Facebook has agreed a settlement with the US Federal Trade Commission (FTC) over charges that the social networking site does not properly protect user information.
The FTC said that it had reached an agreement which will require Facebook to take a number of additional steps to secure data, and to notify users before profile information can be shared with third parties.
Facebook has agreed to regular security audits over the next 20 years to verify that the site is handling private data properly.
The company must also obtain consent before altering privacy settings, and delete all stored information within 30 days when an account is cancelled.
"Facebook is obligated to keep the promises about privacy that it makes to its hundreds of millions of users," said FTC chairman Jon Leibowitz. "Facebook's innovation does not have to come at the expense of consumer privacy."
Facebook chief executive Mark Zuckerberg admitted that the company has made mistakes in its handling of private information in recent years.
"I also understand that many people are just naturally sceptical of what it means for hundreds of millions of people to share so much personal information online, especially using any one service," he said in a blog post.
"Even if our record on privacy were perfect, I think many people would still rightfully question how their information was protected."
Privacy groups hailed the settlement as a win for personal privacy, but some felt that the FTC did not go far enough in punishing Facebook.
The Electronic Privacy Information Center noted that the FTC failed to adopt a recommendation that Facebook should restore privacy levels to those available in 2009.
The Center for Digital Democracy (CDD), meanwhile, called for Zuckerberg and his board of directors to resign ahead of Facebook's planned IPO next year.
"They misled consumers and should pay a price beyond a 20-year agreement to conduct their business practices in a more above-board fashion," said CDD director Jeff Chester in a statement.
"We call on Mark Zuckerberg and the Facebook board of directors to accept responsibility for this breach of conduct."
Antarctica lost on average 252 gigatons of ice mass per year from 2009 to 2017, claims study
Buyers can demand refunds if they've had a game for no more than 14 days and not registered more than two hours of play
Total lunar eclipse 2019: 'Super Blood Wolf Moon' to be visible across Europe and North America on Sunday night
Moon will turn reddish-orange in colour during this weekend's total lunar eclipse
Hackers to compete for prize money of between $35,000 and $250,000 cracking the Tesla Model 3 at this year's Pwn2Own contest