Skip to Content
MIT Technology Review

A 2017 audit said Facebook’s data practices were A-OK

Category:

The social-media firm’s privacy standards were given the thumbs up—right around the time when Facebook found out about the Cambridge Analytica data breach.

Details: The Wall Street Journal reports that a PricewaterhouseCoopers audit—which was required for Facebook to comply with a 2011 settlement made with the Federal Trade Commission—was finished last year. It covered the period from February 2015 to February 2017. Facebook found out about the Cambridge Analytica data breach in late 2015.

What it said: “In our opinion, Facebook’s privacy controls were operating with sufficient effectiveness to provide reasonable assurance to protect the privacy of covered information,” wrote PwC in its assessment of the company.

Why it matters: It’s not known whether PwC was told about the Cambridge Analytica situation. But given the huge ongoing outcry about data privacy, the verdict raises questions about the rigor and standards of the audit. 

What now: The FTC is carrying out a formal investigation into Facebook’s data practices, and lawmakers appear to be moving toward tighter regulation of social networks. But as we’ve argued, it’s too little, too late: the data has already been put to use.