FTC says Facebook lied about app-security program

The U.S. Federal Trade Commission says Facebook duped application developers into paying $375 for a phony security authentication, the latest to come out of the privacy investigation Facebook settled on Friday.

According to The Telegraph, the FTC released its file on the Facebook privacy investigation stemming from 2009, and revealed that the company may have had a bogus security review process for applications being published on its platform. It was called the Application Verification Program, ran between May 2009 and December 2009, and would assign a Verified Apps badge to an app that passed its “tests.” In order to get the badge, a developer had to pay $375 or $175 if the developer was a student or non-profit organization.

The program promised to “offer extra assurances,” that the Verified App was secure, respectful, and transparent, but the FTC says Facebook did nothing extra at all.

“Before it awarded the Verified Apps badge, Facebook took no steps to verify either the security of a Verified Application’s website or the security the Application provided for the user information it collected, beyond such steps as it may have taken regarding any other Platform Application,” said the FTC in its investigation.

The organization says 254 apps were awarded this badge, meaning Facebook could have made around $95,000 from the program on the high-end.

Facebook settled its case with the FTC on Friday after a period of public comment came to a close. The FTC investigated the social network for privacy concerns in 2009, which stemmed from some changes Facebook made to user privacy settings. That is, in its new privacy policy at the time, Facebook decided that a number of different profile features would be set as public by default. In doing so, it changed profile pictures, names, friends lists, locations, and more to public, where users may have previously set those pieces of information to “friends only.”

The FTC said this was no good because Facebook did not receive explicit permission from its users to change those settings. In the settlement, Facebook agreed to 20 years of privacy audits performed by a third-party agency.

Google also recently settled its privacy investigation with the FTC. The search giant was fined $22.5 million, the largest sum ever imposed on a single company by the FTC.

via The Telegraph; Mark Zuckerberg image via Crunchies2009/Flickr

blog comments powered by Disqus