The social network says it will seek consumers’ permission before sharing their data.

Facebook will have to gets its members consent before sharing their information, and also submit to privacy audits, under a proposed agreement announced today with the Federal Trade Commission.

The settlement requires that Facebook get consumers’ consent before their information is shared beyond the scope of the privacy settings they select. Facebook also must create and maintain a privacy program designed to address privacy risks associated with existing and new products and services, and to protect the confidentiality of consumers’ existing information, the FTC says. After a Facebook user deletes his account, Facebook must prevent anyone from accessing that person’s information within 30 days. The social network will also submit its privacy practices to an audit every two years by independent auditors; the auditing regime will last for the next 20 years, under the settlement.

Facebook CEO Mark Zuckerberg says the settlement is similar to those the FTC previously reached with Google Inc. and Twitter over those companies’ privacy practices. “These agreements create a framework for how companies should approach privacy in the United States and around the world,” Zukerberg says today in a blog post detailing the settlement and the social network’s plans to abide by its terms. “For Facebook, this means we’re making a clear and formal long-term commitment to do the things we’ve always tried to do and planned to keep doing—giving you tools to control who can see your information and then making sure only those people you intend can see it.”

Zuckerberg noted that the company had already addressed several of the privacy issues detailed in the complaint, including advertisers receiving consumer information they weren’t supposed to have access to.

Zuckerberg also announced that Facebook has created two executive positions committed to implementing the settlement and getting in front of future privacy issues. Erin Egan has been named as chief privacy officer, policy, and Michael Richter has been named chief privacy officer, products. 


“Overall, I think we have a good history of providing transparency and control over who can see your information,” Zuckerberg says. “That said, I’m the first to admit that we’ve made a bunch of mistakes. But we can also always do better. I’m committed to making Facebook the leader in transparency and control around privacy.”