Rose Law Group litigator Evan Bolick talks website privacy policies in wake of FTC’s record fine against Facebook

Information from CNBC

Key findings

The fine represents the largest ever imposed by the FTC against a tech company.

The FTC began probing Facebook in March 2018 following reports that political consulting firm Cambridge Analytica had improperly accessed the data of 87 million Facebook users.

Facebook to pay $5 billion FTC fine, but Gene Munster says resolution is months away

The Federal Trade Commission approved a record $5 billion settlement Wednesday with Facebook over the company’s privacy policies.

DOJ announces broad antitrust review of Big Tech, pushing down shares of Alphabet, Facebook and Amazon

Shares of Facebook were down slightly following the announcement, but turned positive in the afternoon, up about 1.1% by the end of trading. Facebook recouped more than what it will have to pay out for the settlement through what it gained in market value Wednesday. The stock added more than $6 billion to its market cap to bring it over $584 billion.

The fine is the largest ever imposed by the FTC against a tech company. The previous high was a 2012 $22.5 million fine against Google for its privacy practices.

READ ON:

“Every website needs a privacy policy. A privacy policy essentially creates a contract between your users and the company for how the user’s private information may be used and redistributed. It is critical that these policies be fully complied with particularly when so much personal and financial can be derived from usage date. This fine is massive, but likely appropriate. 

“It is also good that the FTC didn’t set a potentially ruinous precedent by trying to hold Mark Zuckerberg liable for the actions of a corporation. Having business entities act as a shield from liability of their owners and officers encourages people to enter the marketplace. Only in worst case scenarios should the law ignore the separation between the individual and their corporate entity. 

“We must also be wary about government setting standards for privacy policies. Once regulations are set, companies will certainly adopt only what is lawfully required, but no more. And a feature of many regulations is to waive liability for entities that comply with the bare minimum requirements. Without a regulatory scheme, companies can provide greater protections and can be pressured into adopting more stringent policies to respond to public pressure.

“So long as the FTC displays a willingness to impose harsh penalties on violators, as it did in this case, there is a great impetus to draft strong privacy policies and enforce them (or literally pay the price).” 

~ Evan Bolick, Rose Law Group litigator, who has drafted privacy policies as well as terms and conditions for business websites.