Bloomberg has reported that Facebook Inc. is once again the target of, not one, but three new state investigations into alleged mishandling of consumers’ data, increasing the number of government probes into claims of privacy violations against the company, according to a group of people familiar with the matter.
The state probes are categorized into two groups scrutinizing the social media giant’s data protection practices, said claimants, who asked not to be named, as the inquiries are confidential.
The Illinois Attorney General’s office declined to comment on Bloomberg’s report when contacted by Reuters, while the office of the attorney general of Pennsylvania did not immediately respond to a request for comment.
Josh Shapiro, Pennsylvania Attorney General, and his Illinois counterpart, Kwame Raoul, have joined forces with Connecticut’s William Tong, said two people. That group is focused on investigating existing allegations, one of the people said. The person added that New York, New Jersey and Massachusetts, which were already known to be investigating Facebook, are looking to reveal any potential unknown violations. North Carolina AG Josh Stein is also investigating as part of a multi-state effort, according to his office.
The inquiries are an indication of increasing pressure on Facebook, following a series of privacy scandals ignited by disclosures in early 2018, when consulting firm Cambridge Analytica, hired by President Trump’s 2016 campaign, accessed the personal data of millions of Facebook users.
These kind of security failures are fueling demands for U.S. legislation, while investigations progress with the Federal Trade Commission and in the European Union. In January U.S. senators pressed Facebook over reports that the company secretly paid users for their personal data. The firm also allowed children playing Facebook games to make online purchases costing thousands of dollars – a practice that the company shockingly referred to as “friendly fraud” in internal documents.
Will Castleberry, Facebook vice president of public policy, stated in an email:
“We’re having productive conversations with attorneys general on this important topic,”
“Many officials have approached us in a constructive manner, focused on solutions that ensure all companies are protecting people’s information, and we look forward to continuing to work with them.”
States regularly team up to probe businesses over conduct that is national in scope – sometimes in tandem with the United States Department of Justice. Such groups frequently reach settlements or file suit, like they did when a group sued Standard & Poor’s Financial Services LLC in 2013 over faulty ratings on mortgage bonds. Major deals include a $25 billion agreement with banks in 2012 over foreclosure practices, as well as a sweeping settlement with the tobacco industry in the 1990’s.
The District of Columbia’s attorney general, Karl Racine, struck out on his own and sued Facebook in December 2018. Racine recently said at a conference in Washington that he is expecting more states to sue. He alleges that Facebook violated Washington’s consumer protection laws, by misleading users about the security of their data and failing to properly monitor apps’ use of data.
Facebook and other tech giants have been under pressure for over a year after it was revealed that British consultancy Cambridge Analytical acquired data on millions of U.S. users to target election advertising. That led to heads of several tech companies testifying before Congress last year.
Facebook is certainly no stranger to being investigated. After the details of the Cambridge Analytica data breach finally came to light, the social networking giant was immediately put under scrutiny by several federal agencies. The FBI, the Securities and Exchange Commission (SEC) and the Federal Trade Commission (FTC) are all taking part in a Department of Justice probe into the company, and its handling of sensitive user information. Some lawmakers have called for additional scrutiny for the company as more revelations of seemingly lax data protection practices have come to light.