Social media isn't at the "as goes Facebook, so goes the marketing world" level yet. But Facebook's impending initial public offering is likely to bring additional scrutiny onto its data gathering and use in social marketing practices – and, by extension, onto those of other marketers.
There's a double risk in this, according to Dennis Dayman, chief privacy and security officer at marketing automation and demand generation firm Eloqua. First, Facebook is a social media company that does not come from the marketing tradition of collecting only the data necessary for effective communication. Consumers volunteer a lot of information to Facebook – and the company considers a good chunk of it valid for marketing purposes.
Second, says Dayman, CEO Mark Zuckerberg is an engineer who doesn't necessarily hold privacy as his primary concern.
"Mark likes to push limits, and he truly believes in what he does," Dayman says. "He wants a lot of adoption and much happiness to come out of his platform. He has made choices, and those have not been popular choices by some consumers and regulatory people. As a private company you can push the envelope a little bit more. When you go public, that changes."
What Zuckerberg may not be doing is taking the concept of privacy by design to heart. That idea, espoused by Ann Cavoukian, Ontario's privacy and information commissioner, holds that privacy and data security concerns should be every stage of a new technology's development. That doesn't just apply to Canada: The U.S. Federal Trade Commission has already advocated companies take a privacy by design approach into their business practices.
That failure to incorporate privacy by design has already bitten Facebook. In November, the company reached a settlement with the Federal Trade Commission stemming from actions that allowed advertisers to glean personal information after users clicked on advertisements on the site. The company has agreed to 20 years of privacy audits.
Zuckerberg may also face pressure from outside advertisers to use every last scrap of consumer-volunteered information in aiding targeting messages and ads. "When you have advertisers wanting to come in and buy services, you have to give them as much [in the way of service] as possible," says Dayman.
But, he cautions, advertisers may be overreaching in their assumption of what a "like" means. "If someone clicks 'like', [marketers assume they have permission to] email them. Well, no. Just because they like the red truck doesn't mean they want to buy it. That is where some marketers start to shoot themselves in the foot."
The rules regarding what constitutes consent within social mediums are still being worked out. A "like", according to Dayman, is just that – an indication of appreciation. "It is not an affirmative action saying you want more information or you want something else from them."
This could change, of course, if marketers start spelling out exactly what they will do once a consumer clicks a like button.
"Make the like button an affirmative consent," Dayman advises. "[Marketers should make it clear that] if you click 'like' and a checkbox, they are going to send you more information. Then they will have an affirmative, knowledgeable consent. With just a 'like' button, there is no notice about what is going to happen."
Outside of the United States, the question of specifically affirming request for more contact will be part of new privacy laws, especially within the European Union.
There is another variable for Facebook consider when evaluating its data practices. If its IPO goes through, the company will be more vulnerable to consumer pressure than it previously had been, as being a publicly traded company allows a form of protest – selling stock – that is much more effective than starting an online petition.
But this form of protest will only go so far: Zuckerberg has created multiple classes of stock, and even after the IPO will retain a much higher level of control of this company than most post-IPO CEOs do.