According to The Telegraph, the FTC published its report on the Facebook privacy investigation originating from 2009, and revealed that the company may have instituted a bogus security review process for applications being published on its platform.
In fact, when developers passed along an application into the now-defunct verified apps scheme, it is reported that the social networking outfit has failed to carry out the expected security checks after receiving $95,000 (£60,600) from software designers whose programs were submitted for approval. By doing so, individual applications were given a “test for trustworthy user experiences” by Facebook.
However, an exhaustive scrutiny into Facebook’s practices, conducted by Commissioners Jon Leibowitz, J. Thomas Rosch, Edith Ramirez and Julie Brill, has explicitly discovered that the social networking giant did not take the steps to review applications that it promoted.
“Facebook took no initiative to verify either the security of a verified application’s website or the security of the application provided for the user information it collected, beyond such steps as it may have taken regarding any other Platform Application,” read the FTC report.
The scheme was dubbed as the Application Verification Program, which functioned between May 2009 and December 2009, and would assign a Verified Apps badge to an app that passed its “tests.” In order to get the badge, a developer had to pay $375 or $175 if the developer was a student or non-profit organization.
Moreover, the program assured to “offer extra assurances,” that the Verified App was secure, respectful, and transparent, but the FTC says Facebook did nothing extra at all.
According to the FTC’s report, under the title “Facebook’s deceptive verified apps program”, the program awarded approximately 254 applications a green ‘verified’ badge.
The FTC said this was no good because Facebook did not receive explicit permission from its users to change those settings. In the settlement, Facebook agreed to 20 years of privacy audits performed by a third-party agency. The report comes days after Google was fined a record $22.5m by the commission for circumventing privacy settings on the Apple Safari browser.
Needless to say, not only this, but if the verification was not completed, then developers shelled out for worthless verification badges.