J1me 8, 2018 Chairman John Thune Ranking Member Bill Nelson US. Senate Committee on ommerce, Science, and Transportation 512 Dirksen Senate Building Washington, DC. 20510 Dear Chairman Thune, Ranking Member Nelson, and Members of the Committee: Thank you for your questions for the record from the April 10, 2018 Hearing titled acebook, Social Media Privacy, and the Use and Abuse of Data. Per your request, attached are the answers for the record for your questions. Please note that we received over 2,000 questions from the Senate and House ommittees before which we testi?ed on April 10 and 11, 2018. We appreciate the extra time you gave us to respond to these questions. We did our best to review and answer them in the available timeframe. We respectfully request an opportimity to supplement or amend our responses if needed. Sincerely, Facebook, Inc. Address: 1601 Willow Road Menlo Park, CA 94025 facebook IMPORTANT -- PLEASE READ DO NOT DETACH United States Senate Committee on Commerce, Science, and Transportation Washington, D.C. 20510-6125 __________ MEMORANDUM Date of Hearing: April 10, 2018 Hearing: Facebook, Social Media Privacy, and the Use and Abuse of Data Thank you for your recent testimony before the Senate Committee on Commerce, Science, and Transportation. The testimony you provided was greatly appreciated. Attached are post-hearing questions pertaining to the above-mentioned hearing. As a courtesy, please submit a single document consolidating the posed questions followed by your answers for insertion in the printed hearing record. Your responses can be e-mailed to Should the committee not receive your response within the time frame mentioned below or if the committee staffer assigned to the hearing is not notified of any delay, the committee reserves the right to print the posed questions in the formal hearing record noting your response was not received at the time the record was published. Committee staffer assigned to the hearing: Phone: Date material should be returned: May 9, 2018. Thank you for your assistance and, again, thank you for your testimony. Questions from Chairman Thune Question 1. In its April 2, 2018, response to the letter Sen. Wicker, Sen. Moran, and I sent you on March 19, 2018, Facebook committed to investigating all apps that potentially had access to the same type of data as Cambridge Analytica to identify other misuses of such data. Will you commit to having Facebook brief Commerce Committee staff on a periodic basis regarding the progress of these investigations and any future developments in Facebook’s efforts to combat data misuse more generally? We are in the process of investigating every app that had access to a large amount of information before we changed our Platform in 2014. The investigation process is in full swing, and it has two phases. First, a comprehensive review to identify every app that had access to this amount of Facebook data and to focus on apps that present reason for deeper investigation. And second, where we have concerns, we will conduct interviews, make requests for information (RFI)—which ask a series of detailed questions about the app and the data it has access to—and perform audits using expert firms that may include on-site inspections. We have large teams of internal and external experts working hard to investigate these apps as quickly as possible. To date thousands of apps have been investigated and around 200 apps have been suspended— pending a thorough investigation into whether they did in fact misuse any data. Where we find evidence that these or other apps did misuse data, we will ban them and let people know. These apps relate to a handful of developers: Kogan, AIQ, Cube You, the Cambridge Psychometrics Center, and myPersonality, with many of the suspended apps being affiliated with the same entity. Many of these suspensions include apps that appear to be “test” apps that were never released to the public, and therefore would not have acquired significant user data, although our investigation into these apps is ongoing. Additionally, we have suspended an additional 14 apps, which were installed by around one thousand people. They were all created after 2014, after we made changes to more tightly restrict our platform APIs to prevent abuse. However, these apps appear to be linked to AIQ, which was affiliated with Cambridge Analytica. So, we have suspended them while we investigate further. Any app that refuses to take part in or fails our audit will be banned. We will commit to briefing your staff on future developments. Question 2. Mr. Zuckerberg, as you know, Sen. Wicker, Sen. Moran, and I sent a letter to you on March 19th, requesting answers to several questions regarding Facebook’s privacy practices. Facebook’s general counsel sent a response letter on April 2nd that did not adequately answer some of the questions posed, saying that Facebook’s review of the matter is ongoing. Will you commit to providing additional answers to our questions in writing in a timely manner as you learn more? We responded to your questions to the best of our ability based on accessible data and information. Should additional or revised information related to the questions come to light, we respectfully request an opportunity to supplement or amend our response as needed. Question 3. Mr. Zuckerberg, at the hearing you responded to over 20 questions from a number of Senators by saying that you would have to follow up at a later date. As you compile the promised information, please provide all such responses to these questions to Commerce Committee staff in addition to the Senator who posed the question. 2 Today we are submitting responses to the questions posed at the hearing requiring follow-up. Question 4. Mr. Zuckerberg, given the concerns raised by a number of Senators that Facebook’s user agreement is too opaque to give users a real understanding of how their data may be used and how they can control their data privacy, do you intend to make any changes to the user agreement? If so, please summarize those changes and why you believe they will make the agreement more easily understood. We believe that it’s important to communicate with people about the information that we collect and how people can control it. This is why we work hard to provide this information to people in a variety of ways: in our Data Policy, and in Privacy Basics, which provides walkthroughs of the most common privacy questions we receive. Beyond simply disclosing our practices, we also think it’s important to give people access to their own information, which we do through our Download Your Information and Access Your Information tools, Activity Log, and Ad Preferences, all of which are accessible through our Privacy Shortcuts tool. We also provide information about these topics as people are using the Facebook service itself. While “up front” information like that contained in the terms of service are useful, research overwhelmingly demonstrates that in-product controls and education are the most meaningful to people and the most likely to be read and understood. On-demand controls are also important, and we recently redesigned our entire settings menu on mobile devices from top to bottom to make things easier to find. We also created a new Privacy Shortcuts, a menu where users can control their data in just a few taps, with clearer explanations of how our controls work. The experience is now clearer, more visual, and easy-to-find. Improving people’s understanding of how digital services work is an industry-wide challenge that we are highly committed to addressing. That’s why, over the last 18 months, we’ve run a global series of design workshops called “Design Jams,” bringing together experts in design, privacy, law, and computer science to work collaboratively on new and innovative approaches. These workshops have run in Paris, London, Dublin, Berlin, Sao Paolo, Hong Kong, and other cities, and included global regulators and policymakers. At these workshops, expert teams use “people centric design” methods to create innovative new design prototypes and experiences to improve transparency and education in digital services. These workshops inform Facebook’s constantly-improving approach. In recognition of the need for improved approaches to data transparency across all digital services, working with partners from academia, design, and industry we recently launched TTC Labs, a design innovation lab that seeks to improve user experiences around personal data. TTC Labs is an open platform for sharing and innovation and contains insights from leading experts in academia, design and law, in addition to prototype designs from the Design Jams, template services and open-source toolkits for people-centric design for transparency, trust and control of data. Working collaboratively, and based on open-source approaches, TTC Labs seeks to pioneer new and more people-centric best practices for people to understand how their data is used by digital services, in ways that they find easy to understand and control. Facebook is highly committed to improving people’s experience of its own services as well as investing in new innovations and approaches to support improvements across the industry. 3 Question 5. Mr. Zuckerberg, in the weeks since the revelations regarding Cambridge Analytica, the Committee has become aware that Facebook has surveyed users about whether they trust the company to safeguard their privacy. Please provide the Commerce Committee with the results of any such survey. Privacy is at the core of everything we do, and our approach to privacy starts with our commitment to transparency and control. Our threefold approach to transparency includes, first, whenever possible, providing information on the data we collect and use and how people can control it in context and in our products. Second, we provide information about how we collect and use data in our user agreements and related educational materials. And third, we enable people to learn more about the specific data we have about them through interactive tools such as Download Your Information, which lets people download a file containing data that they may want to take to another service, and Access Your Information, a tool we are launching that will let people more easily access and manage their data on Facebook. Our approach to control is based on the belief that people should be able to choose who can see what they share and how their data shapes their experience on Facebook. People can control the audience for their posts and the apps that can receive their data. They can see and delete the history of their activities on Facebook, and, if they no longer want to use Facebook, they can delete their account and the data associated with it. Of course, we recognize that controls are only useful if people know how to find and use them. That is why we continuously deliver in-product educational videos in people’s News Feeds on important privacy topics. We are also inviting people to take our Privacy Checkup—which prompts people to review key data controls—and we are sharing privacy tips in education campaigns off of Facebook, including through ads on other websites. To make our privacy controls easier to find, we are launching a new settings menu that features core privacy settings in a single place. We are always working to help people understand and control how their data shapes their experience on Facebook. Question 6. Mr. Zuckerberg, when did you personally become aware of Cambridge Analytica’s breach of your policies in 2014-2015, and when did you personally become aware that Cambridge Analytica had not in fact deleted the data they obtained despite certifying otherwise? On December 11, 2015, The Guardian published an article reporting that Kogan and his company, GSR, may have passed information the app had obtained from Facebook users to SCL Elections Ltd. (SCL)/Cambridge Analytica. As part of its investigation, Facebook contacted Kogan and Cambridge Analytica to investigate the allegations reflected in the reporting. Thereafter, Facebook obtained written certifications or confirmations from Kogan, GSR, and other third parties (including Cambridge Analytica and SCL) declaring that all such data they had obtained was accounted for and destroyed. In March 2018, Facebook received information from the media suggesting that the certification we received from SCL may not have been accurate and immediately banned SCL Group and Cambridge Analytica from purchasing advertising on our platform. Since then, Facebook has been actively investigating the issue, including pursuing a forensic audit of Cambridge Analytica, which is currently paused at the request of the UK Information Commissioner’s Office (which is separately investigating Cambridge Analytica). 4 Mr. Zuckerberg did not become aware of allegations that Cambridge Analytica may not have deleted data about Facebook users obtained from Kogan’s app until March of 2018, when these issues were raised in the media. Question 7. On April 24, 2018, Facebook announced that it would institute an appeals process for posts that Facebook removes for violating its community standards. This process will initially only be available for posts that were removed for nudity/sexual activity, hate speech, or graphic violence. Why did Facebook decide to launch its appeals process for these categories? Prior to this new appeals process, did Facebook users have any recourse if their post was removed? Prior to April 24, 2018, appeals generally were only available to people whose profiles, Pages, or Groups had been taken down, but we had not yet been able to implement an appeals process at the content level. On April 24, we announced the launch of appeals for content that was removed for nudity/sexual activity, hate speech, and graphic violence. We focused on starting with these content violations initially based on feedback from our community. We are working to extend this process further, by: supporting more violation types; giving people the opportunity to provide more context that could help us make the right decision; and making appeals available not just for content that was taken down, but also for content that was reported and left up. Question 8. In your testimony, you discussed two typical business models employed by social media companies to make content available to users: an advertising-supported model and a subscription-based model. If Facebook were to shift from an advertising model to a subscription model, how much would consumers expect to pay in order to access Facebook content? Would you ever consider making such a shift? If not, why not? Like many other free online services, we sell advertising space to third parties. Doing so enables us to offer our services to consumers for free. This is part of our mission to give people the power to build community and bring the world closer together. Question 9. According to your testimony, Facebook has found that, while some users don’t like advertisements, “people really don’t like ads that aren’t relevant” and the “overwhelming feedback we get from our community is that people would rather have us show relevant content.” Can you elaborate on your basis for these statements about user preferences? Part of Facebook’s goal is to deliver the right content to the right people at the right time. This is just as true of posts and other content in users’ News Feeds as it is for ads in their News Feed. And to choose the right ads Facebook listens to what feedback users provide. Users frequently provide feedback about what ads they want to see and don’t want to see; they interact with ads positively (clicks, likes, comments, or shares) and negatively (by hiding the ad). Facebook takes all of this into consideration when selecting ads for its users. In conjunction with this user feedback, Facebook has been working to better understand people’s concerns with online ads. For example, Facebook has conducted multi-method, multimarket research surrounding ad blocking and personalization expectations among consumers. 5 And the take away from this has been that people don’t like to see ads that are irrelevant to them or that disrupt or break their experience. Furthermore, people like to have control over the kinds of ads they see. For these reasons, Facebook seeks to provide users more relevant ads, as well as the tools to improve their control over which ads they see. Question 10. You stated that “there is some discomfort … with using information in making ads more relevant.” Why do you believe Facebook users feel this discomfort? Do you believe users would feel more comfortable if they had a clearer understanding of the relationship between their information, the relevance of the advertisements they are served, and Facebook’s ability to offer content without charging subscription fees? We maintain our commitment to privacy by not telling advertisers who users are or selling people’s information to anyone. That has always been true. We think relevant advertising and privacy are not in conflict, and we’re committed to doing both well. We believe targeted advertising creates value for people and advertisers who use Facebook. Being able to target ads to the people most likely to be interested in the products, service or causes being advertised enables businesses and other organizations to run effective campaigns at reasonable prices. This efficiency has particularly benefited small businesses, which make up the vast majority of the six million active advertisers on Facebook. That said, we are keenly aware of the concerns about the potential of our tools to be abused. That is why we are investing heavily in improving the security and integrity of our platform. Separately, our core service involves personalizing all content, features and recommendations that people see on Facebook services. No two people have the same experience on Facebook or Instagram, and they come to our services because they expect everything they see to be relevant to them. If we were not able to personalize or select ads or other content based on relevance, this would fundamentally change the service we offer on Facebook—and it would no longer be Facebook. We do not have a “business reason” to compromise the personal data of users; we have a business reason to protect that information. Our mission is to build community and bring the world closer together, but it is not enough to just connect people, we have to make sure those connections are positive. If people’s experiences are not positive—if we fail to maintain their trust—they will not use our services. Question 11. Mr. Zuckerberg, how does Facebook determine whether and for how long to store user data or delete user data? In general, when a user deletes their account, we delete things they have posted, such as their photos and status updates, and they won’t be able to recover that information later. (Information that others have shared about them isn’t part of their account and won’t be deleted.) There are some limited exceptions to these policies: For instance, information can be accessed and preserved for an extended period when it is the subject of a legal request or obligation, governmental investigation, or investigations of possible violations of our terms or policies, or otherwise to prevent harm. We also retain information from accounts disabled for terms violations for at least a year to prevent repeat abuse or other term violations. 6 Question 12. Mr. Zuckerberg, you have discussed how a Facebook user can learn what data Facebook has collected about him or her. How can a non-user learn what data, if any, Facebook has collected about him or her? If a person doesn’t have a Facebook account but believes Facebook may have information about them, they can contact us to request a copy of their information. A contact form is available at https://www.facebook.com/help/contact/180237885820953. However, Facebook does not create profiles about or track web or app browser behavior of non-users. Question 13. Does Facebook continue to track users who have turned off personalized ads? If so, why? Provide a list of uses Facebook makes of the data of users who have disabled personalized ads. When people visit apps or websites that feature our technologies—like the Facebook Like or Comment button—our servers automatically log (i) standard browser or app records of the fact that a particular device or user visited the website or app (this connection to Facebook’s servers occurs automatically when a person visits a website or app that contains our technologies, such as a Like button, and is an inherent function of Internet design); and (ii) any additional information the publisher of the app or website chooses to share with Facebook about the person’s activities on that site (such as the fact that a purchase was made on the site). This is a standard feature of the Internet, and most websites and apps share this same information with multiple different third-parties whenever people visit their website or app. For example, the Senate Commerce Committee’s website shares information with Google and its affiliate DoubleClick and with the analytics company Webtrends. This means that, when a person visits the Committee’s website, it sends browser information about the visit to each one of those third parties. More information about how this works is available at https://newsroom.fb.com/news/2018/04/data-off-facebook/. Question 14. Is Facebook’s use of a user’s data on the Facebook platform for targeted advertising a condition of using Facebook? Users can’t opt out of seeing ads altogether because selling ads is what keeps Facebook free, but they do have different options to control how their data can and can’t be used to show them ads. They’re all found in ad preferences, which allows users to turn off the use of all data collected from partners off Facebook to target ads. Users can also decide which of their profile fields they want used for ad targeting in the Information section under “About you.” Users can remove themselves from interests under “Your interests” and categories under “Your categories.” Question 15. Mr. Zuckerberg, on March 25, you took out several full-page ads in newspapers around the world in which you stated: “We’re also investigating every single app that had access to large amounts of data before we fixed this,” referring to your 2014 policy changes. You went on to say, “We expect there are others. And when we find them, we will ban them and tell everyone affected.” How many other offending apps have you found so far? You mentioned, when you find offending apps, you will be notifying users. Please also provide a list of these apps to Congress. See Response to Question 1. 7 Question 16. Mr. Zuckerberg, as you may know, Carol Davidsen, who in 2012 served as the Obama campaign’s director of data integration and media analytics, reportedly asserted that Facebook allowed the campaign to access users’ personal data “because they were on our side.” Did Facebook give preferential treatment to the Obama campaign with respect to data access in 2012? With respect to data access, did Facebook discriminate between the presidential campaigns in 2016? Both the Obama and Romney campaigns had access to the same tools, and no campaign received any special treatment from Facebook. Likewise, we offered identical support to both the Trump and Clinton campaigns, and had teams assigned to both. Everyone had access to the same tools, which are the same tools that every campaign is offered. Question 17. Since 2011, Facebook has been operating under a consent order issued by the Federal Trade Commission following agency charges that Facebook had deceived consumers by failing to keep privacy promises to them. You have indicated that—without prejudging the FTC’s decision to investigate the Cambridge Analytica incident—you do not believe the consent order is implicated in the current matter. Please explain why. We furnished extensive information to the FTC regarding the ability for users to port their Facebook data (including friends data that had been shared with them) with apps on Facebook’s platform, as part of the FTC’s investigation culminating in the July 27, 2012 Consent Order. The Consent Order memorializes the agreement between Facebook and the FTC and did not require Facebook to turn off the ability for people to port friends data that had been shared with them on Facebook to apps they used. Facebook voluntarily changed this feature of the Platform in 2014, however. Among other things, the consent order obligates Facebook not to misrepresent the extent to which it maintains the privacy or security of covered information (Section I), not to materially exceed the restrictions of a privacy setting that applies to nonpublic user information without affirmative express consent (Section II), and to implement a comprehensive privacy program that is subjected to ongoing review by an independent assessor (Sections IV and V). Facebook accurately represented the operation of its developer Platform and the circumstances under which people could share data (including friends data) with developers, honored the restrictions of all privacy settings that covered developer access to data, and implemented a comprehensive privacy program build on industry-leading controls and principles, which has undergone ongoing review by an independent assessor approved by the FTC. Question 18. Initial media reports stated that 50 million Facebook users were impacted by the Cambridge Analytica incident, Facebook later reported that 87 million users were impacted. How did Facebook arrive at this number, and can we expect this number to rise? Facebook users shared some data associated with approximately 87 million users with Kogan’s app, consisting of people who installed the app and the friends of those users whose settings permitted their data to be shared by their friends with apps. Facebook does not know how many of these users actually had data shared by Kogan with Cambridge Analytica, so this is a highly conservative estimate of the maximum number of users who could have been impacted. Several additional caveats apply to this figure: 8 • First, this figure does not include users who installed the app but have since deleted their Facebook account (since Facebook no longer has that information). • Second, Facebook’s counts of potentially affected friends of installers of the app are likely substantially higher than the “true” number of affected friends, because (a) the counts include any friend of any installer of the app during any time between when the app first became active on the Platform in November 2013 and when the app’s access to friends data was limited in May 2015, even though the friend may not have been a friend when the app was actually installed by a relevant user; (b) the counts include any friend of any installer even if they changed their privacy settings during the relevant period to disallow sharing with apps installed by their friends (due to limited historical information about when or how users updated their settings), such that some of their data may not have been shared with the app; and (c) Facebook’s counts include anyone who installed the app during its existence on Facebook’s Platform, even if they installed the app at a time when its access to user data, including data from friends of installers, was more limited (due to limited historical information about when individual users installed the app). In addition, it is worth noting that the existing evidence that we are able to access supports the conclusion that Kogan only provided SCL with data on Facebook users from the United States. While the accounts of Kogan and SCL conflict in some minor respects not relevant to this question, both have consistently maintained that Kogan never provided SCL with any data for Facebook users outside the United States. These consistent statements are supported by a publicly released contract between Kogan’s company and SCL. Question 19. Having discovered the improper data transfer to Cambridge Analytica in 2015, why did Facebook wait until 2018 to investigate or audit the data transfer to determine its full scope, including the type of data improperly transferred? Facebook obtained written certifications from Kogan, GSR, and other third parties (including Cambridge Analytica and SCL) declaring that all data they had obtained, and any derivatives, was accounted for and destroyed. Based on recent allegations, we have reopened our investigation into the veracity of these certifications and have hired a forensic auditor to conduct a forensic audit of Cambridge Analytica’s systems. We are currently paused on the audit at the request of the UK Information Commissioner’s Office request, which is conducting a regulatory investigation into Cambridge Analytica (based in the UK), and we hope to move forward with that audit soon. Facebook banned Cambridge Analytica from our service. We understand that the company is now defunct. Question 20. Mr. Zuckerberg, as you know, the Commerce Committee has been seeking to find a bipartisan path forward on net neutrality legislation. I believe bipartisan legislation is the best way to protect net neutrality and stop the partisan back-and-forth at the Federal Communications Commission over this issue. Will you commit to working with Congress to develop a bipartisan legislative solution to the issue of net neutrality? Keeping the internet open for everyone is crucial. Not only does it promote innovation, but it lets people access information that can change their lives and gives voice to those who 9 might not otherwise be heard. For these reasons, Facebook supports net neutrality and is open to working with members of Congress and anyone else on a solution that will preserve strong net neutrality protections. 10 Questions from Senator Wicker Question 1. Mr. Zuckerberg, during the hearing you confirmed that Facebook collects the call and text histories of its users that use Android phones. You also stated that Facebook only collects call and text histories if a consumer opts-in to this Facebook service. Does Facebook collect the call and text history information of minors (13 to 17 years of age) that have Android phones and opt-in to this service? If yes, does Facebook require parental consent for minors to be able to opt-in to this service? How and in what manner does Facebook disclose to its users that it is collecting the call and text history information of those that opt-in to this service? Call and text history logging is part of an opt-in feature that lets people import contact information to help them connect with people they know on Facebook and Messenger. We introduced the call and text history component of this feature for Android users several years ago, and currently offer it in Messenger and Facebook Lite, a lightweight version of Facebook, on Android. Contact importers are fairly common among social apps and serve as a way to more easily find the people users want to connect with. They help users find and stay connected with the people they care about and provide them with a better experience across Facebook. Before we receive call and text history from people, they specifically grant us permission to access this data on their device and separately agree to use the feature. If, at any time, they no longer wish to use this feature they can turn it off, and all previously shared call and text history shared via that app is deleted. People can also access information they previously imported through the Download Your Information tool. We’ve reviewed this feature to confirm that Facebook does not collect the content of messages—and will delete all logs older than one year. In the future, people will only upload to our servers the information needed to offer this feature—not broader data such as the time of calls. We do allow people from 13 to 17 to opt into this service. However, we do take other steps to protect teens on Facebook and Messenger: • We provide education before allowing teens to post publicly. • We don’t show search results based on specific profile data (high school, birthday/age, and hometown, or current city) of teens to unconnected adults when the adults search on Facebook. • Unconnected adults can’t message minors who are 13-17. • We have age limits for advertisements. For example, ads for dating sites, financial services and other products or services are gated to users under 18. We’ve also helped many teenagers with information about bullying prevention campaigns and online safety tips, including creating a new website full of privacy and safety resources for teens: https://www.facebook.com/safety/youth 11 Question 2. Is the data Facebook collects from call and text histories of its users that have Android phones used for targeted advertising purposes? No, Facebook does not use SMS history to target interest-based ads. Instead, call and text history logging is part of an opt-in feature for people using Messenger or Facebook Lite on Android. This helps Facebook users find and stay connected with the people they care about and provides them with a better experience across Facebook. This feature does not collect the content of users’ calls or text messages. Question 3. When a user uploads his or her contact list, Facebook collects the phone numbers of the user’s contacts. Please provide all details regarding what Facebook does with the phone numbers of the users’ contacts, including with whom Facebook shares those numbers, whether Facebook creates or updates profiles that associate these numbers with people’s names, and how long Facebook stores those numbers. Facebook allows people to upload, sync, and import their contacts, typically using permissions that are enabled by major operating systems like Apple’s iOS and Google Android. When people use the contact upload tool, they see prompts explaining what data will be collected: 12 We use this information that people choose to share for a variety of purposes, including to provide, personalize, and improve our products; provide measurement, analytics, and other business services; promote safety and security; to communicate with people who use our services; and to research and innovate to promote the social good. We provide more information in our Data Policy about these uses as well. People can view and manage their contact uploads using our Contacts Uploading tools, available at https://www.facebook.com/help/355489824655936. Question 4. There have been reports that Facebook can track a user’s internet-browsing activity even after the user has logged off of the Facebook platform. Can you confirm whether or not this is true? If yes, how does Facebook disclose to its users that it is engaging in this type of tracking or data collection activity when a user has logged off of the Facebook platform? When people visit apps or websites that feature our technologies—like the Facebook Like or Comment button—our servers automatically log (i) standard browser or app records of the fact that a particular device or user visited the website or app (this connection to Facebook’s servers occurs automatically when a person visits a website or app that contains our technologies, such as a Like button, and is an inherent function of Internet design); and (ii) any additional information the publisher of the app or website chooses to share with Facebook about the person’s activities on that site (such as the fact that a purchase was made on the site). This is 13 a standard feature of the Internet, and most websites and apps share this same information with multiple different third-parties whenever people visit their website or app. For example, the Senate Commerce Committee’s website shares information with Google and its affiliate DoubleClick and with the analytics company Webtrends. This means that, when a person visits the Committee’s website, it sends browser information about their visit to each one of those third parties. More information about how this works is available at https://newsroom.fb.com/news/2018/04/data-off-facebook/. When the person visiting a website featuring Facebook’s tools is not a registered Facebook user, Facebook does not have information identifying that individual, and it does not create profiles for that individual. We use the browser and app logs that apps and websites send to us—described above—in the following ways for non-Facebook users. First, these logs are critical to protecting the security of Facebook and to detecting or preventing fake account access. For example, if a browser has visited hundreds of sites in the last five minutes, that’s a sign the device might be a bot, which would be an important signal of a potentially inauthentic account if that browser then attempted to register for an account. Second, we aggregate those logs to provide summaries and insights to websites and apps about how many people visit or use their product, or use specific features like our Like button—but without providing any information about a specific person. We do not create profiles for non-Facebook users, nor do we use browser and app logs for non-Facebook users to show targeted ads from our advertisers to them or otherwise seek to personalize the content they see. However, we may take the opportunity to show a general ad that is unrelated to the attributes of the person or an ad encouraging the non-user to sign up for Facebook. When the individual is a Facebook user, we are also able to use this information to personalize their experiences on Facebook, whether or not they are logged out, but we will not target ads to users relying on this information unless the user allows this in their privacy settings. We do not sell or share this information with third-parties. Question 5. Mr. Zuckerberg, if a user deletes his or her Facebook account, does Facebook still track that person on non-Facebook websites and applications? Facebook does not create profiles or track website visits for people without a Facebook account. See Response to Question 4. Question 6. Mr. Zuckerberg, you asserted in the hearing that “the expectations that people have” regarding use of data by ISPs are somewhat different than for edge platforms like yours. In fact, a survey by Peter D. Hart showed that 94% of consumers want their online data to be subject to a consistent level of privacy protection across the Internet and that ISPs and edge providers should be treated alike. Do you have any consumer survey data or empirical evidence to support your assertion that consumers expect or want different privacy protections for ISPs? If so, please provide the consumer survey data or empirical evidence that supports your assertion. We believe that everyone should enjoy strong privacy protections, but we also realize that people have different expectations based on the context in which their information is provided. For instance, a person who orders shoes from a mail-order catalog would expect the retailer to know what is in the box that he is being sent. But the customer would not expect the post office 14 to know what he or she has purchased just because it is delivering the box. Because of this difference in expectations, the post office may need to do more to inform people if it intends to inspect packages it delivers and to give people control if it intends to use the information it learns in other ways. Consistent with this difference, experts have observed, “The context in which broadband customers share private information with [Internet service] providers is specific and accompanied by cabined expectations: the customers share the information with [Internet service] providers to facilitate provision of a service for which they have contracted. The information is therefore most appropriately thought of as a loan to, rather than transferred to, broadband providers.”1 In contrast, a group of leading academic experts led by Prof. Nick Feamster of Princeton University observed that people may have access to only one or a few ISPs and simply expect those ISPs to deliver their communications. Such a person has no choice about whether to send his or her traffic over an ISP’s network, whereas a “user may simply elect not to provide certain personal information or data to a social network, or even to not use the social network at all.”2 Other experts have observed that edge providers’ collection of information is generally more expected because it is related to the services those companies provide.3 In our own services, Facebook needs to have a different understanding of a person’s data than an ISP would. For instance, when someone adds information to their profile or likes a Page on Facebook, we must have access to that information in order to display it and use it to personalize that person’s experience. People would not necessarily anticipate that other companies would have access to that information, which is why we do not sell people’s information to advertisers and are increasing our efforts to guard against misuse of people’s Facebook information by third parties. It is also why we provide people with the ability to turn off advertising based on the apps and websites they use outside of our service, and we are investing in enhanced transparency and control around this through our recent announcement of a new tool, Clear History, that we are building. Although we have not reviewed the detailed survey by Mr. Hart to which the question refers, we understand that it focused on a different question than Mr. Zuckerberg’s testimony. Specifically, Mr. Hart’s survey asked people whether they believe that information should be subject to protection; this is different from asking whether people have different expectations about what information Facebook will receive when they put information on their Facebook profile, as compared to what information their Internet service provider will receive when they take the same action. 1 Comments of New America Foundation, FCC 16-39, at 7. Comments of Nick Feamster, et al., FCC 16-39, at 3. 3 Paul R. Gaus, Only the Good Regulations Die Young: Recognizing the Consumer Benefits of the FCC’s NowDefunct Privacy Regulations, 18 Minn. J. Law, Sci. & Tech. 713 (2017) (“Defining the internet consumer seems like a facile task, but it must incorporate how the person uses digital devices to connect to the internet and use content. In the context of ISPs, the digital consumer conforms to a traditional definition in that the consumer purchases ISP services to access the internet. In the space of edge providers, the digital consumer engages in traditional retail, watches content, interacts with others via social media, and performs a plethora of other activities that provide a telling summary about a person’s life.”). 2 15 Questions from Senator Blunt Question 1. Does Facebook collect user data through cross-device tracking, and does this include off-line data (offline data defined as that which is not directly contributed by a user through usage of features of the Facebook app)? Yes, Facebook’s Data Policy specifically discloses that we associate information across different devices that people use to provide a consistent experience wherever they use Facebook. Facebook’s services inherently operate on a cross-device basis: understanding when people use our services across multiple devices helps us provide the same personalized experience wherever people use Facebook—for example, to ensure that people’s News Feeds or profiles contains the same content whether they access our services on their mobile phone or in a desktop computer’s web browser. In support of those and other purposes, we collect information from and about the computers, phones, connected TVs and other web-connected devices our users use that integrate with our Products, and we combine this information across a user’s different devices. For example, we use information collected about a person’s use of our Products on their phone to better personalize the content (including ads) or features they see when they use our Products on another device, such as their laptop or tablet, or to measure whether they took an action in response to an ad we showed them on their phone or on a different device. Information we obtain from these devices includes: • Device attributes: information such as the operating system, hardware and software versions, battery level, signal strength, available storage space, browser type, app and file names and types, and plugins. • Device operations: information about operations and behaviors performed on the device, such as whether a window is foregrounded or backgrounded, or mouse movements (which can help distinguish humans from bots). • Identifiers: unique identifiers, device IDs, and other identifiers, such as from games, apps or accounts people use, and Family Device IDs (or other identifiers unique to Facebook Company Products associated with the same device or account). • Device signals: Bluetooth signals, and information about nearby Wi-Fi access points, beacons, and cell towers. • Data from device settings: information a user allows us to receive through device settings they turn on, such as access to their GPS location, camera, or photos. • Network and connections: information such as the name of a user’s mobile operator or ISP, language, time zone, mobile phone number, IP address, connection speed and, in some cases, information about other devices that are nearby or on their network, so we can do things like help them stream a video from their phone to their TV. 16 • Cookie data: data from cookies stored on a user’s device, including cookie IDs and settings. More information is available at https://www.facebook.com/policies/cookies/ and https://help.instagram.com/1896641480634370?ref=ig. Advertisers, app developers, and publishers can send us information through Facebook Business Tools they use, including our social plug-ins (such as the Like button), Facebook Login, our APIs and SDKs, or the Facebook pixel. These partners provide information about a person’s activities off Facebook—including information about their device, websites they visit, purchases they make, the ads they see, and how they use their services—whether or not they have a Facebook account or are logged into Facebook. For example, a game developer could use our API to tell us what games a person plays, or a business could tell us about a purchase a person made in its store. We also receive information about a person’s online and offline actions and purchases from third-party data providers who have the rights to provide us with that person’s information. We use the information we have to deliver our Products, including to personalize features and content (including a person’s News Feed, Instagram Feed, Instagram Stories, and ads) and make suggestions for a user (such as groups or events they may be interested in or topics they may want to follow) on and off our Products. To create personalized Products that are unique and relevant to them, we use their connections, preferences, interests and activities based on the data we collect and learn from them and others (including any data with special protections they choose to provide); how they use and interact with our Products; and the people, places, or things they’re connected to and interested in on and off our Products. For example, if people have shared their device locations with Facebook or checked into a specific restaurant, we can show them ads from an advertiser that wants to promote its services in their area or from the restaurant. We use location-related information-such as a person’s current location, where they live, the places they like to go, and the businesses and people they’re near-to provide, personalize and improve our Products, including ads, for them and others. Location-related information can be based on things like precise device location (if a user has allowed us to collect it), IP addresses, and information from their and others’ use of Facebook Products (such as check-ins or events they attend). We store data until it is no longer necessary to provide our services and Facebook Products, or until a person’s account is deleted—whichever comes first. This is a case-by-case determination that depends on things like the nature of the data, why it is collected and processed, and relevant legal or operational retention needs. We provide advertisers with reports about the kinds of people seeing their ads and how their ads are performing, but we don’t share information that personally identifies someone (information such as a person’s name or email address that by itself can be used to contact them or identifies who they are) unless they give us permission. For example, we provide general demographic and interest information to advertisers (for example, that an ad was seen by a woman between the ages of 25 and 34 who lives in Madrid and likes software engineering) to help them better understand their audience. We also confirm which Facebook ads led users to make a purchase or take an action with an advertiser. Question 2. Cross-device data collection allows for data and user profile meshing that the average users are likely not cognizant of. Last year, the Federal Trade Commission flagged 17 cross-device tracking as a possible concern, due to the fact that most companies do not explicitly discuss cross-device tracking in their privacy policies. Does Facebook disclose its collection methods across each applicable device, and if so, do you offer your users choices about how cross-device activity is tracked? See Response to Question 1. Question 3. Are users required to resubmit their permissions for each separate device that utilizes the Facebook app, or are user permissions blanketed across devices? Mobile operating systems like Google’s Android and Apple’s iOS have device-specific access controls implemented at the operating system level. Question 4. Facebook has been criticized for previous versions of its mobile application on Android devices, and the manner in which permissions were bundled without the ability to grant or deny each permission individually. I understand that Facebook and Android have updated their platforms, allowing more latitude for users to review permissions individually. What is the technical and commercial purpose of bundling permissions? Android and other operating systems (like Apple’s iOS) control the way device permissions work. Facebook can’t, for example, request permissions in a way that’s not permitted on an Android device. Accordingly, where permitted by the operating system, we generally ask for permission in-context—for example, requesting access to a device’s camera roll when someone uses a feature that requires it. But for other permissions, on the Android operating system, we must list all of the permissions that various features might require at the point when a person installs the app, even if we do not intend to use those permissions until those features are accessed. On our website, we explain more about permissions that we request and provide examples of how they are used. You can find this information at https://www.facebook.com/help/210676372433246. Question 5. How does your company prioritize transparency and choice for users in the way that it collects and aggregates user data? Our approach to transparency is threefold. First, we provide information about the data we collect and use and how people can control it in context as people use Facebook. Research overwhelmingly demonstrates that inproduct controls and education are the most meaningful to people and the most likely to be read and understood. Second, we provide information about how we collect and use data in our user agreements and related educational materials. These materials include our Data Policy, which we updated recently to make it more detailed and easier to understand, and Privacy Basics, a series of short, interactive guides that answer some of the most common questions we receive about privacy. 18 Third, we enable people to learn more about the data we collect through interactive tools such as Download Your Information, which lets people download a file containing data that they may want to take to another service, and Access Your Information, a tool we’ve launched for people to more easily access and manage their data on Facebook. Our approach to control is based on the belief that people should be able to choose who can see what they share and how their data shapes their experience on Facebook and should have control over all data collection and uses that are not necessary to provide and secure our service. People can control the audience for their posts and the apps that can receive their data. They can control the people, Pages, Groups, and Events they connect to, and how they see content from those connections in their News Feeds. They can provide feedback on every post they see on Facebook—feedback, for example, that they want to see less of a particular kind of post or fewer posts from a particular person or Page. They can see and delete the history of their activities on Facebook, and, if they no longer want to use Facebook, they can delete their account and the data associated with it. We recognize, however, that controls are only useful if people know how to find and use them. That is why we continuously deliver in-product educational videos in people’s News Feeds on important privacy topics like how to review and delete old posts and what it means to delete an account. We are also inviting people to take our Privacy Checkup—which prompts people to review key data controls—and we are sharing privacy tips in education campaigns off of Facebook, including through ads on other websites. To make our privacy controls easier to find, we are launching a new settings menu that features core privacy settings in a single place. 19 Questions from Senator Fischer Question 1. Given ongoing user privacy concerns, American consumers are asking for a public dialogue about the purposes for which Facebook uses their personal data. However, a meaningful conversation cannot happen until users also understand the sources from which their data is gleaned, and the scope of the specific data—which characteristics, attributes, labels, or categories of data points—being collected and utilized. How many categories (i.e. attributes, factors, labels, or data points) does Facebook collect about particular users? As explained in our Data Policy, we collect three basic categories of data about people: (1) data about things people do and share (and who they connect with) on our services; (2) data about the devices people use to access our services; and (3) data we receive from partners, including the websites and apps that use our business tools. As far as the amount of data we collect about people, the answer depends on the person. People who have only recently signed up for Facebook have usually shared only a few things— such as name, contact information, age, and gender. Over time, as people use our products, we receive more data from them, and this data helps us provide more relevant content and services. That data will fall into the categories noted above, but the specific data we receive will, in large part, depend on how the person chooses to use Facebook. For example, some people use Facebook to share photos, so we receive and store photos for those people. Some people enjoy watching videos on Facebook; when they do, we receive information about the video they watched, and we can use that information to help show other videos in their News Feeds. Other people seldom or never watch videos, so we do not receive the same kind of information from them, and their News Feeds are likely to feature fewer videos. The data we have about people also depends on how they have used our controls. For example, people who share photos can easily delete those photos. The same is true of any other kind of content that people post on our services. Through Facebook’s Activity Log tool, people can also control the information about their engagement—i.e., their likes, shares and comments—with other people’s posts. The use of these controls of course affects the data we have about people. We recently announced improvements to our Download Your Information tool, as well as a new feature that makes it easier for people to see the information that’s in their account on Facebook. These recently-expanded tools for accessing your information will allow people to see their data, delete it, and easily download and export it. Question 2. How many categories, as the term is described above, are used to construct the digital profiles that Facebook utilizes to direct ads to particular users? The specific number of categories that are used to decide what ads a person will see vary from person to person, depending on the interests and information that they have shared on Facebook, how frequently they interact with ads and other content on Facebook, and other factors. Any person can see each of the specific interests we maintain about them for advertising by visiting Ads Preferences, which lets people see what interests we use to choose ads for 20 them—and to edit or delete these interests. We also provide more detailed information about how we use data to decide what ads to show to people in our “About Facebook Ads” page, at https://www.facebook.com/ads/about. We use data about things people do on Facebook, such as the Pages they like, to associate “interests” with their accounts, and we enable advertisers to reach audiences—i.e., groups of people—that share those interests. For example, if a person has liked Pages about baseball, we might associate them with interests called “baseball” or “sports.” We use data from devices (such as location data) to help advertisers reach people in particular areas. For example, if people have shared their device locations with Facebook or checked into a specific restaurant, we can show them ads from an advertiser that wants to promote its services in their area or from the restaurant. We also help advertisers reach people who have given the advertiser their contact information or who have used the advertiser’s website or app. For example, advertisers can send us a hashed list of email addresses of people they would like to reach on Facebook. If we have matching email addresses, we can show those people ads from that advertiser (although we cannot see the email addresses which are sent to us in hashed form, and these are deleted as soon as we complete the match). The data we use to show ads to people depends on the data we have received from people. Again, for people who are new to Facebook, we may have minimal data that we can use. For people who have used our services for longer, we likely have more data, but the amount of data will depend on the nature of that use and how they have used our controls. As noted above, in addition to general controls—such as Activity Log—we provide controls that specifically govern the use of data for ads. Through Ad Preferences, people see and control things like: (1) their “interests,” which are keywords associated with a person based on activities such as liking Pages and clicking ads; (2) their “behaviors” (which we also call “categories”), which generally reflect how, when and where they connect to Facebook; and (3) the advertisers that are currently showing them ads based on the person’s contact information, based on the person’s previous use of the advertiser’s website or app, or based on a visit to the advertiser’s store. People also can choose whether we use information about their activities on websites and apps off of Facebook to show them ads through Facebook, and whether we can use their Facebook advertising interests to show them ads off of Facebook. People’s use of these controls will, of course, affect the data we use to show them ads. Question 3. If a user opts out of directed advertising, does Facebook halt collection of all such data? We give people a number of controls over the data we use to show them ads. These controls apply to our use of data to show people ads; they do not apply to the collection of data, because the same core data sets are used to ensure the safety and security of our platform and to provide our core service to our users. As noted above, people can see and control the advertising “interests” and “behaviors” we have associated with their accounts to show them ads. They can choose not to see ads from a particular advertiser or not to see ads based on their use of thirdparty websites and apps. They also can choose not to see ads off Facebook that are based on the interests we derive from their activities on Facebook. 21 Question 4. If a user opts out of directed advertising, does Facebook delete all such data that was previously stored? Alternatively, does Facebook instead simply stop utilization of that data for directed advertising purposes? Our advertising controls apply only to the use of data for targeting and selecting ads. Using these controls does not result in deletion of data, because the same core data sets are used to ensure the safety and security of our platform and to provide our core service to our users. This is consistent with industry practice. For example, the Digital Advertising Alliance’s SelfRegulatory Principles set the industry standard for the collection and use of data for online behavioral advertising and related practices. Those principles require companies to offer controls over the use of data for advertising purposes. Companies are not required to stop collecting data from opted-out users or to delete previously collected data. Please note, however, that when a person removes an “interest” or “behavior” in Ad Preferences, that interest or behavior is permanently removed from the person’s ad profile; it will not be recreated even if the person subsequently engages in activities that otherwise would have resulted in the creation of the interest or behavior. Question 5. When users download a copy of their Facebook data, as Facebook has recently enabled, is all ad targeting data included in that file? Our Download Your Information or “DYI” tool is Facebook’s data portability tool and was launched many years ago to let people access many types of information that we maintain about them, with a focus on those types that a person may wish to use on another online service. The data in DYI includes each of the demographic and interests-based attributes we use to show or target people ads. Although we do not store this data within DYI, people can also use Ad Preferences to see which advertisers are currently running ads based on their use of an advertiser’s website or app. People also can choose not to see ads from those advertisers. We are also launching Access Your Information, a screenshot of which was included in our April 27, 2018 letter to you. This is a secure way for people to access and manage their information. Users can go here to delete anything from their timeline or profile that they no longer want on Facebook. They can also see their ad interests, as well as information about ads they’ve clicked on and advertisers who have provided us with information about them that influence the ads they see. From here, they can go to their ad settings to manage how this data is used to show them ads. 22 Questions from Senator Moran Question 1. Cambridge Analytica had access to data on up to 87 million Facebook users because 270,000 individuals participated in a personality quiz that also exposed their friends’ data. While I understand how the 270,000 individuals could have given their express consent, can you please walk me through how the many millions of friends could have given their “affirmative express consent” for their data to be shared with a third party as is required by the 2011 consent decree—when they were unaware that a friend of theirs was even participating in a personality quiz? At the outset, we do not know what data Kogan may have shared with Cambridge Analytica. Our investigation into these matters is ongoing, and we are paused on investigating Cambridge Analytica directly (or conducting a forensic audit of its systems) due to the request of the UK Information Commissioner’s Office, which is separately investigating Cambridge Analytica, a UK entity. The best information to date also suggests only US user data was shared by Kogan with Cambridge Analytica. As was the practice of other online or mobile app platforms, at that time, people on Facebook were able to take their data and data their friends had shared with them off of Facebook to apps they authorized to obtain a broader range of experiences than were available on Facebook. But people could not share data for friends whose privacy settings did not permit their data to be shared by their friends with apps—and no data was shared with Kogan’s app in violation of friends’ settings. The 2011 consent decree requires Facebook to get affirmative express consent for materially expanding the audience of a user’s existing privacy settings. No privacy settings were expanded or exceeded on Platform, and the consent order therefore does not apply here. Approximately 300,000 Facebook users worldwide installed Kogan’s app. For the majority of these users, the app requested consent to access the following data fields associated with the user and with the friends of the user: Public profile data, including name and gender; Birthdate; “Current city” in the “About” section of the user’s profile, if provided; and Facebook Pages liked. For a small subset of users, it appears that the app also requested consent to access users’ Facebook messages (fewer than 1,500 individuals, based on current information) and to posts that appeared in the user’s News Feed or Timeline (approximately 100 individuals, based on current information)—but only for users who installed the app. For a small subset of users (fewer than 1,500 individuals, based on current information), it appears that the app also requested consent to access the hometowns that the users’ friends had specified in the “About” section of their profiles. And for a handful of people (fewer than 10) who appear to be associated with Kogan/GSR, the app requested consent to email address and photos. Question 2. According to Facebook’s March 21st press release, one of the six changes that Facebook initially offered to “crack down on platform abuse” was to reward outside parties who find vulnerabilities through its bug bounty program. My subcommittee has held hearings and met with interested stakeholders on these types of data security solutions along with other cyber vulnerability disclosure programs. One concern I have regarding the utility of this approach is that vulnerability disclosure programs are normally geared to identify unauthorized access to data, not point out data sharing arrangements that likely 23 harm users but technically abide by the complex consent agreements Facebook pushes on their users. Could you please explain how Facebook’s expansion of its bug bounty program will prevent future data sharing issues with its associated applications from occurring? The Data Abuse Bounty will reward people with first-hand knowledge and proof of cases where a Facebook platform app collects and transfers people’s data to another party to be sold, stolen or used for scams or political influence. We’ll review all legitimate reports and respond as quickly as possible when we identify a credible threat to people’s information. If we confirm data abuse, we will shut down the offending app and, if necessary, take legal action against the company selling or buying the data. We’ll pay a bounty to the person who reported the issue, or allow them to donate their bounty to a charity, and we’ll also alert those we believe to be affected. We also encourage our users to report to us content that they find concerning or that results in a bad experience, as well as other content that may violate our policies. We review these reports and take action on abuse, like removing content and disabling accounts. Question 3. Facebook has confirmed alterations to its terms and conditions shifting more than 1.5 billion of its user from contracts with the international headquarters in Ireland to Facebook Inc. in the United States, thereby removing these users from the protections they would otherwise receive from the Europeans Union’s General Data Protection Regulation (GDPR). With the recent scrutiny that Facebook has faced about its data collection, sharing, and security polices what is the justification for moving approximately 1.5 billion Facebook user away from the more stringent rules of the European Union’s GDPR? We will offer everyone who uses Facebook the same controls and settings, no matter where they live. However, the GDPR creates some specific requirements that do not apply in the rest of the world, for example the requirement to provide contact information for the EU Data Protection Officer or to specify legal bases for processing data. We are also looking to be more responsive to regional norms and legal frameworks going forward, and want to have the flexibility to work with local regulators, which is possible with this new model. At the same time, we are changing the provisions in our Facebook, Inc. terms in our user agreements outside the United States to allow people in other countries to file lawsuits against Facebook in their home country, rather than in courts in the US. This transition was part of a continued effort to be locally responsive in countries where people use our services. Question 4. During your testimony, you noted that Facebook cooperates with law enforcement in two instances, where there is an “imminent threat of harm” or when law enforcement reaches out to the company with a “valid request for data.” In December 2017, the Chicago Police Department announced that it had arrested fifty people who were utilizing Facebook private group features in order to communicate and facilitate illegal firearm and drug transactions. Several national news outlets reported that Facebook was not helpful in regards to this investigation and Chicago Police Superintendent Eddie Johnson was later quoted in response to media inquiries as saying “Quite frankly, they haven’t been very friendly to law enforcement to prevent these things.” What specific policies and procedures does Facebook currently have in place to aid law enforcement agencies in gaining access to relevant information that indicates a clear threat to public safety? We recognize there are serious and evolving threats to public safety and that law enforcement has an important responsibility to keep people safe. Our legal and safety teams 24 work hard to respond to legitimate law enforcement requests while fulfilling our responsibility to protect people’s privacy and security. We have a global team that strives to respond within minutes to emergency requests from law enforcement. In the second half of 2017, for example, we provided information in response to nearly 78% of the 1,808 requests for emergency disclosures that we received from US law enforcement agencies. Facebook also reaches out to law enforcement whenever we see a credible threat of imminent harm. We use automated and manual review and also rely on users to help by reporting violating accounts or content. We are also working with law enforcement and others to improve our ability to find users at risk of harming themselves or others. We also disclose information in response to law enforcement requests in accordance with our terms of service and applicable law. In the second half of 2017, for example, we disclosed data in response to 85% of law enforcement requests from agencies in the US. Facebook regularly produces a report on government requests to help people understand the nature and extent of these requests and the policies and processes in place to handle them. In addition, we cooperated with the Chicago Police Department’s investigation that led to the December 2017 arrests. We reached out immediately after we learned of the comments referenced in your question, and they issued follow-up statements indicating that we reached out and were planning to provide training. We followed up by training over 100 Chicago-area law enforcement officers in a working group hosted by the FBI and US Attorney’s Office. We also met separately with the Chicago Police unit that conducted the investigation to make sure they understood Facebook’s policies, how to submit requests to us, and how we could help them through additional training and support. Question 5. What specifically qualifies as a “valid request for data,” which is required to gain access to information?” We disclose account records in accordance with our terms of service and applicable law, including the federal Stored Communications Act. In the United States, a valid subpoena issued in connection with an official criminal investigation is required to compel the disclosure of basic subscriber records. A court order issued under 18 U.S.C. § 2703(d) is required to compel the disclosure of certain records or other information pertaining to the account, not including contents of communications. A search warrant issued under the procedures described in the Federal Rules of Criminal Procedure or equivalent state warrant procedures upon a showing of probable cause is required to compel the disclosure of the stored contents of any account. Facebook may also voluntarily disclose information to law enforcement where we have a good faith reason to believe that the matter involves imminent risk of serious physical injury or death. Question 6. How does Facebook determine what rises to an imminent threat of harm and does that determination change the threshold for deciding whether to respond to a law enforcement data request? Facebook discloses account records in accordance with our terms of service and applicable law, including the federal Stored Communications Act. The law permits Facebook to voluntarily disclose information to law enforcement where we have a good faith reason to believe that the matter involves imminent risk of serious physical injury or death. Our law enforcement response team receives and responds to emergency data requests around the clock and from around the globe based on our timely and careful review of information submitted by law enforcement and any other relevant facts. We also rely on experience and input from law 25 enforcement, safety organizations, and industry to identify and respond to potential threats of harm. Question 7. Facebook has made a big deal about users’ ability to request and download the data that Facebook has compiled about the user. But that downloaded data does not include data such as the list of the websites Facebook users have visited that is collected by Facebook. Why is that the case, and when will Facebook make this information available to users? What other information about Facebook users is not available for download? Our Download Your Information or “DYI” tool is Facebook’s data portability tool and was launched many years ago to let people access and download many types of information that we maintain about them. The data in DYI and in our Ads Preferences tool contain each of the interest categories that are used to show people ads, along with information about the advertisers are currently running ads based on their use of an advertiser’s website or app. People also can choose not to see ads from those advertisers. We recently announced expansions to Download Your Information, which, among other things, will make it easier for people to see their data, delete it, and easily download and export it. More information is available at https://newsroom.fb.com/news/2018/04/new-privacy-protections. Responding to feedback that we should do more to provide information about websites and apps that send us information when people use them, we also announced plans to build Clear History. This new feature will enable users to see the websites and apps that send us information when they use them, delete this information from their account, and turn off Facebook’s ability to store it associated with their account going forward. We have also introduced Access Your Information. This feature provides a new way for people to access and manage their information. Users can go here to delete anything from their timeline or profile that they no longer want on Facebook. They can also see their ad interests, as well as information about ads they’ve clicked on and advertisers who have provided us with information about them that influence the ads they see. From here, they can go to their ad settings to manage how this data is used to show them ads. 26 Questions from Senator Sullivan Question 1. In the hearing, the topics of anticompetitive consolidation and the enormous market capitalization of tech companies such as Facebook were frequently raised. Recent calculations value the four largest tech companies’ capitalization at $2.8 trillion dollars, which is a staggering 24% of the S&P 500 Top 50, close to the value of every stock traded on the Nasdaq in 2001, and to give a different perspective, approximately the same amount as France’s current GDP. At what point, from an antitrust perspective, is Facebook simply too big? Would you say that your size inhibits the “next Facebook”? In Silicon Valley and around the world, new social apps are emerging all the time. The average American uses eight different apps to communicate with their friends and stay in touch with people. There is a lot of choice, innovation, and activity in this space, with new competitors arising all the time. Facebook’s top priority and core service is to build useful and engaging products that enable people to connect, discover and share through mobile devices and personal computers. Given its broad product offerings, Facebook faces numerous competitors, competing to attract, engage, and retain users, to attract and retain marketers, and to attract and retain developers who build compelling mobile and web applications. For instance, if you want to share a photo or video, you can choose between Facebook, DailyMotion, Snapchat, YouTube, Flickr, Twitter, Vimeo, Google Photos and Pinterest among many other services. Similarly, if you are looking to message someone, just to name a few, there’s Apple’s iMessage, Telegram, Skype, Line, Viber, WeChat, Snapchat and LinkedIn—as well as the traditional text messaging services your mobile phone carrier provides. Equally, companies also have more options than ever when it comes to advertising—from billboards, print and broadcast, to newer platforms like Facebook, Spotify, Twitter, Google, YouTube, Amazon, or Snapchat. Facebook represents a small part (in fact, just 6%) of this $650 billion global advertising ecosystem and much of that has been achieved by helping small businesses—many of whom could never have previously afforded newspaper or TV ads—to cost-effectively reach a wider audience. Question 2. Senator Peters asked if Facebook extracts audio from its users to enhance personal data profiles, to which you responded no—is that the case? There are countless anecdotes about this exact situation. Would you characterize these as coincidence or is targeted advertising just that effective? To be crystal clear on this point: Facebook does not use users’ phone’s microphone or any other method to extract audio to inform ads or to determine what they see in their News Feed. Facebook show ads based on people’s interests and other profile information—not what users are talking out loud about. Facebook only accesses users’ microphone if the user has given our app permission and if they are actively using a specific feature that requires audio (like voice messaging features). Question 3. As you are aware, children are increasingly active users of technology. Do you have concerns generally about children’s increased use, in many cases that rises to the level of addiction, of electronics? And more specifically, since I’m very interested in the issue of individual privacy rights, what are your thoughts on the data footprint of children being collected? We take the privacy, safety, and security of all those who use our platform very seriously and when it comes to minors (13 to 18 years old), we provide special protections and resources. 