Last year a virtually unknown company named Cambridge Analytica became one of the most talked about organisations overnight. With the anniversary of the Cambridge Analytica scandal being a hot topic of conversation this week, our CEO Derek Roga takes a look at what we have really learnt one year on, read his thoughts in the article below for SC Media.
OPINION by Derek Roga
Legislation by itself is not enough of a deterrent to put companies off misusing data. Until someone is hit with a significant punishment, data will continue to be commodified and used poorly.
A year ago, a little known company named Cambridge Analytica became one of the most talked about organisations on the planet overnight.
Since 2013, the political consulting firm had earned its money by mining and analysing data, before combining it with strategic communication to, essentially, sway elections and other political processes. However, in early March 2018 it made headlines around the world over as the company was revealed to have misused millions of people’s personal data via Facebook, in partnership with the social media giant. Over US$ 100 billion (£75 billion) fell off Facebook’s value over the following days and it was hailed as a watershed moment in personal data and its (mis)use by large corporations.
However, Facebook went on and has since recovered, losing just five percent of its UK users while US users actually used Facebook more in the wake of the scandal. Mark Zuckerberg, Facebook’s CEO, apologised and said the scandal was a "breach of trust", but the company was fined just £500,000 by the ICO. Cambridge Analytica was also issued a paltry £15,000 fine for its part before folding. However, its founders have since set up another political consulting company. In short, nothing has really changed.
Timing is everything
You could argue the timing of the scandal was a stroke of luck for Facebook. Had it been unearthed just six weeks later the consequences would have been a lot worse. The toothless nature of the ICO’s fine would have been significantly amplified had the scandal fallen under GDPR. Indeed, in January this year, Google was hit with a £44 million fine for not obtaining consent from users to use data in ad personalisation.
Finally, it seems, there is legislation in place to protect user data that poses a real threat to companies, with a potential fine of up to four percent of global revenue at stake. To put that into context, Facebook could have been fined over US$ 2 billion (£1.5 billion) for its part in the Cambridge Analytica scandal had it incurred the full wrath of GDPR.
However, I’d like to think that most people aren’t naïve enough to believe that the legislation by itself is enough of a deterrent to put companies off misusing data. Legislators must follow through with their promises and enforce these fines. Until someone is hit with a significant punishment, data will continue to be commodified and used poorly.
Until GDPR really starts to take effect, the responsibility for personal data ultimately has to come from consumers themselves if we’re ever to see a meaningful change. We have seen that companies that rely on consumer data to generate revenue, such as Facebook, will always be looking to squeeze everything they can out of their users.
We must realise the power of our data and what it can do. It has the power to inform company strategy, display trends in society, influence how society thinks and even swing elections. More robust risk versus reward must be deployed by consumers, who must ask whether the action of handing over their data is really worth what they get back in return.
Enterprises, for now, have really learned very little a year on from Cambridge Analytica, other than that they could handle data as poorly as they want to and more or less get away with it. Thankfully legislation like GDPR has since been enforced, and made companies think seriously about what they use our data for.
This coupled with greater consciousness from consumers could usher in a new era for personal data protection, but even a year on since the Cambridge Analytica scandal, there’s still some way to go for the learnings we’ve taken from it to be put into practice and for consumers to take back control of their data.
Contributed by Derek Roga, CEO, EQUIIS Technologies.
*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media UK or Haymarket Media.