Facebook CEO Mark Zuckerberg during the II CEO Summit of the Americas on the sidelines of the VII Summit of the Americas in Panama City, Panama, April 10, 2015. REUTERS/Carlos Garcia Rawlins/Files

 

Mark Zuckerberg, the co-founder and chief executive of Facebook, said Wednesday night the measures to prevent the Cambridge Analytica fiasco were "already taken years ago" but that he is "responsible for what happens on our platform".

Cambridge Analytica, the British data analytics firm, is in the middle of a thunderstorm in the US and Britain after two newspapers reported Sunday that the company harvested personal data about Facebook users beginning in 2014.

Best known for assisting the 2016 presidential campaign of US President Donald Trump, the company is now facing a government search of its London office, questions from US state authorities, and a demand by Facebook that it submit to a forensic audit as well as a sudden drop in its stock value on the Wall Street.

"I want to share an update on the Cambridge Analytica situation -- including the steps we've already taken and our next steps to address this important issue," Zuckerberg said in a statement he posted on his personal Facebook account.

The social media giant's tech-nerd head had been silent on the issue till now.

He went on to say: "We have a responsibility to protect your data, and if we can't then we don't deserve to serve you. I've been working to understand exactly what happened and how to make sure this doesn't happen again. [?] But we also made mistakes, there's more to do, and we need to step up and do it."

While some media reports said Zuckerberg wanted to wait until Facebook's own audit was complete before issuing any comment, he nevertheless did so, saying there were three key methods he would like to employ.

First, users whose data was received and illegally saved by Cambridge Analytica would be notified and apps requiring permission for Facebook data would be probed and those with any "suspicious activity" audited.

Second, the developers' access to data would be reduced.

Lastly, a button will be added to the News Feed to route users to an already-existing 'privacy settings' option that shows app permissions and gives an option to revoke access.

The Facebook chief also provided a timeline of changes the company has made in its privacy and security policy.

Repercussions, top executives' 'regret'

Subsequently, Facebook COO Sheryl Sandberg said she "deeply regret(ed)" the company's slow-to-non-existent response to the issue.

"I deeply regret that we didn't do enough to deal with it," she wrote. "You deserve to have your information protected ? and we'll keep working to make sure you feel safe on Facebook.

"Your trust is at the core of our service. We know that and we will work to earn it."

Interestingly, however, Wednesday brought a host of other important developments as well. An ex-employee ? a former Facebook operations manager ? told the British House of Common?s Digital, Culture, Media, and Sport Committee that "a vast (amount) of data that passed out the door".

Sandy Parakilas, who was in charge of policing Facebook?s data handling procedures in 2011 and 2012, said data harvesting of member profiles by outside software developers was once routine and that the company took years to clamp down on the practice.

?There was very little detection or enforcement,? Parakilas said in his testimony, before adding: ?During my 16 months (at Facebook), I don?t remember a single physical audit of a developer? who was storing users? data from the social network.

?You are likely talking about tens of thousands of apps that got ?friend permissions? and some of those apps had tens ? it was huge ? or hundreds of millions of users, so there was a vast (amount) of data that passed out the door,? Parakilas said.

Facebook turned off the friend permissions feature in 2015.

Then, US resident Lauren Price on Tuesday sued Facebook and a British-based political consultancy for obtaining data from millions of the social media site's users without their permission. The complaint seeks unspecified damages, including possible punitive damages.

It marked the first of what may be many lawsuits seeking damages over Facebook's ability to protect user data, and Cambridge Analytica's exploitation of information to help Trump's election campaign.

Read Zuckerberg's statement in full here.