27 We also provide special protections for teens on Facebook and Messenger. We provide education before allowing teens to post publicly. We don’t show search results based on specific profile data (high school, birthday/age, and hometown, or current city) of teens to unconnected adults when the adults search on Facebook. Unconnected adults can’t message minors who are 13-17. We prohibit search engines off Facebook from indexing minors’ profiles. And, we have age limits for advertisements. For example, ads for dating sites, financial services and other products or services are gated to users under 18. We provide special resources to help ensure that they enjoy a safe and secure experience. For example, we recently announced the launch of our Youth Portal, which is available in 60 languages at facebook.com/safety/youth. This portal is a central place for teens that includes: • Education: Information on how to get the most out of products like Pages, Groups, Events, and Profile, while staying safe. Plus, information on the types of data Facebook collects and how we use it. • Peer Voices: First person accounts from teens around the world about how they are using technology in new and creative ways. • Ways to control your experience: Tips on things like security, reporting content, and deciding who can see what teens share. • Advice: Guidelines for how to safely get the most out of the internet. Instagram also will be providing information to teens to show them where they can learn about all of the tools on Instagram to manage their privacy and stay safe online, including how to use the new Access and Download tools to understand what they have shared online and learn how to delete things they no longer want to share. We are also making this information available in formats specifically designed for young users, including video tutorials for our privacy and safety tools, and teen-friendly FAQs about the Instagram Terms of Use, Data Policy, safety features, and Community Guidelines. Instagram has also launched new content on Instagram Together, including videos and FAQs about privacy controls; information on how to use safety features, including comment controls, blocking accounts, reporting abuse, spam, or troubling messages; information on responsible social media use; and FAQs about safety on Instagram. We will be reaching out to users under 18 on Instagram to encourage them to learn more on Instagram Together. Further, we have content restrictions and reporting features for everyone, including minors. We have Community Standards that prohibit hate speech, bullying, intimidation, and other kinds of harmful behavior. We encourage people to report posts and rely on our team of content reviewers around the world to review reported content. Our reviewers are trained to look for violations and enforce our policies consistently and as objectively as possible. When reviewed by our team, we hide certain graphic content from users under 18 (and include a warning for adults). We are also working to improve our ability to get our community help in real time, especially in instances where someone is expressing thoughts of suicide or self-harm, 28 by expanding our use of proactive detection, working with safety experts and first-responders, and dedicating more reviewers from our Community Operations team. In addition, with 9 out of 10 children under the age of 13 in the United States able to access a tablet or smartphone and 2 out of 3 with their own device, and parents seeking greater control over who connects with their children, the content they see and the time they spend online, we are committed to working with parents and families, as well as experts in child development, online safety and children’s health and media, to ensure we are building better products for families. That is why we’re committed to both continued research and to building tools that promote meaningful interactions and help people manage their time on our platform. Indeed, as we built Messenger Kids, we worked closely with leading child development experts, educators, and parents to inform our decisions. Our advisors include experts in the fields of child development, online safety, and children’s media currently and formerly from organizations such as the Yale Center for Emotional Intelligence, Connect Safely, Center on Media and Child Health, Sesame Workshop and more. The app does not have ads or in app purchase and we recently added Sleep Mode which gives the parent the ability to set parameters on when the app can be used. Messenger Kids collects only a limited amount of information. Additionally, when a Messenger Kids user turns 13, which the minimum age to join Facebook, they don’t automatically get a Facebook account. We recently launched a Parents Portal and Youth Portal, which are both focused on fostering conversations around online safety and giving parents and young people access to the information and resources they need to make informed decisions about their use of online technologies. Question 4. I’m very proud to be a cosponsor of the recently passed SESTA legislation, which as you know, takes serious steps to hold websites and other institutions accountable that knowingly facilitate sex trafficking activity by closing loopholes in what was outdated federal communications law. As an active participant in the deliberations and negotiations throughout the process, I noticed that while Facebook ultimately supported the legislation, that was a stance that evolved significantly– can you explain Facebook’s shifting views on this bill? Facebook supports SESTA. We support the goal of the legislation of providing victims of sex trafficking with recourse in the courts against parties who directly support these illegal activities, but wanted to ensure that good actors were not penalized for their efforts to root out this type of harm online. We were very pleased to be able to work successfully with a bipartisan group of Senators on a bill that protects women and children from the harms of sex trafficking. Facebook is committed to making our platform a safe place, especially for individuals who may be vulnerable. We have a long history of working successfully with governments to address a wide variety of threats to our platform, including child exploitation. When we learn of a situation involving physical abuse, child exploitation, or an imminent threat of harm to a person, we immediately report the situation to first responders or the National Center for Missing and Exploited Children (NCMEC). 29 Further, as part of official investigations, government officials sometimes request data about people who use Facebook. We have processes in place to handle these government requests, and we disclose account records in accordance with our terms of service and applicable law. We also have a global team that strives to respond within minutes to emergency requests from law enforcement. Our relationship with NCMEC also extends to an effort that we launched in 2015 to send AMBER Alerts to the Facebook community to help find missing children. When police determine that a case qualifies for an AMBER Alert, the alert is issued by the NCMEC and distributed through the Facebook system with any available information, including a photograph of the missing child, a license plate number, and the names and descriptions of the child and suspected abductor. Law enforcement determines the range of the target area for each alert. We know the chances of finding a missing child increase when more people are on the lookout, especially in the critical first hours. Our goal is to help get these alerts out quickly to the people who are in the best position to help, and a number of missing children have been found through AMBER Alerts on Facebook. Further, we work tirelessly to identify and report child exploitation images (CEI) to appropriate authorities. We identify CEI through a combination of automated and manual review. On the automated review side, we use image hashing to identify known CEI. On the manual review side, we provide in-depth training to content reviewers on how to identify possible CEI. Confirmed CEI is reported to the NCMEC, which then forwards this information to appropriate authorities. When we report content to the NCMEC, we preserve account information in accordance with applicable law, which can help further law enforcement investigations. We also reach out to law enforcement authorities in serious cases to ensure that our reports are received and acted upon. Question 5. Were your terms of service for third party app developers violated by Cambridge Analytica? If not, have they ever been violated in the past and what were those situations and outcomes? Cambridge Analytica signed certifications at our insistence declaring that they had deleted all copies of Facebook data and derivatives obtained from Kogan’s app. In March 2018, we received reports that, contrary to the certification and confirmation we were given by SCL/Cambridge Analytica, not all data was deleted. We are moving aggressively to determine the accuracy of these claims. If true, this is an unacceptable violation of trust and a breach of the representations Cambridge Analytica made in the certifications. Question 6. Can a user opt-out of Facebook collecting and compiling a user’s web browsing history? If so, please provide the details regarding how a user opts out of this collection. The Ad Preferences tool on Facebook shows people the advertisers whose ads the user might be seeing because they visited the advertisers’ sites or apps. The person can remove any of these advertisers to stop seeing their ads. In addition, the person can opt out of these types of ads entirely—so he or she never sees those ads on Facebook based on information we have received from other websites and apps. 30 We’ve also announced plans to build Clear History, a feature that will enable people to see the websites and apps that send us information when they use them, delete this information from their accounts, and turn off our ability to store it associated with their accounts going forward. Apps and websites that use features such as the Like button or Facebook Analytics send us information to make their content and ads better. We also use this information to make user experience on Facebook better. If a user clears his or her history or uses the new setting, we’ll remove identifying information so a history of the websites and apps the user used won’t be associated with the user’s account. We’ll still provide apps and websites with aggregated analytics—for example, we can build reports when we’re sent this information so we can tell developers if their apps are more popular with men or women in a certain age group. We can do this without storing the information in a way that’s associated with the user’s account, and as always, we don’t tell advertisers who users are. It will take a few months to build Clear History. We’ll work with privacy advocates, academics, policymakers, and regulators to get their input on our approach, including how we plan to remove identifying information and the rare cases where we need information for security purposes. We’ve already started a series of roundtables in cities around the world and heard specific demands for controls like these at a session we held at our headquarters. We’re looking forward to doing more. Question 7. Finally, since you’ve recently spent some time in Alaska, I’m sure your travels gave you a sense for our ardent individualism and general skepticism about the benefits of conceding privacy in the name of security. How can my constituents be assured of their security online? Or more generally, what would you say should be their new expectation of privacy online? We believe that everyone has the right to expect strong protections for their information, and that we also need to do our part to help keep our community safe, in a way that’s consistent with people’s privacy expectations. We’ve recently announced several steps to give people more control over their privacy, including a new Privacy Shortcuts tool that we’re rolling out now to give people information about how to control their information, including choosing who can see what they post and adding protections like two-factor authentication to their account. People can learn more about how to protect their privacy in our updated Data Policy and in our Privacy Basics feature (https://www.facebook.com/about/basics). 31 Questions from Senator Cruz Question 1. Please provide a wholly contained answer to each question. A question’s answer should not cross-reference answers provided in other questions. If a question asks for a yes or no answer, please provide a yes or no answer first and then provide subsequent explanation. If the answer to a yes or no question is sometimes yes and sometimes no, please state such first and then describe the circumstances giving rise to each answer. If a question asks for a choice between two options, please begin by stating which option applies, or both, or neither, followed by any subsequent explanation. If you disagree with the premise of a question, please answer the question as-written and then articulate both the premise about which you disagree and the basis for that disagreement. If you lack a basis for knowing the answer to a question, please first describe what efforts you undertook as Chief Executive Officer of Facebook order to ascertain an answer to the question and then provide your tentative answer as a consequence of its reasonable investigation. If even a tentative answer is impossible at this time, please state what efforts you and Facebook intend to take to provide an answer in the future and give an estimate as to when the Committees shall receive that answer. If it is impossible to answer a question without divulging confidential or privileged information, please clearly state the basis for confidentiality or privilege invoked and provide as extensive an answer as possible without breaching that confidentiality or privilege. For questions calling for answers requiring confidential information, please provide a complete answer in a sealed, confidential form. These materials will be kept confidential. For questions calling for privileged information, please describe the privileged relationship and identify the privileged documents or materials that, if disclosed, would fully answer the question. If the answer to a question depends on one or more individuals’ memory or beliefs and that individual or those individuals either do not recall relevant information or are not available to provide it, please state the names of those individuals, what efforts you undertook to obtain the unavailable information, and the names of other individuals who may have access to that information. To the extent that an answer depends on an ambiguity in the question asked, please state the ambiguity you perceive in the question and provide multiple answers which articulate each possible reasonable interpretation of the question in the light of the ambiguity. To the extent that a question inquires about you or Facebook’s actions, omissions, or policies, the question also asks about any entities that you or Facebook owns or controls, including any subsidiaries and affiliates. If context suggests that a question may ask about Facebook as a service rather than as an entity, please answer the question as applied to both Facebook as a service as well as all of Facebook’s affiliated entities or platforms. 32 Please attach a copy of each and every formal or informal policy, whether presently written or otherwise, regarding the moderation, promotion, evaluation, or alteration of users or content on Facebook. These include, for example, Facebook’s Terms of Service, its Community Guidelines, and similar policies. Facebook’s Terms and Policies are available here: https://www.facebook.com/policies. Facebook’s Community Standards are available at https://www.facebook.com/communitystandards/. Question 2. Yes or no: Are Facebook’s decisions to permit users access to its services or to permit content to remain displayed on its services, or the prominence or accessibility of that content, including its order, visibility, duration visible, inclusion in searches or order within search results, inclusion within “Trending” lists or analogous suggestions of content to users, determined in whole or part by Facebook’s corporate values, beliefs, priorities, or opinions? The conversations that happen on Facebook reflect the diversity and free expression of a community of more than two billion people communicating across countries and cultures and in dozens of languages, posting everything from text to photos and videos. With regard to the order and visibility of content, a user’s News Feed is made up of stories from their friends, Pages they’ve chosen to follow and groups they’ve joined. Ranking is the process we use to organize all of those stories so that users can see the most relevant content at the top, every time they open Facebook. Ranking has four elements: the available inventory of stories; the signals, or data points that can inform ranking decisions; the predictions we make, including how likely we think they are to comment on a story, share with a friend, etc.; and a relevancy score for each story. Misleading or harmful content on Facebook comes in many different forms, from annoyances like clickbait to hate speech and violent content. When we detect this kind of content in News Feed, there are three types of actions we take: remove it, reduce its spread, or inform people with additional context. Our Community Standards and Ads Policies outline the content that is not allowed on the platform, such as hate speech, fake accounts, and praise, support, or representation of terrorism/terrorists. When we find things that violate these standards, we remove them. There are other types of problematic content that, although they don’t violate our policies, are still misleading or harmful and that our community has told us they don’t want to see on Facebook—things like clickbait or sensationalism. When we find examples of this kind of content, we reduce its spread in News Feed using ranking and, increasingly, we inform users with additional context so they can decide whether to read, trust, or share it. The goal of our Community Standards is to encourage expression and create a safe environment. We base our policies on input from our community and from experts in fields such as technology and public safety. Our policies are also rooted in the following principles: (1) Safety: People need to feel safe in order to build community. We are committed to removing content that encourages real-world harm, including (but not limited to) 33 physical, financial, and emotional injury. (2) Voice: Our mission is all about embracing diverse views. We err on the side of allowing content, even when some find it objectionable, unless removing that content can prevent a specific harm. Moreover, at times we will allow content that might otherwise violate our standards if we feel that it is newsworthy, significant, or important to the public interest. We do this only after weighing the public interest value of the content against the risk of real-world harm; and (3) Equity: Our community is global and diverse. Our policies may seem broad, but that is because we apply them consistently and fairly to a community that transcends regions, cultures, and languages. As a result, our Community Standards can sometimes appear less nuanced than we would like, leading to an outcome that is at odds with their underlying purpose. For that reason, in some cases, and when we are provided with additional context, we make a decision based on the spirit, rather than the letter, of the policy. Question 3. Yes or no: Does Facebook promote, demote, or block users or content based on its assessment of the social value or social desirability of that content? See Response to Question 2. Question 4. Yes or no: Does Facebook promote, demote, or block users or content based on its assessment of that content’s truth or falsity? See Response to Question 2. Question 5. Yes or no: Does Facebook promote, demote, or block users or content based on its assessment of the content’s agreement or disagreement with Facebook’s corporate values, beliefs, priorities, or opinions? See Response to Question 2. Question 6. Yes or no: Have Facebook’s decisions to permit users access to its services or to permit content to remain displayed on its services, or the prominence or accessibility of that content, including its order, visibility, duration visible, inclusion in searches or order within search results, inclusion within “Trending” lists or analogous suggestions of content to users, ever been determined in whole or part by Facebook’s corporate values, beliefs, priorities, or opinions? See Response to Question 2. Question 7. Yes or no: Has Facebook ever promoted, demoted, or blocked users or content based on its assessment of the social value or social desirability of that content? See Response to Question 2. 34 Question 8. Yes or no: Has Facebook ever promoted, demoted, or blocked users or content based on its assessment of that content’s truth or falsity? See Response to Question 2. Question 9. Yes or no: Has Facebook ever promoted, demoted, or blocked users or content based on its assessment of the content’s agreement or disagreement with Facebook’s corporate values, beliefs, priorities, or opinions? See Response to Question 2. Question 10. Yes or no: Does Facebook employ its corporate values, beliefs, priorities, or opinions when deciding what content Facebook removes, republishes, moderates, promotes, or otherwise increases or decreases access to content? The conversations that happen on Facebook reflect the diversity of a community of more than two billion people communicating across countries and cultures and in dozens of languages, posting everything from text to photos and videos. We recognize how important it is for Facebook to be a place where people feel empowered to communicate, and we take our role in keeping abuse off our service seriously. That’s why we have developed a set of Community Standards that outline what is and is not allowed on Facebook. Our Standards apply around the world to all types of content. They’re designed to be comprehensive—for example, content that might not be considered hate speech may still be removed for violating our bullying policies. The goal of our Community Standards is to encourage expression and create a safe environment. We base our policies on input from our community and from experts in fields such as technology and public safety. Our policies are also rooted in the following principles: (1) Safety: People need to feel safe in order to build community. We are committed to removing content that encourages real-world harm, including (but not limited to) physical, financial, and emotional injury. (2) Voice: Our mission is all about embracing diverse views. We err on the side of allowing content, even when some find it objectionable, unless removing that content can prevent a specific harm. Moreover, at times we will allow content that might otherwise violate our standards if we feel that it is newsworthy, significant, or important to the public interest. We do this only after weighing the public interest value of the content against the risk of real-world harm; and (3) Equity: Our community is global and diverse. Our policies may seem broad, but that is because we apply them consistently and fairly to a community that transcends regions, cultures, and languages. As a result, our Community Standards can sometimes appear less nuanced than we would like, leading to an outcome that is at odds with their underlying purpose. For that reason, in some cases, and when we are provided with additional context, we make a decision based on the spirit, rather than the letter, of the policy. 35 Question 11. Yes or no: Has Facebook ever employed its corporate values, beliefs, priorities, or opinions when deciding what content Facebook removes, republishes, moderates, promotes, or otherwise increases or decreases access to content? See Response to Question 10. Question 12. It has become a common position on colleges and universities that statements which a listener disagrees with severely either can constitute violence or can rise to the moral equivalent of violence. According to this position, statements may rise to the level of violence even without a threat, reasonable or otherwise, of imminent violence, the use of “fighting words,” or either a subjective intent or reasonably understood objective attempt to harass a listener. See Response to Question 13. Question 13. Yes or no: Does Facebook believe that speech neither advocating for physical violence against, threatening physical violence against, nor undertaken with either the subjective purpose or objective indicia of harassing a listener, may constitute violence? Freedom of expression is one of our core values, and we believe that adding voices to the conversation creates a richer and more vibrant community. We want people to feel confident that our community welcomes all viewpoints and we are committed to designing our products to give all people a voice and foster the free flow of ideas and culture. On the subject of credible violence, our Community Standards are explicit in what we don’t allow. We aim to prevent potential real-world harm that may be related to content on Facebook. We understand that people commonly express disdain or disagreement by threatening or calling for violence in facetious and non-serious ways. That’s why we try to consider the language, context and details in order to distinguish casual statements from content that constitutes a credible threat to public or personal safety. In determining whether a threat is credible, we may also consider additional information like a targeted person’s public visibility and vulnerability. We remove content, disable accounts, and work with law enforcement when we believe there is a genuine risk of physical harm or direct threats to public safety. Question 14. Yes or no: Has Facebook ever believed that speech neither advocating for physical violence against, threatening physical violence against, nor undertaken with either the subjective purpose or objective indicia of harassing a listener, may constitute violence? See Response to Question 13. Question 15. Regardless of Facebook’s answer to Question 7, have any of Facebook’s policies ever required removal of content not described in Question 7 from Facebook? If so, what categories, and based on what policies? The goal of our Community Standards is to encourage expression and create a safe environment. We base our policies on input from our community and from experts in fields 36 such as technology and public safety. Our policies are also rooted in the following principles: (1) Safety: People need to feel safe in order to build community. We are committed to removing content that encourages real-world harm, including (but not limited to) physical, financial, and emotional injury. (2) Voice: Our mission is all about embracing diverse views. We err on the side of allowing content, even when some find it objectionable, unless removing that content can prevent a specific harm. Moreover, at times we will allow content that might otherwise violate our standards if we feel that it is newsworthy, significant, or important to the public interest. We do this only after weighing the public interest value of the content against the risk of real-world harm; and (3) Equity: Our community is global and diverse. Our policies may seem broad, but that is because we apply them consistently and fairly to a community that transcends regions, cultures, and languages. As a result, our Community Standards can sometimes appear less nuanced than we would like, leading to an outcome that is at odds with their underlying purpose. For that reason, in some cases, and when we are provided with additional context, we make a decision based on the spirit, rather than the letter, of the policy. Question 16. Yes or no: Does Facebook consider itself a publisher or speaker entitled to First Amendment protection when supervising its services, designing or implementing its policies, altering, reposting, promoting or demoting content, including through results displayed by a user search, their order or presence in a “Trending” list or similar suggestions to users regarding content? Facebook does not create the content that users share on its Platform, although it does take steps to arrange, rank and distribute that content to those who are most likely to be interested in it, or to remove objectionable content from its service. These activities are protected functions under Communications Decency Act Section 230 and the First Amendment. Question 17. Aside from content clearly marked as coming from Facebook or one of its officers or employees, under what circumstances does Facebook consider itself as acting as a First-Amendment-protected publisher or speaker in its moderation, maintenance, or supervision over its users or their content? We are, first and foremost, a technology company. Facebook does not create or edit the content that users publish on our platform. While we seek to be a platform for a broad range of ideas, we do moderate content according to published community standards in order to keep users on the platform safe, to reduce objectionable content and to make sure users participate on the platform responsibly. Question 18. Yes or no: Does Facebook provide access to its services on a viewpointneutral basis? For this question and its subparts, please construe “access to its services” and similar phrases broadly, including the position or order in which content is displayed on its services, the position or order in which users or content show up in searches (or 37 whether they show up at all), whether users or content are permitted to purchase advertisements (or be advertised), the rates charged for those advertisements, and so on. We are committed to free expression and err on the side of allowing content. When we make a mistake, we work to make it right. And we are committed to constantly improving our efforts so we make as few mistakes as humanly possible. Decisions about whether to remove content are based on whether the content violates our Community Standards. Discussing controversial topics or espousing a debated point of view is not at odds with our Community Standards, the policies that outline what is and isn’t allowed on Facebook. We believe that such discussion is important in helping bridge division and promote greater understanding. We are committed to designing our products to give all people a voice and foster the free flow of ideas and culture. That said, when something crosses the line into hate speech, it has no place on Facebook, and we are committed to removing it from our platform any time we become aware of it. We define hate speech as a direct attack on people based on what we call protected characteristics—race, ethnicity, national origin, religious affiliation, sexual orientation, sex, gender, gender identity, and serious disability or disease. We also provide some protections for immigration status. We define attack as violent or dehumanizing speech, statements of inferiority, and calls for exclusion or segregation. The detailed guidelines our reviewers use to assess whether content violates our hate speech policies are available here: https://www.facebook.com/communitystandards/objectionable_content/hate_speech. Question 19. Yes or no: Has Facebook ever discriminated among users on the basis of viewpoint when determining whether to permit a user to access its services? If so, please list each instance in which Facebook has done so. See Response to Question 18. Question 20. If so, does Facebook continue to do so today, or when did Facebook stop doing so? See Response to Question 18. Question 21. If so, what viewpoint(s) has Facebook discriminated against or in favor of? In what way(s) has Facebook done so? See Response to Question 18. Question 22. If so, does Facebook act only on viewpoints expressed on Facebook, or does it discriminate among users based on viewpoints expressed elsewhere? Has Facebook ever based its decision to permit or deny a user access to its services on viewpoints expressed off Facebook? 38 See Response to Question 18. Question 23. Yes or no: Excluding content encouraging physical self-harm, threats of physical violence, terrorism, and other content relating to the credible and imminent physical harm of specific individuals, has Facebook ever discriminated among content on the basis of viewpoint in its services? If so, please list each instance in which Facebook has done so. See Response to Question 18. Question 24. Yes or no: Has Facebook ever discriminated against American users or content on the basis of an affiliation with a religion or political party? If so, please list each instance in which Facebook has done so and describe the group or affiliation against which (or in favor of which) Facebook was discriminating. See Response to Question 18. Question 25. Yes or no: Has Facebook ever discriminated against any American users or content on its services on the basis of partisan affiliation with the Republican or Democratic parties? This question includes advocacy for or against a party or specific candidate or official. If so, please list each instance and the party affiliation discriminated against. See Response to Question 18. Question 26. Yes or no: Has Facebook ever discriminated against any American users or content on its services on the basis of the user’s or content’s advocacy for a political position on any issue in local, State, or national politics? This question includes but is not limited to advocacy for or against abortion, gun control, consumption of marijuana, and net neutrality. See Response to Question 18. Question 27. Yes or no: Has Facebook ever discriminated against any American users or content on its services on the basis of the user’s or content’s religion, including advocacy for one or more tenets of that religion? If so, please list each such instance in which Facebook has done so and identify the religion, religious group, or tenet against which Facebook discriminated. See Response to Question 18. Question 28. Yes or no: Has Facebook ever discriminated between users in how their content is published, viewed, received, displayed in “trending” or similar lists, or otherwise in any function or feature, based on the user’s political affinity, religion, religious tenets, ideological positions, or any ideological or philosophical position asserted? If so, please list each such incident as well as the basis on which Facebook discriminated against that user or content. 39 Being a platform for all ideas is a foundational principle of Facebook. We are committed to ensuring there is no bias in the work we do. Suppressing content on the basis of political viewpoint or preventing people from seeing what matters most to them is directly contrary to Facebook’s mission and our business objectives. When allegations of political bias surfaced in relation to Facebook’s Trending Topics feature, we immediately launched an investigation to determine if anyone violated the integrity of the feature or acted in ways that are inconsistent with Facebook’s policies and mission. We spoke with current reviewers and their supervisors, as well as a cross-section of former reviewers; spoke with our contractor; reviewed our guidelines, training, and practices; examined the effectiveness of operational oversight designed to identify and correct mistakes and abuse; and analyzed data on the implementation of our guidelines by reviewers. Ultimately, our investigation revealed no evidence of systematic political bias in the selection or prominence of stories included in the Trending Topics feature. In fact, our analysis indicated that the rates of approval of conservative and liberal topics are virtually identical in Trending Topics. Moreover, we were unable to substantiate any of the specific allegations of politically-motivated suppression of subjects or sources, as reported in the media. To the contrary, we confirmed that most of those subjects were in fact included as trending topics on multiple occasions, on dates and at intervals that would be expected given the volume of discussion around those topics on those dates. Nonetheless, as part of our commitment to continually improve our products and to minimize risks where human judgment is involved, we are making a number of changes: We have engaged an outside advisor, former Senator Jon Kyl, to advise the company on potential bias against conservative voices. We believe this external feedback will help us improve over time and ensure we can most effectively serve our diverse community and build trust in Facebook as a platform for all ideas. We continue to expand our list of outside partner organizations to ensure we receive feedback on our content policies from a diverse set of viewpoints. We have made our detailed reviewer guidelines public to help people understand how and why we make decisions about the content that is and is not allowed on Facebook. We have launched an appeals process to enable people to contest content decisions with which they disagree. We are instituting additional controls and oversight around the review team, including robust escalation procedures and updated reviewer training materials. These improvements and safeguards are designed to ensure that Facebook remains a platform for all ideas and enables the broadest spectrum of free expression possible. Question 29. Except for accidental instances, has Facebook ever removed, downgraded, 40 concealed, or otherwise censored content associated with any of the following? If yes, please describe the content that was removed, downgraded, concealed, or otherwise censored and the circumstances under which it was removed, downgraded, concealed, or otherwise censored. Any individuals employed by Facebook? Any elected official or candidate seeking elected office who self-identifies or is registered as a Democrat or a “Democratic Socialist”? Any group who self-identifies as being part of the “Anti-Trump Resistance Movement”? Any individuals employed by MSNBC? Any individuals employed by CNN? Any blogs that self-identify as “liberal” or “progressive”? Any Facebook groups that self-identify as “liberal”, “progressive”, or being part of the “Anti-Trump Resistance Movement”? Open Society Foundation? Planned Parenthood? Indivisible? Sierra Club? The American Civil Liberties Union? The Anti-Defamation League? The Council on American-Islamic Relations (CAIR)? Emily’s List? NARAL Pro-Choice America? The National Association for the Advancement of Colored People (NAACP)? NextGen Climate Action? The Southern Poverty Law Center? The Union of Concerned Scientists? Everytown for Gun Safety? 41 Amnesty International? Priorities USA Action? Media Matters for America? Human Rights Watch? Every Voice? NowThis? The Women’s March? Organizing for America? Organizing for Action? When content that violates our policies is brought to our attention, we remove that content—regardless of who posted it. We have removed content posted by individuals and entities across the political spectrum. On April 24, 2018, we published the detailed guidelines our reviewers use to make decisions about reported content on Facebook. These guidelines cover everything from nudity to graphic violence. We published these guidelines because we believe that increased transparency will provide more clarity on where we draw lines on complex and continuously evolving issues, and we hope that sharing these details will prompt an open and honest dialogue about our decision making process that will help us improve—both in how we develop and enforce our standards. We recognize that our policies are only as good as the strength and accuracy of our enforcement—and our enforcement is not perfect. We make mistakes because our processes involve people, and people are not infallible. We are always working to improve. We typically do not comment on specific cases of content removal for privacy reasons. Question 30. In your testimony before the committees, you stated several times that Facebook prohibits content based on its status as “hate speech.” How have you and Facebook defined “hate speech” today and at any other stage in Facebook’s existence? We define hate speech as a direct attack on people based on what we call protected characteristics—race, ethnicity, national origin, religious affiliation, sexual orientation, sex, gender, gender identity, and serious disability or disease. We also provide some protections for immigration status. We define attack as violent or dehumanizing speech, statements of inferiority, and calls for exclusion or segregation. The detailed guidelines our reviewers use to assess whether content violates our hate speech policies are available here: https://www.facebook.com/communitystandards/objectionable_content/hate_speech. 42 Our Community Standards make an important distinction between targeting people and targeting particular beliefs or institutions. We believe that people should be able to share their views and discuss controversial ideas on Facebook. Question 31. Did or does Facebook collaborate with or defer to any outside individuals or organizations in determining whether to classify a particular statement as “hate speech?” If so, please list the individuals and organizations. Hate speech has no place on our platform. Our Community Standards prohibit attacks based on characteristics including race, ethnicity, religion, and national origin. Facebook has partnerships with academics and experts who study organized hate groups and hate speech. These academics and experts share information with Facebook as to how organizations are adapting to social media and give feedback on how Facebook might better tackle these problems. We recently hosted several of these academics at Facebook for multiple days of observation and assessment, during which the academics attended substantive meetings on our content policies and the guidance we provide to our reviewers. Further, in the area of hate speech, there are very important academic projects that we follow closely. Timothy Garton Ash, for example, has created the Free Speech Debate to look at these issues on a cross-cultural basis. Susan Benesch established the Dangerous Speech Project, which investigates the connection between speech and violence. These projects show how much work is left to be done in defining the boundaries of speech online, which is why we will keep participating in this work to help inform our policies at Facebook. We are committed to continuing our dialogue with third parties to ensure we can have the widest possible expression of ideas, while preventing abuse of the platform. Facebook works with organizations from across the political spectrum around changes to our content standards including hate speech. While we do not share individual pieces of content from users with these organizations out of concerns for user privacy, we do provide in-depth examples and explanations of what the policy changes would entail. Question 32. Did or does Facebook collaborate with or defer to any outside individuals or organizations in determining whether a given speaker has committed acts of “hate speech” in the past? If so, please list the individuals and organizations. In an effort to prevent and disrupt real-world harm, we do not allow any organizations or individuals that are engaged in organized hate to have a presence on Facebook. We also remove content that expresses support or praise for groups, leaders, or individuals involved in these activities. In developing and iterating on our policies, including our policy specific to hate speech, we consult with outside academics and experts from across the political spectrum and around the world. We do not, however, defer to these individuals or organizations in making decisions about content on our platform. Content that violates our Community Standards is removed when we are made aware of it, and content that doesn’t violate is left on the platform. Designating hate organizations and/or individuals is an extensive process that takes into account a number of different signals. We worked with academics and NGOs to establish this 43 process and regularly engage with them to understand whether we should refine it. Among the signals we consider are whether the individual or organization in question has called for or directly carried out violence against people based on protected characteristics. Question 33. Did or does Facebook ban or otherwise limit the content of individuals or organizations who have spoken “hate speech” on its platform aside from the offending content? If so, under what circumstances? See Response to Question 32. Question 34. Yes or no: Did or does Facebook ban or otherwise limit the content of individuals or organizations on its platform based on hate speech or other behavior conducted outside of Facebook’s platform? See Response to Question 32. Question 35. Yes or no: Do you believe that “hate speech” is not protected under the First Amendment from government censorship? The goal of our Community Standards is to encourage expression and create a safe community for our 2 billion users, more than 87% of whom are located outside the United States. We err on the side of allowing content, even when some find it objectionable, unless removing that content prevents a specific harm. We do not allow hate speech on Facebook because it creates an environment of intimidation and exclusion and in some cases may promote real-world violence. Our current definition of hate speech is anything that directly attacks people based on what are known as their “protected characteristics”—race, ethnicity, national origin, religious affiliation, sexual orientation, sex, gender, gender identity, or serious disability or disease. However, our definition does allow for discussion around these characteristics as concepts in an effort to allow for and encourage expression and dialogue by our users. There is no universally accepted answer for when something crosses the line. Our approach to hate speech, like those of other platforms, has evolved over time and continues to change as we learn from our community, from experts in the field, and as technology provides us new tools to operate more quickly, more accurately and precisely at scale. Question 36. Yes or no: Have you ever believed that “hate speech” is not protected under the First Amendment from government censorship? See Response to Question 35. Question 37. Yes or no: Does Facebook believe that “hate speech” is not protected under the First Amendment from government censorship? 44 See Response to Question 35. Question 38. Yes or no: Has Facebook ever believed that “hate speech” is not protected under the First Amendment from government censorship? See Response to Question 35. Question 39. Yes or no: Does Facebook’s “hate speech” policy prohibit, exclude, remove, or censor content that, were Facebook a governmental entity, would be entitled to First Amendment protections? See Response to Question 35. Question 40. Facebook states on its website that, per its community standards, Facebook will remove hate speech, which it describes as “including content that directly attacks people based on their: race, ethnicity, national origin, religious affiliation, sexual orientation, sex, gender, or gender identity, or serious disabilities or diseases.” Yes or no: Does Facebook limit its definition of hate speech only to content that “directly attacks” people based on the aforementioned characteristics? We define “attack” under our hate speech policy as violent or dehumanizing speech, statements of inferiority, and calls for exclusion or segregation. We allow discussion of issues related to characteristics like race, gender, ethnicity, and immigration status. We do not permit attacks against people based on these characteristics. Context matters in making what can be a difficult determination in some cases. Specific details on the type of content that is prohibited under our hate speech policies are available here: https://www.facebook.com/communitystandards/objectionable_content/hate_speech. Question 41. What standard or procedure has Facebook applied now and in the past in determining whether content “directly attacks” an individual or group based on a protected characteristic under Facebook’s community standards? See Response to Question 40. Question 42. Yes or no: Has Facebook ever removed content for hate speech that did not directly attack a person on the basis of his or her race, ethnicity, national origin, religious affiliation, sexual orientation, sex, gender, or gender identity, or serious disabilities or diseases? If so, what criteria did Facebook use to determine that the content violated Facebook’s policy? We define “attack” under our hate speech policy as violent or dehumanizing speech, statements of inferiority, and calls for exclusion or segregation. Sometimes, it’s obvious that something is hate speech and should be removed—because it includes the direct incitement of violence against people possessing protected characteristics, or degrades or dehumanizes people. Sometimes, however, there isn’t a clear consensus—because 45 the words themselves are ambiguous, the intent behind them is unknown, or the context around them is unclear. Language also continues to evolve, and a word that was not a slur yesterday may become one today. Here are some of the things we take into consideration when deciding what to leave on the site and what to remove. • Context: Regional and linguistic context is often critical in deciding whether content constitutes hate speech, as is the need to take geopolitical events into account. In Myanmar, for example, the word “kalar” has benign historic roots, and is still used innocuously across many related Burmese words. The term can however also be used as an inflammatory slur, including as an attack by Buddhist nationalists against Muslims. We looked at the way the word’s use was evolving, and decided our policy should be to remove it as hate speech when used to attack a person or group, but not in the other harmless use cases. • Intent: There are times someone might share something that would otherwise be considered hate speech but for non-hateful reasons, such as making a self-deprecating joke or quoting lyrics from a song. People often use satire and comedy to make a point about hate speech. In other cases, people may speak out against hatred by condemning someone else’s use of offensive language, which requires repeating the original offense. This is something we allow, even though it might seem questionable since it means some people may encounter material disturbing to them. But it also gives our community the chance to speak out against hateful ideas. We revised our Community Standards to encourage people to make it clear when they’re sharing something to condemn it, but sometimes their intent isn’t clear, and anti-hatred posts get removed in error. On April 24, 2018, we announced the launch of appeals for content that was removed for hate speech. We recognize that we make enforcement errors on both sides of the equation— what to allow, and what to remove—and that our mistakes cause a great deal of concern for people, which is why we need to allow the option to request review of the decision and provide additional context that will help our team see the fuller picture as they review the post again. This type of feedback will allow us to continue improving our systems and processes so we can prevent similar mistakes in the future. Question 43. Has Facebook ever removed content for hate speech that was posted by an individual employed by Facebook? If so, please describe each instance. Our policies apply equally to all of our users. If a Facebook employee posted content that was reported to us and violated our policies, the content would be removed. Question 44. Recording artist Taylor Swift recently released a cover of Earth, Wind & Fire’s “September.” In response, Nathaniel Friedman, an author at GQ magazine, stated that “Taylor Swift’s cover of ‘September’ is hate speech.” Does Facebook agree? 46 We define hate speech as a direct attack on people based on what we call protected characteristics—race, ethnicity, national origin, religious affiliation, sexual orientation, sex, gender, gender identity, and serious disability or disease. We also provide some protections for immigration status. We define attack as violent or dehumanizing speech, statements of inferiority, and calls for exclusion or segregation. Our detailed hate speech policies are available at https://www.facebook.com/communitystandards/objectionable content/hate speech. We generally do not assess whether content violates our policies (including our hate speech policy) unless it is part of our normal content review process. Context matters in making what can be a difficult determination in some cases. Sometimes, it’s obvious that something is hate speech and should be removed—because it includes the direct incitement of violence against people possessing protected characteristics, or degrades or dehumanizes people. Sometimes, however, there isn’t a clear consensus—because the words themselves are ambiguous, the intent behind them is unknown or the context around them is unclear. Language also continues to evolve, and a word that was not a slur yesterday may become one today. Question 45. In response, Monique Judge, an author at The Root, stated that “Taylor Swift needs her *** whooped.” Is this statement hate speech? See Response to Question 44. Question 46. It was reported that Democratic D.C. Councilman Trayon White posted a video on his Facebook page blaming a recent snowstorm on wealthy Jewish families. According to USA Today, White said: “It just started snowing out of nowhere this morning, man. Y’all better pay attention to this climate control, man, this climate manipulation,” which White attributed to “the Rothschilds controlling the climate to create natural disasters they can pay for to own the cities, man.” Yes or no: Does Facebook consider this video or this quote hate speech? See Response to Question 44. Yes or no: Did Facebook remove this video from its platform? If so, when? If not, why not? See Response to Question 44. Question 47. Multiple authors for the website Vox, including its founder, Ezra Klein, have described Charles Murray’s book, The Bell Curve, as “hate speech.” Similarly, the leftwing Southern Poverty Law Center perplexingly describes Murray as a “white nationalist,” largely relying on its depiction of The Bell Curve. Does The Bell Curve qualify as “hate speech” for purposes of Facebook’s policies? See Response to Question 44. If so, what portions of The Bell Curve qualify as “hate speech?” Please provide quotations with page numbers for these portions. 47 See Response to Question 44. If not, do Facebook’s content policies prohibit a false claim that someone has engaged in “hate speech?” See Response to Question 44. Question 48. What procedures or penalties does Facebook employ, if any, to discourage false claims that someone has engaged in hate speech? See Response to Question 44. Question 49. Are any portions of the Bible, quoted verbatim and with citation, subject to removal as: “Hate speech?” If so, please list the quotations and under which translation Facebook considers the quote “hate speech.” See Response to Question 44. Harassment? If so, please list the quotations and under which translation Facebook considers the quote harassment. We do not tolerate harassment on Facebook because we want people to feel safe to engage and connect with their community. Our harassment policy applies to both public and private individuals and includes behavior like repeatedly contacting a single user despite that person’s clear desire and action to prevent that contact and repeatedly contacting large numbers of people with no prior solicitation. It also applies to calls for death, serious disease or disability, or physical harm aimed at an individual or group of individuals in a message thread. Context and intent matter, however, and we allow people to share and re-share posts if it is clear that something was shared in order to condemn or draw attention to harassment. The detailed guidelines our reviewers use to assess whether content violates our hate speech policies are available at https://www.facebook.com/communitystandards/safety/harassment. We released our updated Community Standards—which reflect the guidelines our reviewers use to evaluate content that is reported to us—in order to better demonstrate where we draw lines on complex and continuously evolving issues. We also simultaneously launched an appeals process for content that has been removed for nudity/sexual activity, hate speech, and graphic violence. With this launch, we are giving people an opportunity to request review of our decisions and provide additional context that will help our team see a more complete picture as they review the post again. This type of feedback allows us to continue improving our systems and processes so we can prevent similar mistakes in the future. Question 50. On April 19, 2018, the California State Assembly voted in favor of a bill, AB 2943, which would make it an “unlawful business practice” to engage in any transaction for a good or service that seeks “to change an individual’s sexual orientation” The bill clarifies that this includes efforts to “change behaviors or gender expressions, or to eliminate or reduce sexual or romantic attractions or feelings toward individuals of the same sex.” 48 Multiple legal experts have observed that the bill’s language, reasonably interpreted, could be read to outlaw the sale and purchase of books, such as the Bible, the Torah, and the Koran, which advocate for traditional sexual ethics. Yes or no: Does Facebook believe that books, such as the Bible, the Torah, and the Koran, which advocate for traditional sexual ethics, constitute hate speech? See Response to Question 44. Yes or no: Does Facebook consider any part of the Bible, the Torah, and/or the Koran hate speech? If so, what parts of the Bible, the Torah, and/or the Koran qualify? Please provide quotations with page numbers for each part identified as hate speech. See Response to Question 44. Yes or no: Does Facebook believe that the messages contained in books, such as the Bible, the Torah, and the Koran, which advocate for traditional sexual ethics (i.e. that sex should be had only within a marriage between one man and one woman), should be discouraged from public dissemination? See Response to Question 44. Yes or no: Does Facebook agree with the California State Assembly that goods or services that seek to change behaviors or gender expressions deserve to be discouraged, muted, or banned? See Response to Question 44. Yes or no: Does Facebook agree with the California State Assembly that goods or services that seek to eliminate or reduce sexual or romantic attractions or feelings toward individuals of the same sex deserve to be discouraged, muted, or banned? See Response to Question 44. Yes or no: In the event AB 2943 is fully enacted into law, will Facebook comply with its provisions by removing, denying, downgrading, concealing, or otherwise censoring content and advertisements restricted by the bill? If so, does Facebook intend to remove, deny, downgrade, conceal, or otherwise censor content and advertisements that pertain to the Bible, the Torah, the Koran, and other books which advance traditional sexual ethics. See Response to Question 44. Question 51. If an individual posted any of the following statements, standing alone and not directed to any Facebook user in particular, would that statement violate Facebook’s “hate speech” policy? To the extent that the decision would depend on additional facts, please describe whether the statement would prompt an investigation to determine whether it constitutes “hate speech,” and whether the decision would involve algorithmic or human decision making. 49 There are only two sexes or two genders, male and female. Bathroom segregation based on sex is similar to segregation based on race. God created man in his image, male and female. Gender is a social construct. A person’s sex or gender are immutable characteristics. Sex reassignment surgery is a form of bodily mutilation. The abortion of an unborn child is murder. It should be a crime to perform or facilitate an abortion. It should be a crime to prevent someone from performing or obtaining an abortion. No person of faith should be required to assist a same-sex wedding by providing goods or services to a same-sex marrying couple. When an individual enters the marketplace, he gives up the right to choose whether to support a same-sex marriage. Islam is a religion of peace. Islam is a religion of war. All white people are inherently racist. All black people are inherently racist. Black lives matter. Blue lives matter. All lives matter. Donating to the NRA funds the murder of children, such as those slain in Parkland, Florida. Donating to Planned Parenthood funds the murder of children, such as those dismembered by Kermit Gosnell. Men should stop interrupting when women are talking. Women should stop interrupting when men are talking. DREAMers are Americans too and should be entitled to stay in this country. 50 Illegal aliens need to be sent back. Religious beliefs are irrational and anti-science. Non-believers have no path to eternal salvation. aa) Affirmative Action policies discriminate on the basis of race and sex. bb) America is a “melting pot.” See Response to Question 44. Question 52. Facebook states on its website that per its community standards, “organizations and people dedicated to promoting hatred” against protected groups are not allowed a presence on Facebook. What standards or policies does Facebook apply in determining whether a group violates this policy? See Response to Question 32. Yes or no: Does Facebook contract with or in any way rely upon an outside party to determine what organizations and people are dedicated to promoting hatred against protected groups? If yes, please list the outside parties. See Response to Question 32. Yes or no: Has Facebook ever referenced, used, consulted, or in any way relied upon the left-wing Southern Poverty Law Center’s list of designated hate groups in order to determine whether an organization or individual was dedicated to promoting hatred against protected groups? See Response to Question 32. Yes or no: Has Facebook ever denied an organization a presence on Facebook on account of the organization being dedicated to promoting hatred? If so, has Facebook ever reversed its decision to designate an organization a hate group under its community standards and reinstated the organization’s privilege to post and have a presence on Facebook? See Response to Question 32. Question 53. One group on Facebook, “TERMINATE the Republican Party,” has over 10,000 followers, one of which was James T. Hodgkinson. In June 2017, Hodgkinson opened fire on Republican members of Congress at a baseball practice, seriously wounding Rep. Steve Scalise, a congressional staffer, and two heroic police officers. Quotes from this group’s posts and comments include that “These people are all the same, criminals, rapists, racists, Republicans;” that, about Rep. Patrick McHenry, “who gives birth to sorry pieces of s*** like him and allowed it to reach adulthood, truly needs a f*****g hammer to the head a few times;” and, referring to the President, “G*****n Russian roach traitor bastard 51 . . . and his Republicanazi followers!” Each of these quotes took place long after Hodgkinson’s shooting, though similar quotes are available from before it as well. Do these quotes constitute “hate speech?” If so, why have they not been removed? If not, why do they not? If applied to Democrats, would the quotes above constitute “hate speech?” How has Facebook changed its platform in response to Hodgkinson’s shooting? It has apparently not suspended or ended this group. Does it concern Facebook that such rhetoric is being used in a group which had an attempted political assassin as a member? Does Facebook permit threats of violence against the President? Does Facebook permit threats of violence against members of Congress? Does Facebook monitor its platforms for potential left-wing violence? If so, what is Facebook doing to ensure that shooters like Hodgkinson do not coordinate using Facebook? If so, what is Facebook doing to ensure that shooters like Hodgskinson do not use Facebook to incite violence against Republicans or conservatives? If not, why is Facebook not doing so given that its platform was integral to at least one attempted political assassination? The shooting at the Congressional baseball practice was a horrendous act. As a designated mass shooting, any praise for that conduct or the shooter is against Facebook policies. We also do not allow any Pages or accounts representing the shooter. If we are made aware of such comments, we would take them down. We define hate speech as a direct attack on people based on what we call protected characteristics—race, ethnicity, national origin, religious affiliation, sexual orientation, sex, gender, gender identity, and serious disability or disease. We also provide some protections for immigration status. Political-party affiliation is not included in our list of protected characteristics. We define attack as violent or dehumanizing speech, statements of inferiority, and calls for exclusion or segregation. Our detailed hate speech policies are available at https://www.facebook.com/communitystandards/objectionable content/hate speech. Our credible violence policies prohibit posting credible statements of intent to commit violence against any person, groups of people, or place (city or smaller). We assess credibility 52 based upon the information available to us and generally consider statements credible if the following are present: • A target (person, group of people, or place) and: o Bounty/demand for payment, or o Mention or image of specific weapon, or o Sales offer or ask to purchase weapon, or o Spelled-out address or named building, or • A target and 2 or more of the following details (can be 2 of the same detail): o Location o Timing o Method We also prohibit calls for violence, statements advocating violence, or aspirational or conditional statements of violence targeting public individuals, provided those statements are credible, as defined above. Any calls for violence against heads of state, including the United States President, violate our policies. There are times someone might share something that would otherwise be considered hate speech but for non-hateful reasons, such as making a self-deprecating joke or quoting lyrics from a song. People often use satire and comedy to make a point about hate speech. In other cases, people may speak out against hatred by condemning someone else’s use of offensive language, which requires repeating the original offense. This is something we allow, even though it might seem questionable since it means some people may encounter material disturbing to them. Question 54. In July 2012, Governor Mike Huckabee praised Chick-fil-A because of its support for traditional marriage and called on Christians to support Chick-fil-A in its position by purchasing its products. Facebook temporarily removed Governor Huckabee’s post from its service before reinstating it. Why was Governor Huckabee’s post removed? What Facebook rule was Governor Huckabee’s post thought to have violated before it was reinstated? Did Governor Huckabee’s post violate Facebook’s prohibition on “hate speech,” either in 2012 or now? Does a post opposing the Supreme Court’s decision in Obergefell v. Hodges violate Facebook’s prohibition on “hate speech?” 