The Privacy Committee (the “Committee”) of
The Privacy and Product Compliance Committee (the “Committee”) of the Board of Directors (the “Board”) of Meta Platforms, Inc. (the “Company”), through delegation from the Board, has principal responsibility to assist the Board with respect to privacy and data use. In addition, the Committee has principal responsibility to assist the Board with respect to the Company’s product compliance, including in the areas of content governance and integrity, youth and well-being and Artificial Intelligence development and implementation. Such responsibilities include overseeing:
- compliance with the comprehensive privacy program (the “Privacy Program”) adopted by the Company in compliance with the Federal Trade Commission’s order in FTC Docket No. C-4365 published on April 28, 2020 (the “FTC Order”);
- management’s periodic assessment of the Privacy Program and any related policies with respect to risk assessment and risk management;
- the selection and performance of one or more qualified employees to coordinate and be responsible for the Privacy Program (each, a “Designated Compliance Officer”)
- the selection of an independent, third-party assessor to be selected by the Company to review the Company’s privacy practices (the “Assessor”);
- the Assessor’s biennial assessments of the Privacy Program (each, an “Assessment”); and
- compliance with the Regulation (EU) 2022/1925 of the European Parliament and of the Council (the“Digital Markets Act”) and other privacy and data use laws; and
- risk exposures relating to the Company’s product compliance.
This Charter sets forth the authority and responsibilities of the Committee in fulfilling the purposes described herein. In fulfilling their responsibilities, it is recognized that members of the Committee are not full-time employees of the Company. The functions of the Committee are not intended to duplicate or substitute for the activities of management, any Designated Compliance Officer or the Assessor in connection with the Privacy Program and the Company’s privacy practices. Unless approval by the Committee is specifically required pursuant to this Charter, the FTC Order or other applicable law, the responsibility for overseeing the Company’s data and information privacy matters resides with the Company’s management.
In furtherance of the responsibilities of the Committee described in this Charter, each member of the Committee shall be entitled to rely on (1) the integrity of those persons and organizations within and outside of the Company from which it receives information and (2) the accuracy of the information provided to the Committee by such persons or organizations absent actual knowledge to the contrary.
Although this Charter should be interpreted in the context of the FTC Order and the Company’s Certificate of Incorporation and Bylaws, it is not intended to establish by its own force any legally binding obligations.