Facebook CEO Mark Zuckerberg has finally responded to the company’s ongoing privacy scandal involving Cambridge Analytica, the data firm with ties to Donald Trump’s 2016 presidential campaign.
In a post to his Facebook page on Wednesday, Zuckerberg reiterated Facebook’s stance on this issue: That the company was hurt by a bad actor that didn’t follow the company’s guidelines. Zuckerberg says that there was also a “breach of trust between Facebook and the people who share their data with us and expect us to protect it. We need to fix that.”
But there was no explicit apology.
Instead, the post laid out a number of ways the company plans to respond to the fact that Cambridge Analytica was able to collect so much Facebook user data without user consent.
Zuckerberg promised to investigate whether or not other developers may have also abused Facebook‘s data policies, and also announced some big updates to its current policy around sharing data with third-party apps.
Included in the policy changes: Facebook will stop sharing data with developers once a user has gone more than three months without opening their app, and Facebook will also drastically limit what those developers can collect in the first place. Third-party app developers can now only collect your name, profile photo and email address, Zuckerberg said.
It’s unclear if Facebook plans to place any new limits on how that data is used. Cambridge Analytica, for example, had worked with an app developer to create psychographic profiles for possible use in political campaign advertising.
“We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you,” Zuckerberg wrote. “I started Facebook, and at the end of the day I’m responsible for what happens on our platform. I’m serious about doing what it takes to protect our community.”
One of the most interesting parts of his post was a promise to investigate other developers who have used Facebook’s API in the past to collect data from Facebook users who didn’t willingly hand it over.
Facebook updated its APIs in 2014 so that outside parties could not collect information from Facebook users’ friends without their permission, but Zuckerberg says it will go find developers who used their products before those changes were implemented to make sure they didn’t break the rules.
“We will investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity,” Zuckerberg wrote. “We will ban any developer from our platform that does not agree to a thorough audit.”
This will be a massive undertaking, and it’s unclear if it’s even possible. But Zuckerberg says that it is the goal.
Facebook COO Sheryl Sandberg added her own take to his post:
This article originally appeared on Recode.net.