Facebook is in trouble yet again. For Facebook, until now 2018 has been an “annus horribilis,” as the Romans used to say. Here are the major headlines:
Following intense criticism for its part in Russian influence over the 2016 US election, Facebook tweaks its news algorithm to minimize the influence of “fake news” sources — Facebook alienates the crypto community by banning all crypto ads — Facebook loses Belgian privacy case, faces fine up to $125 million — German court rules that Facebook use of personal data is illegal — Blackberry sues Facebook for patent infringement — News emerges that Facebook exposed data from 50 million user accounts to Cambridge Analytica — News report corrected — it was 87 million — Facebook faces four separate data privacy legal cases — Mark Zuckerberg apologizes to Congress — states his belief that North Americans need less data protection than Europeans — America deeply unimpressed — Zuckerberg summoned by EU parliament and UK parliament — sidesteps UK summons — Facebook announces its own blockchain research group, further alienating the crypto community — we don’t like your ads, we just like your technology — Facebook sued in the UK in a defamation lawsuit over fake ads — Facebook produces an apology video which doesn’t apologize for anything — GDPR day arrives, May 25th, and an immediate lawsuit hits Facebook in the face.
So now it’s June and…
The New York Times reveals that Facebook did deals with 60 device makers (including Apple, Amazon, Microsoft, Blackberry, etc.) allowing them “broad access” to your data. It turns out they’ve been doing such deals since 2007. And these deals still exist and, by the way, didn’t Facebook sign a consent decree with the Federal Trade Commission in 2011 that protected users from having their data shared with third parties without explicit consent. So much for that…
Also, as tweeted by Congressman David Cicilline (D-R.I.), “Sure looks like Zuckerberg lied to Congress about whether users have ‘complete control’ over who sees our data on Facebook.” True dat.
And to make matters a little more serious, it seems that Facebook was sharing your personal data with Chinese phone company Huawei — widely regarded by three-letter-agencies as an arm of the Chinese government.
But, seriously, if the Russians have this data, why not the Chinese?
Facebook’s response to the breaking news was along the lines of nothing-to-see-here, insisting that the data in question never left people’s phones, was not stored on Chinese servers, and it’s winding down its deal with Huawei soon anyway.
All in all, one would think then that this would be yet another nail in the coffin of the deeply unloved social network.
But — serious question — is Facebook too big to fail?
GDPR and The Big Battalions
According to French diarist Madame de Sévigné, Viscount Turenne was fond of saying “God is on the side of the big battalions” — a quote that is often erroneously attributed to Napoleon, who pulled off many a victory with small battalions.
Voltaire begged to differ. He suggested instead that God was on the side of those who shoot best.
For me, this contrast in views sums up the data privacy war that will be waged in the coming years.
Let’s turn our attention to GDPR. I will make no attempt at describing waht it is beyond the words “data privacy.” The GDPR legislation stretches out to 55,000 words — somewhat longer than The Great Gatsby by F Scott Fitzgerald — and believe me, nothing like as captivating. No-one is ever going to make a movie of it.
Nevertheless, it has a charm all of its own; it has thrown a monkey wrench into the well-oiled data exploitation rackets of Facebook, and Google.
They are the big battalions. Right now, their duopoly all but rules the digital advertising universe, accounting for 84% of the global market outside of China.
A fun fact, as an aside: GDPR regards certain categories of personal data as ‘sensitive’ and deserving specific protection. They include political opinions and religious beliefs and guess what? Facebook exposed such data to those 60 device manufacturers. Move along. Nothing to see here.
Life will no doubt become uncomfortable for the terrible twins as they face a series of GDPR legal challenges. They may have to deploy armies of lawyers, and they may suffer famous data defeats in historic trails. But they have adequate funds to wage a protracted legal war and to make the technology accommodations that may eventually be necessary to please the EU legislators.
Their profits may even diminish, but no-one expects them to turn to perish and turn to dust. They will make it through. Some observers are even speculating that, in a few years when GDPR has blended into the wallpaper, the terrible twins will be triumphant in the ad market.
The point is that, if Facebook and Google are in violation of GDPR, then it’s almost certain that their lesser competitors are too. And those companies are far more likely to be brought to their knees by the slings and arrows of data privacy legislation.
So it is possible that GDPR will strengthen rather than weaken the domineering duopoly.
But Who Shoot Best
You may think that way, but a different outcome is possible: that those who shoot best will defeat the big battalions.
We have entered an era where people are beginning to understand the importance of their data. They appreciate the power of AI-related technologies, because they witness it when Facebook and Google apply those big guns to determine which ads should be pushed in their face. Consumers might not understand how such mechanisms work but they know that those technologies monetize data, and they’d rather they worked on their behalf than be used against them.
GDPR has an important role in this. It provides the average Joe and Jane with a power they never previously had — the power to reclaim their data. Facebook may have exploited their data, shared it without permission, compromised it, printed money from it, but with GDPR in force, it will not be able to prevent you from taking your data back — from literally downloading it and storing it wherever you please.
What we need are businesses to which you can transfer your data, that allow you to secure and manage your data, and monetize your data. In fact, such businesses exist. I work for one, (Permission.io, formerly Algebraix) and it’s not the only one.
As such companies rise, Facebook will become vulnerable.