Mark Zuckerberg

The Death (and Dawn) of Personal Data Collection


The circus around Mark Zuckerberg’s Congressional testimony has died down, pundits have judged the Facebook CEO’s performance, and the attention-deficit disorder news cycle has moved on. But the true impact of his testimony, together with Spring 2018’s headlines about data collection scandals, will last a long time, and will be widely felt. Not just Facebook, but many thousands of firms will be forced to change their behavior – almost certainly including yours.

How We Got To This Point

Just to recap: Starting around 2003, Facebook and other social platforms held out a bargain to the world’s Internet users: We’ll give you lots of free stuff in exchange for collecting a lot of data on you. ‘Free stuff’ on Facebook started out as friends poking you and tagging you, then moved on to friends throwing sheep at you in games like Farmville, then moved on to News Feed, Facebook Messenger and eventually Facebook Live video streaming. For years we liked and clicked and emojied and Facebook kept its end of the bargain—it remained free to consumers. Because it figured out how to slice, dice and package its massive audience and all their data, it sold very cost-effective advertising. In the process, Facebook quickly ramped revenues into the tens of billions of dollars per year and its early investors made eye-watering fortunes.

Until some Europeans showed up to spoil the party, in two different ways.

First, European Union regulators showed up. They realized that Google and Facebook were paying a lot less in European taxes than other firms with equivalent revenues, so with a combination of regulatory power and the European courts, they extracted billion-dollar-plus sums from these American tech giants (likely to much cheering on their side of the Atlantic.) Building on this success, and hewing to European notions about what governments should do to protect their citizens, the EU began developing consumer data protection regulations now known as GDPR. Starting May 25, 2018, when GDPR went into effect, any company in the world collecting personal data on an EU citizen without that person’s explicit consent, or without protecting such data, or without deleting such data upon that person’s request, could face fines up to 4% of annual revenues. When it comes to data privacy, European regulators are fully awake.

Second, a UK-based firm called Cambridge Analytica showed up. They took full advantage of Facebook’s policy—since discontinued—of loaning user data to independent researchers and app developers, for research purposes. Cambridge Analytica wasn’t the first firm to leverage Facebook data (along with other sources) to build deep profiles of millions of online users. But they were arguably the most successful at using vast stores of online behavioral data to target messages that swayed elections of international significance (see: Brexit, Donald Trump.) Cambridge Analytica’s degree of law-breaking and Facebook-policy-violation will be up to the courts to decide, but one fallout from the scandal is clear: Now, a majority of web users are aware that their online data is being collected and used. When it comes to data privacy concerns, consumers are also awake.

The Tide is Turning in Consumer Understanding & Acceptance

It’s been clear for some time that Internet-based platforms and applications have been a boon for the collection of personal data. But beyond the recent scandals around the storage and accessibility of this data, average consumers are beginning to take notice of how pervasively companies utilize their data to tailor marketing, sales, and advertising messages to them.

In many cases, consumers view this as a fair trade-off. They see the convenience and personalization enabled by tracking and targeting as having real utility. It enhances their experience of a Web that can often seem vast, unfathomable, and unruly. Consumers are fine with this tracking & targeting when they explicitly agree to it. What the recent scandals have brightly underscored, however, is how much of this personal profile and activity data is collected as matter of course without the explicit consent of consumers. And how little (to no) control consumers actually have over the usage of—and access to—that data from everyone from corporations and marketing firms to governments and law enforcement agencies

A Clear & Present Danger to Marketing & Advertising

It’s hard to underestimate the impact of this shift on marketing and advertising. Personal data collection, and the subsequent targeting from it, underpins more than $225 billion in digital advertising (2017) worldwide. It literally determines the products we see, the content in our social feeds, advertising messages, movie recommendations, posts from our friends, & much, much more. (Frustratingly, data on us is often collected without our being asked any questions.)

From a business perspective, personal data has had a profound impact on driving down the costs of advertising, improving its effectiveness & ROI, developing new marketing techniques like influencer and content marketing, and introducing a level of personalization in marketing that consumers had never seen. The shutdown of access to this data essentially takes advertising back to the Internet equivalent of the roadside billboards of 30 years ago.

Although, we don’t expect a total regulatory reversal, it’s clear that pendulum on pervasive platform- and cookie-based tracking has swung too far and consumers are starting to rebel. The question remains: Where is that viable middle road that allows companies to gather enough data to develop effective, engaging marketing that provides real value and convenience to consumers—advertising that actually enhances their lives and not degrades it?

Let’s Throw a First-Party

The massive shift coming—for marketers, media properties, and most large companies with a digital presence—is going to play out in ways we can’t forecast in great detail. However, if one thing is clear, it’s that firms can no longer depend on audience data they bought, rented or bartered from another source, i.e. third-party data. Everyone now must get serious about collecting data directly from individuals, i.e. first-party data.

The oft-cited metaphor of ‘Data is the New Oil’ has its shortcomings, but it works in one sense: Just as having your own oil reserves is a strategic advantage for countries, having your own sources of data is a strategic advantage for organizations. A major part of German and Japanese strategy early in World War II was gaining access to oil fields outside their own countries. By the same token, any company’s strategy must include direct and sole control of data on its audience members – who they are, what interests them, and what they know. And just as oil needs to be refined in order to be useful, data needs to be constantly analyzed, refreshed and enhanced to deliver real value.

But, thanks to Facebook’s woes and GDPR, collecting all that data will increasingly need to provide both benefits and protection to the individuals providing it. Here’s what those benefits should include:

  • Tools for individuals to self-assess their needs in a meaningful way.
  • Tools which individuals can use to quickly understand their knowledge and skill gaps in important areas, with guidance on how they can improve.
  • Tools which reward user engagement with tangible benefits.

A recent Wall Street Journal opinion piece argued that consumers’ interaction on websites (liking, tagging, commenting, sharing, etc.) is a form of labor which creates data, and therefore value for site owners, and therefore users should be compensated in cash for their online activity. While this would upend the business models of Facebook, Google, Twitter and many others, the WSJ reports there are a dozen startups pursuing this idea, so perhaps it’s not that far-fetched.

Where Do We Go from Here?

It’s clear we’ve hit a tipping point when it comes to individual data and privacy. Nearly every company—large and small—that maintains a web presence and interacts with consumers online will have to rethink how they collect and use personal profile and activity data. We are going to see new standards, including explicit, individual consent, anonymization, profiling, data portability, and more.

But as is often the case, the end of one era heralds the beginning of another. At CredSpark, we think we’re now entering the age of Value-Driven Marketing, where companies—with the consent and participation of their users—build their own audience databases and in the process provide real, unique value to their audience through data-driven services. We’ll move away from the reliance on generalized, platform-based data collection and focus on collecting the data we truly need to provide the enhanced services, content, & products our customers truly want.

Consumers will have complete transparency on what data is being collected and how it’s being used. And companies will get the express permission they need to deliver the convenience, personalization, and value that customers crave. Value-Driven Marketing lays the groundwork for a more transparent, mutually beneficial pact among users, content providers, and advertisers. Hopefully, it can be the foundation of a much more useful (and less creepy) Internet Marketing.

Don't miss
another story.