Facebook’s Failure and How that Relates to GDPR

We all felt disgusted and disturbed when we learned our Facebook user data could have been harvested to target specific political audiences in the last U.S. presidential election. Sadly, this breach in personal privacy is likely to continue until strict laws are enacted in the U.S. like the European Union’s soon-to-be-implemented General Data Protection Regulation (GDPR).

Consumers trade the use of free apps for an endless supply of free data about yourself.

Since it’s next to impossible to function in the modern-day world without having personal data out there, we hope that pressure from consumers will result in GDPR-like standards at a national level in the U.S.

“Free” technologies like Gmail, Facebook, and apps like Yelp are offered to the public at no monetary cost. You are giving them an endless supply of free data which they use to sell targeted advertising. It’s that type of data that can be manipulated to yield any number of insights, such as political leanings as was the case with Cambridge Analytica, which harvested private information from the profiles of more than 50 million Facebook users.

Facebook failed to prevent Cambridge Analytica, a third party, from accessing more information than it needed. In an interview with the New York Times, Facebook chief executive Mark Zuckerberg admitted to what amounts to poor information governance practices with regard to how a third party used Facebook data.

The organization of data is critical to company success.

The fact that Facebook can organize vast data volumes of information for its 2.2 billion users is something all companies should strive to achieve. The organization, management and governance of data are imperative to any company’s success. It’s critically important that enterprises proactively address information governance, security, and privacy concerns before regulations are put in place.

U.S. companies should meet GDPR-type standards for compliance when it comes to data privacy. Organizations that expand this practice to embrace all their data, throughout the entire enterprise, gain a significant competitive advantage—and look stronger in the eyes of customers and competitors—if they address the heart of what makes data privacy work: information governance. Basically, you should treat all of your content as if it were Personally identifiable information (PII).

Too many companies don't know what's sitting in their shared drives.

Implementing safeguards isn’t always about the IT security that protects an organization and the data it uses. It’s far too common for companies not to know what they have sitting on shared drives or various repositories across their organization.

Poor data management can lead to events like the Facebook-Cambridge Analytica debacle or the recent Orbitz breach where data that resided on an old booking system was breached. That should have everyone asking, why was that data left in the old system anyway?

It’s best to take a proactive approach and understand the nature of the information you have and where that data exists so you can properly manage it and regulate who has access to it.

You can build a competitive advantage through the right kind of information governance bolstered by analytics.

The benefits of proactive information-governance behavior can create a compelling competitive advantage. It allows you to use analytics on your big data. It provides better insight into your business. And well-managed information will improve processes and help you gain efficiencies.

Very few of us can—or want—to live off-the-grid. As business customers and consumers, we need to trust the organizations that we interact with. Ensuring the highest standards of privacy, through proper information governance, will serve as the key to engendering that trust.

 

Rich Medina
Brian Johnson
I’m Doculabs' Midwest Area Sales Manager.