Facebook may be facing the biggest fine ever imposed by the U.S. Federal Trade Commission for privacy violations involving the personal information of its 2.2 billion users.
The FTC is considering hitting Facebook with a penalty that would top its previous record fine of $22.5 million, which it dealt to Google in 2012 for bypassing the privacy controls in Apple’s Safari browser, according to The Washington Post. The story published Friday cited three unidentified people familiar with the discussions.
In an automated response, the FTC said it was unable to comment, citing its closure due to the U.S. government shutdown. Facebook declined to comment.
The potential fine stems from an FTC investigation opened after revelations that data mining firm Cambridge Analytica had vacuumed up details about as many as 87 million Facebook users without their permission.
The FTC has been exploring whether that massive breakdown violated a settlement that Facebook reached in 2011 after government regulators had concluded the Menlo Park, California, company had repeatedly broken its privacy promises .
The FTC decree, which runs through 2031, requires Facebook to get its users’ consent to share their personal information in ways that aren’t allowed by their privacy settings.
Since the Cambridge Analytica erupted 10 months ago, Facebook has vowed to do a better job corralling its users’ data. Nevertheless, its controls have remained leaky. Just last month, the company acknowledged a software flaw had exposed the photos of about 7 million users to a wider audience than they had intended.
The FTC’s five commissioners have discussed fining Facebook but haven’t settled on the amount yet, according to the Post.
Facebook’s privacy problems are also under investigation in other countries and the target of a lawsuit filed last month by Washington, D.C., Attorney General Karl Racine.