#InternetSeries The small business lessons learnt from the Facebook-Cambridge Analytica data breach

As you probably already know, Cambridge Analytica, the data analytics firm, worked with Donald Trump’s election and the winning Brexit campaign and harvested millions of Facebook profiles of US voters. This has been one of Facebook’s biggest ever data breaches, and it was used to build a mammoth software program that profiles voters and predicts and influences choices at the ballot box with personalised political advertisements. So… privacy policies are now under scrutiny, and consumers want answers!

…But what can small businesses learn from this?

The Bottom Line

Data privacy and how companies are storing, using, and selling customer’s data is now in the spotlight. As users become more and more concerned about these issues, they’ll be looking for transparency and security from the companies they are giving their time and money to…This can be a great opportunity to differentiate your brand and practices from bigger competitors and help cultivate trust with your customers, user base, or clients.

Evaluate your partnerships

If you are using logins from Facebook, Instagram, Google etc to create user accounts for your site, think about what comes next and if you want to continue to use those tools. For starters, a Facebook page should be thought of as an account you have on a service that is owned and operated by someone other than you, like an ad in the Yellow Pages. On the one hand, it provides an easy point of entry for new users and customers and can make the journey from ‘hello’ to a purchase much easier. On the other hand, you are likely allowing Facebook to follow user activity from your site and do a bunch of different stuff with it, and you might not agree with all that stuff if you look closely. This could be a good time to focus on your company’s online website and offer users an alternative way to register with your site, and/ or an opportunity to request to remove their past data.

Take a look at your terms

Regardless of your login process, now is the right time to take a look at your privacy policy, cookie and personal identifiable information use and storage, and terms and conditions of use of your site. You will want to make sure that whatever default options you chose at the start are still relevant, and still align with your company’s values. Questions are about to start coming in, and you want to be prepared to answer them. This includes reviewing any other third party services you are using, like data storage, credit card processing, and other website add-ons.

GDPR

What is particularly interesting for marketers, is that this scandal feels almost like a movie trailer for the upcoming GDPR legislation in May. As of May 25th, 2018, consumers will be able to request what data is being held about them and they will have the right to be forgotten. Post-GDPR, the data is back in control of the consumer. GDPR will mean that every piece of personal information held by your business needs to be identified — even if it’s on a mobile device or in the cloud. GDPR compliance will require careful monitoring so make sure you get your head around it!

Some of this article was published in the Guardian.

For a comprehensive overview of GDPR for small businesses click here.