FTC: Yes, We're Probing Facebook Over Cambridge Analytica Incident

UPDATE 3/26: The FTC today confirmed that it is indeed investigating Facebook.

"The FTC takes very seriously recent press reports raising substantial concerns about the privacy practices of Facebook. Today, the FTC is confirming that it has an open non-public investigation into these practices," Tom Pahl, Acting Director of the FTC's Bureau of Consumer Protection, revealed in a statement.

Typically, the FTC does not reveal whether it's conducting an investigation or not. But the agency appears to be investigating whether the Cambridge Analytica news violates a 2011 settlement the FTC reached with Facebook

"The FTC is firmly and fully committed to using all of its tools to protect the privacy of consumers. Foremost among these tools is enforcement action against companies that fail to honor their privacy promises, including to comply with Privacy Shield, or that engage in unfair acts that cause substantial injury to consumers in violation of the FTC Act," Pahl said. "Companies who have settled previous FTC actions must also comply with FTC order provisions imposing privacy and data security requirements."

Original Story 3/20:
The US Federal Trade Commission is reportedly investigating Facebook over exposing 50 million users' personal data to an analytics firm that helped Donald Trump win the presidential election.

The US regulator is probing whether the incident broke a 2011 settlement Facebook reached with the FTC over earlier privacy violations, according to The Wall Street Journal.

Under that settlement, Facebook pledged to better protect its users' personal information. But the company is now facing flak for allowing sensitive data on 50 million users to leak a London-based political consultancy called Cambridge Analytica, which harvested the information to try and influence US voters.

Cambridge Analytica originally obtained the sensitive data in 2014 with the help of a psychology professor, who developed a Facebook app that not only surveyed 270,000 users over the platform, but also scraped the data of their Facebook friends. The 50 million raw profiles were then transferred to Cambridge Analytica, an act that violated Facebook's policies.

Why Facebook didn't reveal the incident earlier isn't clear. The company said it learned of the data abuse back in 2015, at which point Cambridge said it deleted the offending data. However, Facebook is now investigating reports that the firm actually retained copies of the sensitive data.

So far, the FTC hasn't publicly confirmed the probe into Facebook. But the US regulator has the power to fine the social media giant over $40,000 a day per violation.

In response to the news, Facebook said it has remained "strongly committed" to protecting people's personal information. "We appreciate the opportunity to answer questions the FTC may have," said Rob Sherman, the company's deputy chief privacy officer, in an email.

The FTC joins a growing number of government officials who are demanding answers over the Cambridge Analytica incident. Several US lawmakers and attorneys general have sent letters to Facebook for more details on the data abuse as critics question whether the company can sufficiently police itself.

Amid the controversy, Cambridge Analytica on Tuesday suspended CEO Alexander Nix, pending a full investigation into his conduct. The day before, a UK news channel aired footage of Nix chatting with an undercover reporter about how his company used dirty tactics such as bribes, ex-spies, sex workers, and fake IDs to help its clients win elections or gain political influence.

In his defense, Nix issued a statement, claiming he was merely "playing along" with the undercover reporter's questions. "I must emphatically state that Cambridge Analytica does not condone or engage in entrapment, bribes or so-called 'honeytraps', and nor does it use untrue material for any purpose," he said. "I deeply regret my role in the meeting and I have already apologized to staff."

How a VPN Works