Facebook: Audit finds privacy practices sufficient

NEW YORK (AP) — Facebook says that an independent audit found its privacy practices sufficient during a six-month assessment period that followed a settlement with federal regulators.

Facebook Inc. said it submitted the findings to the Federal Trade Commission on Monday evening. The audit was a required part of the social networking company’s settlement with the FTC last summer. The settlement resolved charges that Facebook exposed details about its users’ lives without getting the required legal consent.

Facebook provided a copy of its letter to the FTC, along with a redacted copy of the auditor’s letter, to The Associated Press on Wednesday. The redacted portion contains trade secret information and does not alter the auditor’s findings, the company said. The audit covered written policies as well as its data.

“We’re encouraged by this confirmation that the controls set out in our privacy program are working as intended,” said Erin Egan, Facebook’s chief privacy officer for policy,” in an emailed statement. “This assessment has also helped us identify areas to work on as Facebook continues to evolve as a company, and improve upon the privacy protections we already have in place. We will keep working to meet the changing and evolving needs of our users and to put user privacy and security at the center of everything we do.”

Facebook did not disclose the full, 79-page report or specific details on shortcomings in its privacy practices that were revealed by the audit. Spokeswoman Jodi Seth said Facebook declined to disclose such details “based on contractual obligations and the possibility of security and competitive vulnerabilities.”

The company has asked the FTC to keep the redacted information private, saying it would put it and its auditor at a competitive disadvantage and because it could reveal possible limitations of its privacy program.

The name of the accounting firm is also redacted but that information will be released when the FTC responds to the audit.

blog comments powered by Disqus