After days of deafening silence, Facebook recently apologized for the release of the personal data of tens of millions of users, the majority of which had no idea this was happening. A TOP SEKRIT source has leaked an early draft of the apology letter, which I reproduce here.


I want to share an update on the Facebook situation.

We have a responsibility to protect your data, a view I’ve espoused unswervingly since day one (except my published IM history that dumb f**ks “trust me”—-that doesn’t count)

Trust me, we’re working hard to understand what happened and how word of what we did got into the media. The good news is that the most important actions to prevent this from happening again have already been put into place, in fact, well before the data breach even occurred.

Here’s a timeline of events:

In 2007, Facebook launched with a promise of repetitive clicking games, ex-girlfriend stalking, and poorly-sourced gossip, in exchange for all personal data on the planet.

In 2013, a Cambridge University researcher created a personality quiz app, the sort of which remain inexplicably popular. Because–well–capitalism, we offered access to everything we know about users running this app, AND everything we know about all of their connections. In all, almost fifty million users’ information flowed freely while we did nothing to stop it.

In 2014, to prevent apps from accessing so much data without paying market rates, we changed the platform to dramatically limit data access. Most importantly, we pulled a few engineers away from obfuscating the privacy settings screens to implement the obscure and seldom-requested feature of not giving out personal data without permission (except for government requests–they don’t count).

In 2015, it became known to journalists that shared data had made its way to Cambridge Analytica, a private company that nobody hated yet. Let’s be clear: protecting the details of people’s personal lives is our chief concern. Rather than allow a third-party company to intrude on our space, we demanded that they delete all the data, which they certified they did.

Last week, we learned (again from journalists–what is their deal?) that we had known for years that Cambridge Analytica didn’t erase the data as they had certified. We are shocked that any company could engage in such unethical behavior. In response, we immediately banned the account of the whistleblower who brought this situation to our attention. We’re also working with Congress, the FTC, the states of Massachusetts and New York, various agencies in the EU, and numerous plaintiffs, to minimize the damage this series of events has caused.

And yet there’s still more we need to do. I’ll outline those steps here:

First, we’ll make several public shows of contrition and implement a set of largely useless policies that repetitively make use of the word “ban,” especially if they don’t cost us any of the billions we’ve accumulated.

Second, we will restrict developers’ data access (except for governments–they don’t count) even further. I haven’t really thought this out, so I’ll have more changes to share in the next few days.

Third, we will again reshuffle our complicated privacy preferences page, bringing certain elements into your newsfeed, using the space left over by all your friends’ non-boosted postings that have been filtered by our algorithm.

I started Facebook (except for the Winklevii–they don’t count), and at the end of the cliché I’m responsible for what happens on our platform. I’m serious about doing what it takes to protect our community of shareholders–including committee editing of this draft prior to publication to the point it reads like a robot wrote it.

I want to thank all my product who continue to use Facebook and build this community together. Fixing these issues will take time, but it will be worth the trouble. Specifically–about $50 Billion in market cap. I promise we’ll work through these issues to provide better for everyone who matters. Trust me.


Like fiction about megacorporations behaving badly? You’ll like LevelUP (coming April 2018).

Read the first chapter here.