Every January, Facebook CEO Mark Zuckerberg announces a personal challenge he will undertake in the year ahead. In 2016, he committed to running 365 miles before the year was up. In 2017, he milked cows and rode tractors as part of his resolution to meet more people outside the Silicon Valley bubble. Last January, he took a different tack. After a year in which Facebook was accused of amplifying fake news and allowing Russian trolls to deceive American voters in the run-up to the 2016 election, Zuckerberg decided that for his personal challenge in 2018, he would go ahead and fix Facebook.
He just might not have realized how much he’d be asked to fix.
As the months progressed, Facebook turned into a hydra, with new scandals sprouting almost weekly. Its stock price tanked, and internal morale plummeted. Twelve months later, Facebook has certainly changed, but it’s hardly fixed. In 2018, the social giant juggled so many crises, you probably forgot half of them. Here’s a refresher.
February 2018: Special counsel Robert Mueller’s indictment of Russian trolls reveals the role Facebook played in Russia’s plot—and so much more.
The Mueller indictment in February laid out exactly how 13 employees of Russia’s Internet Research Agency created fake US personas on Instagram and Facebook to pit Americans against each other before the election. Facebook’s only saving grace? Other tech giants like Twitter and YouTube were name-checked, too.
Of all of Facebook’s crises, it problems in Myanmar have arguably had the most dire consequences. The company has been blamed for enabling the spread of fake news about Rohingya Muslims, who are being systematically slaughtered. Facebook has since kicked some of the worst offenders off the platform and updated its content policy that prohibits credible threats of violence, to include misinformation that incites violence. The company also issued a report documenting its human rights failures in the country. But Facebook’s global problems aren’t limited to Myanmar. Following anti-Muslim violence in Sri Lanka, the country ordered internet providers and mobile phone carriers to shut down both Facebook and WhatsApp. Government officials in Papua New Guinea have considered the same.
March 2018: Cambridge Analytica story makes front page news
This was the big one. The New York Times and The Guardian/Observer dropped simultaneous, bombshell reports about how the political data firm Cambridge Analytica misappropriated the data of tens of millions of Americans without their knowledge before the 2016 election. Facebook later said Cambridge Analytica accessed up to 87 million users’ data. What’s more, they weren’t the only ones. Until 2015, Facebook gave developers broad access to user data, and the company has spent the past year trying to answer for where all that data went. Now, the Federal Trade Commission, Congress, and international courts are also investigating. The UK’s Information Commissioner, meanwhile, has fined Facebook for breaching the country’s data protection law.
April 2018: Zuckerberg testifies before Congress
After the Cambridge Analytica story broke, Facebook’s CEO was called to Washington to answer for his company’s actions. For the most part, Zuckerberg walked away unscathed. The Senate primarily used its time to ask Zuckerberg for IT help, while House members accused Facebook of censoring conservatives like the pro-Trump personalities Diamond & Silk.
May 2018: House Democrats release thousands of Russian troll ads, leading to new revelations
The document dump unleashed a new wave of inquiry into the Russian activity. Among WIRED’s findings: Russia-linked pages were targeting a sketchy music Chrome extension called FaceMusic at teenage girls. The Daily Beast later determined that the extension was infected with malware.
May 2018: Facebook’s political ad archive launches—with complications
Facebook launched its political advertising archive to bring some transparency to the still unregulated world of digital political ads. But almost as soon as it launched, problems arose. News organizations protested the inclusion of political articles in the archive. Advertisers posting gay-themed ads, including one for a gay comedy show, were forced to register as political advertisers because their ads pertained to LBGT issues. Bush’s Beans accidentally ended up in there because the brand includes the name of a political dynasty. Reporters at VICE demonstrated how vulnerable Facebook’s vetting process for political advertisers was to abuse, creating ads with disclaimers that said the ads were paid for by various US Senators. And WIRED showed how opaque even this stab at transparency still is, by telling the story of an obscure concealed-carry company that became one of 2018’s top 10 political advertisers on Facebook.
June 2018: Facebook’s data deals with device manufacturers emerge
After the Cambridge Analytica debacle, the nation was on edge about all the information Facebook was giving away. Then the New York Times broke the news that the company also struck deals with device manufacturers like Apple, Amazon, Microsoft, and Blackberry, through which it shared Facebook users’ personal data.
July 2018: Facebook tells Congress it had special data arrangements with dozens of companies, including a Russian internet giant
Facebook followed up on Zuckerberg’s trip to Washington in a series of written responses to the House Energy and Commerce Committee. Buried deep in more than 700 pages of responses, Facebook noted that it gave dozens of companies extended access to users’ friends data, even after it publicly cut off that access in 2015. Among the companies that received an extension: Russian internet giant Mail.ru, whose main investor had been Alisher Usmanov, a businessman with ties to Russian president Vladimir Putin. (Usmanov relinquished control of the company in October, according to reports.)
July 2018: Facebook finds more fake accounts likely linked to Russians
Facebook shut down 32 accounts and pages that had some ties to the initial batch of IRA accounts, though the company couldn’t link them to Russia definitively. The new findings revealed how far these bad actors were going to cover their tracks.
July 2018: Facebook stock plummets after earnings report
Facebook stock tanked after the Cambridge Analytica news, but rose steadily from there. That is, until July when, in its second quarter earnings report, Facebook predicted revenue growth would slow down through the end of 2019. The company’s value took another sharp downward turn and has fallen steadily since then—along with the rest of the market.
August 2018: Facebook finally bans Alex Jones.
