Mark Zuckerberg Says It Will Take a ‘Multiyear Effort’ to Fix Facebook’s Security Issues

The apology tour continues

Mark Zuckerberg explained Facebook's plan to combat security issues. Getty Images
Headshot of Marty Swant

It’ll be a “multiyear effort” to fix Facebook’s security and content issues, according to Facebook CEO Mark Zuckerberg.

Speaking during a press call this afternoon, Zuckerberg once again took responsibility for the policies that led to as many as 87 million users having their data improperly used by the British data firm Cambridge Analytica.

On the nearly hour-long call, Zuckerberg said the company “didn’t take a broad enough view” of its responsibility to protect the platform from the likes of fake news, foreign interference and hate speech, describing the oversight as a “huge mistake, and it was my mistake.” While the company has announced plans to audit all apps with access prior to 2015, he said the company should have begun reviewing them sooner.

“Knowing what I know today, clearly we should have done more and we will going forward,” he said.

The remarks come a week before Zuckerberg travels to Washington, D.C., to testify in front of members of Congress about Facebook’s privacy policies. He pointed out that the company has 13,000 people working on security and content issues with plans to hire another 7,000 by the end of the year.

Facebook has spent the past several weeks in crisis mode after revealing that Cambridge Analytica—a firm with ties to the Trump campaign—received user data from a Russian researcher, who exploited 270,000 users who downloaded a personality app back in 2014. While Facebook has said it fixed the problem in 2015, the fallout has led to a number of questions about how Facebook collects data, which apps have access to it and whether users understand the breadth of the information they share.

Cambridge Analytica released its own statement this afternoon about the data it licensed. While Facebook said the company might have accessed as many as 87 million users’ accounts, the company said it was for “no more than 30 million people,” adding that the data was not used during the 2016 presidential election.

Next month, the European Union will begin enforcing its General Data Protection Regulations—a far-reaching set of policies that will govern everything from the collection of data to the disclosure of it. He said overall regulations like GDPR are “very positive,” clarifying that Facebook plans to run Facebook’s controls across the world rather than just in Europe.

“Is it going to be exactly the same format? Probably not,” he said. “We need to figure out what makes senses for the different markets with different laws and in different places, but let me repeat this: We’re going to make all the same controls and settings available everywhere—not just in Europe.”

The revelations have also led to the Federal Trade Commission opening an investigation into whether Facebook violated a 2011 consent decree related to its privacy policies. Asked whether Facebook believes it has violated any settlement, Zuckerberg didn’t answer the question, but said, “We’ve worked hard to make sure we comply with it. But I think the reality here is we need to take a broader view of our responsibility rather than just the legal responsibility.”

@martyswant Marty Swant is a former technology staff writer for Adweek.