NEW YORK – For the tech industry, Facebook’s Cambridge Analytica scandal has led to a wave of self-examination when it comes to the culture around data collection and utilization – and what the price is for bad data privacy policies.
While regulatory efforts, fines and consumer public sentiment might be good motives to keep tech giants honest, a larger cultural shift is needed in the tech industry’s mindset to improve the current state of affairs, experts say. They say social media companies, and other firms, need to re-evaluate the role of data misuse and even consider how breaches are disclosed.
“The era of being able to collect data and use it as you will, is shifting,” said Kalinda Raina, head of global privacy at LinkedIn, speaking on Tuesday at the WSJ Cyber Security Forum. “Data privacy isn’t just a legal issue – the whole company needs to think about and be educated about clear corporate values when it comes to using or collecting data.”
Unfortunately, that change in mindset won’t happen overnight.
Maureen K. Ohlhausen, former commissioner of the Federal Trade Commission who held her position when Facebook’s Cambridge Analytica debacle broke out, called this moment a “pivotal point” when it comes to awareness about data privacy.
Ohlhausen, for her part, recalled making the decision to bring the Facebook investigation public – a situation which the FTC generally doesn’t do, she said.
“In this case, public interest was white hot – we were seeing questions from consumers, Congress and regulators, around the world,” Ohlhausen said. “I made the decision to make that investigation public, and it was one of those moments where you see that the intensity was so palpable, it wasn’t like other breaches.”
The main impact that has emerged over the past year is privacy shifting from a concern to a reputational risk for companies. On the outset of Facebook, companies are fearing more than a slap on the wrist when it comes to be data privacy issues – their reputation is at stake.
When it comes to data privacy, it’s not just on the shoulders of social media companies, either. Security issues and data breaches have left consumers concerned about data that they put online.
“It’s become a C-Suite issue,” she said. “Privacy has always been an issue, but a rise in awareness in consumers means that it is starting to affect the bottom line of a company and affect its leadership – we’ve seen CEOs lose their job.”
Facebook has seen intense backlash for data misuse since last March – the company has been fined by a UK data watchdog, the Information Commissioner’s Office, and most recently from Italy.
Fines like these might be effective to an extent for privacy policies, but ultimately the main driver for companies must be internal, said LinkedIn’s Raina.
The Facebook scandal left social media companies evaluating how they could build a culture of viewing data as valuable- and private – when it comes to consumers, she said. LinkedIn takes employees from across its organization and put them through a six-month course about privacy.
Part of that is also giving consumers a say in how their data is collected and shared. “Users come to LinkedIn to be found, that’s what’s interesting about privacy – we want to ensure they have the control over the ways that data is used,” said Raina.
