This larger figure, which included over a million UK users, was buried in the penultimate paragraph of a blogpost by the company’s chief #technology officer, Mike Schroepfer, published on Wednesday, which also provided updates on the changes Facebook was making to better protect user information.
Mark Zuckerberg, during a conference call shortly after the post was published, said: “We didn’t take a broad enough view on what our responsibility was and that was a huge mistake. That was my mistake.”
When asked if anyone had been fired over the data scandal, the CEO replied: “I started this place, I run it, I’m responsible for what happens here. I’m going to do the best job I can going forward. I’m not looking to throw anyone under the bus for mistakes I’ve made.”
Zuckerberg’s latest mea culpa comes one week before he is due to face questioning from members of Congress over the data scandal. He will appear before the House energy and commerce committee on Wednesday 11 April.
Schroepfer, in his blogpost, outlined sweeping changes to the way third-party developers can interact with Facebook via APIs, the digital interfaces through which third parties can interact with and extract data from the platform.
The company will no longer allow developers to access the guest list or wall posts of an event scheduled on Facebook, while developers seeking to access the data of Facebook group members will first need to get the permission from a group administrator to ensure “they benefit the group”.
Facebook is also tightening its review process for apps that request access to information such as check-ins, likes, photos and posts, making developers agree to strict requirements. Apps will no longer be allowed access to personal information such as religious or political views, relationship status, education, work history, fitness activity, news habits and activity related to news, video and games consumption.
The company is also removing a tool that allows people to search for someone on Facebook using their phone number or email address because, Schroepfer said, “malicious actors have also abused these features to scrape public profile information”.