In the wake of GDPR and a string of data mishandling scandals, I sat down with Will Egan to catch up on data governance and privacy in social media marketing.
Data is at the very core of service delivery for most businesses and it’s (relatively) safe to assume they don’t use it maliciously. Data is used to improve products and services which in turn, improve our lives. This is the intended purpose.
But it’s the unintended consequences that separate what a user has given permission for, or rather what they expect they have given permission for, from reality. GDPR may have only just kicked off in Europe but the overwhelming movement towards 1:1 marketing puts the writing on the wall; it’s inevitable that something similar will come to Australia.
In This Episode
Data governance in Australia
Explicit data, implicit data & inferred data
Analytics in social media marketing
How marketers and businesses should respond
If you like what you hear and don’t want to miss an episode, subscribe on your favourite podcast app or our blog for weekly updates direct to your inbox.
Hello! So, welcome to the first Social Garden podcast. This is Michael Bird, I’m the CEO and Co-Founder at Social Garden. I’m with my dear friend and one of our advisors at Social Garden, Mr. Will Egan.
Will is the CMO at Ausmed.com, one of the rising stars of the Australian technology scene and also the Co-Founder of Code the Future, a platform to connect engineers with kids learning how to code. Welcome Will.
And today, in the first episode we’re going to talk a bit about the Facebook data privacy concerns that are currently happening in the market – what it means broadly for marketers and how maybe we should be thinking about it as consumers as well.
So, why should we be thinking about this right now? Facebook’s been around ten years. Why is this particularly poignant at the moment?
Thanks, Mike. It’s a real pleasure to be here. Data and privacy is something that I think is really important for any marketer to be across.
You know, we’ve had requirements to be across this since spam laws came into place, even the original privacy regulation out of Europe in 1995, but particularly of interest at the moment is the Cambridge Analytica saga, perhaps. That’s kind of caused everybody to start thinking a little bit more about what companies are actually doing with data.
I think what’s really going on here is that the perception that the average consumer had around data is not matching up with the reality.
Yeah, I think what’s interesting is everybody is aware that Facebook has been listening and watching for a long time and certainly been – for my group of friends anyway – joking about how much Facebook knows about us all. But for some reason recently, when the rubber’s hit the road and it’s been revealed that some of that data is being passed on to third parties, to other private companies, then that’s become a real concern for people.
I think things haven’t changed really from a consumer standpoint, other than the fact that the data and the strategies that many companies are using have been used in a malicious way to negatively impact in my view, the world, in this instance.
So it’s an interesting thing. I think we could see more changes to data privacy laws globally, similar to the GDPR coming up in Europe.
Yeah, absolutely. You know if you were to ask most users who sign up to Facebook “are you comfortable sharing all of the data that you are sharing on Facebook with the rest of the world?” You know, majority would say “yeah that’s not a problem” and that’s because I believe the perspective that they’re looking at of data sharing. Such as an example might be a photo of themselves, they think “you know I don’t really mind if people see this photo.”
Up until that point, you know Facebook collecting a photo of a user through a kind of photo album feature set is the intended purpose. But beyond that, as it starts to be used to create machine learning models around face recognition or the images begin to be interpreted so that we can determine, you know, is this a photo of somebody out on a Friday night? Or is this a photo of somebody in Australia Day rally? Or is this a photo of somebody at the Houses of Parliament?
And based on that interpretation, starting to then segment those users. And very, very quickly we’re moving into the unintended purpose and that’s where the perception of what the user gives permission to Facebook to do starts to separate from reality.
Yeah, I totally agree. I think, you know, what people have buried in the terms and conditions and what the kind of broad understanding is of how the data is going to be used can often be different to the reality.
And I think that kind of reality is beginning to hit home when people are realising that Facebook is able to analyse photos to see whether you’re smoking in a photograph and then use that data and sell that data to an insurance company to influence your risk score.
Yeah. Yeah. And I think in terms of what data is being used for inside these companies, it’s safe to assume that the majority of the time it’s not malicious. These are businesses that are using data to improve products and services and largely across the world data is improving our lives.
A really simple example of that is having a dataset for diagnostic tools, such as being able to detect cancerous cells, is almost if not slightly more accurate more often at predicting a cancer or identifying cancer than perhaps a physician might be. And that’s kind of adjunctive to the physician’s role in diagnosing a patient.
