Facebook and the Federal Trade Commission just announced a proposed settlement to their privacy-related lawsuit that will see the social network submit to a privacy policy assessment within 180 days and then again every two years for the next 20 years. The suit came about after the FTC found that Facebook was breaking promises to users about what data it did and did not share with other users and third parties, and the proposed settlement essentially mirrors the Google Buzz settlement the agency approved after the Buzz privacy fiasco.

In addition to the recurring privacy audits, the FTC and Facebook have agreed that Facebook will appoint new privacy-focused employees to run a "comprehensive privacy program" that addresses user privacy and privacy risks in both existing products and any potential new products. Facebook is also required to get explicit consent from users before making any changes that will override personal privacy settings, prevent anyone from accessing user data 30 days after an account is canceled, and is generally forbidden from lying to users about where and when data can be shared. 

Facebook says it's already addressed many of the FTC complaints and proactively met many of the requirements outlined in the agreement, and Mark Zuckerberg today announced the appointment of two Chief Privacy Officers: Erin Egan will focus externally on policy, and Michael Richter will focus internally on products. Zuckerberg also says he's "committed to making Facebook the leader in transparency and control around privacy."

The next step is approval of the proposed settlement by the full FTC, and from there the clock begins ticking on that first privacy assessment — and we'll see if all these changes actually make any difference for users.