Right now, Facebook’s stock price is falling. It has fallen 15% from its high point at the end of January. Given Facebook’s current embarrassment with Cambridge Analytica, the political data analytics firm, it is probably destined for further decline. The facts, as reported by the media, are that Cambridge Analytica harvested “private information” from 50 million Facebook users in its efforts to influence the 2016 US election.
Cambridge Analytica performed psychographic modeling on that data. Psychographic modeling involves analyzing people’s behavior according to their attitudes, values, and lifestyles. This is in distinction to modeling based on socio-demographic factors such as household income, living environment, profession, marital status and educational level. In some areas of behavior, psychographic factors are better behavioral predictors than socio-demographic factors, and this is the case when it comes to how someone will vote.
Naturally, both psychographic and socio-demographic data have predictive value across the full spectrum of consumer behavior. However, a curious aspect of psychographic modeling is that people rarely know what their psychographic profile is while they always know what makes up their socio-demographic profile. This is why some analytics companies, Cambridge Analytica included, will claim they can discover more about someone than they themselves know.
There’s something wrong with that, don’t you think?
Never Mind, Here Comes The Cavalry…
US social network businesses, Facebook in particular, will be in for a rude awakening when the GDPR Juggernaut rolls up and knocks on their door. (If you want the nitty-gritty on GDPR read these three articles: GDPR: Goddam Privacy Regulations, Got a Data Protection Officer? and What Are Those Data Rights?) If you don’t have the time for that, then here’s a very brief summary:
- If you live in the EU, you own your data.
- If any business anywhere in the world violates that data, they are breaking the law and can be fined up to 4% or their annual revenue, in a European court.
- GDPR comes into effect in May 2018.
There are data laws in the US that Facebook may have violated by enabling external access to its customers’ data, and in the EU too, of course. But if they allow such an exploit to occur to the data of even a few EU citizens after GDPR day in May 2018, the EU will fine them into oblivion. Facebook is probably already in the crosshairs of EU data protection enthusiasts.
One of the nuances of European Data Protection Law is that a business has a responsibility both for the personal data it holds and for what happens to that data if they enable any other business to use it — and by the way, they can only do that if they get permission for such use.
The Facebook Debacle
The dodge Cambridge Analytica pulled on Facebook to harvest a huge personal data resource was not original. Other Facebook app builders with different motivations have reportedly pulled the same trick. US citizens have never previously cared much about data rights — but they do now. Go to twitter and search on #Deletefacebook to get a sense of this. And, late to the party but sure to turn up, US politicians are now beginning to discuss legislation on Data Rights.
The beginning of the end for Facebook? Maybe.