But that’s a good use of data and it’s only made possible because there’s a large volume of it. I think if you look at any company in the world including even the smallest of businesses here in Australia, data is at the very core of their service delivery.
I think what’s for sure is that people are underestimating how effective Facebook is at predicting what you’re going to do next and how effective it is in influencing what you’re going to do next. The relatively slow adoption of businesses utilising the Facebook platform relative to other kind of mediums is crazy.
When we really look at how much the world has changed potentially off the back of scandals like the Trump Election and others, where companies are still questioning the effectiveness of Facebook advertising as a medium to influence consumer decision making processes, it’s just crazy.
If we can understand and analyse all of the historical data of what you’ve done in the past, who you’ve spoken to, the activities you’ve engaged and the websites you’ve viewed, all of these different things paint a really clear picture of who you are and allow advertisers to predict what you’re going to do next and to influence that decision.
So I think both consumers and advertisers have been grossly underestimating the effectiveness of Facebook generally. And when I say Facebook, I’m referring not just to the Facebook Timeline product, which is one of kind of a suite, but you know we’re looking at Instagram and Facebook Messenger and others where it is working off the back end engine of Facebook’s data asset and the AI that we can utilise in order to predict and convert customers.
Yeah, that’s a great point, Mike. So I think as advertisers, we’re collecting a couple of different categories of data. One of them is really clear which is explicit data, things that we know about a person such as their name and email address.
Then we’ve got implicit data which are things that we can kind of infer perhaps from their behaviour. Things that they’re doing online, pages that they’re looking at, pages that they’re liking, websites they’re visiting. But then we’ve got this other data set and this is where Facebook and other social networks really come to the fore, where we have inferred information. This is based on photos, based on your spelling mistakes in your in your posts, based on your friends, based on what time even you’re online. We can start to infer some things about your behaviour, who you are and classify and you. And that is quite revealing.
Yes, totally. I think we use marketing automation in a similar fashion where we’re tracking people based on their web browsing activity and the way that they’re engaging with emails, and I think that’s just like on steroids times a thousand inside the Facebook environment.
The movement towards one to one marketing is increasingly strong as we learn more about what we think people are about to do next. So for instance in the property market we know that there’s a much higher propensity for someone to enter the market if they’ve recently got married, divorced or had a change of income, which is a thing we often use to target.
Which isn’t an explicit data point or an implicit data point, it’s something that becomes inferred. Not many people log on to Facebook to say I’m getting divorced. And if they do it might be in the form of a comment. It’s not a kind of stateful change in their user record you know, ‘what’s your marital status? Divorcing.’
You don’t update that. So in order for Facebook to understand that that’s occurring, they’re observing changes in your behaviour. Changes just in the proximity of your phone to all the other phones that it was formerly around most often, potentially your partner.
I guess the other question is, from the consumer standpoint, if you’ve recently been divorced, do you want to see ads for romantic getaways for two? Or would you prefer to see products that are more suitable for your current situation?
I guess that kind of personalisation from an advertising standpoint is just one of many examples of the things that you know consumers need to think about. Whether they are prepared to see things that could be potentially painful or annoying from an advertising standpoint because they are irrelevant to them. Or are they prepared to give up more of this data in order to receive suggestions that are perhaps relevant to their next stage of their life?
Yeah. And a really great example of that is in Google Maps where I’m certain that we must be opting into this when we use the product or accept the terms and conditions. But Google Maps uses the proximity of phones on roads and just actually the sheer volume of people and the number of phones on a road to determine whether there is traffic present on that road.
That’s how it’s generating at scale, across the world, traffic monitoring information. Now that’s of benefit to the consumer. It’s probably not malicious. The intended purpose of that data collection is to help us understand traffic volumes. The unintended consequence of collecting that data is that everybody is being tracked everywhere they go, all of their movements.
And that’s the kind of parallel conversations that are taking place now. When you look at the Zuckerberg’s testimony to the Senators in the U.S. overnight, last two days, they’re the dots that they’re trying to join back together. “Hang on a minute, so by collecting this data to provide feature X, the unintended like ramifications of that is that something else is happening that people aren’t aware of.”
And I think what we’ll see over the next little while from a platform perspective, is a lot greater reporting on how data is being used. You’re probably noticing this especially in LinkedIn, I think LinkedIn is well ahead of this. Facebook is starting to do it. You’ll actually see it in Messenger.
