actors will be able to continue to
abuse data in the online marketplace.
Charlotte Slaiman, Competition Policy Counsel at Public Knowledge:
"Today we see the result of over a year of investigation and negotiation
by the FTC. It is frustrating that the FTC was not able to achieve more
significant changes to Facebook’s behaviour
going forward. Facebook users cannot count on being protected as a result of
this settlement. Under this settlement, Facebook does not have to meaningfully
change how it collects and uses your data. Facebook retains complete control
over when to share your data outside of Facebook, as long as the company
complies with the privacy policy that it gets to write. The settlement also
protects Facebook from further enforcement on other potential violations that
we may not even know exist. The settlement does not impose any pro-competition
terms, such as interoperability requirements or limiting data-sharing between
Facebook, Instagram, and Whatsapp to the same terms used with third-parties so
that competitors can compete fairly. While the settlement does require
additional auditing processes and reporting requirements as well as a very
large fine, the settlement is weak given the repeated violations and the
severity of the harm. We must pass new and more effective privacy laws, as well
as broader platform regulation aimed at improving competition in the sector so
that consumers can more easily switch to an alternative product if they are not
happy.”
Eric Null, senior counsel at New America’s Open Technology
Institute: “With the Facebook settlement, the
FTC appears to be stepping up its privacy enforcement. But consumers should be sceptical
that the settlement will lead to any effective change in online privacy
protections or Facebook’s business practices—the company was rewarded on the
stock market for the settlement, the settlement imposed no meaningful
restrictions on Facebook’s data collection and sharing practices, and
structural changes require a tenacious overseer to ensure compliance or they
may lead to nothing. Today’s settlement exemplifies the need for strong privacy
legislation, which could better protect consumers everywhere by making many
practices, including those Facebook engaged in, explicitly unlawful. The FTC
only achieved as much as it did because it had a prior consent decree in place.
Without comprehensive privacy legislation, consumers will likely end up with
more of the same.”
Free Press Policy Counsel Gaurav Laroia: “While
the $5-billion fine is one of the largest in the FTC’s history, it still falls
far too short. As Commissioners Chopra and Slaughter explained in their
dissents, the FTC’s $5-billion fine is unlikely to change the company’s behaviour.
It represents just one month’s worth of earnings for Facebook and is a tiny
fraction of the company’s growth in revenue since it entered into a consent
decree with the agency in 2012 for violating its users’ privacy. Far more
serious consequences are needed to curb the tech industry’s behaviour
and its amoral pursuit of growth at our expense. This settlement doesn’t change
that underlying dynamic. The FTC order places no meaningful limits on
Facebook’s collection of users’ personal information. The settlement also fails
to address the business model that incentivizes the invasive and manipulative
practices the company was fined for. The Cambridge Analytica scandal rightfully
motivated the FTC’s to reopen its investigation into Facebook. The company’s
lax privacy controls enabled the manipulation of voters in the 2016 election
and damaged our democracy. Without corrective action, the business of behavioural
advertising is bound to harm our social, political and private lives again and
again. It’s now up to Congress to pass legislation to protect our privacy, our
democracy and our civil rights.”
Marta Tellado, President and CEO of Consumer Reports: “As
expected, the size of the settlement is historic, but these attempts to hold
Facebook accountable are not enough to make a real difference. With a weak and
under-resourced FTC, and a glaring need for far more comprehensive privacy
laws, Congress must raise the standards for consumers and hold Big Tech
accountable. Lawmakers have a responsibility to pass laws that offer real
protections, giving consumers control of their data and the FTC the power it
needs to rein in Big Tech. The details of this settlement make it brutally
clear that this isn’t just about Facebook’s privacy policies. Facebook
made a concerted effort to control and manipulate consumer choices, by
misrepresenting how they do business, and how they treat their users.”
Open Markets Institute: "The
Open Markets Institute denounces the Federal Trade Commission’s (FTC) official
$5 billion settlement with Facebook. Even as the FTC’s complaint alleges that
Facebook committed major privacy violations, the FTC still failed to question
Mark Zuckerberg and has not required an admission of guilt by the corporation,
protecting Facebook from legal liability.
The
Guardian-- No collection
of scandals, errors, embarrassments, hearings, threats of regulation, fines, or
public scolding’s like this one seem to able to stall these two companies in
their quest to become the operating systems of our lives. The world has never
seen anything like Google. The world has never seen anything like Facebook.
