Facebook Cuts 100+ in Privacy, Risk Teams

Facebook (OK, OK, the company formally known as Meta) is reportedly laying off more than 100 people from its privacy and risk management teams, telling employees that improvements in automation technology and global technical controls means that “we don’t need as many roles.” The cutbacks are a useful glimpse into the evolving state of compliance, audit, and risk management jobs, so let’s take a close look.

The cutbacks were first reported late last week by Business Insider, which obtained an internal memo from Michael Protti, the tech giant’s chief privacy and compliance officer for product and engineering teams. Protti’s memo told employees that “by moving from bespoke, manual reviews to a more consistent and automated process, we’ve been able to deliver more accurate and reliable compliance outcomes across Meta.” 

As a result, the memo continued, “we don’t need as many roles in some areas as we once did.”

Apparently the cutbacks will end up consolidating Facebook’s Global Security & Privacy team with its Regulatory Readiness team and the Data Protection Officer’s office. They’ll all be part of one new structure called the Regulatory Compliance Program office, managed from London. (At least, that’s what I glean from multiple published reports today, all based on the leaked memo to Business Insider. If anyone at Facebook wants to talk confidentially, email me at [email protected].)

The affected teams seem to be the ones responsible for complying with Facebook’s 2019 settlement with the Federal Trade Commission, where the company paid $5 billion for violating a previous FTC privacy settlement from 2012. The 2019 settlement included strict new expectations for privacy controls and independent audits every other year until 2039. (Protti, in fact, was moved into his product privacy role as part of the settlement.) 

Facebook also recently announced that it was cutting 600 jobs in its artificial intelligence unit. It’s not clear whether these 100 privacy compliance layoffs are part of that number or in addition to it. I don’t know how many employees work on Facebook’s compliance teams in total.

GRC Maturity or AI?

We all sympathize with the 100-ish Facebook employees soon to lose their jobs. The larger issue for the rest of us, however, is whether this story reflects a larger fear: that process automation and artificial intelligence are making compliance and audit jobs obsolete. 

We can’t draw such a broad conclusion from one Facebook memo alone, especially since the contents of that memo haven’t been made public. Plus, go back to the parts of Protti’s memo that we have seen; he’s talking about the development of “consistent and automated processes,” not artificial intelligence. Maybe AI is indeed part of what he means there, but I think if that were the case, we’d see headlines more like “AI makes 100+ compliance jobs obsolete!” We’re not seeing those. 

Instead, let’s consider several large trends that have happened at Facebook. Since 2020, the company… 

• Hired gobs and gobs of people in the early 2020s;
• Laid off gobs of people in 2023;
• Hired more gobs of people in 2024, although not as many gobs as in 2021-22;
• Launched several major products, including the Metaverse (flop), early-generation smart glasses (flop), artificial intelligence (yet to deliver), and another generation smart glasses (still too early to tell);
• Acquired 11 businesses in 2021 and 2022, most of them too small for formal disclosure of purchase price;
• Nearly doubled its revenue from $85.9 billion in 2020 to $164.5 billion in 2024 (and racked up another $89.8 billion in the first half of this year). 

That’s a lot of hiring, firing, product development, and growth. So when Protti says Facebook has achieved robust, automated compliance processes now, which therefore implies the company had less robust and automated compliance processes in the past — well, that’s very plausible. Facebook was all over the map in the first half of the 2020s. 

So maybe this is just an example of a large company that improved its GRC efforts to the point that it could eliminate manual processes and the people that went along with those processes. 

What About AI Stealing Our Jobs?

I’m still not convinced that AI will steal our jobs. It will re-arrange some compliance tasks, yes; eliminate some work here while introducing other work there, sure; relieve some problems while exacerbating others, absolutely.

But none of that is the same as AI eliminating work for compliance and audit professionals. 

I do see those headlines that regularly streak across the interwebs, where various CEOs say, “No really! AI is going to transform every job and eliminate lots of ’em!” (The Wall Street Journal and Axios in particular run these headlines often.) And I know that the job market these days is exceedingly frustrating and job growth is slowing. But we need to remember… 

• Macro-economic forces are sapping the job market regardless of any advances in AI. In particular, President Trump’s tariffs and other erratic, dumb policy choices are terrible for growth.
• Lots of companies over-hired in the early 2020s, just like Facebook. Then they got walloped by inflation and high interest rates, which took the wind out of their sails just as payroll costs ballooned.
• CEOs often don’t know what they’re talking about — or more precisely, they often grasp strategic possibilities without understanding the practical requirements to get there. So, quite simply, some of these CEOs don’t know what they’re talking about.

In other words, it’s quite possible that CEOs are using AI as cover to lay off workers they were wanting to lay off anyway. Even if ChatGPT and its brethren were never invented, we’d probably still be pretty much where we are right now. Just a few weeks ago, for example, 

And let’s not forget that for all the promise and investment of AI, the economics of artificial intelligence remain vague and unproven. I’m more in the camp of technology writer and AI cynic extraordinaire Cory Doctorow, who fired off this analysis last month:

AI cannot do your job, but an AI salesman can 100% convince your boss to fire you and replace you with an AI that can’t do your job, and when the bubble bursts, the money-hemorrhaging “foundation models” will be shut off and we’ll lose the AI that can’t do your job, and you will be long gone, retrained or retired or “discouraged” and out of the labor market, and no one will do your job.

I’m not sure I agree with his last bit there, especially since nobody doing compliance, audit, or risk management jobs is a recipe for disaster. But I do agree with him that the economics of AI remain unproven. Maybe we’re going through a collective phase of job-cutting mania and none of the promised gains will materialize. Wouldn’t be the first time.