The news surrounding Cambridge Analytica and its apparent “data breach” has dominated the headlines for days. It’s a story that has made the nation sit up and think about the safety and security of our data; but how scandalous was this data breach, if you can even call it a breach?
The truth is, no data was taken which was not already publicly available. While the media has been quick to label the incident a data breach, it’s more a question of ethics, rather than legality. Despite this, Facebook founder Mark Zuckerberg has come out and apologised for Facebook’s handling of the issue, accepting some blame for the misuse of users’ data.
It’s important to note that the data collected by Cambridge Analytica was very unsophisticated, based on assumptions rather than facts. Nevertheless, the way the data was collected went against Facebook’s agreed terms, and certainly raises questions around the morality of this method of data capture.
The scandal began when people were incentivised to take a personality quiz on Facebook. And, according to the BBC, around 270,00 people did so. In taking the test, public information was collected from people’s profiles, which included a friends list, and a list of ‘liked’ pages.
Everything up to this point is commonplace data capture. What Cambridge Analytica did next crosses into what most of us would deem immoral. Having accessed the data from the original consumer (the one who took the quiz), the app went on to save the consumer’s friends lists and URLs of their friends’ Facebook pages. It then collated their data and made assumptions on their characteristics, demographics and similarities to the original consumer, all based on a simplistic personality test.
However, compared to the kind of data collated by profile advertising display networks, Cambridge Analytica’s findings are weak as well as inaccurate. Those kinds of players have access to billions of profiles and a far better grasp on the data itself.
Contrary to what we may have read over the past week, the practise of data pooling is hugely common; most newspapers would also use this method, but in a more accurate, and less crude fashion. Facebook itself does this with its marketing platform, the difference is that Facebook doesn’t need to make assumptions on the data, it’s accurate enough as it is.
Facebook is often in the firing line when it comes to issues of privacy, but it actually does a good job of ensuring our data is only used for targeting purposes, rather than anything inherently personal like our religious or political beliefs. On the other hand, Cambridge Analytica made sweeping assumptions about people’s beliefs, for example people who like ‘Page X’ are more worried about American jobs, or people who liked ‘Page Y’ are less affluent, without proper evidence to back up these claims.
If Cambridge Analytica only took data that was already publicly available, and data pooling is done across the board, why has it caused national outrage? To refer back to my earlier point: it’s a matter of morals. Just because we have the capabilities to harvest consumer data and create assumptions off the back of it, it doesn’t mean we should.
For marketers, we need to be taking extra care to ensure that cross-channel messaging is highly relevant, invasive and – above all – accurate. This is especially important as we move closer towards the GDPR deadline, when it will become a legal requirement to protect consumer data.
Mitch Vidler is head of marketing technology and digital analysis at Jaywing