- The real question right now is what is the right kind of data and technology regulation, not whether there should be regulation, said Facebook CEO Mark Zuckerberg at a joint committee hearing in Washington, D.C. on Tuesday. On GDPR, Facebook is committed to rolling out many of the controls and consent mechanisms required by the regulation worldwide and would do so regardless of regulatory outcome in the U.S., said Zuckerberg, who also expressed willingness to work with lawmakers on future data regulations.
- On Tuesday, Facebook also launched the Data Abuse Bounty program to reward reporting of data abuse by application developers. Rewards will be determined based on the impact of the reported misuse; in the past, bug reports have been rewarded by Facebook with sums as high as $40,000.
The Facebook CEO spent several hours answering questions from senators, ranging from the circumstances surrounding the Cambridge Analytica scandal and Facebook's data privacy policies to the ethics of advertising and international data regulations.
For the most part, Zuckerberg reinforced apologies and commitments to do better that he and other Facebook executives have been making for the last week. He repeatedly clarified his company's business model as it relates to targeted ads and harnessing user data but carefully refrained from committing his company to any new actions than what has already been announced.
GDPR, once a mysterious, unknown force on the horizon, was brought up by the nation's legislative leaders many times. With more American companies realizing the need to be compliant come May 25, many legislators are also paying attention, wondering why a European regulation is the new standard and if the U.S. should enforce its own.
Zuckerberg raised questions last week with the comments that Facebook is working on global data protection and privacy standards "in spirit" with GDPR. Zuckerberg may be willing to work with lawmakers to establish similar standards at home, but whether any resulting legislation would be as substantive as GDPR or merely symbolic is another case.
In the meantime, Facebook is only at the beginning of steps needed to recover from the Cambridge Analytica scandal.
The data bounty program is the latest effort to improve data practices, all of which together may still not be enough to curb the enthusiasm among politicians to pass regulation upon the industry. The social media company has made privacy tools more accessible for users, restricted app access to user data and established commissions to investigate electoral influence.