当地时间3月21日晚上9点，CNN播出了Facebook CEO扎克伯格（Mark Zuckerberg）针对Facebook用户信息外泄一事的专访。扎克伯格承认这是一起重大的信任危机，他对此感到非常抱歉。他还表示，他很确定有人试图利用Facebook干扰美国中期选举。（完整时间线请跳至文章中段）

专访片段播出之前，扎克伯格已经在Facebook的个人主页上首次公开回应了用户信息外泄事件。他说，虽然Facebook在2014年已经对用户信息外泄一事采取过重要措施，但同时也犯了一些错误，接下来将积极思考如何防止事件再次发生。他表示，Facebook有责任保护用户数据，否则不配提供服务。

COO 桑德伯格（Sheryl Sandberg）转发了扎克伯格的声明，并称“我们很后悔在处理这件事上做的不够”。

在专访中，扎克伯格再次重申“如果我们不能保护好用户数据，就不配为用户提供服务。”他表示，接下来的Facebook将如他之前发表的声明中所说，从调查可疑的第三方APP，限制开发商权限，保障用户知情权等3个方面应对此次事件。

图片来自CNN

在被主持人问及“是否认为有人在利用Facebook的干扰美国中期选举”时，扎克伯格给出了肯定的回答。他证实Facebook的确观测到了一些与政治干预相关的现象，今年Facebook加倍了安全部门的员工数量，未来将有20,000个员工的工作内容是网络安全和内容审查。“但是安全问题不是一个可以彻底解决的问题......只要Facebook的对世界来说仍然很重要，我们就将不断努力下去”，他说。

Facebook用户信息外泄一事发生后，多位美国国会议员要求扎克伯格向立法机构作证。扎克伯格回应称，如果这样做的是正确的，他非常愿意去国会作证。

扎克伯格透露，Facebook本来就会定期去国会作证，涉及的议题也很广泛，“我们的目标就是尽可能地提供我们知道的事实”。他表示，尽管他不习惯接受媒体采访，但是在目前的情况下，他作为Facebook的代言人，必须站出来对公众发声。

3月20日，Facebook发出官方声明称，领导团队已经看到了问题的严重性，正在夜以继日地工作，收集事实和采取行动。公司上下因为被高根和剑桥分析公司欺骗而感到气愤，接下来会积极保护用户信息。此外，Facebook首席信息安全官Alex Stamos被曝将离职。

3月22日，扎克伯克和桑德伯格发表声明，强调Facebook有责任保护用户数据，否则不配提供服务，并列出了接下来的调查计划。

据报道，Facebook已经雇佣数字取证公司开展调查。剑桥分析同意调查，Kogan也给予了口头承诺，但爆料人Wylie拒绝调查。

二、进一步限制开放商获取用户信息的权限。例如，如果用户3个月内没有使用的应用程序，开发商权限将被取消。用户将仅能授权APP获取名字，头像和电子邮件。开放商在获取用户授权之外，还需签署相关协议。未来几天还将有更多措施。

三、帮助用户对授权获取信息的APP的知情权。Facebook将在个人主页信息流置顶一个小工具，方便用户查看授权应用单位或者取消授权。这个工具已经在隐私设置里开放，现在还将把它置于信息流中，以确保每个人都能够看到。

We have a responsibility to protect your data, and if we can't then we don't deserve to serve you. I've been working to understand exactly what happened and how to make sure this doesn't happen again. The good news is that the most important actions to prevent this from happening again today we have already taken years ago. But we also made mistakes, there's more to do, and we need to step up and do it.

Here's a timeline of the events:

In 2007, we launched the Facebook Platform with the vision that more apps should be social. Your calendar should be able to show your friends' birthdays, your maps should show where your friends live, and your address book should show their pictures. To do this, we enabled people to log into apps and share who their friends were and some information about them.

In 2013, a Cambridge University researcher named Aleksandr Kogan created a personality quiz app. It was installed by around 300,000 people who shared their data as well as some of their friends' data. Given the way our platform worked at the time this meant Kogan was able to access tens of millions of their friends' data.

In 2014, to prevent abusive apps, we announced that we were changing the entire platform to dramatically limit the data apps could access. Most importantly, apps like Kogan's could no longer ask for data about a person's friends unless their friends had also authorized the app. We also required developers to get approval from us before they could request any sensitive data from people. These actions would prevent any app like Kogan's from being able to access so much data today.

In 2015, we learned from journalists at The Guardian that Kogan had shared data from his app with Cambridge Analytica. It is against our policies for developers to share data without people's consent, so we immediately banned Kogan's app from our platform, and demanded that Kogan and Cambridge Analytica formally certify that th 53 34310 53 18438 0 0 7790 0 0:00:04 0:00:02 0:00:02 7789ey had deleted all improperly acquired data. They provided these certifications.Last week, we learned from The Guardian, The New York Times and Channel 4 that Cambridge Analytica may not have deleted the data as they had certified. We immediately banned them from using any of our services. Cambridge Analytica claims they have already deleted the data and has agreed to a forensic audit by a firm we hired to confirm this. We're also working with regulators as they investigate what happened.

This was a breach of trust between Kogan, Cambridge Analytica and Facebook. But it was also a breach of trust between Facebook and the people who share their data with us and expect us to protect it. We need to fix that.

In this case, we already took the most important steps a few years ago in 2014 to prevent bad actors from accessing people's information in this way. But there's more we need to do and I'll outline those steps here:

First, we will investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity. We will ban any developer from our platform that does not agree to a thorough audit. And if we find developers that misused personally identifiable information, we will ban them and tell everyone affected by those apps. That includes people whose data Kogan misused here as well.

Second, we will restrict developers' data access even further to prevent other kinds of abuse. For example, we will remove developers' access to your data if you haven't used their app in 3 months. We will reduce the data you give an app when you sign in -- to only your name, profile photo, and email address. We'll require developers to not only get approval but also sign a contract in order to ask anyone for access to their posts or other private data. And we'll have more changes to share in the next few days.

Third, we want to make sure you understand which apps you've allowed to access your data. In the next month, we will show everyone a tool at the top of your News Feed with the apps you've used and an easy way to revoke those apps' permissions to your data. We already have a tool to do this in your privacy settings, and now we will put this tool at the top of your News Feed to make sure everyone sees it.

Beyond the steps we had already taken in 2014, I believe these are the next steps we must take to continue to secure our platform.

I started Facebook, and at the end of the day I'm responsible for what happens on our platform. I'm serious about doing what it takes to protect our community. While this specific issue involving Cambridge Analytica should no longer happen with new apps today, that doesn't change what happened in the past. We will learn from this experience to secure our platform further and make our community safer for everyone going forward.

I want to thank all of you who continue to believe in our mission and work to build this community together. I know it takes longer to fix all these issues than we'd like, but I promise you we'll work through this and build a better service over the long term.

推荐阅读：

银行卡身份证不经同意就收集！200款移动金融APP六成不合规

网络安全法实施8个月全国执法盘点 新浪微博、腾讯被处最高罚款

消费者个人信息保护论坛：隐私保护和企业权利平衡需更多实践