The FTC previously accused Facebook of engaging in “unfair and deceptive” practices and systematically invading their users privacy over the years.

There were 7 main complaints expressed by the FCC about Facebook privacy:

• – In december 2009 friend lists and other user data became public without any warning
• – Facebook applications may request almost any piece of user data even though Facebook said they can only access the data they need to operate.
• – The “Friends Only” privacy setting still allowed data to be accessed by third-party applications used by friends.
• – Facebook claimed their  “Verified Apps” program will verify the security of applications, witch did not happen.
• – Facebook “accidentally” shared personal data with advertisers when it expressively promised it would not do that.
• – User data from deactivated and deleted facebook accounts were still accessible even if Facebook claimed the contrary.
• – Data from European Union users was transferred in violation of the US-EU Safe Harbor Framework (a certification for US companies to comply with an EU Directive for protection of personal data).

On November 29th, 2011 Facebook has settled with the FCC over these complaints, Mark Zuckeberg himself admitting in a Facebook blog post that “we have made a bunch of mistakes”  (yea think?!)

From now on Facebook is “required to obtain consumers affirmative express consent before enacting changes that override their privacy preferences”, effectively making “opt in” (a user choice) for all future changes on privacy control to the audience of already shared data or content. That means that if you once posted a message or a status on Facebook for only 2 friends to see, Facebook has to always respect this choice of yours and  not make it visible for everyone with one of their delightful updates.

Also under this settlement, Facebook has to subject itself every 2 years to an independent audit on consumer privacy for the next 20 years. So for at least 20 years from now they have to… “behave” ;)

The FTC did not accuse Facebook of intentionally breaking the law and submitted them with no fines. However, if Facebook violates the terms of this settlement in the future, it would be liable to pay a penalty of $16,000 a day for each count. It’s not like they can’t afford it ;)

Of course, they’re not doing this for our benefit,  the settlement is part of their assumed plan for Facebook to file for an I.P.O. (initial public offering). When the company goes public it will raise $10 billion, bringing its valuation to more than $100 billion, making each of their 800 million users worth $125. (Facebook IPO would value each user at $125)   Can I get my money now?! :D

Well I would say Facebook got away pretty easy considering all of their “mishaps” (see Facebook tracking user activity after log off and The Facebook crap profile). But I’m not that surprised, I bet their legal department costs them as much or even more then their development one.

Basically even if Facebook got away so easy, I hope this will make all of our data more secure (an itsty bit more)!