This month the continuing fallout from the Facebook / Cambridge Analytica scandal has dominated public recall of business news.
Using data about the electorate to inform political campaigns is nothing new. What makes this story noteworthy is the questions it raises about privacy and the use of personal data to target voters and influence election campaigns.
This story crystalises growing public concern about malign use of Big Data. It also supports the narrative that a metropolitan elite manipulates the behaviour of the public for its own benefit, undermining confidence in politics and business.
The risk to business is that – as with the banking crisis – politicians may enact punitive and highly restrictive regulation which stunts the growth of the technology sector and damages the wider economy.
From hero to villain
For many, in just over a decade, Facebook has gone from the poster-boy of socially informed capitalism – promising to connect people across the world, create a space for dialogue and empower social movements, all whilst making a healthy profit for shareholders – to a data harvesting machine which damages social cohesion with targeted advertising and campaign messaging that creates ‘echo chambers’ and polarises opinion.
The Cambridge Analytica revelations have had a serious impact on Facebook and Mark Zuckerberg. As my colleague Ben Lloyd wrote in CorpComms, 30% of people have considered deleting their Facebook accounts since the scandal.
Further, Facebook’s Reputation Credit Score has decreased significantly while its Intensity Score has increased. This means that people have a poorer view of Facebook and hold this conviction more strongly.
For Zuckerberg the scandal is personal. He can forget any political ambitions he may have had when hiring Joel Bennenson – pollster to Obama and Clinton – at least for the time being.
However, the scandal is also bigger than Facebook. Many are concerned about technology’s ability to allow businesses to compromise the privacy of the public.
With Amazon filing a patent for ‘voice-sniffing’ technology for its ‘Echo’ smart speakers, which are able to listen to users and build up a detailed picture of purchase preferences for marketing purposes, this future is knocking at the door.
Progress always means compromise. What makes the 4th industrial revolution different from previous economic step-changes, is that consent underpins the drivers of change. Facebook relies entirely on the public giving up data for free and agreeing to terms and conditions which few understand or even read.
The public have never been more in the driving seat, though up until recently they have been asleep at the wheel. In a Europol backed experiment in 2014 aiming to show the dangers of sharing data online, Londoners were invited to sign up for free WiFi, accepting terms and conditions including ‘the recipient agreed to assign their first born child to us for the duration of eternity’. Whilst this was not legally enforceable, it served to show what many of us know – that few people read the terms and conditions.
Have the public woken up to the implications of sharing person data online?
Time will tell, but for now, legislators are being called upon to take action to protect naïve consumers.
What makes these issues difficult for legislators and the public alike is that they are both philosophical and technical.
On the one hand, this story raises a range of profound questions: What is public and what is private? Can people be trusted to act rationally and make informed decisions about themselves? If individuals can give away personal data, who has the rights or responsibilities for it? Can those using others information use it for any purpose, or only specific purposes?
These are all big, complex questions raised by this scandal. The legislative answers to these philosophical questions should not be framed by this singular example of bad practice.
On the other hand, this story demonstrates a clear misunderstanding of what social media companies do and how they do it.
Congressmen betrayed their poor understanding of technology when they let Zuckerberg off the hook in Congressional hearings earlier in the month.
Sen. Orrin Hatch of Utah asked ‘How do you sustain a business model in which users don’t pay your service?’ Zuckerberg answered ‘Senator, we run ads’.
Legislation clearly needs to be updated in the UK and across the world. Though amended, the UK Data Protection Act dates back to 1998 – a time of floppy disks, dial up and before Facebook.
The General Data Protection Regulation (GDPR), an EU wide policy that governs data protection in the internet world, is the first attempt to legislate on data protection comprehensively in the EU since 1994.
It is unclear whether this will be sufficient to stem public concern over online privacy. It is also unclear whether legislators are capable of forming legislation that is tight enough to protect consumers, but doesn’t harm the businesses that depend on Big Data.
As the online Wild Wild West looks to be coming to an end, tech companies undoubtedly have data protection skeletons in the closet. With public attention now focused firmly on privacy problems, we should anticipate further revelations involving other online giants.
Tech companies need to learn lessons in reputation management from the banking sector. They should be proactively testing the best – or least bad – way of communicating about emergent scandals in the sector.
Companies should also do all they can to stop historic scandals emerging slowly over time – as has happened in the financial sector – because the slow drip of scandal undermines the public’s confidence in companies as they are forced to apologise again and again for historical misconduct.