Facebook was built on user trust, but the company is now seeking to rein in shady actors like Cambridge Analytica. But what’s Facebook’s strategy when it comes to policing itself? Is this the logical next step in Facebook’s attempts to restore its tarnished reputation?

Four months ago, Facebook fired Cambridge Analytica for hacking a 270,000 users’ Facebook data. Facebook claims it was Cambridge Analytica’s server and that it used the improperly leaked information to “microtarget” voters. The firm didn’t deny the breach, even as it tried to wrangle data. Facebook has already written off the loss of $1 billion because of the data breach. That doesn’t count the damage to the reputation of a company that went from multibillion dollar juggernaut to shambles overnight.

Last month, The New York Times and The Guardian reported that Cambridge Analytica used private Facebook data to influence the 2016 U.S. election. Cambridge Analytica confirmed the use of Facebook data but denied how it used the information. That claim turned out to be based on a photo comparison tool developed by BuzzFeed News that was examining how the data was being manipulated. There was no evidence that Cambridge Analytica used the software on its own to target ads.

The scandal shone a light on political tactics we’d never heard of: data hacking, hacked data, and voter targeting. It also showed Facebook didn’t do enough to monitor apps and prevent misuse of its data. Facebook finally confirmed that the exact data that was leaked was not the data used to psychoanalyze friends, but a look through its Instagram, WhatsApp, and Messenger app’s databases of profiles and data profiles is common.

That’s how the initial data breach was used to microtarget voters with political ads.

But now, Facebook is going on the offensive. Last week, it announced that it would be suing Cambridge Analytica and New York Times reporter Nick Kristof for getting the ball rolling. The Times case was filed over his October article, “Facebook Says Cambridge Analytica Committed Data Violations and Is Behind a State-Run Dark-Money Conspiracy.”

Another newspaper, The Guardian, said in November that Facebook was engaged in a “vaguely defined set of litigation” to pursue other tech firms for exploiting the information of its users. That story reported that Facebook is attempting to sue most major tech firms including Facebook owned Instagram, Google/YouTube, and Apple.

In fact, it appears that Facebook is going all-in, taking the platform of more and more regulators and giving its legal hand to the lawyers. Facebook created the roles of General Counsel and Chief Privacy Officer with these two positions being brought in to report directly to Mark Zuckerberg. There are also three new Internal Privacy Review Officers.

What does this mean for Facebook users? First, it means that Facebook is not going to fight these cases, as it is fighting so many previous lawsuits. Facebook may want to aggressively tell its own story of mishandling of data, but it will have trouble convincing others in the public and the courts that Facebook deserves to be treated the same as everyone else.

Second, any fraudulent infringement by a company like Cambridge Analytica means the company is liable. That’s the first step to pursuing a class action lawsuit that would impose a fine. What could be especially intimidating, or possibly lead to a filing of a proxy with the U.S. Securities and Exchange Commission, is that Cambridge Analytica was claiming to be a research arm of Facebook.

Meanwhile, Facebook is making the rounds to mend the fences it need. Facebook has recently hired Ted Murphy, a former federal prosecutor, to assess its law and ethics in the aftermath of the Cambridge Analytica scandal. Additionally, Facebook’s Chief Security Officer Alex Stamos has recently resigned after reports that he was involved in requests to take down a Russian interference account during the U.S. election. There is likely more to come.