Facebook is notifying 14 million users around the world about a bug that changed their privacy setting default to public, which could have led to them accidentally broadcasting updates that were meant for friends only. The bug surfaced in mid-May, and the platform is now urging users who were affected to review their settings in case they'd been inadvertently switched.
In a statement provided to Engadget, Facebook chief privacy officer Erin Egan wrote: "We recently found a bug that automatically suggested posting publicly when some people were creating their Facebook posts. We have fixed this issue and starting today we are letting everyone affected know and asking them to review any posts they made during that time. To be clear, this bug did not impact anything people had posted before – and they could still choose their audience just as they always have. We'd like to apologize for this mistake".
The bug became active on May 18th and Facebook started releasing a fix on the 22nd, though they didn't revert everyone's status settings until the 27th. It happened when the platform started building a 'featured items' section in profiles for users to highlight the content of their choosing. Those were set to be publicly visible, but Facebook accidentally extended that setting to all new posts.
Facebook has reset everyone's status setting to what they had before the bug, and plans to show more of these kinds of alerts to be more forthcoming in the future. But after the Cambridge Analytica scandal and reports that the company gave user data to device makers like Samsung, pledging to be open about technical mishaps feels very insignificant in the face of Facebook's history of willfully handing over its userbase's information.
Update 10AM 6/8/18: Changed the headline to more accurately reflect the bug. It did not change existing status posts, only the default visibility setting for status posts yet to be written.