As an explanation for the recent unintended public posts by the users, Facebook pointed towards a software bug as the cause. Facebook says the software bug is the reason that led some users to post publicly by default regardless of their previous settings. This problem was faced by around 14M people in the month of May.
Facebook stated that the bug had settings that led users to make new posts public even if their customizations said otherwise. According to Erin Egan, the Chief Privacy Officer in Facebook, the bug didn’t have any effect on the previous posts, and that it only altered settings of the new post. Facebook notified the affected users and posted publicly during the time the bug was active, advising them to review their posts.
Jonathan Mayer, a professor of computer science and public affairs at Princeton University, said on Twitter that this latest privacy gaffe "looks like a viable Federal Trade Commission/state attorney general deception case."
Facebook's 2011 consent decree with the FTC requires the company to get "express consent" from users before sharing their information apart from what’s in their privacy settings. The FTC is still in a position to take action against Facebook owing to privacy discrepancies.
Even though Facebook claims to have stopped the error by May 22, the previous privacy parameters could not be set until later. This mistake happened when the company built a new way for people to share "featured items" on their profiles. They say, while deciding on the settings of this new feature, they accidentally changed the settings of all new posts to public.