This is pretty unbelievable for a company that makes their money from ads. I would almost say this is commendable if true, but...
> We use the browser and app logs that apps and websites send to us—described above—in the following ways for non-Facebook users.
This is pretty misleading. It's like when FB basically secretly redefined "third party" to mean what was convenient for them. So we don't have "profiles" of non-FB users, and we would never "track" such users, but in lieu of that we store logs containing identifying information and use that analyze their usage?
I can understand since the profile isn't being used for advertising why this might be an okay simplification in casual conversation, but this is unacceptable in a letter to Congress.
I've only skimmed this but the rest of this isn't much better either. In another question by the same senator about how long they store deleted users' data they don't give a clear answer (at best we know in some cases it can be over a year). It also comes up a few times where they're very protective of ads targeting/excluding protected groups (which makes sense since targeted ads are their bread and butter). I haven't looked at the second scribd, but I doubt it's any more informative.
Judging by their replies they seem to be saying that they walk right up to the letter of the law in many cases. I wouldn't be surprised if it turns out that they're contradicting themselves.
It's high time people stop trusting FB altogether.
It is not unusual to provide written and more detailed answers to questions after testifying. This number of times he deferred was a perhaps a little unusual though.