53 Does a post opposing legalized same-sex marriage violate Facebook’s prohibition on “hate speech?” As of July 2012, had Facebook removed, downgraded, concealed, or otherwise censored any content created by a state Governor, member of the U.S. House of Representatives, member of the U.S. Senate, or the President on account of that individual’s support for same-sex marriage? If so, please include the removed content including identifying information indicating its author. As of July 2012, had Facebook removed, downgraded, concealed, or otherwise censored any other content created by a state Governor, member of the U.S. House of Representatives, member of the U.S. Senate, or the President on account of that individual’s opposition to same-sex marriage? If so, please include the removed content including identifying information indicating its author. Has, since July 2012, Facebook removed, downgraded, concealed, or otherwise censored any posts by a state Governor, member of the U.S. House of Representatives, member of the U.S. Senate, or the President on account of that individual’s (or that content’s) opposition to same-sex marriage? If so, please include the removed post identifying information indicating its author. Has, since July 2012, Facebook removed, downgraded, concealed, or otherwise censored any posts by a state Governor, member of the U.S. House of Representatives, member of the U.S. Senate, or the President on account of that individual’s (or that content’s) support for same-sex marriage? If so, please include the removed post identifying information indicating its author. Under what circumstances does Facebook remove, downgrade, conceal, or otherwise censor content that, though not threatening physical harm, promoting imminent physical self-harm, or advocating for terrorism, opposes same-sex marriage? Under what circumstances does Facebook remove, downgrade, conceal, or otherwise censor content that, though not threatening physical harm, promoting imminent physical self-harm, or advocating for terrorism, supports same-sex marriage? In July 2012, our automated systems incorrectly removed an event page entitled “Chickfil-A Appreciation Day.” The page was restored within hours of coming to our attention. When we make mistakes on these important content decisions, we make every attempt to make it right as quickly as we can. Our goal is to allow people to have as much expression as possible, including on the issue of same-sex marriage. We err on the side of allowing content, even when some find it objectionable, unless removing that content prevents a specific harm. See also Response to Question 44. Question 55. As described in the Washington Post, in October 2012, Facebook removed a post by a group called “Special Operations Speaks.” The post said: “Obama called the 54 SEALS and THEY got bin Laden. When the SEALs called Obama, they got denied,” a reference to the failure of the Executive Branch to provide military support to Americans under assault, and later killed, in Benghazi. Facebook first warned the group that the post violated its rules and then subsequently removed the post as a violation of “Facebook’s Statements of Rights and Responsibilities.” Facebook further suspended Special Operations Speaks for 24 hours following the removal. Facebook later admitted error and permitted the content to remain on its platform. Why was Special Operations Speaks’ post removed? What term of Facebook’s then-extant 2012 Statement of Rights and Responsibilities was Special Operations Speaks’ post thought to have violated before Facebook reversed its decision? Yes or no: Did any member of the Obama Administration, including any administrative agency then-directed by an executive official appointed by the Obama administration, contact Facebook to request that the post be removed? If so, whom? What was Facebook’s response? Yes or no: Did Facebook assure any government official or employee that this post would be removed? If so, whom? Did Special Operations Speaks’ post violate Facebook’s prohibition on “hate speech,” either in 2012 or now? As of October 2012, had Facebook removed, downgraded, concealed, or otherwise censored any other content created by a political action committee on the basis of that content’s disapproval of how the Obama administration handled the attack on U.S. diplomats and servicemen in Benghazi? If so, please include the removed content including identifying information about its author. As of October 2012, had Facebook removed, downgraded, concealed, or otherwise censored any content created by a political action committee on the basis of that content’s approval of how the Obama administration handled the attack on U.S. diplomats and servicemen in Benghazi? If so, please include the removed content including identifying information about its author. Has, since October 2012, Facebook removed, downgraded, concealed, or otherwise censored any posts by a political action committee on the basis of that content’s disapproval of how the Obama administration handled the attack on U.S. diplomats and servicemen in Benghazi? If so, please include the removed content including identifying information about its author. Has, since October 2012, Facebook removed, downgraded, concealed, or otherwise censored any posts by a political action committee on the basis of that content’s 55 disapproval of how the Obama administration handled the attack on U.S. diplomats and servicemen in Benghazi? If so, please include the removed content including identifying information about its author. Under what circumstances does Facebook remove, downgrade, conceal, or otherwise censor content that, though not threatening physical harm, promoting imminent physical self-harm, or advocating for terrorism, opposes the Obama Administration’s handling of the attacks on U.S. diplomats and servicemen in Benghazi? Under what circumstances does Facebook remove, downgrade, conceal, or otherwise censor content that, though not threatening physical harm, promoting imminent physical self-harm, supports the Obama Administration’s handling of the attacks on U.S. diplomats and servicemen in Benghazi? In this particular case, we removed the content as a violation of our standards. The content was deleted for 29 hours. However, we realized that we made a mistake, and we restored the content and apologized for the error. We define hate speech as a direct attack on people based on what we call protected characteristics—race, ethnicity, national origin, religious affiliation, sexual orientation, sex, gender, gender identity, and serious disability or disease. We also provide some protections for immigration status. We define attack as violent or dehumanizing speech, statements of inferiority, and calls for exclusion or segregation. Our detailed hate speech policies are available at https://www.facebook.com/communitystandards/objectionable content/hate speech. Our Community Standards prohibit hate speech and celebrating graphic violence and allow people to use Facebook to raise awareness of and condemn violence. Drawing that line requires complex and nuanced judgments, and we carefully review reports that we receive from the public, media, civil society, and governments. We remove content that violates our policies, regardless of who posted the content. Question 56. In September 2017, Facebook deemed the videos of two African American Trump supporters, known as Diamond and Silk, as “dangerous.” In a company email, Facebook stated that the decision was final and “not appealable in any way.” Facebook then retracted this statement, explaining that the determination was inaccurate. What about Diamond and Silk did Facebook initially determine to be “dangerous?” What is Facebook’s criteria for determining whether content that neither depicts nor advocates for violence as “dangerous?” Aside from the illustration of or advocacy for violence, under what conditions is the discussion of non-classified speech “dangerous?” Has Facebook implemented an appeals system by which users can challenge a determination of dangerousness? How often does Facebook retract these determinations? 56 What is the internal review process for these types of determinations? We mishandled communication with Diamond and Silk for months. Their frustration was understandable, and we apologized to them. The message they received on April 5, 2018 that characterized their Page as “dangerous” was incorrect and not reflective of the way we seek to communicate with our community and the people who run Pages on our platform. As part of our commitment to continually improve our products and to minimize risks where human judgment is involved, we are making a number of changes: • We have engaged an outside advisor, former Senator Jon Kyl, to advise the company on potential bias against conservative voices. We believe this external feedback will help us improve over time and ensure we can most effectively serve our diverse community. • We continue to expand our list of outside organizations from across the political spectrum to provide feedback on potential changes to our content standards. • We have made our detailed reviewer guidelines public to help people understand how and why we make decisions about the content that is and is not allowed on Facebook. • We have launched an appeals process to enable people to contest content decisions with which they disagree. We recognize that we make enforcement errors on both sides of the equation—what to allow, and what to remove—and that our mistakes cause a great deal of concern for people, which is why we need to allow the option to request review of the decision and provide additional context that will help our team see the fuller picture as they review the post again. This type of feedback will allow us to continue improving our systems and processes so we can prevent similar mistakes in the future. See also Response to Question 44. Question 57. In October 2017, the social-media company Twitter refused to permit Representative Marsha Blackburn to pay to promote a campaign advertisement because Rep. Blackburn stated that she fought to stop the sale of children’s body parts. Twitter’s explanation was that Blackburn’s critique of “the sale of baby body parts” was an “inflammatory statement” that Twitter refused to advertise. Does Representative Blackburn’s campaign advertisement (available readily on the internet) violate Facebook’s policies regarding acceptable advertisements? Does Representative Blackburn’s campaign advertisement violate Facebook’s policies against “hate speech?” Would the statement, standing alone, that Planned Parenthood sells baby body parts qualify as “hate speech?” 57 Would Facebook censor or otherwise downgrade or make unavailable the statement that Planned Parenthood sells baby body parts for any other reason? As Facebook indicated publicly in October 2017, Representative Blackburn’s campaign advertisement, in which she mentioned “the sale of baby body parts” does not violate our Advertising Policies or our Community Standards. We work to strike the right balance between enabling free expression around the globe and ensuring that our platform is safe. We currently define hate speech as anything that directly attacks people based on protected characteristics—race, ethnicity, national origin, religious affiliation, sexual orientation, sex, gender, gender identity, or serious disability or disease. We remove content that violates our policies, regardless of who posted the content, including the government. Our policies allow content that may be controversial and at times even distasteful, but which does not cross the line into hate speech. This may include criticism of public figures, religions, professions, and political ideologies. Question 58. Louis Farrakhan presently employs Facebook to reach numerous individuals. At present, he has over a million followers. See Response to Question 59. Question 59. On his Facebook page, Farrakhan links to an open letter of his which states: “We can now present to our people and the world a true, undeniable record of the relationship between Blacks and Jews from their own mouths and pens. These scholars, Rabbis and historians have given to us an undeniable record of Jewish anti-Black behavior, starting with the horror of the trans-Atlantic slave trade, plantation slavery, Jim Crow, sharecropping, the labor movement of the North and South, the unions and the misuse of our people that continues to this very moment.” Does this statement violate Facebook’s policies against “hate speech?” If so, why has this post been permitted to remain? If not, why not? On his Facebook page, Farrakhan links to a sermon in which he describes the “Synagogue of Satan” and its attempts to harm him. Is the term “Synagogue of Satan” a violation of Facebook’s policies against “hate speech?” If so, why has this post been permitted to remain? If not, why not? We are committed to designing our products to give all people a voice and foster the free flow of ideas and culture. That said, when something crosses the line into hate speech, it has no 58 place on Facebook, and we are committed to removing it from our platform any time we become aware of it. We define hate speech as a direct attack on people based on what we call protected characteristics—race, ethnicity, national origin, religious affiliation, sexual orientation, sex, gender, gender identity, and serious disability or disease. We also provide some protections for immigration status. We define attack as violent or dehumanizing speech, statements of inferiority, and calls for exclusion or segregation. The detailed guidelines our reviewers use to assess whether content violates our hate speech policies are available at https://www.facebook.com/communitystandards/objectionable_content/hate_speech. Question 60. In June 2013, Facebook blocked the following post written by Fox News Radio’s Todd Starnes for violating Facebook’s community standards, “I’m about as politically incorrect as you can get. I’m wearing an NRA ball cap, eating a Chick-fil-A sandwich, reading a Paula Deen cookbook and sipping a 20-ounce sweet tea while sitting in my Cracker Barrel rocking chair with the Gather Vocal Band singing ‘Jesus Saves’ on the stereo and a Gideon’s Bible in my pocket. Yes sir, I’m politically incorrect and happy as a June bug.” Although Facebook ultimately reversed its decision, for several hours, Todd Starnes could not access either his fan or person page. Why was Todd Starnes’ post removed? What Facebook rule was Todd Starnes’ post thought to have violated before it was reinstated? Was any part of Starnes’ statement “hate speech?” Was any part of Starnes’ statement considered harassment? Yes or no: must posted content be “politically correct” to remain in accordance with Facebook’s community standards? Is a statement that something is not “politically correct” a violation of Facebook’s standards? The page where Todd Starnes posted the content was not unpublished. He was the administrator that made the post, and the action was taken on his profile. He posted the content at around 2 am on June 29, 2013, and it was restored shortly before 10 am the same day. During that time, he did not lose his ability to access either his profile or his page, just the post itself. When we reinstated the post, we sent him an apology the same day. Our policies apply equally to individuals and entities across the political spectrum. We are committed to designing our products to give all people a voice and foster the free flow of ideas and culture. That said, when something crosses the line into hate speech, it has no place on Facebook, and we are committed to removing it from our platform any time we become aware of it. 59 We recognize that our policies are only as good as the strength and accuracy of our enforcement—and our enforcement is not perfect. We make mistakes because our processes involve people, and people are not infallible. We are always working to improve. When we’re made aware of incorrect content removals, we review them with team members so as to prevent similar mistakes in the future. We also audit the accuracy of reviewer decisions on an ongoing basis to coach them and follow up on improving, where errors are being made. We hope that our recent decision to publicize our detailed Community Standards—which reflect our internal reviewer guidelines—and the introduction of appeals will aid in this process. By providing more clarity on what is and isn’t allowed on Facebook, we hope that people will better understand how our policies apply to them. For some violation types, where people believe we have made a mistake, they can request review of our decisions, and we are working to extend this process further by supporting more violation types. See also Response to Question 44. Question 61. How many individuals at Facebook have the ability to moderate, remove, downgrade, conceal, or otherwise censor content, ban, suspend, warn, or otherwise discipline users, or approve, price, review, or refuse advertisements on the platform? This question includes individuals with the power to alter search results and similar mechanisms that suggest additional content to users in order to to promote or demote content, whether individually or routinely through an algorithm or by altering any of the platform’s search functions. (Please include all employees, independent contractors, or others with such ability at Facebook.) Into what divisions or groups are those individuals organized? Who are the individuals responsible for supervising these individuals as their conduct relates to American citizens, nationals, businesses, and groups? We understand from your April 10 testimony that Facebook has approximately 15,000 to 20,000 moderators. How many individuals have the responsibility to moderate, remove, downgrade, conceal, or otherwise censor content, ban, suspend, warn, or otherwise discipline users, or approve, price, review, or refuse advertisements as a primary or significant function of their role at Facebook? This question includes individuals with the power to alter search results and similar mechanisms that suggest additional content to users in order to to promote or demote content, whether individually or routinely through an algorithm or by altering any of the platform’s search functions. (Going forward, we will refer to these individuals, with a primary or significant responsibility for reviewing content, users, or advertisements, as “moderators.”) Who are the individuals responsible for supervising these moderators as their conduct relates to American citizens, nationals, businesses, and groups? How many moderators has Facebook had on its platform for each of the calendar years 2006 to 2018? Please provide approximations if exact numbers are impossible to obtain. 60 How many moderators does Facebook intend to retain for the years 2019 and 2020? On average, how many pieces of content (e.g., a Facebook post, an Instagram photo, and so on) does a moderator remove a day? On average, how many users does a moderator discipline a day? On average, how many advertisements does a moderator approve, disapprove, price, consult on, review, or refuse a day? Our content reviewers respond to millions of reports each week from people all over the world. Our community of users helps us by reporting accounts or content that may violate our policies. Our content review teams around the world—which grew by 3,000 people last year— work 24 hours a day and in dozens of languages to review these reports. By the end of 2018, we will have doubled the number of people working on safety and security as compared to the beginning of the year—to a total of 20,000. To help the Facebook community better understand our efforts to enforce the Community Standards, we recently published a Community Standards Enforcement Preliminary Report (https://transparency.facebook.com/community-standards-enforcement) describing the amount and types of content we take action against, as well as the amount of content that we flag for review proactively. We are also committed to getting better at enforcing our advertising policies. We review many ads proactively using automated and manual tools, and reactively when people hide, block, or mark ads as offensive. We are taking aggressive steps to strengthen both our automated and our manual review. We are also expanding our global ads review teams and investing more in machine learning to better understand when to flag and take down ads, such as ads that offer employment or credit opportunity while including or excluding multicultural advertising segments. Enforcement is never perfect, but we will get better at finding and removing improper ads. As to the questions regarding ranking and algorithmic changes, see Response to Question 66. Question 62. What percentage of Facebook’s moderators: Self-identify or are registered as Democrats? Self-identify or are registered as Republicans? Would identify themselves as “liberal?” Would identify themselves as “conservative?” Have donated to: 61 The Democratic Party? A candidate running for office as a Democrat? A cause primarily affiliated with or supported by the Democratic Party? A cause primarily affiliated with or supported by liberal interest groups? A political action committee primarily advocating for the Democratic Party, Democratic candidates or office-holders, or causes primarily supported by the Democratic Party? The Republican Party? A candidate running for office as a Republican? A cause primarily affiliated with or supported by the Republican Party? A cause primarily affiliated with or supported by conservative interest groups? A political action committee primarily advocating for the Republican Party, Republican candidates or office-holders, or causes primarily supported by the Republican Party? Worked on or volunteered for a Democratic campaign? Worked on or volunteered for a Republican campaign? Worked on, interned for, or volunteered for a Democratic legislator, State or federal? Worked on, interned for, or volunteered for a Republican legislator, State or federal? Worked on or interned for a Democratic administration or candidate? Worked on or interned for a Republican administration or candidate? We do not maintain statistics on these data points. Question 63. What percentage of Facebook’s employees: Self-identify or are registered as Democrats? Self-identify or are registered as Republicans? Self-identify as “liberal?” Self-identify as “conservative?” Have donated to: 62 The Democratic National Committee, the Democratic Congressional Campaign Committee, or the Democratic Senatorial Campaign Committee? A candidate running for office as a Democrat? A cause primarily affiliated with or supported by the Democratic Party? A cause primarily affiliated with or supported by liberal interest groups? A political action committee primarily advocating for the Democratic Party, Democratic candidates or office-holders, or causes primarily supported by the Democratic Party? The Republican National Committee, the National Republican Senate Committee, or the National Republican Congressional Committee? A candidate running for office as a Republican? A cause primarily affiliated with or supported by the Republican Party? A cause primarily affiliated with or supported by conservative interest groups? A political action committee primarily advocating for the Republican Party, Republican candidates or office-holders, or causes primarily supported by the Republican Party? Worked on, interned for, or volunteered for a Democratic candidate campaigning for elected office or an elected Democratic official or candidate? Worked on, interned for, or volunteered for a Republican campaigning for elected office or an elected Republican official or candidate? We do not maintain statistics on these data points. Question 63. What percentage of Facebook’s management: Self-identify or are registered as Democrats? Self-identify or are registered as Republicans? Self-identify as “liberal?” Self-identify as “conservative?” Have donated to: The Democratic National Committee, the Democratic Congressional Campaign Committee, or the Democratic Senatorial Campaign Committee? A candidate running for office as a Democrat? 63 A cause primarily affiliated with or supported by the Democratic Party? A cause primarily affiliated with or supported by liberal interest groups? A political action committee primarily advocating for the Democratic Party, Democratic candidates or office-holders, or causes primarily supported by the Democratic Party? The Republican National Committee, the National Republican Senate Committee, or the National Republican Congressional Committee? A candidate running for office as a Republican? A cause primarily affiliated with or supported by the Republican Party? A cause primarily affiliated with or supported by conservative interest groups? A political action committee primarily advocating for the Republican Party, Republican candidates or office-holders, or causes primarily supported by the Republican Party? Worked on, interned for, or volunteered for an elected Democratic official or candidate? Worked on, interned for, or volunteered for an elected Republican official or candidate? We do not maintain statistics on these data points. Question 64. What percentage of Facebook’s executives: Self-identify or are registered as Democrats? Self-identify or are registered as Republicans? Self-identify as “liberal?” Self-identify as “conservative?” Have donated to: The Democratic National Committee, the Democratic Congressional Campaign Committee, or the Democratic Senatorial Campaign Committee? A candidate running for office as a Democrat? A cause primarily affiliated with or supported by the Democratic Party? A cause primarily affiliated with or supported by liberal interest groups? A political action committee primarily advocating for the Democratic Party, Democratic candidates or office-holders, or causes primarily supported by the Democratic Party? 64 The Republican National Committee, the National Republican Senate Committee, or the National Republican Congressional Committee? A candidate running for office as a Republican? A cause primarily affiliated with or supported by the Republican Party? A cause primarily affiliated with or supported by conservative interest groups? A political action committee primarily advocating for the Republican Party, Republican candidates or office-holders, or causes primarily supported by the Republican Party? Worked on, interned for, or volunteered for an elected Democratic official or candidate? Worked on, interned for, or volunteered for an elected Republican official or candidate? We do not maintain statistics on these data points. Question 65. How many employees has Facebook hired that previously worked for 501(c)(3) or 501(c)(4) nonprofits? Please list the names of the 501(c)(3) and 501(c)(4) organizations employees have previously worked for and the number of employees for each. We do not maintain statistics on these data points. Question 66. Based on your testimony, we understand that Facebook conducts many of its editorial and moderating decisions using one or more algorithms. What editorial and moderating functions do these algorithms undertake? List and describe the factors that the algorithm evaluates and considers. Describe what if any human oversight or auditing is in place to review the algorithm’s functions. Do any of the factors in these algorithms associated with promoting, demoting, flagging, removing, suggesting, or otherwise altering the visibility of content correlate strongly (defined as meeting any generally accepted threshold for strong correlation using any generally accepted bivariate or multivariate analysis technique, including, but not limited to, chi-square, ANOVA, MANCOVA, Probit, Logit, regression, etc.) with any of the following traits (if so, please list which factor and its correlation): Self-identification with the Democratic Party? Registration as a Democrat? Self-identification as a liberal? Self-identification with the Republican Party? 65 Registration as a Republican? Self-identification as a conservative? Do any of these factors correlate significantly (p greater than or equal to .05) with any of the following traits (if so, please list which factor and its correlation): Self-identification with the Democratic Party? Registration as a Democrat? Self-identification as a liberal? Self-identification with the Republican Party? Registration as a Republican? Self-identification as a conservative? A user’s News Feed is made up of stories from their friends, Pages they’ve chosen to follow and groups they’ve joined. Ranking is the process we use to organize all of those stories so that users can see the most relevant content at the top, every time they open Facebook. Ranking has four elements: the available inventory of stories; the signals, or data points that can inform ranking decisions; the predictions we make, including how likely we think a user is to comment on a story, share with a friend, etc.; and a relevancy score for each story. News Feed considers thousands of signals to surface the content that’s most relevant to each person who uses Facebook. Our employees don’t determine the ranking of any specific piece of content. To help the community understand how News Feed works and how changes to News Feed affect their experience on Facebook, we publish a regularly-updated News Feed FYI blog (https://newsroom.fb.com/news/category/inside-feed/) where our team shares details of significant changes. Question 67. What percentage of the individuals who design, code, implement, monitor, correct, or alter any of these algorithms: Self-identify as Democrats? Are registered as Democrats? Self-identify as liberal? Self-identify as Republicans? Are registered as Republicans? Self-identify as conservative? We do not maintain statistics on these data points. 66 Question 68. In 2016, in response to complaints about “fake news” during the 2016 Presidential campaign and following President Trump’s election, Facebook procured the services of specific “fact-checking” outlets in order to flag certain stories or sources as disputed, challenged, or incorrect. Earlier this year, it additionally changed one or more of the algorithms that recommend websites to users, such as users’ news feeds. On what basis did Facebook select the fact-checking organizations that it enlisted to identify incorrect assertions of fact? Numerous sources have cited the presence of political bias in many “fact- checking” organizations; for example, according to one 2013 study by George Mason University’s Center for Media and Public Affairs, the site Politifact.com-- which Facebook employs to check facts on its platform--was between two and three times more likely to rate Republicans’ claims as false (32%) than Democrats’ claims (11%), and was between two and three times more likely to rate Democrats’ statements as mostly or entirely true (54%) compared to Republicans’ statements (18%). Indeed, the RealClearPolitics “Fact Check Review” notes that, in the last 120 days, approximately 1/6th of “facts” that Politifact.com claims to check aren’t facts at all, but mere opinions. What steps does Facebook take to counteract liberal or left-wing bias by fact-checking outlets? What steps does Facebook intend to take to bring political balance to its fact-checking review process? What mechanisms for appealing a determination that a statement is false or otherwise disagreed-with does Facebook make available to entities that Politifact (or others) accuse(s) of lying? If none exist, what mechanisms does Facebook intend to make available? If none exist, to what extent will Facebook make its review of these claims publicly visible? Has Facebook ever labeled claims or articles by any of the following entities as false? If so, please identify which claims and when. Huffington Post Salon Slate ThinkProgress Media Matters for America ShareBlue 67 The Daily Kos Vice Vox To reduce the spread of false news, one of the things we’re doing is working with thirdparty fact checkers to let people know when they are sharing news stories (excluding satire and opinion) that have been disputed or debunked, and to limit the distribution of stories that have been flagged as misleading, sensational, or spammy. Third-party fact-checkers on Facebook are signatories to the non-partisan International Fact-Checking Network Code of Principles. Thirdparty fact-checkers investigate stories in a journalistic process meant to result in establishing the truth or falsity of the story. In the United States, Facebook uses third-party fact-checking by the Associated Press, Factcheck.org, PolitiFact, Snopes, and the Weekly Standard Fact Check. Publishers may reach out directly to the third-party fact-checking organizations if (1) they have corrected the rated content, or if (2) they believe the fact-checker’s rating is inaccurate. To issue a correction, the publisher must correct the false content and clearly state that a correction was made directly on the story. To dispute a rating, the publisher must clearly indicate why the original rating was inaccurate. If a rating is successfully corrected or disputed, the demotion on the content will be lifted and the strike against the domain or Page will be removed. It may take a few days to see the distribution for the domain or Page recover. Additionally, any recovery will be affected by other false news strikes and related interventions (like demotions for clickbait). Corrections and disputes are processed at the fact-checker’s discretion. Fact-checkers are asked to respond to requests in a reasonable time period—ideally one business day for a simple correction, and up to a few business days for more complex disputes. We want Facebook to be a place where people can discover more news, information, and perspectives, and we are working to build products that help. As to the questions regarding ranking and algorithmic changes, see Response to Question 66. Question 69. TalkingPointsMemo Does Facebook consider the basis for a fact-checker’s determination that something is “false” when choosing to label it as such? For example, as numerous media outlets have noted, some fact-checking outlets concede that the factual statement a public figure has made is true, but then condemn it for lacking “context” or spin favorable to a left-wing politician. If so, how does Facebook consider it? If not, does Facebook intend to do so in the future? And if so, how? If not, why not? 68 When one of Facebook’s fact-checkers determines that a claim is false, how does Facebook determine what material to refer a user to in response? Please list all such sources and any method relied on for determining their priority. Facebook’s 2018 alteration of its algorithm has had a noted and outsized impact on traffic to conservative websites while not having a similar effect on liberal websites. At least one study by the Western Journal estimated liberal publishers’ traffic from Facebook rose approximately 2% following the change, while conservative publishers’ traffic declined approximately 14%. In what way(s) did Facebook change its content-screening or news- suggesting algorithms, or any other feature of its website which suggests content to users, in this 2018 instance? Were any components of these changes intended to have a differential impact on conservative outlets versus liberal ones? Were any components of these changes expected to have a differential impact on conservative outlets versus liberal ones? Measured against pre-change traffic, how has the traffic of liberal publishers changed following this 2018 instance? Measured against pre-change traffic, how has the traffic of conservative publishers changed following this 2018 instance? Measured against pre-change traffic, how has this 2018 instance changed the traffic of the following publishers: The Washington Post The New York Times The Washington Times The New York Post The New York Daily News Fox News National Review The Daily Beast Huffington Post Buzzfeed Newsweek 69 The Daily Wire Vice USA Today Salon Slate Vox The Daily Caller The Blaze PJ Media The Washington Free Beacon Reuters The Associated Press National Public Radio Bloomberg Does Facebook intend to do anything to reduce the differential effect on its recent algorithmic changes on conservative publishers? If so, what? If not, why not? See Response to Question 68. Question 70. Facebook’s Help section explains that the posts that users see are influenced by their connections and activity on Facebook, including the number of comments, likes, and reactions a post receives and what kind of story it is. Some reporting suggests that Facebook’s algorithm functions based on the content available (inventory), considerations about the content (signals), considerations about a person (predictions), and overall score. How do Facebook employees determine how informative a post is or which interactions create a more meaningful experience? Does a speaker’s viewpoint determine in whole or part how informative or meaningful a post is? 70 Does a speaker’s partisan affiliation determine in whole or part how informative or meaningful a post is? Does a speaker’s religious affiliation determine in whole or part how informative or meaningful a post is? See Response to Question 66. Question 71. Facebook is entitled to contribute money to federal and State elections both as a function of the First Amendment as well as of federal and State law. Including all of its subsidiaries, affiliates, as well as political action committees, partnerships, councils, groups, or entities organized with either a sole or significant purpose of electioneering, making political contributions to issue advocacy, candidates, or political parties, or of bundling or aggregating money for candidates or issue or party advocacy, whether disclosed by law or not, and during primary elections or general elections, how much money has Facebook contributed to: All federal, State, and local candidates for office from 2008 to present? All national party committees? Of that amount, how much was to: The Democratic National Committee? The Democratic Senatorial Campaign Committee? The Democratic Congressional Campaign Committee? The Republican National Committee? The National Republican Senate Committee? The National Republican Congressional Committee? All political action committees (or other groups outlined above in question 43) from 2008 to present? All issue-advocacy campaigns, including initiatives, referenda, ballot measures, and other direct-democracy or similar lawmaking measures? Candidates running for President: In 2008? How much of that money was to the Democratic candidate? How much of that money was to the Republican candidate? 71 How much of that money was to other candidates? In 2012? How much of that money was to the Democratic candidate? How much of that money was to the Republican candidate? How much of that money was to other candidates? In 2016? How much of that money was to the Democratic candidate? How much of that money was to the Republican candidate? How much of that money was to other candidates? Candidates running for the U.S. Senate: (for special or off-year elections going forward, please group donation amounts with the next nearest cycle) In 2008? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? In 2010? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? In 2012? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? In 2014? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? 72 How much of that money was to other candidates? In 2016? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? In 2018? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? Candidates running for the U.S. House of Representatives: In 2008? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? In 2010? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? In 2012? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? In 2014? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? 73 How much of that money was to other candidates? In 2016? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? In 2018? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? Candidates running for Governor: In 2008? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? In 2010? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? In 2012? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? In 2014? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? 74 How much of that money was to other candidates? In 2016? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? In 2018? How much of that money was to Democratic candidates? How much of that money was to Republican candidates? How much of that money was to other candidates? Political action committees or other groups mentioned in question 43 that: Contribute 75% or more of their money to Democratic candidates for office? Contribute 75% or more of their money to Republican candidates for office? Identify as liberal, progressive, or otherwise left-wing? Identify as conservative or right-wing? Facebook complies will all political contribution reporting requirements, and such reports are publicly available. For more information on Facebook’s contributions, please see https://newsroom.fb.com/news/h/facebook-political-engagement/. Question 72. How much has Facebook donated, either in the form of money or services (including free or discounted advertising or more prominent placements within the platform via searches and other suggested-content mechanisms), to the following not-forprofit organizations (or their affiliates or subsidiaries) in the last 10 years? (Please separate answers into cash and non-cash components.) Planned Parenthood NARAL The Center for Reproductive Rights The National Right to Life Committee Americans United for Life Everytown for Gun Safety 75 The Brady Campaign The National Rifle Association Gun Owners of America Human Rights Campaign Amnesty International Lambda Legal National Immigration Forum Federation GLAAD ACLU UnidosUS (formerly “La Raza” or the “National Council of La Raza”) The Sierra Club Greenpeace The Heritage Foundation The Cato Institute The Institute for Justice Southern Poverty Law Center The Open Society Foundation(s) Americans for Prosperity We partner with various domestic and international non-governmental organizations, which span the political and ideological spectrum. We provide our partners with technical expertise, sponsorships, advertising credits, and trainings, among other support. Our partnerships are crucial to our mission of building community. More information about our partnerships is available at https://newsroom.fb.com/news/h/facebook-political-engagement/. Question 73. Facebook sells advertisements to political candidates and organizations. Multiple sources report that Facebook charged different rates to the Hillary Clinton and Donald Trump campaigns during the 2016 election. For the following questions, to the extent that geographic or local-market concerns significantly explain disparate rates 76 between candidates, please explain how they do so and to what extent they do so, including calculations justifying that explanation. Did Facebook charge the two campaigns different rates? If so, on what basis? If so, what rates did Facebook charge: The Clinton Campaign? The Trump Campaign? If these campaigns purchased advertising rates on Facebook or its platforms, what rates did Facebook charge each of the following campaigns? Barack Obama’s 2008 campaign John McCain’s 2008 campaign Barack Obama’s 2012 campaign Mitt Romney’s 2012 campaign On average, and among campaigns that purchased advertisements, what rates did Facebook charge: Democrats running for Senate in 2008? Republicans running for Senate in 2008? Democrats running for the House of Representatives in 2008? Republicans running for the House of Representatives in 2008? Democrats running for Governor in 2008? Republicans running for Governor in 2008? Democrats running in State or local legislative races in 2008? Republicans running in State or local legislative races in 2008? Democrats running for Senate in 2010? Republicans running for Senate in 2010? Democrats running for the House of Representatives in 2010? 77 Republicans running for the House of Representatives in 2010? Democrats running for Governor in 2010? Republicans running for Governor in 2010? Democrats running in State or local legislative races in 2010? Republicans running in State or local legislative races in 2010? Democrats running for Senate in 2012? Republicans running for Senate in 2012? Democrats running for the House of Representatives in 2012? Republicans running for the House of Representatives in 2012? Democrats running for Governor in 2012? Republicans running for Governor in 2012? Democrats running in State or local legislative races in 2014? Republicans running in State or local legislative races in 2014? Democrats running for Senate in 2014? Republicans running for Senate in 2014? Democrats running for the House of Representatives in 2014? Republicans running for the House of Representatives in 2014? Democrats running for Governor in 2014? Republicans running for Governor in 2014? Democrats running in State or local legislative races in 2014? Republicans running in State or local legislative races in 2014? Democrats running in State or local legislative races in 2016? Republicans running in State or local legislative races in 2016? Democrats running for Senate in 2016? Republicans running for Senate in 2016? 78 Democrats running for the House of Representatives in 2016? Republicans running for the House of Representatives in 2016? Democrats running for Governor in 2016? Republicans running for Governor in 2016? Democrats running in State or local legislative races in 2016? Republicans running in State or local legislative races in 2016? Democrats running in State or local legislative races in 2018? Republicans running in State or local legislative races in 2018? Democrats running for Senate in 2018? Republicans running for Senate in 2018? Democrats running for the House of Representatives in 2018? Republicans running for the House of Representatives in 2018? Democrats running for Governor in 2018? Republicans running for Governor in 2018? Democrats running in State or local legislative races in 2018? Republicans running in State or local legislative races in 2018? Yes or no: does Facebook consider partisan affiliation in deciding whether to sell advertisements to a political candidate, political action committee, or other organization purchasing political advertisements? Yes or no: does Facebook consider partisan affiliation in deciding at what rates to sell advertisements to a political candidate, political action committee, or other organization purchasing political advertisements? Yes or no: does Facebook consider the likelihood of a candidate’s ultimate electoral success (via polls or otherwise) in deciding whether to sell advertisements to a political candidate? Yes or no: does Facebook consider the likelihood of a candidate’s ultimate electoral success (via polls or otherwise) in deciding at what rates to sell advertisements to a political candidate? 79 Facebook offered identical support to both the Trump and Clinton campaigns, and had teams assigned to both. Everyone had access to the same tools, which are the same tools that every campaign is offered. See also Response to Question 74. Question 74. Please provide Facebook’s advertising rates for each U.S. Senate and U.S. House election for which Facebook quoted or sold advertisements to one or more candidates for the years 2008, 2010, 2012, 2014, 2016, and 2018. For elections not falling in those years or special elections, please provide and group these rates with the next sequential election cycle. Where Facebook offered or sold advertising to multiple candidates within the same race, please pair those quotes or prices together along with party affiliation. People can run ads on Facebook, Instagram, and Audience Network on any budget. The exact cost associated with an ad being shown to someone is determined in Facebook’s ad auction. Question 75. Yes or no: has Facebook ever provided at no cost advertising to political candidates, campaign committees, political action committees or similar groups, or issueadvocacy groups or campaigns, whether through outright advertising or by altering search rankings, trending topics, content rankings, or the position of content within any suggested content mechanism? If so, please provide each instance in which Facebook has done so and indicate whether Facebook offered similar support to any other candidate or issue in that race or election. If so, please indicate whether Facebook coordinated with that campaign, candidate, or issue in doing so, or if Facebook acted unilaterally. Political candidates, campaign committees, political action committees and similar groups, as well as issue advocacy groups and campaigns can set up Facebook Pages for free and post free content via those Pages, in the same way that any Page creator may. To run ads on Facebook, a form of payment must be provided. The algorithms that set content rankings are not designed to promote any candidate or party. Question 76. Please list and describe all mandatory trainings that Facebook employees are required to undergo and the topics involved in each, including any trainings on sexual harassment, unconscious bias, racial privilege, and inclusivity. At Facebook, we treat any allegations of harassment, discrimination, or retaliation with the utmost seriousness, and we have invested significant time and resources into developing our policies and processes. We have made our policies and processes available publicly—not because we think we have all the answers, but because we believe that the more companies are open about their policies, the more we can all learn from one another. Our internal policies on sexual harassment and bullying are available on our Facebook People Practices website (http://peoplepractices.fb.com/), along with details of our investigation process and tips and resources we have found helpful in preparing our Respectful Workplace internal trainings. Our 80 philosophy on harassment, discrimination, and bullying is to go above and beyond what is required by law. Our policies prohibit intimidating, offensive, and sexual conduct even when that conduct might not meet the legal standard of harassment. Even if it’s legally acceptable, it’s not the kind of behavior we want in our workplace. In developing our policies, we were guided by six basic principles: • First, develop training that sets the standard for respectful behavior at work, so people understand what’s expected of them right from the start. In addition to prescribing mandatory harassment training, we wrote our own unconscious bias training program at Facebook, which is also available publicly on our People Practices website. Our training includes Sustainable Equity, a three-day course in the US about racial privilege and injustice, and Design for Inclusion, a multi-day course in the UK to educate on systemic inequity. • Second, treat all claims—and the people who voice them—with seriousness, urgency, and respect. At Facebook, we make sure to have HR business partners available to support everyone on the team, not just senior leaders. • Third, create an investigation process that protects employees from stigma or retaliation. Facebook has an investigations team made up of experienced HR professionals and lawyers trained to handle sensitive cases of sexual harassment and assault. • Fourth, follow a process that is consistently applied in every case and is viewed by employees as providing fair procedures for both victims and those accused. • Fifth, take swift and decisive action when it is determined that wrongdoing has occurred. We have a zero-tolerance policy, and that means that when we are able to determine that harassment has occurred, those responsible are fired. Unfortunately, in some cases investigations are inconclusive and come down to one person’s word against another’s. When we don’t feel we can make a termination decision, we take other actions designed to help everyone feel safe, including changing people’s roles and reporting lines. • Sixth, make it clear that all employees are responsible for keeping the workplace safe—and anyone who is silent or looks the other way is complicit. There’s no question that it is complicated and challenging to get this right. We are by no means perfect, and there will always be bad actors. Unlike law enforcement agencies, companies don’t have access to forensic evidence and instead have to rely on reported conversations, written evidence, and the best judgment of investigators and legal experts. What we can do is be as transparent as possible, share best practices, and learn from one another—recognizing that policies will evolve as we gain experience. We don’t have everything worked out at Facebook on these issues, but we will never stop striving to make sure we have a safe and respectful working environment for all our people. 81 We are also working to reduce unconscious bias. Our publicly available Managing Unconscious Bias class encourages our people to challenge and correct bias as soon as they see it—in others, and in themselves. We’ve also doubled down by adding two additional internal programs: Managing Inclusion, which trains managers to understand the issues that affect marginalized communities, and Be The Ally, which gives everyone the common language, tools, and space to practice supporting others. Question 77. Please list and describe all optional recommended trainings that Facebook employees are required to undergo and the topics involved in each, including any trainings on sexual harassment, unconscious bias, racial privilege, and inclusivity. See Response to Question 76. Question 78. Do any of the materials Facebook uses in any of these trainings identify different preferences, values, goals, ideas, world-views, or abilities among individuals on the basis of the following? If so, please list each and include those materials. Race Sex Sexual orientation Place of origin Diversity is core to our business at Facebook and we’re committed to building and maintaining a workforce as diverse and inclusive as the people and communities we serve. We have developed and implemented programs and groups to help build a more diverse and inclusive company, and to better engage and support employees from diverse backgrounds. We have a number of Facebook Resource Groups (FBRGs) that are run by our internal communities from different backgrounds, such as Asians and Pacific Islanders, African-Americans, People with Disabilities, those of faith, Latinos/Hispanics, LGBTQ, Veterans, and women. These FBRGs provide members with support, foster understanding between all people, and can coordinate programming to further support members. Examples of such programs include Women@ Leadership Day, Black@ Leadership Day, Latin@ Leadership Day, and Pride@ Leadership Day. Facebook also values and creates programming to support its Veterans and People with Disabilities through dedicated program managers and recruiters, mentoring programs and awareness campaigns to promote education and inclusion. These groups and programs are created to support and provide a more inclusive work experience for people from diverse backgrounds, with membership and participation open even to those who do not selfidentify with these groups. For example, people who do not self-identify as Black are still members of Black@ and have attended Black@ Leadership Day, and there are male members of Women@ and men can attend Women@ Leadership Day. Facebook is also an Equal Opportunity Employer. Question 79. Facebook acknowledges that it is located in a very liberal part of the country, and has suggested that it understands that many of its employees as well as the surrounding community share a particular (very liberal) culture. 82 Does Facebook have any training specifically aimed at discouraging political, ideological, or partisan bias in decision-making by its employees? Does Facebook have any training specifically aimed at discouraging political, ideological, or partisan bias in hiring, retention, promotion, and firing of its employees? Does Facebook have any training specifically aimed at discouraging political, ideological, or partisan bias in the monitoring and supervision of content, users, or advertisements on each of its platforms? Our Community Standards are global and all reviewers use the same guidelines when making decisions. They undergo extensive training when they join and, thereafter, are regularly trained and tested with specific examples on how to uphold the Community Standards and take the correct action on a piece of content. This training includes when policies are clarified, or as they evolve. We seek to write actionable policies that clearly distinguish between violating and nonviolating content and we seek to make the decision making process for reviewers as objective as possible. Our reviewers are not working in an empty room. There are quality control mechanisms as well as management on site to help or seek guidance from if needed. When a reviewer isn’t clear on the action to take based on the Community Standards, they can pass the content decision to another team for review. We also audit the accuracy of reviewer decisions on an ongoing basis to coach them and follow up on improving, where errors are being made. When we’re made aware of incorrect content removals, we review them with our Community Operations team so as to prevent similar mistakes in the future. We are introducing the right to appeal our decisions on individual posts so users can ask for a second opinion when they think we’ve made a mistake. As a first step, we are launching appeals for posts that were removed for nudity/sexual activity, hate speech or graphic violence. We are working to extend this process further, by supporting more violation types, giving people the opportunity to provide more context that could help us make the right decision, and making appeals available not just for content that was taken down, but also for content that was reported and left up. We believe giving people a voice in the process is another essential component of building a fair system. Question 80. Please list the names of any third-party organizations or vendors that Facebook uses to facilitate its trainings. We have a comprehensive training program that includes many hours of live instructorled training, as well as hands-on practice for all of our reviewers. 83 All training materials are created in partnership with our policy team and in-market specialists or native speakers from the region. After starting, reviewers are regularly trained and tested with specific examples on how to uphold the Community Standards and take the correct action on a report. Additional training happens continuously and when policies are clarified, or as they evolve. Question 81. In the last five years, how many discrimination complaints has Facebook received from Christians? Please indicate how these complaints were resolved. Decisions about content are made based on whether content violates our Community Standards. A user’s personal characteristics do not influence the decisions we make, and Facebook does not track the religious beliefs or other personal characteristics of complainants. Question 82. Yes or no: Does Facebook offer any compensation, amenities, trainings, or similar services to its employees on account of their race, sex, sexual orientation, or religious affiliation? If so, please list each and whether all other races, sexes, etc. are provided the same compensation, amenity, etc. See Response to Question 78. Question 83. In August 2017, Google fired James Damore for violating its code of conduct after Damore submitted an internal memo criticizing the company’s hiring practices and arguing that the company’s political bias created a negative work environment. Yes or no: Does Facebook agree with Google’s decision to fire James Damore? Would an individual at Facebook have been fired for publishing a memorandum like Damore’s? Assume no previous negative disciplinary history. Does Facebook permit employees to believe that some portion of the career differences between men and women are the result of differing choices between the sexes? Would a Facebook employee be disciplined for mentioning that opinion in a conversation to a willing participant? Would a Facebook employee be disciplined for mentioning that opinion on his or her Facebook account? Does Facebook permit employees to criticize its “diversity” efforts as being racist against whites or sexist against men? Would a Facebook employee be disciplined for mentioning that opinion in a conversation to a willing participant? Would a Facebook employee be disciplined for mentioning that opinion on his or her Facebook account? 84 We try to run our company in a way where people can express different opinions internally. We are not in a position to comment on the personnel decisions of another company or to engage in speculation about how we might respond in particular hypothetical circumstances. Question 84. In October 2017, Prager University filed suit against Google and Youtube, alleging that the two companies illegally discriminated against Prager University because of its conservative political perspective. As evidence, Prager University pointed to the dozens of educational videos that Youtube either put in “restricted mode” or demonetized. Yes or no: Does Facebook agree with YouTube/Google’s decision to restrict the following Prager University video, and if so, why? The World’s Most Persecuted Minority: Christians? Israel’s Legal Founding? Are the Police Racist? Why Did America Fight the Korean War? What Should We Do About Guns? Why America Must Lead? The Most Important Question About Abortion? Yes or no: Does Facebook agree with YouTube/Google’s decision to demonetize the following Prager University video, and if so, why? Are The Police Racist? Israel’s Legal Founding The Most Important Question About Abortion? Who’s More Pro-Choice: Europe or America? Why Do People Become Islamic Extremists? Is the Death Penalty Ever Moral? Why Isn’t Communism as Hated as Nazism? Radical Islam: The Most Dangerous Ideology? Is Islam a Religion of Peace? See Response to Question 44. 85 Question 85. Recently, Jack Dorsey, Twitter’s CEO, praised an article by two Democrats calling for a “new civil war” against the Republican Party, in which “the entire Republican Party, and the entire conservative movement that has controlled it for the past four decades” will be given a “final takedown that will cast them out” to the “political wilderness” “for a generation or two.” Does you agree with the premise of this article? It is located here: https://medium.com/s/state-of-the-future/the-great-lesson-of-california-in- americas-newcivil-war-e52e2861f30 Do you or Facebook believe it is appropriate for its platform or company to call for a “new civil war?” Do you or Facebook believe it is appropriate for its platform or company to call for an end to one of the Nation’s two major political parties? Do you or Facebook believe it is appropriate for its platform or company to call for an end to the conservative movement? Do you or Facebook condemn Twitter for calling for an end to the Republican Party? Do you or Facebook condemn Twitter for calling for an end to the conservative movement? Do you or Facebook condemn Twitter for calling for a new American civil war? We are not in a position to comment on the decisions of another company or on another company’s executive’s statements about a news articles. We are committed to designing our products to give all people a voice and foster the free flow of ideas and culture. That said, when something crosses the line into hate speech, it has no place on Facebook, and we are committed to removing it from our platform any time we become aware of it. Question 84. Does Facebook collect information regarding its users’: Usage of non-Facebook apps? Email? Audio or ambient sound? Telephone usage? Text messaging? iMessaging? Physical location when the user is not using the Facebook app? 86 Spending? As explained in our Data Policy, we collect three basic categories of data about people: (1) data about things people do and share (and who they connect with) on our services, (2) data about the devices people use to access our services, and (3) data we receive from partners, including the websites and apps that use our business tools. As far as the amount of data we collect about people, the answer depends on the person. People who have only recently signed up for Facebook have usually shared only a few things— such as name, contact information, age, and gender. Over time, as people use our products, we receive more data from them, and this data helps us provide more relevant content and services. That data will fall into the categories noted above, but the specific data we receive will, in large part, depend on how the person chooses to use Facebook. For example, some people use Facebook to share photos, so we receive and store photos for those people. Some people enjoy watching videos on Facebook; when they do, we receive information about the video they watched, and we can use that information to help show other videos in their News Feeds. Other people seldom or never watch videos, so we do not receive the same kind of information from them, and their News Feeds are likely to feature fewer videos. The data we have about people also depends on how they have used our controls. For example, people who share photos can easily delete those photos. The same is true of any other kind of content that people post on our services. Through Facebook’s Activity Log tool, people can also control the information about their engagement—i.e., their likes, shares and comments—with other people’s posts. The use of these controls of course affects the data we have about people. Question 86. Does Facebook give its users the opportunity to opt out of Facebook collecting its users’ data while still using the service? The Ad Preferences tool on Facebook shows people the advertisers whose ads the user might be seeing because they visited the advertisers’ sites or apps. The person can remove any of these advertisers to stop seeing their ads. In addition, the person can opt out of these types of ads entirely—so he or she never sees those ads on Facebook based on information we have received from other websites and apps. We’ve also announced plans to build Clear History, a feature that will enable people to see the websites and apps that send us information when they use them, delete this information from their accounts, and turn off our ability to store it associated with their accounts going forward. Apps and websites that use features such as the Like button or Facebook Analytics send us information to make their content and ads better. We also use this information to make user experience on Facebook better. 87 If a user clears his or her history or uses the new setting, we’ll remove identifying information so a history of the websites and apps the user used won’t be associated with the user’s account. We’ll still provide apps and websites with aggregated analytics—for example, we can build reports when we’re sent this information so we can tell developers if their apps are more popular with men or women in a certain age group. We can do this without storing the information in a way that’s associated with the user’s account, and as always, we don’t tell advertisers who users are. It will take a few months to build Clear History. We’ll work with privacy advocates, academics, policymakers, and regulators to get their input on our approach, including how we plan to remove identifying information and the rare cases where we need information for security purposes. We’ve already started a series of roundtables in cities around the world, and heard specific demands for controls like these at a session we held at our headquarters. We’re looking forward to doing more. Question 87. Yes or no: In preparation for the April 10, 2018 hearing, did Facebook, employees of Facebook, or independent contractors hired by Facebook examine the personal Facebook pages of the U.S. Senators scheduled to take part in the hearing? If so, please identify the Facebook pages visited and the information sought. If so, please identify the individuals who sought such information and what information they obtained. If so, please identify all individuals who possessed or reviewed that information. While Facebook employees regularly look at the public pages of members of Congress to track the issues that are important to them, we are confident that no employees accessed any private data on personal profiles to prepare for the hearing or the questions for the record. Question 88. Yes or no: In preparation for the April 10, 2018 hearing, did Facebook, employees of Facebook, or independent contractors hired by Facebook examine the personal Facebook pages of U.S. Senators’ family members? If so, please identify the Facebook pages visited and the information sought. If so, please identify the individuals who sought such information and what information they obtained. If so, please identify all individuals who possessed or reviewed that information. See Response to Question 87. Question 89. Yes or no: In preparation for the April 10, 2018 hearing, did Facebook, employees of Facebook, or independent contractors hired by Facebook examine the personal Facebook pages of any Senate employees? If so, please identify the Facebook pages visited and the information sought. 88 If so, please identify the individuals who sought such information and what information they obtained. If so, please identify all individuals who possessed or reviewed that information. See Response to Question 87. Question 90. Yes or no: In responding to these or any other questions for the record arising from the April 10, 2018 hearing, did Facebook, employees of Facebook, or independent contractors hired by Facebook examine the personal Facebook pages of the U.S. Senators scheduled to take part in the hearing? If so, please identify the Facebook pages visited and the information sought. If so, please identify the individuals who sought such information and what information they obtained. If so, please identify all individuals who possessed or reviewed that information. See Response to Question 87. Question 91. Yes or no: In responding to these or any other questions for the record arising from the April 10, 2018 hearing, did Facebook, employees of Facebook, or independent contractors hired by Facebook examine the personal Facebook pages of U.S. Senators’ family members? If so, please identify the Facebook pages visited and the information sought. If so, please identify the individuals who sought such information and what information they obtained. If so, please identify all individuals who possessed or reviewed that information. See Response to Question 87. Question 92. Yes or no: In responding to these or any other questions for the record arising from the April 10, 2018 hearing, did Facebook, employees of Facebook, or independent contractors hired by Facebook examine the personal Facebook pages of U.S. Senate employees? If so, please identify the Facebook pages visited and the information sought. If so, please identify the individuals who sought such information and what information they obtained. If so, please identify all individuals who possessed or reviewed that information. See Response to Question 87. 89 Question 93. Yes or no: Does Facebook collect data on individuals who are not registered Facebook users? If so, does Facebook use this data as part of the advertising products it sells? If so, does Facebook share or has Facebook ever shared this data with third parties? Facebook does not create profiles for people who do not hold Facebook accounts. When people visit apps or websites that feature our technologies—like the Facebook Like or Comment button—our servers automatically log (i) standard browser or app records of the fact that a particular device or user visited the website or app (this connection to Facebook’s servers occurs automatically when a person visits a website or app that contains our technologies, such as a Like button, and is an inherent function of Internet design); and (ii) any additional information the publisher of the app or website chooses to share with Facebook about the person’s activities on that site (such as the fact that a purchase was made on the site). This is a standard feature of the Internet, and most websites and apps share this same information with multiple different third-parties whenever people visit their website or app. For example, the Senate Commerce Committee’s website shares information with Google and its affiliate DoubleClick and with the analytics company Webtrends. This means that, when a person visits the Committee’s website, it sends browser information about their visit to each one of those third parties. More information about how this works is available at https://newsroom.fb.com/news/2018/04/data-off-facebook/. When the person visiting a website featuring Facebook’s tools is not a registered Facebook user, Facebook does not have information identifying that individual, and it does not create profiles for this individual. We use the browser and app logs that apps and websites send to us—described above—in the following ways for non-Facebook users. First, these logs are critical to protecting the security of Facebook and to detecting or preventing fake account access. For example, if a browser has visited hundreds of sites in the last five minutes, that’s a sign the device might be a bot, which would be an important signal of a potentially inauthentic account if that browser then attempted to register for an account. Second, we aggregate those logs to provide summaries and insights to websites and apps about how many people visit or use their product, or use specific features like our Like button—but without providing any information about a specific person. We do not create profiles for non-Facebook users, nor do we use browser and app logs for non-Facebook users to show targeted ads from our advertisers to them or otherwise seek to personalize the content they see. However, we may take the opportunity to show a general ad that is unrelated to the attributes of the person or an ad encouraging the non-user to sign up for Facebook. Question 94. To the extent that Facebook collects and uses data from individuals who are not registered Facebook users, has Facebook gained consent from those individuals to collect and use their personal data? Facebook does not create profiles about or track web or app browsing history for people who are not registered users of Facebook. 90 Question 95. To the extent that Facebook collects and uses data from individuals who are registered Facebook users, has Facebook obtained those individuals’ informed consent on an opt-in basis prior to the acquisition of that data? If so, please provide the basis for concluding that data was acquired on an informed consent basis. If so, please provide the basis for concluding that users opted-in to Facebook’s collection and commercialization of their data. All users must expressly consent to Facebook’s Terms and Data Policy when registering for Facebook. The Data Policy explains the kinds of information we collect, how we use this information, how we share this information, and how users can manage and delete information. After joining Facebook, people are presented with the opportunity to consent to additional data collection and uses, such as the use of location or the users’ address book on their mobile device. In response to your specific questions, depending on which Services a person uses, we collect different kinds of information from or about them. This is described in our Data Policy: Things users and others do and provide. • Information and content users provide. We collect the content, communications and other information users provide when they use our Products, including when they sign up for an account, create or share content, and message or communicate with others. This can include information in or about the content they provide (like metadata), such as the location of a photo or the date a file was created. It can also include what they see through features we provide, such as our camera, so they can do things like suggest masks and filters that users might like, or give them tips on using camera formats. Our systems automatically process content and communications users and others provide to analyze context and what’s in them for the purposes described below. o Data with special protections: Users can choose to provide information in their Facebook profile fields or Life Events about their religious views, political views, who they are “interested in,” or their health. This and other information (such as racial or ethnic origin, philosophical beliefs or trade union membership) could be subject to special protections under the laws of a user’s country. • Networks and connections. We collect information about the people, Pages, accounts, hashtags and groups users are connected to and how users interact with them across our Products, such as people users communicate with the most or groups they are part of. We also collect contact information if users choose to upload, sync or import it from a device (such as an address book or call log or SMS log history), which we use for things like helping users and others find people they may know and for the other purposes listed below. 91 • Users’ usage. We collect information about how users use our Products, such as the types of content they view or engage with; the features they use; the actions they take; the people or accounts they interact with; and the time, frequency and duration of their activities. For example, we log when users are using and have last used our Products, and what posts, videos and other content users view on our Products. We also collect information about how users use features like our camera. • Information about transactions made on our Products. If users use our Products for purchases or other financial transactions (such as when they make a purchase in a game or make a donation), we collect information about the purchase or transaction. This includes payment information, such as their credit or debit card number and other card information; other account and authentication information; and billing, shipping and contact details. • Things others do and information they provide about users. We also receive and analyze content, communications and information that other people provide when they use our Products. This can include information about users, such as when others share or comment on a photo of them, send a message to them, or upload, sync or import their contact information. Device Information • As described below, we collect information from and about the computers, phones, connected TVs and other web-connected devices users use that integrate with our Products, and we combine this information across different devices users use. For example, we use information collected about users’ use of our Products on their phone to better personalize the content (including ads) or features they see when they use our Products on another device, such as their laptop or tablet, or to measure whether they took an action in response to an ad we showed them on their phone on a different device. • Information we obtain from these devices includes: o Device attributes: information such as the operating system, hardware and software versions, battery level, signal strength, available storage space, browser type, app and file names and types, and plugins. o Device operations: information about operations and behaviors performed on the device, such as whether a window is foregrounded or backgrounded, or mouse movements (which can help distinguish humans from bots). o Identifiers: unique identifiers, device IDs, and other identifiers, such as from games, apps or accounts users use, and Family Device IDs (or other identifiers unique to Facebook Company Products associated with the same device or account). 92 o Device signals: Bluetooth signals, and information about nearby Wi-Fi access points, beacons, and cell towers. o Data from device settings: information users allow us to receive through device settings they turn on, such as access to their GPS location, camera or photos. o Network and connections: information such as the name of users’ mobile operator or ISP, language, time zone, mobile phone number, IP address, connection speed and, in some cases, information about other devices that are nearby or on their network, so we can do things like help users stream a video from their phone to their TV. o Cookie data: data from cookies stored on a user’s device, including cookie IDs and settings. Learn more about how we use cookies in the Facebook Cookies Policy (https://www.facebook.com/policies/cookies/) and Instagram Cookies Policy (https://www.instagram.com/legal/cookies/) Information from Partners • Advertisers, app developers, and publishers can send us information through Facebook Business Tools they use, including our social plug-ins (such as the Like button), Facebook Login, our APIs and SDKs, or the Facebook pixel. These partners provide information about users’ activities off Facebook—including information about their device, websites they visit, purchases they make, the ads they see, and how they use their services—whether or not they have a Facebook account or are logged into Facebook. For example, a game developer could use our API to tell us what games a user plays, or a business could tell us about a purchase a user made in its store. We also receive information about users’ online and offline actions and purchases from third-party data providers who have the rights to provide us with users’ information. • Partners receive users’ data when users visit or use their services or through third parties they work with. We require each of these partners to have lawful rights to collect, use and share users’ data before providing any data to us. Question 96. Yes or no: Does Facebook give non-Facebook users a reasonable opportunity to learn what information has been collected about them by Facebook? If yes, please describe how. Yes. If a person doesn’t have a Facebook account but believes Facebook may have information about them, they can contact us to request a copy of their information. A contact form is available at https://www.facebook.com/help/contact/180237885820953. However, Facebook does not create profiles about or track web or app browser behavior of non-users. Question 97. During the April 10, 2018 joint committee hearing, you stated, “Every piece of content that you share on Facebook, you own and you have complete control over who sees 93 it and—and how you share it, and you can remove it at any time.” To corroborate that statement, you cited multiple mechanisms provided by Facebook that allow users to locate, edit, download, and delete information collected about them by Facebook. Yes or no: Does Facebook offer non-Facebook users the same opportunities to control and edit any data collected about them by Facebook? A user owns the information they share on Facebook. This means they decide what they share and who they share it with on Facebook, and they can change their mind. We believe everyone deserves good privacy controls. We require websites and apps who use our tools to tell users they’re collecting and sharing their information with us, and to get users’ permission to do so. However, non-Facebook users cannot post content on Facebook. Accordingly, there are not corresponding controls for non-Facebook users. Facebook’s “Privacy Basics” on deleting posts states “Hiding lets you keep your post but no one else will be able to see it when they view your Timeline. Note that it might still show up in search results and other places on Facebook.” How does an individual have “complete control” over their data if a post that has been hidden still shows up “in search results and other places on Facebook?” A user can delete any post they have made. If they do so, it will not appear in search results and in other places on Facebook. The language you refer to appears in a feature that allows people to hide—not delete—content from their personal timeline. That is, a person can choose to delete a post that they have made from Facebook entirely, or they can choose to hide a post from their timeline even though it may be visible in other places on Facebook. Does Facebook give users an opportunity delete their content or information from these “other places” or search results? Yes. See above. Does Facebook give non-users an opportunity to delete content containing or relating to them from these “other places” or search results? Since this passage refers to content created by Facebook users and whether it’s visible on their timeline, this does not apply to non-users. See the Responses to the sub-questions above and below. If a Facebook user deletes a post will it show up in search results and other places on Facebook? If so, please describe the other places on Facebook in which a deleted post may appear. In general, when a user deletes their account, we delete things they have posted, such as their photos and status updates, and they won’t be able to recover that information later. (Information that others have shared about them isn’t part of their account and won’t be deleted.) 94 There are some limited exceptions to these policies: For instance, information can be accessed and preserved for an extended period when it is the subject of a legal request or obligation, governmental investigation, or investigations of possible violations of our terms or policies, or otherwise to prevent harm. We also retain information from accounts disabled for terms violations for at least a year to prevent repeat abuse or other term violations. If a Facebook user deletes his account, will any of his data show up in search results and other places on Facebook? Will Facebook retain any of his data for any purpose? If so, please describe what data and for what purposes. See Response above. Question 98. Yes or no: does Facebook employ facial-recognition technology? If so, does Facebook collect user data using facial-recognition technology? If so, does Facebook collect data on individuals who are not registered Facebook users using facial-recognition technology? If yes, does Facebook allow third-parties access to its facial-recognition technology or related information obtained as a result of the technology? If yes, does Facebook allow government entities access to its facial recognition technology and/or the information obtained as a result of the technology? To the extent that Facebook uses facial-recognition technology, what policies and procedures does Facebook have to safeguard information and data collected using that technology? Does Facebook offer individuals, whether registered users or not, any opportunity to not be subject to facial-recognition technology or to have data collected using facial-recognition technology deleted? Yes or no: Will Facebook commit to not using its facial-recognition technology to assemble data on individuals who have never consented to being part of Facebook? Facebook uses facial recognition technology to provide people with products and features that enhance online experiences for Facebook users while giving them control over this technology. Facebook’s facial recognition technology helps people tag their friends in photos; gives people an easier and faster way to privately share their photos with friends; helps people with visual impairments by generating descriptions of photos that people using screen readers can hear as they browse Facebook; lets people know when a photo or video of them has been uploaded to Facebook, even if they are not tagged; and helps prevent people from impersonating other Facebook users. Facial recognition technology uses machine-learning algorithms to analyze the pixels in photos and videos in which a user is tagged, and the photo used by the person as his or her profile picture, and generates a unique number called a template. When a photo or video is 95 uploaded to Facebook, Facebook uses the template to attempt to identify someone by determining whether there are any faces in that content, and analyzing the portion of the image in which the face appears to compare it against certain Facebook users depending on the purpose for which facial recognition is being performed. Facebook has not shared and does not have plans to share or make available to any third party its facial recognition templates. Moreover, these templates do not provide meaningful information on their own; they can be used to identify a person only in conjunction with Facebook’s software. They could not be reverse-engineered to recreate someone’s face. Facebook designed its facial-recognition technology and the applications that use it with privacy considerations in mind and incorporated various safeguards and controls that protect both (1) users’ ability to control the collection, use, and disclosure of their personal information, and (2) the security of that personal information. Facebook gives users control over whether Facebook uses facial recognition to recognize them in photos and videos. That control is exercised through users’ privacy settings. If a user chooses to turn facial recognition off, Facebook does not create a template for that person or deletes any template it has previously created. Facebook will then be unable to recognize that person in any photos or videos that are uploaded to the service. Facebook also deletes templates of people who delete their Facebook accounts. Additionally, Facebook does not maintain templates for users who have no photos tagged of themselves and do not have a profile photo that is capable of being used to generate a face signature or template (e.g., where a user has no profile photo, where a user’s profile photo does not contain a human face, or where a user’s profile photo contains multiple untagged faces). We inform people about our use of facial-recognition technology through the Data Policy, Help Center, posts on Facebook, and direct user notifications. Facebook users are told that they can opt out of facial recognition at any time—in which case Facebook will delete their template and will no longer use facial recognition to identify them. In creating facial recognition templates, Facebook uses only data that people have voluntarily provided to Facebook: the photos and videos that people have voluntarily uploaded to Facebook (including public profile pictures) and the tags people have applied to those photos and videos. Facebook does not use facial recognition to identify someone to a stranger. Question 99. Yes or no: does Facebook collect users’ audio or visual information for any reason whatsoever, or otherwise activate, monitor, or capture data from a microphone or camera from a user’s phone without the user’s contemporaneous knowledge and express, contemporaneous consent? If so, please list each and every instance under which Facebook does so. No, Facebook does not engage in these practices or capture data from a microphone or camera without consent. Of course, we do allow people to take videos on their devices and share those on our platform. Question 100. Will Facebook commit to not using its platform to gather such audio or visual information surreptitiously? 96 See Response to Question 99. Question 101. During the April 11, 2018 House Energy and Commerce Hearing, you stated, “there may be specific things about how you use Facebook, even if you’re not logged in, that we keep track of, to make sure that people aren’t abusing the systems.” You further stated that “in general, we collect data on people who have not signed up for Facebook for security purposes.” What categories of data does Facebook collect about registered users’ activity on websites and mobile applications other than Facebook? What categories of data does Facebook collect about individuals who are not registered Facebook users and their activity on websites and mobile applications other than Facebook? To the extent Facebook collects such data, does Facebook sell or provide this data to third parties? To the extent Facebook collects such data, has Facebook gained consent from those individuals to collect and use their personal data? To the extent Facebook gathers such data, what opportunity does Facebook provide to individuals not using Facebook to know, correct, or delete any information Facebook has gathered and retained about them? Most of your answers to the questions you received on April 10, 2018, and likely most of the answers to these questions for the record, will depend on information that Facebook alone possesses. Why is/are Facebook’s content-suggesting algorithm(s) secret? Why are Facebook’s editorial decisions secret? See Response to Question 93. When the individual is a Facebook user, we are also able to use this information to personalize their experiences on Facebook, whether or not they are logged out, but we will not target ads to users relying on this information unless the user allows this in their privacy settings. We do not sell or share this information with third-parties. Question 102. Numerous Americans receive all or a significant portion of their news from Facebook, which, in turn, suggests that news to them based on an algorithm that determines appropriate content based on criteria known only to Facebook. To what extent will Facebook make public the criteria on which this algorithm relies? To what extent will Facebook make public any changes that it makes to this or similar algorithms? 97 Facebook is a distribution platform that reflects the conversations already taking place in society. We want Facebook to be a place where people can discover more news, information, and perspectives, and we are working to build products that help. As to the questions regarding ranking and algorithmic changes, see Response to Question 66. Question 103. Facebook conducts numerous social experiments on its users, examining everything from the effects of Facebook on voter turnout to the effects of Facebook on the mood of its users. Will Facebook commit to not experimenting on its users without express, informed consent in advance? Will Facebook commit to making the results of any such experiments known publicly? Will Facebook commit to not experimenting on human subjects at all? Facebook does research in a variety of fields, from systems infrastructure to user experience to artificial intelligence to social science. We do this work to understand what we should build and how we should build it, with the goal of improving the products and services we make available each day. We’re committed to doing research to make Facebook better, but we want to do it in the most responsible way. In October 2014, we announced a new framework that covers both internal work and research that might be published: • Guidelines: we’ve given researchers clearer guidelines. If proposed work is focused on studying particular groups or populations (such as people of a certain age) or if it relates to content that may be considered deeply personal (such as emotions) it will go through an enhanced review process before research can begin. The guidelines also require further review if the work involves a collaboration with someone in the academic community. • Review: we’ve created a panel including our most senior subject-area researchers, along with people from our engineering, research, legal, privacy and policy teams, that will review projects falling within these guidelines. This is in addition to our existing privacy cross-functional review for products and research. • Training: we’ve incorporated education on our research practices into Facebook’s six-week training program, called bootcamp, that new engineers go through, as well as training for others doing research. We’ll also include a section on research in the annual privacy and security training that is required of everyone at Facebook. • Research website: our published academic research is now available at a single location (https://research.facebook.com/) and will be updated regularly. 98 We believe in research because it helps us build a better Facebook. Like most companies today, our products are built based on extensive research, experimentation and testing. It’s important to engage with the academic community and publish in peer-reviewed journals, to share technology inventions and because online services such as Facebook can help us understand more about how the world works. We want to do this research in a way that honors the trust users put in us by using Facebook every day. We will continue to learn and improve as we work toward this goal. Question 104. What, if any, procedures does Facebook employ to verify the identities of individuals who purchase or employ data from Facebook? Facebook does not sell people’s information to anyone, and we never will. We also impose strict restrictions on how our partners can use and disclose the data we provide. Our Data Policy makes clear the circumstances in which we work with third-party partners who help us provide and improve our Products or who use Facebook Business Tools to grow their businesses, which makes it possible to operate our companies and provide free services to people around the world. Question 105. Research and reporting by NYU Professor of Marketing Scott Galloway suggests that, combined, Facebook and Google (parent company now known as Alphabet) are together worth approximately $1.3 trillion. He concludes that this figure exceeds the world’s top five advertising agencies (WPP, Omnicom, Publicis, IPG, and Dentsu) with five major media companies (Disney, Time Warner, 21st Century Fox, CBS, and Viacom) and still need to add five major communications companies (AT&T, Verizon, Comcast, Charter, and Dish) approach 90% of Facebook and Google’s combined worth. What business or product lines does Facebook consider itself to be in? On what basis does Facebook make that determination? Who does Facebook consider its major competitors in each of these business or product lines? Of those business or product lines, what market share does Facebook believe that it has? What other entities provide all of the services that Facebook does in one place or platform, if any? What other entities provide any of the services that Facebook does? What is the relevant product market for Facebook (the platform)? What are the relevant product markets for each of Facebook’s products? What is the relevant geographic market for Facebook (the platform)? 99 What is the relevant geographic market for each of Facebook’s products? Given these relevant geographic and product markets, what is Facebook’s market share in each distinct market in which it operates? What procedures, tools, programs, or calculations does Facebook use to ascertain its market position relevant to its five largest competitors overall (if five exist)? What procedures, tools, programs, or calculations does Facebook use to ascertain its market position relevant to its five largest competitors in each product market (if five exist)? In Silicon Valley and around the world, new social apps are emerging all the time. The average American uses eight different apps to communicate with their friends and stay in touch with people. There is a lot of choice, innovation, and activity in this space, with new competitors arising all the time. Facebook’s top priority and core service is to build useful and engaging products that enable people to connect, discover and share through mobile devices and personal computers. Given its broad product offerings, Facebook faces numerous competitors, competing to attract, engage, and retain users, to attract and retain marketers, and to attract and retain developers who build compelling mobile and web applications. For instance, if a user wants to share a photo or video, they can choose between Facebook, DailyMotion, Snapchat, YouTube, Flickr, Twitter, Vimeo, Google Photos, and Pinterest, among many other services. Similarly, if a user is looking to message someone, just to name a few, there’s Apple’s iMessage, Telegram, Skype, Line, Viber, WeChat, Snapchat, and LinkedIn—as well as the traditional text messaging services their mobile phone carrier provides. Equally, companies also have more options than ever when it comes to advertising—from billboards, print and broadcast, to newer platforms like Facebook, Spotify, Twitter, Google, YouTube, Amazon or Snapchat. Facebook represents a small part (in fact, just 6%) of this $650 billion global advertising ecosystem and much of that has been achieved by helping small businesses—many of whom could never have previously afforded newspaper or TV ads—to cost-effectively reach a wider audience. Question 106. As you indicated in your testimony, Facebook’s business model relies on advertising to individuals, typically through tailored advertisements. This means that Facebook has monetized access to the information that those individuals have published on Facebook. To Facebook’s best approximation, what is the total value of all user information that Facebook has acquired or to which Facebook has access? Facebook generates substantially all of its revenue from selling advertising placements to third parties. Our total revenue and the percentage of which comes from third-party ads is below. This information is from our SEC filings. 2017: 40,653,000,000 (98% from third party ads) 2016: 27,638,000,000 (97% from third party ads) 2015: 17,928,000,000 (95% from third party ads) 100 2014: 12,466,000,000 (92% from third party ads) 2013: 7,872,000,000 (89% from third party ads) 2012: 5,089,000,000 (84% from third party ads) 2011: 3,711,000,000 (85% from third party ads) 2010: 1,974,000,000 (95% from third party ads) 2009: 777,000,000 2008: 272,000,000 How does Facebook categorize individual pieces of information for purposes of monetizing that information? (For example, Facebook acknowledges that if it is approached by a company selling ski equipment, it will target ads to individuals who have expressed an interest in skiing. We want to know in what ways Facebook organizes this information.) As explained in our Data Policy, we collect three basic categories of data about people: (1) data about things people do and share (and who they connect with) on our services; (2) data about the devices people use to access our services; and (3) data we receive from partners, including the websites and apps that use our business tools. Our Data Policy provides more detail about each of the three categories. Any person can see each of the specific interests we maintain about them for advertising by visiting Ads Preferences, which lets people see what interests we use to choose ads for them—and to edit or delete these interests. We use data from each of the categories described above to obtain these interests and to personalize every aspect of our services, which is the core value we offer and the thing that makes Facebook services unique from other online experiences. This includes selecting and ranking relevant content, including ads, posts, Page recommendations, to cite but a few examples. For example, we use the data people provide about their age and gender to help advertisers show ads based on those demographics but also to customize the pronouns on our site and deliver relevant experiences to those users. We use data about things people do on Facebook, such as the Pages they like, to associate “interests” with their accounts, so we can rank posts relating to those interests higher in NewsFeed, for example, or enable advertisers to reach audiences—i.e., groups of people—that share those interests. For example, if a person has liked Pages about baseball, we might associate them with interests called “baseball” or “sports.” 101 We use data from devices (such as location data) to help advertisers reach people in particular areas. For example, if people have shared their device locations with Facebook or checked into a specific restaurant, we can show them organic posts from friends who have been in that location or we can show them ads from an advertiser that wants to promote its services in their area or from the restaurant. We also help advertisers reach people who have given the advertiser their contact information or who have used the advertiser’s website or app. For example, advertisers can send us a hashed list of email addresses of people they would like to reach on Facebook. If we have matching email addresses, we can show those people ads from that advertiser (although we cannot see the email addresses which are sent to us in hashed form, and these are deleted as soon as we complete the match). Again, for people who are new to Facebook, we may have minimal data that we can use to personalize their experience, including their NewsFeed, their recommendations and the content (organic and sponsored) that they see. For people who have used our services for longer, we likely have more data, but the amount of data will depend on the nature of that use and how they have used our controls. As noted above, in addition to general controls—such as Activity Log—we provide controls that specifically govern the use of data for ads. Through Ad Preferences, people see and control things like: (1) their “interests,” which are keywords associated with a person based on activities such liking Pages and clicking ads; (2) their “behaviors” (which we also call “categories”), which generally reflect how, when and where they connect to Facebook; and (3) the advertisers that are currently showing them ads based on the person’s contact information, based on the person’s previous use of the advertiser’s website or app, or based on a visit to the advertiser’s store. People also can choose whether we use information about their activities on websites and apps off of Facebook to show them ads through Facebook, and whether we can use their Facebook advertising interests to show them ads off of Facebook. People’s use of these controls will, of course, affect the data we use to show them ads. What types of advertisements does Facebook categorically prohibit? Section 4 of our Advertising Policies list the types of ads that we categorically prohibit. These include ads that violate Community Standards, ads for illegal products and services, ads with adult content, ads that are misleading or false, ads that include profanity, and many more. What external controls restrict how Facebook monetizes, sells, rents, or otherwise commercializes an individual’s information? Please include (separately) any laws that Facebook views as applicable, any injunctions presently binding Facebook, any regulations directing how Facebook may monetize information, and any publicly available, independent audits of how Facebook monetizes information. Facebook complies with all applicable laws. In addition, we adhere to the commitments set forth in our Data Policy, which describes how we collect and use data. What internal controls restrict how Facebook monetizes, sells, rents, or otherwise commercializes an individual’s information? Please include (separately) any internal 102 policies, statements of ethics or principles, directives, guidelines, or prohibitions that Facebook routinely applies in determining whether to use an individual’s personal information for commercial gain. See Response to previous Question. Question 107. When an individual chooses to “lock down” or otherwise publicly conceal his Facebook profile, does Facebook: Continue to use that individual’s private information for commercial gain? (This includes aggregating data as well as targeting advertisements at that individual.) Continue to retain that individual’s private information for its own archives or records? When people post on Facebook—whether in a status update or by adding information to their profiles—the ability to input the information is generally accompanied by an audience selector. This audience selector allows the person to choose who will see that piece of information on Facebook—whether they want to make the information public, share it with friends, or keep it for “Only Me.” The tool remembers the audience a user shared with the last time they posted something and uses the same audience when the user shares again unless they change it. This tool appears in multiple places, such as privacy shortcuts and privacy settings. When a person makes a change to the audience selector tool in one place, the change updates the tool everywhere it appears. The audience selector also appears alongside things a user has already shared, so it’s clear who can see each post. After a person shares a post, they have the option to change who it is shared with. The audience with which someone chooses to share their information is independent of whether we use that information to personalize the ads and other content we show them. Specifically, our Data Policy explains that we may use any information that people share on Facebook “to deliver our Products, including to personalize features and content (including your News Feed, Instagram Feed, Instagram Stories and ads).” However, people can use our Ad Preferences tool to see the list of interests that we use to personalize their advertising. This means that, for example, a person who is interested in cars can continue to share that interest with their friends but tell us not to assign them an interest in ads for ad targeting purposes. Likewise, the audience of a post does not determine whether a post is retained. Someone can choose to share a post with “Only Me” (meaning that they don’t want anyone to see it but want to retain it in their Facebook account). They may also choose to delete the information entirely. When people choose to delete something they have shared on Facebook, we remove it from the site. In most cases, this information is permanently deleted from our servers; however, some things can only be deleted when a user permanently deletes their account. Question 108. What are Facebook’s total advertising revenues for each of the calendar years 2001 to 2018? Our total revenue and the percentage of which comes from third-party ads is below. This information is from our SEC filings. 103 2017: 40,653,000,000 (98% from third party ads) 2016: 27,638,000,000 (97% from third party ads) 2015: 17,928,000,000 (95% from third party ads) 2014: 12,466,000,000 (92% from third party ads) 2013: 7,872,000,000 (89% from third party ads) 2012: 5,089,000,000 (84% from third party ads) 2011: 3,711,000,000 (85% from third party ads) 2010: 1,974,000,000 (95% from third party ads) 2009: 777,000,000 2008: 272,000,000 What are Facebook’s online advertising revenues for each of the calendar years 2001 to 2018? What are Facebook’s five largest competitors for online advertising in each year from 2001 to 2018? What were each of those competitors’ advertising revenues through each of those years? How many of Facebook’s executive staff previously worked at each of those entities? We expect that our competitors make their numbers available in their SEC filings. And, like many industries across the private sector, many people may work in multiple technology companies throughout the course of their careers. Question 109. Regardless of place of incorporation, does Facebook consider itself an American company? Yes, we’re an American-based company where ninety percent of our community are outside the US. Question 110. When Facebook makes policy decisions, are American citizens the company’s top priority? If not, what is the company’s top priority when it comes to policy decisions? We are proud to be a US-based company that serves billions of people around the world. While the majority of our employees are located here in the United States, more than 80% of the people who use Facebook are outside this country. We consider the needs of all of our users when making policy decisions. Of course, with headquarters in the US and Ireland, we have particularly strong relationships with policy makers in those regions. We regularly engage with 104 policy makers around the world, however, and work to take account of regional policy concerns as we build our products and policies for a global user base. Question 111. Facebook, WhatsApp, and Instagram have all reportedly been blocked or partially blocked from the People’s Republic of China (PRC) since 2009. Facebook, WhatsApp and Instagram are available in Hong Kong and Macau. Facebook and Instagram are blocked in Mainland China. However, these can be accessed by people in Mainland China who employ VPNs. WhatsApp is typically available in Mainland China although we notice availability is often restricted around important events. Please describe the extent to which these services may be accessed from within the territory of the PRC, including Hong Kong and Macau, and describing in detail any geographical limits or limits on the available content. Facebook, WhatsApp, and Instagram are available in Hong Kong and Macau. Facebook and Instagram are blocked in Mainland China. However, these can be accessed by people in Mainland China who employ VPNs. WhatsApp is typically available in Mainland China although we notice availability is often restricted around important events. On what basis does Facebook evaluate whether to honor a foreign government’s request to block specific content? When something on Facebook or Instagram is reported to us as violating local law, but doesn’t go against our Community Standards, we may restrict the content’s availability only in the country where it is alleged to be illegal after careful legal review. We receive reports from governments and courts, as well from non-government entities such as members of the Facebook community and NGOs. How does Facebook determine whether to honor a foreign government’s request to block specific content or users? See Response to previous question. Listed by country, what percentage of requests to block specific content (or users) from foreign governments does Facebook honor in whole or part? This information is available here: https://transparency.facebook.com/contentrestrictions. How does Facebook determine whether to honor the U.S. government’s request to block specific content or users? Our Transparency Report contains data on restrictions we place on content that does not violate community standards but that is alleged to violate local law. We do not have any such reports for the United States. 105 What percentage of requests to block specific content (or users) from the U.S. government does Facebook honor in whole or part? See Response to previous question. Question 112. Yes or no: Has Facebook made any alterations, modifications, or changes to the encryption security of WhatsApp in response to or as a result of the PRC government or any of its agencies or in order to comply with PRC law? No. If so, what changes has Facebook made to the encryption security? Does Facebook program in “back doors” or other mechanisms to decrypt or otherwise decode encrypted information at a government’s request? No. If so, under what circumstances does Facebook decrypt such data? If so, on what platforms does Facebook have such protocols? Does Facebook make WhatsApp or Facebook information available to the PRC government on a searchable basis? No. Question 113. Since 2014, the PRC government has held a World Internet Conference. Charles Smith, the co-founder of the non-profit censorship monitoring website GreatFire, described foreign guests of the Conference as “complicit actors in the Chinese censorship regime [that] are lending legitimacy to Lu Wei, the Cyberspace Administration of China and their heavy-handed approach to Internet governance. They are, in effect, helping to put all Chinese who stand for their constitutional right to free speech behind bars.” How many Facebook employees have attended the PRC’s World Internet Conference? There have been four World Internet Conferences. Several Facebook employees have attended one or more of these four conferences. Have any Facebook employees ever participated on any panels or advisory committees that are held or have been established by the World Internet Conference? If so, please list the employees and the panels or high-level advisory committees they have participated on. One Facebook representative, Vaughan Smith, has participated in World Internet Conference panels and keynotes alongside representatives of other leading US technology companies, for example Tim Cook and Sundar Pichai. No employees participated in advisory 106 committees. Mr. Smith has provided keynotes on AI, innovation and how Facebook is building the knowledge economy. Has Facebook assisted other countries in designing regimes to monitor or censor Facebook content? If so, which countries, and under what circumstances? Please describe each. When something on Facebook or Instagram is reported to us as violating local law, but doesn’t go against our Community Standards, we may restrict the content’s availability only in the country where it is alleged to be illegal after careful legal review. We receive reports from governments and courts, as well from non-government entities such as members of the Facebook community and NGOs. This information is available here: https://transparency.facebook.com/content-restrictions. Government criticism does not violate our community standards, and we do not evaluate or categorize accounts based on whether they engage in government criticism. See also Response to Question 111(c). Has Facebook ever provided any financial support to the World Internet Conference? If yes, please provide and itemize all financial support that has been provided to the World Internet Conference. Facebook has not paid to participate in the World Internet Conference. In 2016 we paid $10,000 to rent exhibit space at the event to showcase Oculus VR which is manufactured in China. Question 114. Has Facebook ever temporarily shut down or limited access to Facebook, WhatsApp, or Instagram within a country or a specific geographic area, at the request of a foreign government or agency, including but not limited to, the PRC, the Islamic Republic of Iran, Syria, the Russian Federation, and Turkey? If so, please describe each instance Facebook has complied with a foreign government’s request to censor content or users, the requesting government, the provided justification for the government request, and a description of the content requested to be removed. Please describe what if any policies Facebook has in place governing Facebook’s responses to government censorship requests. We do not block access to Facebook products and services in areas where they are otherwise generally available on the basis of specific government requests. We may independently limit access to certain functionality—such as peer-to-peer payments or facial recognition—in some jurisdictions based on legal and regulatory requirements. In some instances, we may receive requests from governments or other parties to remove content that does not violate our Community Standards but is alleged to contravene local law. When we receive such requests, we conduct a careful review to confirm whether the report is legally valid and is consistent with international norms, as well as assess the impact of our response on the availability of other speech. When we comply with a request, we restrict the 107 content only within the relevant jurisdiction. We publish details of content restrictions made pursuant to local law, as well as details of our process for handling these requests, in our Transparency Report (https://transparency.facebook.com/content-restrictions). 108 Questions from Ranking Member Nelson Question 1. While the primary focus of the April 10 hearing was on Cambridge Analytica and Facebook’s privacy and data security policies, concerns were heard about many other issues from Members on both sides of the aisle. Within this context, please detail specific steps that Facebook is taking to address: (1) “fake news”, (2) foreign government interference in American elections, (3) illegal sex trafficking, and (4) copyright infringement of digital content. Fake News: We are working hard to stop the spread of false news. We work with third party fact checking organizations to limit the spread of articles with rated false. To reduce the spread of false news, we remove fake accounts and disrupt economic incentives for traffickers of misinformation. We also use various signals, including feedback from our community, to identify potential false news. In countries where we have partnerships with independent thirdparty fact-checkers, stories rated as false by those fact-checkers are shown lower in News Feed. If Pages or domains repeatedly create or share misinformation, we significantly reduce their distribution and remove their advertising rights. We also want to empower people to decide for themselves what to read, trust, and share. We promote news literacy and work to inform people with more context. For example, if third-party fact-checkers write articles about a news story, we show them immediately below the story in the Related Articles unit. We also notify people and Page Admins if they try to share a story, or have shared one in the past, that’s been determined to be false. In addition to our own efforts, we’re learning from academics, scaling our partnerships with third-party fact-checkers and talking to other organizations about how we can work together. Foreign Interference: In the run-up to the 2016 elections, we were focused on the kinds of cybersecurity attacks typically used by nation states, for example phishing and malware attacks. And we were too slow to spot this type of information operations interference. Since then, we’ve made important changes to prevent bad actors from using misinformation to undermine the democratic process. This will never be a solved problem because we’re up against determined, creative and well-funded adversaries. But we are making steady progress. Here is a list of the 10 most important changes we have made: • Ads transparency. Advertising should be transparent: users should be able to see all the ads an advertiser is currently running on Facebook, Instagram, and Messenger. We are taking steps to help users assess the content they see on Facebook. For example, for ads with political content, we’ve created an archive that will hold ads with political content for seven years—including for information about ad impressions and spend, as well as demographic data such as age, gender, and location. People in Canada and Ireland can already see all the ads that a Page is running on Facebook—and we’re launching this globally in June. Further, advertisers will now need to confirm their ID and location before being able to run any ads with political content in the US. All ads with political content will also clearly state who paid for them. We also want to empower people to decide for themselves what to read, trust, and share. We promote news literacy and work to inform people with more context. For example, if third-party fact-checkers write articles about a news story, we show them immediately below the story in the Related Articles unit. We 109 also notify people and Page Admins if they try to share a story, or have shared one in the past, that’s been determined to be false. • Verification and labeling. We are working hard to regain the trust of our community. Success would consist of minimizing or eliminating abuse of our platform and keeping our community safe. We have a number of specific goals that we will use to measure our progress in these efforts. First, we are increasing the number of people working on safety and security at Facebook, to 20,000. We have significantly expanded the number of people who work specifically on election integrity, including people who investigate this specific kind of abuse by foreign actors. Those specialists find and remove more of these actors. Second, we work to improve threat intelligence sharing across our industry, including, we hope, by having other companies join us in formalizing these efforts. This is a fight against sophisticated actors, and our entire industry needs to work together to respond quickly and effectively. Third, we are bringing greater transparency to election ads on Facebook by requiring more disclosure from people who want to run election ads about who is paying for the ads and by making it possible to see all of the ads that an advertiser is running, regardless of the targeting. We believe that these efforts will help to educate our community and to arm users, media, civil society, and the government with information that will make it easier to identify more sophisticated abuse to us and to law enforcement. • Updating targeting. We want ads on Facebook to be safe and civil. We thoroughly review the targeting criteria advertisers can use to ensure they are consistent with our principles. As a result, we removed nearly one-third of the targeting segments used by the IRA. We continue to allow some criteria that people may find controversial. But we do see businesses marketing things like historical books, documentaries or television shows using them in legitimate ways. • Better technology. We have gotten increasingly better at finding and disabling fake accounts. We’re now at the point that we block millions of fake accounts each day at the point of creation before they do any harm. This is thanks to improvements in machine learning and artificial intelligence, which can proactively identify suspicious behavior at a scale that was not possible before—without needing to look at the content itself. • Action to tackle fake news. (see above). • Significant investments in security. We’re doubling the number of people working on safety and security from 10,000 last year to over 20,000 this year. We expect these investments to impact our profitability. But the safety of people using Facebook needs to come before profit. • Industry collaboration. In April, we joined 34 global tech and security companies in signing a TechAccord pact to help improve security for everyone. 110 • Intelligence sharing with government. In the 2017 German elections, we worked closely with the authorities there, including the Federal Office for Information Security (BSI). This gave them a dedicated reporting channel for security issues related to the federal elections. • Tracking 40+ elections. In recent months, we’ve started to deploy new tools and teams to proactively identify threats in the run-up to specific elections. We first tested this effort during the Alabama Senate election, and plan to continue these efforts for elections around the globe, including the US midterms. Last year we used public service announcements to help inform people about fake news in 21 separate countries, including in advance of French, Kenyan and German elections. • Action against the Russia-based IRA. In April, we removed 70 Facebook and 65 Instagram accounts—as well as 138 Facebook Pages—controlled by the IRA primarily targeted either at people living in Russia or Russian-speakers around the world including from neighboring countries like Azerbaijan, Uzbekistan, and Ukraine. The IRA has repeatedly used complex networks of inauthentic accounts to deceive and manipulate people in the US, Europe, and Russia—and we don’t want them on Facebook anywhere in the world. We are taking steps to enhance trust in the authenticity of activity on our platform, including increasing ads transparency, implementing a more robust ads review process, imposing tighter content restrictions, and exploring how to add additional authenticity safeguards. We also have improved information sharing about these issues among our industry partners. Copyright: Facebook takes intellectual property rights seriously and believes they are important to promoting expression, creativity, and innovation in our community. Facebook’s Terms of Service do not allow people to post content that violates someone else’s intellectual property rights, including copyright and trademark. We publish information about the intellectual property reports we receive in our bi-annual Transparency Report, which can be accessed at https://transparency.facebook.com/. Sex trafficking: Facebook is committed to making our platform a safe place, especially for individuals who may be vulnerable. We have a long history of working successfully with governments to address a wide variety of threats to our platform, including child exploitation. When we learn of a situation involving physical abuse, child exploitation, or an imminent threat of harm to a person, we immediately report the situation to first responders or the National Center for Missing and Exploited Children (NCMEC). Further, as part of official investigations, government officials sometimes request data about people who use Facebook. We have processes in place to handle these government requests, and we disclose account records in accordance with our terms of service and applicable law. We also have a global team that strives to respond within minutes to emergency requests from law enforcement. Our relationship with NCMEC also extends to an effort that we launched in 2015 to send AMBER Alerts to the Facebook community to help find missing children. When police determine that a case qualifies for an AMBER Alert, the alert is issued by the NCMEC and distributed through the Facebook system with any available information, including a photograph 111 of the missing child, a license plate number, and the names and descriptions of the child and suspected abductor. Law enforcement determines the range of the target area for each alert. We know the chances of finding a missing child increase when more people are on the lookout, especially in the critical first hours. Our goal is to help get these alerts out quickly to the people who are in the best position to help, and a number of missing children have been found through AMBER Alerts on Facebook. Further, we work tirelessly to identify and report child exploitation images (CEI) to appropriate authorities. We identify CEI through a combination of automated and manual review. On the automated review side, we use image hashing to identify known CEI. On the manual review side, we provide in-depth training to content reviewers on how to identify possible CEI. Confirmed CEI is reported to the NCMEC, which then forwards this information to appropriate authorities. When we report content to the NCMEC, we preserve account information in accordance with applicable law, which can help further law enforcement investigations. We also reach out to law enforcement authorities in serious cases to ensure that our reports are received and acted upon. Question 2. Some commentators worry that the Internet is dominated by a few large platforms with little competition or accountability. Facebook is obviously considered to be one of those key, dominant platforms. A. Please comment on how American laws should hold large Internet platforms accountable when things go wrong? B. What is Facebook’s legal and ethical responsibility as an Internet platform with billions of global users? Our mission is to give people the power to build community and bring the world closer together—a mission that is inherently global and enhanced by a global scope. As the internet becomes more important in people’s lives, the real question is about the right set of regulations that should apply to all internet services, regardless of size. Across the board, we have a responsibility to not just build tools, but to make sure that they’re used in ways that are positive for our users. It will take some time to work through all the changes we need to make across the company, but Facebook is committed to getting this right. Question 3. If large Internet platforms compromise consumer privacy and/or facilitate the theft of original content, what should be the federal government’s response? What should be the obligations of the platforms? We take intellectual property rights seriously at Facebook and work closely with the motion picture industries and other rights holders worldwide to help them protect their copyrights and other IP. Our measures target potential piracy across our products, including Facebook Live, and continue to be enhanced and expanded. These include a global notice-andtakedown program, a comprehensive repeat infringer policy, integration with the content recognition service Audible Magic, and our proprietary video- and audio-matching technology called Rights Manager. More information about these measures can be found in our Intellectual Property Help Center, Transparency Report, and Rights Manager website. 112 Question 4. In general, as reflected in the General Data Protection Regulation (GDPR), the European Union (EU) is considered to require stronger data and privacy protections than the United States. According to press reports, Facebook will be moving 1.5 billion users outside of the scope of the EU’s GDPR. Please explicitly lay out how Facebook’s compliance with the GDPR will affect all Facebook users, including American users. That is, to what extent will the GDPR’s requirements and protections extend to Americans and users outside Europe? The press reports referred to in this question pertain to the legal entity with which Facebook users contract when they use the service, which changed in some jurisdictions as a part of the most recent updates to our Terms of Service and Data Policy. This change did not impact people who live in the United States, who contract with Facebook, Inc. under both our new and old policies. The substantive protections in our user agreements offered by Facebook Ireland and Facebook, Inc. are the same. However, there are certain aspects of our Facebook Ireland Data Policy that are specific to legal requirements in the GDPR—such as the requirement that we provide contact information for our EU Data Protection Officer (DPO) or that we identify the “legal bases” we use for processing data under the GDPR. Likewise, our Facebook Ireland terms and Data Policy address the lawful basis for transferring data outside the EU, based on legal instruments that are applicable only to the EU. In any case, the controls and settings that Facebook is enabling as part of GDPR are available to people around the world, including settings for controlling our use of face recognition on Facebook and for controlling our ability to use data we collect off Facebook Company Products to target ads. We recently began providing direct notice of these controls and our updated terms to people around the world (including in the US), allowing people to choose whether or not to enable or disable these settings or to consent to our updated terms. We provide the same tools for access, rectification, erasure, data portability and others to people in the US and rest of world that we provide in Europe, and many of those tools (like our Download Your Information tool, ad preferences tool, and Activity Log) have been available globally for many years. 113 Questions from Senator Cantwell SUMMARY I understand that last week you announced your support for legislation that would regulate political ads on internet platforms. By your own report, Facebook has removed 70 Facebook accounts, 138 Facebook Pages, and 65 Instagram accounts run by the Russian government-connected troll farm and election interference group known as the Internet Research Agency. I want to explore the distinction between paid political ads and the troll and bot activity deployed by Russia that was designed to meddle with and influence US elections. Question 1. What tools do we have to address this going forward? If we pass the Honest Ads Act, won’t we still have a problem with bots and trolls that aren’t running traditional paid “political ads”? We have always believed that Facebook is a place for authentic dialogue and that the best way to ensure authenticity is to require people to use the names they are known by. Fake accounts undermine this objective and are closely related to the creation and spread of inauthentic communication such as spam and disinformation. We also prohibit the use of automated means to access our platform. We rely on both automated and manual review in our efforts to effectively detect and deactivate fake accounts, including bots, and we are now taking steps to strengthen both. For example, we continually update our technical systems to identify, checkpoint, and remove inauthentic accounts. We block millions of attempts to register fake accounts every day. These systems examine thousands of detailed account attributes and prioritize signals that are more difficult for bad actors to disguise. Question 2. Do we need a new definition of paid advertising or political expenditures that reaches bots and troll activity that are backed by foreign national interests? We’re committed to addressing this, and we have a number of efforts underway. Facebook has generally dealt with bots and troll activity via its Authenticity policy. Already, we build and update technical systems every day to better identify and remove inauthentic accounts, which also helps reduce the distribution of material that can be spread by accounts that violate our policies. Each day, we block millions of fake accounts at registration. Our systems examine thousands of account attributes and focus on detecting behaviors that are very difficult for bad actors to fake, including their connections to others on our platform. By constantly improving our techniques, we also aim to reduce the incentives for bad actors who rely on distribution to make their efforts worthwhile. For example, the Internet Research Agency, based in St. Petersburg, is a “troll farm” and generally thought to be aligned with the Russian government. Facebook has determined that Internet Research Agency users violated Facebook’s authenticity policy and has been working to 114 remove them from the platform. This has resulted in the removal of numerous Facebook and Instagram accounts, as well as the content connected with those accounts. Facebook has found that many trolls are motivated by financial incentives and is taking steps to disrupt those incentives to discourage the behavior. While working to limit the impact of bots and trolls, Facebook is striving to strike the right balance between enabling free expression and ensuring that its platform is safe. Facebook’s policies are aimed at encouraging expression and respectful dialogue. Question 3. Would you commit to working on a way to address the bots and troll problem in a way that does not compromise free speech? Yes, see Response to Question 2. Question 4. In your testimony you talked about your use of artificial intelligence to combat hate speech, bots, and trolls. What do you feel is the correct regulatory or other approach Congress should take to address artificial intelligence or other emerging technologies? Artificial Intelligence (AI) is a very promising technology that has many applications. Fairness, transparency and accountability should guide its development. Presently, AI systems make decisions in ways that people don’t really understand. Thus, society needs to invest further in developing AI systems which are more transparent. Facebook has AI teams working on developing the philosophical, as well as technical, foundations for this work. We discussed our AI ethics work during the keynote of our recent developer’s conference (at minute 47): https://www.facebook.com/FacebookforDevelopers/videos/10155609688618553/. Question 5. How does Facebook plan to address the leveraging of its social engineering tools developed to optimize advertising revenue by state sponsored actors and geopolitical forces that seek to influence democratic elections and political outcomes? In the run-up to the 2016 elections, we were focused on the kinds of cybersecurity attacks typically used by nation states, for example phishing and malware attacks. And we were too slow to spot this type of information operations interference. Since then, we’ve made important changes to prevent bad actors from using misinformation to undermine the democratic process. This will never be a solved problem because we’re up against determined, creative and well-funded adversaries. But we are making steady progress. Here is a list of the 10 most important changes we have made: 1. Ads transparency. Advertising should be transparent: users should be able to see all the ads an advertiser is currently running on Facebook, Instagram and Messenger. And for ads with political content, we’ve created an archive that will hold ads with political content for seven years—including information about ad impressions and spend, as well as demographic data such 115 as age, gender and location. People in Canada and Ireland can already see all the ads that a Page is running on Facebook—and we’re launching this globally in June. 2. Verification and labeling. Every advertiser will now need confirm their ID and location before being able to run any ads with political content in the US. All ads with political content will also clearly state who paid for them. 3. Updating targeting. We want ads on Facebook to be safe and civil. We thoroughly review the targeting criteria advertisers can use to ensure they are consistent with our principles. As a result, we removed nearly one-third of the targeting segments used by the IRA. We continue to allow some criteria that people may find controversial. But we do see businesses marketing things like historical books, documentaries or television shows using them in legitimate ways. 4. Better technology. Over the past year, we’ve gotten increasingly better at finding and disabling fake accounts. We now block millions of fake accounts each day as people try to create them—and before they’ve done any harm. This is thanks to improvements in machine learning and artificial intelligence, which can proactively identify suspicious behavior at a scale that was not possible before—without needing to look at the content itself. 5. Action to tackle fake news. We are working hard to stop the spread of false news. We work with third party fact checking organizations to limit the spread of articles with rated false. To reduce the spread of false news, we remove fake accounts and disrupt economic incentives for traffickers of misinformation. We also use various signals, including feedback from our community, to identify potential false news. In countries where we have partnerships with independent third-party fact-checkers, stories rated as false by those fact-checkers are shown lower in News Feed. If Pages or domains repeatedly create or share misinformation, we significantly reduce their distribution and remove their advertising rights. We also want to empower people to decide for themselves what to read, trust, and share. We promote news literacy and work to inform people with more context. For example, if third-party fact-checkers write articles about a news story, we show them immediately below the story in the Related Articles unit. We also notify people and Page Admins if they try to share a story, or have shared one in the past, that’s been determined to be false. In addition to our own efforts, we’re learning from academics, scaling our partnerships with third-party fact-checkers and talking to other organizations about how we can work together. A key focus is working to disrupt the economics of fake news. For example, preventing the creation of fake accounts that spread it, banning sites that engage in this behavior from using our ad products, and demoting articles found to be false by fact checkers in News Feed—causing it to lose 80% of its traffic. We now work with independent fact checkers in the US, France, Germany, Ireland, the Netherlands, Italy, Mexico, Colombia, India, Indonesia and the Philippines with plans to scale to more countries in the coming months. 6. Significant investments in security. We’re doubling the number of people working on safety and security from 10,000 last year to over 20,000 this year. We expect these investments to impact our profitability. But the safety of people using Facebook needs to come before profit. 116 7. Industry collaboration. Recently, we joined 34 global tech and security companies in signing a TechAccord pact to help improve security for everyone. 8. Information sharing and reporting channels. In the 2017 German elections, we worked closely with the authorities there, including the Federal Office for Information Security (BSI). This gave them a dedicated reporting channel for security issues related to the federal elections. 9. Tracking 40+ elections. In recent months, we’ve started to deploy new tools and teams to proactively identify threats in the run-up to specific elections. We first tested this effort during the Alabama Senate election, and plan to continue these efforts for elections around the globe, including the US midterms. Last year we used public service announcements to help inform people about fake news in 21 separate countries, including in advance of French, Kenyan and German elections. 