By
going through the tone of dissenting judgement it becomes clear that many in
this world holds view that Marc Zuckerberg should have been personally held
liable for the data breach in its criminal capacity because it is this person
who is cheating the entire world with his false promises and assurances. The
2012 assurances from the Facebook to FTC and thereafter breaches of the same by
FB are now in public domain and how this serial offender can be believed for
his future assurances and promises?
As
of 2018, Facebook had more than 2.2 billion monthly active users worldwide.
Personal information, such as user’s real name, date of birth, hometown,
current city, employer, relationship status, and spouse’s name, as well as
sensitive personal information, such as political views, sexual orientation,
photos of minor children, and membership in health-related and other support
groups is used by FB for its marketing purpose. Users can also provide
information about themselves by indicating that they “like” public Facebook
pages. Research suggests that a user’s “likes” of public Facebook pages can be
used to accurately predict that user’s personality traits, sometimes better
than the user’s own friends and family. In addition, Facebook users may install
and use applications (“apps”) developed by third-parties (“third-party
developers”) that allow the users to share information with their Facebook
Friends.
In 2012, after an FTC investigation, Facebook settled
allegations that its practice of sharing Affected Friends’ data with
third-party developers of apps was deceptive. The resulting Commission Order,
among other things, prohibited Facebook from misrepresenting the extent to
which consumers can control the privacy of their information, the steps that
consumers must take to implement such controls, and the extent to which
Facebook makes user information accessible to third parties. But even in 2018
it was found by FTC, after revelations in Cambridge Analytica’s case, that FB
is sharing its user’s data to its app developers who in turn are misusing/commercially
exploiting the same. So can such company be called trustworthy? If the company
can cheat the nation in which it is born, can such company will remain faithful
to other nation? Can such company be blindly relied upon is the core issue.
Between
November 2015 and March 2018, Facebook asked its users to provide personal
information to take advantage of security measures on the Facebook website or
mobile application, including a two-factor authentication measure that
encouraged provision of users’ phone numbers. But Facebook did not effectively
disclose that such information would also be used for advertising. This shows
the mens rea of the policy makers of the company and specially its CEO Marc
Zuckerberg’s intentions to defraud and cheat the people by mere lip services.
We are overwhelmed by the red carpet welcome My Dear Marc received in Modi 1.0
tenure and assurances he made to make global citizens lives simpler and easier
with the POWER TO CONNECT. But the real face behind this POWER TO CONNECT was
to sell their sensitive personal data and information to mint money!!!!!
One
of the significant disclosures by FB in FTC investigations is, “The full
scale of unauthorized collection, use, and disclosure of consumer information
resulting from Facebook’s conduct is unknown due, at least in part, to the
company’s lack of recordkeeping.”
Can
anyone believe that FB not having proper record keeping regarding who accessed
which information and how many times any information was accessed? To my mind
this evasive reply is just to make the penalty quantum very less as it will
create confusion in minds of commissioners regarding the real valuation of the
sensitive personal data compromised. This quantum of undervalued compromise
decree to the tune of 5 Billion Dollars can be guessed from the reaction of the
US stock markets in which FB stock gained after this compromise decree was
announced. It means markets were expecting much higher penalties on FB than the
inflicted one.
To
my mind India should be more concerned and watchful about the FTC findings and
the manner in which India is welcoming FB group in India. A company with
highest following in terms of user base is working on the diametrically
opposite principles followed in India which is TRUTH. The company’s decision of
accepting US FTC’s offer of compromise settlement rather than challenging the
same in Court of Law itself establishes than company has more to lose in civil
suit than 5 Billion dollars. So it was easy escape route offered to one of the biggest
Social Media giants in the world.
Have
you ever seen any example of such meagre surrender by the respondents in any
law suits especially when 5 Billion is at the stake?
As
a country we must be ready to read between the lines of this FTC Judgement and
be more careful while dealing with such companies in future.
If
FTC can act then why not any Indian Statutory Bodies like Competition
Commission of India or Indian Courts by way of Suo Motu PIL act when FB is
openly compromising privacy of the Indian Citizen, is the million dollar
question.
AND
MAHENDRA LIMAYE ASSOCIATES WANTS TO KNOW THE ANSWER.
This
article is just to provide the spark needed for much bigger debate amongst
intellectuals in India, especially those who are concerned about sovereignty
and security of the nation!!!!
JAI
HIND.