Aug 2, 2022

A Guide to Social Media and Privacy

Written by Clodagh O’Brien

Privacy has become a priority for consumers across digital channels. Many want to protect their data and are becoming more careful about what they share on social media and who they share it with. 

This presents a challenge to social media managers, business owners and content creators who run social media pages to engage with and convert customers. In addition, many countries have introduced regulations and rulings that affect marketers and require action to ensure compliance.   

So how can companies manage data privacy across social media platforms? In this guide, we’ll look at the most common privacy issues, and important social media privacy laws, and tell you how to be compliant to protect and build trust with your customers.  

What are common social media privacy issues?

A new Cisco report ‘Building Consumer Confidence Through Transparency and Control’ found that 86 percent of consumers “care about data privacy" and want more control while 79 percent are willing to invest time or money to better protect their privacy. 

To be compliant, you need to understand the most common privacy issues that impact social media channels. Ultimately it’s about protecting and valuing the data of your customers and avoiding a social media crisis that would bring disrepute to your company. 

Data mining

Data mining is a way for companies to gather information using automated computer systems that sort through information to identify trends and patterns. It’s often used to examine people’s behavior based on past purchases, location, content preferences, or events such as birthdays.

Sources of data that can be used are:

  • Websites
  • Social media
  • Apps
  • Mobiles or smartphones
  • Internet of Things

The advantage of data mining is that it helps you make sense of raw unstructured data that can be used to target customers. It can also allow you to make predictions on how your customers may behave so you can tailor your messaging and content more effectively. 

What’s important for social media managers is to use a method of data gathering that’s compliant with laws. For example, EU laws specify certain restrictions on how you can gather data (check out the definitive GDPR checklist for marketers to find out more). 

Ensure that any data you collect and use has been given with explicit consent and in full compliance with any applicable privacy laws (for example, create a privacy page if you don’t already have one). You also need to ensure the data is secure throughout all stages of the process from collection to storage, analysis, and deletion.

Data breach

If a company is hacked, one of the compromised things is customer data and one source of that may be social media. Individuals provide a lot of information on social media such as marital status, location, preferences, and job role. 

According to an article by the BBC entitled ‘How your personal data is being scraped from social media’, a hacker named Tom Liner compiled a database of 700 million LinkedIn users from all over the world, which he put up for sale for around $5,000 (£3,600; €4,200). This incident sparked concerns about better data protection across social media. 

To protect customers from data breaches on social media, you need to use intrusion detection and prevention systems. If you have an IT team or external support, ensure there are systems and processes in place to track and manage potential breaches. 

If you are the victim of a breach, tell your customers straight away. You need to be open and transparent to maintain your reputation and keep customers. 

Fake information

Social media can be used to spread misinformation and in some cases, propaganda. During the 2016 U.S, election, media outlets reported that Russia favored Trump and set up 30 Facebook pages targeting Black Americans and ten YouTube channels to promote Donald Trump. 

Russia and Trump
Russia and Trump

Trolls or bots are also well known across Twitter for advocating for a person or cause by posing as a person. Often the content is inflammatory or used to incite a reaction. It has also been used for stalking, harassment, or cyberbullying. 

As a person responsible for social media accounts you need to avoid sharing fake information or engaging with trolls. Use moderators if you find yourself dealing with malicious comments or posts. You can also use moderation tools or reporting options across social media channels to deal with it.  

For an in-depth look at the key principles of privacy, look at our blog ‘Data Privacy for Marketers’.

What are important social media privacy laws?

Several social media privacy laws have been introduced in recent years with others on the way. Let’s look at some of the major ones. 

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) was created by European governing bodies to protect the personal data of individuals. It also has a set of guidelines about restricting personal data from being exported. 

In relation to social media, GDPR means a number of things for your social media campaigns

  • Remarketing on social media is prohibited unless a user has opted in for such activity through an opt-in or sign-up. 
  • Users must agree to your privacy policy which can sometimes mean agreeing twice if they are directed from a social media site to a landing page or website. 
  • Tracking and ROI can be difficult using analytics if you cannot attribute activity to a social media channel.