10. Action against the Russia-based IRA. In April, we removed 70 Facebook and 65 Instagram accounts—as well as 138 Facebook Pages—controlled by the IRA primarily targeted either at people living in Russia or Russian-speakers around the world including from neighboring countries like Azerbaijan, Uzbekistan and Ukraine. The IRA has repeatedly used complex networks of inauthentic accounts to deceive and manipulate people in the US, Europe and Russia—and we don’t want them on Facebook anywhere in the world. Question 6. How should Congress address the leveraging of social engineering tools developed to optimize advertising revenue on technology platforms, by state sponsored actors and geopolitical forces that seek to influence democratic elections and political outcomes? From its earliest days, Facebook has always been focused on security. These efforts are continuous and involve regular contact with law enforcement authorities in the US and around the world. Elections are particularly sensitive events for Facebook’s security operations, and as the role of Facebook’s service plays in promoting political dialogue and debate has grown, so has the attention of its security team. To address these concerns, Facebook is taking steps to enhance trust in the authenticity of activity on its platform, including increasing ads transparency, implementing a more robust ads review process, imposing tighter content restrictions, and exploring how to add additional authenticity safeguards. We welcome a dialog with government about how to address these societal issues. 117 Questions from Senator Blumenthal Facebook’s Download Your Information Tool During the hearing, I asked not only whether Facebook users should be able to access their information, but specifically whether it would provide its users “all of the information that you collect as a result of purchases from data brokers, as well as tracking them?” You affirmatively stated that Facebook has a “Download Your Information (DYI) tool that allows people to see and to take out all of the information that they have put into Facebook or that Facebook knows about them.” However, in a March 7, 2018 correspondence provided to the U.K. Parliament regarding Paul-Olivier Dehaye’s legal request for personal data, Facebook’s Privacy Operations Team acknowledged that the DYI tool does not provide records stored in its ‘Hive’ database. This answer appears to confirm that the Facebook ‘Pixel’ web tracking system and other records are stored and combined with profile information, but not provided to users. Since then, WIRED magazine and academic researchers have noted the omission from the DYI tool of other pieces of data that Facebook is known to collect. Question 1. What specific pieces of data does Facebook collect that are not provided through the DYI tool? Please provide exact labels and descriptions of the types of data and its source, rather than broad categories or intent, including but not limited to web tracking data, location history, ad interactions and advertiser targeting data, third party applications, and derived inferences. Our Download Your Information or “DYI” tool is Facebook’s data portability tool and was launched many years ago to let people access and download many types of information that we maintain about them. The data in DYI and in our Ads Preferences tool contain each of the interest categories that are used to show people ads, along with information about the advertisers that are currently running ads based on their use of an advertiser’s website or app. People also can choose not to see ads from those advertisers. We recently announced expansions to Download Your Information, which, among other things, will make it easier for people to see their data, delete it, and easily download and export it. More information is available at https://newsroom.fb.com/news/2018/04/new-privacy-protections/. Responding to feedback that we should do more to provide information about websites and apps that send us information when people use them, we also announced plans to build Clear History. This new feature will enable users to see the websites and apps that send us information when they use them, delete this information from their account, and turn off Facebook’s ability to store it associated with their account going forward. We have also introduced Access Your Information. This feature provides a new way for people to access and manage their information. Users can go here to delete anything from their timeline or profile that they no longer want on Facebook. They can also see their ad interests, as well as information about ads they’ve clicked on and advertisers who have provided us with information about them that influence the ads they see. From here, they can go to their ad settings to manage how this data is used to show them ads. 118 Facebook’s Web Tracking While users can more readily understand the types of data that Facebook collects directly from them, Facebook’s data collection practices regarding non-users and from other sources are opaque. For example, Facebook collects data from its social plugins, Pixel, and other similar properties (“web tracking data”) that provide a deep understanding about an individual’s web browsing habits. Question 2. Would an employee with appropriate technical permissions to the Hive database be able to generate a list of websites viewed by a Facebook user, where such websites contained a Facebook tracking property? We have strict policy controls and technical restrictions so employees only access the data they need to do their jobs—for example to fix bugs, manage customer support issues or respond to valid legal requests. Employees who abuse these controls will be fired. Further information is available in our Cookies Policy, available at http://facebook.com/ads/about. Question 3. Is web tracking data used for inferring an individual’s interests or other characteristics? Are those inferences used in advertising? Yes, but only for Facebook users. We do not use web browsing data to show ads to nonusers or otherwise store profiles about non-users. Our goal is to show people content (including advertising) that is relevant to their interests. We use information people have provided on Facebook—such as things they’ve liked or posts they’ve engaged with—to help determine what people will be interested in. Like most online advertising companies, we also inform our judgments about what ads to show based on apps and websites that people use off of Facebook. People can turn off our use of web browser data and other data from third-party partners to show them ads through a control in Ads Preferences. They can also customize their advertising experience by removing interests that they do not want to inform the Facebook ads they see. In addition, a person’s browser or device may offer settings that allow users to choose whether browser cookies are set and to delete them. Question 4. Does Facebook provide users and non-users with the ability to disable the collection (not merely the use) of web tracking? Does Facebook allow users to delete this data without requiring the deletion of their accounts? When people visit apps or websites that feature our technologies—like the Facebook Like or Comment button—our servers automatically log (i) standard browser or app records of the fact that a particular device or user visited the website or app (this connection to Facebook’s servers occurs automatically when a person visits a website or app that contains our technologies, such as a Like button, and is an inherent function of Internet design); and (ii) any additional information the publisher of the app or website chooses to share with Facebook about the person’s activities on that site (such as the fact that a purchase was made on the site). This is a standard feature of the Internet, and most websites and apps share this same information with multiple different third-parties whenever people visit their website or app. For example, the Senate Commerce Committee’s website shares information with Google and its affiliate DoubleClick and with the analytics company Webtrends. This means that, when a person visits the Committee’s website, it sends browser information about their visit to each one of those third 119 parties. More information about how this works is available at https://newsroom.fb.com/news/2018/04/data-off-facebook/. When the person visiting a website featuring Facebook’s tools is not a registered Facebook user, Facebook does not have information identifying that individual, and it does not create profiles for this individual. We use the browser and app logs that apps and websites send to us—described above— in the following ways for non-Facebook users. First, these logs are critical to protecting the security of Facebook and to detecting or preventing fake account access. For example, if a browser has visited hundreds of sites in the last five minutes, that’s a sign the device might be a bot, which would be an important signal of a potentially inauthentic account if that browser then attempted to register for an account. Second, we aggregate those logs to provide summaries and insights to websites and apps about how many people visit or use their product or use specific features like our Like button—but without providing any information about a specific person. We do not create profiles for non-Facebook users, nor do we use browser and app logs for nonFacebook users to show targeted ads from our advertisers to them or otherwise seek to personalize the content they see. However, we may take the opportunity to show a general ad that is unrelated to the attributes of the person or an ad encouraging the non-user to sign up for Facebook. When the individual is a Facebook user, we are also able to use this information to personalize their experiences on Facebook, whether or not they are logged out, but we will not target ads to users relying on this information unless the user allows this in their privacy settings. We do not sell or share this information with third-parties. We recently announced plans to build on this by introducing Clear History, a new feature that will enable users to see the websites and apps that send us information when they use them, delete this information from their accounts, and turn off our ability to store it associated with their accounts going forward. Question 5. One academic study from 2015 raised concerns about the privacy risks of web tracking data collected from health-related web pages, including an example of Facebook collecting information from the inclusion of a Facebook Like button on the CDC’s page about HIV. Does Facebook impose any limitation on itself regarding the collection and use (including inferences) of web tracking data collected from health-related pages or any other themes of websites? Websites and apps choose whether they use Facebook services to make their content and ads more engaging and relevant and whether they share browser data or other information with Facebook or other companies when people visit their sites. These services include: • Social plugins, such as our Like and Share buttons, which make other sites more social and help people share content on Facebook; • Facebook Login, which lets people use their Facebook account to log into another website or app; 120 • Facebook Analytics, which helps websites and apps better understand how people use their services; and • Facebook ads and measurement tools, which enable websites and apps to show ads from Facebook advertisers, to run their own ads on Facebook or elsewhere, and to understand the effectiveness of their ads. Many companies offer these types of services and, like Facebook, they also get information from the apps and sites that use them. Twitter, Pinterest, and LinkedIn all have similar Like and Share buttons to help people share things on their services. Google has a popular analytics service. And Amazon, Google, and Twitter all offer login features. These companies—and many others—also offer advertising services. In fact, most websites and apps send the same information to multiple companies each time users visit them. For example, when a user visits a website, their browser (for example Chrome, Safari or Firefox) sends a request to the site’s server. The browser shares a user’s IP address, so the website knows where on the internet to send the site content. The website also gets information about the browser and operating system (for example Android or Windows) they’re using because not all browsers and devices support the same features. It also gets cookies, which are identifiers that websites use to know if a user has visited before. A website typically sends two things back to a user’s browser: first, content from that site; and second, instructions for the browser to send the user’s request to the other companies providing content or services on the site. So, when a website uses one of our services, our users’ browsers send the same kinds of information to Facebook as the website receives. We also get information about which website or app our users are using, which is necessary to know when to provide our tools. Our policies include a range of restrictions on the use of these tools for health-related advertising. For example, we do not allow ads that discriminate based on disability, medical or genetic condition. Ads also may not contain content that directly or indirectly asserts or implies a person’s disability, medical condition (including physical or mental health), or certain other traits. And ads generally may not request health information, including physical health, mental health, medical treatments, medical conditions, or disabilities. And we prohibit anyone from using our pixel to send us data that includes health, financial information, or other categories of sensitive information. In addition, we also enable ad targeting options—called “interests” and “behaviors”— that are based on people’s activities on Facebook, and when, where, and how they connect to the Internet (such as the kind of device they use and their mobile carrier). These options do not reflect people’s personal characteristics, but we still take precautions to limit the potential for advertisers to misuse them. For example, we do not create interest or behavior segments that suggest the people in the segment are members of sensitive groups such as people who have certain medical conditions. Question 6. What changes, if any, is Facebook making to limit the amount of data that Facebook itself collects about users and non-users? 121 As explained in our Data Policy, we collect three basic categories of data about people: (1) data about things people do and share (and who they connect with) on our services, (2) data about the devices people use to access our services, and (3) data we receive from partners, including the websites and apps that use our business tools. Our Data Policy provides more detail about each of the three categories. We use this information for a variety of purposes, including to provide, personalize, and improve our products, provide measurement, analytics, and other business services, promote safety and security, to communicate with people who use our services, and to research and innovate to promote the social good. We provide more information in our Data Policy about these uses as well. Our policies limit our retention of the data that we receive in several ways. Specifically, we store data until it is no longer necessary to provide our services and Facebook products, or until a person’s account is deleted—whichever comes first. This is a case-by-case determination that depends on things like the nature of the data, why it is collected and processed, and relevant legal or operational retention needs. For example, when a user searches for something on Facebook, they can access and delete that query from within their search history at any time, but the log of that search is deleted after 6 months. If they submit a copy of their government-issued ID for account verification purposes, we delete that copy 30 days after submission. If a user posts something on their Facebook profile, then that information would be retained until they delete it or until they delete their account. We also have other policies that are designed to limit our retention of other types of information about people. For example, if a user visits a site with the “Like” button or another social plugin, we receive cookie information that we use to help show them a personalized experience on that site as well as Facebook, to help maintain and improve our service, and to protect both the user and Facebook from malicious activity. We delete or anonymize it within 90 days. In general, when a user deletes their account, we delete things they have posted, such as their photos and status updates, and they won’t be able to recover that information later. (Information that others have shared about them isn’t part of their account and won’t be deleted.) There are some limited exceptions to these policies: For instance, information can be accessed and preserved for an extended period when it is the subject of a legal request or obligation, governmental investigation, or investigations of possible violations of our terms or policies, or otherwise to prevent harm. We also retain information from accounts disabled for terms violations for at least a year to prevent repeat abuse or other term violations. We collect very little data about non-users (unless they choose to communicate directly with us) and do not create profiles or track browsing history for people who are not registered users of Facebook, for example. Particularly in the past few months, we’ve realized that we need to take a broader view of our responsibility to our community. Part of that effort is continuing our ongoing efforts to identify ways that we can improve our privacy practices. This includes restricting the way that developers can get information from Facebook and announcing plans to build Clear History, a new feature that will enable users to see the websites and apps that send us information when 122 they use them, delete this information from their accounts, and turn off our ability to store it associated with their accounts going forward. Onavo Protect When Facebook bought a VPN service, Onavo Protect, the purchase was portrayed as a way for your company to build more efficient mobile products. Since 2016, you have encouraged users to install the Onavo application as a way to “keep you and your data safe,” although it does not brand itself as a Facebook product. Onavo is a particularly sensitive product since it provides your company access to all of the Internet traffic being generated by the device. Wall Street Journal and other publications have reported that Facebook has used the data captured from the Onavo for market analytics on competitive services. Question 7. Does Facebook use traffic information collected from Onavo to monitor the adoption or popularity of non-Facebook applications? When people first install the iOS version of the Onavo Protect app, we explain that Onavo uses a VPN that “helps keep you and your data safe by understanding when you visit potentially malicious or harmful websites and giving you a warning.” In addition, the first screen that a person sees when installing the app explains, under a heading that reads “Data Analysis”: “When you use our VPN, we collect the info that is sent to, and received from, your mobile device. This includes information about: your device and its location, apps installed on your device and how you use those apps, the websites you visit, and the amount of data use. This helps us improve and operate the Onavo service by analyzing your use of websites, apps and data. Because we’re a part of Facebook, we also use this info to improve Facebook products and services, gain insights into the products and services people value, and build better experiences.” People must tap a button marked “Accept & Continue” after seeing this information in a full-screen interstitial before they can use the app. The Android version of the Onavo Protect app offers data management features (e.g., the ability to block apps from using background data) that do not require users to enable the app’s VPN. For both versions of the app, we communicate repeatedly and up front—in the App Store description, in Onavo’s Privacy Policy, and in-line at the time the user first opens the app after downloading it—that Onavo is part of Facebook and what that means for how Onavo Protect handles data in other ways. More broadly, websites and apps have used market research services for years. We use Onavo, App Annie, comScore, and publicly available tools to help us understand the market and improve all our services. When people download Onavo to manage their data usage and help secure their connection, we are clear about the information we collect and how it is used. Like other VPNs, when the Onavo VPN is enabled, Onavo Protect helps create a secure connection, including when people are on public Wi-Fi. As part of this process, Onavo receives their mobile 123 data traffic. This helps us improve and operate the Onavo service. Because we’re part of Facebook, we also use this information to improve Facebook products and services. We let people know about this activity, and other ways that Onavo uses, analyzes, and shares data (for example, the apps installed on users’ devices) in the App Store descriptions, and when they first open the app after downloading it. Facebook does not use Onavo data for Facebook product uses, nor does it append any Onavo data or data about individuals’ app usage to Facebook accounts. Question 8. Has Facebook ever used the Onavo data in decisions to purchase another company or develop a product to compete against another company? See Response to Question 7. Question 9. Does Facebook associate Onavo traffic information with profile data from its social networking sites, including for analytic purposes? No. See Response to Question 7. Facebook and Academic Research Facebook’s users place a significant amount of trust in the company to keep its data safe and protect the integrity of the platform. While Facebook has now developed a wellregarded ethical review processes and it is commendable that the company has supported academic research, any process is fallible and at least one of its experiments on "emotional contagion" was highly criticized by the academic community. One of the researchers behind the Cambridge Analytica application, Dr. Aleksandr Kogan, had frequently collaborated with Facebook on social science research based on its data, including a paper where Facebook provided data on every friendship formed in 2011 in every country in the world at the national aggregate level. Facebook users almost certainly are unaware that their data is used for scientific research by outside researchers nor do they have a credible understanding of the accountability of these relationships. Question 10. Has Facebook ever provided any third party researcher with direct access to non-anonymized user data? In our Data Policy, we explain that we may use the information we have to conduct and support research in areas that may include general social welfare, technological advancement, public interest, health, and well-being. Researchers are subject to strict restrictions regarding data access and use as part of these collaborations. Question 11. Do users have the ability to opt out of such experiments? No, users do not have the ability to opt out of such research; however, we disclose our work with academic researchers in our Data Policy, and our work with academics is conducted subject to strict privacy and research protocols. Question 12. Has a researcher ever been found to have misused access to the nonanonymized user data? Please describe any such incidents. 124 We are investigating all apps that, like Aleksandr Kogan’s, had access to large amounts of information before we changed our platform in 2014 to reduce data access. The investigation process is in full swing, and it has two phases. First, a comprehensive review to identify every app that had access to this amount of Facebook data. And second, where we have concerns, we will conduct interviews, make requests for information (RFI)—which ask a series of detailed questions about the app and the data it has access to—and perform audits that may include onsite inspections. We have large teams of internal and external experts working hard to investigate these apps as quickly as possible. To date thousands of apps have been investigated and around 200 (from a handful of developers: Kogan, AIQ, Cube You, the Cambridge Psychometrics Center, and myPersonality) have been suspended—pending a thorough investigation into whether they did in fact misuse any data. Where we find evidence that these or other apps did misuse data, we will ban them and notify people whose data was shared with these apps. Additionally, we have suspended an additional 14 apps, which were installed by around one thousand people. They were all created after 2014, after we made changes to more tightly restrict our platform APIs to prevent abuse. However, these apps appear to be linked to AIQ, which was affiliated with Cambridge Analytica. So, we have suspended them while we investigate further. Any app that refuses to take part in or fails our audit will be banned. Question 13. Does Facebook believe it would have a responsibility to report such incidents to the FTC under the consent decree? If such incidents have occurred, has Facebook reported them to the FTC? The July 27, 2012 Consent Order memorializes the agreement between Facebook and the FTC and does not require ongoing reporting. Instead, and among other things, the consent order obligates Facebook not to misrepresent the extent to which it maintains the privacy or security of covered information (Section I), not to materially exceed the restrictions of a privacy setting that applies to nonpublic user information without affirmative express consent (Section II), and to implement a comprehensive privacy program that is subjected to ongoing review by an independent assessor (Sections IV and V). Facebook accurately represented the operation of its developer Platform and the circumstances under which people could share data (including friends data) with developers, honored the restrictions of all privacy settings that covered developer access to data, and implemented a comprehensive privacy program build on industry-leading controls and principles, which has undergone ongoing review by an independent assessor approved by the FTC. Cambridge Analytica Timeline Questions There have been conflicting reports regarding the timeline of Facebook’s response to the “thisisyourdigitallife” application developed for Cambridge Analytica. Please provide specific information about Facebook’s response to the matter. Question 14. With respect to the harvesting of user data from the “thisisyourdigitallife” application, for each the following (a) Cambridge Analytica, (b) Christopher Wylie, and (c) Dr. Kogan, on what date did Facebook: 1. First contact that party about the data collected from the application? 125 2. Seek certification that the partys copy of the data was destroyed? 3. Receive the certification from party? On December 11, 2015, The Guardian published an article reporting that Kogan and his company, GSR, may have passed information the app had obtained from Facebook users to SCL Elections Ltd. (SCL)/Cambridge Analytica. If this occurred, Kogan and his company violated Facebook’s Platform Policies, which explicitly prohibited selling user data accessed from Facebook and from sharing any user data accessed from Facebook with any ad network, data broker or other advertising or monetization related service. For this reason, Facebook immediately banned the app from our platform and investigated what happened and what further action we should take to enforce our Platform Policies. Facebook also contacted Kogan/GSR and demanded that they explain what data they collected, how they used it, and to whom they disclosed it. Facebook further insisted that Kogan and GSR, as well as other persons or entities to whom they had disclosed any such data, account for and irretrievably delete all such data and information. Facebook also contacted Cambridge Analytica to investigate the allegations reflected in the reporting. On January 18, 2016, Cambridge Analytica provided written confirmation to Facebook that it had deleted the data received from Kogan and that its server did not have any backups of that data. On June 11, 2016, Kogan executed and provided to Facebook signed certifications of deletion on behalf of himself and GSR. The certifications also purported to identify all of the individuals and entities that had received data from GSR (in addition to Kogan and his lab), listing the following: SCL, Eunoia Technologies (a company founded by Christopher Wylie), and a researcher at the Toronto Laboratory for Social Neuroscience at the University of Toronto. On July 7, 2016, a representative of the University of Toronto certified that it deleted any user data or user-derived data. On August 16, 2016, Eunoia (executed by Eunoia Founder Christopher Wylie) certified that it deleted any user and user-derived data. On September 6, 2016, counsel for SCL informed counsel for Facebook that SCL had permanently deleted all Facebook data and derivative data received from GSR and that this data had not been transferred or sold to any other entity. On April 3, 2017. Alexander Nix, on behalf of SCL, certified to Facebook, that it deleted the information that it received from GSR or Kogan. Because all of these concerns relate to activity that took place off of Facebook and its systems, we have no way to confirm whether Cambridge Analytica may have Facebook data without conducting a forensic audit of its systems. Cambridge Analytica has agreed to submit to a forensic audit, but we have not commenced that yet due to a request from the UK Information Commissioner’s Office, which is simultaneously investigating Cambridge Analytica (which is based in the UK). And even with an audit, it may not be possible to determine conclusively what data was shared with Cambridge Analytica or whether it retained data after the date it certified that data had been deleted. The existing evidence that we are able to access supports the conclusion that Kogan only provided SCL with data on Facebook users from the United States. While the accounts of Kogan and SCL conflict in some minor respects not relevant to this question, both have consistently maintained that Kogan never provided SCL with any data for Facebook users outside the United 126 States. These consistent statements are supported by a publicly released contract between Kogan’s company and SCL. Question 15. Was Facebook aware at that time that Cambridge Analytica had developed other platform applications to collect user data? What applications did it delete due to associations with Cambridge Analytica and when were they removed from the platform? Our investigation of Cambridge Analytica’s advertising activities is ongoing, and we have banned Cambridge Analytica from purchasing ads on our platform. Cambridge Analytica generally utilized custom audiences, some of which were created from contact lists and other identifiers that it generated and uploaded to our system to identify the people it wanted to deliver ads to on Facebook, and in some instances, refined those audiences with additional targeting attributes. Facebook’s “People You May Know” Feature Facebook’s “People You May Know” feature has drawn attention for disclosures that reveal sensitive relationships, such as psychiatrists who have reported that their clients were recommended to each other. Question 16. What pieces of data does Facebook use for the PYMK feature? Has it ever used data collected from data brokers for this purpose? People You May Know can help Facebook users find friends on Facebook. People You May Know suggestions come from things such as having friends in common, or mutual friends; being in the same Facebook group or being tagged in the same photo; users’ networks (for example, school or work); and contacts users have uploaded. We give people context when we suggest someone with mutual friends. Users may delete contacts that they have uploaded to Facebook, in which case that information is no longer used for People You May Know. Facebook does not allow advertisers to target ads based on People You May Know. Facebook does not use data collected from data brokers for PYMK. Question 17. Has PYMK ever used location to make recommendations and does it currently? If so, is this based on device reported geolocation or IP address? PYMK uses country-level location to help users find friends. Question 18. Does Facebook provide users with the ability to opt out of data collected from them or data about them being used by PYMK? See Response to Question 16. Question 19. Has the PYMK feature ever bypassed the privacy controls in order to perform its analytics for recommendations? For example, if a user’s friends list is set to private, will Facebook still use this data to make recommendations to others? See Response to Question 16. 127 Other Cambridge Analyticas Over a month ago, Mr. Zuckerberg stated that one of Facebook’s next responsibilities was to “make sure that there aren’t any other Cambridge Analyticas out there.” One would expect that review process would include identifying past cases where Facebook identified or took action against third-party developers over their data collection practices. Question 20. When the company Klout automatically created accounts and assigned social popularity scores for the children of Facebook users, did Facebook send a deletion letter or exercise its right to audit? In 2011, Facebook contacted Klout regarding potential violations of Facebook polices. Facebook determined that these issues had been resolved by Dec. 2011. We use a variety of tools to enforce Facebook policies against violating parties, including developers. We review tens of thousands of apps per year and regularly disapprove noncompliant apps as part of our proactive review process. We also use tools like cease and desist letters, account suspensions, letter agreements, and civil litigation. For example, since 2006, Facebook has sent over 1,150 cease-and-desist letters to over 1,600 targets. In 2017, we took action against about 370,000 apps, ranging from imposing certain restrictions to removal of the app from the platform. Moreover, we have required parties who have procured our data without authorization to delete that data. We have invested significant resources in these efforts. Facebook is presently investigating apps that had access to large amounts of information before we changed our platform policies in 2014 to significantly reduce the data apps could access. To date around 200 apps (from a handful of developers: Kogan, AIQ, Cube You, the Cambridge Psychometrics Center, and myPersonality) have been suspended—pending a thorough investigation into whether they did in fact misuse any data. Additionally, we have suspended an additional 14 apps, which were installed by around one thousand people. They were all created after 2014, after we made changes to more tightly restrict our platform APIs to prevent abuse. However, these apps appear to be linked to AIQ, which was affiliated with Cambridge Analytica. So, we have suspended them while we investigate further. Any app that refuses to take part in or fails our audit will be banned. Question 21. How many times was Facebook made aware of privacy breaches by applications? Facebook’s policies regarding third‐party usage of its platform technologies have prohibited—and continue to prohibit—those third‐party app developers from selling or licensing user data obtained from Facebook and from sharing any user data obtained from Facebook with any ad network, data broker or other advertising or monetization‐related service. We will investigate all apps that had access to large amounts of information before we changed our platform in 2014 to reduce data access, and we will conduct a full audit of any app with suspicious activity. Question 22. How many times did Facebook send a deletion letter to an application developer for strictly privacy violations? 128 We use a variety of tools to enforce Facebook policies against violating parties, including developers. We review tens of thousands of apps per year and regularly disapprove noncompliant apps as part of our proactive review process. We also use tools like cease and desist letters, account suspensions, letter agreements, and civil litigation. For example, since 2006, Facebook has sent over 1,150 cease-and-desist letters to over 1,600 targets. In 2017, we took action against about 370,000 apps, ranging from imposing certain restrictions to removal of the app from the platform. Moreover, we have required parties who have procured our data without authorization to delete that data. We have invested significant resources in these efforts. Facebook is presently investigating apps that had access to large amounts of information before we changed our platform policies in 2014 to significantly reduce the data apps could access. To date around 200 apps (from a handful of developers: Kogan, AIQ, Cube You, the Cambridge Psychometrics Center, and myPersonality) have been suspended—pending a thorough investigation into whether they did in fact misuse any data. Question 23. How many times did Facebook perform an audit on an application for strictly privacy violations? See Response to Question 22. Question 24. How many times did Facebook initiate litigation for strictly privacy violations? See Response to Question 22. Question 25. How many times did Facebook impose a moratorium or ban on an application developer for strictly privacy violations? See Response to Question 22. Question 26. Does Facebook plan to provide public disclosure of incidents where it finds that user data was improperly obtained or transferred by third-party application developers? We are in the process of investigating every app that had access to a large amount of information before we changed our Platform in 2014. The investigation process is in full swing, and it has two phases. First, a comprehensive review to identify every app that had access to this amount of Facebook data and to focus on apps that present reason for deeper investigation. And second, where we have concerns, we will conduct interviews, make requests for information (RFI)—which ask a series of detailed questions about the app and the data it has access to—and perform audits using expert firms that may include on-site inspections. We have large teams of internal and external experts working hard to investigate these apps as quickly as possible. To date thousands of apps have been investigated and around 200 apps have been suspended— pending a thorough investigation into whether they did in fact misuse any data. Where we find evidence that these or other apps did misuse data, we will ban them and let people know. These apps relate to a handful of developers: Kogan, AIQ, Cube You, the Cambridge Psychometrics Center, and myPersonality, with many of the suspended apps being affiliated with the same entity. Many of these suspensions include apps that appear to be “test” apps that were 129 never released to the public, and therefore would not have acquired significant user data, although our investigation into these apps is ongoing. Additionally, we have suspended an additional 14 apps, which were installed by around one thousand people. They were all created after 2014, after we made changes to more tightly restrict our platform APIs to prevent abuse. However, these apps appear to be linked to AIQ, which was affiliated with Cambridge Analytica. So, we have suspended them while we investigate further. Any app that refuses to take part in or fails our audit will be banned. We will commit to briefing your staff on future developments. Facebook Privacy Settings This month, Facebook began to roll out changes to comply with new European data protection rules. These updates include a new consent process that affects how Facebook uses sensitive data and whether facial recognition is enabled, among other factors. Question 27. Has Facebook engaged in user testing or other analysis that assessed how platform changes and interface design influence the adoption of certain privacy settings? We routinely test new products and consent flows before rolling them out broadly to ensure that there are no bugs or unintended behaviors that would lead to an unintended or negative user experience. In designing the GDPR roll out, like all product roll outs, we rely on design principles and research derived from numerous sources, including user research and academic research, to develop experiences that are engaging and useful for the broadest number of people. We also conducted cross-disciplinary workshops, called “design jams,” with experts around the world to collect input on user interaction principles that would inform our work. We have learned from our work and other design research in the field that people are less likely to make informed or thoughtful decisions when bombarded with many different choices in succession. To avoid so-called “notice fatigue,” we streamlined the number of data choices people are presented with as part of the GDPR roll out to 2-3 choices (depending on the user’s existing settings), responding to early testing of a version with several additional choices, which the people who tested this version did not like. We also used a layered approach that gave people the information needed to make an informed choice on the first screen, while enabling ready access to deeper layers of information and settings for those interested in a particular topic. We will continue to monitor how these and other privacy settings perform with users. It’s important to us that people have the information they need to make the privacy choices that are right for them. Question 28. Has Facebook ever tested platform changes and interface design to determine whether it would lead to users allowing more permissive privacy settings? At Facebook, we make decisions about privacy through a cross-functional, crossdisciplinary effort that involves participants from departments across the company. This process is a collaborative approach to privacy that seeks to promote strong privacy protections and sound decision making at every stage of the product development process. Our privacy program is responsible for reviewing product launches, major changes, and privacy-related bug fixes to products and features to ensure that privacy policies and procedures are consistently applied and 130 that key privacy decisions are implemented for the product. This approach has several key benefits. First, it is designed to consider privacy early in the product development process. This allows us to consider the benefits that a feature is intended to have for people who use our services, how data will be used to deliver those benefits, and how we can build features from the ground up that include privacy protections to enable those benefits while protecting people’s information and putting them in control. Second, while complying with our obligations is critically important, taking a crossdisciplinary approach to privacy encourages us to think about data protection as more than just a compliance exercise. Instead, we evaluate how to design privacy into the features that we build and consider this from the perspective of things like how we design interfaces that make data use intuitive, taking a consistent approach to privacy across our services, and building protections in how our software is engineered. Accordingly, while we scale our privacy review process depending on the complexity of a particular data use, reviews typically involve experts who evaluate proposed data practices from the perspective of multiple disciplines. As part of our consent agreement with the Federal Trade Commission, we submit a report to the FTC every two years. That report is based on assessments conducted by an independent third party on a bi-annual basis, which require us to submit evidence to demonstrate the effectiveness of the program. EU Data Protection Regulations In Europe, under new data protection regulations, Facebook will be required to provide users will more clear opportunities to provide consent and afford more protections to that data. While Facebook has stated that it will offer some of those protections for users outside of Europe, it has not committed to providing all of these protection. I am interested in what rules Congress should put into place for such data. Question 29. Would Facebook support a requirement that users be provided with clear and plain information about the use of their data? Yes. We work hard to provide clear information to people about how their information is used and how they can control it. We agree that companies should provide clear and plain information about their use of data and strive to do this in our Data Policy, in in-product notices and education, and throughout our product—and we continuously work on improving this. We provide the same information about our data practices to users around the world and are required under many existing laws—including US laws (e.g., Section 5 of the FTC Act) to describe our data practices in language that is fair and accurate. Question 30. Would Facebook support a requirement that users be allowed to download and take their data to competitive services? Facebook already allows users to download a copy of their information from Facebook. This functionality, which we’ve offered for many years, includes numerous categories of data, including About Me, Account Status History, Apps, Chat, Follower, Following, Friends, Messages, Networks, Notes, and more. We recently launched improvements to our “Download 131 Your Information” tool, including to give people choices about whether they want to download only certain types of information and about the format in which they want to receive the download, to make it easier for people to use their information once they’ve retrieved it. Question 31. Would Facebook support a requirement that users are assured that their data is actually deleted when they request its deletion or close their account? In general, when a user deletes their account, we delete things they have posted, such as their photos and status updates, and they won’t be able to recover that information later. (Information that others have shared about them isn’t part of their account and won’t be deleted.) There are some limited exceptions to these policies: For instance, information can be accessed and preserved for an extended period when it is the subject of a legal request or obligation, governmental investigation, or investigations of possible violations of our terms or policies, or otherwise to prevent harm. We also retain information from accounts disabled for terms violations for at least a year to prevent repeat abuse or other term violations. Question 32. Would Facebook support a requirement of mandatory and timely disclosure of breaches? Facebook is generally open to the idea of breach notification requirements, particularly legislation that would centralize reporting and ensure a consistent approach across the United States. For example, in Europe, the GDPR requires notification to a lead supervisory authority, rather than individual member states, in cases of a data breach. In the United States, however, there is no centralized notification scheme, and instead, reporting obligations vary widely across all 50 states. This complexity makes it harder to respond appropriately and swiftly to protect people in the event of a data breach. We believe this is an important issue and an area that is ripe for thoughtful regulation. Question 33. Would Facebook support a requirement for a baseline technical and organizational measures to ensure adequate data security? Facebook is generally not opposed to regulation but wants to ensure it is the right regulation. The issues facing the industry are complex, multi-faceted, and affect an important part of peoples’ lives. As such, Facebook is absolutely committed to working with regulators, like Congress, to craft the right regulations. Facebook would be happy to review any proposed legislation and provide comments. Russian Interference As early as June 2015, the New York Times Magazine had documented the Internet Research Agency’s interest in interfering with American politics, and even named specific Facebook accounts associated in the disinformation effort. The way that Facebook is designed, outsiders have very little insight into these efforts. And yet, the Russian media outlet RBC had identified accounts that were paying to spread content several months before Facebook took notice. New York Times also claims that as early as November 2016, Facebook’s Chief Security Officer Alex Stamos had uncovered evidence that Russian operatives used the platform to weaponized information obtained from the hacking of the DNC and the Clinton campaign. 132 In a CNN interview, Mr. Zuckerberg for the first time disclosed that Facebook had found “a lot of different accounts coming from Macedonia” to spread false news during the Alabama special election. That election, another one decided by only small margin, was months ago. Mr. Zuckerberg acknowledged that Facebook expects there will be attempts to interfere in the midterm elections with newer tactics, a belief shared by the intelligence community. Question 34. Will you commit to providing Congress with information about disinformation and propaganda campaigns on a timely basis prior to the midterm elections? We recently outlined steps we are taking on election integrity here: https://newsroom.fb.com/news/2018/03/hard-questions-election-security/. Further, pursuant to the new transparency measures Facebook is launching, all advertisers who want to run ads with political content targeted at the US will have to confirm their identity and location by providing either a US driver’s license or passport, last four digits of their social security number, and a residential mailing address. Ads that include political content and appear on Facebook or Instagram will include a “Paid for by” disclaimer provided by the advertisers that shows the name of the funding source for the ad. Question 35. The New York Times reports details of Russian interference were removed from the April 2017 report “Information Operations and Facebook” by management due to political and business reasons. Will Facebook provide Congress with the original draft of the report? In the run-up to the 2016 elections, we were focused on the kinds of cybersecurity attacks typically used by nation states, for example phishing and malware attacks. And we were too slow to spot this type of information operations interference. Since then, we’ve made important changes to prevent bad actors from using misinformation to undermine the democratic process. This will never be a solved problem because we’re up against determined, creative and well-funded adversaries. But we are making steady progress. Here is a list of the 10 most important changes we have made: • Ads transparency. Advertising should be transparent: users should be able to see all the ads an advertiser is currently running on Facebook, Instagram, and Messenger. And for ads with political content, we’ve created an archive that will hold ads with political content for seven years—including information about ad impressions and spend, as well as demographic data such as age, gender, and location. People in Canada and Ireland can already see all the ads that a Page is running on Facebook— and we’re launching this globally in June. • Verification and labeling. Every advertiser will now need confirm their ID and location before being able to run any ads with political content in the US. All ads with political content will also clearly state who paid for them. • Updating targeting. We want ads on Facebook to be safe and civil. We thoroughly review the targeting criteria advertisers can use to ensure they are consistent with our 133 principles. As a result, we removed nearly one-third of the targeting segments used by the IRA. We continue to allow some criteria that people may find controversial. But we do see businesses marketing things like historical books, documentaries or television shows using them in legitimate ways. • Better technology. Over the past year, we’ve gotten increasingly better at finding and disabling fake accounts. We now block millions of fake accounts each day as people try to create them—and before they’ve done any harm. This is thanks to improvements in machine learning and artificial intelligence, which can proactively identify suspicious behavior at a scale that was not possible before—without needing to look at the content itself. • Action to tackle fake news. We are working hard to stop the spread of false news. We work with third party fact checking organizations to limit the spread of articles with rated false. To reduce the spread of false news, we remove fake accounts and disrupt economic incentives for traffickers of misinformation. We also use various signals, including feedback from our community, to identify potential false news. In countries where we have partnerships with independent third-party fact-checkers, stories rated as false by those fact-checkers are shown lower in News Feed. If Pages or domains repeatedly create or share misinformation, we significantly reduce their distribution and remove their advertising rights. We also want to empower people to decide for themselves what to read, trust, and share. We promote news literacy and work to inform people with more context. For example, if third-party fact-checkers write articles about a news story, we show them immediately below the story in the Related Articles unit. We also notify people and Page Admins if they try to share a story, or have shared one in the past, that’s been determined to be false. In addition to our own efforts, we’re learning from academics, scaling our partnerships with thirdparty fact-checkers, and talking to other organizations about how we can work together. • Significant investments in security. We’re doubling the number of people working on safety and security from 10,000 last year to over 20,000 this year. We expect these investments to impact our profitability. But the safety of people using Facebook needs to come before profit. • Industry collaboration. Recently, we joined 34 global tech and security companies in signing a TechAccord pact to help improve security for everyone. • Information sharing and reporting channels. In the 2017 German elections, we worked closely with the authorities there, including the Federal Office for Information Security (BSI). This gave them a dedicated reporting channel for security issues related to the federal elections. • Tracking 40+ elections. In recent months, we’ve started to deploy new tools and teams to proactively identify threats in the run-up to specific elections. We first tested this effort during the Alabama Senate election, and plan to continue these efforts for elections around the globe, including the US midterms. Last year we used public 134 service announcements to help inform people about fake news in 21 separate countries, including in advance of French, Kenyan and German elections. • Action against the Russia-based IRA. In April, we removed 70 Facebook and 65 Instagram accounts—as well as 138 Facebook Pages—controlled by the IRA primarily targeted either at people living in Russia or Russian-speakers around the world including from neighboring countries like Azerbaijan, Uzbekistan, and Ukraine. The IRA has repeatedly used complex networks of inauthentic accounts to deceive and manipulate people in the US, Europe, and Russia—and we don’t want them on Facebook anywhere in the world. We are taking steps to enhance trust in the authenticity of activity on our platform, including increasing ads transparency, implementing a more robust ads review process, imposing tighter content restrictions, and exploring how to add additional authenticity safeguards. Hate Speech Over the past months, human rights organizations and other civil society groups have raised attention to concerns over Facebook’s insufficient response to hate speech in countries where there is a credible threat of violence. In addition to Myanmar, the New York Times recently published an article on how mob violence against Muslims in Sri Lanka was spurred by a baseless rumor that a Muslim restaurant owner was secretly feeding sterilization pills to women from the Sinhalese-Buddhist community. Mr. Zuckerberg and other members of Facebook management have expressed a renewed commitment to providing resources to address these threats, including taking action to address those who generate hate speech. As Mr. Zuckerberg noted, AI will not be able to resolve such complex matters in the near or medium term, necessitating teams that deal with local languages and context. While Facebook currently has approximately 1,200 German content reviewers to comply with regulations, it only has plans to hire “dozens” of Burmese content reviewers. Hiring staff with reviewers, market specialists and analysts with the appropriate expertise can be difficult, but these reports of violence demonstrate the human cost of insufficient community resources to handle content and complaints. Question 36. What “specific product changes” will you be making to address hate speech in such countries? Will the new product changes enable content that violates Facebook’s Community Standards to be removed within 24 hours? We’ve been too slow to deal with the hate and violence in places like Myanmar and Sri Lanka. The challenges we face in a country that has fast come online are very different than those in other parts of the world, and we are investing in people, technology, and programs to help address them as effectively as possible. We are increasing the number of Burmese and Sinhalese-language content reviewers as we continue to grow and invest in Myanmar and Sri Lanka. Our goal is always to have the right number of people with the right native language capabilities to ensure incoming reports are reviewed quickly and effectively. That said, there is more to tackling this problem than reported 135 content. A lot of abuse may go unreported, which is why we are supplementing our hiring with investments in technology and programs. We are building new tools so that we can more quickly and effectively detect abusive, hateful, or false content. We have, for example, designated several hate figures and organizations for repeatedly violating our hate speech policies, which has led to the removal of accounts and content that support, praise, or represent these individuals or organizations. We are also investing in artificial intelligence that will help us improve our understanding of dangerous content. We are further strengthening our civil society partner network so that we have a better understanding of local context and challenges. We are focusing on digital literacy education with local partners in Myanmar and Sri Lanka. For example, we launched a local language version of our Community Standards (https://www.facebook.com/safety/resources/myanmar) to educate new users on how to use Facebook responsibly in 2015 and we have been promoting these actively in Myanmar, reaching over 8 million people through promotional posts on our platform alone. We’ve also rolled out several education programs and workshops with local partners to update them on our policies and tools so that they can use this information in outreach to communities around the country. One example of our education initiatives is our work with the team that developed the Panzagar initiative (https://www.facebook.com/supportflowerspeech) to develop the Panzagar counterspeech Facebook stickers to empower people in Myanmar to share positive messages online. We also recently released locally illustrated false news tips, which were promoted on Facebook and in consumer print publications. We have a dedicated Safety Page for Myanmar (https://www.facebook.com/safety/resources/myanmarand) and have delivered hard copies of our local language Community Standards and safety and security tips to civil society groups in Myanmar who have distributed them around the country for trainings. Similarly, in Sri Lanka, we ran a promotion in English, Sinhalese, and Tamil at the top of News Feeds in April 2017 to educate people on our Community Standards, in particular hate speech. The content has been viewed almost 100M times by almost 4M people. Question 37. Does Facebook believe that it has hired or will hire within the year a sufficient number of content reviewers and established local emergency points of contact for all regions where its platform could inadvertently facilitate communal violence? We are investing in people, technology, and programs to help address the very serious challenges we have seen in places like Myanmar and Sri Lanka. Our content review teams around the world—which grew by 3,000 people last year— work 24 hours a day and in over 50 languages. Over the last two years, we have added dozens more Burmese language reviewers to handle reports from users across our services, and we plan to more than double the number of content reviewers focused on user reports. We also have increased the number of people across the company working on Myanmar-related issues and we have a special product team working to better understand the local challenges and build the right tools to help keep people in the country safe. We will continue to hire more staff dedicated to Myanmar, including Burmese speakers and policy experts. In Sri Lanka, we are increasing the number of Sinhalese language experts sevenfold. 136 From a programmatic perspective, we will continue to work with experts to develop safety resources and counter-speech campaigns in these regions and conduct regular training for civil society and community groups on using our tools. Facebook is committed to continuing to provide a platform where people can raise awareness about human rights abuses around the globe, and we have a track record of partnering with experts and local organizations on these issues. For example, we have been part of the Global Network Initiative (GNI) since 2013. That organization brings together industry, civil society, academics, and socially-responsible investors to address freedom-of-expression and privacy issues online. An independent assessor conducted a human-rights-impact assessment of Facebook to confirm that we comply with GNI’s principles. Question 38. What product changes, operational decisions, and resource allocations has Facebook made in order to avoid future risks such as those made abundantly clear in Myanmar and Sri Lanka? We are working to enable freedom of expression around the globe and ensure that our platform is safe. Our Community Standards account for situations in which people may be raising awareness of and/or condemning violence; however, they prohibit hate speech and celebrating graphic violence. Drawing that line can be complex, which is why we work with experts and external groups, including local civil society organizations in places like Myanmar and Sri Lanka, to ensure that we are taking local context and challenges into account. Our content review team, which includes native language speakers, carefully reviews reports that we receive from the public, media, civil society, and governments. We remove content that violates our policies, regardless of who posted the content (including the government). We have also been working with local communities and NGOs for years in these regions to educate people about hate speech, news literacy, and our polices. For example, we have introduced an illustrated, Myanmar language specific copy of our community standards and a customized safety Page, which we work with our local partners to promote, and we recently ran a series of public service ads in Myanmar that we developed with the News Literacy Project to help inform people about these important issues. Question 39. What emergency processes for escalation do you have in place for situations where there is content inciting people to violence, such as what happened in Sri Lanka? We have clear rules against hate speech and content that incites violence, and we remove such content as soon as we’re made aware of it. In response to the situation in Sri Lanka, we’re building up teams that deal with reported content, working with civil society and government to learn more about local context and changing language, and exploring the use of technology to help. We want to provide direct reporting channels to civil society partners so that they can alert us to offline activity that might prompt an increase in violating content on Facebook. We work with local civil society organizations to understand what types of reporting channels would best serve their specific communities and are engaging with organizations in Sri Lanka to understand what more we can do. We are committed to having the right policies, products, people, and partnerships in place to help keep our community in Sri Lanka safe. Question 40. In the context of Sri Lanka and Myanmar, rumors present a credible threat of violence and have resulted in violence. Are rumors such as those in Sri Lanka interpreted 137 as violations under your existing “credible threat” policy? How do your systems or reporting mechanisms account for such country or context specific threats? Given how quickly such content can lead to violence, do you apply different processes or response time targets to prioritize content categorized as hate speech? We require everyone on Facebook to comply with our Community Standards, and we carefully review reports of threatening language to identify serious threats of harm to public and personal safety. We recognize our services have an important role to play in countries that are fast coming online. That’s why we’re investing in people, technology, and programs to address the challenges we face in these countries. We’ve added more local language reviewers, established dedicated product teams, rolled out better reporting tools and appeals, and are removing fake accounts, hate groups and individuals. We remove credible threats of physical harm to individuals and specific threats of theft, vandalism, or other financial harm. We also prohibit the use of Facebook to facilitate or organize criminal activity that causes physical harm to people, businesses or animals, or financial damage to people or businesses, and we work with law enforcement when we believe there is a genuine risk of physical harm or direct threats to public safety. As part of our work in places like Sri Lanka and Myanmar, we are strengthening our relationships with civil society organizations to ensure we are taking local context, challenges, and tensions into account. Question 41. The anti-Muslim monk, U Wirathu, was reportedly banned by Facebook in January 2018 after having been frequently reported for hate content. Despite several bans, he was able to recreate a presence on the platform on several occasions and there are to this day accounts which carry his name. What mechanisms do you have in place to remove users who repeatedly breach Facebook’s Community Standards and what actions are you taking to guarantee their permanent removal? Our Community Standards (https://www.facebook.com/communitystandards) prohibit hate speech that targets people based on their race, ethnic identity, or religion. We remove violating content when it is reported to us. We also have designated several hate figures and hate organizations in Myanmar. These include Wirathu, Thuseitta, Ma Ba Tha, and Parmaukkha. This means these individuals or organizations are not allowed a presence on Facebook, and we will remove accounts and content that support, praise or represent these individuals or organizations. In addition to removing content that violates our Community Standards or Page Terms, we disable the accounts of repeat infringers in appropriate circumstances. Over the last several months, we have proactively searched for and removed content on the platform that praises, supports, or represents Wirathu. Human Rights - Iran Iranian women’s rights and pro-democracy advocates have reported that copyright infringement and content reporting mechanisms have been instrumentalized by progovernment actors to take down their Instagram pages and Facebook Groups over the past several years. While community reporting mechanisms are necessary, and often legally required, for operating a platform as large as Facebook, the threat posed by abusive reporting also demonstrates the need for human reviewers. Likewise, the trolling, hacking, and impersonation that frequently target Iranian dissidents also necessitate teams that are 138 empowered to deal with the Persian language and the Iranian context. However, many activists have struggled to establish relationships or receive help from Facebook to have such issues addressed. Question 42. What measures has Facebook taken to address the abusive use of copyright reporting mechanisms being used to take down Iranian content? We recognize that individuals and entities may purposefully report content en masse in an attempt to stifle speech. That is why we believe content must be reviewed with the appropriate context. We are proud that our platform has been used to inspire people to stand up for their beliefs and values, even in the face of intimidating opposition, and we regularly provide tools and programmatic resources to activists and journalists. We also make materials available to ensure activists and journalists are able to use Facebook safely. Based on the foundation established in the Universal Declaration of Human Rights and the UN Guiding Principles on Business and Human Rights, Facebook joined the ICT-sector specific Global Network Initiative in 2013. As part of our commitments as a GNI member, we routinely conduct human rights impact assessments of our product and policy decisions and engage with external stakeholders to inform this work. We are also independently assessed against our compliance with the GNI Principles every two years. Question 43. What measures, such as verification of accounts, has Facebook taken to address the impersonation of Iranian activists, cultural dissidents, and other public figures? Claiming to be another person violates our Community Standards, and we want to make it harder for anyone to be impersonated on our platform. Users can also report accounts that are impersonating them. We’ve developed several techniques to help detect and block this type of abuse. At the time someone receives a friend request, our systems are designed to check whether the recipient already has a friend with the same name, along with a variety of other factors that help us determine if an interaction is legitimate. Further, we recently announced new features that use face recognition technology that may help detect when someone is using another user’s image as their profile photo—which helps stop impersonation. This is an area we’re continually working to improve so that we can provide a safe and secure experience on Facebook. 