Facebook & Cambridge Analytica: what do the changes mean for Users & Marketers?

It’s no secret that Facebook has found itself in some very troubled water over the past few weeks.

We’ve seen a sudden rise in big name companies like Mozilla, SpaceX, Tesla and Sonos joining a #deletefacebook campaign, propagated by WhatsApp Co-founder Brian Acton, who made billions from Facebook after selling his company to the social media giant.

I’m sure most are versed on the events that have led to the events above, as well as some much needed updates to Facebook’s data and privacy policy.

However, for those that have arrived late to the party, allow me to bring you up to speed…

body image 1

March 17: Facebook Scandal revealed in multiple reports

Multiple reports revealed that Cambridge Analytica, a data analytics firm with offices in the UK and US, had harvested the personal information of around 50 million [now up to 87 million] Facebook users without permission.

The data was retrieved from Global Science Research (GSR), a company owned by University of Cambridge professor Aleksandr Kogan. Kogan collected the data in 2013 using a Facebook app he built called “thisisyourdigitallife.”

Around 300,000 people installed the app and gave it permission to collect their personal information from Facebook, including the city they set on their profile, content they liked, and information about friends. With that level of access, Kogan gathered data on millions of people.

While GSR legally obtained the information, it was illegally paid for by Cambridge Analytica so that they could use it as part of the recent US presidential campaign.

Facebook was enlightened to the data breach in 2015 and instructed all parties to delete the data. However, Cambridge Analytica did not comply and continued to use the information. Facebook immediately banned the company from using their services once this information came to light.

 body image-6


March 19 – Facebook stocks plummet

The company dipped 4 percent, resulting in a loss of $23.8 billion from its previous $538 billion market value, as the public started to become aware of what happened.


March 21 – Facebook updates third party app policy

Mark Zuckerberg stated that there will be changes to how third-party apps can access your data, as well as a complete removal of all third-party apps that have not active in the last 3 months.

Most importantly, Facebook will complete a full audit of third-party apps, and developers that do not comply will be removed immediately from the platform.


March 28 – Making privacy tools easier to find

Facebook later announced that in addition to the changes they will make to third party apps, the company will also make it easier for users to understand and control their privacy settings on the channel.

body image 2-3

What has Facebook changed?

Facebook has been very busy trying to fix the holes in their privacy and data policies that allowed such breaches of trust to happen. In short, third-party app companies will feel the biggest impact of these changes. Facebook has removed many features previously available to them, including:

  • Event information: Data on users that are attending an event or post on event walls.
  • Page Access: Until today, any app could use the Pages API to read posts or comments from any Page. This let developers create tools for Page owners to help them do things like schedule posts and reply to comments or messages. Facebook stated that Page information is only available to apps providing useful services to our community, so don’t worry Hootsuite users –  the platform isn’t going anywhere!
  • Data Providers and Partner Categories: Last week Facebook announced that it would remove Partner Categories, a product that lets third-party data providers offer their targeting directly on Facebook.

    App Controls: Finally, starting on Monday 9 April, Facebook will show users a link at the top of their News Feed displaying what apps they use, and the information they have shared with those apps. Users will be able to remove apps that they no longer want. As part of this process, Facebook will also instruct users if their information may have been improperly shared with Cambridge Analytica.

What does this mean for the average user?

Public approval of Facebook is at a crossroads, with campaigns like #deletefacebook we find that users are questioning their loyalty to the platform. However, there is no doubt that Mark Zuckerberg is not hiding behind his layers of Facebook red tape, evident from his recent summit hearing with US congress.

In short, there’s no need to panic. Although we’ll see Facebook removing certain privileges and, in some cases, total access to third party applications, privacy is still something users can control.

As mentioned above, Facebook has begun the process of notifying users whose data was breached by Cambridge Analytica, through a warning at the top of their news feed.

The majority of third party apps are designed to enhance user experience by providing a more tailored and unique social profile. However, the recent changes to Facebook’s app and privacy policy will mean that data will be protected from apps that have ulterior motives.

This means that for Facebook users nothing will change; they’ll still have the ability to comment, react, and share as they always have, and the data will still be accessed by third party apps. However, with the recent changes, it’s now extremely hard to exploit that data.

 body image 3

What does this mean for Facebook Marketers?

With regards to the removal of partner categories, unofficial sources from Facebook state that paid social marketers have until 25th May to use the function. From then on it will be removed for users in the UK, Germany, and France. US marketers may still have this function available to them until September.

The removal of this targeting category restricts marketers from using third party data from providers such as Acxiom, Oracle Data Cloud (Datalogix), Epsilon and Experian that advertisers can request through Facebook.

For paid social marketers, this shouldn’t impact performance or activity much, so long as strategies are still based around the use of custom audiences and inbuilt Facebook targeting capabilities, campaigns can run as normal.

Paid social marketing has evolved tremendously, as more emphasis is put on the ability of Facebook’s algorithm, we find that the majority of audiences are targeted through the use of advanced lookalike audiences, website behaviour manipulation, dynamic and specific retargeting strategies etc. For most marketers, the reliance on third party data is minimal, as we see strongest performance when using primary data as our source of strategic inspiration.

It is, however, worth noting that Facebook plans to create a Certification Tool that demands that advertisers guarantee email addresses used for ad targeting are rightfully attained. Facebook’s old policy told app developers not to sell, share or misuse data they collected from users, but they failed to go far enough to enforce it. The aim with the Certification Tool is to provide more protection for user data, instead of just relying on the ethics of advertisers or the agencies representing them.

To conclude, if your paid social campaigns have an audience-first approach and stem from the use of pixel and primary data, you have nothing to fear; if they don’t, then they should!

We’re seeing more developments to this case as time goes on, so we’ll be sure to keep you updated on any crucial touchpoints that will impact the public users and paid social marketers.

If you’d like your paid Facebook activity to be in safe hands, contact us today – we’d love to hear from you. 


Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp