This week the one story that has dominated and continues to dominate the media is about the gathering and use of personal data by one of the world’s largest social media networks Facebook and Cambridge Analytica, a data and analytics company in the UK. Both organizations are now at the center of a row over whether data gathered by the firm was used to influence how the US 2016 presidential election played out, as well as the outcome of the UK Brexit Referendum. In this article we take a look at the wider implications of this scandal for CDOs and CAOs.
The Story So Far
Channel 4 news in the UK dispatched an undercover reporter to meet staff from Cambridge Analytica, following a report in the Observer Newspaper by one of their journalists Carole Cadwalldr. Cambridge Analytica had been referenced in the report as having helped Donald Trump to win the US 2016 presidential election.
In order to gain inside access to Cambridge Analytica, the journalist took on the guise of a Sri Lankan businessman who wanted to influence a local election there. From this, it is alleged that CEO of Cambridge Analytica, Alexander Nix, was filmed as he gave examples of how political rivals could be discredited by arranging smear campaigns, such as setting up meetings with prostitutes and ensuring that bribery could be caught on camera by creating situations where this would happen, claims which have been strongly denied by Nix.
The origins of Facebook’s involvement goes back to 2014, when a quiz invited their users to find out their personality type. It was designed to gather not only data from the user taking the quiz, but also data belonging to their Facebook friends. Since then, the amount of data that developers can gather in this way has been changed by Facebook.
An ex-Cambridge Analytica employee has alleged that because 270,000 users took the quiz, the data of around 50 million, mainly US-based users, was gathered without their consent via their network of friends. He further alleged that the data was sold to Cambridge Analytica, who used it to profile people psychologically to deliver pro-Donald Trump content to them. However, Cambridge Analytica has denied that this data was used for the Trump campaign as part of the services they provided.
The Way Forward: What has the Response Been?
So far, the UK chairman of a parliamentary committee has demanded that Mark Zuckerberg explain the “catastrophic failure” as he calls it to MPs. In the US, senators have insisted that Mark Zuckerberg testify before congress about how Facebook will protect its user’s data.
In addition, the head of the European Parliament has said they will also investigate to see if the data was misused in any way. Even the UK Prime Minster, Theresa May, has said she is “very concerned” about the revelations. Cambridge Analytica has suspended Alexander Nix, and the academic who created the app that caused all of this has said that he feels he has been made a “scapegoat”.
Corinium Commentary: The Wider Implications for CDO’s and CAO’s
Quite often, data and analytics only receives press attention due to a negative event, usually either a security breach or through the misuse of data. This is yet another news story that adds to the general mistrust of organizations who gather and use our data. Business models around the use of data and analytics are frequently changing, and with GDPR set to come on May 25th this year, these models will change even more. Trust as a service is something that CDOs and CAOs need to take seriously, with privacy being built into everything they do.
These kind of news stories will often damage the reputation and the excellent work that Chief Data Officers and Chief Analytics Officers undertake within their organizations, much of which starts with the customer. Digital transformation is key to the success of an organization today, and often always starts with the customer in mind. We rarely hear about the good aspects of data and analytics which includes better data governance for the secure management and treatment of personal data, the use of analytics to improve product pricing and offerings, AI and Machine Learning to improve the customer journey and more sophisticated data security tools to secure sensitive information.
These are all key benefits for customers and consumers, but the work of Chief Data Officers and Chief Analytics Officers is often made harder because of these news stories, yet they are the ones who ultimately solve many problems and issues when it comes to data and security. Additionally, data compliance is key to protecting consumers from another severe financial crash such as the one seen in 2008, and while this may not be at the forefront of people’s minds, it is critical to avoid data breaches and mishaps such as this one
Data is also often used for social good, and philanthropy through the use of data can be undermined when stories like this appear in the news.. Our panel discussion during CDAO Government on “Using Data for Social Good” will focus on the importance of encouraging data philanthropy for social good and the added benefits along the way.
There is also a stigma around the montetization of data, and much is made in the press of unscrupulous practices of selling and sharing data without the express permission from each individual user that has provided that data. There are many organizations out there who share the data they hold legitimately and with the permission of the users who provided it and, of course, monetization does not always have to equate to the direct selling of data – it can merely relate to treating data as the valuable asset that it is.
Given the severity of these recent revelations and how they show the ways in which personal data on Facebook can be obtained by organizations for political and other purposes, it does beg the question of whether a total rethink of the way in which data is approached will now be necessary.
As Facebook didn’t inform their affected users that they had been subject to a data breach, even after they discovered it, this would constitute a total violation of data-privacy laws under GDPR.. This scandal has highlighted data collection methods and shows just how significant and severe the practice is, and organizations will need to ensure they are extremely cautious when collecting and analyzing personal data belonging to their customers, and be extra diligent around the issue of consent.
There is also some speculation that the way in which the data was collected by Cambridge Analytica does not constitute a breach given that the company used software to harvest data that was already in the public domain. Facebook could also be cleared of any wrongdoing given they would not have handed over any data themselves to Cambridge Analytica. It remains to be seen how events surrounding this story unfold, and at Corinium we will be keeping a close eye on this story and the implications of it for Chief Data Officers and Chief Analytics Officers.
What do you think about the Cambridge Analytica/Facebook data sharing story? Do you think it will have bigger and wider implications for the role of Chief Data Officer/Chief Analytics Officer? Join the debate on our LinkedIn Hangout Groups.