In March 2018, the world learned that the private data of over 50 million Facebook users was secretly harvested by Cambridge Analytica and used on behalf of the Trump campaign to influence the 2016 presidential election. (We’ve since learned it was closer to 87 million users whose data was compromised.) For some, these revelations didn’t come as a shock — Facebook, after all, is a business built around personal data collection — but for many, these revelations prompted a profound awakening. First, to the fact that Facebook and other social media platforms are collecting more data than we realize. Second, to the fact that Facebook isn’t necessarily keeping that data a secret. And third, to the fact that our data may seem inconsequential, but can be used to do extraordinary things — like choose the next president (whether we vote for that candidate or not).
On a separate front, The EU has been playing a far more proactive role in protecting the data and privacy rights of its citizens. In May, the General Data Protection Regulation (GDPR) will go into full effect. This new legislation overhauls 23-year-old data collection and privacy rules and solidifies new privacy rights for individuals — most notably, the “right to be forgotten” and the “right to data portability”. It also requires data collectors to obtain “freely given, specific, informed and unambiguous” consent before collecting and storing user data. These new rules are setting the tone of the discussion surrounding Facebook and offer a glimpse into the future of U.S data collection and privacy rights.
In the month since the Cambridge Analytica story broke, Facebook has continued to hemorrhage scandals and leaks, and — most recently — Mark Zuckerburg has been testifying to congress about privacy and data collection practices within his company. Up until now, U.S.-based companies have been largely self-regulated when it comes to the privacy of their users, but Facebook’s blunders have lawmakers spooked. Most large U.S. based companies are already becoming GDPR-compliant because of the business that they do in the EU, but everyone else should take notice — these rules are going to come to your business, too, and soon. If regulators don’t act, consumers will; and as small-business data collection becomes more centralized with SaaS platforms like HubSpot and Marketo, those companies will be sure to bring their users into compliance.
Before you get too worried, the businesses who will really suffer the most from these changes are the ones who incorporate unsavory data-collection tactics into their marketing strategies — tactics like purchasing email lists and omitting or hiding opt-out options for users. If you work with a reputable marketing team, you’re probably not facing a risk of damage to your wallet or reputation. However, there are a few things for your marketing team to consider moving forward:
Waypost Marketing is a digital marketing agency with integrity, serving small-to-medium sized, growth-focused businesses in the Southeast. We are a trusted HubSpot and Google Partner agency, and we advocate for transparent marketing practices that offer real value in good faith to informed users. If you’d like to know more about how we can grow your business, contact us today.