Congress has released Mark Zuckerberg’s prepared testimony, in which he concedes that Facebook was « too slow to spot and respond to Russian interference »
Mark Zuckerberg, the founder and CEO of social media platform Facebook, is slated to testify before Congress for the first time on Tuesday, April 10, for his company’s failure to protect user information. It will be the first of two back-to-back appearances the executive will make this week — the first will take place before the joint hearing of the Senate Judiciary and Commerce committees, and on Wednesday, Zuckerberg will testify in front of the House Energy and Commerce Committee. The legislature has released the entrepreneur’s prepared testimony ahead of his Wednesday hearing, in which Zuckerberg concedes that Facebook was “too slow to spot and respond to Russian interference” during the 2016 election.
“We face a number of important issues around privacy, safety, and democracy, and you will rightfully have some hard questions for me to answer,” begins Zuckerberg’s statement. “Facebook is an idealistic and optimistic company,” the statement reads. “For most of our existence, we focused on all the good that connecting people can bring. As Facebook has grown, people everywhere have gotten a powerful new tool to stay connected to the people they love, make their voices heard, and build communities and businesses.” Indeed, the social network has been crucial in helping individuals organize — it played a large role in disseminating the #metoo movement, has helped raise funds for Hurricane Harvey relief, and also help organize the March for Our Lives demonstration.
That said, Zuckerberg notes that Facebook has, for many years, been a double-edged sword. “We didn’t take a broad enough view of our responsibility, and that was a big mistake,” the executive says. “It was my mistake, and I’m sorry. I started Facebook, I run it, and I’m responsible for what happens here.”
Zuckerberg’s full remarks can be found below:
Chairman Walden, Ranking Member Pallone, and Members of the Committee,
We face a number of important issues around privacy, safety, and democracy, and you will rightfully have some hard questions for me to answer. Before I talk about the steps we’re taking to address them, I want to talk about how we got here.
Facebook is an idealistic and optimistic company. For most of our existence, we focused on all the good that connecting people can bring. As Facebook has grown, people everywhere have gotten a powerful new tool to stay connected to the people they love, make their voices heard, and build communities and businesses. Just recently, we’ve seen the #metoo movement and the March for Our Lives, organized, at least in part, on Facebook. After Hurricane Harvey, people raised more than $20 million for relief. And more than 70 million small businesses now use Facebook to grow and create jobs.
But it’s clear now that we didn’t do enough to prevent these tools from being used for harm as well. That goes for fake news, foreign interference in elections, and hate speech, as well as developers and data privacy. We didn’t take a broad enough view of our responsibility, and that was a big mistake. It was my mistake, and I’m sorry. I started Facebook, I run it, and I’m responsible for what happens here.
So now we have to go through every part of our relationship with people and make sure we’re taking a broad enough view of our responsibility.
It’s not enough to just connect people, we have to make sure those connections are positive. It’s not enough to just give people a voice, we have to make sure people aren’t using it to hurt people or spread misinformation. It’s not enough to give people control of their information, we have to make sure developers they’ve given it to are protecting it too. Across the board, we have a responsibility to not just build tools, but to make sure those tools are used for good.
It will take some time to work through all of the changes we need to make, but I’m committed to getting it right.
That includes improving the way we protect people’s information and safeguard elections around the world. Here are a few key things we’re doing:
Over the past few weeks, we’ve been working to understand exactly what happened with Cambridge Analytica and taking steps to make sure this doesn’t happen again. We took important actions to prevent this from happening again today four years ago, but we also made mistakes, there’s more to do, and we need to step up and do it.
In 2007, we launched the Facebook Platform with the vision that more apps should be social. Your calendar should be able to show your friends’ birthdays, your maps should show where your friends live, and your address book should show their pictures. To do this, we enabled people to log into apps and share who their friends were and some information about them.
In 2013, a Cambridge University researcher named Aleksandr Kogan created a personality quiz app. It was installed by around 300,000 people who agreed to share some of their Facebook information as well as some information from their friends whose privacy settings allowed it. Given the way our platform worked at the time this meant Kogan was able to access some information about tens of millions of their friends.
In 2014, to prevent abusive apps, we announced that we were changing the entire platform to dramatically limit the Facebook information apps could access. Most importantly, apps like Kogan’s could no longer ask for information about a person’s friends unless their friends had also authorized the app. We also required developers to get approval from Facebook before they could request any data beyond a user’s public profile, friend list, and email address. These actions would prevent any app like Kogan’s from being able to access as much Facebook data today.
In 2015, we learned from journalists at The Guardian that Kogan had shared data from his app with Cambridge Analytica. It is against our policies for developers to share data without people’s consent, so we immediately banned Kogan’s app from our platform, and demanded that Kogan and other entities he gave the data to, including Cambridge Analytica, formally certify that they had deleted all improperly acquired data — which they ultimately did.
Last month, we learned from The Guardian, The New York Times and Channel 4 that Cambridge Analytica may not have deleted the data as they had certified. We immediately banned them from using any of our services. Cambridge Analytica claims they have already deleted the data and has agreed to a forensic audit by a firm we hired to investigate this. We’re also working with the U. K. Information Commissioner’s Office, which has jurisdiction over Cambridge Analytica, as it completes its investigation into what happened.
We have a responsibility to make sure what happened with Kogan and Cambridge Analytica doesn’t happen again. Here are some of the steps we’re taking:
Safeguarding our platform. We need to make sure that developers like Kogan who got access to a lot of information in the past can’t get access to as much information going forward.
1. We made some big changes to the Facebook platform in 2014 to dramatically restrict the amount of data that developers can access and to proactively review the apps on our platform. This makes it so a developer today can’t do what Kogan did years ago.
2. But there’s more we can do here to limit the information developers can access and put more safeguards in place to prevent abuse.
3. Investigating other apps. We’re in the process of investigating every app that had access to a large amount of information before we locked down our platform in 2014. If we detect suspicious activity, we’ll do a full forensic audit. And if we find that someone is improperly using data, we’ll ban them and tell everyone affected.
4. Building better controls. Finally, we’re making it easier to understand which apps you’ve allowed to access your data. This week we started showing everyone a list of the apps you’ve used and an easy way to revoke their permissions to your data. You can already do this in your privacy settings, but we’re going to put it at the top of News Feed to make sure everyone sees it. And we also told everyone whose Facebook information may have been shared with Cambridge Analytica.
Beyond the steps we had already taken in 2014, I believe these are the next steps we must take to continue to secure our platform.
Facebook’s mission is about giving people a voice and bringing people closer together. Those are deeply democratic values and we’re proud of them. I don’t want anyone to use our tools to undermine democracy. That’s not what we stand for.
We were too slow to spot and respond to Russian interference, and we’re working hard to get better. Our sophistication in handling these threats is growing and improving quickly. We will continue working with the government to understand the full extent of Russian interference, and we will do our part not only to ensure the integrity of free and fair elections around the world, but also to give everyone a voice and to be a force for good in democracy everywhere.
Elections have always been especially sensitive times for our security team, and the 2016 U. S. presidential election was no exception.
Our security team has been aware of traditional Russian cyber threats — like hacking and malware — for years. Leading up to Election Day in November 2016, we detected and dealt with several threats with ties to Russia. This included activity by a group called APT28, that the U.
