Just 14 years ago, thefacebook.com was launched from a Harvard University dorm room as a tool to help connect people at the university. Today, Facebook has nearly 2.2 billion users worldwide, and its primary purpose is anyone’s guess.

Connecting people? Targeted advertising? Data mining for political campaigns? Homeland security?

The answer may be all of the above, and possibly more. For most of us, Facebook is a way to share information and keep up with interesting stuff: family and friends, news events, inspirational memes and cute cats.

But recent disclosures about how Facebook and other companies use our data should give us pause — and drive us to be more careful about using social media in general and Facebook in particular.

In March, news media outlets revealed that a research company called Cambridge Analytica allegedly harvested the personal information from millions of Facebook users to build voter profiles, which it could sell to political campaigns. The estimated number of those affected: 87 million. It’s doubtful they all volunteered to participate.

The ensuing uproar called into question just how well Facebook is protecting our data, and sent Facebook founder Mark Zuckerberg to testify before Congress last week, where he apologized profusely and promised to do a better job protecting people’s personal information.

But how social media networks use our information continues to evolve, well beyond our ability to keep up. One thing is beyond debate: As a Facebook user, your personal information isn’t entirely your own. It’s a commodity, used by Facebook to sell advertising. And Facebook closely scrutinizes it all, even data-mining personal information on other websites.

In questioning Zuckerberg, Hawaii’s U.S. Sen. Brian Schatz suggested that because Facebook provides advertisers with user data so they can better target their ads, “it seems to me we don’t own our own data, otherwise we’d be getting a cut.”

Zuckerberg’s response: “You are granting us a license to show it to other people. That’s necessary in order for the service to operate.”

True enough. But the information need not just be used to sell you a particular refrigerator or promote a particular political candidate.

Zuckerberg told Hawaii’s other U.S. senator, Mazie Hirono, that he would not “proactively” help the Immigration and Customs Enforcement (ICE) gather data on users the agency might be interested in. But he did not rule out cooperating with law enforcement if it had a “valid legal subpoena or request for data.”

The internet has eroded our expectations of privacy. We understand that most commercial websites harvest whatever information you provide, and that there is a lot of sharing: We’re not surprised to see ads for Toyotas appearing on our Facebook feed shortly after visiting a car dealer’s website.

But Facebook’s size and ubiquity make it unique. It’s a behemoth built on our trust, our willingness to share the most personal information on a platform with imperfect security controls. If you seek comfort from your friends about your cancer diagnosis, it’s possible you are sharing that medical information with those who could misuse it.

What’s to be done? Facebook says it will allow users to set privacy and security preferences from one location, rather than about 20 different places. That would help, but only if the controls are simple, clear and comprehensive — giving the user full and effective control.

Members of Congress talk about new regulations, which would need to be limited, perhaps to standardized privacy rules that more fully protect users of social media networks. Broader regulations could implicate free-speech rights or fail to anticipate evolving technologies.

The most effective safeguard, of course, is our own reticence. Even with stricter privacy controls, we should put online only information we are really, truly willing to share with the world. Pause and think before pushing that button to send — or to like, share, comment, reply or emoji.