If you’ve relied on Facebook Advertising to reach new and existing customers for your business, then this year may have been a real pain in the butt for you.
Two of the most important events in 2018 in terms of online data use include the EU’s General Data Protection Regulation (GDPR), which came into effect on May 25, and the Facebook-Cambridge Analytica data scandal, which hit the New York Times and The Guardian headlines on March 17.
GDPR was initially announced in 2016, but did not become enforceable until this year, buying companies some time to become compliant. In short, the GDPR is a new set of laws that changed the way companies handle online data from EU residents, and empowered EU citizens with more control of their personal data.
But the event that most rocked the data boat this year was the Cambridge Analytica scandal, where the third-party political data firm hired for Trump’s 2016 campaign gained access to the private information to over 50 million Facebook users, and then using that data to eventually influence behavior. You can read the full details in this New York Times article.
These two events changed the course of how Facebook, and many other online platforms, provide digital advertising services. While there are many changes that have already happened and will happen, we’ll focus on a few key changes that most affect small to medium-sized business owners.
No more Partner Categories (for now)
Likely the most upsetting change that Facebook is making is the removal of Partner Categories, which are targeting options provided by third-party data firms, like Acxion, Experian, Cambridge Analytica and more. This data allowed advertisers to target offline behavior, like persons buying a home or purchasing a car.
You could imagine the uproar from people who felt compromised after learning about this, but it is important to note that this is a fairly common practice in digital advertising. These data firms, or data brokers, created detailed profiles using various methods that you may have opted into unknowingly. In addition to large purchases, they also know what offline and online stores you have visited, your political or religious affiliation (despite whether you’ve disclosed this on Facebook), income and socioeconomic status, and much more.
This feature is what made Facebook Advertising so effective, attractive, and affordable for small businesses and entrepreneurs. Now, if you want that kind of targeted information, you will have to work with the data brokers themselves, going directly to companies like Acxiom and purchasing their services directly.
Facebook may be removing this feature, but it doesn’t mean it won’t come back. The main lesson from the data scandal is not that people do not want to share this information, it’s that people just need to know what exactly they are sharing and why (the basis for GDPR).
If you’re using Partner Categories in your current Facebook Ad campaigns, you have until August 30, 2018 to end those campaigns.
Informing site visitors of Facebook Pixel use
It’s common now to visit sites and see a “cookie banner” pop up asking you to accept the fact that your activity will be tracked on that site. That is because GDPR is requiring companies to ask for explicit consent from European Union visitors and customers to collect and use their data, even if it is just website activity.
Facebook Pixel is code that you can place on your site that helps Facebook collect information about your website visitors, so that you can use it to target them later using Facebook Ads.
Even if you don’t have many website visitors from the EU, this is good practice anyway. There’s no telling if the U.S. will follow in the same footsteps, but if large companies like Facebook are making these changes, other companies will follow suit to avoid trouble in the future.
Tighter restrictions on Facebook Custom Audiences
Another great feature of Facebook Ads is the ability upload your own list of email addresses that you can either specifically target using ads, or create “lookalike” audiences to find new, similar people to those on your email list.
Facebook will now require advertisers to receive prior consent from the individuals on your email list before you’re allowed to use them as a Custom Audience. That means you can no longer use the downloaded contacts from LinkedIn, emails you’ve collected from business cards at a recent networking event, purchased lists from email brokers, etc. — unless, that is, you have received explicit consent from those contacts.
How Facebook will police this in the future is uncertain, however they will be placing the responsibility on you, the advertiser. That means you should meticulously document the actions from your list so that if a GDPR representative were to ever approach you, you’ll have the information you need to prove your compliance.
What you should do
There are many, many other changes that will affect all kinds of companies, large and small. The important thing to keep in mind is that you should be transparent to your customers about the information you want to collect from them, and why you’re collecting it. This may lower opt-ins and customer sign-ups, but it’s worth losing a few potential emails to mitigate a large and hefty fine from the European Union, or a PR nightmare like Facebook.
Find marketing firms and online software that can help you navigate this new, tricky landscape. Look for GDPR and data privacy knowledge on their sites. Find a lawyer or an IT company you can work with whose sole purpose is to help businesses protect and handle user data.