Another day, another Facebook blunder, mishap or scandal – or so it’s felt since the Cambridge Analytica storyline kicked in mid-March.
But the nonstop headlines and incremental news hits make it easy to lose historical perspective.
(As a colleague recently noted with surprise, “Wait, the Cambridge Analytica news only came out five months ago? Feels like this has been going on for years.”)
Facebook is no stranger to privacy problems, advertising missteps and partner strife. In fact, Mark Zuckerberg found himself embroiled in a mini privacy scandal while he was still an undergrad (see below).
So, as the company licks its wounds after a bruising Q2 report – Facebook stock tumbled Wednesday after forecasting significant growth deceleration, thanks in part to its data and privacy woes – let’s take a step back from the barrage of daily headlines and take a stroll down memory lane.
2004: Facebook launches as a social network for college students from the ashes of Facemash, a hot-or-not site Zuckerberg created as a sophomore at Harvard. (Historical nugget: Facemash’s unauthorized use of photos led to Zuckerberg being accused of violating individuals’ privacy. Harvard nearly expelled him.)
2006: The news feed launches in early September, and around 1 million of its roughly 8 million users immediately create groups to protest the feature, which they called a violation of privacy. The outcry dies down. That same month, Facebook began opening its platform beyond students.
2007: Facebook announces its platform API, giving developers unprecedented access to the Facebook social graph. Facebook’s ill-fated beacon program rolls out later that year, enabling Facebook to track activity on third-party websites, even if someone is logged out, and publish the info as updates in the news feed. Users and privacy advocates balk, and Facebook quietly snuffs the feature in 2009.
2010: Facebook bans data aggregator RapLeaf for scraping personal identifiers. RapLeaf creeps out consumers in particular with its ability to suss out their political affiliation from behavioral data. One year after getting burned by Facebook, RapLeaf creates a data onboarding division – LiveRamp – which later sells to Acxiom for $310 million.
2011: Messenger launches as part of the core Facebook app. Facebook settles with the Federal Trade Commission over charges that it deceived users to get them to share more information. There is no fine, although Facebook agrees to undergo 20 years of consumer privacy audits, which, incidentally, fail to detect what Cambridge Analytica was up to.
2012: It’s a busy year: The first mobile-only ads launch in the news feed; Facebook acquires Instagram for $1 billion; Facebook’s RTB platform, FBX, hits the scene; and Facebook achieves 1 billion monthly active users.
2013: A bug exposes the private email address or phone number of 6 million users. A white-hat hacker discovers the hole through Facebook’s bug-bounty program.
2014: Facebook buys mobile messaging app WhatsApp for $16 billion. Facebook boots HasOffers and Kontagent from its mobile ad measurement partners program for holding onto data for too long and not notifying users about their data collection. A lack of clear communication between Facebook and the companies made the expulsion process more confusing than it had to be.
HasOffers later rebrands as Tune and keeps its business ticking along without access to Facebook. Kontagent’s road is far rockier. After a rebrand and a merger, the company bumps around before finally selling to digital media company RockYou in 2015.
2015: In April, Facebook shuts down its friends data API, which allowed app developers to access and mine their users’ friends’ data – for example, birthday, education and work history, likes history – without the friends’ knowledge. This is the API that academic researcher Aleksandr Kogan – one of the Cambridge Analytica story’s principal players – used to expand his data set from around 270,000 to upward of 87 million.
That autumn, the European Union’s Court of Justice invalidates the Safe Harbor agreement, which enabled data transfers between the EU and US, after Austrian lawyer and privacy firebrand Max Schrems brings a case against Facebook for sending his data to the US.
2016: Facebook shutters FBX and tweaks the news feed algorithm to penalize clickbait, and Zuck denies that fake news on Facebook influenced the 2016 US presidential election in any way, calling the notion “a pretty crazy idea.”
2017: Facebook blocks 470 fake accounts linked to the Internet Research Agency, which has connections to the Kremlin, and estimates roughly 126 million people were exposed to Russia-backed propaganda. Bowing to pressure from lawmakers and bad press (you ain’t seen nothing yet, Facebook), the platform promises to double its 10,000-person safety and security team by the end of 2018.
2018: Cambridge Analytica, ’nuff said.
March: Former Cambridge Analytica employee Christopher Wylie comes forward to claim that the company had improperly gathered data on 50 million Facebook users to create psychographic profiles and target political ads for Donald Trump’s 2016 presidential campaign. Kogan created the Facebook app that collected the data, which he then sold to Cambridge Analytica in circumvention of Facebook’s terms of service.
April: Congress hauls Zuck to DC for two days of light grilling on data misuse, hate speech, fake news and foreign election interference on Facebook. Despite inspiring the creation of a few new internet memes, he gets through the experience pretty much unscathed. His questioners come off looking like they don’t the difference between email and WhatsApp.
But Zuckerberg refuses to testify before the UK Parliament, despite repeated and peremptory demands to appear. He instead sends Facebook CTO Mark Schroepfer to sweat it out and answer questions from a far angrier and more tech-savvy group of politicians.
May: Zuck spends a hot minute in Brussels skating through testimony before a group of European politicians, most of whom didn’t get their questions answered. A few days later, Facebook intros its political advertising archive and updated transparency policies in the US. On May 25, the day the General Data Protection Regulation goes into effect in Europe, Schrems, not missing a beat, files the first cases under the new law against Facebook and Google over “forced consent.”
June: A privacy glitch affecting 14 million users posts private information publicly on Facebook, even if those users chose only to show posts to friends and family.
July: On July 2, Facebook submits a 747-page document to Congress with answers to hundreds of questions from lawmakers that Zuckerberg didn’t get to answer during his testimony in April.
A few days later, news reports ding Facebook for data sharing with Chinese companies, including Huawei and HTC.
Facebook suspends social listening platform Crimson Hexagon and its apps on July 20 pending an investigation over possible data privacy violations and for failing to disclose client contracts with government agencies and a Russian nonprofit with supposed ties to the Kremlin.
On July 26, Facebook warns investors during its Q2 earnings call that the gravy train is slowing, with revenue growth expected to decelerate by high single-digit percentages in the second half of the year. The stock immediately tumbles by more than 20%, shedding around $120 billion from its market cap in a single day.