Gigya is now SAP Customer Data Cloud. Learn more
Forrester logo Download the report

The Great Cambridge Analytica Data Mining Disaster, Part II

We live in interesting times, indeed.

When we blogged about this last week, it was unclear just how big the ramifications of the revelation that Facebook had, prior to a major privacy policy update in 2015, allowed third party analysis consultant Cambridge Analytica to scrape the personal data of more than 50 million users from its database. And, it also turned out that some of that data was allegedly used to potentially influence millions of U.S. voters during the election.

Today we know that the U.S. Federal Trade Commission is, indeed, launching a formal investigation into the affair, in order to determine whether the Menlo Park company has engaged in “unfair acts that cause substantial injury to consumers.” Facebook shares are taking a further beating on Wall Street as a result.

As to what this data was used for, I’ll turn to an interesting discussion I recently heard on NPR’s Morning Edition between host David Greene and Luke Thompson, a political data strategist who was approached in 2014 by Cambridge Analytica, asking if he was interested in working with them.

Thompson ultimately turned them down, for two main reasons. First, he felt that the “psychographic mapping” analytics they were offering didn’t hold up to much scrutiny, stating, “The argument that you could…gain these massive efficiencies…based on sort of mindsets, didn’t make a whole lot of sense to me when…probably the easiest way to learn what people think about politics is just to ask them about politics…” In other words, you’ll learn more about people by simply asking them their preferences, rather than inferring. And, this also happens to be what most of us prefer.

Secondly, Thompson was suspicious of where the data originated, adding, “I think there’s a really clear line that needs to be delineated between first-party data…and using publicly available data or commercially available data to create efficiencies in messaging.”

I’d add to that a caveat: When collecting first-party data from a person, it’s now imperative to be transparent about what that data will and will not be used for, get the person’s permission to use it for that purpose alone, and give them the ability to view, download, change, freeze or delete the data at any time.

The truth is, as consumers, few of us are OK with the idea of our information being pilfered and used without our knowledge. Just as in our personal lives, privacy is tantamount to trust when it comes to the relationships we have with businesses. After all, relationships work best when they’re established on a two-way basis, with transparent communication and a balance of power between both parties, something all organizations should bear in mind as regulators increasingly focus on consumer rights.

From our perspective as a leading customer data management solutions provider, we feel that the key to winning and maintaining the trust of consumers is to proactively build transparency into the customer experience at every interaction, and to give customers control over what information they share and what is done with it. In our experience implementing our solutions for more than 700 global brands, taking this approach pays dividends far beyond risk mitigation.

That is why Gigya, now a part of SAP, offers products that help global enterprises like ASOS, Bayer and L’Oreal deliver great, omnichannel customer journeys while addressing consumer privacy and data protection requirements by:

  • Connecting users with brands through secure registration and login features that are built and implemented on “privacy by design” principles.
  • Baking real transparency into the digital user experience and giving control to customers through comprehensive preference and consent management functionality.
  • Driving better orchestration and governance of customer identity, profile, and consent data across the digital technology stack, using advanced profile management and data integration capabilities.

For social data in particular, it’s important that brands request permission only for data they need to enable a function or service, be transparent when communicating how that data will be used, and keep terms of service and privacy policies consistently up to date and — especially considering recent events — easily accessible to all users.

What’s the takeaway? What I’m seeing is this: Organizations that take steps now to ensure that they are collecting and processing consumer data and it’s consented use in a responsible and respectful manner will have a leg up on the competition. Going forward, only by offering a truly transparent digital experience can businesses drive the large-scale, data-driven marketing, sales, services and product programs that can set them apart in a fiercely competitive global marketplace.

Remember, when it comes to the issue of consumer privacy, no business is “too big to fail”.

If you’d like to hear how another big company is preparing for the GDPR, check out a recent webinar where FranklinCovey CISO Blaine Carter and I discussed key features of a successful data protection and consumer privacy initiative.

By Rashmi Vittal

Gigya has updated its Privacy Policy as Gigya, Inc. has been acquired by SAP America, Inc. and Gigya has updated the information regarding how we collect and use your Personal Data. You can see the updated Privacy Policy here.