The Federal Trade Commission has accepted a final settlement with Facebook, initially proposed last year, which requires that all future changes to privacy settings on the social network be made opt-in. Further, the company must undergo biennial privacy audits for the next 20 years from an independent third party.

Since 2009, Facebook has been under investigation by federal authorities and American senators in the wake of a series of incidents involving the sudden change of users' privacy settings, most notably Facebook Beacon, which shut down that same year.

On Friday, FTC commissioners voted 3-1-1 (including one abstention) and said that they would be keeping a close eye on the company.

“Notably, Facebook will be subject to civil penalties of up to $16,000 for each violation of the order,” the commission wrote in a statement. “We intend to monitor closely Facebook’s compliance with the order and will not hesitate to seek civil penalties for any violations.”

In November 2011, in response to the proposed settlement, Facebook’s founder, Mark Zuckerberg wrote that while his company had made mistakes with respect to privacy, that it was resolved to improve.

"I'm the first to admit that we've made a bunch of mistakes," Zuckerberg said via the company's blog. "In particular, I think that a small number of high profile mistakes, like Beacon four years ago and poor execution as we transitioned our privacy model two years ago, have often overshadowed much of the good work we've done.

"But we can also always do better. I'm committed to making Facebook the leader in transparency and control around privacy," Zuckerberg added.

Facebook did not respond immediately to requests for comment regarding the new settlement.

Mark Rotenberg, the head of the Electronic Privacy Information Center (EPIC), which was one of the groups that originally brought a complaint against Facebook to the FTC back in 2009, wrote to Ars to say he was "generally pleased" with the new settlement.

"Though we believe the FTC could have strengthened the final terms," he added. "Most significantly, the FTC should have required Facebook to restore the original settings of its users."