The social network was accused by the regulator last year of introducing "unfair and deceptive" changes to its privacy policies in 2009, including settings that made users' confidential profile information public without their consent.
Facebook also shared personal information including status updates, geographic location and marital status with advertisers and third-party applications without telling users, the FTC said.
News of the settlement, which ties Facebook to biannual privacy inspections by an independent watchdog for the next 20 years, came just a day after Google was fined a record $22.5m (£14.4m) by the FTC for circumventing privacy protections on Apple's Safari web browser.
The allegations laid bare by the FTC about the two internet giants will heighten concern about the security of peoples' private data in some of the most popular digital destinations. Facebook boasts more than 955 million active monthly users, according to its latest figures. Google controlled two-thirds of the US search market in June and its share is even greater in most European countries, said the metrics firm ComScore.
The FTC said Facebook was liable for "a broad range of deceptive conduct" relating to what it tells users about their private profile information.
The bulk of the charges against Facebook relate to its overhaul of users' privacy settings in November 2010. The FTC said that Facebook failed to tell users that it changed the settings so they could no longer restrict access to their name, profile, picture, gender, friend list, pages, or networks.
"Facebook's failure to adequately disclose these facts, in light of the representation made, constitutes a deceptive act or practice," the FTC said.
The social network also made public users' photos and videos even after their accounts had been deactivated.
The five , commissioners were split over whether to settle the dispute, with three voting in favour, one abstaining, and Commissioner J Thomas Rosch dissenting on the basis that Facebook had denied liability for its actions. He argued that it should at least be required to take the position that it neither confirmed nor denied liability – a position he also argued in dissenting from the 4-1 verdict over Google's fine. Google denied liability to the FTC; it was fined because it was already the subject of a consent order similar to that now tying Facebook.
guardian.co.uk © Guardian News and Media Limited 2010