Facebook has entered into a settlement with the US Federal Trade Commission (FTC) that will see the world’s largest social network pay a record-setting $5bn fine and submit to greater oversight of its practices.

The settlement relates to a 2012 agreement that the company entered into with the FTC. Under that agreement, Facebook was obligated to obtain user consent before information was shared “beyond established privacy settings.” Following a series of scandals that called into question how Facebook uses the data it collects and protects it users’ privacy, the FTC charged Facebook with violating the 2012 agreement.

In settling those charges, Facebook will not only pay a fine that the FTC says is “one of the largest penalties ever assessed by the U.S. government for any violation”, it will have to comply with new rules designed to increase accountability and adhere to new privacy requirements.

For instance, Facebook will be required to establish an independent privacy committee, stripping CEO Mark Zuckerberg’s power to make major decisions that affect user privacy. It will also have to appoint compliance officers that Zuckerberg can’t fire and allow a third-party assessor to independently
investigate, sample and test as part of its oversight of Facebook’s privacy program.

Here’s how these changes could affect marketers using Facebook as well as other popular services it owns, including Instagram and WhatsApp.

Third-party apps will never be the same

Abuse of Facebook’s app platform was central in the Cambridge Analytica scandal and marketers using apps to engage with users on the social network could find that their abilities are hampered as the FTC settlement will require Facebook to exercise greater oversight over its app ecosystem.

Specifically, the settlement calls for Facebook to make greater efforts to verify that developers of apps are in compliance with Facebook’s policies. Where they are not, Facebook will need to terminate them.

Additionally, the settlement requires Facebook to better police app permissions to ensure that apps are only accessing the data they have a legitimate need to access.

While these new rules primarily target bad actors, it’s possible that legitimate marketers could be forced to make changes to their Facebook apps.

The good news for marketers is that branded apps seem to be less common these days and those that still operate them should be more or less prepared for changes as Facebook has been tightening up its platform over the past year in advance of the FTC settlement.

Phone number matching as marketers know it is (probably) dead

Under the new FTC settlement, Facebook will not be permitted to use phone numbers it obtains for security purposes (so-called “two-factor authentication”) for advertising. This could affect marketers using Custom Audiences to retarget Facebook ads to existing customers. Facebook asks marketers
using Custom Audiences to provide a variety of identifiers, such as email addresses and phone numbers, so that it can find the Facebook accounts of its marketers’ customers.

Facebook failed to conspicuously disclose to users that phone numbers they provided for security purposes could also be used for advertising purposes, which prompted the FTC to address this in its settlement with the company.

An inability to use phone numbers for targeting except in cases where users have explicitly given Facebook permission will especially hurt marketers that have larger numbers of customers for whom phone number is the only working identifier. While many marketers, such as retailers, collect email addresses from customers in addition to phone numbers, the use of secondary or throwaway email addresses means that there are likely a good number of marketers whose Custom Audiences efforts are bolstered by their use of phone numbers.

Given that Custom Audiences are one of the most effective tools Facebook offers marketers, the potential impact of this new restriction should not be underestimated.

Increased oversight will likely affect the way Facebook develops new features and products

Despite the fact that Facebook’s privacy practices have been in the spotlight for well over a year, there is no sign of a mass user exodus and the company has continued to grow ad revenues at an impressive clip. Put simply, for all of the criticism leveled at the company, its sometimes aggressive and controversial efforts to grow ad revenues have proven highly successful.

But the oversight required of the FTC settlement, which among other things requires that Facebook “conduct a privacy review of every new or modified product, service, or practice before it is implemented, and document its decisions about user privacy”, could force the company to slow the pace at which it develops new features and products, and be more judicious in how it uses its treasure trove of user data.

In some cases, it’s even possible that Facebook will opt not to develop certain types of features and products when it knows that internal and external watchdogs are looking over its shoulder. For obvious reasons, this could be a detriment to marketers looking for new and more effective ways to reach
consumers on Facebook, Instagram and WhatsApp.

More on data protection

A marketer’s guide to the California Consumer Privacy Act (CCPA)

For more information about Econsultancy’s reseach, training and best practice solutions contact us on americas@econsultancy.com