Sometimes, it takes a village. After Apple pulled the plug on conspiracy theorist Alex Jones’ podcasts, Facebook removed four pages affiliated with Jones for violating its policies on hate speech. Hours later, YouTube did the same, and finally, after initially resisting, Twitter shut down Jones’ account. For weeks, the companies had faced mounting criticism over providing Jones a platform to spread disinformation and hateful content. But the suspensions also amplified cries from the far right that Silicon Valley is biased against conservatives.
August 2018: Facebook shuts down network of Iranian troll accounts and pages
It wasn’t just the Russians. In August, Facebook removed a network of inauthentic accounts and pages linked to Iranian state media. The group was spotted by the cybersecurity firm FireEye. Months later, in October, Facebook spotted another network of 82 accounts, pages and groups linked to Iran that were posing as US and UK citizens. This time, the playbook deployed by the trolls bore a striking resemblance to the tactics used by the IRA.
August 2018: Facebook’s internal “political diversity” debate heats up
In August, The New York Times reported on a memo circulating at Facebook, skewering the company for its “intolerant” liberal culture. Months later, the author of that memo, Brian Amerige, spoke to WIRED about Facebook’s brewing internal culture wars.
September 2018: The ACLU says Facebook ads let employers favor men over women
The ACLU filed a claim with the Equal Employment Opportunity Commission over Facebook’s ad targeting tools, which enable employers posting job ads to target people by gender. Facebook has faced similar charges in the past for allowing housing ads to exclude certain ethnicities. In August, the Justice Department backed a lawsuit against Facebook over this practice.
September 2018: Instagram founders quit.
“You don’t leave a job because everything’s awesome,” former Instagram CEO Kevin Systrom told WIRED weeks after he and his co-founder Mike Krieger announced they’d be stepping down from the company. The departure reportedly stemmed from frustrations around Facebook’s growing influence over the photo-sharing platform. Systrom and Krieger’s exit added to the list of founders who have departed Facebook since 2017, including WhatsApp founders Brian Acton and Jan Koum, as well as Oculus founder Palmer Luckey.
September 2018: Facebook gets hacked big time
Hackers exploited a series of bugs to access the Facebook profiles of some 30 million accounts. The breach enabled the hackers to take over the accounts as if they were their own, and potentially gain access to third party apps that use Facebook login. (Facebook says it found no evidence that third parties were compromised.) Facebook has said it’s working with the FBI to identify the perpetrators.
October 2018: Facebook faces lawsuit over inflated video view metric
In 2016, Facebook confirmed it had been inflating the average time users spent watching videos on the platform, an error that infuriated advertisers and publishers that had participated in the great media “pivot to video” around the same time. Now, a lawsuit alleges that Facebook knew about the miscalculation long before it came clean about it. Facebook says the allegations are “without merit.”
November 2018: A New York Times investigation alleges Facebook covered up the Russia scandal and ordered opposition research on George Soros
In perhaps the first story to cast chief operating officer Sheryl Sandberg unfavorably, The Times explains how Sandberg worked to keep quiet evidence of Russian interference on the platform during the 2016 election. According to the report, she chastised the company’s cybersecurity officer, Alex Stamos, for investigating it without permission, yelled at him for disclosing too much information to a select group of board members, and voted against specifically naming Russia in an April 2017 white paper Facebook published on foreign interference. The story also detailed Facebook’s work with a public relations firm called Definers Public Affairs, which sought to undermine anti-Facebook groups by linking them to billionaire—and far-right boogeyman—George Soros.
December 2018: Facebook’s internal communications go public through a lawsuit over a defunct bikini app
In 2015, the developer of an app that allowed people to find Facebook users’ bathing suit photos sued Facebook in California for damages. The app, which was called Pikinis and was developed by a company called Six4Three, was forced to shut down because Facebook had changed its privacy settings, prohibiting app developers from hoovering up their users’ friends data without their knowledge, and therefore making Pikinis inoperable. The lawsuit was going along quietly until Thanksgiving weekend, when lawmakers in the UK seized a trove of documents that had been ordered sealed in California from Pikinis’ creator. In December, British parliamentarians published 250 pages worth of internal Facebook emails and other files, including personal emails from Zuckerberg himself. The emails appeared to show Facebook offering major advertisers special access to user data, deals some view as a contravention of Facebook’s promise not to sell data. Facebook, for its part, has said the emails lack context and maintains that it never sold user data. Now, the founder of Six4Three, Ted Kramer, is facing his own legal troubles for handing the documents over to British MPs.
December 2018: Facebook bug exposes 6.8 million users’ photos to third-party developers
With weeks to go before the New Year, Facebook announced another monster screwup. Thanks to a bug in its photo API, up to 1,500 apps may have had access to users’ photos, whether they shared those photos or not. The bug, which was introduced on September 13, impacted people who use Facebook Login to access apps. It was finally found and patched on September 25. But Facebook waited more than two months to disclose that fact to the public. It’s unclear how regulators will view this delay, particularly in the European Union where the General Data Protection Act mandates data breach disclosures within 72 hours. That’s a question for 2019.
December 2018: Another Times investigation finds Facebook shared lots of personal user data with large companies
Just when it seemed no more scandals could break, on December 18, the New York Times published an investigation that found the company shared troves of personal user data with more than 150 companies—including major players like Amazon, Microsoft, Netflix, and Spotify—long after Facebook said it had cut off access to that kind of information. The big takeaway from this latest news seems to be: despite Facebook’s claims that users have “complete control” over their data, the company has, throughout its history, traded on data access in order to grow the business.
The year isn’t over yet. Who knows what else we’ll find out before the ball drops?