By Richard Monter De Oca* and Priscila Bandeira**
On July 24, 2019, the U.S. Federal Trade Commission (“FTC”) and Facebook, Inc. announced a $5 billion settlement to resolve a privacy probe investigating whether Facebook had violated a prior FTC consent decree. On the same day, the U.S. Securities and Exchange Commission (“SEC”) announced charges against Facebook for inadequate and misleading disclosures to its shareholders. The SEC alleged that for two years, Facebook’s public disclosures failed to properly warned its consumer data protection and privacy issues. Facebook did not admit or deny the SEC’s allegations, but agreed to pay the $100 million fine.
The FTC announced in a statement that this is “one of the largest civil penalties in U.S. history.” Previously, the highest FTC fine had been $22.5 million against Google in 2012.
In 2011, Facebook entered into a settlement agreement with the FTC that required the company to obtain user consent before sharing their data and to improve its protection of consumer data. However, Facebook violated the agreement by carrying out a series of improper privacy practices. Specifically, the allegations that political data firm Cambridge Analytica acquired data from up to 87 million Facebook users through a quiz app. Facebook also allegedly misled its users about whether they had turned on a face recognition setting for the company’s “tagging” tool and exploded users’ phone numbers for targeted advertisement without their express consent. Also, Facebook suffered a large data breach shortly after the Cambridge Analytic Scandal, which exposed a least 50 million users. In the current settlement, Facebook executives had to sign the settlement under the penalty of perjury, risking civil and criminal liability if they fail to comply. It also required the creation of an independent panel of the Board to oversee Facebook’s privacy practices.
Facebook is also under investigation in Europe for alleged General Data Protection Regulation (“GDPR”) violations and could be facing further legal challenges after the California Consumer Privacy Act becomes effective on January 1, 2020.
Privacy regulating class actions and regulatory enforcement by the FTC, SEC, and other regulators involving data breached, cyberattacks, snd disclosures are increasing. It is critical for companies to establish or enhance their Privacy and Data Protection Compliance Program. MDO Partners encourages companies to conduct cybersecurity risk assessments, adopt robust privacy policies, enhance disclosure controls and adopt cyberattack investigation procedures to help mitigate the risk associated with a cyberattack and data breaches.
*Richard Montes De Oca is Managing Partner at MDO Partners, a boutique law firm that focuses on Corporate, International, and Real Estate Law, as well as Global Compliance and Business Ethics.
**Priscila Bandeira is a Global Compliance and Corporate Law Associate Counsel at MDO Partners, where she assists clients with corporate governance documentation, corporate formation, and international transactions. A graduate of the J.D./L.LM Joint Program at the University of Miami, Ms. Bandeira is also registered with the Brazilian Bar.
Please join The Florida Bar International Law Section at the 69th Florida Bar Annual Convention, which will be held at the Boca Raton Resort & Club, 501 E. Camino Real, Boca Raton, FL 33432 from June 26-29, 2019. To RSVP to the ILS events, click HERE. Following is a complete schedule of the International Law Section program:
For The Florida Bar Annual Convention Page on The Florida Bar website, Click HERE.
Please do not forget to download the 2019 Annual Florida Convention Mobile App. It is available for Apple and Android mobile devices and tablets and will allow users to get an up-to-date schedule, create their own schedule, get important notices and hotel maps, see and post to the Activity Feed/Social Wall, use the hashtag #MyFloridaBar, and much more.
The planning for iLaw2020 has started! If you have an idea for a topic to be featured at next year’s iLaw, please send us a proposal including (i) the title of the proposed panel, (ii) a short description of the topic, and (iii) proposed panelists and moderator. We are also looking for steering member committee members. If you have a topic proposal or if you would like to be involved with the planning of the iLaw2020, please send an e-mail to Cristina Vicens at firstname.lastname@example.org.
need-to-know information and best-practices that impact the practice of international law.
The Florida Bar
651 E. Jefferson Street
Tallahassee, Florida 32399-2300