Skip to main content

Here's How Facebook Plans to Clean Up Its Privacy Mess

In an effort to clean up privacy fiascos of the past year — and beyond — Facebook CEO Mark Zuckerberg has released a list of actions the social network plans to take to make its platform more secure in the future.

The social network has recently been under fire for its lax approach to consumer privacy and content regulation. It has drawn criticism for publicly displaying your phone number, sharing your private messages with third-party partners, compiling the data of non-Facebook users through Android apps, exposing private photos, scamming young gamers, suffering a data breach and, of course, allowing data-mining firm Cambridge Analytica to collect the personal information of 50 million users.

In the 3,000-word note, Zuckerberg outlines multiple steps Facebook plans to take to address user concerns and rebuild the trust of its community. 

MORE: Best Encrypted Messaging Apps

Zuckerberg predicts that "the future of communication will increasingly shift to private, encrypted services where people can be confident what they say to each other stays secure." Frequently referencing Facebook's WhatsApp, a platform notable for the security of its messaging system, Zuckerberg commits to four plans.

Private Interactions: Facebook plans to implement end-to-end encryption (a key feature of WhatsApp) to Facebook Messenger. Theoretically, this would prevent Facebook (as well as your internet provider) from reading your stored messages and from handing them over to authorities. (Facebook does, however, plan to store encryption keys for the near future, which WhatsApp does not do). Don't hold your breath on this one: Facebook plans to discuss its plan with experts "through 2019 and beyond" before taking action.

Data Storage: Zuckerberg writes that Facebook does not build data centers in countries with a record of privacy violations, making it more difficult for totalitarian governments to access that information. He also claims that WhatsApp's policy of not storing encryption keys will eventually extend to "other services," though he doesn't mention Facebook specifically.

Permanence: Your embarrassing college photos may not linger on your profile much longer. Zuckerberg proposes taking a similar approach to communications as Facebook has to Facebook's and Instagram's "Stories" feature, in which photos and videos expire after 24 hours (although they stick around in Facebook's system indefinitely). "Messages could be deleted after a month or a year by default," Zuckerberg hypothesizes, reassuring us that we'll be able to turn the feature off. In addition, he notes that Facebook "should" limit the amount of time it stores messaging metadata, but doesn't propose a detailed plan.

Interoperability. Facebook plans to centralize its three prominent brands (Facebook, Instagram and WhatsApp) into a single communication platform. This means you could send a message via Messenger, and a friend could receive that message with WhatsApp (this would, at some point, work with SMS as well). This won't necessarily improve the security of Facebook itself; Zuckerberg mainly highlights that it will reduce the need for people to hand out their phone numbers. However, it's a reasonable nod to user privacy concerns, especially since sending an SMS from WhatsApp could be the only way for Android users to encrypt their texts. 

These features won't roll out immediately, nor will they ever make Facebook a safe haven for your personal information. Social media services are, by nature, public forums, and it's unlikely any Zuckerberg plan could turn such a platform into an unambiguously safe and secure space. Even WhatsApp, a service with no public component, has its share of security struggles.

But Zuckerberg's statement does signal a promising new direction for Facebook, and is refreshing as a reassurance that, despite its profit incentives, the company finally seems to be prioritizing our privacy — at least until the next scandal.