How could they be? Facebook should've acted more decisively when the Cambridge Analytica saga began to unfold -- instead, it was surprisingly slow to pick up on what actually happened. It shouldn't be a surprise that Zuckerberg was taken to task by some members of Congress for not acting on the Cambridge Analytica situation -- and some of the underlying issues that made the debacle possible -- any sooner. Zuckerberg conceded to Sen. Dean Heller (R-NV) that even though Facebook itself didn't sell user data to Cambridge Analytica, it happened on his watch and indicated that his company's responsibility should be to "prevent that and be able to take action sooner." Not long after that, he admitted in response to a question from Sen. Dianne Feinstein (D-CA) that one of his "greatest regrets in running the company" was that Facebook was "slow in identifying the Russian information operations in 2016."

While some representatives and senators spent their four or five minutes with Zuckerberg stumbling over themselves trying to look chummy, most pressed the young CEO for insight into the investigations and policy changes that have arisen because of Cambridge Analytica. And many of them were curious as to how quickly Facebook would be able to complete the crucial work of understanding the extent of its personal-data liabilities.

Consider Facebook's ongoing investigation into the tens of thousands of apps that had access to large amounts of personal data, like "This Is Your Digital Life," which is at the heart of the Cambridge Analytica scandal. When Rep. Jan Schakowsky (D-IL) and Rep. Bob Latta (R-OH) pressed for detail on how long it would take to complete the audit, Zuckerberg declined to comment on the time needed to review a single app but said the overall process would take "many months." (When Schakowsky asked if the audit could actually require years, Zuckerberg could only respond, "I hope not.")

To be clear, Facebook's stiff founder didn't spend his entire time on Capitol Hill fielding questions about Cambridge Analytica. Members of Congress also pressed Zuckerberg for answers about how quickly it could implement new privacy features and tools to help manage hate speech. Spoiler alert: He didn't have much in the way of fast fixes on other subjects either. Zuckerberg told Rep. Gene Green (D-TX) today that enhanced privacy protections like those afforded to European users under GDPR would be extended to others around the world. Naturally, this prompted someone else -- in this case, Rep. Jerry McNerney (D-CA) -- to ask when US users could expect such protections to kick in. Zuckerberg's response? "Congressman, we're working on doing that as quickly as possible. I don't have the exact date yet."

And while Facebook pledged to have more than 20,000 people working specifically on security and content review by the end of this year, Zuckerberg also noted the importance of artificial intelligence tools to better weed out dangerous conversations at scale. Such tools are already being used to root out terrorist propaganda and have seen significant success: The company said in 2017 that it can catch 99 percent of terrorist content before users flag it. When it comes to handling pervasive, divisive hate speech -- which Zuckerberg conceded can be hard to distinguish from "legitimate political discourse" -- the time frame widens pretty dramatically.

"Hate speech," Zuckerberg began. "I am optimistic that, over a five-to-10-year period, we will have AI tools that can get into some of the nuances -- the linguistic nuances of different types of content to be more accurate in flagging things for our systems."

Like it or not, Facebook has been a part of our collective social fabric for more than 10 years, and I wouldn't count on it going anywhere soon. Now that the company is more than a decade into its mission, though, it's only becoming more clear that the foundation Facebook was built on is flawed. Building something can be fast, as Facebook has proved. But fixing it? That takes time.