139 Questions from Senator Schatz You said at the hearing that Facebook users own and control their data. But I am not persuaded that the company has done an adequate job explaining, for example, what specific information the company collects about individuals, how that information is being used and kept safe, and how they can easily delete or modify it. If you and your company are committed to putting privacy first, I urge that you answer these questions in a precise, accurate, but straightforward way. I understand your legal team will be reviewing this, but I hope you resist complexity and answer these questions in a way that any American could understand. Question 1. Please list and describe all of the types and categories of data that Facebook collects and how Facebook uses this data. This includes, but is not limited to, data collected: • on the Facebook platform (e.g., posts, messages, and search history); • off the Facebook platform (quantify how ubiquitous Facebook’s plugins are on the web, for instance); • on products offered by Facebook family companies; • on specific devices (e.g., smartphone microphone and camera, other apps, data from the operating system); • via third-party companies and app developers; • from data brokers; and • from publishers. For each, describe whether users own the data, and what options users have to modify or delete the data. We believe that it’s important to communicate with people about the information that we collect and how people can control it. That is why we work hard to provide this information to people in a variety of ways: in our Data Policy, and in Privacy Basics, which provides walkthroughs of the most common privacy questions we receive. Beyond simply disclosing our practices, we also think it’s important to give people access to their own information, which we do through our Download Your Information and Access Your Information tools, Activity Log, and Ad Preferences, all of which are accessible through our Privacy Shortcuts tool. We also provide information about these topics as people are using the Facebook service itself. We’ve heard loud and clear that privacy settings and other important tools are too hard to find and that we must do more to keep people informed. So, we’re taking additional steps to put people more in control of their privacy. For instance, we redesigned our entire settings menu on mobile devices from top to bottom to make things easier to find. We also created a new Privacy Shortcuts in a menu where users can control their data in just a few taps, with clearer 140 explanations of how our controls work. The experience is now clearer, more visual, and easy-tofind. Furthermore, we also updated our terms of service that include our commitments to everyone using Facebook. We explain the services we offer in language that’s easier to read. We’re also updating our Data Policy to better spell out what data we collect and how we use it in Facebook, Instagram, Messenger, and other products. In response to your specific questions, depending on which Services a person uses, we collect different kinds of information from or about them. This is described in our Data Policy: • Things Users and others do and provide. Information and content users provide. We collect the content, communications and other information users provide when they use our Products, including when they sign up for an account, create or share content, and message or communicate with others. This can include information in or about the content they provide (like metadata), such as the location of a photo or the date a file was created. It can also include what users see through features we provide, such as our camera, so we can do things like suggest masks and filters that they might like, or give users tips on using camera formats. Our systems automatically process content and communications users provide to analyze context and what’s in them for the purposes described below. Learn more about how people can control who can see the things they share. o Data with special protections: Users can choose to provide information in their Facebook profile fields or Life Events about their religious views, political views, who they are “interested in,” or their health. This and other information (such as racial or ethnic origin, philosophical beliefs, or trade union membership) could be subject to special protections under the laws of their country. • Networks and connections. We collect information about the people, Pages, accounts, hashtags, and groups users are connected to and how they interact with them across our Products, such as people a user communicates with the most or groups users are part of. We also collect contact information if they choose to upload, sync, or import it from a device (such as an address book or call log or SMS log history), which we use for things like helping them and others find people they may know and for the other purposes listed below. • People’s usage. We collect information about how people use our Products, such as the types of content they view or engage with; the features they use; the actions they take; the people or accounts they interact with; and the time, frequency, and duration of their activities. For example, we log when they’re using and have last used our Products, and what posts, videos, and other content they view on our Products. We also collect information about how they use features like our camera. • Information about transactions made on our Products. If people use our Products for purchases or other financial transactions (such as when users make a purchase in a game or make a donation), we collect information about the purchase or transaction. This includes payment information, such as their credit or debit card number and 141 other card information; other account and authentication information; and billing, shipping, and contact details. • Things others do and information they provide about users. We also receive and analyze content, communications, and information that other people provide when they use our Products. This can include information about them, such as when others share or comment on a photo of a user, send a message to them, or upload, sync or import their contact information. • Device Information. As described below, we collect information from and about the computers, phones, connected TVs and other web-connected devices they use that integrate with our Products, and we combine this information across different devices they use. For example, we use information collected about their use of our Products on their phone to better personalize the content (including ads) or features they see when they use our Products on another device, such as their laptop or tablet, or to measure whether they took an action in response to an ad we showed they on their phone on a different device. Information we obtain from these devices includes: o Device attributes: information such as the operating system, hardware and software versions, battery level, signal strength, available storage space, browser type, app and file names and types, and plugins. o Device operations: information about operations and behaviors performed on the device, such as whether a window is foregrounded or backgrounded, or mouse movements (which can help distinguish humans from bots). o Identifiers: unique identifiers, device IDs, and other identifiers, such as from games, apps or accounts people use, and Family Device IDs (or other identifiers unique to Facebook Company Products associated with the same device or account). o Device signals: Bluetooth signals, and information about nearby Wi-Fi access points, beacons, and cell towers. o Data from device settings: information users allow us to receive through device settings people turn on, such as access to their GPS location, camera, or photos. o Network and connections: information such as the name of users’ mobile operator or ISP, language, time zone, mobile phone number, IP address, connection speed and, in some cases, information about other devices that are nearby or on users’ network, so we can do things like help people stream a video. o Cookie data: data from cookies stored on a user’s device, including cookie IDs and settings. Learn more about how we use cookies in the Facebook 142 Cookies Policy (https://www.facebook.com/policies/cookies/) and Instagram Cookies Policy (https://www.instagram.com/legal/cookies/). • Information from partners. Advertisers, app developers, and publishers can send us information through Facebook Business Tools they use, including our social plug-ins (such as the Like button), Facebook Login, our APIs and SDKs, or the Facebook pixel. These partners provide information about users’ activities off Facebook— including information about a user’s device, websites users visit, purchases users make, the ads they see, and how they use their services—whether or not they have a Facebook account or are logged into Facebook. For example, a game developer could use our API to tell us what games users play, or a business could tell us about a purchase a user made in its store. We also receive information about a user’s online and offline actions and purchases from third-party data providers who have the rights to provide us with their information. Partners receive user data when users visit or use their services or through third parties they work with. We require each of these partners to have lawful rights to collect, use and share user data before providing any data to us. People own what they share on Facebook, and they can manage things like who sees their posts and the information they choose to include on their profile. Any person can see each of the specific interests we maintain about them for advertising by visiting Ads Preferences, which lets people see what interests we use to choose ads for them—and to edit or delete these interests. They can choose not to see ads from a particular advertiser or not to see ads based on their use of third-party websites and apps. They also can choose not to see ads off Facebook that are based on the interests we derive from their activities on Facebook. Our Download Your Information or “DYI” tool is Facebook’s data portability tool and was launched many years ago to let people access and download many types of information that we maintain about them. The data in DYI and in our Ads Preferences tool contain each of the interest categories that are used to show people ads, along with information about the advertisers are currently running ads based on their use of an advertiser’s website or app. People also can choose not to see ads from those advertisers. We recently announced expansions to Download Your Information, which, among other things, will make it easier for people to see their data, delete it, and easily download and export it. More information is available at https://newsroom.fb.com/news/2018/04/new-privacy-protections/. And we recently announced plans to build Clear History. This feature will enable users to see the websites and apps that send us information when they use them, delete this information from their accounts, and turn off our ability to store it associated with their accounts going forward. Apps and websites that use features such as the Like button or Facebook Analytics send us information to make their content and ads better. We also use this information to make users’ experiences on Facebook better. If a user clears their history or use the new setting, we’ll remove identifying information so a history of the websites and apps they’ve used won’t be associated with their account. We’ll still provide apps and websites with aggregated analytics—for example, we can build reports when we’re sent this information so we can tell developers if their 143 apps are more popular with men or women in a certain age group. We can do this without storing the information in a way that’s associated with a user’s account, and as always, we don’t tell advertisers who a user is. Question 2. What data does Facebook collect about non-users? For example, when a user first joins Facebook, what data has Facebook already typically collected about them? Assume that the new user is an average American and active web user with many friends who are already on Facebook. List the attributes that Facebook would typically know about the new user and where that information comes from. If Facebook collects information about non-users, what is the purpose? Facebook does not create profiles or track website visits for people without a Facebook account. When people visit apps or websites that feature our technologies—like the Facebook Like or Comment button—our servers automatically log (i) standard browser or app records of the fact that a particular device or user visited the website or app (this connection to Facebook’s servers occurs automatically when a person visits a website or app that contains our technologies, such as a Like button, and is an inherent function of Internet design); and (ii) any additional information the publisher of the app or website chooses to share with Facebook about the person’s activities on that site (such as the fact that a purchase was made on the site). This is a standard feature of the Internet, and most websites and apps share this same information with multiple different third-parties whenever people visit their website or app. For example, the Senate Commerce Committee’s website shares information with Google and its affiliate DoubleClick and with the analytics company Webtrends. This means that, when a person visits the Committee’s website, it sends browser information about their visit to each one of those third parties. More information about how this works is available at https://newsroom.fb.com/news/2018/04/data-off-facebook/. When the person visiting a website featuring Facebook’s tools is not a registered Facebook user, Facebook does not have information identifying that individual, and it does not create profiles for this individual. We use the browser and app logs that apps and websites send to us—described above— in the following ways for non-Facebook users. First, these logs are critical to protecting the security of Facebook and to detecting or preventing fake account access. For example, if a browser has visited hundreds of sites in the last five minutes, that’s a sign the device might be a bot, which would be an important signal of a potentially inauthentic account if that browser then attempted to register for an account. Second, we aggregate those logs to provide summaries and insights to websites and apps about how many people visit or use their product or use specific features like our Like button—but without providing any information about a specific person. We do not create profiles for non-Facebook users, nor do we use browser and app logs for nonFacebook users to show targeted ads from our advertisers to them or otherwise seek to personalize the content they see. However, we may take the opportunity to show a general ad that is unrelated to the attributes of the person or an ad encouraging the non-user to sign up for Facebook. 144 Question 3. Last year, how many Facebook users clicked on their privacy settings at least once? What was the average time a user spent adjusting their privacy controls? How often does an average user go into their privacy settings (per year, for instance)? In 2017, how many times did Facebook modify the user experience of its privacy settings to better suit its users? What other analytics of this kind does Facebook measure? Privacy is at the core of everything we do, and our approach to privacy starts with our commitment to transparency and control. Our threefold approach to transparency includes, first, whenever possible, providing information on the data we collect and use and how people can control it in context and in our products. Second, we provide information about how we collect and use data in our user agreements and related educational materials. And third, we enable people to learn more about the specific data we have about them through interactive tools such as Download Your Information, which lets people download a file containing data that they may want to take to another service, and Access Your Information, a tool we are launching that will let people more easily access and manage their data on Facebook. Our approach to control is based on the belief that people should be able to choose who can see what they share and how their data shapes their experience on Facebook. People can control the audience for their posts and the apps that can receive their data. They can see and delete the history of their activities on Facebook, and, if they no longer want to use Facebook, they can delete their account and the data associated with it. Of course, we recognize that controls are only useful if people know how to find and use them. That is why we continuously deliver in-product educational videos in people’s News Feeds on important privacy topics. We are also inviting people to take our Privacy Checkup—which prompts people to review key data controls—and we are sharing privacy tips in education campaigns off of Facebook, including through ads on other websites. To make our privacy controls easier to find, we are launching a new settings menu that features core privacy settings in a single place. We are always working to help people understand and control how their data shapes their experience on Facebook. Question 4. At the hearing, you said that you don’t believe that enough users read Facebook’s terms-of-service policy. Facebook has some of tech’s smartest UX and behavioral experts, which is evident by a platform that millions of people use for hours each week. How is Facebook applying its UX and behavioral expertise to track and improve user engagement in this area? What does Facebook know about its users’ understanding of its terms-of-service? For example, how long do users take to read Facebook’s policies, on average? What does this number indicate about whether users have actually read the material? We believe that it’s important to communicate with people about the information that we collect and how people can control it. This is why we work hard to provide this information to people in a variety of ways: in our Data Policy, and in Privacy Basics, which provides walkthroughs of the most common privacy questions we receive. Beyond simply disclosing our practices, we also think it’s important to give people access to their own information, which we do through our Download Your Information and Access Your Information tools, Activity Log, and Ad Preferences, all of which are accessible through our Privacy Shortcuts tool. We also provide information about these topics as people are using the Facebook service itself. 145 As to your specific question, there is no single number that measures how much time people spend understanding how Facebook services work, in large part because Facebook seeks, as much as possible, to put controls and information in context within its service. While “up front” information like that contained in the terms of service are useful, research overwhelmingly demonstrates that in-product controls and education are the most meaningful to people and the most likely to be read and understood. On-demand controls are also important, and we recently redesigned our entire settings menu on mobile devices from top to bottom to make things easier to find. We also created a new Privacy Shortcuts, a menu where people can control their data in just a few taps, with clearer explanations of how our controls work. The experience is now clearer, more visual, and easy-to-find. Improving people’s understanding of how digital services work is an industry-wide challenge that we are highly committed to addressing. That’s why, over the last 18 months, we’ve run a global series of design workshops called “Design Jams”, bringing together experts in design, privacy, law, and computer science to work collaboratively on new and innovative approaches. These workshops have run in Paris, London, Dublin, Berlin, Sao Paolo, Hong Kong, and other cities, and included global regulators and policymakers. At these workshops, expert teams use “people centric design” methods to create innovative new design prototypes and experiences to improve transparency and education in digital services. These workshops inform Facebook’s constantly-improving approach. In recognition of the need for improved approaches to data transparency across all digital services, working with partners from academia, design, and industry we recently launched TTC Labs, a design innovation lab that seeks to improve user experiences around personal data. TTC Labs is an open platform for sharing and innovation and contains insights from leading experts in academia, design, and law, in addition to prototype designs from the design jams, template services and open-source toolkits for people-centric design for transparency, trust and control of data. Working collaboratively, and based on open-source approaches, TTC Labs seeks to pioneer new and more people-centric best practices for people to understand how their data is used by digital services, in ways that they find easy to understand and control. Facebook is highly committed to improving people’s experience of its own services as well as investing in new innovations and approaches to support improvements across the industry. Question 5. Recently you said Facebook would “make all controls and settings the same everywhere, not just in Europe.” Please describe these controls and settings and what they do? Would the modification of these controls and settings apply in the U.S. only to new users or to all users? Would Facebook commit to default those settings and controls to minimize, to the greatest extent, the collection and use of users’ data? What changes will U.S. users see in their settings and controls after this change is implemented? And what features and protections (including but not limited to controls and settings) will European Facebook users have that will differ from U.S. users after the company implements GDPR? The GDPR requires companies to obtain explicit consent to process certain kinds of data (“special categories of data” like biometric data). We are seeking explicit consent from people in Europe to three specific uses of data: facial recognition data (which previously was not enabled 146 in Europe), special categories of data and use of data we collect off Facebook Company Products to target ads. We recently began providing direct notice of these controls and our updated terms to people around the world (including in the US), allowing people to choose whether or not to enable or disable these settings or to agree to our updated terms. Outside of Europe we are not requiring people to complete those flows if they repeatedly indicate that they do not want to go through the experience. At the same time, the events of recent months have underscored how important it is to make sure people know how their information is used and what their choices are. So, we decided to communicate prominently on Facebook—through a full-screen message and a reminder to review at a later date. People can choose to dismiss or ignore these messages and continue using Facebook. The controls and settings that Facebook is enabling as part of GDPR are already available to other users around the world, including in the US. We also provide identical levels of transparency in our user agreements and in product notices to people in the US that we are providing under GDPR. In the US, where these settings are already in place, people will have a mechanism to maintain their current choice or to change it. In each of these cases, we want people to make the choice—not Facebook—so nobody’s settings will change as part of this roll out unless they choose to change an existing setting. And we also provide the same tools for access, rectification, erasure, data portability and others to users in in the US and rest of world that we provide in Europe, and many of those tools (like our Download Your Information tool, Ads Preferences tool, and Activity Log) have been available globally for many years. 147 Questions from Senator Markey 1. Mr. Zuckerberg, your company has stated that it has “no plans” to include advertisements on Messenger Kids. Will you pledge that Facebook will never incorporate advertising into Messenger Kids or any future products for children 12 and under? We have no plans to include advertising in Messenger Kids. Moreover, there are no inapp purchases, and we do not use the data in Messenger Kids to advertise to kids or their parents. In developing the app, we assembled a committee of advisors, including experts in child development, online safety, and media and children’s health, and we continue to work with them on an ongoing basis. In addition, we conducted roundtables with parents from around the country to ensure we were addressing their concerns and built the controls they need and want in the app. We are committed to approaching all efforts related to children 12 and under thoughtfully, and with the guidance and input of experts and parents. 2. In your response to my letter on the topic of Messenger Kids, you stated that your company will not “automatically” create a Facebook account for Messenger Kids users when those children turn 13. Will you commit to not share children’s information for targeted advertisements, once young users turn 13? As we stated in our response to your earlier letter, we will not automatically create a Facebook account for Messenger Kids users, or automatically transition a Messenger Kids account into a Facebook account once a child turns 13. Contained within that commitment and our commitment not to use data collected within Messenger Kids to market to kids or their parents is a commitment that we will not automatically enable third parties to send targeted ads to children who have used Messenger Kids when the child turns 13. 148 Questions from Senator Udall DATA PROTECTION ON FACEBOOK QUESTION 1: The General Data Protection Regulation or “GDPR”, which will go into effect on May 25th of this year. Will Facebook provide the same privacy protections for consent, retention, data portability, and transparency to American consumers that it will provide to EU consumers? The controls and settings that Facebook is enabling as part of GDPR are available to people around the world, including settings for controlling our use of face recognition on Facebook and for controlling our ability to use data we collect off Facebook Company Products to target ads. We recently began providing direct notice of these controls and our updated terms to people around the world (including in the US), allowing people to choose whether or not to enable or disable these settings or to consent to our updated terms. We provide the same tools for access, rectification, erasure, data portability and others to people in the US and rest of world that we provide in Europe, and many of those tools (like our Download Your Information tool, ad preferences tool, and Activity Log) have been available globally for many years. We also provide identical levels of transparency in our user agreements and in product notices to people in the United States that we are providing under GDPR. QUESTION 2: What kind of privacy review is required to make a change to Facebook that impacts user privacy? When did that level of review become mandatory? At Facebook, we make decisions about privacy through a cross-functional, crossdisciplinary effort overseen by the Chief Privacy Officer that involves participants from departments across the company. This process is a collaborative approach to privacy that seeks to promote strong privacy protections and sound decision making at every stage of the product development process. Our privacy program is responsible for reviewing product launches, major changes, and privacy-related bug fixes to products and features to ensure that privacy policies and procedures are consistently applied and that key privacy decisions are implemented for the product. This approach has several key benefits: • First, it is designed to consider privacy early in the product development process. This allows us to consider the benefits that a feature is intended to have for people who use our services, how data will be used to deliver those benefits, and how we can build features from the ground up that include privacy protections to enable those benefits while protecting people’s information and putting them in control. • Second, while complying with our obligations is critically important, taking a crossdisciplinary approach to privacy encourages us to think about data protection as more than just a compliance exercise. Instead, we evaluate how to design privacy into the features that we build and consider this from the perspective of things like how we design interfaces that make data use intuitive, taking a consistent approach to privacy across our services, and building protections in how our software is engineered. Accordingly, while we scale our privacy review process depending on the complexity of a particular data use, reviews typically involve experts who evaluate proposed data practices from the perspective of multiple disciplines. 149 As part of our consent agreement with the Federal Trade Commission, we submit a report to the FTC every two years. That report is based on assessments conducted by an independent third party on a bi-annual basis, which require us to submit evidence to demonstrate the effectiveness of the program. QUESTION 3: Before that level of review was required, what checks were in place to ensure new features would not adversely impact users’ privacy? What level of seniority was required of employees to approve a launch of such a privacy-impacting feature? For example, have you ever allowed an intern make changes that impacts customers’ privacy? See Response to Question 2. QUESTION 4: Has Facebook ever launched a feature that had to be turned off because of the privacy concerns? If yes, how many times has that happened, and how many users were impacted? Did you notify the users who were impacted? See Response to Question 2. RUSSIA/CAMBRIDGE ANALYTICA: QUESTION 5: Between 2010 and 2015, 3rd party applications were able to keep data indefinitely. Can you say how many applications downloaded app users’ data, their friends’ data, or their personal messages in this period of time? We are in the process of investigating every app that had access to a large amount of information before we changed our Platform in 2014. The investigation process is in full swing, and it has two phases. First, a comprehensive review to identify every app that had access to this amount of Facebook data and to focus on apps that present reason for deeper investigation. And second, where we have concerns, we will conduct interviews, make requests for information (RFI)—which ask a series of detailed questions about the app and the data it has access to—and perform audits using expert firms that may include on-site inspections. We have large teams of internal and external experts working hard to investigate these apps as quickly as possible. To date thousands of apps have been investigated and around 200 apps have been suspended— pending a thorough investigation into whether they did in fact misuse any data. Where we find evidence that these or other apps did misuse data, we will ban them and let people know. These apps relate to a handful of developers: Kogan, AIQ, Cube You, the Cambridge Psychometrics Center, and myPersonality, with many of the suspended apps being affiliated with the same entity. Many of these suspensions include apps that appear to be “test” apps that were never released to the public, and therefore would not have acquired significant user data, although our investigation into these apps is ongoing. Additionally, we have suspended an additional 14 apps, which were installed by around one thousand people. They were all created after 2014, after we made changes to more tightly restrict our platform APIs to prevent abuse. However, these apps appear to be linked to AIQ, which was affiliated with Cambridge Analytica. So, we have suspended them while we investigate further. Any app that refuses to take part in or fails our audit will be banned. We will commit to briefing your staff on future developments. 150 QUESTION 6: Given the recent reports about Cambridge Analytica and the years of poor security around your data, what measures will be put into place to ensure that advertisers are not targeting ads using ill-gotten data? We are not aware of any evidence to suggest that Kogan shared data obtained through his app with Russia or other foreign governments, but our investigation is ongoing. We are in the process of investigating every app that had access to a large amount of information before we changed our Platform in 2014. In April 2014, we significantly restricted the types of data generally available to app developers and required apps seeking additional categories of data to undergo proactive review by our internal teams. We rejected more than half of the apps seeking these permissions, including the second version of Kogan’s app. We review apps to ensure that the requested permissions clearly improve the user experience and that the data obtained is tied to an experience within the app. We conduct a variety of manual and automated checks of applications on the platform for Policy compliance, as well as random sampling. When we find evidence of or receive allegations of violations, we investigate and, where appropriate, employ a number of measures, including restricting applications from our platform, preventing developers from building on our platform in the future, and taking legal action where appropriate. Recently, we announced a number of additional steps we’re taking to address concerns raised by Kogan’s app. • Review our platform. We will investigate all apps that had access to large amounts of data before the platform changes we announced in 2014, and we will audit any app where we identify suspicious activity. If we identify misuses of data, we’ll take immediate action, including banning the app from our platform and pursuing legal action if appropriate. • Tell people about data misuse. We will tell people about apps that have misused their data. This includes building a way for people to know if their data might have been accessed via the app. Moving forward, if we remove an app for misusing data, we will tell everyone who used it. • Turn off access for unused apps. If someone has not used an app within the last three months, we will turn off the app’s access to their data. • Restrict Facebook Login data. We are changing Login, so that the only data that an app can request without app review will include name, profile photo, and email address. Requesting any other data will require approval from Facebook. We will also no longer allow apps to ask for access to information like religious or political views, relationship status and details, custom friends lists, education and work history, fitness activity, book reading and music listening activity, news reading, video watch activity, and games activity. We will encourage people to manage the apps they use. We already show people what apps their accounts are connected to and allow them to control what data they’ve permitted those apps to use. But we’re making it easier for 151 people to see what apps they use and the information they have shared with those apps. • Reward people who find vulnerabilities. We launched the Data Abuse Bounty program so that people can report to us any misuses of data by app developers. • Update our policies. We have updated our terms and Data Policy to explain how we use data and how data is shared with app developers. QUESTION 7: Will your team re-architect the Facebook platform software architecture to ensure that 3rd party applications do not have the ability to store and share data? In April 2014, we announced that we would more tightly restrict our platform APIs to prevent abuse. At that time we made clear that existing apps would have a year to transition—at which point they would be forced (1) to migrate to the more restricted API and (2) be subject to Facebook's new review and approval protocols. A small number of developers asked for and were granted short-term extensions beyond the one-year transition period, the longest of which lasted several months. These extensions ended several years ago. A transition period of this kind is standard when platforms implement significant changes to their technology base and was necessary here to avoid disrupting the experience of millions of people. New apps that launched after April 30, 2014 were required to use our more restrictive platform APIs. We required apps seeking additional categories of data to undergo proactive review by our internal teams. We rejected more than half of the apps seeking these permissions, including the second version of Kogan’s app. We review apps to ensure that the requested permissions clearly improve the user experience and that the data obtained is tied to an experience within the app. We conduct a variety of manual and automated checks of applications on the platform for Policy compliance, as well as random sampling. When we find evidence of or receive allegations of violations, we investigate and, where appropriate, employ a number of measures, including restricting applications from our platform, preventing developers from building on our platform in the future, and taking legal action where appropriate. Recently, we announced a number of additional steps we’re taking to address concerns raised by Kogan’s app. • Review our platform. We will investigate all apps that had access to large amounts of data before the platform changes we announced in 2014, and we will audit any app where we identify suspicious activity. If we identify misuses of data, we’ll take immediate action, including banning the app from our platform and pursuing legal action if appropriate. • Tell people about data misuse. We will tell people about apps that have misused their data. This includes building a way for people to know if their data might have been accessed via the app. Moving forward, if we remove an app for misusing data, we will tell everyone who used it. 152 • Turn off access for unused apps. If someone has not used an app within the last three months, we will turn off the app’s access to their data. • Restrict Facebook Login data. We are changing Login, so that the only data that an app can request without app review will include name, profile photo, and email address. Requesting any other data will require approval from Facebook. We will also no longer allow apps to ask for access to information like religious or political views, relationship status and details, custom friends lists, education and work history, fitness activity, book reading and music listening activity, news reading, video watch activity, and games activity. We will encourage people to manage the apps they use. We already show people what apps their accounts are connected to and allow them to control what data they’ve permitted those apps to use. But we’re making it easier for people to see what apps they use and the information they have shared with those apps. • Reward people who find vulnerabilities. We launched the Data Abuse Bounty program so that people can report to us any misuses of data by app developers. • Update our policies. We have updated our terms and Data Policy to explain how we use data and how data is shared with app developers. We are investing so much in security that our costs will increase significantly. But we want to be clear about what our priority is: protecting our community is more important than maximizing our profits. As our CEO Mark Zuckerberg has said, when you are building something unprecedented like Facebook, there are going to be mistakes. What people should hold us accountable for is learning from the mistakes and continually doing better—and, at the end of the day, making sure that we’re building things that people like and that make their lives better. QUESTION 8: How will you prevent another developer like Kogan from creating a viral app for the expressed purpose of gathering data and downloading, storing, and sharing that data? See Response to Question 7. QUESTION 9: How do you know that there are no other copies of the data that Kogan acquired from Facebook? Facebook obtained written certifications from Kogan, GSR, and other third parties (including Cambridge Analytica and SCL) declaring that all data they had obtained, and any derivatives, was accounted for and destroyed. Based on recent allegations, we have reopened our investigation into the veracity of these certifications and have hired a forensic auditor to conduct a forensic audit of Cambridge Analytica’s systems. We are currently paused on the audit at the request of the UK Information Commissioner’s Office request, which is conducting a regulatory investigation into Cambridge Analytica (based in the UK), and we hope to move forward with that audit soon. 153 We have suspended SCL/Cambridge Analytica from purchasing advertising on Facebook. QUESTION 10: A March 2018 online article in Quartz reported that Facebook employees and Cambridge Analytica employees were both working in the Trump Campaign San Antonio headquarters.4 How will you ensure that your advertising salespeople are not engaging with entities previously identified for violating your terms of service? No one from Facebook was assigned full-time to the Trump campaign, or full-time to the Clinton campaign. We offered identical support to both the Trump and Clinton campaigns, and had teams assigned to both. Everyone had access to the same tools, which are the same tools that every campaign is offered. We continuously work to ensure that we comply with all applicable laws and policies. While our investigation is ongoing, our review indicates that Facebook employees did not identify any issues involving the improper use of Facebook data in the course of their interactions with Cambridge Analytica during the 2016 US Presidential campaign. QUESTION 11: In a recent press conference,5 you state that you are fully confident you are making progress against foreign actor manipulating the Facebook platform. Will you provide Congress and the American people auditable periodic reports about the progress you and your team are making on fighting disinformation on your platform? We have worked to notify people about this issue, broadly, through our white paper in April 2017, Information Operations on Facebook, and our disclosures about the IRA last fall. We have also been publishing updates on these issues in our Newsroom. THIRD PARTY APPLICATIONS: QUESTION 12: How many times has Facebook enforced your terms of services against 3rd party application for misuse of data? We use a variety of tools to enforce Facebook policies against violating parties, including developers. We review tens of thousands of apps per year and regularly disapprove noncompliant apps as part of our proactive review process. We also use tools like cease and desist letters, account suspensions, letter agreements, and civil litigation. For example, since 2006, Facebook has sent over 1,150 cease-and-desist letters to over 1,600 targets. In 2017, we took action against about 370,000 apps, ranging from imposing certain restrictions to removal of the app from the platform. Moreover, we have required parties who have procured our data without authorization to delete that data. We have invested significant resources in these efforts. Facebook is presently investigating apps that had access to large amounts of information before we changed our platform policies in 2014 to significantly reduce the data apps could access. To date around 200 apps (from a handful of developers: Kogan, AIQ, Cube You, the Cambridge Psychometrics 4 Kozlowska, Hanna. 20 March 2018. Facebook and Cambridge Analytica worked side by side at a Trump campaign office in San Antonio. https://qz.com/1233579/facebook-and-cambridge-analytica-worked-side-by-side-at-a-trumpcampaign-office-in-san-antonio/. 5 Facebook. 4 April 2018. “Hard Questions: Q&A with Mark Zuckerberg on Protecting People’s Information”. https://newsroom.fb.com/news/2018/04/hard-questions-protecting-peoples-information/. 154 Center, and myPersonality) have been suspended—pending a thorough investigation into whether they did in fact misuse any data. QUESTION 13: It’s clear that, over the course of the Facebook platform program, enforcement of the Platform Policy has been reactive rather than proactive. Of all the 3rd party applications, how many such applications have been reviewed in the past 8 years? How many 3rd party applications have been removed from the platform due to violations of the terms of service? See Response Question 12. QUESTION 14: According to your Platform Policy, if you exceed 5 million monthly active users or 100M API calls per day, developers may be subject to additional terms. What are the additional terms? How many 3rd party applications are currently subject to additional terms? In circumstances where developers make a high volume of API calls, Facebook may impose additional terms, which are generally negotiated and vary depending on which APIs are at issue. In addition, Facebook has a set of APIs that enable certain partners, primarily operating systems and device manufacturers, to provide people with Facebook-like experiences (e.g., Facebook apps, news feed notifications, address book syncs) in their products. We developed these APIs, which are commonly known as “device-integrated APIs,” in the early days of mobile when the demand for Facebook outpaced our ability to build versions of our product that worked on every phone or operating system. Several dozen companies still used them at the start of the year, including Amazon, Apple, Blackberry, HTC, Microsoft, Huawei, Lenovo and Samsung, among others. On April 23, 2018, we announced that we would wind down these APIs. So far over 30 of these partnerships have been ended, including with Huawei. These device-integrated APIs are different from the platform APIs that were used by Alexandr Kogan, which were the focus of the hearing and went to the heart of the Cambridge Analytica matter. Third party developers using our platform APIs built new, social experiences incorporating information that Facebook users brought with them; by contrast, the very point of our device-integrated APIs was to enable other companies to create Facebook functionality, primarily for devices and operating systems. The experiences that partners built using our device-integrated APIs were reviewed and approved by Facebook, and partners could not integrate the user’s Facebook features without the user’s permission. QUESTION 15: For the Platform Policy for Messenger, how do you ensure that malicious actors are not using bots using the Messenger API to spread disinformation to users at a mass scale? Businesses large and small are using bots for Messenger to connect with their customers in a way that is convenient, functional, and enables them to connect with customers at scale. We give people control of their experience. We offer a set of tools that allow a person to block or mute a bot or business at any time and people can also report bots where the Facebook Community Operations team will review and take action if appropriate. Finally, a few months ago we announced that bot developers are now required to have business verification for 155 apps/bots that need access to specialized APIs as a result of our ongoing efforts to ensure integrity across our platforms. FACEBOOK - SUITE OF APPLICATION - ONAVO VPN: QUESTION 16: Do know whether customers who download the virtual private network, or VPN, of Facebook’s subsidiary Onavo’s understand that any activity occurring on their mobile device is being collected and stored by Facebook? Doesn’t this practice violate the privacy consumers expect of a VPN? When people first install the iOS version of the Onavo Protect app, we explain that Onavo uses a VPN that “helps keep you and your data safe by understanding when you visit potentially malicious or harmful websites and giving you a warning.” In addition, the first screen that a person sees when installing the app explains, under a heading that reads “Data Analysis”: “When you use our VPN, we collect the info that is sent to, and received from, your mobile device. This includes information about: your device and its location, apps installed on your device and how you use those apps, the websites you visit, and the amount of data use. This helps us improve and operate the Onavo service by analyzing your use of websites, apps and data. Because we’re a part of Facebook, we also use this info to improve Facebook products and services, gain insights into the products and services people value, and build better experiences.” People must tap a button marked “Accept & Continue” after seeing this information in a full-screen interstitial before they can use the app. The Android version of the Onavo Protect app offers data management features (e.g., the ability to block apps from using background data) that do not require users to enable the app’s VPN. For both versions of the app, we communicate repeatedly and up front—in the App Store description, in Onavo’s Privacy Policy, and in-line at the time the user first opens the app after downloading it—that Onavo is part of Facebook and what that means for how Onavo Protect handles data in other ways. More broadly, websites and apps have used market research services for years. We use Onavo, App Annie, comScore, and publicly available tools to help us understand the market and improve all our services. When people download Onavo to manage their data usage and help secure their connection, we are clear about the information we collect and how it is used. Like other VPNs, when the Onavo VPN is enabled, Onavo Protect helps create a secure connection, including when people are on public Wi-Fi. As part of this process, Onavo receives their mobile data traffic. This helps us improve and operate the Onavo service. Because we’re part of Facebook, we also use this information to improve Facebook products and services. We let people know about this activity, and other ways that Onavo uses, analyzes, and shares data (for example, the apps installed on users’ devices) in the App Store descriptions, and when they first open the app after downloading it. 156 Facebook does not use Onavo data for Facebook product uses, nor does it append any Onavo data or data about individuals’ app usage to Facebook accounts. QUESTION 17: According to this Wall Street Journal article, Facebook uses data collected from the Onavo suite of applications to monitor potentially competitive application6. Since the acquisition in 2013, how specifically has Facebook used information from Onavo to inform acquisitions as well as product development? See Response to Question 16. TERMS OF SERVICE: QUESTION 18: Has Facebook ever disclosed to its users which “third parties partners” have access to user information? If no, will you publish this list so that users know which outside parties have access to their information? Facebook allows people to view, manage, and remove the apps that they have logged into with Facebook through the App Dashboard. We recently prompted everyone to review their App Dashboard as a part of a Privacy Checkup, and we also provided an educational notice on Facebook to encourage people to review their settings. More information about how users can manage their app settings is available at https://www.facebook.com/help/218345114850283?helpref=about_content. The categories of information that an app can access is clearly disclosed before the user consents to use an app on Facebook platform. Users can view and edit the categories of information that apps they have used have access to through the App Dashboard. USER TRACKING: QUESTION 19: Does Facebook can “track a user’s Internet browsing activity, even after that user has logged off of the Facebook platform”? If yes, how Facebook discloses that kind of tracking to its users? And can users opt-out of this kind of tracking? When people visit apps or websites that feature our technologies—like the Facebook Like or Comment button—our servers automatically log (i) standard browser or app records of the fact that a particular device or user visited the website or app (this connection to Facebook’s servers occurs automatically when a person visits a website or app that contains our technologies, such as a Like button, and is an inherent function of Internet design); and (ii) any additional information the publisher of the app or website chooses to share with Facebook about the person’s activities on that site (such as the fact that a purchase was made on the site). This is a standard feature of the Internet, and most websites and apps share this same information with multiple different third-parties whenever people visit their website or app. For example, the Senate Commerce Committee’s website shares information with Google and its affiliate DoubleClick and with the analytics company Webtrends. This means that, when a person visits the Committee’s website, it sends browser information about their visit to each one of those third 6 Seetharaman, Deepa and Morris, Betsy. “Facebook’s Onavo Gives Social-Media Firm Inside Peek at Rivals’ Users.” 13 August 2017. Wall Street Journal. 157 parties. More information about how this works is available at https://newsroom.fb.com/news/2018/04/data-off-facebook/. When the person visiting a website featuring Facebook’s tools is not a registered Facebook user, Facebook does not have information identifying that individual, and it does not create profiles for this individual. We use the browser and app logs that apps and websites send to us—described above—in the following ways for non-Facebook users. First, these logs are critical to protecting the security of Facebook and to detecting or preventing fake account access. For example, if a browser has visited hundreds of sites in the last five minutes, that’s a sign the device might be a bot, which would be an important signal of a potentially inauthentic account if that browser then attempted to register for an account. Second, we aggregate those logs to provide summaries and insights to websites and apps about how many people visit or use their product, or use specific features like our Like button—but without providing any information about a specific person. We do not create profiles for non-Facebook users, nor do we use browser and app logs for non-Facebook users to show targeted ads from our advertisers to them or otherwise seek to personalize the content they see. However, we may take the opportunity to show a general ad that is unrelated to the attributes of the person or an ad encouraging the non-user to sign up for Facebook. When the individual is a Facebook user, we are also able to use this information to personalize their experiences on Facebook, whether or not they are logged out, but we will not target ads to users relying on this information unless the user allows this in their privacy settings. We do not sell or share this information with third-parties. QUESTION 20: How many Facebook “Like” buttons there are on non-Facebook web pages? Facebook does not publish tracking software. When people visit apps or websites that feature our technologies—like the Facebook Like or Comment button—our servers automatically log (i) standard browser or app records of the fact that a particular device or user visited the website or app (this connection to Facebook’s servers occurs automatically when a person visits a website or app that contains our technologies, such as a Like button, and is an inherent function of Internet design); and (ii) any additional information the publisher of the app or website chooses to share with Facebook about the person’s activities on that site (such as the fact that a purchase was made on the site). This is a standard feature of the Internet, and most websites and apps share this same information with multiple different third-parties whenever people visit their website or app. For example, the Senate Commerce Committee’s website shares information with Google and its affiliate DoubleClick and with the analytics company Webtrends. This means that, when a person visits the Committee’s website, it sends browser information about their visit to each one of those third parties. More information about how this works is available at https://newsroom.fb.com/news/2018/04/data-off-facebook/. During the week prior to April 16, 2018, on sites that use Facebook services: the Like button appeared on 8.4M websites, the Share button on 931K websites covering 275M webpages, and there were 2.2M Facebook pixels installed on websites. 158 QUESTION 21: How many Facebook “Share” buttons there are on non-Facebook web pages? See Response to Question 20. QUESTION 22: How many non-Facebook websites have Facebook pixel code? See Response to Question 20. QUESTION 23: While users can download their user generated data using the “Download Your Information” tool, how can users download data that Facebook has inferred about them? Our Download Your Information or “DYI” tool is Facebook’s data portability tool and was launched many years ago to let people access and download many types of information that we maintain about them. The data in DYI and in our Ads Preferences tool contain each of the interest categories that are used to show people ads, along with information about the advertisers are currently running ads based on their use of an advertiser’s website or app. People also can choose not to see ads from those advertisers. We recently announced expansions to Download Your Information, which, among other things, will make it easier for people to see their data, delete it, and easily download and export it. More information is available at https://newsroom.fb.com/news/2018/04/new-privacy-protections/. Responding to feedback that we should do more to provide information about websites and apps that send us information when people use them, we also announced plans to build Clear History. This new feature will enable users to see the websites and apps that send us information when they use them, delete this information from their account, and turn off Facebook’s ability to store it associated with their account going forward. We have also introduced Access Your Information. This feature provides a new way for people to access and manage their information. Users can go here to delete anything from their timeline or profile that they no longer want on Facebook. They can also see their ad interests, as well as information about ads they’ve clicked on and advertisers who have provided us with information about them that influence the ads they see. From here, they can go to their ad settings to manage how this data is used to show them ads. QUESTION 24: How many websites have Facebook-tracking software on them? What percentage of all internet sites have Facebook-tracking software? See Response to Question 20. QUESTION 25: According to a Gizmodo report7, Facebook collects data on people using Shadow Profiles. Do you collect data on people who are not Facebook users? Please describe the process for non-Facebook users can employ to delete any data collected about them by the company. 7 Hill, Kasmir. 07 November 2017. How Facebook Figures Out Everyone You’ve Met. Gizmodo. https://gizmodo.com/how-facebook-figures-out-everyone-youve-ever-met-1819822691?IR=T. 159 Yes. If a person doesn’t have a Facebook account but believes Facebook may have information about them, they can contact us to request a copy of your information. A contact form is available at https://www.facebook.com/help/contact/180237885820953. However, Facebook does not create profiles about or track web or app browser behavior of non-users. When people visit apps or websites that feature our technologies—like the Facebook Like or Comment button—our servers automatically log (i) standard browser or app records of the fact that a particular device or user visited the website or app (this connection to Facebook’s servers occurs automatically when a person visits a website or app that contains our technologies, such as a Like button, and is an inherent function of Internet design); and (ii) any additional information the publisher of the app or website chooses to share with Facebook about the person’s activities on that site (such as the fact that a purchase was made on the site). This is a standard feature of the Internet, and most websites and apps share this same information with multiple different third-parties whenever people visit their website or app. For example, the Senate Commerce Committee’s website shares information with Google and its affiliate DoubleClick and with the analytics company Webtrends. This means that, when a person visits the Committee’s website, it sends browser information about their visit to each one of those third parties. More information about how this works is available at https://newsroom.fb.com/news/2018/04/data-off-facebook/. When the person visiting a website featuring Facebook’s tools is not a registered Facebook user, Facebook does not have information identifying that individual, and it does not create profiles for this individual. We use the browser and app logs that apps and websites send to us—described above— in the following ways for non-Facebook users. First, these logs are critical to protecting the security of Facebook and to detecting or preventing fake account access. For example, if a browser has visited hundreds of sites in the last five minutes, that’s a sign the device might be a bot, which would be an important signal of a potentially inauthentic account if that browser then attempted to register for an account. Second, we aggregate those logs to provide summaries and insights to websites and apps about how many people visit or use their product, or use specific features like our Like button—but without providing any information about a specific person. We do not create profiles for non-Facebook users, nor do we use browser and app logs for nonFacebook users to show targeted ads from our advertisers to them or otherwise seek to personalize the content they see. However, we may take the opportunity to show a general ad that is unrelated to the attributes of the person or an ad encouraging the non-user to sign up for Facebook. 160 Questions from Senator Peters 1. A major challenge artificial intelligence (AI) and machine learning developers need to address is the ability to ensure prolonged safety, security, and fairness of the systems. This is especially true of systems designed to work in complex environments that may be difficult to replicate in training and testing, or systems that are designed for significant learning after deployment. One approach to address this challenge is to implement standards or principles guiding the development of AI systems. However, you referenced AI more than 30 times in your testimony on Capitol Hill, and many of those references were in different contexts. This seems to imply Facebook has assumed a broad or vague definition of AI. I fear that a vague definition will make it difficult to implement clear, unambiguous standards or principles to guide the fair, safe, and secure application of AI and algorithms. a. What how does Facebook define AI? b. How is Facebook currently working to build trust in its usage of AI? Specifically, has your company developed a set of principles to guide your development and use of AI systems? If so, what are they? Please also provide details on how these principles are being implemented. c. How will these principles improve the transparency of decision-making AI systems? d. How will these principles prevent a system designed to learn after deployment from developing unacceptable behavior over time? We are focused on both the technical and the ethical aspects of artificial intelligence. We believe these two should go hand-in-hand together in order to fulfill our commitment to being fair, transparent and accountable in our development and use of AI. Facebook has AI teams working on developing the philosophical, as well as technical, foundations for this work. Facebook is also one of the co-founders and members of the Partnership on AI (PAI), a collaborative and multi-stakeholder organization established to study and formulate best practices on AI technologies, to advance the public’s understanding of AI, and to serve as an open platform for discussion and engagement about AI and its influences on people and society. The thematic pillars that structure the work we’re doing in the scope of the PAI—safety, fairness, transparency and accountability—are the principles that we believe industry should follow and promote when building and deploying AI systems. The PAI’s Fair, Transparent and Accountable AI Working Group is also working alongside industry, academia, and civil society to develop best practices around the development and fielding of fair, explainable, and accountable AI systems. We believe that over the long term, building AI tools is the scalable way to identify and root out most content that violates our policies. We are making substantial investments in building and improving these tools. We already use artificial intelligence to help us identify threats of real world harm from terrorists and others. For example, the use of AI and other automation to stop the spread of terrorist content is showing promise. Today, 99 percent of the ISIS and Al Qaeda related terror content we remove from Facebook is content we detect before 161 anyone in our community has flagged it to us, and in some cases, before it goes live on the site. We do this primarily through the use of automated systems like photo and video matching and text-based machine learning. We also use AI to help find child exploitation images, hate speech, discriminatory ads, and other prohibited content. 2. Mr. Zuckerberg, you said recently that Facebook is more like a government than a traditional company. Facebook is a community of over 2 billion people from every country in the world. You have also said you hope to grow the number of Facebook employees working on security of the user community to 20,000 by the end of the year. A city like Flint, Michigan has a population of 100,000 and roughly 100 uniformed police officers. Your company is aiming to have one cop on the beat for every 100,000 of its 2 billion users. a. Is this going to be adequate to prevent another misuse of consumer data like we saw with Cambridge Analytica? We are doubling the size of our security and content review teams (from 10,000 to 20,000) over the course of this year. We currently have approximately 15,000 people working on these teams. b. How are you making the efforts of these employees transparent and accountable to your users? We are taking significant steps to increase our transparency. For example, we have published the internal guidelines we use to enforce our Community Standards here: https://newsroom.fb.com/news/2018/04/comprehensive-community-standards/. We decided to publish these internal guidelines for two reasons. First, the guidelines will help people understand where we draw the line on nuanced issues. Second, providing these details makes it easier for everyone, including experts in different fields, to give us feedback so that we can improve the guidelines—and the decisions we make—over time. We also recently publicized data around enforcement of our Community Standards in a Community Standards Enforcement Report (https://transparency.facebook.com/communitystandards-enforcement). The report details our enforcement efforts between October 2017 to March 2018, and it covers six areas: graphic violence, adult nudity and sexual activity, terrorist propaganda, hate speech, spam, and fake accounts. The numbers show you: • How much content people saw that violates our standards; • How much content we removed; and • How much content we detected proactively using our technology—before people who use Facebook reported it. The data we published is the same information we use to measure our progress internally. We believe this increased transparency will lead to increased accountability and responsibility over time. 162 3. Facebook has made some changes in light of the 2016 US Presidential election and the fact that your platform allowed for the proliferation of fake news. You’ve since developed tools that try to tamp down on this activity—pulling down fake accounts and destroying bots. a. You have described the content on your platform during elections held since 2016, both foreign and domestic, as “cleaner”—but what metrics are you using to evaluate the real effectiveness of the changes you have made? b. Once you have a true understanding of the impact these tools have—how can you communicate the changes to users so they can be confident that what they are viewing is real and not there for the purpose of manipulating them? c. Consumers are skeptical of the content on your platform, how can you gain back their trust? We are working hard to regain the trust of our community. Success would consist of minimizing or eliminating abuse of our platform and keeping our community safe. We have a number of specific goals that we will use to measure our progress in these efforts. First, we are increasing the number of people working on safety and security at Facebook, to 20,000. We have significantly expanded the number of people who work specifically on election integrity, including people who investigate this specific kind of abuse by foreign actors. Those specialists find and remove more of these actors. Second, we work to improve threat intelligence sharing across our industry, including, we hope, by having other companies join us in formalizing these efforts. This is a fight against sophisticated actors, and our entire industry needs to work together to respond quickly and effectively. Third, we are bringing greater transparency to election ads on Facebook by requiring more disclosure from people who want to run election ads about who is paying for the ads and by making it possible to see all of the ads that an advertiser is running, regardless of the targeting. We believe that these efforts will help to educate our community and to arm users, media, civil society, and the government with information that will make it easier to identify more sophisticated abuse to us and to law enforcement. We have gotten increasingly better at finding and disabling fake accounts. We’re now at the point that we block millions of fake accounts each day at the point of creation before they do any harm. We are taking steps to help users assess the content they see on Facebook. For example, for ads with political content, we’ve created an archive that will hold ads with political content for seven years—including for information about ad impressions and spend, as well as demographic data such as age, gender and location. People in Canada and Ireland can already see all the ads that a Page is running on Facebook—and we’re launching this globally in June. Further, advertisers will now need to confirm their ID and location before being able to run any ads with political content in the US. All ads with political content will also clearly state who paid for them. We also want to empower people to decide for themselves what to read, trust, and share. We promote news literacy and work to inform people with more context. For example, if 163 third-party fact-checkers write articles about a news story, we show them immediately below the story in the Related Articles unit. We also notify people and Page Admins if they try to share a story, or have shared one in the past, that’s been determined to be false. 4. How did Facebook, prior to the 2016 US Presidential election, identify and evaluate fake or troll accounts, and how have your processes changed since then? a. What steps are taken once Facebook has identified fake or troll accounts and, specifically, how much of your response is consumer-facing? Will a user ever truly know the extent to which they were influenced by a fake account? We continue to make improvements to our efforts to more effectively detect and deactivate fake accounts to help reduce the spread of spam, false news, and misinformation. We continually update our technical systems to identify, checkpoint, and remove inauthentic accounts, and we block millions of attempts to register fake accounts every day. These systems examine thousands of detailed account attributes and prioritize signals that are more difficult for bad actors to disguise, such as their connections to others on our platform. As with all security threats, we have been incorporating new insights into our models for detecting fake accounts, including information specific to election issues. b. Is it true that Facebook does not authenticate the administrators of group and organization pages in the same manner it authenticates individual accounts? Will you take a different approach going forward? We have announced that people who manage Pages with large numbers of followers will need to be verified. Those who manage large Pages that do not clear the process will no longer be able to post. This will make it much harder for people to administer a Page using a fake account, which is strictly against our policies. We will also show users additional context about Pages to effectively assess their content. For example, a user can see whether a Page has changed its name. 5. Current sector-specific privacy laws and state privacy laws, as well as currently proposed federal legislation that address data privacy and security, often narrowly define personal information to include identifiers like a person’s name, social security number, and bank information. But definitions of personal information currently do not cover information like social media “likes” and certain choices and activities online that bad actors have at worst used to manipulate voters and at best used to deliver targeted advertisements. a. What do you think Cambridge Analytica has taught us about what should be considered personal information? b. Should definitions of personal information be updated to include an individual’s activities like search activity and social media “likes”? Facebook is generally not opposed to regulation but wants to ensure it is the right regulation. The issues facing the industry are complex, multi-faceted, and affect an important part of peoples’ lives. As such, Facebook is absolutely committed to working with regulators, 164 like Congress, to craft the right regulations. Facebook would be happy to review any proposed legislation and provide comments. 6. Who do you consider to be Facebook’s customers (i.e., what stakeholders directly provide Facebook with revenue)? To the extent that the customers are not the end users of the platform, how will Facebook reconcile the privacy expectations and interests of both sets of stakeholders? In the words of Facebook CEO and Founder Mark Zuckerberg, “Facebook is an idealistic and optimistic company. For most of our existence, we focused on all the good that connecting people can bring. As Facebook has grown, people everywhere have gotten a powerful new tool to stay connected to the people they love, make their voices heard, and build communities and businesses.” Our product is social media—the ability to connect users with the people that matter to them, wherever they are in the world. It’s the same with a free search engine, website or newspaper. The core product is reading the news or finding information—and the ads exist to fund that experience. Our priority is protecting our community, and that is more important than maximizing our profits. 