Unless you have been living under a rock, you must have heard about the “Cambridge Analytica data scandal“. If you follow the marketing industry news, you also heard the endless pontification about what changes it will bring.
Most “experts” fall into two categories. On one end of the spectrum, “Facebook marketing is over”. On the other end “nothing will change”. Yet, both extremes are dead wrong.
The sum of Facebook changes is the biggest in years and you need a plan to adapt
But first, you need to understand what really happened and why. Facebook has been collecting and sharing massive amounts of data for years. Nobody really cared because no one was ever harmed. Yet at some point, the Cambridge Analytica scandal drew the public’s attention to how the data may have been used to manipulate the elections. What ensued next is the classic case of a “moral panic”, the phenomenon tracing its history to medieval witch hunts. You can refer to excellent research on “Escaping the Privacy Panic Cycle” to understand how the privacy scares emerge, spike, and then wane.
Unfortunately, the public’s irrational fears are the Facebook’s reality. The peaking or slowdown of the Facebook usage in certain demographics can be attributed to the perception of platform’s safety and privacy. The fewer page views Facebook generates, the less ad space it can sell, and that is even before the threat of adverse regulatory action by the government(s). As the “fecal matter runs downhill”, the Facebook’s problems quickly become the problems of anyone who does business on Facebook platform.
So, let me summarize and explain the main focal points of change in Facebook
1) GDPR Compliance
The Cambridge Analytica scandal erupted right before the General Data Protection Regulation (GDPR) going into effect on May 25, 2018. GDPR is a European Union law designed to codify a set of privacy rules, mainly around disclosure and consent. For Facebook, GDPR compliance offered an easy way to address many concerns raised by Cambridge Analytica. As a result, Facebook decided to implement GDPR globally and to require all advertisers and business partners to follow suit. Facebook Business Tools Terms lay out the new rules, and among the most worrisome is the ban on pixeling the sites you do not own.
2) Reduced Targeting Options
An easy way to create perception of less data abuse is to reduce the amounts of data available. Facebook is removing 3rd party targeting data, known as Partner Categories, as well as a multitude of less-prominent targeting options. The unstated business reason, few noticed, is cutting out the Audience Data Providers like Acxiom, Experian, Oracle, whose data fees substantially increased the cost of media. I would speculate Facebook decided that their deals have grown overly rich over time, with the growth of the platform.
What to Do: The data quality of Partner Categories had been questionable to begin with. Time and again I have seen these explicit targets beaten by just letting Facebook algorithm do its job by feeding it the right data. This means you need to map out your Customer Journeys and deploy tracking with maximum detail.
3) Data Permissions for Custom Audiences
Beyond basic GDPR, Facebook brought down the hammer with the new Custom Audiences Terms. The core point is that to upload a list of emails you must warrant to have “obtained consent for this use of data”. As most experienced email marketers know, this is an impossible requirement, as users forget what they sign up for and opt-in records can be faked. But, Facebook will be putting some teeth in enforcement, with legal certifications, list analytics, and likely complaint reporting plus consent spot-checks.
What to Do: Rethink your use of list-based audiences. If you are consistently relying on records of users who have not provided consent you may be caught and banned sooner than you think. Uploading unsubscribes or bought / traded lists will put your accounts at risk. Get ahead of the enforcement hammer before it hits you.
4) Weakened Analytics & Insights Functionality
Facebook is on the hunt to water down the level of detail available through its “Business Tools”, as sometimes such detail could be abused to de-anonymize Facebook users. The casualties of this new policy are found across many products. Insights for Custom Audiences are no more. User counts and advertising reach estimates for some audiences may no longer show up. Public sharing of Facebook reports is disallowed by new terms. This list may grow as new “vulnerabilities” are discovered.
What to Do: These changes will hurt the most advanced, data-driven marketers. The imperative would be to make the most use of the reports and diagnostics that remain, plus shift the emphasis of research and insight to tools outside of Facebook. Updating the analytics & decisioning protocols will be a must.
5) Tougher Review & Policing of Data Users
If you are handling any significant amounts of Facebook data or users you will be put under microscope. This applies to app developers, page owners, messenger bot builders, lead ads advertisers and more. Be prepared to pass manual reviews, verify your identity and defend your business model as being good for Facebook users. There will be further restrictions on data access and acceptable usage, with more enforcement. Much of this is still work in progress and will keep evolving.
What to Do: If you plan to operate on any kind of scale, you are certain to get reviewed. Don’t delay bringing your business model, your policies and your user experience in full compliance. When in doubt, ask yourself if you would recommend your ads, pages, apps, sites or bots to your kids or your grandmother.
6) Stronger User Controls
Facebook is upgrading the user-facing privacy controls and feedback mechanisms. This is going to reduce the number of addressable users (as they turn off various features) and increase the risks of tripping one of the many landmines planted in the new policies. We do not yet know how punitive these tools might get in their design (feedback, complaints, satisfaction surveys). Hopefully Facebook will design them to vent existing discontent vs. provoke new negativity.
What to Do: This just reinforces the takeaways from the previous point. Any user experience generating negative user reaction will have more opportunities to get detected and acted upon. Even if a Facebook reviewer misses a problem the end users will eventually catch on. Plan your user experience for this eventuality.
7) Less Privacy for Advertisers
While Facebook users are set to enjoy more privacy and control, the advertisers will soon have less of either. Increased disclosure under GDPR is just a start, as Facebook reviews & verification may put more advertiser info into public domain. Soon Facebook may start telling users on whose Custom Audiences they are (hello to those who upload random lists), as well as making every ad browsable on the associated page. The key question is how easy to find and search this info will be.
What to Do: Recognize that hiding or remaining anonymous will no longer be an option. Beside merely complying with policies, get ready for your competitors to gain more intel on you, while you research them. Expect that your ads will be swiped and ensure that your competitive advantage comes from something else
The new rules are arcane, vague and open to interpretation and mis-interpretation. The only things that matter will be actual enforcement practices as well as hard changes to the Facebook’s functionality. It will take months for the dust to settle down, but we can already see the shape of things to come and prepare accordingly.
Depending on how you are using data in your business the impact may range from mild to catastrophic. If you need help with revamping your ad strategies in the brave new world of increased privacy, get in touch.
Latest posts by Dmitriy Kruglyak (see all)
- [Podcast + Slides] Blueprint Lab Sneak Peek - February 21, 2019
- “5 Pillars of a Facebook Chatbot Strategy” in FeedFront #45 - December 19, 2018
- Speaking @ ASW2019 on Facebook Ads Process & Methodology - November 29, 2018