A not-so-brief summary of what Facebook’s changes mean for us

It’s been a big couple of months for Facebook.

There was a huge exposé from a Cambridge Analytica whistleblower on The Guardian. The platform’s also faced some heat with its announcement of re-introducing facial recognition for European users. And let’s not forget Mark Zuckerberg being super awkward/creepy during his US congress testimony, giving birth to plenty of wonderful GIFSs.

CNBC have written a great blow-by-blow on the data breach issue, but if you just want the basics:

  • 2010: Facebook allowed third-party apps to ask Facebook users to use their information, plus (without express permission) their Facebook friends’ data too.
  • 2013: A Facebook quiz called ‘Thisisyourdigitallife’ used this loophole to collect data from the 300K people who authorised the app, plus millions of their friends.
  • 2014: Facebook changed its rules about collecting users’ friends’ data, but it wasn’t imposed retroactively.
  • 2015–2016: Cambridge Analytica used the data from ‘Thisisyourdigitallife’ to assist Ted Cruz and Donald Trump’s presidential campaigns, totalling in almost $12M spent on Facebook ads.
  • March 2018: A former Cambridge Analytica employee revealed that the company exploited Facebook to harvest the data of over 87 million users. Zuckerberg posted a lengthy Facebook status to address the issue.
  • April 2018: Facebook announced a slew of changes to the platform, restricting what third-party developers can do while also giving individual users more control.

So what exactly are these Facebook changes?

Across March and April, Facebook:

  • Made Privacy Shortcuts and Ad Settings way easier to access to find on Facebook.
  • Shut down Partner Categories from third-party data providers like Acxiom, which were previously used for data insights and ad targeting.
  • Restricted or made approval processes much tighter in relation to developers using Events, Groups, Pages and Instagram Platform APIs.
  • Sent out notifications to all users at the top of their News Feeds, prompting them to check which third party apps are currently allowed access to their data.
  • Set up a feature to allow Facebook users to check if they were directly impacted by the Cambridge Analytica data breach. (It’s reported that only 53 Australians took the offending quiz, but 311K Aussies were affected.)
  • Implemented changes so access to personal data is revoked if a user hasn’t used a third-party app for three months or more.
  • Set up policies so political and ‘issue’ ads are now clearly labelled, and only authorised users can run these. It’s unclear what counts as an ‘issue’ ad, but likely topics include vaccinations and gun control.
  • Launched the Data Abuse Bounty Program to reward whistleblowers who report data misuse.
  • Published their (previously for internal eyes only) community standard guidelines. This isn’t directly related to data and privacy, but it’s a step towards being more transparent with users.

And what do these new features and policies actually mean to the average Joe on Facebook?

In a nutshell, the changes are designed to give users more control over how they are being advertised to, and what personal information Facebook is giving third parties.

Some features are brand new, and probably introduced as a knee jerk reaction to everything that has happened in recent weeks. For instance, users can opt out of Facebook remarketing ads using data from non-Facebook sites, as well as remarketing ads on third-party sites that use Facebook data.

Other settings aren’t new, but now much easier for the average Facebook user to find. For example, users can now change the general topics of their ads with a few clicks from the home page.

Does this affect Bolster and our clients?

It’s still largely business as usual at Bolster HQ, but there are some changes to reports, insights and targeting:

  • We can no longer give you Facebook audience insight reports for databases sourced outside of Facebook like site visitors, ticket purchasers or past event databases. However, we can still use Google Analytics and various other platforms we have access to, and work with ticket companies to look into the demographics of your audiences. Audience insights are still available for Facebook fans.
  • We can’t tell you how large or small certain targeting groups are. We’ll be able to tell you if you have 10K site visitors globally over the past month, but if we’re targeting site visitors only in Brisbane who are aged between 18–34, we can’t estimate how many people that might be.
  • Similarly, we can’t do audience overlap insights with third-party data anymore (e.g. how many of your Facebook fans also purchased a ticket to your festival, or how many site visitors watched at least half of your announce video).
  • We can’t target ads to third-party consumer groups from Acxiom or Quantium anymore. For context, these were mostly around consumer behaviours (e.g. craft beer purchasers) or broad demographics (e.g. Aussie income earners above $80K).

It’s not all doom and gloom though. There are still plenty of reasons to keep Facebook and Instagram in your marketing budgets:

  • Your fans are probably still on both platforms, and in far larger numbers compared to Twitter, YouTube or (probably less so) Google+.
  • On the paid side, Facebook and Instagram’s digital targeting is still second to none. If you want us to target people who bought tickets to your festival last year, watched 50% of your lineup announce video this year, live in Melbourne, are aged 18–24 years, earn over $85K and haven’t got a ticket yet… your wish is our command.
  • In a crowded and competitive market where social proof is key, Facebook and Instagram smash other platforms out the park on this front. If a music lover in Sydney is tossing up between two competing events on the same weekend, chances are they’ll pick the event that has more engagement from their networks. Google Display banners, publisher advertising and Google Search don’t provide this social context at all.
  • Even with all of these changes, there’s still a wealth of data and insights we can pull from Facebook. Through neat features like advanced attribution, fan audience insights and Facebook’s rival to Google Analytics, there’s a ton of knowledge we can use to sell more tickets and records.

What does this mean for our clients and the wider music industry?

Be open to continue advertising on Facebook and Instagram, but future-proof your strategy by considering alternative platforms to reach your audience as well.

The sudden Facebook policy changes have also made it clearer than ever that brands need to own their data. Build up email databases outside of advertising platforms so they can easily be imported to different systems as needed. Make sure you’re collecting as much information as you reasonably need, but no more. (Think of all the times you’re tried to subscribe to a mailing list but changed your mind because they’ve wanted your postal address too.) For instance, tour promoters might find it useful to gather not only email addresses, but also full names, post codes and preferred music genres.

Finally, in light of the general public’s response to the data breach, also make sure that you 100% have permission to use your customers’ data. Don’t make the same mistake that Facebook did. People really do care if robots steal their information.

Edit: Since writing this story, Twitter has also become involved in the Cambridge Analytica scandal. The platform sold data access to Aleksandr Kogan, and has since removed Cambridge Analytica as an advertiser.

Facebook has also just announced a new ‘Clear History’ feature that transparently shows its users what sites and apps are sending Facebook info on them, while also allowing users to delete this info and stop Facebook from associating it with their accounts moving forward.