It is said that a week is a long time in politics, but for Mark Zuckerberg the last seven days must have felt like an eternity.
In case you missed what – in the words of author JK Rowling – was “Surely the story of the year, if not the decade,” Facebook, the behemoth of all social media platforms, is deep, deep in the proverbial right now.
It’s all because of data; rather, its failure to protect the personal data of its users.
Two weeks ago, Facebook failed in its efforts to prevent The Observer from publishing damning evidence showing it allowed data on 50 million Americans to be extracted and sold to UK-based Cambridge Analytica.
The company, who as it happens was hired by Donald Trump’s 2016 election campaign team, compiled psychological profiles that categorised people by personality type. They then targeted these groups with political messages most likely to resonate with them; thereby, influencing the result of the US presidential election.
But the fall-out from these revelations goes beyond the $60bn that has been wiped off Facebook’s market value, the impact on its reputation could be far greater.
Facebook ran a full-page apology in most of the Sunday (25th March) papers, in which Zuckerberg said, “This was a breach of trust, and I’m sorry we didn’t do more at the time.” He added, “We’re now taking steps to make sure this doesn’t happen again.”
We’ve heard this before…11 times previously in fact. As far back as 2011, the company received warning that it was failing to ensure the data it held was protected when passed to third-party software developers. Facebook failed to act for another four years on that occasion.
Slow response, huge impact
Each time a new case arises, Facebook’s response is the same: delay and hope the story simply goes away (which it never does), followed by denial. When that doesn’t hold water, remorse sets in coupled with an unswerving pledge to “fix Facebook” and “prevent bad actors from accessing people’s information”. This is topped off by the admission that “there’s more we need to do…”
“What is disturbing is that Facebook has not yet identified and alerted users whose profile information was vacuumed up”
New York Times
Facebook’s reaction is the very definition of ‘spin’ – a descriptive term we PRs despise. It’s akin to a domestic abuser saying sorry to their partner for their latest behaviour and expecting that person to be suckered by their promise to reform so it doesn’t happen again. After a dozen or more episodes and repeated resolutions ‘to change’, that belief in their ability to do as they say wears extremely thin.
A crisis of trust and identity
The Cambridge Analytica scandal or crisis, whichever description one favours, shows Facebook’s clear colours – profit over protection. It’s open door policy to third-party developers has been central to its commercial strategy which, as The Observer put it, means that “the more apps there were on its platform…the more personal data there would be to monetise.”
In other words, Facebook turned a blind eye to what developers were doing and spurned their responsibility to better protect the personal data of its users in favour of commercial gain. It is ironic given Zuckerberg’s repeated new year pledge announced in January was to “fix Facebook”. We have, of course, heard this before with little or no actual fixing taking place; this is one case that will take a little more than a Band Aid to remedy.
“[Facebook] has been misleading in its evidence, arrogant in its instinct to shirk the responsibilities that come with power”
But what is Facebook anyway? It used to be a social engagement tool yet recent changes suggest it’s limbering somewhere between being a news service or a publishing platform (it reminds me of my former employer, Daily Mirror, which has always struggled between learning towards The S*n’s audience or that of the Daily Mail). Does Facebook even know? Perhaps a re-evaluation of its identity is needed at the same time as its revised data protection policy.
A way back from here?
The company has well and truly shot itself in the foot. While its official response ticked all the boxes for what a sound crisis communiqué should look like, it was ill-timed. They should have reacted within 24 hours of The Observer’s exposé, rather than waiting to see if it would all blow over. Which of course it was never likely to do – this is, after all, a business with over 2bn customers.
Facebook has a power and influence like no other. But this comes with a responsibility to do right by the very people it relies upon to ensure it remains relevant. Warren Buffet famously said “It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you’ll do things differently.”
The question for Facebook to ponder over the coming weeks and months will be this: Is the loss of market value, loss of customers and reputational damage really a price worth paying for not implementing tighter privacy controls?
For the best part of a decade, Facebook has dominated the social media sphere and each crisis that has come its way has simply slid off its seemingly Teflon-esque profile. This latest crisis, however, is its biggest and potentially most damaging and the way it reacts over the coming weeks will, in my view, determine its ability to recover and regain the trust it has lost.