I mean is anything an acceptable excuse at this level?

I just find it sad that people will take his stupidity from when he was 20 and apply it to who he is as a person now. I'm sure many of those same people are embarrassed by things they did in college as well and wouldn't want it to represent who they are today.

That being said I would never have made a rating system for women at my school, but I also know perfectly decent people today who were much more blatantly misogynistic in college but grew into kinder and more empathetic people as they aged.

It would probably do Zuckerberg a world of PR good if he actually acknowledged those past mistakes.

Why is privacy on FB even a topic?

Because people are blaming it for the Trump win. No one had a problem with it being used to influence elections until that.

Well with the Cambridge Analytica controversy, the issue was that your friends could give permission to share your data rather than you being able to do that. That particular issue has been resolved, but there's lots of sneaky data practices and UI practices that Facebook engages in that could bring regulatory clout. For example, up until recently you could search Facebook by phone number or email address for people. This data was given to Facebook without the expectation it would be made public, yet that's how it worked in regards to search, allowing it to be exploited by scammers.

Instagram also has some dark UI practices on account creation where it prompts for your contacts and greatly diminishes the option of signing up without giving up data.

Even if the US doesn't institute new regulations on Facebook, I think this is an inflection point for data privacy in regards to permissions based apis, ad tech, and for the design used to obtain such information. I think informed politicians in the EU could call for privacy supporting options to be given equal graphical hierarchy to permissive datasharing options, and that we should expect to need to overhaul what a oAuth permission screen looks like with greater explanations of what each individual permission does and why a developer may want access to it, as well as, hopefully, the ability to conditionally provide requested oAuth permissions much like how one can do on iOS.

Case in point. I have a hobby project for Spotify called Dubolt. Spotify requires, for whatever reason, that I request a user's email and date of birth if I want to use their web playback sdk. I personally don't do anything with that data and for me it's an unnecessary tag along, but you could imagine a scenario where I was storing that data anyway for whatever reason. What I would like to see from a user's point of view would be for my user to be able to give me the permissions that I need for basic functionality to work on my app, like the ability to create playlists, but if they don't want to give me more sensitive data, and then I can enable and disable features of my web app depending on the returned approved scopes. You have to design like this now for iOS, but you can't for the web since oAuth is all or nothing.

Facebook admitted that personal information of up to 87 million users, may have been improperly shared with political consultancy Cambridge Analytica. The consultancy is suspected to be involved in attempts to manipulate elections in US and United Kingdom, and is subject to investigations in both countries.