It’s time for Facebook to start over

Facebook has an image problem because it has a data problem. Here’s a radical suggestion that would solve both (and it’s GDPR compliant to boot).

Cambridge Ana-lotta trouble

After months of drama (and memes) surrounding Facebook’s mishandling of the data of 50 million of its users via political consulting firm Cambridge Analytica, the social media goliath has been handed a £500,000 fine by the Information Commissioner’s Office (a fine which they’re not keen on paying). While this is the maximum possible fine under the Data Protection Act (which has since been replaced by the GDPR but was in effect at the time of the data misuse), it’s a drop in the ocean for Facebook. Had the GDPR been in place at the time, the fine could have been as much as 4% of Facebook’s annual turnover, which works out at $1.6 billion as of 2017. A damn sight more than £500,000, sure, but still a paltry amount as a percentage of the company’s gargantuan money bin. Despite a $50 billion drop in market value following the scandal, the site continues to hover around the half a trillion mark, which is an obscene amount of money.

Vastly more important to Facebook than any monetary penalty is the damage to their reputation and their brand. The company has recently been taking efforts to reverse this damage in the eyes of the public, through a television ad campaign which talks of stamping out fake news, clickbait, and of course data misuse. But what steps are Facebook actually taking to protect their users’ data? It’s important to remember that the social media site is not merely a platform for free expression and interaction, but a for-profit business. A large chunk of that half a trillion valuation comes from data collection, targeted marketing, and other activities deemed to be either an invasion of privacy or standard business practice depending on your point of view. It was recently revealed that Facebook holds far more data than most users realise, including records of their calls and messages, as well as data gleaned from non-users without their consent.

“Hang on, doesn’t Facebook allow you to opt out of handing over your data?” I hear you ask. Yes, they do – but they’ve glossed over the choice and buried the privacy options to make it as tedious as possible to opt out, all the while presenting users with “click here to accept this” prompts which are a breeze to proceed through. It’s not their fault people don’t read the small print, right? The reasoning behind this is obvious: it’s not in Facebook’s interest as a business to encourage its users to opt out of having their every private detail harvested for marketers. As a result of these tactics, Facebook is now sat on the world’s biggest haul of personal data, much of which it acquired disingenuously if not downright dishonestly, and everyone knows it.

Make Facebook great again

But wait! There’s a solution! A way for the company to repair its image and to take great strides towards its original vision of being a connected social hub, with none of this controversy over data. It’s simple really; Facebook needs to start over.

I don’t mean start from scratch; that’d be far too much work. I’m talking about starting afresh from a user data perspective. What I think Facebook should do is delete their gigantic haul of collected data. Browsing habits, conversation logs, everything they have which wasn’t entered into their systems by their users. That’s step one, but it’s the next step which is the real crowd-pleaser. After obliterating their years of collected and collated data, Facebook should present a new page to its users, when they next log in and then easily accessible after that. This page should outline the user’s entire presence on the site – let’s break it down.

Firstly, they should be shown every detail they’ve submitted to their online profile. They’ll have the option to edit or remove any of this here. This is just good housekeeping; I expect a lot of people are overdue to update the information on their profile. Secondly, they’ll see everything they’ve signed up for through Facebook’s third-party integration, with the option to revoke access to these authorised apps. Haven’t played Candy Crush for years? Get rid of it. Tired of receiving Words with Friends notifications? It’s gone. Lastly and perhaps most importantly, users will have the option to enable or disable data collection and tracking of the various kinds Facebook performs – and these options should be opted out by default.

With these three sections – your profile, your apps, and your data – Facebook could present a totally transparent “your presence” page to give users control. Real control, not that “we value your privacy” wishy-washy stuff. Now here’s the thing: nothing is free. When a user signs up for a Facebook account, they’re essentially entering into an agreement that they’ll be paying for that account not with money, but with themselves. Their personal data, their identity. Take that power away from the business, and they’re faced with the challenge of running a 2-billion-user network for nothing. Not for money, not for data, but out of the goodness of their hearts. If it seems like I’m not selling this idea very well, you’re right. “Hey Facebook, give up all your data and don’t collect any more of it!” How naïve of us.

Be positive about data

The Facebook platform shouldn’t be about holding a service to ransom. Sure, it’s standard practice across the Web to trade personal data for goodies. Give us your contact information to download this eBook, fill out a survey to access this content; we’ve all seen these strategies. But this is Facebook’s chance to be a leader in a new movement, a movement where user data isn’t demanded, scavenged and squirrelled away but rather asked for politely. Sell your reasoning, Facebook. Persuade your users that allowing you to track their activity is not only in your interests, but theirs too. For example, you need advertising. Most websites run it, because without it they’d go under. Employee pay checks and web hosting aren’t free after all. So, let people know that the adverts they see will be more relevant to their interests if they opt in to data collection.

It’s true, pitching personal data collection to people in this privacy-conscious age can be a seriously tough sell. Be upfront, be transparent, and offer value to the users. If you have a reason to want someone’s information, don’t just tell them the reason – sell it to them. You don’t want them to opt in reluctantly or to feel like they have no other choice. Make them happy to opt in. It’s time for a new way of thinking about data: honesty, clarity and flexibility. Data should not be a dirty word.

I mentioned the GDPR in our opener, and taking these “data positive” steps would go a long way towards achieving compliance. By the way, don’t think I’m only targeting Facebook with this advice; I’d like to see an honest and transparent approach to personal data from businesses across the Web. Am I still being naïve? Of course. Attitudes don’t change overnight, especially where there’s money to be made. But I can hope to at least get people thinking, get people talking.

As for Facebook? Start over. Purge all that scandalous data that has gone before, and be clear with users moving forward. Be “data positive”. You know, I rather like that term. It’s a nice bit of shorthand for being enthusiastic about the data you collect, for not forcing or demanding consent but instead pitching the benefits to users. I think I might talk more about that in future. Stay tuned folks – especially you, Mr. Zuckerberg. You might just learn something.

Varese-secure Ltd are providers of world-leading data destruction equipment – you know, for erasing hard drives filled with the collective information of 2 billion users. Anyone know of a business that might need to erase that much data?