It seems like each day we hear ever more scurrilous information about data harvesting at Facebook. The data scandal around third-party apps and election influencing just refuses to die down. With the GDPR fast approaching this year, all companies need to take a more responsible attitude to the collection and storage of customer data. So what can brands learn from the scandal?
Don’t just be open with your customers, be completely transparent
Once upon a time you could tuck your data protection and privacy statements under a link on your website, safe in the knowledge that the information was online somewhere. Indeed this was Facebook’s defence following the Cambridge Analytica scandal: that every user had been aware of their terms and conditions when they signed up to open a Facebook account.
But, as Chris Albert, SVP of Digital Research and Analytics at Ketchum, says, "Twenty-page terms and conditions statements with data usage hidden for a single app download don’t cut it anymore.” Brands must ensure that their customers are not only able to easily access their data statements, but that their customers also understand them.
ProSieben has led to way in this regard by establishing, together with RTL and United Internet, the Login Alliance, which allows users to access all partners’ internet services using a single log-in with clear and transparent standards as to how their data will be used and stored. The benefit to brands? Adherence to new ePrivacy laws and complete confidence for customers. Zalando is the Alliance’s first partner.
Be careful who you share your customer data with
Facebook has announced some important measures such as a full audit of third-party apps before 2014 and a limit on the amount of data a user has to provide when signing up for an app to restore consumer confidence in their product, but trust in Facebook is still at an all time low. Noah Finn, managing partner at brand agency Finn Partners, says: "If brands are sharing their info with Facebook, and people don’t trust Facebook, there is certainly risk in that".
Customers agree to share data with Facebook every time they use their login to access third-party internet services. Brands offer this service due to convenience (often customers don’t have to create a separate login on their platforms), but this transfers a huge amount of data to Facebook which is then stored in the US, and it is debatable whether customers are aware of what data they are sharing every time they do this. See example from the to-do app Wunderlist below:
ProSieben’s Login Alliance offers an alternative to this. It offers a single convenient login to customers, but ensures that their data is securely collected, processed and stored in the EU, in compliance with European law. The Cambridge Analytica scandal occurred not because people took a third party personality quiz and gave the company access to their Facebook profiles (nothing wrong with this), but that their friends’ data was also accessed without their consent and sold to other organizations. Ensure that any external organization you rely on to handle data on your behalf is compliant with your data protection policy and, even more importantly, hold them accountable if a data breach occurs.
Don’t just rely on one marketing channel
Facebook is a huge advertising channel but even before the scandal broke there was evidence of users and brands alike turning away from Facebook entirely. The scandal served only to highlight and accelerate this. High profile users such as Will Ferrell and Elon Musk have deleted their accounts, businesses such as Mozilla, Sonos and Commerzbank have stated they will not advertise via Facebook until further notice, and the #deletefacebook movement encouraged by Whatsapp’s original founder has gained significant traction.
Facebook is perhaps the largest, but will certainly not be the last data organization embroiled in scandal. A multi-channel marketing strategy is not only sensible from a communications perspective, but also ensures when scandals arise your strategy requires only the most minor adjustments.
Prepare for effective initial crisis communications
This Facebook scandal is an example of exactly how not to communicate in a crisis. Writing for Fortune, Crisis Communications Expert James Haggerty commented that in 12,000 examples of corporate scandals, one common element was that the company in question botched their initial response. Both Zuckerberg and Sandberg took five days to respond to initial accusations, a lifetime following a scandal of this nature, with Zuckerberg also roundly criticized for refusing to appear before a UK parliamentary inquiry. During this time the story moved to focus on Facebook’s silence. When he finally issued a written response, Zuckerberg also failed to address many of the accusations directed at Facebook, leading the media to suspect further wrongdoing.
Could Facebook, one of the world’s largest data centres, have foreseen a scandal like this? Certainly. Should they have prepared initial effective crisis communications? Definitely.