7. Does Facebook intend to provide its users with a comprehensive listing of all apps and services that have accessed their Facebook data? In such a listing, would Facebook include information about which data points were accessed, when they were accessed, and how they were accessed? Facebook allows people to view, manage, and remove the apps that they have logged into with Facebook through the App Dashboard. We recently prompted everyone to review their App Dashboard as a part of a Privacy Checkup, and we also provided an educational notice on Facebook to encourage people to review their settings. More information about how users can manage their app settings is available at https://www.facebook.com/help/218345114850283?helpref=about content. The categories of information that an app can access is clearly disclosed before the user consents to use an app on Facebook platform. Users can view and edit the categories of information that apps they have used have access to through the App Dashboard. 8. What mechanisms does Facebook have in place to monitor third parties who have access to user data once the data is delivered? If a user deletes their data on Facebook, how does Facebook ensure that third parties with access to their data have also deleted it? We use a variety of tools to enforce Facebook policies against violating parties, including developers. We review tens of thousands of apps per year. With the exception of Account Information (name, email, gender, birthday, current city, and profile picture URL), apps may maintain user data obtained from us only for as long as necessary for their business purpose and must delete the information if they stop using the Facebook Platform. Further, developers are required to keep the data maintained on their systems up to date. 9. What mechanisms—beyond self-reporting—are currently in place, or will be in place in the future, to enable independent academic and journalistic validation of Facebook’s 165 current and future claims that the platform has removed bad actors who have abused or compromised user data and privacy? App Review. We have large teams of internal and external experts working hard to investigate these apps as quickly as possible. To date, thousands of apps have been investigated and around 200 (from a handful of developers) have been suspended—pending a thorough investigation into whether they did in fact misuse any data. The App Review process introduced in 2014 requires developers who create an app that asks for more than certain basic user information from installers to justify the data they are looking to collect and how they are going to use it. Facebook then reviews whether the developer has a legitimate need for the data in light of how the app functions. Only if it is approved following such review can the app ask for users’ permission to get their data. Facebook has rejected more than half of the apps submitted for App Review between April 2014 and April 2018. New Developer Requirements. We are in the process of investigating every app that had access to a large amount of information before we changed our Platform in 2014. If we find suspicious activity, we will take immediate steps to investigate (including a full forensic audit) or take enforcement actions against the app. If we determine that there has been improper use of data, we will ban those developers and notify everyone affected. Facebook is launching the Data Abuse Bounty to reward people who report any misuse of data by app developers. The Data Abuse Bounty, inspired by the existing bug bounty program that we use to uncover and address security issues, will help us identify violations of our policies. Further, Facebook’s Platform Policy makes clear to app developers the relevant requirements regarding users’ privacy that apply to apps operating on the Platform, including the requirements to give users choice and control, and to respect user privacy. Application developers explicitly agree to Facebook’s Statement of Rights and Responsibilities and Platform Policy when they set up their Facebook accounts. The Platform Policy imposes a variety of obligations on app developers regarding the features, functionality, data collection and usage, and content for apps on the Platform, as well as Facebook’s right to take enforcement action if an application violates the Platform Policy. Clear History. We have also worked with regulators, legislators, and privacy experts on updates that make data settings and tools easier to find. For example, we recently announced plans to build Clear History. This feature will enable users to see the websites and apps that send us information when they use them, delete this information from their accounts, and turn off our ability to store it associated with their accounts going forward. When developing tools such as Clear History, we will work with privacy advocates, academics, policymakers, and regulators to get their input on our approach, including how we plan to remove identifying information and the rare cases where we need information for security purposes. We’ve already started a series of roundtables in cities around the world, and heard specific demands for controls like these at a session we held at our headquarters two weeks ago. We’re looking forward to doing more. Measuring Misinformation Through Academic Commission. In April, Facebook also announced a new initiative to help provide independent research about the role of social media in 166 elections, as well as democracy more generally. In the coming weeks, the commission will lead a request for proposals to measure the volume and effects of misinformation on Facebook. They will then manage a peer review process to select which scholars will receive funding for their research, and access to privacy-protected data sets from Facebook. This will help keep us accountable and track our progress over time. Elections. We know that outside experts, researchers, and academics can also help by analyzing political advertising on Facebook. It’s why we’re working closely with our newlyformed Election Commission and other stakeholders to launch an API for the archive of ads with political content. We also recognize that news coverage of elections and important issues is distinct from advocacy or electoral ads, even if those news stories receive paid distribution on Facebook. We’re working closely with news partners and are committed to updating the archive to help differentiate between news and non-news content. 167 Questions from Senator Duckworth Question 1: According to the New York Times and other media outlets, fair housing advocates recently filed a lawsuit in federal court arguing that “Facebook continues to discriminate against certain groups, including women, disabled veterans and single mothers, in the way that it allows advertisers to target the audience for their ads.” Despite repeated announcements by Facebook suggesting that your company will remedy this disturbing practice, third-party organizations have tested your platform repeatedly to exclude certain minorities. Unfortunately, many of these tests of your platform were successful and this issue has been known to Facebook for several years. Please explain in detail why Facebook provided housing advertisers with targeting options to exclude users based on “ethnic affinity” in clear violation of Federal law. Following third-party demonstrations of how a housing advertiser could unlawfully use Facebook to discriminate against certain protected classes of housing customers, please describe in detail the specific actions Facebook took to end the practice and make sure that Facebook’s user tools actually reflect Facebook’s written policies that claim to prohibit using Facebook’s targeting options to discriminate. As Chairman and Chief Executive Officer, please describe how you personally responded to the public reports demonstrating that Facebook’s targeting options had enabled unlawful discrimination in housing. Please provide any company documents, in hard copy or electronic form, addressing the implementation of Facebook advertising targeting options and any associated risk that such an option could result in violations of Federal legal prohibitions against discrimination in housing. If Facebook has no such documents, please provide a detailed justification as to why the company did not, or does not, have a compliance protocol or office dedicated to enforcing Fair Housing laws. We want our advertising tools to help promote inclusion and diversity of all kinds. Discrimination has no place on Facebook, and we make this clear to advertisers in a number of ways. Everyone on Facebook must agree to our Terms when they sign up to use our service. In so doing, they agree not to engage in discriminatory conduct on Facebook. In addition, our Advertising Policies (available at https://www.facebook.com/policies/ads/) include an explicit and detailed anti-discrimination policy that prohibits discriminatory ads or the use of our audience selection tools for discriminatory purposes. In late 2016, we began building machine learning tools (called “classifiers”) that were intended to automatically identify, at the point of creation, advertisements offering housing, employment or credit opportunities (referred to here generally as “housing, employment and credit ads”). We built these classifiers so that when we identified one of these kinds of ads, we could: (1) prevent the use of our “multicultural affinity” targeting options in connection with the ad, and (2) for the use of any other kind of targeting, require that the advertiser certify compliance with our anti-discrimination policy and applicable anti-discrimination laws. We trained the classifiers before we launched them, including by using search terms provided by your office in January 2017. After the classifiers launched in approximately February 2017, we anticipated that, through machine learning, they would become better over time at distinguishing ads offering housing, employment, or credit opportunities from other types 168 of ads. We also expected that we would receive feedback about the performance of the tool that would enable us to detect problems and improve the classifiers over time. In practice, the classifiers did not improve over time as much as we had anticipated. Rather, they became both over- and under-inclusive, identifying and requiring self-certification for hundreds of thousands of ads each day that may have had nothing to do with housing, employment, or credit offers, while missing ads that may have contained such offers. There were two principal reasons for this failure. First, a key aspect of our ad-review process involves the random sampling of ads that are live on Facebook for the purpose of reassessing those ads’ compliance with our Advertising Policies. When we identify ads that should have been flagged as being in violation of our policies, we use that information to improve our review processes, including our machine learning classifiers. In hindsight, our training set was not sufficiently comprehensive and did not include an evolving set of housing, credit and employment ads that should have been flagged by our classifiers to better train our models. We also failed to fully account for the lack of feedback we would likely receive about the performance of these classifiers through other channels—feedback we typically rely on to alert us to performance issues. For example, advertisers whose ads should have been (but were not) identified through this process would have had no reason to report a problem. We take these limitations very seriously, and we regret that they prevented us from providing the oversight we had hoped to provide. Since they were brought to our attention in November 2017, we have taken significant steps to remedy them. These steps include the following: • We have integrated all of the classifiers and targeting prohibitions into the random sampling process we use to gather feedback about the performance of our ad review processes. • We are adding more than 1,000 people to our global ads review teams over the next year to allow for more human review of the ads placed on our platform. • We have built teams whose role it is to pressure test our policy-enforcement products to identify potential performance issues. In addition to addressing the issues with housing, employment and credit classifiers to more accurately identify such ads, as of January 2018, we have implemented the following additional changes with regard to multicultural affinity targeting more generally: • We disabled the use of multicultural affinity exclusion targeting for all ads; this prohibition is no longer limited to housing, employment and credit ads. • We now require self-certification of compliance with our anti-discrimination policies and applicable anti-discrimination laws for any use of multicultural affinity targeting, regardless of the type of ad. • We have undertaken a review of our ad-targeting tools generally, with an eye toward identifying the potential for the tools to be abused. 169 • As a result of that review, we disabled the use of other exclusion targeting categories that we determined, on their face, may have been misunderstood to identify a group of Facebook users based on race, color, national origin or ancestry. Question 2: What is Facebook doing to protect Veterans, women and other minorities to ensure that advertisements on your platform do not discriminate against them in possible violation of federal laws? Is Facebook aware of an investigation by the U.S. Department of Housing and Urban Development regarding these issues and is Facebook cooperating with an investigation? When were you alerted that an investigation(s) had begun? Do you believe that violators of Federal laws prohibiting discrimination, such as the protections contained in the Fair Housing Act, should be held accountable? Discriminatory advertising has no place on Facebook’s platform and Facebook removes such content as soon as it becomes aware of it. Facebook’s policies prohibit advertisers from discriminating against people on personal attributes such as race, ethnicity, color, national origin, religion, age, sex, sexual orientation, gender identity, family status, disability, and medical or genetic conditions. Facebook educates advertisers on our anti-discrimination policy, and in some cases, requires the advertisers to certify compliance with Facebook’s anti-discrimination policy and anti-discrimination laws. Facebook also uses machine learning to help identify ads that offer housing, employment, or credit opportunities. When an advertiser attempts to show an ad that Facebook identifies as offering a housing, employment, or credit opportunity and includes Facebook’s multicultural advertising segments, Facebook will disapprove the ad. Facebook also requires advertisers to certify that they are complying with Facebook’s updated anti-discrimination policy and antidiscrimination laws when the advertiser attempts to show a housing, employment, or credit opportunity and uses any other audience segment on Facebook. Facebook has been actively engaged with the US Department of Housing and Urban Development (HUD) since at least the Fall of 2016. As part of the engagement, Facebook has focused on addressing the concern that advertisers may seek to engage in discriminatory advertising on Facebook’s platform. In connection with this engagement, Facebook has made numerous modifications and improvements to its ad policies, practices, and tools. Question 3: I’m glad to hear that Facebook plans to extend the European Union’s General Data Protection Regulations (GDPR) to U.S. users. By what date does Facebook plan on extending those protections to U.S. users? In doing so, is Facebook affirming that all data generated by a user is the property of that user and is subject to protections outlined in the General Data Protection Regulations, including rights to access, rectification, erasure, data portability, among others? We confirm that we provide the same tools for access, rectification, erasure, data portability and others to people in the US (and globally) that we provide in the European Union, and many of those tools (like our Download Your Information tool, Ad Preferences tool, and Activity Log) have been available globally for many years. We have recently begun providing direct notice of these controls and our updated terms of service to people around the world (including in the US), allowing people to choose whether or not to enable or disable these settings or to consent to our updated terms. The controls and settings that Facebook is enabling 170 as part of GDPR are available to people around the world, including settings for controlling our use of face recognition on Facebook and for controlling our ability to use data we collect off Facebook Company Products to target ads. Question 4: The European Union’s deadline for full implementation of their General Data Protection Regulations (GDPR) is May 25, 2018. While you have said publically that Facebook plans to extend General Data Protection Regulations (GDPR) across its platform “in spirit,” including to users in the U.S., recent media reporting suggests that Facebook’s commitment to GDPR implementation across its platform is questionable. In your view, what does implementation of GDPR “in spirit” mean? If Facebook were to be found violating GDPR protections for non-European Union users, what recourse do those users have, legal or otherwise, to remedy a complaint? As a part of our overall approach to privacy, we are providing the same tools for access, rectification, erasure, data portability and others to people in the US (and globally) that we provide in the European Union under the GDPR. The controls and settings that Facebook is enabling as part of GDPR include settings for controlling our use of face recognition on Facebook and for controlling our ability to use data we collect off Facebook Company Products to target ads. We recently began providing direct notice of these controls and our updated terms to people around the world (including in the US), allowing people to choose whether or not to enable or disable these settings or to consent to our updated terms. Many of these tools (like our Download Your Information tool, ad preferences tool, and Activity Log) have been available globally for many years. The substantive protections in our user agreements offered by Facebook Ireland and Facebook, Inc. are the same. However, there are certain aspects of our Facebook Ireland Data Policy that are specific to legal requirements in the GDPR—such as the requirement that we provide contact information for our EU Data Protection Officer or that we identify the “legal bases” we use for processing data under the GDPR. Likewise, our Facebook Ireland terms and Data Policy address the lawful basis for transferring data outside the EU, based on legal instruments that are applicable only to the EU. And other provisions of the GDPR itself pertain to interactions between European regulators and other matters that are not relevant to people located outside of the EU. Facebook is subject to ongoing oversight by the Federal Trade Commission with respect to its privacy commitments to people and its implementation of privacy settings, under a Consent Order with the FTC. Facebook is subject to the authority of the Irish Data Protection Commissioner, its lead regulator, under the GDPR in the European Union. Question 5: As reported by Politico on April 17, 2018, Facebook has enlisted the help of conservative organizations to push back against GDPR and other potential regulatory efforts in the U.S. Is Facebook coordinating with political organizations to consider or address potential state or federal regulatory actions? When the GDPR was finalized, we realized it was an opportunity to invest even more heavily in privacy. We not only wanted to comply with the law, but also go beyond our obligations to build new and improved privacy experiences for everyone on Facebook. To that end, as we often do, we sought feedback from people with a variety of perspectives on privacy, 171 including people who use our services, regulators and government officials, privacy and policy experts, and designers. We are applying the same protections, controls, and transparency to people in the US and around the world that we are providing to people in Europe under GDPR. 172 [Removed by Committee due to inadvertent submission of unrelated material] 173 [Removed by Committee due to inadvertent submission of unrelated material] 174 Questions from Senator Cortez Masto Children’s Data Question 1. Does Instagram have an age limit requirement similar to the 13 years old Facebook requires? Yes, Instagram requires everyone to be at least 13 years old before they can create an account (and in some jurisdictions, this age limit may be higher). Question 2. How vulnerable or widely utilized have children’s (18 or younger) data been in both Facebook and your other platforms? We take the privacy, safety, and security of all those who use our platform very seriously, and when it comes to minors (13 to 18 years old), we provide special protections and resources. We also provide special protections for teens on Facebook and Messenger. We provide education before allowing teens to post publicly. We don’t show search results based on specific profile data (high school, birthday/age, and hometown, or current city) of teens to unconnected adults when the adults search on Facebook. Unconnected adults can’t message minors who are 13-17. And, we prohibit search engines off Facebook from indexing minors’ profiles. And, we have age limits for advertisements. For example, ads for dating sites, financial services, and other products or services are gated to users under 18. We provide special resources to help ensure that they enjoy a safe and secure experience. For example, we recently announced the launch of our Youth Portal, which is available in 60 languages at https://www.facebook.com/safety/youth. This portal is a central place for teens that includes: • Education. Information on how to get the most out of products like Pages, Groups, Events, and Profile, while staying safe. Plus, information on the types of data Facebook collects and how we use it. • Peer Voices. First-person accounts from teens around the world about how they are using technology in new and creative ways. • Ways to control user experience. Tips on things like security, reporting content, and deciding who can see what teens share. • Advice. Guidelines for how to safely get the most out of the internet. Instagram also will be providing information to teens to show them where they can learn about all of the tools on Instagram to manage their privacy and stay safe online, including how to use the new Access and Download tools to understand what they have shared online and learn how to delete things they no longer want to share. We are also making this information available in formats specifically designed for young users, including video tutorials for our privacy and safety tools, and teen-friendly FAQs about the Instagram Terms of Use, Data Policy, safety features, and Community Guidelines. 175 Instagram has also launched new content on Instagram Together, including videos and FAQs about privacy controls; information on how to use safety features, including comment controls, blocking accounts, reporting abuse, spam, or troubling messages; information on responsible social media use; and FAQs about safety on Instagram. We will be reaching out to users under 18 on Instagram to encourage them to learn more on Instagram Together, available at https://www.instagram-together.com/. Further, we have content restrictions and reporting features for everyone, including minors. We have Community Standards that prohibit hate speech, bullying, intimidation, and other kinds of harmful behavior. We encourage people to report posts and rely on our team of content reviewers around the world to review reported content. Our reviewers are trained to look for violations and enforce our policies consistently and as objectively as possible. When reviewed by our team, we hide certain graphic content from users under 18 (and include a warning for adults). We are also working to improve our ability to get our community help in real time, especially in instances where someone is expressing thoughts of suicide or self-harm, by expanding our use of proactive detection, working with safety experts and first-responders, and dedicating more reviewers from our Community Operations team. Question 3. How many children (18 or younger) had their data taken during the Cambridge Analytica breach? The Children’s Online Privacy Protection Act (COPPA) requires parental consent and notification in specific instances involving the collection and use of data about children under the age of 13. Facebook does not allow children under the age of 13 on its service or collect data about children under 13 that would trigger parental consent or notification. Question 4. Are you notifying parents about their children’s exposed data? See Response to Question 3. Discriminatory Advertising Question 1. Please provide a detailed description, including screenshots if applicable, of the nondiscrimination compliance certification that Facebook currently requires advertisers to complete. Please refer to our letter to you dated May 16, 2018. Question 2. Please provide a complete list of the characteristics, categories, descriptors, and/or interests that Facebook allows advertisers to select in order to target certain users for inclusion in an advertisement’s audience. Please refer to our letter to you dated May 16, 2018. Please note, however, that in limited cases and for the purpose of running ads that are not related to housing, employment or credit, we are re-enabling the ability of advertisers to exclude people from their audiences based on family status but are reviewing this as a targeting option. 176 Question 3. Please provide a complete list of the characteristics, categories, descriptors, and/or interests that Facebook allows advertisers to select in order to exclude certain users from an advertisement’s audience. See Response to Question 2. Question 4. Are there any characteristics, categories, descriptors, and/or interests that Facebook had previously permitted advertisers to select, but that Facebook no longer allows to be selected as targeting or exclusion criteria? If so, please provide a complete list of those characteristics, categories, descriptors, and/or interests. See Response to Question 2. Question 5. Are there certain characteristics, categories, descriptors, and/or interests that Facebook has never allowed advertisers to select for the purpose of targeting or excluding users from an advertisement’s audience? If so, please provide a complete list of those characteristics, categories, descriptors, and/or interests. See Response to Question 2. Question 6. Please describe the process that Facebook uses to determine whether a characteristic, category, descriptor, or interest will be available for selection as a targeting or exclusion criteria. If Facebook has a written policy governing this determination, please provide a copy. We have Community Standards that prohibit hate speech, bullying, intimidation, and other kinds of harmful behavior. We hold advertisers to even stricter advertising policies to protect users from things like discriminatory ads. We don’t want advertising to be used for hate or discrimination, and our policies reflect that. For example, our Advertising Policies make it clear that advertisers may not discriminate against people based on personal attributes such as race, ethnicity, color, national origin, religion, age, sex, sexual orientation, gender identity, family status, disability, and medical or genetic condition. The Policies also prohibit asserting or implying that a person belongs to one of these groups. We educate advertisers on our anti-discrimination policy, and when we detect that an advertiser is attempting to run a housing, employment or credit ad, we require the advertiser to certify compliance with our anti-discrimination policy and anti-discrimination laws. We are committed to getting better at enforcing our advertising policies. We review many ads proactively using automated and manual tools, and reactively when people hide, block, or mark ads as offensive. We are taking aggressive steps to strengthen both our automated and our manual review. We are also expanding our global ads review teams and investing more in machine learning to better understand when to flag and take down ads, such as ads that use our multicultural affinity segments in connection with offers of housing, employment or credit opportunities. Question 7. Regardless of whether the characteristics are described as demographic, behavioral, or interest-based criteria, does Facebook allow employment, housing, credit 177 advertisements to be targeted to users on the basis of protected characteristics, including race, national origin, religion, sex, gender, disability, age, and familial status? See Response to Question 2. Question 8. Regardless of whether the characteristics are described as demographic, behavioral, or interest-based criteria, does Facebook allow advertisers for employment and housing to exclude users on the basis of protected characteristics, including race, national origin, religion, sex, gender, disability, age, and familial status? See Response to Question 2. Question 9. Has Facebook reviewed characteristics/categories available for advertising to select or exclude when targeting that can be used as “proxies” for protected characteristics? If so, what is Facebook’s policy regarding the continued availability of that characteristic as a targeting or exclusion criteria and has Facebook ever removed categories that were being used as “proxies” for protected categories? How does Facebook go about determining which such categories could potentially be used as “proxies” for discrimination? See Response to Question 6. Question 10. Does Facebook allow employment, housing, and credit advertisements to be targeted to users on the basis of categories that may be reasonable proxies for protected characteristics? See Response to Question 2. Question 11. Does Facebook allow employment, housing, and credit advertisements to be targeted to users on the basis of their sexual orientation or gender identity? Please refer to our letter to you dated May 16, 2018. Question 12. In Facebook’s December 20, 2017 press release, Rob Goldman, VP of Ads, wrote that Facebook “proactively look[s] for bad ads, and investigate[s] concerns when they are raised.” Please describe Facebook’s process for monitoring ads for possible violations of Title VII, the Fair Housing Act, the Americans with Disabilities Act, and Title II of the Genetic Information Nondiscrimination Act. Please refer to our letter to you dated May 16, 2018. Question 13. Does Facebook “proactively look” for ads that may be discriminatory on the basis of each protected characteristic before they are posted to the platform? Please refer to our letter to you dated May 16, 2018. Question 14. Does Facebook have defined, written policies for determining whether an employment, housing, or credit ad is discriminatory on the basis of each protected 178 characteristic, and a procedure for deleting such ads? If so, please provide copies of such policies. Please refer to our letter to you dated May 16, 2018. Question 15. Has Facebook ever proactively deleted an employment, housing, or credit ad on the grounds that it discriminated on the basis of a protected characteristic? If so, how many such ads has Facebook deleted, broken down by each protected characteristic? Please refer to our letter to you dated May 16, 2018. Question 16. Has Facebook ever deleted an employment, housing, or credit ad on the grounds that it discriminated on the basis of a protected characteristic in response to a user complaint? If so, how many such ads has Facebook deleted, broken down by each protected characteristic? Please refer to our letter to you dated May 16, 2018. Question 17. Has Facebook ever barred a businesses or ad companies from using its services because of discriminatory ads? How many? Please detail the process Facebook has for addressing discriminatory advertisers, once identified. Please refer to our letter to you dated May 16, 2018. Question 18. Many state and local nondiscrimination laws go further than federal statutes prohibiting discrimination against protected classes. Does Facebook require advertisers to certify that they will comply with state and local nondiscrimination laws? Please refer to our letter to you dated May 16, 2018. Question 19. Does Facebook “proactively look” at employment, housing, and credit ads to evaluate their compliance with state and local nondiscrimination laws? Please refer to our letter to you dated May 16, 2018. Question 20. Does Facebook respond to user complaints about employment, housing, and credit ads that may violate state and local nondiscrimination laws? If so, how? Please refer to our letter to you dated May 16, 2018. Question 21. Please provide a timeline and any relevant documentation of interactions with the U.S. Department of Housing and Urban Development on Facebook’s advertisement policies. Please refer to our letter to you dated May 16, 2018. Question 22. Please provide a detailed description of any other U.S. federal agencies that have contacted Facebook regarding the issue of discriminatory advertising on the Facebook platform. 179 We regularly work cooperatively with regulators that may have questions about our platform and are happy to answer questions. Question 23. Please describe when this contact took place and a detailed description of the agency’s inquiry and interaction with Facebook, as well as Facebook’s response. See Response to Question 22. Question 24. Will Facebook commit to having an outside entity conducting a Civil Rights Audit of its platform and advertising practices? If so, will Facebook commit to meaningfully consulting civil rights organizations on the perimeters of the Civil Rights Audit? Will Facebook commit to making the results of such audit accessible to the public? Relman, Dane & Colfax, a respected civil rights law firm, will carry out a comprehensive civil rights assessment of Facebook’s services and internal operations. Laura Murphy, a national civil liberties and civil rights leader, will help guide this process—getting feedback directly from civil rights groups, like The Leadership Conference on Civil and Human Rights, and help advise Facebook on the best path forward. Discrimination and Diversity in Tech Community Over the past few months, our country has been reckoning with some hard truths about the way that women and minorities are treated in the workplace. And I think this is a moment for all types of organizations, including tech giants like the one represented here, to take a clear-eyed accounting of their culture and practices, to take responsibility for what hasn’t worked, and to renew their commitments to make meaningful improvements. The Equal Employment Opportunity Commission’s 2016 report on “Diversity in High Tech” found that that women, African Americans, and Hispanics are all represented at significantly lower levels in high tech than in private industry as a whole. And while recent internal studies by you at Facebook, and Google, have showed some progress in the hiring of women, there has not been equal improvement in the representation of people of color and other underrepresented groups. Question 1. What does diversity mean to you, and how do you want it reflected in your operations? With a global community of over two billion people on Facebook, greater diversity and inclusivity are critical to achieving our mission. Studies have shown that cognitive diversity on teams that are working on hard problems produces better results. Diversity helps us build better products, make better decisions and better serve our community. In order to achieve that, we have developed programming to attract and retain more people from traditionally underrepresented groups which include women, people of color, veterans and people with disabilities. We are not where we would like to be, but we are encouraged that representation for people from underrepresented groups at Facebook has increased. We’ve grown Black and 180 Hispanic representation by 1 percent each (2 percent combined) between our first report in 2014 and our most recent report in 2017: • Black Representation: from 2 percent to 3 percent • Hispanic Representation: from 4 percent to 5 percent • Black Non-Tech: from 2 percent to 6 percent • Hispanic Non-Tech: from 6 percent to 8 percent • Black Leadership: from 2 percent to 3 percent • Hispanic Leadership: from 3 percent to 4 percent • Black and Hispanic Tech have stayed at 1 percent and 3 percent As of August 2017, the number of women globally increased from 33 percent to 35 percent: • Women in Tech: from 17 percent to 19 percent • Women in Non-Tech: from 47 percent to 55 percent • Women in Leadership: from 23 percent to 28 percent • Women made up 27 percent of all new graduate hires in engineering and 21 percent of all new technical hires at Facebook. We seek to promote diversity in a variety of ways, and we want to highlight three programs in particular. First, we have adopted our Diverse Slate Approach (DSA) to interviewing job candidates. The more people that hirers interview who don’t look or think like them, the more likely they are to hire someone from a diverse background. To hardwire this behavior at Facebook, we introduced our DSA in 2015 and have since rolled it out globally. DSA sets the expectation that hiring managers will consider candidates from underrepresented backgrounds when interviewing for an open position. Second, we are working to reduce unconscious bias. Our publicly available Managing Unconscious Bias class encourages our people to challenge and correct bias as soon as they see it—in others, and in themselves. We’ve also doubled down by adding two additional internal programs: Managing Inclusion, which trains managers to understand the issues that affect marginalized communities, and Be The Ally, which gives everyone the common language, tools, and space to practice supporting others. Third, we have created Facebook University. We want to increase access and opportunity for students with an interest in software engineering, business, and analytics. Facebook University (FBU) gives underrepresented students extra training and mentorship earlier in their 181 college education. We started FBU in 2013 with 30 students and expect to have 280 in 2018. More than 500 students have graduated from this program, with many returning to Facebook for internships and full-time jobs. Finally, we have many partnerships to move the numbers nationally such as Black Girls Code, All Star Code, Hack the Hood, The Hidden Genius Project, Level Playing Field Institute, Yes We Code, Streetcode Academy, Dev Color, Dev Bootcamp and Techbridge. And, we now recruit at 300 Universities—including historically black colleges and universities (HBCUs) like Spelman, Morehouse, Howard, NCA&T, and Morgan State (EIR) and the HBCU Faculty Summit. We’re committed to building a more diverse, inclusive Facebook. Much like our approach to launching new products on our platform, we are willing to experiment and listen to feedback. Question 2. How are your entities working to address issues of discrimination, or lack of diversity, in your own workforce? See Response to Question 1. Question 3. Do you believe those efforts are sufficient and what do you believe is needed throughout the tech sector to address the mistreatment of some, and the need to expand ladders of opportunities for everyone? See Response to Question 1. Like most companies, Facebook files numerous patents on its emerging technology and I’d like to raise concerns about some of the patents that your company has recently filed. One is titled “Socioeconomic group classification based on user features” which is technology that would allow Facebook to group users into upper, middle, and working classes based on user action. It was recently discovered that Facebook has allowed advertisers to discriminate on the base of age. Question 1. How can we be confident that your company will crack down on discriminatory behavior as it is developing technology to group users into class? Discriminatory advertising has no place on Facebook’s platform and Facebook removes such content as soon as it becomes aware of it. Facebook’s policies prohibit advertisers from discriminating against people on personal attributes such as race, ethnicity, color, national origin, religion, age, sex, sexual orientation, gender identity, family status, disability, and medical or genetic conditions. Facebook educates advertisers on our anti-discrimination policy, and in some cases, requires the advertisers to certify compliance with Facebook’s anti-discrimination policy and anti-discrimination laws. Facebook also uses machine learning to help identify ads that offer housing, employment, or credit opportunities. When an advertiser attempts to show an ad that Facebook identifies as 182 offering a housing, employment, or credit opportunity and includes Facebook’s multicultural advertising segments, Facebook will disapprove the ad. Facebook also requires advertisers to certify that they are complying with Facebook’s updated anti-discrimination policy and antidiscrimination laws when the advertiser attempts to show a housing, employment, or credit opportunity and uses any other audience segment on Facebook. Question 2. What other uses could this patent possibly have? See Response to Question 1. Equal Pay Day Mr. Zuckerberg, the date you appeared before was Equal Pay Day in America, which symbolizes the number of extra days a typical woman who works full-time, year-round must work into this year to be paid what a typical white man got paid. Women are still only paid 80 cents on the dollar compared to men. It’s estimated that women employed full time in the in the U.S. will lose nearly $900 billion to the wage gap this year. I’m passionate about getting underrepresented folks into the job opportunities that our tech revolution provides, and equal pay goes along with creating those ladders of opportunities. Question 1. Is this an issue you are aware of and active on within your operations? At Facebook, women and men receive equal pay for equal work and have done so for many years. This is an absolute minimum standard for a diverse business such as ours and we continually review our hiring and compensation practices to ensure this remains the case. Compensation at Facebook is made up of base salary, cash bonus or commission, and equity in the company. We work hard to avoid unconscious bias affecting how much people get paid. Managers don’t make decisions about compensation increases—instead, we use a formulaic approach that determines pay based on performance and level. Opportunities for advancement and leadership within the company are also crucial. For our women employees, we run a series of development workshops and training programs designed to provide a strong network of support, along with the tools they need to be the best leaders they can be across different levels in the company. We hold ourselves accountable because this matters to us. In 2017, the number of women employees globally rose from 33 percent to 35 percent and the number of women in technical roles increased from 17 percent to 19 percent. Between 2014 when we first publicly reported our representation data and 2017, the number of women in leadership roles has increased from 23 percent to 28 percent. We are committed to increasing the representation of women at all levels. We know we’re not where we need to be, and we’re committed to making real progress. With a global community of over two billion people on Facebook, greater diversity and inclusivity are critical to achieving our mission. Studies have shown that cognitive diversity on teams that are working on hard problems produces better results. Diversity helps us build better products, make better decisions, and better serve our community. 183 Question 2. Can you provide us confirmation, including figures, that your pay for women matches their male counterparts? See Response to Question 1. Question 3. And that you appropriately compensate all of your employees based on their job title and value to the company? See Response to Question 1. Facebook’s self-regulation of Campaign and Issue Ads & the Honest Ads Act You recently announced that political ads run on Facebook are now going to be subject to heightened transparency requirements, such as including disclaimers stating who paid for the ad, and making it easier for viewers to see the ads that a page is running. I think this is a good first step but there are several questions I have regarding its implementation and how you will enforce this new policy: Question 1. What if you have an organization, let’s call them “XYZ,” who wants to post an issue or political ad, but they have never filed reports with the FEC, they are not registered with the IRS as a nonprofit, and they don’t appear to have a website? We now require more thorough documentation from advertisers who want to run ads with political content. Any person who wants to run one of these ads must upload an identification document and provide the last four digits of their Social Security number. They also must prove residency in the US by providing a residential mailing address. Once they provide the address, we mail a letter with a code that the person must provide to us in order to become authorized to run ads with political content. Question 2. You have said that advertisers running political ads and issue ads will have to be “authorized,” and that Facebook will confirm their identity and location before running ads. What does it mean to “confirm their identity?” See Response to Question 1. Question 3. Walk me through how this ad would be treated under Facebook’s new policies. See Response to Question 1. Question 4. So, this ad will say “paid for by XYZ.” But there is no public record of XYZ, besides the fact that they have a Facebook page. Would you let a mysterious group like this run an ad on Facebook without any further information about who they are? See Response to Question 1. Question 5. Will you require any further verification from this group? See Response to Question 1. 184 Question 6. Will these transparency measures you are discussing tell you who paid the Facebook page to run the ad? In other words, will Facebook disclose the sources of funding for these political ads? Once verified as described above in response to Question 1, these advertisers will have to include a disclosure in these ads, which reads: “Paid for by.” When users click on the disclosure, they will be able to see details about the advertiser. These ads will also all appear in a searchable archive, available at www.facebook.com/politicalcontentads, which includes information about how much the advertiser spent on the ad, how many people saw it, and general demographic information about the people who saw it. Question 7. What if a foreign government gave money to a Facebook page with a U.S. address to run political ads? Would you tell that to viewers? These are real challenges and reflect problems largely outside our control, but we will continue to work to improve our enforcement of ads that violate our policies. Question 8. What if a foreign government gave money to a Facebook page through a series of shell companies or LLCs? See Response to Question 7. Question 9. How will Facebook know who the real donors to this group are? See Response to Question 7. Question 10. How is Facebook defining a “political ad” and an “issue ad” subject to these heightened transparency measures? Our Political Advertising Policy (https://www.facebook.com/policies/ads/restricted_content/political) applies to any ad that: • Is made by, on behalf of or about a current or former candidate for public office, a political party, a political action committee or advocates for the outcome of an election to public office; • Relates to any election, referendum or ballot initiative, including “get out the vote” or election information campaigns; • Relates to any national legislative issue of public importance in any place where the ad is being run; or • Is regulated as political advertising. We further define “national legislative issue of public importance” as including twenty issues. Ads that take a position on one or more of these issues are covered by the policy. To develop this initial list (which we expect to evolve over time), we worked with the non-partisan Comparative Agendas Project and many other stakeholders from across the political spectrum. 185 We determine whether an ad is subject to our Political Advertising policy based on the content of the ad. Question 11. Is the “political ad/issue ad” determination based on the content of a particular ad, or the identity of the advertiser running the ad, or some other criteria? See Response to Question 10. Facebook sells several types of ads, including sponsored ads that appear directly in a user’s newsfeed, and smaller ads that appear on the right column. Studies show that a large volume of political ads from the 2016 election ran in the right column rather than in a user’s newsfeed. Question 12. Will all types of ads sold by Facebook, including smaller ads, be subject to these heightened transparency measures? Yes, all ads with political content will be subject to this policy. Question 13. You mentioned that the disclaimers Facebook is going to implement will say which Facebook page paid for the ad. Will it tell you exactly what organization or individual is behind that page? We require the advertiser to disclose who paid for an ad with political content— regardless of whether that is an individual or an organization. Question 14. Rob Goldman, the Vice President of Ads at your company, indicated that you are working with the “third parties” to develop these parameters. Who are these “third parties?” See Response to Question 11. Question 15. Will these ad transparency measures also apply to state and local elections? Our Political Advertising policy applies to all advertisers running ads with political content. The products we have launched (authorization, disclaimer, and archive) are available to all advertisers running ads with political content to users in the US. Question 16. Will these same measures apply to other platforms owned by Facebook, like Instagram? Yes, the measures will apply to ads with political content shown on Instagram. New Employees-- Content Review In your testimony, you note that Facebook plans to hire an additional 5,000 workers for its security and content review teams, for a total of 20,000 workers by the end of this year. But Facebook first announced the plan for a 20,000 person security team in late October of last year, in response to concerns about Russian interference in the election. 186 Question 1. Given the additional revelations about the role of Cambridge Analytica and other third party apps in compromising the privacy and personal information of at least 87 million users, do you still believe 20,000 is the appropriate level of staffing for Facebook’s security team? Our effort to make our platform safer and more secure is a holistic one that involves a continual evaluation of our personnel, processes, and policies, and we make changes as appropriate. We are doubling the size of our security and content review teams (from 10,000 to 20,000) over the course of this year. We currently have approximately 15,000 people working on these teams. Of that 15,000, more than 7,500 people review content around the world. • Our content review team is global and reviews reports in over 50 languages. • Reports are reviewed 24 hours a day, 7 days a week and the vast majority of reports are reviewed within 24 hours. • Our goal is always to have the right number of skilled people with the right language capabilities to ensure incoming reports are reviewed quickly and efficiently. • We hire people with native language and other specialist skills according to the needs we see from incoming reports. • The team also includes specialists in areas like child safety, hate speech and counterterrorism, software engineers to develop review systems, quality control managers, policy specialists, legal specialists, and general reviewers. We are also using machine learning to better detect and action on content and people that should not be using our platform. For example, we incorporated learnings from interference in previous elections to better detect and stop false accounts from spreading misinformation in more recent elections. We recently shared how we are using machine learning to prevent bad actors like terrorists or scammers from using our platform (https://www.facebook.com/notes/facebooksecurity/introducing-new-machine-learning-techniques-to-help-stopscams/10155213964780766/). We employ a mix of full-time employees, contractors and vendor partners to assist with content review and help us scale globally. We partner with reputable vendors who are required to comply with specific obligations, including provisions for resiliency, support, transparency, and user privacy. 187 Question 2. Will these new security and content review workers be direct employees of Facebook, or do you plan to outsource this work to third party entities? See Response to Question 1. Question 3. If the security review work is outsourced, how will Facebook vet those contractors, subcontractors, and employees and where will those employees be located? See Response to Question 1. Question 4. And how can Facebook assure its users that there will be transparency and accountability for any future breaches of privacy if the company is outsourcing its security work? See Response to Question 1. Future Facebook Technology One of your recent patent is titled “Dynamic eye tracking calibration” and another is called “Techniques for emotion detection and content delivery”. The patent for the eye tracking technology says that “the (eye) calibration process is performed automatically in the background while the user uses a device.” The second patent would use a device’s camera to monitor your emotions and “display content based upon a received emotion type.” Question 1. How does Facebook plan to use this technology? Like many companies, we apply for a wide variety of patents to protect our intellectual property. Right now we’re not building technology to identify people with eye-tracking cameras. However, we’re always exploring how new technologies and methods can improve our services, and eye-based identification is one way that we could potentially reduce consumer friction and add security for people when they log into Oculus or access Oculus content. If we implement this technology in the future, we will absolutely do so with people’s privacy in mind, just as we do with movement information (which we anonymize in our systems). As we continue to develop new virtual reality products and services, we’re committed to being transparent and open about the information that we collect and how we use it, as well as any ways that changes over time. Question 2. Will users be fully aware that their eyes and emotions are being tracked? See Response to Question 1. Question 3. Is Facebook confident is has the proper data security in place to have this intimate level of data on users? See Response to Question 1. 188 Question 4. Facebook has reportedly been developing an in-home digital assistant similar to products like Alexa, will this also be tracking this granular level of data? See Response to Question 1. Question 5. The second patent says that content will be delivered on a person’s perceived emotion type. Couldn’t this be potentially dangerous in amplifying hateful messages? See Response to Question 1. Question 6. If a person focuses on an image of say, a propaganda image of immigrants, will this technology deliver more of this content? See Response to Question 1. China’s Facebook Access In July 2009, the Chinese government blocked Facebook in China. The precise reason for that action remains obscure, but it fits into an overall pattern. The Chinese government is unwilling to allow a social media platform—foreign or domestic—to operate in China unless it agrees to abide by Chinese law. First, a social media platform must agree to censor content and conversations in line with directives from China’s information authorities. And second, businesses that collect data from Chinese individuals can only store that data in China where, presumably, it would be easier for the Chinese government to access, via legal means or otherwise. You’ve made no secret of your desire to see Facebook available once again in China. Question 1. Could you please reveal to the committee whether you are willing to agree to either of these requirements? Because Facebook has been blocked in China since 2009, we are not in a position to know exactly how the government would seek to apply its laws and regulations on content were we permitted to offer our service to Chinese users. Since 2013, Facebook has been a member of the Global Network Initiative (GNI), a multi-stakeholder digital rights initiative. As part of our membership, Facebook has committed to the freedom of expression and privacy standards set out in the GNI Principles—which are in turn based on the Universal Declaration of Human Rights and the United Nations Guiding Principles on Business and Human Rights—and we are independently assessed on our compliance with these standards on a biennial basis. In keeping with these commitments, rigorous human rights due diligence and careful consideration of free expression and privacy implications would constitute important components of any decision on entering China. Facebook has been blocked in China since 2009, and no decisions have been made around the conditions under which any possible future service might be offered in China. Question 2. And will Facebook pledge to guarantee its future Chinese users the same level of privacy protection it gives its users in the U.S. and the European Union? 189 Everyone in the world deserves good privacy protection. Consent Agreement Question 1. The FTC consent agreement with Facebook requires an independent, biennial audit of Facebook’s privacy controls—when exactly have those audits been conducted, and what were the results? To date, three independent privacy assessments prepared by PwC have been completed and submitted to the FTC: a 180-Day Assessment (dated April 16, 2013), a biennial privacy assessment covering the period between February 12, 2013 and February 11, 2015 (dated April 13, 2015), and a biennial privacy assessment covering the period between February 12, 2015 and February 11, 2017 (dated April 12, 2017). In each of these assessments, PwC determined that Facebook’s privacy controls were operating with sufficient effectiveness to protect the privacy information covered under the FTC Consent Order. Question 2. Did Facebook inform any of its auditors of the Cambridge Analytica data leak? Did any of Facebook’s auditors know about the Cambridge Analytic data leak? Facebook routinely undertakes internal and external reviews, including undergoing biennial assessments under Facebook’s consent agreement with the Federal Trade Commission, which focus on the functioning of privacy controls that are part of Facebook’s privacy program. As a part of the assessments, our independent assessors (PwC) have onsite access to our personnel and records, and we provide them with such access to information and personnel as they request in order to perform their work. PwC is also permitted to conduct a number of tests to determine whether the privacy controls in place under our privacy program—including controls relating to developer’s access to information—are working properly. In its capacity as independent assessor, PwC evaluates the sufficiency of our controls through independent testing and requesting information that we provide to conduct that evaluation. Their focus is on evaluating the operation and sufficiency of our controls, rather than specific incidents. Kogan’s violation of Facebook’s Platform Policies was widely reported at the time Facebook learned about it, including reporting in The Guardian on December 11, 2015, which reported that Kogan and his company, GSR, may have passed information Kogan’s app had obtained from Facebook users to SCL Elections Ltd. No data was transferred to Kogan’s app unless it was authorized by the users who installed his app, so there was not a data leak from Facebook’s systems. However, based on public reports and testimony, it appears that Kogan may have improperly transferred data to Cambridge Analytica in violation of our policies. Question 3. Does Facebook choose which policies and procedures the auditors look at? Please explain in detail how these policies and procedures are chosen? Does the 3rd party auditor have any say on what policies and procedures are examined? Does the FTC have any input on how an audit is structured? Facebook’s privacy assessments are conducted pursuant to the July 27, 2012 Consent Order. They are conducted by an independent third-party professional (PwC) pursuant to the procedures and standards generally accepted in the profession and required by the FTC, as set forth in the Consent Order. Facebook incorporated GAPP principles in designing its privacy 190 program and related controls, which are considered industry leading principles for protecting the privacy and security of personal information. Facebook provided the FTC with summaries of these controls and engaged extensively with the FTC regarding the structure of its privacy program. Facebook has submitted copies of each assessment to the FTC. Question 4. Will Facebook commit to making the entirety of PwC audit submitted to the Federal Trade Commission in 2017 public? If not, please describe in detail why. The privacy assessments conducted by PwC contain both Facebook’s and PwC’s sensitive business information that are confidential in order to prevent competitive harm and to ensure the integrity of Facebook’s privacy program, including the steps that we take to protect people’s information. We have furnished these reports to the FTC and are prepared to review the reports with regulators and lawmakers with appropriate assurances that confidential information or information that could be exploited to circumvent Facebook’s privacy protections will not be disclosed publicly. Question 5. During the negotiations with the FTC in 2011, were you asked by them to remove the capability to expose friends from having their data utilized without their direct permission? We furnished extensive information to the FTC regarding the ability for users to port their Facebook data (including friends data that had been shared with them) with apps on Facebook’s platform, as part of the FTC’s investigation culminating in the July 27, 2012 Consent Order. The Consent Order memorializes the agreement between Facebook and did not require Facebook to turn off the ability for people to port friends data that had been shared with them on Facebook to apps they used. Facebook voluntarily changed this feature of Platform in 2014, however. It is worth noting that in 2011, Facebook offered more control and protection over the availability of friends data to apps than any other digital platform at the time, including mobile app platforms, which generally permitted apps to access user data and their friends’ data without consent or any control. By contrast, Facebook notified users of each category of data an app could access—including friends data—before the user consented to the app, and also provided all users with controls that would prevent their friends from sharing their data with apps on Facebook’s platform. Hospital Data Sharing Project It was reported by CNBC on April 5 that your company was in talks with top hospitals and other medical groups as recently as March 2018 about a proposal to share data you possess with the patients. As of now, the project is reportedly “on hiatus” so that Facebook can do a better job of protecting individuals’ data. Question 1. Please provide us the specific privacy concerns Facebook has with compiling your users’ data with medical data possessed by the hospitals? The medical industry has long understood that there are general health benefits to having a close-knit circle of family and friends. But deeper research into this link is needed to help 191 medical professionals develop specific treatment and intervention plans that take social connection into account. With this in mind, last year Facebook began discussions with leading medical institutions, including the American College of Cardiology and the Stanford University School of Medicine, to explore whether scientific research using fully-anonymized Facebook data could help the medical community advance our understanding in this area. This work has not progressed past the planning phase, and we have not received, shared, or analyzed anyone’s data. In March, we decided that we should pause these discussions so we can focus on other important work, including doing a better job of protecting people’s data and being clearer with them about how that data is used in our products and services. Question 2. Would you share any internal documents that led Facebook to put this project on hiatus? See Response to Question 1. Data Details & FB Messenger Data Based on the FTC-Facebook consent order, your company collects a great deal of personal information on its users including—the location (e.g., city or state), age, sex, birthday, “Interested in” responses (i.e. whether a user is interested in men or women), Relationship Status, Likes and Interests, Education (e.g., level of education, current enrollment in high school or college, affiliation with a particular college, and choice of major in college), and name of employer of individuals. Question 1. Do you collect any other specific information you have on individual Facebook users? In response to your specific questions, depending on which Services a person uses, we collect different kinds of information from or about them. This is described in our Data Policy: • Things you and others do and provide. Information and content you provide. We collect the content, communications and other information you provide when you use our Products, including when you sign up for an account, create or share content, and message or communicate with others. This can include information in or about the content you provide (like metadata), such as the location of a photo or the date a file was created. It can also include what you see through features we provide, such as our camera, so we can do things like suggest masks and filters that you might like, or give you tips on using camera formats. Our systems automatically process content and communications you and others provide to analyze context and what’s in them for the purposes described below. Learn more about how you can control who can see the things you share. o Data with special protections: You can choose to provide information in your Facebook profile fields or Life Events about your religious views, political views, who you are “interested in,” or your health. This and other 192 information (such as racial or ethnic origin, philosophical beliefs or trade union membership) could be subject to special protections under the laws of your country. • Networks and connections. We collect information about the people, Pages, accounts, hashtags, and groups you are connected to and how you interact with them across our Products, such as people you communicate with the most or groups you are part of. We also collect contact information if you choose to upload, sync or import it from a device (such as an address book or call log or SMS log history), which we use for things like helping you and others find people you may know and for the other purposes listed below. • Your usage. We collect information about how you use our Products, such as the types of content you view or engage with; the features you use; the actions you take; the people or accounts you interact with; and the time, frequency and duration of your activities. For example, we log when you’re using and have last used our Products, and what posts, videos and other content you view on our Products. We also collect information about how you use features like our camera. • Information about transactions made on our Products. If you use our Products for purchases or other financial transactions (such as when you make a purchase in a game or make a donation), we collect information about the purchase or transaction. This includes payment information, such as your credit or debit card number and other card information; other account and authentication information; and billing, shipping and contact details. • Things others do and information they provide about you. We also receive and analyze content, communications and information that other people provide when they use our Products. This can include information about you, such as when others share or comment on a photo of you, send a message to you, or upload, sync, or import your contact information. • Device Information. As described below, we collect information from and about the computers, phones, connected TVs and other web-connected devices you use that integrate with our Products, and we combine this information across different devices you use. For example, we use information collected about your use of our Products on your phone to better personalize the content (including ads) or features you see when you use our Products on another device, such as your laptop or tablet, or to measure whether you took an action in response to an ad we showed you on your phone on a different device. Information we obtain from these devices includes: o Device attributes: information such as the operating system, hardware and software versions, battery level, signal strength, available storage space, browser type, app and file names and types, and plugins. 193 o Device operations: information about operations and behaviors performed on the device, such as whether a window is foregrounded or backgrounded, or mouse movements (which can help distinguish humans from bots). o Identifiers: unique identifiers, device IDs, and other identifiers, such as from games, apps or accounts you use, and Family Device IDs (or other identifiers unique to Facebook Company Products associated with the same device or account). o Device signals: Bluetooth signals, and information about nearby Wi-Fi access points, beacons, and cell towers. o Data from device settings: information you allow us to receive through device settings you turn on, such as access to your GPS location, camera, or photos. o Network and connections: information such as the name of your mobile operator or ISP, language, time zone, mobile phone number, IP address, connection speed and, in some cases, information about other devices that are nearby or on your network, so we can do things like help you stream a video from your phone to your TV. o Cookie data: data from cookies stored on your device, including cookie IDs and settings. Learn more about how we use cookies in the Facebook Cookies Policy (available at https://www.facebook.com/policies/cookies/) and Instagram Cookies Policy (available at https://www.instagram.com/legal/cookies/). • Information from partners. Advertisers, app developers, and publishers can send us information through Facebook Business Tools they use, including our social plug-ins (such as the Like button), Facebook Login, our APIs and SDKs, or the Facebook pixel. These partners provide information about your activities off Facebook— including information about your device, websites you visit, purchases you make, the ads you see, and how you use their services—whether or not you have a Facebook account or are logged into Facebook. For example, a game developer could use our API to tell us what games you play, or a business could tell us about a purchase you made in its store. We also receive information about your online and offline actions and purchases from third-party data providers who have the rights to provide us with your information. Partners receive your data when you visit or use their services or through third parties they work with. We require each of these partners to have lawful rights to collect, use, and share your data before providing any data to us. Question 2. Are you tracking and collecting information and data from within your messenger chat tool? If so, what specific data are you collecting? See Response to Question 1. 