Discussions between Facebook and the U.S. Federal Trade Commission officials about its data-handing lapses have touched on holding the CEO personally accountable, The Washington Post reported Friday. Zuckerberg controls a majority of Facebook's voting stock and has run the company since starting it at Harvard in 2004.
The Post quoted two anonymous sources familiar with the discussions. It said putting restraints on Zuckerberg could send a message to other tech giants that the FTC could hold their executives accountable for privacy misdeeds.
The FTC had no comment and Facebook did not immediately respond to a request for comment. The commission opened an investigation into Facebook last year after revelations that data mining firm Cambridge Analytica had gathered details on as many as 87 million Facebook users without their permission.
The FTC has been examining whether that massive breakdown violated a settlement that Facebook reached in 2011 after government regulators concluded the Menlo Park, California, company had repeatedly broken its privacy promises to users, who now number 2.3 billion globally.
The FTC decree, which runs through 2031, requires that Facebook get its users' consent to share their personal information in ways that aren't allowed by their privacy settings. The Post previously reported the FTC is considering hitting Facebook with a multibillion-dollar fine. That would top its previous record fine of $22.5 million, which it dealt to Google in 2012 for bypassing the privacy controls in Apple's Safari browser.
Facebook has in the past year been buffeted by media coverage highlighting what critics call a cavalier attitude toward protecting user privacy and data — and in failing to prevent the dissemination of hate speech and misinformation on the biggest communications medium in history.
On Thursday, its Instagram subsidiary said in a blog post that millions more users were affected by a password security lapse than Facebook acknowledged when announcing the problem nearly four weeks ago.
In the initial announcement it had said tens of thousands of passwords were stored on the site in plain text, meaning company employees could search them.