FTC moves to prohibit Meta from profiting on children’s data

4 May 2023

Image: © DanteVeiil/Stock.adobe.com

The US regulator claims Meta has failed to comply with a previous privacy order and plans to issue stricter restrictions on the company as a result.

The US Federal Trade Commission (FTC) has once again set its sights on Meta, with plans to expand existing limitations on the social media company.

The FTC has proposed new changes that would prohibit Meta from profiting from any data it collects from users under the age of 18. This would include any data collected from VR products, which relates to Meta’s current experimental endeavour into the metaverse.

The proposed changes would limit Meta’s ability to use facial recognition technology and would order the company to provide “additional protections for users”.

The limitations would also prevent Meta from releasing any “new or modified products, services or features” without written confirmation from an independent assessor that its privacy programme is in full compliance with FTC rules.

The FTC claims Meta has failed to comply with a previous privacy order that was issued to the company in 2019 and took effect in 2020.

This order came as a result of years of investigating the Cambridge Analytica scandal and other privacy breaches at Meta – previously known as Facebook. As well as a $5bn fine, the company was hit with various privacy and data security requirements.

The FTC claims Meta has misled parents about their ability to control their children’s communications on the Messenger Kids app. The commission also claims Meta “misrepresented” the access some app developers have to private user data on Meta’s platforms.

The FTC’s bureau of consumer protection director Samuel Levine said the company has “repeatedly violated its privacy promises”.

“The company’s recklessness has put young users at risk and Facebook [Meta] needs to answer for its failures,” Levine said.

This marks the third time the FTC has taken action against Meta for allegedly failing to protect user privacy, with an order issued in 2012 barring the company from misrepresenting its privacy practices.

The company was also fined €390m by Ireland’s Data Protection Commission in January for its targeted advertising practices.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic