To say that since its launch Facebook has raised some eyebrows in regards to its approach towards privacy and data protection is somewhat of an understatement. From the word go, the social networking site has been repeatedly lambasted with accusations of failing to adequately protect individuals’ rights to privacy, chiefly in respect to personal information and content which users themselves had placed on the site.
However, as more and more companies began using Facebook to drive their online marketing efforts, the question has become, how does Facebook’s at times seemingly unfriendly stance toward privacy and information security square up with individual companies and their relations with end-consumers?
The issue takes a further twist when one considers that Facebook may well find itself having to toe the line with EU – rather than just US laws – on the subject. Indeed, according to Facebook’s Statement of Rights and Responsibilities, the relationship the user establishes by signing up to Facebook is as between him or herself and “Facebook, Inc., or if [..] outside of the United States, Facebook Ireland Limited.” The Facebook privacy policy goes on to re-assert this definition.
The clear implication for Facebook is that any non-US Facebook user must then have remedy under Irish law – which, given the EU principle of harmonisation, will be consistent with the prevailing EU directive on Data Protection. The trouble is, the EU stance on Data Protection is much tougher than in the United States, possibly stemming from the two cultures’ widely differing views when to comes to the concept of privacy.
Nonetheless, this means that under EU jurisdiction, data subjects should be given notice of when their data is being collected, should be rightfully informed of who is collecting that data and should be allowed access to their data. Meanwhile, the data itself must not be excessive in relation to the purpose or purposes for which it is processed, and must not be stored for longer than is necessary.
However, when a 24-year old Austrian law student requested access to the data that Facebook was storing on him, he was stunned to receive a CD containing 1,222 pages worth of data – including chats he had deleted, old “pokes” from 2008, and invitations to which he had never responded, let alone attended. The subsequent media attention he received has sparked renewed speculation of Facebook’s focus on data protection and privacy.
Interestingly, following the furor, the Office of the Data Protection Commissioner of Ireland has confirmed it will now undertake a comprehensive audit of Facebook Ireland before the end of the year, to evaluate Facebook’s compliance with the requirements of the Irish Data Protection Act. The increased adoption of Facebook as a commercial platform adds an extra element of complexity to this situation.
The introduction of f-commerce has opened enticing possibilities to retailers who are eager to gain an extra distribution channel and directly monetize their fan base. While opportunities are only starting to be fully explored, according to global management consulting firm Booz & Co., social commerce will grow to 30 billion USD by 2015 – six times its current size – with Facebook predicted to be one of the primary contributors.
Currently, in spite of these ambitious projections, only a small percentage of retailers present on Facebook use their page as a transactional touch-point, preferring instead to use their presence to focus on customer brand engagement. While luxury brands may have been somewhat fashionably late when it came to ensuring their online presence, the tables have turned and today, there are few brands without an online marketing strategy.
The innovators are forging ahead with f-commerce. Diane von Furstenberg was quick off the mark, featuring Facebook-exclusive merchandise with its “Wrap of the Month” campaign. Other brands quickly followed, and experienced varying degrees of success. In particular, Bulgari, who launched its f-commerce last May as a platform to sell exclusive jewelry pieces, had trouble and took the page down within a few weeks. Presumably, the brand discovered a price-sensitivity to £12,000 baubles across the ~350,000 who “Like” the brand.
Nonetheless, these f-commerce sites have been, until now, simple access-points. They allow browsing, selecting and putting into the shopping cart, ultimately accompanying the client through to each brands’ e-commerce site for checkout.
By contrast, Burberry – ever the innovator in all things online – was the first to deliver a start-to-finish f-commerce experience, centred on its Body fragrance, without the user ever having to leave Facebook. Following in its footsteps, Oscar de la Renta recently launched a similar program, which focuses on the brand’s Esprit d’Oscar solid perfume ring.
The brands mentioned, as well as many others present on Facebook, ought to be lauded for taking powerful steps in an exciting new direction – in particular, those offering their customers the opportunity to buy directly from their Facebook page. Nonetheless, it is critical that they understand what this means for their customers’ data security – particularly those who have chosen to establish a cozy relationship with Facebook as a transactional partner.
Photo credits: Brock Hanson