194 Question 3. What about your other platforms, like Instagram, what type of data are you tracking there? Our Instagram Data Policy describes the data we collect and is available at https://help.instagram.com/519522125107875. Question 4. Are you preserving broad and full conversations? See Response to Questions 1 and 3. Question 5. Is that something you would have available to provide law enforcement? We reach out to law enforcement if we learn of content that we believe reflects a credible threat of imminent harm. We have been able to provide support to authorities around the world that are responding to the threat of terrorism, including in cases where law enforcement has been able to disrupt attacks and prevent harm. Further, as part of official investigations, government officials sometimes request data about people who use Facebook. We have strict processes in place to handle these government requests, and we disclose account records in accordance with our terms of service and applicable law. We publish more information on the standards that govern our release of information to law enforcement in our Law Enforcement Guidelines at https://www.facebook.com/safety/groups/law/guidelines/, and release statistics on the frequency with which we receive and comply with law enforcement requests at https://transparency.facebook.com/. Data Protection on Facebook Question 1. Has Facebook ever launched a feature that had to be turned off because of the privacy implications? Protecting people’s information is at the heart of everything we do, and as our CEO has recently stated, we are serious about doing what it takes to protect our community. We have developed extensive systems and processes that are designed to protect our data and user data, to prevent data loss, to disable undesirable accounts and activities on our platform, and to prevent or detect security breaches. In addition to comprehensive privacy reviews, we put products through rigorous data security testing. We also meet with regulators, legislators, and privacy experts around the world to get input on our data practices and policies. At Facebook, we make decisions about privacy through a cross-functional, crossdisciplinary effort that involves participants from departments across the company. This process is a collaborative approach to privacy that seeks to promote strong privacy protections and sound decision making at every stage of the product development process. Our privacy program is responsible for reviewing product launches, major changes, and privacy-related bug fixes to products and features to ensure that privacy policies and procedures are consistently applied and that key privacy decisions are implemented for the product. This approach has several key benefits. 195 • First, it is designed to consider privacy early in the product development process. This allows us to consider the benefits that a feature is intended to have for people who use our services, how data will be used to deliver those benefits, and how we can build features from the ground up that include privacy protections to enable those benefits while protecting people’s information and putting them in control. • Second, while complying with our obligations is critically important, taking a crossdisciplinary approach to privacy encourages us to think about data protection as more than just a compliance exercise. Instead, we evaluate how to design privacy into the features that we build, and consider this from the perspective of things like how we design interfaces that make data use intuitive, taking a consistent approach to privacy across our services, and building protections in how our software is engineered. Accordingly, while we scale our privacy review process depending on the complexity of a particular data use, reviews typically involve experts who evaluate proposed data practices from the perspective of multiple disciplines. As part of our consent agreement with the Federal Trade Commission, we submit a report to the FTC every two years. That report is based on assessments conducted by an independent third party on a biennial basis, which require us to submit evidence to demonstrate the effectiveness of the program. Question 2. If so, how many times has that happened, and how many users were impacted? See Response to Question 1. Question 3. Did you notify the users who were impacted? See Response to Question 1. Facebook tracking software: Question 1. How many websites have Facebook tracking software on them? Facebook does not publish tracking software. When people visit apps or websites that feature our technologies—like the Facebook Like or Comment button—our servers automatically log (i) standard browser or app records of the fact that a particular device or user visited the website or app (this connection to Facebook’s servers occurs automatically when a person visits a website or app that contains our technologies, such as a Like button, and is an inherent function of Internet design); and (ii) any additional information the publisher of the app or website chooses to share with Facebook about the person’s activities on that site (such as the fact that a purchase was made on the site). This is a standard feature of the Internet, and most websites and apps share this same information with multiple different third-parties whenever people visit their website or app. For example, the Senate Commerce Committee’s website shares information with Google and its affiliate DoubleClick and with the analytics company Webtrends. This means that, when a person visits the Committee’s website, it sends browser information about their visit to each one of those third parties. More information about how this works is available at https://newsroom.fb.com/news/2018/04/data-off-facebook/. 196 During the week prior to April 16, 2018, on sites that use Facebook services, the Like button appeared on 8.4 million websites, the Share button on 931,000 websites covering 275 million webpages, and there were 2.2 million Facebook pixels installed on websites. Question 2. What percentage of all internet sites have Facebook tracking software? See Response to Question 1. Question 3. Do you track users even when they are logged out from Facebook? When people visit apps or websites that feature our technologies—like the Facebook Like or Comment button—our servers automatically log (i) standard browser or app records of the fact that a particular device or user visited the website or app (this connection to Facebook’s servers occurs automatically when a person visits a website or app that contains our technologies, such as a Like button, and is an inherent function of Internet design); and (ii) any additional information the publisher of the app or website chooses to share with Facebook about the person’s activities on that site (such as the fact that a purchase was made on the site). (See https://www.facebook.com/policies/cookies). This is a standard feature of the Internet, and most websites and apps share this same information with multiple different third-parties whenever people visit their website or app. For example, the Senate Commerce Committee’s website shares information with Google and its affiliate DoubleClick and with the analytics company Webtrends. This means that, when a person visits the Committee’s website, it sends browser information about their visit to each one of those third parties. More information about how this works is available at https://newsroom.fb.com/news/2018/04/data-off-facebook/. When the person visiting a website featuring Facebook’s tools is not a registered Facebook user, Facebook does not have information identifying that individual, and it does not create profiles for this individual. We use the browser and app logs that apps and websites send to us in the following ways for non-Facebook users. First, these logs are critical to protecting the security of Facebook and to detecting or preventing fake account access. For example, if a browser has visited hundreds of sites in the last five minutes, that’s a sign the device might be a bot, which would be an important signal of a potentially inauthentic account if that browser then attempted to register for an account. Second, we aggregate those logs to provide summaries and insights to websites and apps about how many people visit or use their product, or use specific features like our Like button—but without providing any information about a specific person. We do not create profiles for non-Facebook users, nor do we use browser and app logs for non-Facebook users to show targeted ads from our advertisers to them or otherwise seek to personalize the content they see. However, we may take the opportunity to show a general ad that is unrelated to the attributes of the person or an ad encouraging the non-user to sign up for Facebook. When the individual is a Facebook user, we are also able to use this information to personalize their experiences on Facebook, whether or not they are logged out, but we will not target ads to users relying on this information unless the user allows this in their privacy settings. We do not sell or share this information with third parties. 197 Question 4. Do you collect data on people who have chosen not to use Facebook? See Response to Question 3. Question 5. How is this data used? See Response to Question 3. Question 6. Does it inform a user’s “interests” on Facebook? See Response to Question 3. Question 7. If it does inform a user’s “interests”, was any of the data collected passively from users while they were browsing sites outside of Facebook passed to Cambridge Analytica? No. Kogan’s app did not have access to advertising interests data or browser logs. Question 8. When the option or opportunity was previously available for folks to get the user data of individuals’ friends, what was the total pool of data points one could obtain of friends, or was it all the exact same? In April 2014, we announced that we would more tightly restrict our platform APIs to prevent abuse. At that time we made clear that existing apps would have a year to transition -- at which point they would be forced (1) to migrate to the more restricted API and (2) be subject to Facebook's new review and approval protocols. A small number of developers asked for and were granted short-term extensions beyond the one-year transition period, the longest of which lasted several months. These extensions ended several years ago. A transition period of this kind is standard when platforms implement significant changes to their technology base and was necessary here to avoid disrupting the experience of millions of people. New apps that launched after April 30, 2014 were required to use our more restrictive platform APIs, which incorporated several key new elements, including: • Institution of a review and approval process, called App Review (also called Login Review), for any app seeking to operate on the new platform that would request access to data beyond the user’s own public profile, email address, and a list of friends of the user who had installed and authorized the same app; • Generally preventing new apps on the new platform from accessing friends data without review; and • Providing users with even more granular controls over their permissions as to what categories of their data an app operating on the new platform could access. Our investigation is ongoing and as part of it we are taking a close look at applications that had access to friends data under Graph API v.1.0 before we made technical changes to our platform to change this access. 198 Question 9. Why did you change the policy of getting access to friends back in 2015? See Response to Question 8. Quality Assurance - Policy changes within the company Question 1. What kind of privacy review is required to make a change to the Facebook platform? See Response to Question 1 under “Data Protection on Facebook.” Question 2. Is this review of platform changes mandatory? If so, when did that level of review become mandatory? See Response to Question 1 under “Data Protection on Facebook.” Question 3. Before that level of review was required, what checks were in place to ensure that new features wouldn’t adversely impact users’ privacy? See Response to Question 1 under “Data Protection on Facebook.” Question 4. What level of employee seniority was required of employees to approve a launch of such a privacy-impacting feature? For example, have you ever let an intern make changes that impact people’s privacy? See Response to Question 1 under “Data Protection on Facebook.” The Cambridge Analytica Data Question 1. Given the confessions made in undercover clips, and the means by which Cambridge Analytica obtained and used Facebook data, would you ever allow them broad access to your platform’s user data again? No. Facebook banned Cambridge Analytica from our service. We understand that the company is now defunct. Question 2. Do you believe they have violated the Federal Trade Commission Act and its broad prohibition against “unfair and deceptive acts and practices” by misrepresenting the terms of their Facebook app? Facebook has not violated the Federal Trade Commission Act. Facebook is not in a position to determine whether third-party app developers violated the Act and leaves that determination to the FTC, although we can confirm that misrepresenting the terms of an app to users is a violation of Facebook’s developer policies. Question 3. Previously, would you request an app developer or academic researcher outline any contractual or other association with outside entities - such as foreign nationals or states, or other potentially dangerous private operations? Are you doing so now? 199 In November 2013, when Kogan’s app first became active on the platform, apps generally could be launched on the Facebook Platform without affirmative review or approval by Facebook. Kogan’s app used the Facebook Login service, which allowed users to utilize their Facebook credentials to authenticate themselves to third-party services. Facebook Login and Facebook’s Graph API also allowed Kogan’s app to request permission from its users to access certain categories of data that users had entered into their Facebook profiles, as well as certain data their friends had shared with them, if enabled by these friends’ privacy settings. The App Review process introduced in 2014 requires developers who create an app that asks for more than certain basic user information from installers to justify the data they are looking to collect and how they are going to use it. Facebook then reviews whether the developer has a legitimate need for the data in light of how the app functions. Only if approved following such review can the app ask for users’ permission to get their data. Facebook has rejected more than half of the apps submitted for App Review between April 2014 and April 2018. We are in the process of investigating every app that had access to a large amount of information before we changed our Platform in 2014. Where we have concerns, we will conduct interviews, make requests for information (RFI)—which ask a series of detailed questions about the app and the data it has access to—and perform audits that may include on-site inspections. If we determine that there has been improper use of data, we will ban those developers and notify everyone affected. Facebook is launching the Data Abuse Bounty to reward people who report any misuse of data by app developers. The Data Abuse Bounty, inspired by the existing bug bounty program that we use to uncover and address security issues, will help us identify violations of our policies. Further, Facebook’s Platform Policy makes clear to app developers the relevant requirements regarding users’ privacy that apply to apps operating on the Platform, including the requirements to give users choice and control, and to respect user privacy. Application developers explicitly agree to Facebook’s Statement of Rights and Responsibilities and Platform Policy when they set up their Facebook accounts. The Platform Policy imposes a variety of obligations on app developers regarding the features, functionality, data collection and usage, and content for apps on the Platform, as well as Facebook’s right to take enforcement action if an application violates the Platform Policy. Prior to the introduction of App review in 2014, the Facebook Platform Policy, included provisions to the following effect: • Give People Control: Section 2(8): Delete all of a person’s data you have received from us (including friend data) if that person asks you to . . . . • Protect Data: Section 3(3): Only use friend data (including friends list) in the person’s experience in your app. • Protect Data: Section 3(10): Don’t transfer any data you receive from us (including anonymous, aggregate, or derived data) to any ad network, data broker or other advertising or monetization‐related service. 200 • Login: Section 7(4): Request only the data and publishing permission your app needs. The Platform Policy also outlined the actions Facebook could take for violations of the policy: • Things You Should Know: Section 6(8): We can audit your app to ensure it is safe and does not violate our terms. If requested, you must provide us with proof that your app complies with our terms. • Things You Should Know: Section 6(15): We may enforce against your app or web site if we conclude that your app violated our terms or is negatively impacting the Platform. We may or may not notify you in advance. • Things You Should Know: Section 6(16): Enforcement is both automated and manual, and can include disabling your app, restricting you and your app’s access to Platform functionality, requiring that you delete data, terminating agreements with you or any other action we deem appropriate. Question 4. Do you know exactly how much Kogan profited from the data he provided to Cambridge Analytica and any other entities? GSR certified to Facebook that it received payments totaling approximately 750,000 GBP from SCL for services relating to Kogan’s modeling and use of data gathered by his app. The certification also stated that Kogan used the proceeds to operate GSR. Recently, Kogan has stated publicly that the above payment came from SCL. Kogan has also recently testified to the UK Parliament that GSR received additional payments not reflected in his certification to Facebook. Question 5. From your understanding, was Kogan on payroll with Cambridge Analytica when he ran the personality app on Facebook? Kogan has testified that he was not on Cambridge Analytica’s payroll when he shared data and provided services to Cambridge Analytica. Rather, Kogan testified that he owned GSR, which entered into an agreement with Cambridge Analytica to provide it with services relating to certain Facebook data. Question 6. Did Facebook make any attempt to pro-actively contact the 87 million users you say had their data harvested by Cambridge Analytica in the more than two years after you were alerted to the breach? If not, why not? When Facebook learned about Kogan’s breach of Facebook’s data use policies in December 2015, we took immediate action. We retained an outside firm to assist in investigating Kogan’s actions, to demand that Kogan and each party he had shared data with delete the data and any derivatives of the data, and to obtain certifications that they had done so. Because Kogan’s app could no longer collect most categories of data due to changes in Facebook’s platform, the company’s highest priority at that time was ensuring deletion of the data that 201 Kogan may have accessed before these changes took place. With the benefit of hindsight, we wish we had notified people whose information may have been impacted. Facebook has since notified all people potentially impacted with a detailed notice at the top of their News Feed. Question 7. Why did Facebook hire Joseph Chancellor, who was the business partner of Aleksandr Kogan, around the same time as the Guardian article alerted you to the violation of your policies? Mr. Chancellor is a quantitative researcher on the User Experience Research team at Facebook, whose work focuses on aspects of virtual reality. We are investigating Mr. Chancellor’s prior work with Kogan through counsel. Question 8. Why do you continue to employ him to this day? See Response to Question 7. Question 9. Did any of the Facebook employees who were embedded with the Trump presidential campaign have any sense that they were helping target ads with data that was obtained through these disreputable means? While our investigation is ongoing, our review indicates that Facebook employees did not identify any issues involving the improper use of Facebook data in the course of their interactions with Cambridge Analytica during the 2016 US Presidential campaign. No one from Facebook was assigned full time to the Trump campaign. Question 10. Is there no way any red flags would have arisen from how either good the targeting data was, or the way they were using it? We expect that advertisers will use targeted advertising, and many political campaigns use custom audiences. The fact that a campaign used a custom audience and the performance of that audience would not normally be an indicator of any wrongdoing. Question 11. To your knowledge, what foreign actors or entities may have accessed the same level of data that Cambridge Analytica has utilized? Kogan represented that, in addition to providing data to his Prosociality and Well-Being Laboratory at the University of Cambridge for the purposes of research, GSR provided some Facebook data to SCL Elections Ltd., Eunoia Technologies, and the Toronto Laboratory for Social Neuroscience at the University of Toronto. Our investigation is ongoing. Russia Facebook has downplayed the reach of Russian advertising during the 2016 election. But the company’s main business model is based on giving ads and posts prominence in the feeds of well-targeted users. 202 Question 1. Has Facebook performed any analyses that looks at smaller groups of people and how effective those ads were against targeted groups? If so, can Facebook share that information? We learned from press accounts and statements by congressional leaders that Russian actors might have tried to interfere in the 2016 election by exploiting Facebook’s ad tools. This is not something we had seen before, and so we started an investigation. We found that fake accounts associated with the IRA spent approximately $100,000 on around 3,500 Facebook and Instagram ads between June 2015 and August 2017. Our analysis also showed that these accounts used these ads to promote the roughly 120 Facebook Pages they had set up, which in turn posted more than 80,000 pieces of content between January 2015 and August 2017. The Facebook accounts that appeared tied to the IRA violated our policies because they came from a set of coordinated, inauthentic accounts. We shut these accounts down and began trying to understand how they misused our platform. We shared the ads we discovered with Congress, in a manner that is consistent with our obligations to protect user information, to help government authorities complete the vitally important work of assessing what happened in the 2016 election. Question 2. Do your company’s records show that Russia-backed ads and posts reached a higher number of people in certain states or regions of the United States? Approximately 25 percent of the ads that we’ve identified and turned over to the committee were geographically targeted to a region smaller than the United States. The ads (along with the targeting information) are publicly available at https://democratsintelligence.house.gov/facebook-ads/social-media-advertisements.htm. Question 3. If so, how responsive were Facebook users in those targeted regions to the Russian posts and ads? Below is an overview of our analysis to date of the IRA’s ads: • • Impressions (an “impression” is how we count the number of times something is on screen, for example this can be the number of times something was on screen in a person’s News Feed) o 44 percent of total ad impressions were before the US election on November 8, 2016. o 56 percent of total ad impressions were after the election Reach (the number of people who saw a story at least once): o • We estimate 11.4 million people in the US saw at least one of these ads between 2015 and 2017. Ads with zero impressions: 203 o • • Roughly 25 percent of the ads were never shown to anyone. That’s because advertising auctions are designed so that ads reach people based on relevance, and certain ads may not reach anyone as a result. Amount spent on ads: o For 50 percent of the ads, less than $3 was spent. o For 99 percent of the ads, less than $1,000 was spent. o Many of the ads were paid for in Russian currency, though currency alone is a weak signal for suspicious activity. Content of ads: o Most of the ads appear to focus on divisive social and political messages across the ideological spectrum, touching on topics from LGBT matters to race issues to immigration to gun rights. o A number of the ads encourage people to follow Pages on these issues, which in turn produced posts on similarly charged subjects. We estimate that roughly 29 million people were served content in their News Feeds directly from the IRA’s 80,000 posts over the two years. Posts from these Pages were also shared, liked, and followed by people on Facebook, and, as a result, three times more people may have been exposed to a story that originated from the Russian operation. Our best estimate is that approximately 126 million people may have been served content from a Page associated with the IRA at some point during the two-year period. This equals about four-thousandths of one percent (0.004%) of content in News Feed, or approximately 1 out of 23,000 pieces of content. While our data on Instagram is less complete, we believe another 16 million saw the IRA’s Instagram posts starting in October 2016. Prior to that time, when our data is less incomplete, we believe another 4 million people may have seen this content. Question 4. When did anyone at Facebook become aware that Russians or other foreign nationals were running ads in connection with the election? See Response to Question 1. Question 5. What happened with that information and what was done? See Response to Question 1. FEC Question 1. Has anyone raised or approached you about potential infractions of any election laws that obtaining or using Facebook’s data might be linked to including Cambridge Analytica’s use of Facebook data? 204 We have a compliance team that trains our sales representatives to comply with all federal election law requirements in this area. We also have processes designed to identify inauthentic and suspicious activity and we also maintain a sanctions compliance program to screen advertisers and paid app developers. Facebook’s denied party screening protocol involves checking paid app developers and advertisers against applicable denied party listings. Those screened remain in an on-going monitoring portfolio and are screened against changes to applicable denied party listings. Moreover, our payments subsidiaries file Suspicious Activity Reports on developers of certain apps as appropriate. However, like other offline and online companies, Facebook has limited insight into the use of shell corporations or other sophisticated structures that may disguise the true buyer. In addition, the general challenge of attributing online activities to specific governments or organizations is widely recognized in the intelligence and law enforcement communities. Question 2. We are now learning that there is reason to believe that Cambridge Analytica and its foreign national employees participated in the decision making of its U.S. political committee clients, possibly in violation of our campaign finance law.8 What steps will you take to determine whether the companies behind political or issue ads posted on Facebook are not in violation of our campaign finance laws? See Response to Question 1. Question 3. Will you undergo this examination before these ads are allowed to be posted on your platform? See Response to Question 1. Technological Capabilities or Limitations to Protecting Data Question 1. Is it fair to say that not only were you not vigilant in following up or tracking those who have assessed Facebook’s data, but that you have no technical solutions to track data activity once it’s outside your network, such as specialty whether it’s properly deleted? We use a variety of tools to enforce Facebook policies against violating parties, including developers. We review tens of thousands of apps per year and regularly disapprove noncompliant apps as part of our proactive review process. We also use tools like cease and desist letters, account suspensions, letter agreements, and civil litigation. For example, since 2006, Facebook has sent over 1,150 cease-and-desist letters to over 1,600 targets. In 2017, we took action against about 370,000 apps, ranging from imposing certain restrictions to removal of the app from the platform. Moreover, we have required parties who have procured our data without authorization to delete that data. We have invested significant resources in these efforts. Facebook is presently investigating apps that had access to large amounts of information before we changed our platform policies in 2014 to significantly reduce the data apps could access. To date, around 200 apps (from a handful of developers: Kogan, AIQ, Cube You, the Cambridge Psychometrics 8 http://fortune.com/2018/03/26/watchdog-alleges-cambridge-analytica-violated-election-law/ 205 Center, and myPersonality) have been suspended pending a thorough investigation into whether they did in fact misuse any data. Question 2. Or at least without a formal deep audit? See Response to Question 1. Question 3. What are the specific aspects of a formal audit, including the technical capabilities? With respect to our audit of all apps that had access to large amounts of information before we changed our platform policies in 2014, where we have concerns that data may have been shared outside the app in violation of our policies, we will conduct interviews, make requests for information (RFI)—which ask a series of detailed questions about the app and the data it has access to—and perform audits that may include on-site inspections. Question 4. And still with an audit, can you clarify what level of detail you have or could find misuse from someone? See Response to Question 3. It’s being reported, and opined by others in your field, including former employees of yours, that it’s notoriously difficult to track down and secure personal information once it has been unleashed. Question 1. So that makes it all the more important to be vigilant on the front end, no? In April 2014, we announced that we would more tightly restrict our platform APIs to prevent abuse. At that time we made clear that existing apps would have a year to transition—at which point they would be forced (1) to migrate to the more restricted API and (2) be subject to Facebook's new review and approval protocols. A small number of developers asked for and were granted short-term extensions beyond the one-year transition period, the longest of which lasted several months. These extensions ended several years ago. A transition period of this kind is standard when platforms implement significant changes to their technology base and was necessary here to avoid disrupting the experience of millions of people. New apps that launched after April 30, 2014 were required to use our more restrictive platform APIs. We required apps seeking additional categories of data to undergo proactive review by our internal teams. We rejected more than half of the apps seeking these permissions, including the second version of Kogan’s app. We review apps to ensure that the requested permissions clearly improve the user experience and that the data obtained is tied to an experience within the app. We conduct a variety of manual and automated checks of applications on the platform for Policy compliance, as well as random sampling. When we find evidence of or receive allegations of violations, we investigate and, where appropriate, employ a number of measures, including restricting applications from our platform, preventing developers from building on our platform in the future, and taking legal action where appropriate. 206 Recently, we announced a number of additional steps we’re taking to address concerns raised by Kogan’s app. • Review our platform. We will investigate all apps that had access to large amounts of data before the platform changes we announced in 2014, and we will audit any app where we identify suspicious activity. If we identify misuses of data, we’ll take immediate action, including banning the app from our platform and pursuing legal action if appropriate. • Tell people about data misuse. We will tell people about apps that have misused their data. This includes building a way for people to know if their data might have been accessed via the app. Moving forward, if we remove an app for misusing data, we will tell everyone who used it. • Turn off access for unused apps. If someone has not used an app within the last three months, we will turn off the app’s access to their data. • Restrict Facebook Login data. We are changing Login, so that the only data that an app can request without app review will include name, profile photo, and email address. Requesting any other data will require approval from Facebook. We will also no longer allow apps to ask for access to information like religious or political views, relationship status and details, custom friends lists, education and work history, fitness activity, book reading and music listening activity, news reading, video watch activity, and games activity. We will encourage people to manage the apps they use. We already show people what apps their accounts are connected to and allow them to control what data they’ve permitted those apps to use. But we’re making it easier for people to see what apps they use and the information they have shared with those apps. • Reward people who find vulnerabilities. We launched the Data Abuse Bounty program so that people can report to us any misuses of data by app developers. • Update our policies. We have updated our terms and Data Policy to explain how we use data and how data is shared with app developers. Question 2. How much do you anticipate Facebook will be investing in your investigations or audits into app developers, and others who have had access to user data? How much value would you estimate that Facebook has lost through this latest string of controversies, and the Cambridge Analytica data security issue? We are investing so much in security that our costs will increase significantly. But we want to be clear about what our priority is: protecting our community is more important than maximizing our profits. Question 3. And how much personally to do suspect you’ve lost? See Response to Question 2. 207 Question 4. What personal data of yours, or say your wife’s, is available or exploitable on any of the platforms you run? Mark Zuckerberg’s data was among the data that was shared with Kogan’s app, which may have been improperly shared with Cambridge Analytica. Question 5. Seems like millions, or even billions, spent earlier and being proactively protective would, or could have, saved tens of billions overall, wouldn’t you agree? See Response to Question 1. Question 6. Do you think there’s enough accountability at all levels within Facebook, including for yourself, Ms. Sandberg, others in senior positions? As our CEO Mark Zuckerberg has said, when you are building something unprecedented like Facebook, there are going to be mistakes. What people should hold us accountable for is learning from the mistakes and continually doing better—and, at the end of the day, making sure that we’re building things that people like and that make their lives better. The Washington Post has reported that Mr. Kogan says that none of the data that was taken for research purposes in 2013 was provided to Cambridge Analytica. He says that after he began working with Cambridge Analytica, he sent out a new survey to Facebook users, with new terms of service that allowed for broad uses of the data. That new survey app collected data from nearly 300,000 Facebook users and captured data on 30 million of their friends. He says he has deleted all the data that he obtained from Facebook. Question 1. Can Facebook prove all of this as fact or fiction? On December 11, 2015, The Guardian published an article reporting that Kogan and his company, GSR, may have passed information his app had obtained from Facebook users to SCL Elections Ltd. (SCL)/Cambridge Analytica. By doing so, Kogan and his company violated Facebook’s Platform Policies, which explicitly prohibited selling or licensing user data accessed from Facebook and from sharing any user data accessed from Facebook with any ad network, data broker, or other advertising or monetization-related service. For this reason, Facebook immediately banned his app from our platform and launched an investigation into these allegations. Kogan signed a certification declaring that he had deleted all data that he obtained through his app and obtained certifications of deletion from others he had shared data with, including Cambridge Analytica. In March 2018, new allegations surfaced that Cambridge Analytica may not have deleted data as it had represented. Our investigation of these matters is ongoing. Facebook’s Definition and Regulatory Positions Question 1. Do you believe you are an actual media entity now? Facebook does not create or edit the content that users share on its Platform, although we do take steps to arrange, rank and distribute that content to those who are most likely to be 208 interested in it, or to remove objectionable content from our service. These activities are protected functions under Communications Decency Act Section 230 and the First Amendment. Question 2. Are you solely a tech company? We are, first and foremost, a technology company. Facebook does not create or edit the content that our users published on our platform. While we seek to be a platform for a broad range of ideas, we do moderate content in good faith according to published community standards in order to keep users on the platform safe, reduce objectionable content, and to make sure users participate on the platform responsibly. Question 3. When it comes to news posts and political advertising, why should Facebook get a regulatory exemption that traditional media doesn’t get? Facebook is committed to transparency for all ads, including ads with political content. Facebook believes that people should be able to easily understand why they are seeing ads, who paid for them, and what other ads those advertisers are running. As such, Facebook only allows authorized advertisers to run ads about elections or issues that are being debated across the country. In order to be authorized by Facebook, advertisers will need to confirm their identity and location. Furthermore, all political ads will include a disclosure in their election-related ads, which reads: “Paid for by,” and when users click on this disclosure they will be able to see details about the advertiser. Users will also be able to see an explanation of why they saw the particular ad. This is similar to the disclosure included on political TV advertisements. Facebook with Law Enforcement Question 1. How wide is the use and specific collection of social media data with law enforcement, say in a given year? (FBI, CBP, ICE) As part of official investigations, government officials sometimes request data about people who use Facebook. We have strict processes in place to handle these government requests, and we disclose account records in accordance with our terms of service and applicable law. We also have law enforcement response teams available around the clock to respond to emergency requests. As part of our ongoing effort to share information about the requests we have received from governments around the world, Facebook regularly produces a Transparency Report about government requests to Facebook. Question 2. Have you seen an increase is such request under the current Administration? See Response to Question 1. Question 3. Or has there been a variation in the type or aggressiveness of these requests over the same time? See Response to Question 1. 209 Social Media Addiction Obvious the social media revolution has brought in a number of addition issues into play that we in Congress need to consider, from platforms for terrorist organizations and hate groups, to censorship and online addiction. And that is something I wanted to inquire about. Question 1. I know it was raised by one member during your hearing, but do you fund any research on the issue of potential social media addiction, and if not, would you consider funding independent third-party research in this area? Facebook employs social psychologists, social scientists, and sociologists, and collaborates with top scholars to better understand well-being. Facebook has also pledged $1 million towards research to better understand the relationship between media technologies, youth development and well-being. Facebook is teaming up with experts in the field to look at the impact of mobile technology and social media on kids and teens, as well as how to better support them as they transition through different stages of life. Facebook is committed to bringing people together and supporting well-being through meaningful interactions on Facebook. 210 Senate Committee on Commerce, Science, and Transportation Hearing Follow-up Questions Senator Capito Please send someone to the opioid meeting. Thank you for highlighting this important issue. Yes, we will work with the Administration to send a Facebook representative. We are committed to doing our part in combating the opioid crisis and look forward to a continued dialogue with you. 1 Senator Moran How can a bug bounty deal with reporting the sharing of data? The Data Abuse Bounty Program, inspired by the existing Bug Bounty Program, helps us identify violations of our policies by requesting narrative descriptions of violations from individuals with direct and personal knowledge of events. The Data Abuse Bounty will reward people with first-hand knowledge and proof of cases where a Facebook platform app collects and transfers people’s data to another party to be sold, stolen, or used for scams or political influence. We’ll review all legitimate reports and respond as quickly as possible when we identify a credible threat to people’s information. If we confirm data abuse, we will shut down the offending app and, if necessary, take legal action against the company selling or buying the data. We’ll pay a bounty to the person who reported the issue or allow them to donate their bounty to a charity, and we’ll also alert those we believe to be affected. We also encourage our users to report to us content that they find concerning or that results in a bad experience, as well as other content that may violate our policies. We review these reports and take action on abuse, like removing content and disabling accounts. 2 Senator Baldwin Do you know whether Aleksandr Kogan sold any of the data he collected to anyone other than Cambridge Analytica? Kogan represented to us that he provided data to SCL, Eunoia Technologies (a company founded by Christopher Wylie), and a researcher at the Toronto Laboratory for Social Neuroscience at the University of Toronto. He represented to Facebook that he only received payment from SCL/Cambridge Analytica. How much do you know or have you tried to find out how Cambridge Analytica used the data while they had it before you believed they deleted it? On December 11, 2015, The Guardian published an article reporting that Kogan and his company, GSR, may have passed information his app had obtained from Facebook users to SCL Elections Ltd. (SCL)/Cambridge Analytica. By doing so, Kogan and his company violated Facebook’s Platform Policies, which explicitly prohibited selling or licensing user data accessed from Facebook and from sharing any user data accessed from Facebook with any ad network, data broker or other advertising or monetization-related service. For this reason, Facebook immediately banned his app from our platform and launched an investigation into these allegations. Kogan signed a certification declaring that he had deleted all data that he obtained through his app and obtained certifications of deletion from others he had shared data with, including Cambridge Analytica. In March 2018, new allegations surfaced that Cambridge Analytica may not have deleted data as it had represented. Our investigation of these matters is ongoing. I find some encouragement in the steps you have outlined today to provide greater transparency regarding political ads. I want to get further information on how you can be confident that you have excluded entities based outside of the United States. Pursuant to the new transparency measures Facebook is launching, all advertisers who want to run ads with political content targeted at the US will have to confirm their identity and location by providing either a US driver’s license or passport, last four digits of their social security number, and a residential mailing address. In addition, people who manage Pages with large numbers of followers will need to be verified. Those who manage large Pages that do not clear the process will no longer be able to post. 3 Senator Cruz The predicate for Section 230 immunity under the CDA is that you’re a neutral public forum. Do you consider yourself a neutral public forum or are you engaged in political speech, which is your right under the First Amendment? We are, first and foremost, a technology company. Facebook does not create or edit the content that our users published on our platform. While we seek to be a platform for a broad range of ideas, we do moderate content in good faith according to published community standards in order to keep users on the platform safe, reduce objectionable content and to make sure users participate on the platform responsibly. Section 230 of the Communications Decency Act provides that “[N]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” Outside of certain specific exceptions, this means that online platforms that host content posted by others are generally not liable for the speech of their users, and, indeed, Section 230 explicitly provides that a platform that chooses to moderate content on its service based on its own standards does not incur liability on the basis of that decision. Specifically, 47 U.S.C. 230(c)(2) provides, in relevant part, that “[N]o provider or user of an interactive computer service shall be held liable on account of—(A) any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected.” 4 Senator Cantwell During the 2016 campaign, Cambridge Analytica worked with the Trump campaign to refine tactics. Were Facebook employees involved in that? During the 2016 election cycle, Facebook worked with campaigns to optimize their use of the platform, including helping them understand various ad formats and providing other best practices guidance on use of the platform. 5 Senator Gardner To clarify one of the comments made about deleting accounts from Facebook, in your user agreement it says when you delete IP content, if deleted in a manner similar to emptying recycle bin on a computer, you understand it may persist in backup copies for a reasonable period of time. How long is that? In general, when a user deletes their account, we delete things they have posted, such as their photos and status updates, and they won’t be able to recover that information later. (Information that others have shared about them isn’t part of their account and won’t be deleted.) There are some limited exceptions to these policies: For instance, information can be accessed and preserved for an extended period when it is the subject of a legal request or obligation, governmental investigation, or investigations of possible violations of our terms or policies, or otherwise to prevent harm. We also retain information from accounts disabled for terms violations for at least a year to prevent repeat abuse or other term violations. Can you get a warrant to join a Page? Pretending you’re a separate user to track it? Can the Government just do that? The FBI? Anybody? As part of official investigations, government officials sometimes request data about people who use Facebook. We have strict processes in place to handle these government requests, and we disclose account records in accordance with our terms of service and applicable law. We also have law enforcement response teams available around the clock to respond to emergency requests. As part of our ongoing effort to share information about the requests we have received from governments around the world, Facebook regularly produces a Transparency Report about government requests to Facebook. Additionally, Facebook’s policy (available at https://www.facebook.com/help/112146705538576?helpref=faq_contentand) expressly prohibits impersonation. This policy applies to everyone, including law enforcement, and Facebook will disable any account that we believe is inauthentic. 6 Senator Wicker Does Facebook allow minors (13-17) to opt in to share their call and text history? Call and text history logging is part of an opt-in feature that lets people import contact information to help them connect with people they know on Facebook and Messenger. We introduced the call and text history component of this feature for Android users several years ago, and currently offer it in Messenger and Facebook Lite, a lightweight version of Facebook, on Android. We’ve reviewed this feature to confirm that Facebook does not collect the content of messages—and will delete all logs older than one year. In the future, the client will only upload to our servers the information needed to offer this feature—not broader data such as the time of calls. We do allow people from 13 to 17 to opt into this service. However, we do take other steps to protect teens on Facebook and Messenger: • We provide education before allowing teens to post publicly. • We don’t show search results based on specific profile data (high school, birthday/age, and hometown, or current city) of teens to unconnected adults when the adults search on Facebook. • Unconnected adults can’t message minors who are 13-17. • We have age limits for advertisements. For example, ads for dating sites, financial services and other products or services are gated to users under 18. • We’ve also helped many teenagers with information about bullying prevention campaigns and online safety tips. There have been reports that Facebook can track users’ internet browsing activity even after that user has logged off of the Facebook platform. Can you confirm whether or not this is true? Would you also let us know how Facebook discloses to its users that engaging in this type of tracking gives us that result of tracking between devices? When people visit apps or websites that feature our technologies—like the Facebook Like or Comment button—our servers automatically log (i) standard browser or app records of the fact that a particular device or user visited the website or app (this connection to Facebook’s servers occurs automatically when a person visits a website or app that contains our technologies, such as a Like button, and is an inherent function of Internet design); and (ii) any additional information the publisher of the app or website chooses to share with Facebook about the person’s activities on that site (such as the fact that a purchase was made on the site). This is a standard feature of the Internet, and most websites and apps share this same information with multiple different third-parties whenever people visit their website or app. For example, the Senate Commerce Committee’s website shares information with Google and its affiliate DoubleClick and with the analytics company Webtrends. This means that, when a person visits the Committee’s website, it sends browser information about their visit to each one of those third 7 parties. More information about how this works is available at https://newsroom.fb.com/news/2018/04/data-off-facebook/. When the person visiting a website featuring Facebook’s tools is not a registered Facebook user, Facebook does not have information identifying that individual, and it does not create profiles for this individual. We use the browser and app logs that apps and websites send to us—described above—in the following ways for non-Facebook users. First, these logs are critical to protecting the security of Facebook and to detecting or preventing fake account access. For example, if a browser has visited hundreds of sites in the last five minutes, that’s a sign the device might be a bot, which would be an important signal of a potentially inauthentic account if that browser then attempted to register for an account. Second, we aggregate those logs to provide summaries and insights to websites and apps about how many people visit or use their product or use specific features like our Like button—but without providing any information about a specific person. We do not create profiles for non-Facebook users, nor do we use browser and app logs for non-Facebook users to show targeted ads from our advertisers to them or otherwise seek to personalize the content they see. However, we may take the opportunity to show a general ad that is unrelated to the attributes of the person or an ad encouraging the non-user to sign up for Facebook. When the individual is a Facebook user, we are also able to use this information to personalize their experiences on Facebook, whether or not they are logged out, but we will not target ads to users relying on this information unless the user allows this in their privacy settings. We do not sell or share this information with third-parties. 8 Senator Blunt Do you track non-Facebook data from devices on which they have used Facebook, even if they are logged off of Facebook or the device is offline? So you don’t have bundled permissions for how I can agree to what devices I may use that you may have contact with? Do you bundle that permission, or am I able to individually say what I’m willing for you to watch and what I don’t want you to watch? When people visit apps or websites that feature our technologies—like the Facebook Like or Comment button—our servers automatically log (i) standard browser or app records of the fact that a particular device or user visited the website or app (this connection to Facebook’s servers occurs automatically when a person visits a website or app that contains our technologies, such as a Like button, and is an inherent function of Internet design); and (ii) any additional information the publisher of the app or website chooses to share with Facebook about the person’s activities on that site (such as the fact that a purchase was made on the site). This is a standard feature of the Internet, and most websites and apps share this same information with multiple different third-parties whenever people visit their website or app. For example, the Senate Commerce Committee’s website shares information with Google and its affiliate DoubleClick and with the analytics company Webtrends. This means that, when a person visits the Committee’s website, it sends browser information about their visit to each one of those third parties. More information about how this works is available at https://newsroom.fb.com/news/2018/04/data-off-facebook/. When the person visiting a website featuring Facebook’s tools is not a registered Facebook user, Facebook does not have information identifying that individual, and it does not create profiles for this individual. We use the browser and app logs that apps and websites send to us—described above—in the following ways for non-Facebook users. First, these logs are critical to protecting the security of Facebook and to detecting or preventing fake account access. For example, if a browser has visited hundreds of sites in the last five minutes, that’s a sign the device might be a bot, which would be an important signal of a potentially inauthentic account if that browser then attempted to register for an account. Second, we aggregate those logs to provide summaries and insights to websites and apps about how many people visit or use their product or use specific features like our Like button—but without providing any information about a specific person. We do not create profiles for non-Facebook users, nor do we use browser and app logs for non-Facebook users to show targeted ads from our advertisers to them or otherwise seek to personalize the content they see. However, we may take the opportunity to show a general ad that is unrelated to the attributes of the person or an ad encouraging the non-user to sign up for Facebook. When the individual is a Facebook user, we are also able to use this information to personalize their experiences on Facebook, whether or not they are logged out, but we will not target ads to users relying on this information unless the user allows this in their privacy settings. We do not sell or share this information with third-parties. 9 Do you track devices that an individual who uses Facebook has that is connected to the device that they use for their Facebook connection but not necessarily connected to Facebook? Yes, Facebook’s Data Policy specifically discloses that we associate information across different devices that people use to provide a consistent experience wherever they use Facebook. Facebook’s services inherently operate on a cross-device basis: understanding when people use our services across multiple devices helps us provide the same personalized experience wherever people use Facebook—for example, to ensure that a person’s News Feed or profile contains the same content whether they access our services on their mobile phone or in a desktop computer’s web browser. In support of those and other purposes, we collect information from and about the computers, phones, connected TVs and other web-connected devices our users use that integrate with our Products, and we combine this information across a user’s different devices. For example, we use information collected about a person’s use of our Products on their phone to better personalize the content (including ads) or features they see when they use our Products on another device, such as their laptop or tablet, or to measure whether they took an action in response to an ad we showed them on their phone or on a different device. Information we obtain from these devices includes: • Device attributes: information such as the operating system, hardware and software versions, battery level, signal strength, available storage space, browser type, app and file names and types, and plugins. • Device operations: information about operations and behaviors performed on the device, such as whether a window is foregrounded or backgrounded, or mouse movements (which can help distinguish humans from bots). • Identifiers: unique identifiers, device IDs, and other identifiers, such as from games, apps or accounts people use, and Family Device IDs (or other identifiers unique to Facebook Company Products associated with the same device or account). • Device signals: Bluetooth signals, and information about nearby Wi-Fi access points, beacons, and cell towers. • Data from device settings: information a user allows us to receive through device settings they turn on, such as access to their GPS location, camera or photos. • Network and connections: information such as the name of a user’s mobile operator or ISP, language, time zone, mobile phone number, IP address, connection speed and, in some cases, information about other devices that are nearby or on their network, so we can do things like help them stream a video from their phone to their TV. • Cookie data: data from cookies stored on a user’s device, including cookie IDs and settings. More information is available at 10 https://www.facebook.com/policies/cookies/ and https://help.instagram.com/1896641480634370?ref=ig. Advertisers, app developers, and publishers can send us information through Facebook Business Tools they use, including our social plug-ins (such as the Like button), Facebook Login, our APIs and SDKs, or the Facebook pixel. These partners provide information about a person’s activities off Facebook—including information about their device, websites they visit, purchases they make, the ads they see, and how they use their services—whether or not they have a Facebook account or are logged into Facebook. For example, a game developer could use our API to tell us what games a person plays, or a business could tell us about a purchase a person made in its store. We also receive information about a person’s online and offline actions and purchases from third-party data providers who have the rights to provide us with that person’s information. We use the information we have to deliver our Products, including to personalize features and content (including a person’s News Feed, Instagram Feed, Instagram Stories and ads) and make suggestions for a user (such as groups or events they may be interested in or topics they may want to follow) on and off our Products. To create personalized Products that are unique and relevant to them, we use their connections, preferences, interests and activities based on the data we collect and learn from them and others (including any data with special protections they choose to provide); how they use and interact with our Products; and the people, places, or things they’re connected to and interested in on and off our Products. For example, if people have shared their device locations with Facebook or checked into a specific restaurant, we can show them ads from an advertiser that wants to promote its services in their area or from the restaurant. We use location-related information—such as a person’s current location, where they live, the places they like to go, and the businesses and people they’re near—to provide, personalize and improve our Products, including ads, for them and others. Location-related information can be based on things like precise device location (if a user has allowed us to collect it), IP addresses, and information from their and others’ use of Facebook Products (such as check-ins or events they attend). We store data until it is no longer necessary to provide our services and Facebook Products, or until a person’s account is deleted—whichever comes first. This is a case-by-case determination that depends on things like the nature of the data, why it is collected and processed, and relevant legal or operational retention needs. We provide advertisers with reports about the kinds of people seeing their ads and how their ads are performing, but we don’t share information that personally identifies someone (information such as a person’s name or email address that by itself can be used to contact them or identifies who they are) unless they give us permission. For example, we provide general demographic and interest information to advertisers (for example, that an ad was seen by a woman between the ages of 25 and 34 who lives in Madrid and likes software engineering) to help them better understand their audience. We also confirm which Facebook ads led users to make a purchase or take an action with an advertiser. 11 Senator Fischer There have been some past reports that indicate that Facebook collects about 98 data categories. For those two billion active users. That’s 192 billion data points that are being generated. I think at any time. From consumers globally. Do you store any? Your question likely references a Washington Post article that purported to identify “98 data points that Facebook uses to target ads to you.” The article was based on the writer’s use of the tool that allows advertisers to select the audience that they want to see their ads. Anyone on Facebook can see the tool and browse the different audiences that advertisers can select. The “data points” to which the article refers are not categories of information that we collect from everyone on Facebook. Rather, they reflect audiences into which at least some people on Facebook fall, based on the information they have provided and their activity. For example, the article lists “field of study” and “employer” as two of the “data points” that can be used to show ads to people. People can choose to provide information about their field of study and their employer in profile fields, and those who do may be eligible to see ads based on that information—unless they have used the controls in Ad Preferences that enable people to opt out of seeing ads based on that information. The same is true of the other items in the list of 98. Further, the specific number of categories that are used to decide what ads a person will see vary from person to person, depending on the interests and information that they have shared on Facebook, how frequently they interact with ads and other content on Facebook, and other factors. Any person can see each of the specific interests we maintain about them for advertising by visiting Ads Preferences, which lets people see what interests we use to choose ads for them—and to edit or delete these interests. We also provide more detailed information about how we use data to decide what ads to show to people in our “About Facebook Ads” page, at https://www.facebook.com/ads/about. Please note, however, that (as the article explains) many of these refer to “Partner Categories”—audiences that are offered by third-party data providers. We announced in April that we would stop offering this kind of targeting later this year. Please also see our letter to you dated April 27, 2018. 12 Senator Heller Can you tell me how many Nevadans were among the 87 million that received this notification? A state-by-state breakdown is available at https://newsroom.fb.com/news/2018/04/restricting-data-access/. How long do you keep a user’s data? How long do you keep a user’s data once they have left? If they choose to delete their account, how long do you keep their data? In general, when a user deletes their account, we delete things they have posted, such as their photos and status updates, and they won’t be able to recover that information later. (Information that others have shared about them isn’t part of their account and won’t be deleted.) There are some limited exceptions to these policies: For instance, information can be accessed and preserved for an extended period when it is the subject of a legal request or obligation, governmental investigation, or investigations of possible violations of our terms or policies, or otherwise to prevent harm. We also retain information from accounts disabled for terms violations for at least a year to prevent repeat abuse or other term violations. 13 Senator Hassan The other question I had, and it does not just apply to Facebook, is should the framework include financial penalties when large providers like Facebook are breached and privacy is compromised as a result? There is very little incentive for whether it is Facebook or Equifax to actually be abreast of protecting customer privacy and working for potential breaches or vulnerabilities in the system. Protecting people’s data is one of our most important responsibilities. We know that if people don’t trust that their information will be safe on Facebook, they won’t feel comfortable using our services. We have every incentive to work as hard as we can to protect people’s information, and we’re committed to continuing our work to improve those protections. Facebook is generally open to the idea of federal breach notification requirements, particularly legislation that would centralize reporting and ensure a consistent approach across the United States. For example, in Europe, the GDPR requires notification to a lead supervisory authority, rather than individual member states, in cases of a data breach. In the United States, however, there is no centralized notification scheme, and instead, reporting obligations vary widely across all 50 states. This complexity makes it harder to respond appropriately and swiftly to protect people in the event of a data breach. We believe this is an important issue and an area that is ripe for thoughtful regulation. Facebook is generally not opposed to regulation but wants to ensure it is the right regulation. We are already regulated in many ways—for example, under the Federal Trade Commission Act—and we are subject to ongoing oversight by the FTC under the terms of a 2011 consent order. Facebook has inherent incentives to protect its customers’ privacy and address breaches and vulnerabilities. Indeed, the recent discovery of misconduct by an app developer on the Facebook platform clearly hurt Facebook and made it harder for us to achieve our social mission. As such, Facebook is committed to protecting our platform from bad actors, ensuring we are able to continue our mission of giving people a voice and bringing them closer together. We are also actively building new technologies to help prevent abuse on its platform, including advanced AI tools to monitor and remove fake accounts. We have also significantly increased our investment in security, employing more than 15,000 individuals working solely on security and content review and planning to increase that number to over 20,000 by the end of the year. We have also strengthened our advertising policies, seeking to prevent discrimination while improving transparency. 14 Senator Klobuchar Do you support a rule that would require you to notify your users of a breach within 72 hours? Facebook is generally open to the idea of breach notification requirements, particularly legislation that would centralize reporting and ensure a consistent approach across the United States. For example, in Europe, the GDPR requires notification to a lead supervisory authority, rather than individual member states, in cases of a data breach. In the United States, however, there is no centralized notification scheme, and instead, reporting obligations vary widely across all 50 states. This complexity makes it harder to respond appropriately and swiftly to protect people in the event of a data breach. We believe this is an important issue and an area that is ripe for thoughtful regulation. 15 Senator Markey Do you support a kids’ privacy bill of rights where opt-in is the standard? Facebook is generally not opposed to regulation but wants to ensure it is the right regulation. The issues facing the industry are complex, multi-faceted, and affect an important part of peoples’ lives. As such, Facebook is absolutely committed to working with regulators, like Congress, to craft the right regulations. Facebook would be happy to review any proposed legislation and provide comments. 16 Senator Young Might we create stronger privacy rights for consumers through creating a stronger general property right regime online, say a law states that users own their online data or stronger opt in requirements on platforms like yours? If we’re to do that, would you need to retool your model? If we’re to adopt one of the two approaches? Our Terms of Service confirm that people own the information they shared on Facebook. They entrust it to us to use it consistent with our Terms and Data Policy to provide meaningful and useful services to them. They have the ability to choose who can see it, delete it, or take it with them if they want to do so. We’re also rolling out a new Privacy Shortcuts feature, which centralizes a broad range of choices that people have about how their information is used as a part of the Facebook service, and we’re contacting people on our service to ask them to make choices about these issues as well. Facebook already allows users to download a copy of their information from Facebook. This functionality, which we’ve offered for many years, includes numerous categories of data, including About Me, Account Status History, Apps, Chat, Follower, Following, Friends, Messages, Networks, Notes, and more. We recently launched improvements to our “Download Your Information” tool, including to give people choices about whether they want to download only certain types of information and about the format in which they want to receive the download, to make it easier for people to use their information once they’ve retrieved it. Of course, the details of any new privacy legislation matter, and we would be pleased to discuss any specific proposals with you and your staff. 17 Senator Peters Well, you bring up the principles because, as you are well aware, AI systems, especially in very complex environments when you have machine learning, it is sometimes very difficult to understand, as you mentioned, exactly how those decisions were arrived at. There are examples of how decisions are made on a discriminatory basis and that they can compound if you are not very careful about how that occurs. And so is your company—you mentioned principles. Is your company developing a set of principles that are going to guide that development? And would you provide details to us as to what those principles are and how they will help deal with this issue? We are focused on both the technical and the ethical aspects of artificial intelligence. We believe these two should go hand-in-hand together in order to fulfill our commitment to being fair, transparent, and accountable in our development and use of AI. Facebook has AI teams working on developing the philosophical, as well as technical, foundations for this work. Facebook is also one of the co-founders and members of the Partnership on AI (PAI), a collaborative and multi-stakeholder organization established to study and formulate best practices on AI technologies, to advance the public’s understanding of AI, and to serve as an open platform for discussion and engagement about AI and its influences on people and society. The thematic pillars that structure the work we’re doing in the scope of the PAI—safety, fairness, transparency, and accountability—are the principles that we believe industry should follow and promote when building and deploying AI systems. The PAI’s Fair, Transparent and Accountable AI Working Group is also working alongside industry, academia, and civil society to develop best practices around the development and fielding of fair, explainable, and accountable AI systems. 18