“I started Facebook, and at the end of the day I’m responsible for what happens on our platform” Facebook CEO Mark Zuckerberg posted after days of the public and government officials waiting for him to speak up about the Cambridge Analytica scandal since it broke Friday. “We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you.”
For more on what Zuckerberg omitted in his statement, check out our feature piece
Zuckerberg laid out a slate of changes Facebook will make to prevent past and future abuses of user data by app developers. Those include:
- Blocking data access of apps you haven’t used for three months or more
- Auditing old apps that collected a lot of personal data
- Reducing the amount of data apps can pull using Facebook Login without an additional permissions screen to just your name, profile photo, and email address
- Requiring a signed contract from developers that want to pull your posts or private information
- Surfacing Facebook’s privacy third-party app privacy settings tool atop the News Feed to help people repeal access to apps
- Telling people if their data was misued by the app associated with Cambridge Analytica, or apps Facebook bans for misue in the future.
What’s missing from this response is any indication why Facebook didn’t do more to enforce its policy prohibiting apps from sharing user data, or why it took Cambridge Analytica at their word when they said they deleted the data without proper investigation. Or a straight-forward apology. Facebook is still playing the victim here.
Facebook was hit with one of its biggest scandals ever when multiple outlets reported that a researcher’s app pulled personal information about 270,000 users and 50 million of their friends, then passed that data to Cambridge Analytica. The political strategy firm then used that data to power messaging, targeting, and more for Donald Trump’s presidential campaign and the Brexit Leave movement.
The proposed solutions should help users take better control of their data while putting sensible friction and documentation in place for app developers that want people’s personal info or content. The audits of developers who pulled lots of friends’ data before the 2014 change that restricted that ability could root out some more bad actors.
But overall, the plan doesn’t address the fact that tons of developers pulled and may still be in possession of illicit Facebook data. Now off of Facebook’s servers, it has little control over it. Finding and deleting every copy of these data sets may be impossible. That could lead to future data scandals that may make people take Zuckerberg up on his assertion that if Facebook can’t keep people’s data safe, they shouldn’t use it.
You can read Zuckerberg’s full post below:
For more on Facebook’s Cambridge Analytica scandal, read our feature pieces: