It's been an interesting week for privacy. An enormous media company stands accused of bad behaviour, gross invasions of privacy and - let's be generous here - less than perfect explanations of what it's been up to.
No, I don't mean a tabloid newspaper. I mean Facebook.
This week, US regulator the Federal Trade Commission accused Facebook of engaging in "unfair and deceptive" practices and promised to keep an eye on the social network for the next 20 years.
It's damning stuff, and the FTC lays it all out online. It's a big list, but each item generally follows the same template: Facebook said it was doing one thing, when in fact it was doing the opposite.
Article continues below
For example: "Facebook promised users that it would not share their personal information with advertisers. It did."
"Facebook claimed that it complied with the U.S.- EU Safe Harbor Framework that governs data transfer between the U.S. and the European Union. It didn't."
"Facebook represented that third-party apps that users' installed would have access only to user information that they needed to operate. In fact, the apps could access nearly all of users' personal data - data the apps didn't need."
You get the idea.
What does Zuck say?
"I think we have a good history of providing transparency and control over who can see your information", he writes in yet another official apology. Aaaagh!
For all my moaning, I don't think Facebook is evil. I think, like some of the newspapers whose dirty laundry is currently being washed in the Leveson inquiry, Facebook genuinely believes its success means it's doing the right thing.
When Zuckerberg says "everyone needs complete control over who they share with at all times. This idea has been the core of Facebook since day one", I think he means it.
I don't think it's true, but do think he means it. The problem with Facebook is that its core business is incompatible with privacy: the more you share, the more effective its ad targeting.
That tension is only going to get worse when Facebook goes public and has shareholders to answer to: public corporations' number one objective is to make money, not to protect people's privacy.
That's why it's good to see the FTC taking action, and to see regulators in the EU having a word too. As a result of the FTC investigation and others, Facebook is appointing two chief privacy officers and has already taken many of the FTC's recommendations on board; over the next 20 years, the FTC will arrange for biannual, independent privacy audits to make sure the service is keeping his promises.
When Mark Zuckerberg says he wants Facebook to "offer new ways to protect you and your information better than any other company in the world," I'm sure he means it - but I'm glad we have regulators to make sure that this time, he keeps his promises.