The Cambridge Analytica Revelations Have Made GDPR Preparations Even Harder

Brands will now have to persuade an even more sceptical public to 'opt in'


As we approach May 25th and the implementation of GDPR, organizations are frantically scrambling to entice users to 'opt in', providing what they perceive to be persuasive value propositions to get hold of the data many marketers have relied heavily on in recent years.

This has been a challenge some have risen to and some have not. As we speak, your inbox is likely filling up with a number of creative calls to opt-in, and some that can politely be described as not so creative. However, one thing nobody needed - not matter how good their efforts may be - was a major scandal around the handling of private data to further deter consumers from doing anything involving sharing their personal information.

Unfortunately, this is what we have got. The Cambridge Analytica revelations are terrible for a number of reasons, not least in their vulgar attempts to influence elections. The thrust of the issue for many, however, is what it has shown the reckless abandon with which companies have handled our personal information. As Alex Hern wrote in the Guardian, "people are also beginning to look up, as if from a daydream, to ask: how exactly did we end up in this situation? Why did we give up our privacy so willingly? And how can we get it back?"

This is a problem that GDPR was designed to solve, and it may well do. The issue is that the majority of people don't know it exists. Cantor TNS’ GDPR Awareness Index found that just 34% of consumers knew what it was when polled in February (unchanged from the month before), and most can't really be bothered to find out. Data protection regulations aren't exactly sexy reading material, and while those who do take the time to read about it may be somewhat reassured, those who don't, won't.

This is a major problem if we are going to get people to opt in. They need to know why they are having to do it or it will end up confusing and will be ignored, regardless of the value proposition being offered to them. At a recent GDPR conference at the London Data Festival, one of the speakers described how he had been drip feeding surveys and games to get people to sign up and give you data. This is great, but if everyone is doing that, it snowballs. How long is it before people get opt-in fatigue, particularly if they don't really know why they are doing it?

The idea that we offer a value exchange still holds water, and it is still one of the only real tools in a marketer's arsenal. In an interview with us last year, Tamara Gruzbarg, Senior Vice President of Data, Analytics and Business Information at Time Inc acknowledged that, "Public perception of data collection is generally negative, how can we change this in the future? We have to develop a culture of recognizing the customer as a key client of our data services: how do we improve our customers’ lives by collecting the data? How do we relay this value to them?" And she is correct. But the amount of value you have to offer goes up dramatically when trust decreases. At what point do we acknowledge that what we offering in exchange for data isn't worth it? And if no-one really knows why you're doing it, what will they care?

Organizations are in the strange position now when it comes to GDPR. They have to educate their audience about regulations that exist to give them the option to stop being a member of it. Amir Malik, Digital Marketing Lead for Accenture, recently noted that that, “The Channel 4 sting operation [on the Cambridge Analytica data breach] reveals more about the apathy data processors have toward their research subjects and the data commodity and the [consequent] risk to data controllers, who are not ring-fencing sensitive data from such bad actors." He believes that, "GDPR and ePrivacy will gain more momentum and credibility in the wake of this scandal.” This could end up help companies who need users to understand their GDPR offers, but it will need to happen quickly. Right now, all organizations should now need to be data privacy activists. 

Find out more about corporate use of data, and how to navigate GDPR, at the Big Data Innovation Summit this April 12-13 in San Francisco. To register your interest, click here.


Read next:

Why We Need Data Visualization To Understand Unstructured Data