Users of Facebook no doubt have seen at least some of their friends post the “copyright” update. In brief, the post states “I hereby declare that my copyright is attached to all of my personal details,” including photos, comments, and anything created by the user. As a matter of copyright law, the post is meaningless, and is simply a rehash of previous hoaxes that seem to go viral once every few months. Notably, this particular variant of the hoax claims that Facebook will begin to charge six dollars for advanced privacy settings in the near future - something the social media giant vehemently denies. Ultimately, this meme too shall pass, and a new hysteria about Facebook will emerge.
But the uproar indicates more public concern than may appear at the surface. Though the post is fake, the sentiments behind reposting it are not, and suggest a substantial concern among Facebook users that their personal data may be used without their consent. As the negative responses to Facebook’s periodic changes to its privacy policies show, users are concerned that their information is being bundled and used without their consent. One way to think it is that users are attempting to opt-out of the bundling and sale of their personal information. Of course, the only way to “opt-out” of Facebook’s privacy settings is to opt out of Facebook entirely, which virtually no one seems willing to do.
Facebook is not the only business hit with public concern over use of personal data. This past August, Spotify released new terms and conditions that would allow the music streaming app to access user photos, GPS tracking, and social media accounts. Wired immediately dubbed the terms “eerie,” and compared Spotify to “a jealous ex.” And even though Spotify CEO Daniel Ek clarified that users would be asked before the app accessed personal data, the damage had already been done. The social media news cycle moves fast, and sometimes even a day is enough to cement public perception of an issue.
Why is the public response to perceived privacy problems so visceral as compared to the public’s awareness of actual privacy concerns? One reason seems to be the amount of effort involved - the general population has little tolerance for learning what of becomes of their personal data if it involves more than a cursory glance. For example, if you call to enroll in automatic payments for your cell phone service, you may hear the automated voice offer to read you the terms and conditions of the auto-pay program. You will then likely hear the automated voice say, seemingly with a wink, “Or, if you prefer, you can just skip the terms and conditions and enroll.” Even though the program involves granting a third party access to your bank account and the right to withdraw funds without asking you, the vast majority of users simply accept the terms and move on. The story is the same for apps - somewhere between five and ten percent of users actually read the fine print.
With that in mind the Facebook contretemps makes a little more sense. Consumers are concerned about privacy, and getting more concerned each year. At the same time, less than a fifth of the population defines themselves as “privacy centric” when it comes to priorities in how they use social media. For the rest of the world, the time-cost of reading terms and conditions, or even changing privacy settings, is high enough that they are unconcerned about what becomes of their personal data -- until the next privacy meme catches their attention.
If most consumers are willing to accept that their data will be used as apps, stores, and vendors see fit, should businesses even worry about what they do with customer data? Absolutely. Even setting aside the legal and PR consequences of a data breach, the same viral/mimetic news cycle that creates a new “hero” every day also creates villains. As Spotify’s Ek tried to explain last month, Spotify’s terms and conditions were not materially different than Twitter’s - but Twitter remains beloved and Spotify has been widely reviled.
Presenting changes to privacy policies or terms and conditions, then, can be a delicate balancing act. On the one hand, businesses must keep customers aware of changes in policy in order to secure consent (even if it amounts to little more than a wave and a nod). But such changes must be made carefully, with an eye towards meeting public expectations about incremental change, and without giving rise to a perception of overreach. While there is no formula for avoiding bad press related to customer privacy, developing a reputation as a privacy-conscious business is another component of being #Datasmart.
Reproduced with permission from Copyright 2015 The Bureau of National Affairs, Inc. www.bna.com
