With 2.1 billion active users, Facebook presents an exceptional opportunity for targeted marketing and businesses interested in harnessing the power of consumer data. In fact, there are now entire industries devoted to collecting and selling personally identifiable information. Unfortunately, the swift expansion of social media, with its tantalizing trove of consumer information, has left lawmakers playing catch up. However, that’s about to change, thanks, in part, to the scandal surrounding Facebook and Cambridge Analytica and its intersection with the General Data Protection Regulation (GDPR), an EU law governing data protection and privacy for all individuals within the European Union.
The GDPR effect
Though the GDPR will not take effect until May 25, 2018, if the breach of 50 million user account had happened while the law was in place, it would have resulted in a costly error for Facebook. As Austrian privacy campaigner and Facebook critic Max Schrems was quick to point out, had the unauthorized the sharing of profile data to Cambridge Analytica occurred while the GDPR was in effect, it “would have cost Facebook 4 percent of their global revenue”, somewhere in the ballpark of $1.6bn (€1.3bn).
But even before the Cambridge-Analytica story grabbed headlines, GDPR implementation was set to trigger significant changes to Facebook’s business operations. According to Reuters, Facebook faces a double-edged challenge: comply with the new GDPR rules and allow European users to opt out of targeted advertising, or violate the GDPR and face fines of up to 4% of the company’s annual revenue. Considering 24% of Facebook’s ad revenue comes from EU users, either course of action represents a significant hit to profits for the company. And with global adoption of GDPR-type privacy protocols beginning to take hole around the world, Facebook and its social media cohorts will need to adapt to the changing consumer data landscape.
A global movement
Though the EU primarily applies directly to data from EU citizens, it also controls the flow of personal data from within the EU to countries outside its borders. With US and UK legislation probable, this new era of data security means enormous changes in the way companies do business. As a result, international adoption of the GDPR’s privacy protocols is already taking hold around the world as counties begin to change their own data privacy rules.
How businesses can prepare
So how can business owners make sure they do not follow in Facebook’s footsteps? Companies entrusted with customer data must first acknowledge their responsibility in keeping that information secure. It is not enough to create a security protocol; organizations must also enforce and audit those policies. Robust and comprehensive quality analysis is also crucial, especially in light of the GDPR Article 5 mandate requiring the personal information of individuals within the European Union (EU) be current and accurate. Finally, the use of contact data, especially when it comes to combining information from different sources, should also be monitored. It is not enough to know your information is accurate; you must also make sure you are using it in the manner it was intended to be used, both legally and ethically.
The benefits of data quality best practices
Though many businesses are still unprepared for the GDPR’s May 2018 deadline, it seems clear this latest scandal involving Facebook and Cambridge Analytica will spur many businesses into action.
The good news is implementing data quality best practices to comply with Article 5 makes good business sense. It will save organizations considerable money in the form of streamlined marketing and sales campaigns, improve overall customer service and reduce the waste associated with bad contact data.
Service Objects can help you get a better understanding of the role your customer data plays in becoming GDPR compliant. Send us up to 500 records (it is a 100% secure process) and we will provide you with an overall score of the quality of each record based on fields such as name, phone, address, email, IP, and country. Get started today.