Facebook Chief Executive Mark Zuckerberg has admitted mistakes and outlined steps to protect user data in light of the privacy scandal involving a data mining firm.

Mr Zuckerberg broke more than four days of silence as he posted an update about the Cambridge Analytica scandal.

He posted on his Facebook page that his company has a "responsibility" to protect its users' data, and "if we can't then we don't deserve to serve you".

Mr Zuckerberg and Facebook's Chief Operating officer Sheryl Sandberg, have been quiet since the news broke on Friday that Cambridge Analytica may have used data improperly obtained from roughly 50 million Facebook users to try to sway elections.

In his statement, Mr Zuckerberg said Facebook will ban developers who misused personal data and tell affected users. He also said the company will further restrict developer access to user data.

In admitting it had "made mistakes", he said the "most important actions to prevent this from happening again today we have already taken years ago".

He said the company will investigate all apps that had access to large amounts of data before the changes made in 2014.

Mr Zuckerberg also said that Facebook will show users a tool at the top of the news feed about how to delete third-party apps.

Ms Sandberg said the company had "spent the past few days working to get a fuller picture", adding that they "deeply regret that we didn't do enough".

Read more
What is Cambridge Analytica?

Time to reassess our relationship with social media

Earlier, the academic who developed the app used by Cambridge Analytica to harvest data said that he had no idea his work would be used in Donald Trump's 2016 presidential campaign.

Alexandr Kogan, a psychology researcher at Cambridge University, told the BBC that both Facebook and Cambridge Analytica have tried to place the blame on him for violating the social media platform's terms of service, even though Cambridge Analytica ensured him that everything he did was legal.

"My view is that I'm being basically used as a scapegoat by both Facebook and Cambridge Analytica," he said.

"Honestly, we thought we were acting perfectly appropriately, we thought we were doing something that was really normal."

Authorities in Britain and the United States are investigating the alleged improper use of Facebook data by Cambridge Analytica, the UK-based political research firm.

Meanwhile, Brazilian prosecutors have said they have opened an investigation into whether Cambridge Analytica acted illegally in Brazil.  

Prosecutors for Brazil's Federal District, which includes Brasilia, the capital, said in a written statement that they will look into whether the firm used the data of millions of Brazilians to to illegally access personal data.

Facebook shares have dropped some 9% since the revelations were first published, raising questions about whether social media sites are violating users' privacy.

The head of Cambridge Analytica, Alexander Nix, was suspended yesterday after Channel 4 News broadcast hidden camera footage of him suggesting the company could use young women to catch opposition politicians in compromising positions.

Footage also showed Mr Nix bragging about the firm's pivotal role in the Trump campaign.

Mr Nix said Cambridge Analytica handled "all the data, all the analytics, all the targeting" for the Trump campaign, and used emails with a "self-destruct timer" to make the firm's role more difficult to trace.

"There's no evidence, there's no paper trail, there's nothing," he said.

In a statement, Cambridge Analytica's board said Mr Nix's comments "do not represent the values or operations of the firm, and his suspension reflects the seriousness with which we view this violation".

Facebook itself is drawing criticism from politicians on both sides of the Atlantic for its alleged failure to protect users' privacy.

Meanwhile, a former Facebook employee described in detail how the social network's app developers were able to collect vast amounts of data without people's permission.

Sandy Parakilas, who worked in policy compliance and data protection for Facebook between 2011 and 2012, told a UK parliamentary committee hearing that the company used users' personal data to entice developers to build apps and games such as Farmville.

"The real problem is that they allowed all of this personally identifiable data to pass out of their servers into the hands of a very unvetted set of people," Mr Parakilas said.

"Anyone can create a Facebook app," he told the Digital, Culture, Media and Sport Committee. "There are no background checks to making a Facebook app."

Facebook's settings at the time allowed app developers to access the personal data of not just the people who used their app, but all of their friends as well.

"It was your name, in some cases your email addresses, in some cases your private messages," Mr Parakilas claimed.

"They just basically allowed that to leave Facebook's servers intentionally and there weren't really controls once the data had left to make sure it was being used in an appropriate way."