How would you feel if you discovered your personal data had been harvested by a powerful organization to influence a presidential election?
That’s exactly what millions of Americans experienced in the Cambridge Analytica Facebook scandal. It all started when Cambridge Analytica, a political consulting firm, used a Facebook-linked app to obtain data from Facebook users and their friends without their friends’ consent to influence voters in the runup to the 2016 U.S. presidential election.
When it was all said and done, approximately 87 million people had their personal information stolen without their consent. Fortunately, Facebook is taking steps to make sure mistakes like this never happen again. Facebook CEO Mark Zuckerberg responded to the scandal in testimony he gave before Congress.
So, what does this massive breach of trust mean for marketers? After all, one of the most important aspects of successful marketing is collecting and accurately analyzing customer data on a daily basis. There is a responsibility to practice ethical customer data collection and protection that can’t be ignored.
In this post, we’ll discuss how Facebook plans to avoid data breaches like the Cambridge Analytica scandal and what marketers can do to practice ethical customer data collection.
First and foremost, it’s important for marketers to know what Facebook plans on doing to prevent further breaches. The decisions will almost certainly impact your Facebook marketing strategy.
With the Cambridge Analytica Facebook scandal now common knowledge, Facebook publicly stated they “are announcing some important changes to take on potential past abuse and to help prevent further abuse of our platform.” The introduction of stricter access to information from linked apps and restrictions on the information people can share with developers are just two of the improvements Facebook is concentrating on.
Check out the six main changes Facebook will be adopting over the next several months:
According to Zuckerberg, Facebook will investigate all apps that had access to user data before drastic changes limiting access were introduced in 2014. Apps that refuse to undergo a full audit will be banned from Facebook, while those with suspicious activities will be publically banned.
In an effort to avoid a repeat of situations like this, Facebook will begin immediately notifying people if an app has misused their information. This includes measures that will allow people to see if their data has been accessed in the Cambridge Analytica Facebook scandal.
A Facebook representative stated, “If someone hasn’t used an app within the last three months, we will turn off the app’s access to their information.” Less access from apps means fewer chances for breaches to occur.
A new version of Login is coming soon that will reduce the data an app can request without going through login review. The new login restrictions will be limited to just a username, profile photo and email address.
Facebook will be introducing a new tool that will allow users to revoke permissions of the apps that have access to their data. This feature will appear at the top of the News Feed.
Facebook’s existing Bug Bounty Program will receive an expansion that makes it easier for people to report misuses of data by app developers. This will help Facebook remain accountable to their users while also holding app developers accountable for the way they handle user data.
While it’s clear Facebook has a long road ahead on their way to regaining people’s trust, they appear to be on the right track. In his March 21 update on the Cambridge Analytica scandal, Zuckerberg was adamant in acknowledging Facebook’s responsibility to protect customer data and earn their trust.
“We will learn from this experience to secure our platform further and make our community safer for everyone going forward,” he said.
For many years, Facebook has served as an incredibly successful marketing channel thanks to its massive audience and sophisticated advertising platform. Despite recent events, it remains a viable marketing channel. However, the data breach should serve as a wakeup call to marketers and the way they approach customer data collection.
Here are four best practices marketers should adopt to ensure ethical customer data collection going forward.
SSL (Secure Sockets Layer) protects sensitive data, like credit card information, passwords, social security numbers and usernames, from being stolen. It works by scrambling data as it passes between websites and their servers. It’s easy to find out if your site has SSL or not—simply look to see if your web address is “http” or “https”.
Https means the site is safe and secure.
Http means it’s unsecured and vulnerable.
Adding an SSL certificate to your website can be a quick fix, and it provides a powerful layer of security that ensures your clients’ data remains safe and sound.
It’s fun to see your customer database grow, but it’s also important to ensure you’re only contacting people who have opted in.
This reduces your risk of misusing customer data and violating regulations such as the newly updated General Data Protection Regulation (GDPR), which takes effect May 25. This regulation is designed to protect the personal data of EU citizens and includes several new provisions, as well as harsher penalties for violations.
New provisions include requiring customers to give explicit consent for receiving communications and be informed of their right to withdraw consent. Consent cannot be inferred from silence, pre-checked boxes or inactivity. Additionally, customers have a “right to be forgotten” and a right to obtain a copy of their data.
In addition to being required by law for all organizations that collect data from customers in the EU, these additional provisions are considered best practice for all inbound marketers to follow. Consult your legal team to determine what your obligations are under the new GDPR and what updates you need to make to ensure compliance.
People like to know their data is not being sold or exchanged without their explicit consent. The key word here is explicit. Don’t bury privacy information in the fine print—that will seem dishonest. Be transparent about your data practices from the beginning, and tell people exactly how you will use their information.
Make it as easy as possible for people to find the information they’re looking for. In other words, don’t write a novel like Apple did with their 6,800+ word Terms and Conditions for iTunes.
Whether you’re an agency, department or one-person show, you need to have a standard operating procedure (SOP) in place for data collection. A new hire should be able to come in on Day 1, read your SOP and immediately understand which practices and methods are acceptable and which are prohibited. It’s always better to be safe than sorry.
Adopting these four methods will help you create a safe, secure environment for your customers’ data and will focus your efforts on honest collection practices.
Data is an integral part of marketing, and it’s not going away any time soon. In fact, it’s only becoming more important, which means marketers need to safeguard their clients’ information and maintain professional standards of data collection.
The Cambridge Analytica Facebook scandal was a hard lesson to learn, but it does give you an opening to prove to your clients their data is in good hands with your brand. Be transparent about your data collection standards and emphasize the ethical value your brand upholds. Let them know you are trustworthy and value protecting their privacy just as much as they do. Be sure to notify them of any changes in the way you collect or use their data.
By following these standards, you’ll be able to maintain healthy, profitable working relationships with your clients that reap the rewards of responsible data collection and analysis.