What the Cambridge Analytica affair teaches us about how to use personal data

Explaining what I do for a living to friends and family has often been an arduous task. To those uninitiated to the world of digital technologies and their use in marketing, explanation of the minutiae can often lead to difficult conversations and ethical debates. I’m often on the back foot, challenged in ways and on issues that those in the digital world (whether agency, consultancy or client) rarely approach. This typically includes the use of personal data and those marketing techniques that touch and disrupt everyday lives, such as cookies and retargeting. The things people see every day.

This debate has become even more relevant in the last fortnight. The Guardian/Observer’s collaboration with Channel 4 and the New York Times has dug-over the flowerbed of political targeting with its investigation of Cambridge Analytica and its role in the Trump election, Brexit and countless campaigns around the world in recent years. The examination has unearthed a multitude of allegedly illegal practices and even more that might be considered immoral, unethical or dangerous. It has also, of course, forced many in digital marketing to question whether their own activities might be considered as such. While we can often be relatively sure if campaign tactics fall the right side of the legal divide, ethical exercises live on a spectrum and are open to subjectivity and nuance: how can we be certain that we are playing by the spirit of the rules as well as abiding by the law? Do we even care?

Data procurement

When asked how Good Rebels is different, I’ve relied on two primary functions of the Cambridge Analytica (CA) playbook; one legal, one ethical. Firstly, and relatively straightforwardly, is how Good Rebels procures its data. Whilst the bulk of news media on CA has merely looked at the company having the data at all, what has often been overlooked is how it was acquired. User and platform permissions fall into several categories when dealing with digital data. Firstly, has the user given permission for others to access the information? Secondly, does the user grant permission to be ‘contacted’ using this information? Thirdly, does the platform itself permit the repurposing of this data for use in mass-market campaigns? Finally, and crucially, has the user authorised the use of their data for campaigns, research and targeting by a third-party? CA allegedly failed dramatically on the latter by harvesting data destined for research purposes and asking these participants to permit the collection of data from their entire network of Friends (giving CA its reported database of fifty million Americans, each connected back to their Voter registration). It was with this action that the company potentially moved from an ethical grey-area into the legal quicksand.

Campaign segmentation

Secondly, and infinitely more problematic, is the ethical discussion surrounding the use of this data. In many ways, the general public is even more suspicious of these practices: they happen in the shadows of digital media, managed by ‘data scientists’, hidden from the majority of users. And in many ways, CA’s work is little different to the practices of countless agencies and consultancies globally over the last few decades: segmentation and targeting. Campaigns would be considered negligent or poorly executed, in fact, if they didn’t employ these tactics. Political campaigns have been managed this way since the activity was first industrialised a hundred years ago and the private sector soon followed: the Kennedy campaign of 1960 built its famous 480 voter-types and 52 issue-clusters model; Republican strategists perfected mobilisation techniques in the 1980s; the Howard Dean and then Barack Obama campaigns of the 2000s exploited digital media platforms to micro-target voters. However, CA is alleged to have taken these strategies one step further, beyond ethical confidence.

The Obama campaigns of 2008 and then 2012 dragged data-driven strategies into the Facebook-era. By using this new platform, the campaign was able to segment, target and understand the electorate like never before. Helped by a progressive candidate and an animated group of supporters, the Obama campaign used these technologies to increase participation in the election and broaden political debate, particularly among African American voters. It used data to overturn traditional Democrat weaknesses on fundraising and television spending by finding hidden value in digital advertising and messaging. As Matthew McGregor of the campaign recently stated on the BBC’s Week in Westminster radio programme: “data is hugely valuable for campaigns in ensuring that messages get to the right people. It’s the difference between knocking on every door in the street and saying the lowest common denominator message versus knowing who’s behind each door and what might work for them … It’s important to remember that campaigns, and vibrant campaigns, are part of the lifeblood of democracy”. Rather than further democracy, however, it is alleged that CA did almost the opposite: reducing the debate to unqualified accusations and wedge issues, designed to divide the electorate and exploit fears to earn votes. In the US and UK, it is alleged to have changed the results of recent votes and elections, but the same reports pointing to CA’s involvement in Sri Lanka and Kenya indicate that its impact could be worse still.

How does Good Rebels use client data?

It’s this final point that often provides relief when cornered by an angry family member. To claim that Good Rebels tries to use its legally procured data for good rather than evil is perhaps reductive, and subjective. However, to assert that we use the information we possess to encourage participation, to nurture grassroots activity, to generate passion behind issues we care about and which we see as sharing our philosophy, in a fully transparent way, may be closer to the mark. And this can also be said for the majority of the agencies and consultancies that use data to understand their audiences. But is this enough? Can we simply trust that organisations will use data responsibly, penalising the minority of cases where legal and ethical boundaries have clearly been breached?

What next?

The news cycle of the last couple of weeks feels different to other data-related scandals. It feels like this story might actually cause something to change. Is this the point at which the general public, yours and my family and friends, become fully aware of what’s being done with their data? Is this the inception of a world where people believe that it is their data and act to restrict its use? Through technologies like blockchain, ‘owning’ and controlling the dissemination of your data will become far easier in the near future. Perhaps when I’m interrogated by my nearest and dearest in a few years time, I can point to new legislation and technology that we have all had a part in developing to ensure that we all feel ownership of our information.