Facebook & Cambridge Analytica: A lesson for businesses & B2B data providers

The Facebook, Cambridge Analytica incident is perhaps one of the biggest scandals involving the use of personal data for marketing and campaign purposes.

It hit the headlines after it emerged that the personal data of 87 million Facebook users had been shared with analytics firm, Cambridge Analytica, via a third-party app with the aim of influencing voters in the 2016 US election.

The backlash threw the issue of data use and privacy firmly into the public spotlight.

In the aftermath, the social network suffered a reputational blow it has arguably still not recovered from and Cambridge Analytica closed its doors entirely.

But while this incident demonstrates an abuse of data collection and use on a massive scale, it also provides some lessons to be learnt for smaller companies seeking the use of data for their marketing campaigns, and for the third-party providers of B2B data.

By far the biggest recriminations from this incident was that data was taken from customers of one platform and used in a way it should not have been.

This serves as a huge warning to businesses and data providers, and the consequences they face for misusing information.

Data compliance

Most forms of direct marketing have been subject to data compliance regulations for years.

The sending of emails for instance falls under the Privacy and Electronic Communications Regulations (PECR) – soon to be the ePrivacy Regulation.

And individuals and corporates can ‘opt out’ of receiving unsolicited sales calls by adding their number to The Telephone Preference Service (TPS) and the Corporate Telephone Preference Service registers.

Under PECR ‘prior consent’ must be given before sending email marketing communications, although B2B marketing does come with some exemptions to allow employees of corporates to be contacted by email without prior consent.

What is very clear from the scandal is that no individual – or likely very few – gave consent for their information to be passed to Cambridge Analytica to be used in the way it was.

One new regulation which should prove a significant dissuader for companies deciding whether they can use customer data is the General Data Protection Regulation.

GDPR is by far the most significant piece of data and privacy legislation we have seen in the last few decades; and the punitive fines in place for the most severe cases – 4% of annual turnover or €20m – should be enough to make any business think twice about misusing data.

While Facebook and Cambridge Analytica paint a severe picture over the use of data and fell into the consumer sphere of data use, it is still absolutely essential that any B2B organisation purge their databases of illegal data.


Along with the legislative punishments in place for misusing personal data, Facebook and Cambridge Analytica show the damage which can be done to a business that uses data incorrectly, or a third-party provider.

While Facebook has made public steps to make its data handling policies more robust there remains a tarnishing shadow over the social network and it has no doubt lost users forever because of this.

And, as we’ve already mentioned, Cambridge Analytica has ceased to exist altogether over its role in this scandal.

This lesson, then, remains simple and clear over how businesses should treat their customer information and databases for marketing.

The solution

While this incident highlighted the pitfalls of using personal information in an incorrect way, it is unlikely to change that data will remain an essential element of marketing campaigns in the future – especially in the B2B sphere.

The key is ensuring that your company is using insightful and targeted customer data – but ensuring that it remains compliant at all times.

Our Megabase is one of the largest, legally compliant databases in the UK covering more than 3.1 million business records,  4.3 million decision-makers, 1.1 million email addresses and 1.5 million legally compliant telephone numbers.

The Facebook and Cambridge Analytica incident shows how the misuse of personal data can damage commercial reputations and trust, so businesses need to ask themselves if it’s really worth the risk or whether investing in compliant data is the more sensible way to go.

Find out more about our business data lists or Megabase.

Related Topics: data