Cambridge Analytica & the Big Data Question

Big data is the best thing since sliced bread to a Marketer (we like bread). Even “little” data is something we seek out like catnip. But what happens when it’s “misused”? WAS it misued?

Deliver the Right Message to the Right Audience at the Right Time

That’s the guiding mantra of marketers. So you can be assured that the exposé that’s coming out of the UK over the tactics of Cambridge Analytica and the US election can be a bit unnerving, even confusing as it relates to those of us who live and breathe by data.

First off a couple housekeeping notes:

  1. Cambridge Analytica (CA) obtained the data illegally, … ish … A vulnerability in the Facebook (FB) terms of use actually pretty much allowed it. That’s a massive problem.
  2. CA is a bunch of folks with questionable morals and ethics based in greed and power.
  3. I’m not going to discuss the other tactics they use, the whole setting people up for blackmail, which I believe is the bigger issue, and unrelated to the data thing.
  4. FB is a hot mess

Ok, So I’m a marketer. I love data. I live for data. I do the Steve Kornacki dance over data but know enough to NOT do it in public because we look like unstable nerds

Here’s my take:

Facebook left the keys in the car and CA stole the car. Both are at fault here, but oddly enough, I think in parts, CA was not acting illegally. (They were with the whole foreign entity working on behalf of a US politician in an election, so there’s that.)

Facebook had a Terms of Service (TOS) that actually allowed user data to be essentially scraped, including access to ALL their friends. Several years ago they tightened it, reluctantly, but didn’t really end it. Even today, plain old regular folks doing apps can pull ALL your data when you sign in with FB. They now can only pull the connections, IDs, and publicly available info of your network, but they still can do that.

Facebook ad targeting is similar in many ways to Google’s, where they sell ACCESS to their users through their ad platform, but not actual data of their users, so you basically can’t target a specific individual, only a picture of an individual, if that makes sense. (…there’s a caveat coming)

Example: I want to target people who are conservative, live in this particular area, are this age, make this much money, and like any of these 9 brands. FB won’t tell you who these people are, but will show your ads to those people, and if they click or like your page, you’ll know who they are, and therefore you’ll know that much about these people.

To be clear, the example above is what we, as marketers, live for, and in general, we, as consumers, are pretty ok with because it gives us ads that presumably we’re interested in. It’s not that different, when you think about it, of magazine ads. You’re not likely to see an ad for a cancer treatment center in vogue, and you’re not likely to see a mascara ad in a hunting magazine. It’s the essence of consumer targeting.

Now the caveat

Facebook continues, to this very second, to have a vulnerability. They allow companies to upload their own list of targeted audiences. (Presumably FB then uses that external third party data to update their own records?????) That vulnerability allows for ill-gotten data to be used. This is a HUGE problem.

Google doesn’t allow this, to my knowledge, with the exception of placing ads in gmail. I could be wrong, a more seasoned SEM marketer may prove me wrong, but I do not believe Google allows you to upload your targeted list of actual identified individuals to their platform to target.

Before we congratulate Google for being totally decent and honorable, let’s be clear here: Google doesn’t do this and has pretty tight privacy sharing with EXTERNAL sites ONLY because they’ve bought so many companies and have conflicting privacy policies. Had this not happened and brought attention, it was well believed that Google was close to reaching a unified privacy policy point of selling the data. That’s likely on hold, but also, selling access is more profitable than selling data. (Similar to selling a car and hoping for return customers for updates or leasing/renting a car and pretty much guaranteeing it with multiple customers).

How to fix this?

I don’t know. I would guess regulation, and it will once again start internationally. Can Spam has been very effective in controlling, limiting spam issues in email.

Can Spam means you can’t get unsollicitied junk mail. Of course you do, but way less than you did before it was enacted. There are all these rules about who you can send emails to, what wording has to be involved in ads, far stricter for international, so most larger companies just use all for the US market as well, to err on the side of safety. Essentially it means you can’t send promotional emails to people who haven’t signed up, and you have to offer and honor their request to unsubscribe. Yay.

There are also sets of companies/instances that the spam issues do not apply: non-profits, POLITICAL crap, and companies you’ve done business with. They are exempted. But the Political Crap mention requires that they are registered as Political crap.

BUT … the way this plays out is the large companies that offer email sending services (MailChimp, Constant Contact, AWeber, etc.) all have very strict requirements and adherence to these rules and make you agree that you didn’t scrape the email addresses (you totally still can even if you say you didn’t) but further monitor the performance of your lists if they have too many bounces or unsubscribes. They will lock your ass out and make you delete your lists, without mercy. They do this because THEY must retain “white list” status, meaning, their own company is based on having a good reputation so emails can get past the majority of email clients and land in the in boxes. If their clients screw up, their business suffers, for all. So they’re pretty damn strict.

Interesting with Google, too, with their ads, they show ZERO mercy in ad clicking farms. They will boot you for life without recourse if your ads are found to be clicked excessively or by bots. Again, not because they’re awesome and conscientious, but because click-fraud costs them money and they have to refund it.

So yes, there needs to be regulations, likely will be pushed by other countries, specifically Britain and Germany, which will result in comprehensive changes within FB (and others) because it’s easier to have one main process than multiple ones for different countries.

What this means for Marketing Data

None of that will change that you’ll still have us marketers targeting you based on information you make available. And yes, through what we call retargeting, that is shared across devices, so if you check out an ugly ass pair of shoes on a site on your phone, you’ll likely see ads for them, if you didn’t buy them, on Facebook and other sites you visit. That’s just us reminding you you have shitty taste in shoes, and we want you to buy them, not because we’re sick of looking at them, but rather because we want to make $$. And you showed an interest.

Reminders & Tips:

  • Set your privacy settings on your social media and Google account to levels you are comfortable with.
  • Unsubscribe from emails you don’t want.
  • Understand that those store and company loyalty programs KNOW what you buy, and how frequently, along with all the other information you gave them when you signed up.
  • Those branded credit cards: The company’s offering them know what you buy, where you go, how frequently you travel. Now, they likely don’t get the full information from the banks, but they certainly get the general information tied to your account.
  • Don’t be stupid. Up your standards when it comes to validating content. Seriously, folks, the content offered up by these companies was so pathetic it didn’t even reach the level of the national enquirer.
  • And an extension of that … READ BEYOND THE HEADLINES, then verify the sources, and find REPUTABLE sources to verify the information. (Don’t be tricked by Google giving you the same stories on different sites)
  • Think twice about getting all those Internet Connected Devices. They track everything.