After several days of silence, Facebook CEO has finally issued an official statement on the misuse of user data by analytics firm Cambridge Analytica.
The statement comes among many wondering why the two Facebook executives with the greatest name recognition -- Zuckerberg and COO Sheryl Sandberg -- were remaining silent on the situation since the news first broke last Friday evening.
On Tuesday, a representative for Facebook issued a statement to the Daily Beast that "Mark, Sheryl and their teams are working around the clock to get all the facts and take the appropriate action moving forward."
Finally, this afternoon, Zuckerberg posted an official written statement on his Facebook Page, where he opened with:
"We have a responsibility to protect your data, and if we can't then we don't deserve to serve you."
Zuckerberg's Timeline of Events
In the statement, he provided an outline of events leading up the recent revelations about Cambridge Analytica's possession of the user data, which we covered in-depth here. Here's a quick timeline of his account:
2007: Facebook is founded.
2013: A Cambridge University professor named Aleksandr Kogan develops a personality quiz app that was installed by roughly 300,000 Facebook users, allowing the app developers to access their data and their friends' data. At the time, Facebook allowed this activity.
2014: Facebook institutes new rules changing the way apps can capture and use member data.
2015: The Guardian reports that Kogan shared data with Cambridge Analytica, which violated Facebook's rules about the transfer of user data to third parties. In the months following, Facebook "demanded" the deletion of any user data in Kogan's or Cambridge Analytica's possession, as well as certification that it had been destroyed.
2018: The Guardian, New York Times, and British television Channel 4 all produce reports indicating that Cambridge Analytica may not have destroyed the user data, even though it provided Facebook with certification that it had done so.
How Zuckerberg Says Facebook Will Fix This
While Zuckerberg's statement does claim that Facebook "already took the most important steps" to prevent the misuse of personal user data in 2014, he also admitted that "there's more we need to do." The solution, he says, exists in three key steps.
1. "Investigate all apps that had access to large amounts of information."
This applies to the apps that were able to access personal user data before Facebook changed its rules in 2014. It will also include an investigation of "any app with suspicious activity," and app developers that do not consent to an investigation or audit will be banned, as will those who are discovered to have abused user data.
2. "Restrict developers' data access even further to prevent other kinds of abuse."
For this step, Zuckerberg says that if a user hasn't engaged with an app in three months, the developers' access to it will be revoked. Plus, Facebook will limit the data these apps can access to the user's name, profile photo, and email address. Developers requesting access to this data will have to be approved and sign a contract -- more changes here are expected to be announced as the story continues to unfold.
3. "We want to make sure you understand which apps you've allowed to access your data."
Within the next month, Zuckerberg says Facebook will roll out an app dashboard of sorts appearing at the top of the News Feed, which will display all of the apps someone has used, along with a simplified method of revoking their access to personal data. According to the statement, that feature is already available in user privacy settings, but now, Facebook will make it more visible and easier to access.
The full text of Zuckerberg's statement is below.
This is a developing story that I'll be monitoring as it unfolds. Questions? Feel free to weigh in on Twitter.