Facebook letter in full
Here is the letter from Facebook UK's head of public policy Rebecca Stimson to Damian Collins, chair of the Commons Digital, Culture, Media and Sport Committee
26 March 2018
Dear Mr Collins
You wrote to Mark Zuckerberg on 20th March requesting that a senior Facebook executive appear before the Committee to give evidence in relation to the use of Facebook users data, stating that in your view this should be Mr Zuckerberg himself.
Facebook fully recognizes the level of public and Parliamentary interest in these issues and support your belief that these issues must be addressed at the most senior levels of the company by those in an authoritative position to answer your questions. As such Mr Zuckerberg has personally asked one of his deputies to make themselves available to give evidence in person to the Committee.
Mike Schroepfer is Chief Technology Officer and responsible for Facebook's technology including the company's developer platform. Chris Cox is Facebook's Chief Product Officer and leads development of Facebook's core products and features including News Feed. Both Chris Cox and Mike Schroepfer report directly to Mr Zuckerberg and are among the longest serving senior representatives in Facebook's 15 year history. Both of them have extensive expertise in these issues and are well placed to answer the Committee's questions on these complex subjects. One of them can be made available to the Committee straight after the Easter Parliamentary recess, depending on the Committee's preferred timing. We look forward to working with the Committee to confirm exact timings in due course.
Meanwhile work is continuing across the company on the issues raised by recent events, you will have seen last week we announced a number of immediate steps. These steps can be summarised as the following:
1. Review our platform. We will investigate all apps that had access to large amounts of information before we changed our platform in 2014 to reduce data access, and we will conduct a full audit of any app with suspicious activity. If we find developers that misused personally identifiable information, we will ban them from our platform.
2. Tell people about data misuse. We will tell people affected by apps that have misused their data. This includes building a way for people to know if their data might have been accessed via "thisisyourdigitallife." Moving forward, if we remove an app for misusing data, we will tell everyone who used it.
3. Turn off access for unused apps. If someone hasn't used an app within the last three months, we will turn off the app's access to their information.
4. Restrict Facebook Login data. We are changing Login, so that in the next version, we will reduce the data that an app can request without app review to include only name, profile photo and email address. Requesting any other data will require our approval.
5. Encourage people to manage the apps they use. We already show people what apps their accounts are connected to and control what data they've permitted those apps to use. Going forward, we're going to make these choices more prominent and easier to manage.
6. Reward people who find vulnerabilities. In the coming weeks we will expand Facebook's bug bounty program so that people can also report to us if they find misuses of data by app developers.
I would like to take this opportunity to also share with the Committee the outcome of our further analysis of the countries affected by Professor Kogan's app. We are working with our regulators in countries around the world to give them data on the number of people in their country who arc affected. We are working hard to make sure that data is as accurate as it can be. There will be two sets of data. The first is people who downloaded the app, and the second is the number of friends of those people who had their privacy settings set in such a way that the app could sec some of their data. This second figure will be much higher than the first and we will look to provide both broken down by country as soon as we can. We can now confirm that around 1% of the global downloads of the app came from users in the EU, including the UK.