• About Us
  • Work
  • Capabilities
  • Careers
  • Technology
  • Blog
  • Contact Us
  • About Us
  • Work
  • Capabilities
  • Careers
  • Technology
  • Blog
  • Contact Us
February 25, 2019

How Cambridge Analytica Sent 2018 into a Tailspin for Marketers

Posted by Katie Friedman

Let me try to sum up what happened with Cambridge Analytica as we now can better understand it in hindsight. In March of 2018, news broke that the personal data of 87 million Facebook users was exposed to a political consulting firm based out of London known as Cambridge Analytica. This personal data was mined with a quiz app that used a loophole in the Facebook API to collect information from its 270,000 app downloaders along with all of those users’ friends.

As outlined by the New York Times team, Facebook “routinely allows researchers to have access to user data for academic purposes — and users consent to this access when they create a Facebook account,” as described in the Facebook Service Agreement (that most people don’t read but agree to without knowing what’s in it). So the first part, the ‘data mining’ was technically legal but the selling and transferring that data to advertisers (or a monetization-related service) was not.

Doesn’t all of that feel like it happened 100 years ago? Guess what? It hasn’t even been one!

Two critical things happened after that: regular (non-tech and non-advertising industry) people realized that Terms of Service Agreements are way too complicated as companies began to understand just how legally and reputationally liable they are when the personal data of users isn’t properly handled. For the rest of the year, companies and their digital agencies tried to untangle laws, internal privacy policies and processes relating to first-party data. Oh, but the year had barely begun — and there was much much more to follow.

April 2018: Congressional Hearings

Because of Facebook’s role in these events, CEO Mark Zuckerberg had to explain his company’s privacy policies, data handling procedures, and business practices to Congress. As a former Facebook employee told the New York Times, “The people whose job is to protect the user are always fighting an uphill battle against the people whose job it is to make money for the company.”

Imagine trying to explain TikTok to your grandparents and you’re close to envisioning how the hearings went down. The members of Congress asked questions like “How does Facebook make money?” and “Is Twitter the same as what you do?”

As marketers, we immediately recognized that our government understood data privacy far less than they should and that collectively, we should be investing in more technology to regulate ourselves and protect our clients. Facebook also required us to take action on behalf of clients by tightening up the way first-party data was used on its platform in the weeks following Facebook’s Congressional hearings.

At this point, the year wasn’t even halfway over and the US government had already exposed shortcomings in its data privacy laws, not to mention lawmakers’ general lack of understanding around the digital economy and how it operates. Following the endless national news cycle about the Congressional hearings and Facebook’s procedure changes, deciphering our clients’ privacy policies led to some very late nights. Interestingly enough, an EU law all about protecting people’s online privacy was due for implementation and was already being hailed as the new industry standard for such legislation.

May 2018: General Data Protection Regulation

GDPR, a law aimed to give individuals more control over their data and how its used by digital companies, was signed into law in April of 2016 but wouldn’t be implemented until May 2018. This gap of time was then used by companies located in the European Union to update their websites and data handling practices in order to comply with the GDPR’s strict requirements by its implementation in May 2018.

With the Cambridge Analytica scandal fresh in mind, and even though the regulation was only legally valid in the EU, every company that had any global online presence readied itself to comply with the GDPR. The implementation of regulatory standards was so widespread in the global marketplace that the actual phenomenon is now known as The Brussels Effect.

In fact, the US will spend $42 billion to comply with GDPR even though they technically don’t need to do since it’s not a US law. But that number seems paltry compared to the 200 billion pounds that EU companies will be spending.

Those companies were right to invest and comply with the new data regulations since the GDPR allows lawmakers to penalize companies up to 4% of the company’s global revenue for any violations to GDPR. Since agencies support global companies, our very own tech and legal teams had to work late nights navigating how they would implement the tech solutions that GDPR required and how the language of each contract would have to be updated to comply.

September 2018: ITP2.0

In September of 2018, Apple released an update to Intelligent Tracking Prevention (ITP) across the Safari browser. Apple is well-known for its strict regulations about data privacy, so the change certainly made sense given the global news cycle’s hyperfocus on data privacy practices. ITP allowed Apple phones and computers to further block tracking cookies to better protect users’ privacy which, of course, directly affected companies like Google and Facebook whose advertisers rely on third-party tracking. Note that we can still track that traffic, though less reliably, using UTM parameters.

To find out more, read our more in-depth ITP POV here.

Nevertheless, this was a massive adjustment for the main players in the advertising ecosystem, and we had to be ready and quickly find a turnkey solution for our clients.


While last year was a complete tornado from start to finish, hopefully, this year will be less stressful now that we know the direction our industry is heading as it relates to user privacy and data security practices.

We anticipate that this hyper-focus on data privacy and larger consumer behavior trends will evolve in 2019 as companies become financially liable for any lack of data security with the threat of facing a swift public backlash caused by any missteps. Along this same line of thought, we anticipate 2019 to be the year where potential governmental oversight begins to enter the digital economy.

As advertisers, we’ll continue to do our jobs in finding efficiencies and serving valuable and helpful content to the right audiences while also heavily investing in more technology and resources that keep user privacy top of mind.


cambridge analyticadata privacyGDPRGeneral Data Protection RegulationITP
Previous
Next

Latest White Papers

  • Why Voice Matters: Identifying the Latest Opportunities in Voice Search
  • eSports Advertising and How Brands Can Get in the Game
  • Navigating the Amazon Ecosystem
  • See all White Papers

Featured Posts

  • How An Unusual YouTube Partnership is Disrupting an Entire Industry
  • PMG Among Best Employers for Parents
  • Why You Should Take Your Vacation: My Experience Going Off the Grid
  • Working with an Automation Mindset
  • Why B2B Brands Should Use Video

Categories

  • Content
  • Creative Design
  • Data Analytics
  • Development
  • Display
  • E-Commerce
  • Industry News
  • Local
  • Mobile
  • Paid Search
  • PMG Culture
  • SEO
  • Social Media
  • Structured Data
  • Video
Fort Worth

2845 West 7th Street
Fort Worth, TX 76107

Dallas

3102 Oak Lawn Avenue
Suite 650
Dallas, TX 75219

Austin

823 Congress Avenue
Suite 800
Austin, TX 78701

London

33 Broadwick Street
London
W1F 0DQ

New York

120 East 23rd Street
New York, NY 10010

Get in touch

(817) 420 9970
info@pmg.com

Subscribe to the PMG Newsletter
© 2019 PMG Worldwide LLC. All Rights Reserved.
  • Contact
  • Privacy Policy
We and our partners use cookies to personalize content, analyze traffic, and deliver ads. By using our website, you agree to the use of cookies as described in our Cookie Policy.