Cambridge Analytica and Facebook – did they put the individual at the heart of their data strategy?

With more headlines breaking over the weekend about the disinformation and misuse of personal data to effect global political campaigns, it brought home to us that our three key pillars; accountability, transparency and empowerment are paramount in this digital world.
The latest news that 50 million Facebook accounts have been accessed and data used to build profiles to assist with Donald Trump’s election campaign and steer the Brexit referendum by Cambridge Analytica is quite frankly – shocking.
The FT, that once hired Cambridge Analytica for market research purposes themselves, are calling this a data scandal[1].
There are calls for the ICO to investigate and MP Damian Collins of the Digital, Culture, Media and Sport Select Committee said he will call both Facebook and Cambridge Analytica to give further testimony.
There is also a Channel Four News expose due to air later this week, where reporters have gone undercover as prospective clients and secretly filmed the meetings.
And herein lies the rub. If the personal data had been sought by the organisation transparently – with full disclosure as to the purpose for its collection and subsequent use, all of this could have been avoided.

Research has shown that individuals are happy to share data when they are aware of the purpose its needed – whether this is for the betterment of society, health or a value exchange where they will be rewarded with better products, services or loyalty advantage.
“In an increasingly digital society, personal data has become a new form of currency. The biggest challenge for political and business leaders is to establish the trust that enables that currency to keep flowing” reported the Boston Consulting Group in ‘The Value of Our Digital Identity’ paper. The problem being, trust is continually eroded by acts of organisations working outside the parameters of best practice.
And best practice, when it comes to personal data – as we see it, is complying with the General Data Protection Regulation (GDPR) ahead of its enforcement date of the 25th May 2018 – just over two months away.
This takes us back to key pillars:
Accountability: is achieved when an organisation is completely accountable for its use of personal data – holding the individual, or citizen at the heart of their data strategy. Quite simply if you were to put yourself in your customers shoes how would you feel about the data you collect, use and share? Would you be happy? Does it feel like the right thing to do? If you think not, then ethically – don’t do it.
So, make sure your team are trained, privacy policy and statements are up to scratch, that cookie and acceptable use policies have been updated. And, should something go awry, own up, report it yourself, apologise to those concerned, learn from it and move on. In other words, be transparent.
Transparency: Being honest and open, showing your customers exactly ‘what’s what’ when it comes to their data. And remember – it is their personal data, never yours to own, you are entrusted with it as long as you have a relationship.
It comes down to building a digital understanding. Your customers need to understand, not just expect, that personal data is collected. They need to know what will happen to this data.
Look at these questions aligned to our Five W’s framework –

  • What data do you collect?
  • Why do you need it – for what purpose?
  • Who you will share it with?
  • Where is the data stored and when do you capture it?
  • When did you obtain permission and how long do you intend to keep it?

Again, it comes back to best practice, if you can answer all these questions you are in fairly good shape.
Now, if you asked your customers these questions – could they answer the same way?
Do you know if you were one of the 50 million Facebook accounts trawled by Cambridge Analytica? Would you want to know?
Let’s dispense with all these questions and move on. We all want to improve engagement with our customers, to build loyalty, reduce churn and increase profitability. After all, that’s what businesses and organisations are here for, however profitability doesn’t necessarily just mean the almighty dollar, or the bottom line. This can be a profitable relationship for all parties whether you are selling goods, raising money for good causes or helping society.
And there is one major hurdle to get over to attain all this, and that is trust. Without trust in your organisation you are going nowhere fast. It effects your brand reputation and shares too.
Facebook’s shares fell 4% on Monday when the news broke that app quiz “thisisyourdigitallife” breached regulations by harvesting friends’ data associated with those who took the quiz and sold that data to Cambridge Analytica.
So, to seek engagement and strengthen trust you must empower your customers.
Empowerment: You need to give back control of personal data to your customers, let them easily exercise their digital rights, as defined under GDPR:

  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erase
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. Rights in relation to automated decision making and profiling.

Helping your customers manage aspects of their own personal data alongside the six lawful bases of processing (as referred to in Article 6 of the GDPR) can seriously improve your data governance.
If customers can simply contact your call centre or log in and affect changes themselves, knowing you will act on this information and keep it secure, they will not only feel empowered, but it will build trust and probably result in them promoting your organisation to others.
Back in 2015 Symantec’s State of Privacy Report[2] showed that 88% of European consumers thought data security was most important when choosing a company and 86% thought the protection of their data was more important than the product quality.
This year’s Edelman Trust Barometer[3] showed that 56% of their sample felt companies that only think about themselves and their profits are bound to fail and that 60% of CEOs are driven more by greed than a desire to make a positive difference in the world.
Those are some surprising statistics – and ones that can be changed by doing the right thing.
So, to do the right thing by your customers when it comes to GDPR – Be Accountable. Be Transparent and Empower the individual.
Come and see us on stand 1462 of the B2B Marketing Expo, where we can help you to understand more about the effects of GDPR and how the Consentric platform can help you achieve compliance against many of the articles of the new legislation.
Our CCO J Cromack was quoted by Decision Marketing on this subject. Read the article here.
[1] Facebook in storm over Cambridge Analytica data scandal (18th March 2018)
[2] State of Privacy Report 2015
[3] The 2018 Edelman Trust Barometer, Global Report
Watch our quick example of what a Facebook user could do to exercise their data rights over Cambridge Analytica…