I’ve noticed it’s starting to come up, where when you use a feature even though you might have been using this feature for four or five years, little modals are popping up on the screen telling you ‘Hey just so you know, this is what’s taking place in your account that’s allowing us to do this. We’re collecting this data so that we can improve this feature over here.’
And I think as advertisers, we’ve got to start thinking now, even though our ads are being served into those platforms, we’re the collectors of the data. We store the data that we get back from these systems. How much disclosure do we need to be providing our customers? How much of that needs to be ‘opt in’?
As advertisers, how far do we have to go doing that in our businesses to protect our business rather than just relying on the networks that we’re pulling this data out of into our databases, relying on them doing that?
For me it’s like, as an advertiser there’s never been a better time to be advertising on social media because of the amount of data and the amount of information that we can extract. I think there’s never been a time to be more ethical around how that data is being used. And I think consumers need to realise what’s kind of going out.
We’re coming up to the GDPR piece where for example people need to opt in, in order to be added to a custom audience on Facebook as one example. So I think what we’re going to be looking to do is begin rolling out our own kind of GDPR-esque program for some of our clients, particularly in the education sector.
We do a lot of work with universities where we’re going to be looking to go above and beyond from a data collection standpoint and disclosure standpoint from customers coming in, because I think you know while GDPR right now is rolling out in Europe, I think we should see something similar in the next couple of years in Australia.
As advertisers, it makes sense for us to be kind of preparing that now so we can begin to work out how we are going to disclose this type of stuff while making sure that we can still extract kind of the value from a commercial perspective for our clients.
Yeah, I completely agree with that. I think what Australian businesses should be doing right now in terms of data is largely around governance and running a good business, owning an ethical business. And if we look offshore to Europe to the GDPR regulation, it’s very, very clear there now. They spent five years refining this legislation.
Any Australian business or any business in the world that is serving ads to residents of the EU or providing services, actively targeting residents of the European Union-
For example, most universities have some kind of active targeting to Europe right now.
-Yeah absolutely. Regardless of the fact that you’re domiciled in Australia you need to be complying with GDPR regulation out of Europe because that’s a resident of Europe. So what I think Australian businesses, I think the writing’s on the wall, it’s inevitable that things like this come to Australia.
Two years ago the office of the Australian Information Commissioner conducted a review of the GDPR to determine whether Australia needs to implement something similar. At the time they said it wasn’t necessary and that they would review it a little bit further down the track.
But I think in the wake of Cambridge Analytica, the OIAC has lodged an inquiry with Facebook to determine exactly what has happened. We do have our Australian Privacy Principles, 13 of them, and one of them is a mandatory reporting requirement around data breaches.
But I think any good business in Australia, any business that plans to be around 10, 20, 30 years from now, there’s an opportunity to get ahead of this by going to Europe, complying with the GDPR out of Europe, complying with consent, not just assuming that someone has given it to you because they provided you with their details.
Does your company have an internal data policy? Can your customers delete data from your business? And when they do, how does that data get moved out of the system? How fast? How deep does it go? The right to erasure is the other side of the coin. You know, that the onus of data control sits with the client, the customer. We get access to it temporarily but the customer does inevitably have the right to revoke it and when they do, how do we respond as a business?
So I think get ahead of those challenges now. We’ve been looking at this for about a year now at Ausmed really intensely and I’d encourage everybody to get ahead of it and especially marketers; make this something that you’re an expert at not just something that you pass off to the legal team. It’s not that hard. There’s a lot of great websites, a lot of great resources.
Yeah, I think doing the right is always the right thing to do. As a wise man once said, the truth is undefeated and I think over time you know if you continue to do the right thing it makes sense. For us, when we’re thinking about the inevitability of increased data protection laws, practicing and working out, how do you make these platforms commercially viable on the pretence that at some point it’s going to change?
It’s good to start practicing that stuff now because it will provide a competitive advantage down the track. But anyway, that’s the end of our first podcast.
Thanks very much to my man, Will Egan. Thanks bro, you’re a legend. Looking forward to continuing the podcast. Thanks so much for listening and taking the time to listen to us waffle on about data.
Thanks for Listening
We hope you enjoyed our first social media marketing podcast.
We have some great guests lined up for the coming weeks, including Ty Hayes, CMO of Curtin University and Matthew Lee, ex-CMO of RMIT University.
If you like what you hear and don’t want to miss an episode, subscribe on your favourite podcast app or our blog to receive weekly updates direct to your inbox.