In its earnings announcement on Wednesday, Facebook revealed it has settled a class-action lawsuit over claims that it violated an Illinois law meant to protect residents' privacy. The $550 million settlement stems from a claim that the company's "Tag Suggestions" feature used biometric data from photos uploaded to the service without getting permission from users.
The settlement only applies to Illinois residents and pales in comparison with the company's $5 billion settlement with the Federal Trade Commission over privacy violations related to the Cambridge Analytica scandal. The New York Times has reported that as a term of that settlement, "Facebook agreed to provide 'clear and conspicuous notice' about its face-matching software and obtain additional permission from people before using it for new purposes they had not agreed to."
Facebook was denied an appeal to the United States Supreme Court regarding whether individuals should have to prove financial loss--as opposed to simply having had their information captured--before they could sue. That cleared the way for the company to enter into a settlement that "in the best interest of our community and our shareholders to move past this matter," according to a Facebook spokesperson.
The "Tag Suggestions" feature was controversial from the time it was rolled out in 2011. Users complained that it was enabled for everyone by default, though you could turn it off if you knew how. The feature especially raised concerns by privacy advocates who pointed out that the technology used photos that were never intended for that purpose in order to enhance Facebook's facial recognition capabilities. They also pointed out that Facebook never sought consent for the use of peoples' photos in that way.
Facebook had even been forced to shut down the technology in Europe in 2012, though it brought it back as of 2018.
While facial recognition technology has several benefits for users--like making it possible for Facebook to notify you if someone else is using a photo of you as their profile picture--the settlement is a reminder that the company has a major problem when it comes to handling user privacy. Earlier this month, Facebook's VP of public policy, Erin Egan, appeared on a panel at CES to say that Facebook believes in "privacy by design." Egan went on to say that "on Facebook, privacy is protected today."
The problem is that almost no one outside of Facebook believes that to be true because that's not the experience of real-world users. The company has been involved in a long series of data breaches, privacy violations, and even scandals like Cambridge Analytica, leading users to feel like Facebook doesn't prioritize the protection of their personal information.
Granted, Facebook has introduced a series of steps designed to give users more control over how their information is collected and tracked. Just yesterday, I wrote about the company's new "Off-Facebook Activity" tool that allows you to stop Facebook from tracking what you do on other sites.
And, earlier this month, Facebook rolled out an update to its Privacy Checkup tool, which makes it somewhat easier to access settings that allow you to control how your information is used. While both of those are welcome steps, neither actually changes how Facebook fundamentally operates, which is to collect as much information as possible about you and your activity and use that to show you targeted advertisements.
Unless that changes, it's hard to give Facebook the benefit of the doubt every time it rolls out a feature designed to collect even more information about you.