FTC & Facebook negotiating record-breaking billion-dollar privacy violation fine

The two sides are still going back and forth over the exact amount, Washington Post sources said. Facebook confirmed the existence of negotiations, but declined to say anything more. It could be hoping to reduce what it pays in exchange for business changes and tougher scrutiny.

Both sides have an interest in a settlement, since the alternative could be a protracted court battle. At the same time the fine could easily become the biggest the FTC has ever leveled against a tech firm, dealing a meaningful blow to Facebook's bottom line. The current record holder is Google, which paid just $22.5 million in 2012.

The FTC began investigating Facebook in March last year following the emergence of the Cambridge Analytica scandal. Analytica and Cambridge University researcher Aleksandr Kogan used a quiz app to collect data on Facebook users and their connected friends, the latter without their consent, enabling Analytica to build voter profiles for some 71 million Americans and a smaller amount of people overseas. The harvesting was discovered in 2015, but only made public by Facebook in March 2018. This drew the scrutiny of governments in both the U.S. and the U.K.

Some clients of Analytica — now mostly defunct — included the Presidential campaigns of Donald Trump and Ted Cruz, and the Institutional Revolutionary Party during Mexico's 2018 general election.

The FTC is concerned that Facebook's past and recent activities constitute violations of a 2011 agreement in which Facebook promised to improve its privacy standards. One of these is likely its abuse of an Apple enterprise certificate for "Facebook Research," an app people were paid to install to monitor usage habits. Apple briefly revoked the certificate.