After several days of scandal surrounding Facebook’s data policies, Mark Zuckerberg has finally released a statement to address users’ concerns about third-party access to data.

In the statement, Zuckerberg admitted that the company’s protections for user data had been too weak prior to 2014, when apps were allowed to access data on users’ friends. A former top Obama staffer recently revealed that the former president’s 2012 campaign used this technology to gain access to data on the “entire social graph” of Facebook — the friends of every American user.

But there was no mention of this bombshell admission in Zuckerberg’s statement, which instead focused on Cambridge Analytica, the data analytics firm accused of failing to delete user data that had been passed to them by an academic, Aleksandr Kogan, who obtained the data via legitimate means.

Cambridge Analytica says they complied with Facebook’s request to delete the data, and that they used no Facebook data during the 2016 election.

In his statement, Zuckerberg claimed that Facebook had “learned from The Guardian, The New York Times and Channel 4 that Cambridge Analytica may not have deleted the data as they had certified.” However, he also conceded that Cambridge Analytica denies the media’s allegations, and that Facebook has yet to independently verify them.

Cambridge Analytica has agreed to allow the social media giant to conduct an independent audit to verify their claims. Facebook said they would also “work with regulators as they investigate what happened.”

The Facebook founder also admitted that the platform’s rules prior to 2014 — which allowed apps to harvest data not just on users who gave the app permission, but also on their network of friends — were too weak, causing the rules to be changed.

Zuckerberg announced three next steps for Facebook to address user concerns about data:

  1. Facebook will investigate all apps that had access to “large amounts of information” prior to the rule change in 2014.
  2. Facebook will conduct a “thorough audit” of “any app with suspicious activity,” and ban developers who do not agree to an audit.
  3. Facebook will ban any developer who misused “personally identifiable information” (names, addresses, birthdays, etc.)
  4. Facebook will introduce a range of new restrictions on third-party apps.
  5. Facebook will make it easier for users to revoke third-party apps’ data

Zuckerberg’s statement failed to address the recent bombshell information that emerged in the wake of the Cambridge Analytica story — that the Obama campaign used Facebook’s lax pre-2014 rules to harvest data on the friend networks of every American user.

According to Carol Davidsen, a former Obama staffer who oversaw the former president’s data operations during the 2012 elections, Facebook was alarmed by the amount of data they had access to, but made a special exception for the Obama campaign because they were “on their side.”

A New York Times piece following the 2012 election also reports that Obama’s data-gathering app “triggered internal safeguards” at the company, designed to detect suspicious activity.

In his statement, Zuckerberg promised that the platform will audit all apps that had access to “large amounts” of user data, were governed by the company’s weak pre-2014 rules, and exhibited “suspicious activity.” Obama’s app falls into all three categories. Will Facebook audit them? Or ask them to delete the data, which, according to Davidsen, is still in circulation?

Update — A Facebook spokesperson provided this comment to Breitbart News: ““The tweet is inaccurate – both the Obama and Romney campaigns had access to the same tools, and no campaign received any special treatment from Facebook.”

Allum Bokhari is the senior technology correspondent at Breitbart News. You can follow him on TwitterGab.ai and add him on Facebook. Email tips and suggestions to allumbokhari@protonmail.com.