An FTC investigation into Facebook’s security and privacy activities has thrown up some red flags. For six months in 2009 Facebook charged developers to enroll their apps in a verification program. An FTC report suggests that Facebook pocketed the cash but did not carry out the suggested extra checks. (Facebook ended the program after the six-month period.) The first details about the Verified Apps program came to light when the FTC first published its report in November 2011, which led Facebook and the FTC to a settlement. Among the terms of that settlement, Facebook agreed to be audited every 20 years. The settlement was finalized on Friday.
Developers paid an extra $375 (or $175 if the developer was a student or belonged to a nonprofit organization) and would receive a Verified App badge and green check mark at the end. Facebook earned $95,000 through the scheme, the Guardian reports.
“In many instances Facebook has permitted a Platform Application to display its Verified Apps badge when its review of the application’s security has not exceeded its review of other Platform Applications,” the FTC explains in its report. In doing so, the FTC suggests that Facebook deceived developers as well as Facebook users.