• Cybersecurity
  • Policy and Regulation
  • Policy and Regulation
  • Data Collection

Learning from Facebook’s Mistakes

May 17, 2018

For those of us who abstain from social media, the ongoing scandal with Cambridge Analytica has validated this decision to opt-out. However, the decision to opt-in or opt-out of data collection and still be able to use Facebook is not available. The Facebook and Cambridge Analytica debacle shines a light on the issue of collecting data from unassuming consumers and on how that data is used and manipulated. No matter how policymakers respond to this event, their decisions will have wide-reaching implications for all data-sharing industries, especially for the Internet of Things (IoT) ecosystem.

Can Lawmakers Bring Clarity to Data Collection Ethics?

Data protection laws in the US are relatively new and continue to evolve on an ad hoc basis in response to ongoing data hacks and security breaches. Addressing these issues requires a more sophisticated regulatory environment that considers how data is being collected and used. This brings up an ethical concern—when a company’s profitability depends on sharing user information, the ethics of data collection become muddled. Lawmakers in Europe are some of the first to respond to these issues. In April, the EU’s General Data Protection Regulation (GDPR) was finally approved after 4 years of preparation and debate. GDPR will replace the EU’s Data Protection Directive 95/46/EC and will take effect May 25, 2018. Changes to the directive include extending the law’s jurisdiction to apply to all processors of personal data, regardless of whether the processing takes place in the EU or not.

Laws like GDPR will have a significant impact on the data-sharing industry, especially for businesses that rely on tracking consumer behavior through IoT-enabled devices. These laws require that companies clearly and succinctly spell out their intentions for data collection in their user agreement contracts. Ensuring that all parties clearly understand the service terms strengthens conditions for consumer consent and gives consumers more control over their personal data. The policy’s push for greater transparency may force some businesses to rethink their approach to data collection. Manufacturers of smart devices are thus encouraged to move away from long terms of service and instead, provide real-time information with opt-in choices.

Industries Must Build Trust with Consumers

Informing consumers on how their data will be collected and used will help to alleviate privacy concerns and build trust. As technology continues to advance in making phones, cars, and buildings smarter, it’s important for businesses operating in these data-driven industries to build a trusting consumer base. Doing so will enhance the competitiveness of those buildings as customers will be more willing to consent to new user agreements. Manufacturers of smart devices can avoid making the same mistakes as Facebook by taking note from the EU and being more transparent in their user agreement contracts. Both providers and consumers of smart devices stand to benefit from stronger protections to prevent future abuse.