Melissa is a mother of 2, lives in Utah, and writes for a multitude of sites. She is currently the EIC of HarcourtHealth.com and writes about health, wellness, and business topics.

One of the dominating news stories of the last week has been the Facebook CEO Mark Zuckerberg’s testimony to a Senate committee investigating the huge data breach committed by his company and how Facebook handles users’ privacy.

During an uncomfortable five hours of testimony, Zuckerberg, aged just 33 and worth an incredible $64.1 billion, formally apologized to Congress for the mistakes that led to the Cambridge Analytica situation and reiterated that Facebook is reconsidering its responsibility to its users and society in general.

Data firm Cambridge Analytica, accessed information from at least 87 million Facebook users without their consent or knowledge.

Zuckerberg said he was generally open to regulation “Part of the challenge with regulation, in general, is that when you add more rules that companies need to follow, that’s something that a larger company like ours has the resources to do,” he said.

One area of privacy that Mark Zuckerberg has been busying readying Facebook for, is in preparation for the EU’s General Data Protection Regulation (GDPR), which comes into effect May 25, and regarded as the most important change in data privacy regulation for two decades. Just last week, prior to the hearings, Mark Zuckerberg said that he intends to put into place Europe’s GDPR throughout its entire global network of users, and not just users within the EU. The adoption of the GDPR as a global policy would mean that all Facebook users could exercise their data rights, which include users restricting Facebook from processing their personal data should they have cause to believe that their personal data is being abused or misused.

The need for global compliance in line with GDPR laws is heightened by the hefty fines that comes with non-compliance. Up to €20 million or up to 4% of your company’s annual revenue, whichever is higher, could be imposed if a company is found in breach of the GDPR laws after May 25th 2018.

“Overall I think regulations like this are very positive,” Zuckerberg said, “We intend to make all the same controls available everywhere, not just in Europe.” Zuckerberg continued “Is it going to be exactly the same format? Probably not. We’ll need to figure out what makes sense in different markets with different laws in different places. But let me repeat this, we’re going to make all the same controls and settings available everywhere, not just in Europe.”

The decision to adopt fully the GDPR marks a shift from previous statements and plans regarding the GDPR. Previously, Facebook hinted that only specific features complying with GDPR would be implemented worldwide. However, as we watch Mark Zuckerberg sweat under the spotlight of his privacy errors, it’s easy to see why Facebook is now taking a much more stricter approach to data and privacy.