After a string of bad press and the worst crisis in its 14-year history, Facebook today posted gains of 63 percent in profit, and 49 percent in revenue. Or, to put it another way, Wall Street gives zero fucks about your privacy concerns.
For a company neither stalled nor slowed by the #DeleteFacebook movement, rapidly shifting public sentiment after the Cambridge Analytica scandal, or the non-story that came of our android overlord Mark Zuckerberg’s trip to brief Congress on the differences between WhatsApp and email, it’s clear that regulation might be our only way out — assuming lawmakers can make a cold turkey break from Farmville, that is.
It’s not all doom and gloom. Or, maybe it is, depending on which end you think constitutes doom and gloom. Facebook did lose a significant number of daily users in the United States and Canada. It also reported an overall decline in the amount of time spent on the platform. But attributing either of these as “wins” for the individuals expecting Facebook to shed blood for its previous — and numerous — missteps is misguided.
Zuckerberg himself, remember, warned investors in January to expect this thanks to a renewed focus on “meaningful connections between people rather than passive consumption of content.” Or, maybe that was all PR spin. Who knows anymore? Either way, it’s clear that things are still going mostly to plan for Facebook and its shareholders.
That leaves regulation. So far, it seems to be the only thing Facebook fears.
It’s a legitimate fear, especially in Europe where General Data Protection Regulation (GDPR) laws become enforceable starting next month. May 25, to be exact. Under the terms of GDPR, organizations will have to ensure that personal data is collected within a defined set of rather strict conditions. Additionally, these organizations are responsible for who collects and manages the data, as well as ensuring it isn’t misused or exploited.
If companies fail to respect the rights of data owners (people who use the platforms), they’ll be subject to penalties that could exceed €20 million ($24.3 million USD).
These regulations aren’t just for European countries, either. The new rules apply to any organization that does business with customers or other businesses inside the EU. For Facebook, this is troubling for a lot of reasons: not the least of which is the Cambridge Analytica scandal, which would have cost the company millions had it happened a few months later.
After initially agreeing to voluntarily implement the strict new European standards “in spirit” worldwide, Zuckerberg and his army of blue-clad worker bees have since reversed course, deciding instead to evade, evade, evade.
In a call with reporters earlier this month, Zuckerberg said, “We’re just going to make all the same controls and settings available everywhere, not just in Europe.” But words are less important than action. And Facebook’s actions would indicate it never had any intention of following up on this plan. The company last week started to shift its European users’ data from its International HQ in Ireland, back home to Silicon Valley — a move it’s seemingly hoping will keep the company out of reach of the new regulations.
Whether that happens remains to be seen.
In the US, there’s nothing similar on the horizon. We rely on a patchwork collection of self-regulation guidelines and frameworks meant to protect certain activities, and may (coincidentally) overlap or contradict previous best practices. Telemarketing, email, and healthcare records in the online space, for example, are protected. A general blanket guideline protecting all users in a way similar to GDPR? Not even close.
Maybe it’s time we fix that?