Conferences that start before 9am, or on a Sunday, are just plain rude. Sorry Internet Governance Forum, but I had to get that off my chest.
To my left sits Facebook exec number 1. He seems (almost contemptuously) disinterested in what’s being said and has barley looked up from his iPhone all morning. To my right, Facebook exec number 2 is furiously tapping away on his laptop.
I’m assuming he’s a lawyer, and wants to have a record of everything being said. (Most concerning, his laptop has a Facebook branded plastic cover over the webcam! What does he know that I don’t?!)
On the stage is FTC Commissioner Christine Wilson, giving her take on the $5 billion Facebook settlement announced this week.
Facebook was accused of violating privacy promises made to its users. Breaches included misuse of phone numbers (provided for security purposes), misuse of facial recognition technology, and sharing of posts/shares/etc beyond the user-specified audiences (Cambridge Analytica).
The $5 billion penalty has been criticized as a mere parking fine. But to be fair, it’s almost 20 times the largest privacy related penalty previously levied by the FTC, and is the second largest penalty they’ve ever imposed – the only larger penalty was the $5.5 billion fine levied on BP for the Deep Water Horizon disaster, in which 11 people died. $5 billion is about 9 per cent of Facebook’s revenues and 22 per cent of their profits. It’s less than the $30 billion that some were asking for, but it’s still the equivalent of a $5500 parking fine.
But the sanctions go much further than that.
Facebook is being required to take privacy much more seriously. Zuckerberg is famous for his “move fast and break things” mantra. The FTC have deemed it their role to embed best practiceput in place some “speed bumps” and remove “unfettered control by Facebook’s CEO Mark Zuckerberg over decisions affecting user privacy” and “change Facebook’s entire privacy culture”. Specifically:
· The order establishes an independent privacy committee of Facebook’s board of directors. Members of the privacy committee must be independent and will be appointed by an independent nominating committee. Members can only be fired by a supermajority of the Facebook board of directors.
· Facebook will be required to designate compliance officers who will be responsible for Facebook’s privacy program. These compliance officers will be subject to the approval of the new board privacy committee and can be removed only by that committee.
· Designated compliance officers, and Facebook’s CEO, must independently submit quarterly certifications to the FTC that the company is in compliance with the privacy program mandated by the order, as well as an annual certification that the company is in overall compliance with the order.
· Independent third-party assessor’s will also be given greater ability to evaluate the effectiveness of Facebook’s privacy program and identify any gaps.
A year ago, the Economist wrote that “‘Tech’ is not yet a four-letter word, but it could soon become one”. It appears that “soon” has come up faster than we have expected. The sins of social media platforms now permeate through the conversations about the next wave of technologies, particularly around AI. Much of the techlash has been well earned. But now there’s a risk of the pendulum swinging too far, causing an overreaction that stifles efforts to link data, deploy machine learning and otherwise leverage the combination of big data and cheap computing power to spur innovations across the economy.
TALES FROM THE LONG TAIL 
Leave a comment