Facebook’s very public fall from grace has been at the center of the news cycle for a few years now. The company’s motto used to be “move fast and break things”; now it might be “move fast and fix reputation.” On Tuesday, Wired published an article titled “15 Months of Fresh Hell Inside Facebook,” using former employees to tell the story in new detail. The report focuses on the platform’s internal corporate skirmishes and political blunders, along with the social network’s repeated failure to prioritize user privacy.
“[Facebook]’s prime decision makers had run the same playbook successfully for a decade and a half: Do what they thought was best for the platform’s growth (often at the expense of user privacy), apologize if someone complained, and keep pushing forward,” Wired editor-in-chief Nicholas Thompson and contributing editor Fred Vogelstein wrote. That “pushing forward” was confirmed in internal emails between CEO Mark Zuckerberg and Facebook executives where, as the article points out, it was determined “that Facebook promoted growth at the expense of almost any other value.”
This tactic backfired and sent CEO Mark Zuckerberg on an apology tour for the greater part of 2018 and into 2019. The Wired story details the discrepancies between Facebook’s internal messaging and its public facade. And it doesn’t end there. Just this month, what was likely an inside joke among Facebook employees surfaced publicly when Oculus announced that VR controllers with labels saying “Big Brother Is Watching” and “The Masons Were Here” were mistakenly shipped to customers. Oculus cofounder Nate Mitchell said they were prototype units not intended for buyers: “While I appreciate easter eggs, these were inappropriate and should have been removed.” Facebook, Oculus’s parent company, said it has investigated the incident and will make sure it doesn’t happen again.
Long before Big Brother jokes, in 2004, the then-20-year-old Zuckerberg called users “dumb fucks” for handing over information—like email addresses, physical addresses, and photos—to the network. Over the years, it’s become all too apparent that privacy is not Facebook’s first priority; in fact, these leaked internal conversations only reinforce users’ fears.
Recently, it was revealed that the company “mistakenly deleted” years of Zuckerberg’s public posts on the platform. But luckily, we have the Zuckerberg Files, a digital archive of the CEO’s statements. The archive, created by privacy and internet ethics scholar Michael Zimmer, is run by the School of Information Studies at the University of Wisconsin-Milwaukee. It includes everything Zuckerberg has publicly said or posted about a wide range of topics—and here, we are highlighting his comments over the years on the issue of user privacy. It’s quite a journey, beginning with young bluster and ending with cagey lawyer-speak.
The Early, Easy Years (2005-2008)
“We give people pretty good control over their privacy.” (Mark Zuckerberg at Stanford University, 2005)
“We’re obviously, like, really sensitive to people’s privacy.” (Mark Zuckerberg guest lecture at Harvard University, 2005)
“We got people through this really big hurdle of wanting to put up their full name, or real picture, mobile phone number … and the way that that happened was by building really good privacy controls.” (Mark Zuckerberg interview at Web 2.0, 2008)
Like many users at the time, Zuckerberg held a view on privacy that fell somewhere between bullish and cavalier. It was a different, less tech-savvy era, and Facebook’s function was different. The site was still a network for university students only, centered squarely on debaucherous party photos and less-than-family-friendly comments. College kids’ .edu email addresses provided a certain amount of security to users; Facebook began as a place to share with peers only. However, that small security blanket was removed when Facebook invited the rest of the world to start using the network in 2006, and then again in 2012 when the rollout of the Timeline surfaced old (and seemingly private, or at least hard to find) Wall posts without taking measures to make certain prior conversations weren’t entirely exposed. Soon, those early days—and Facebook’s rather ambivalent attitude—would be over.
