In conformance with recent SEC guidance on disclosing security issues that may have adverse effects on the company's bottom line, Facebook identified hacking and spam as ongoing issues.
Facebook outlined some of the security
risks and compliance issues the company faces on the social networking platform
and related services that could impact its operations in documents filed with
the Securities and Exchange Commission.
After months of
intense speculation, Facebook filed S-1 documents
with the SEC on Feb. 1 to raise a maximum of $5 billion for its initial public
offering (IPO). The company plans to trade under the ticker symbol
"FB," according to the documents.
Facebook identified malicious
cyber-activity, which includes malware, viruses, spam, phishing and hacking, as
being harmful to the business in the section "Risks Related to our
Business and Industry" in the S-1 filing. These types of attacks have
become "more prevalent" and have already occurred on company systems
in the past and may occur again in the future, Facebook wrote.
"Because of our prominence, we
believe that we are a particularly attractive target for such attacks,"
Facebook wrote.
While it is difficult to quantify what
harm would directly result from these malicious activities, "any failure
to maintain performance, reliability, security and availability of our products
and technical infrastructure" may harm the company's reputation and its
ability to retain users and attract new ones, according to the S-1 filing.
Late last year, scammers
tricked users into cutting and pasting malicious JavaScript
code into their browsers, which caused a number of violent and
explicit images to be plastered all over the social networking site. Many angry
users threatened to quit the site because of the offensive nature of those
images.
Spam also poses problems for Facebook.
Spammers using Facebook to send unwanted messages can "annoy" users
and make Facebook seem "less user-friendly." While the company has
put
tools and technologies in place to control spam,
"we cannot be certain that the technologies and employees that we have to
attempt to defeat spamming attacks will be able to eliminate all spam messages
from being sent on our platform," according to the document.
In addition, payment transactions on
the Facebook Platform could result in some compliance challenges for the
company, according to the filing. Since users purchase virtual and digital
goods from game developers using the Payments infrastructure, Facebook will
need to examine laws and regulations in the United States, Europe "and
elsewhere" governing how funds are transferred and data stored. Facebook
expects its Payments platform to evolve over time.
"Our efforts to comply with these
laws and regulations could be costly and result in diversion of management time
and effort and may still not guarantee compliance," according to the
document.
The SEC issued guidelines back in
October that
companies should report cyber-incidents and other
issues that could have an adverse effect on their finances or operations as
part of the documents filed with the regulatory body. While it was just a
guidance and not a requirement, it appears that Facebook is taking that step to
disclose the risks.
While Facebook worries over the
potential threats to its platform, security experts warned about scammers
taking advantage of the IPO frenzy to swindle users out of real money.
"With an IPO as hyped and widely
anticipated as Facebook's there are bound to be some bad eggs trying to take
advantage of the situation," Graham Cluley, senior technology consultant
at Sophos, wrote on the
Naked Security blog.
Facebook IPO-related scams won't be
new, as the
Financial Industry Regulatory Authority issued an
alert back in March 2011 after seeing some scams. "While most pre-IPO
offerings are legitimate, some are frauds in which con artists sell shares they
do not actually have," according to the FINRA statement.
Scammers may take advantage of Facebook
users interested in the IPO by tricking them into clicking on links or joining
pages claiming to offer free Facebook stock, Cluley said.
On the other hand, Facebook finally
going public means the company will have to become more transparent about what
it is doing with user data. The "smart money" says
privacy, security and data ownership are the big
winners of the Facebook IPO, predicted Jay Garmon, marketing director at
Backupify, on the company blog. Facebook will also have to be careful about not
running afoul of the Federal Trade Commission's consumer protection rules,
Garmon said.
"Look no further than Google's
recent mini-dust-up over its unified privacy policy-and the Congressional
oversight thereof-to see the level Facebook is playing at now," Garmon wrote.
Email
Print
