Facebook chief Mark Zuckerberg on Wednesday finally weighed in on the Cambridge Analytica scandal in a post that pledged to investigate all apps that had access to large amounts of user data before Facebook changed its rules in 2014, and further restrict current developers’ access to data.
“I started Facebook, and at the end of the day I’m responsible for what happens on our platform,” Zuckerberg wrote on his personal Facebook page.
The CEO has been under pressure to speak up about the data-sharing debacle, which has now been in the news since Friday night, when a Facebook VP addressed it in a blog post. “I’ve been working to understand exactly what happened and how to make sure this doesn’t happen again,” Zuckerberg wrote today.
COO Sheryl Sandberg shared Zuckerberg’s post on her own page and reiterated that she “spent the past few days working to get a fuller picture so we can stop this from happening again.”
“We know that this was a major violation of peoples’ trust, and I deeply regret that we didn’t do enough to deal with it,” Sandberg said.
The bulk of Zuckerberg’s post outlines what we already know: in 2013, Dr. Aleksandr Kogan developed a personality test app that gathered data, with permission, from 270,000 Facebook users. That information should have remained with Kogan, who said he needed it for academic research. But he instead gave it Strategic Communication Laboratories (SCL)/Cambridge Analytica and SCL’s Christopher Wylie. They used it to build profiles on potential voters for GOP candidates like Ted Cruz and Donald Trump.
The operation was not limited to 270,000 people, though. Kogan’s app also provided access to friends of friends, ultimately supplying Cambridge with 50 million raw profiles, according to the New York Times.
Facebook found out about this in 2015 and order Cambridge to delete the data, which it said it did. But the Times, The Guardian, and the UK’s Channel 4 reported recently that it had not, prompting Facebook to ban Cambridge, Kogan, and Wylie from its platform completely last week.
Submit to an Audit or Get Banned
Facebook no longer allows for the type of data collection Kogan engaged in five years ago; rule changes put in place in 2014 effectively banned the collection of data from friends of friends without permission.
But what about pre-2014? Zuckerberg said today that Facebook “will investigate all apps that had access to large amounts of information before we changed our platform…and we will conduct a full audit of any app with suspicious activity.”
Those who refuse an audit or are found to have misused data will be banned. Facebook pledged to notify users whose data was misused; “That includes people whose data Kogan misused here as well,” Zuckerberg said.
All developers, meanwhile, will have access to less data going forward. “We will reduce the data you give an app when you sign in— to only your name, profile photo, and email address,” Zuckerberg said. “We’ll require developers to not only get approval but also sign a contract in order to ask anyone for access to their posts or other private data. And we’ll have more changes to share in the next few days.”
Meanwhile, if you don’t use an app for three months, Facebook will remove developer access to it.
Facebook also promised to put its privacy controls front and center on the News Feed in the next month.