Well it had to happen. The surprise is that very few commentators picked up on it over the past decade or so. What am I talking about? The recent Facebook scandal of course.

Picture if you will the lawless “wild west”. For many of us older people, we grew up on the cowboy stories of the wild west of North America. Lawlessness was the dominant theme as settlers tried to establish themselves by building houses and communities. Towns developed as a result. Because of the general lack of proper legislation and regulation murder, crime and skulduggery were the predominant themes. We have seen it in other parts of the world more recently. The rule of law was at best, sporadic and at worst pathetic. Gun-wielding gangs roamed the region and pillaged accordingly.

I have been reminded of these images over the past few years when I reflect on the emergence of powerful players such as Facebook, Amazon, and Twitter and so on. The sheer scale, power and influence of these players has amazed me. Their ability to capture data and more importantly harvest it has been a recurrent theme throughout the past decade or so. I was beginning to feel as though I was paranoid about the potential dangers of such developments. Where was the legislation to protect consumers in particular and the wider society in general from being exploited by opportunistic companies and organisations in their question to more effectively influence and manipulate them?

A few commentators, largely from outside the business domain, have expressed concerns about the potential malign influence that people such as Mark Zuckerberg (Facebook founder) have and can wield over politicians, policy-makers and governments.

The recent Facebook / Cambridge Analytica scandal has sharply brought such concerns into focus with the wider business community. I now feel that my paranoia was vindicated.

Let us briefly recap the scandal.

Cambridge Analytica was established in 2013 and portrayed its value proposition as being one of using sophisticated data analysis techniques and algorithms to micro target selected segments with specific messages. Essentially was at the upper end of the scale of data mining companies.

Bear in mind that over the past number of years the era of “big data” had arrived and was being fully embraced by a number of large companies – the retail sector being at the forefront of these developments.

Through a third part app, Cambridge Analytica set up a personality quiz. Over 270,000 Facebook members responded. Little did they know that by filling out this questionnaire they were inadvertently allowing Cambridge Analytica to suck up all their data and more importantly all of their friend’s data as well? It was estimated that over 77 million Facebook members were affected by this “data-grab”. In subsequent investigations it was established that Facebook was aware of this occurrence in 2015 but failed to acknowledge that it happened until March 2018, when the scandal broke.

Cambridge sold this information to interested parties, some of which were rumoured to be political parties- those most invidious of creatures! These organisations could quickly see the value of having such concentrated and personalised information in the specific context of targeting them with personalised and relevant messages – all grist to the mill in terms of capturing their votes. Some commentators have suggested that such data was used in the Brexit referendum and in the US presidential election in the last couple of years.

Should we be surprised? Not at all. In my view it was too easy and straightforward for organisations to exploit conditions in order to capture and more importantly “make sense” of the data. So far so good – there is nothing wrong in showing entrepreneurship and innovation in using data to improve competitive positions. However it is wrong in my view to take advantage of poorly regulated legislation on data protection in general and the protection of consumers in particular. It is akin to putting an alcoholic in charge of a brewery with no supervision. Of course you are going to find companies who will seize the initiative in an opportunistic way in order to make more money. Without legislation this was an inevitable consequence and we should not be surprised at the direction in which data capture and dissemination happened.

Facebook of course are culpable. Mark Zuckerberg may exhibit many personality traits. However he is not stupid. He and his company have worked on the principle that it was legally the responsibility of companies such as Cambridge Analytica to decide on how to use the data and more importantly self-certify that it had deleted such data. This is arguably naïve at best. In my view it is worse than that: it is deliberate naivety on the part of Zuckerman and his team. It passes the baton on to companies and more importantly is an attempt to absolve Facebook of any responsibility for wrongdoing or dubious practice.

His performance in meeting with American congress members was poor at best and evasive at worse.

Does the customer care? The evidence is patchy and in fact probably supports the view that I have long held. Most consumers are lazy, stupid and lethargic. I include myself in that assertion by the way. They are far too prone to part with private information in order to benefit from services provided by companies such as Facebook, Twitter, eBay and Amazon. Most of the indignation and uproar over the antics of Cambridge Analytica has come from the business community and politicians. This further reinforces my view about consumers.

However the EU is about to introduce legislation in May 2018 which may partially address some of the issues that have emerged in recent months. The General Data Protection Regulation (GDPR) will nominally provide social media users with the right to be taken off data lists. It also provides protection in allowing them to prevent the data which they provide, to be disseminated for use by third party operators willing to purchase such data sets from organisations. It also requires users to be notified of any data breach within 72 hours of being notified about it. Such offenders would be fined up to a maximum of one per cent of annual revenue.

It remains to be seen how effective this legislation will prove to be.

I would argue that the lethargy of many individuals will mean that they are unlikely to pursue such protections and companies will still find loopholes to exploit.

We are still a long way from applying global and agreed standards for legislating in this area. Players such as Facebook and Amazon are global in scale but are not nationally regulated. In a separate issue this has led to them exploiting all sorts of tax loop-holes. Inevitably this means that in most cases they are likely to pay the bare minimum amount of tax to national governments. We have seen the ludicrous situation in Ireland where Apple has been instructed by then EU to pay that government around £13 billion in back taxes. The government is unwilling to chase it up because they fear that Amazon might pull out and damage the long-term prospects for that economy. They have agreed to collect the mony but are not prepared to spend it.

It has the utmost importance for retailers. They have been at the forefront of the “big data” era and I am sure if we delve into some of their practices we would find many nefarious practices on-going.

At the moment we are witnessing a febrile attempt in certain regions of the world (mainly in Europe through the auspices of the EU) to address such poor practices. For the moment the “wild west” rules!