After New York Mag’s Select All beat Zuck to the punch with a parody of his usual “sorry not sorry” apology, the Facebook CEO posted a long note explaining the Cambridge Analytica situation — and promising a few concrete changes to the way users’ data is collected:
The key point regarding Cambridge Analytica was that the incident was a “breach of trust”:
This was a breach of trust between Kogan, Cambridge Analytica and Facebook. But it was also a breach of trust between Facebook and the people who share their data with us and expect us to protect it. We need to fix that.
While that won’t offer much in the way of reassurance to users whose data was taken, Zuckerberg’s note goes on to promise a few changes which, at first glance, do actually appear privacy-friendly:
First, we will investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity….
Second, we will restrict developers’ data access even further to prevent other kinds of abuse. For example, we will remove developers’ access to your data if you haven’t used their app in 3 months. We will reduce the data you give an app when you sign in — to only your name, profile photo, and email address. We’ll require developers to not only get approval but also sign a contract in order to ask anyone for access to their posts or other private data. And we’ll have more changes to share in the next few days.
Third, we want to make sure you understand which apps you’ve allowed to access your data. In the next month, we will show everyone a tool at the top of your News Feed with the apps you’ve used and an easy way to revoke those apps’ permissions to your data. We already have a tool to do this in your privacy settings, and now we will put this tool at the top of your News Feed to make sure everyone sees it.
The efficacy of the first and third points depend, respectively, on how much Facebook follows through with the audit threat and whether users will actually use the tool at the top of the News Feed.
But the second should have immediate effects, even for users who don’t take any action. If you haven’t done so yet, it’s worth checking out your Facebook apps list — you’ll likely be shocked at how many apps you have connected that are sucking up your data. By turning off apps after they haven’t been used for three months — and by limiting the initial data apps are allowed to take, passive users should be in a better situation.
But while the steps going forward might be positive, the apology probably won’t be enough to get Zuck and Facebook off the hook when it comes to answering for Cambridge Analytica:
Update, 4:25 pm: Sheryl Sandberg, Facebook’s COO, chimed in to note that Facebook “know[s] that this was a major violation of peoples’ trust, and I deeply regret that we didn’t do enough to deal with it”:
Update, 4:30 pm: And here’s the official Facebook response, which somehow starts with the sentence “Protecting people’s information is the most important thing we do at Facebook.”