Facebook's Zuckerberg apologizes for data 'breach of trust'

In this April 18, 2017 file photo, Facebook CEO Mark Zuckerberg speaks at his company's annual F8 developer conference in San Jose, Calif.
In this April 18, 2017 file photo, Facebook CEO Mark Zuckerberg speaks at his company's annual F8 developer conference in San Jose, Calif.

Breaking five days of silence, Facebook chief executive Mark Zuckerberg apologized for a "major breach of trust," admitted mistakes and outlined steps to protect user data in light of a privacy scandal involving a data-mining firm with ties to President Donald Trump's general election campaign.

"I am really sorry that happened," Zuckerberg said of the scandal involving data-mining firm Cambridge Analytica. Facebook has a "responsibility" to protect its users' data, he said Wednesday in an interview on CNN. If it fails, he said, "we don't deserve to have the opportunity to serve people."

His mea culpa on cable television came a few hours after he acknowledged his company's mistakes in a Facebook post -- without saying he was sorry.

Cambridge Analytica was accused last week of using data improperly obtained from roughly 50 million Facebook users to try to sway elections.

Zuckerberg and Facebook's No. 2 executive, Sheryl Sandberg, had been quiet since the news broke Friday. Cambridge Analytica's clients included Trump's campaign.

Among other things, Zuckerberg said in his Facebook post, the tech giant will investigate thousands of apps that used large amounts of data at the time. He said Facebook will give users new tools for how their data are being used and shared, and would further restrict developers' access to data to prevent abuse.

"I started Facebook, and at the end of the day I'm responsible for what happens on our platform," he wrote. "While this specific issue involving Cambridge Analytica should no longer happen with new apps today, that doesn't change what happened in the past. We will learn from this experience to secure our platform further and make our community safer for everyone going forward."

Specifically, he wrote, the company would restrict the data that third-party developers can access to a name, profile photo, and email address and will require developers to sign a contract before being allowed to ask Facebook users for rights to their posts. The company will post a new feature on the top of every Facebook user's news feed with a list of the apps they have used and an easy way to revoke the app's access, he said.

Responding to lawmakers' calls for him to testify before Congress, Zuckerberg said on CNN that he would be "happy" to do so, but only if it was "the right thing to do." He went on to note that other Facebook officials might be more appropriate witnesses depending on what Congress wanted to know.

At one point, the Facebook chief seemed to favor regulation for Facebook and other Internet giants -- at least the "right" kind of rules, he said, such as ones that require online political ads to disclose who paid for them.

The social media company suspended Cambridge Analytica on Friday. Earlier this week, Facebook said it would audit the firm to determine if it had deleted the data it apparently used in an unauthorized way.

But the dayslong silence from the company's top executives only seemed to draw more attention to its woes -- especially after neither Zuckerberg nor Sandberg appeared Tuesday at a company town-hall-style meeting.

Facebook shares have dropped about 8 percent, lopping about $46 billion off the company's market value, since the revelations were first published.

News organizations published articles asking when company executives would speak. A #DeleteFacebook campaign gained momentum after Brian Acton, who made millions after Facebook purchased his app WhatsApp in 2014, said he was deleting the social network.

Behind the scenes, Facebook was in damage-control mode. Lobbyists made the rounds on Capitol Hill. Communications executives sent statements to journalists saying workers and executives, including Zuckerberg, were "outraged" about being deceived -- though little was said about Facebook's own responsibilities except to defend the legality of their actions.

Facebook said in a news release Wednesday that it will inform people whose data were misused by apps.

The company said it was "building a way" for people to know if their data were accessed by "This Is Your Digital Life," the psychological-profiling quiz app that researcher Aleksandr Kogan created and paid about 270,000 people to take part in.

Cambridge Analytica later obtained information from the app for about 50 million Facebook users, as the app also vacuumed up data on people's friends -- including those who never downloaded the app or gave explicit consent.

Chris Wylie, a Cambridge co-founder who left in 2014, has said one of the firm's goals was to influence people's perceptions by injecting content, some misleading or false, all around them. It's not clear whether Facebook would be able to tell users whether they had seen such content.

Cambridge has shifted the blame to Kogan, which the firm described as a contractor. Kogan described himself as a scapegoat.

Kogan, a psychology researcher at Cambridge University, told the BBC that both Facebook and Cambridge Analytica have tried to place the blame on him, even though the firm ensured him that everything he did was legal.

"One of the great mistakes I did here was I just didn't ask enough questions," he said. "I had never done a commercial project. I didn't really have any reason to doubt their sincerity. That's certainly something I strongly regret now."

He said the firm paid about $800,000 for the work, but it went to participants in the survey.

"My motivation was to get a data set I could do research on," he said. "I have never profited from this in any way personally."

Sandy Parakilas, who worked in data protection for Facebook in 2011 and 2012, told a U.K. parliamentary committee Wednesday that the company was vigilant about its network security but lax when it came to protecting users' data.

He said personal data, including email addresses and in some cases private messages, were allowed to leave Facebook servers with no real controls on how the data were used after that.

"The real challenge here is that Facebook was allowing developers to access the data of people who hadn't explicitly authorized that," he said, adding that the company had "lost sight" of what developers did with the data.

Authorities in Britain and the United States are investigating.

The Senate Commerce Committee recently sent Facebook a list of questions about its dealings with Cambridge Analytica, and staff members were questioning company leaders privately Wednesday.

Information for this article was contributed by Elizabeth Dwoskin of The Washington Post; and by Barbara Ortutay, Danica Kirka and Gregory Katz of The Associated Press.

A Section on 03/22/2018

Upcoming Events