“We Are Actually A Privacy Innovation” (2009-2016)
“The privacy controls on Facebook are really unparalleled by anything else.” (Mark Zuckerberg with BBC News, 2009)
“Our business model is by far the most privacy-friendly to consumers and we talk about it the most and I think we’re the light. We’re the light. We are the transparent place where people can understand and I think you will continue to see conversations about Facebook and privacy but it’s because we lead and we care so much about it.” (COO Sheryl Sandberg interview with Charlie Rose, 2011)
“We have found ways in very privacy protective ways to work with third parties.” (Sheryl Sandberg 2014 Q2 earnings call)
“I think that Facebook and all of the success we’ve had is that we are actually a privacy innovation.” (Mark Zuckerberg Berlin Q&A, 2016)
At a certain point, Facebook decided to come out swinging against the growing public mistrust of its network, bragging about its privacy policy at every available press opportunity. Facebook updated its privacy tools in 2010, and at the time, they were indeed a massive and necessary upgrade. The introduction of News Feed had not gone smoothly, and Facebook was left grappling with how to help people filter who saw their content. The update simplified Facebook’s privacy settings and introduced the drop-down toggle so that users could control their audience more quickly. These were—and are—good tools, but obviously, the bravado with which Facebook touted its privacy capabilities did not age well. Because hers were perhaps the most cringe-inducing of the bunch, Sandberg’s statements also made the cut.
The Dark Years (2018-Today)
“I think the feedback that we’ve gotten from our community and from the world is that privacy and having the data locked down is more important to people than maybe making it easier to bring more data and have different kinds of experiences.” (Mark Zuckerberg WIRED interview, 2018)
“Facebook specifically, one of the things we need to do and that I hope that more look at are just the privacy controls that you have.” (Mark Zuckerberg, Facebook Newsroom, 2018)
“And with the GDPR coming up in Europe, we’re asking everyone around the world, not just in Europe, to review your privacy controls.” (Mark Zuckerberg F8 Keynote, 2018)
“Looking ahead, we will continue to invest heavily in security and privacy because we have a responsibility to keep people safe.” (Mark Zuckerberg, Q2 2018 earnings call)
“We believe that everyone around the world deserves good privacy controls. We’ve had a lot of these controls in place for years.” (Mark Zuckerberg speaks to House committee, 2018)
“I think everyone in the world deserves good privacy protection.” (Mark Zuckerberg’s Senate hearing, 2018)
“Privacy gives people the freedom to be themselves and connect more naturally, which is why we build social networks.” (Mark Zuckerberg in a Facebook post, 2019)
Life comes at you fast: In 2018, it seemed like Facebook was forced to talk about privacy more than it had in the rest of its existence combined. A couple of years after calling itself a “privacy innovation,” the Cambridge Analytica scandal happened. The repercussions of this major privacy failure, wherein Facebook’s negligent restrictions for third-party apps led to the harvesting and sale of millions of users’ personal data, are still being felt. Users still feel an animosity toward Facebook, and the company continues to struggle to regain trust and justify its constant requests for consumer data.
At the same time all this is happening, new, fresher privacy failures are piling up. A much more serious, more buttoned-up-sounding Zuckerberg began speaking about Facebook privacy as if he were a dodgy politician. The CEO essentially went on an aggressive press tour, trying to placate the public and even began lobbying for more government regulation. All the while, Zuckerberg has been saying recently that the onus is on users to better equip the tools Facebook gave them—this, despite the fact that the Cambridge Analytica disaster was caused by the company’s lax privacy policies regarding how it shares information with third-party developers.
The latest privacy debacle to plague Facebook hit Wednesday: A Business Insider report revealed that 1.5 million users’ email contacts were mistakenly uploaded to its servers. The company’s response? “These contacts were not shared with anyone, and we’re deleting them. We’ve fixed the underlying issue and are notifying people whose contacts were imported,” a Facebook spokesperson said in a statement to BI. Facebook also made sure to note that “people can also review and manage the contacts they share with Facebook in their settings.”
By now it’s obvious that Facebook’s privacy dilemmas will continue, and so will their placating statements. But if this brief history of the company’s crafted narrative reveals anything, it’s that Facebook is either unaware of the privacy its users deserve or simply doesn’t care. And above all, this series of statements lays bare the fact that Facebook’s words can’t be taken at face value. Users are left to guess exactly what’s being said about their information and privacy rights inside the company’s walls. But old habits die hard, so we’ll likely find out in a few years.