Many of you may have seen the latest television advert from Facebook. It was less about people and connections, and more about how they will ensure your data protection and security, thus enabling users to come to Facebook for all the right reasons. Given that the reach of social media is increasing all the time, and given the recent issues Facebook have had on the subject, the advert is very timely.
You may take the view that social media is about relationships, engagement and interactivity and not really about data privacy, online security and participant consent but as Andrew Beverley from Our Social Times reports its time to think again..!!
The General Data Protection Regulation or GDPR is now in place, and has been since the 25th May 2018. It covers the use of all personal data, whether that’s computerised or not.
Article 35 of the regulation requires that these processes are scrutinised such that data subjects have clarity about the effective protection of their personal information.
He continues:
GDPR requires that one of six categories of the legal basis for the processing of personal data are in place. Of particular note are two of these:
Consent of the data subject: By this we mean customer, potential customer, service user, beneficiary or anyone else not part of the data processing organisation.
Necessary for the performance of a contract with the data subject: By this we mean an auditable agreement between the organisation and the data subject which explains the acceptable use of their personal data.
So where’s the link between GDPR and Social media?
Andrew Beverley explains:
As Marketers you are concerned with making the most effective use of social media tools or platforms such as Facebook, LinkedIn, Twitter, Pinterest, WhatsApp, Snapchat or Instagram.
The last thing you are likely to worry about is having your followers, friends or connections actually providing you with consent to store or use their data.
You will be pleased to hear that as far as consent and data use is concerned, these will be effectively covered by the terms and conditions and privacy notices of each of these software tools.
In short, this means that both you and your social media audience agree to the terms of the tools you use.
So while you can breathe easier it’s worth being mindful of the bigger picture he notes:
The tick box before the app opens:
While you might not be a big fan of small print, social media users will need to be presented with a clear Privacy Notice or similar, which is available for their consideration before they decide to sign up and start participating. The Terms and conditions of joining will almost certainly contain one of the two legal bases for processing above (explicit consent or the performance of a contract).
That of course does not exempt you from exercising proper care with your use of personal data from your social media followers. For example, it will not be acceptable to take a customer’s email address and then look to use that in any undeclared email marketing or data processing activities.
Some other social media pointers:
A social media ‘name’ is a personal identifier. This is significant: If an application voluntarily decides to make that public, then that is their decision with full understanding and expectation that it will be seen by others. On another note, it will be interesting to see how the social media platforms will be expected to deal with subsequent data subject erasure requests, especially when many social media interactions record the participation of two or more individuals in exchanges of communications. Will simple deletion be sufficient? Who knows – watch this space?
How to handle a social media crisis?
If a social media crisis does hit, there’s always a right way or a wrong way of handling the situation: Click here for some examples (of the good, the bad and the ugly) all courtesy of Our Social Times.