The Right to Be Forgotten

Part of GDPR, the Right to be Forgotten is a law that enables individuals to ask companies to delete all personal information from their databases. 

There are a number of circumstances where a person can request this, such as data being used to exercise the right of freedom of expression and information, or being used to comply with a legal ruling or obligation. There’s a full list on the link above. 

There is a ‘right to erasure request form’ template available on the GDPR website: you need to be aware of this if approached to adhere to this ruling. 

California Consumer Privacy Act (CCPA)

The closest thing to GDPR in the U.S., the California Consumer Privacy Act came into effect in 2020. This landmark bill aims to protect consumer privacy rights, meaning tech companies like Google will have less freedom with data harvesting, and consumers will gain more power over their personal information.

When it comes to social media, CCPA could impact the data that platforms like Facebook and Twitter can collect about you, particularly from third parties like websites or apps. It will also make it clearer to users how their data is being shared and used.

Children's Online Privacy Protection Rule (COPPA)

Since 2000, the U.S has had COPPA in place: a law that imposes specific requirements on operators of websites and online services to protect the privacy of children under 13. 

It specifies that sites must have verifiable parental consent for the collection or use of any personal information of young website users and restricts the types and methods of marketing targeting people in this age group. 

The challenge for social media platforms is knowing the age of a user. TikTok came under fire for collecting information from underage children and had to pay $5.7 million to settle allegations. After the settlement, TikTok added a section of its app for children under 13 that includes additional safety and privacy features and changed privacy settings for users aged 13 to 17 to give them more control over video sharing and messaging. 

Social Media (Anti-Trolling) & Online Privacy Bill

In 2022 Australia introduced a social media (anti-trolling) bill along with an online privacy bill to protect its citizens online. 

The anti-trolling bill would formally classify social media service providers as publishers of any comments made on their platforms in Australia. To avoid defamation, social media platforms would need a complaints scheme that allows victims of defamatory comments to make complaints and request the personal information of the commenter.

The online privacy bill targets social media platforms such as Reddit, Zoom and gaming platforms to verify the ages of users. It also wants stronger penalties for privacy breaches that could see companies fined 10% of their annual turnover.

Privacy and business growth can seem at odds with each other, but that doesn’t have to be the case. Read our member blog ‘How the Privacy Paradox affects Business Growth’ for more info. 

How can you be more compliant with social media privacy laws?

How can you protect your customers and community more? Here are some simple and effective tips to help you in your social media activities. 

  • Always ask for consent 
  • Create a privacy policy, promote it, and stick to it
  • Know the privacy policies of each social network - review the terms of use
  • Have community rules and guidelines specific to each social media page to moderate comments (ensure people are not revealing personal information on posts) 
  • Reassure your customers and community where you will use their information 
  • Erase data upon request 
  • Devise a social media policy to guide how your company and employees act online
  • Monitor social media networks so you know what’s being posted and commented on
  • Respond to comments on social media appropriately. A crisis online can happen in an instant, so follow our 10 steps to prepare for a social media crisis.
  • If you use influencers as part of your strategy, ensure they signal any content posted as promoted or sponsored for transparency
  • Implement security systems and processes to avoid and deal with breaches or hacks
  • Offer privacy and cybersecurity training in your company to avoid breaches 
  • Send notifications right away in an event of a breach 
  • Have a plan on how to deal with media and stakeholders in the event of a breach 

Consumers now want more control and say over how their data is collected, stored and used. But that doesn’t mean you can’t still use social media channels to engage and convert users. 

The key is to understand the privacy laws that matter to your company, adhere to your privacy and social media policies, be aware of underage social users, have security systems in place and above all be transparent with your customer base. Trust is a huge factor in persuading a customer to purchase from you so don’t abuse it. Respect their data and privacy. 

Create an open & engaged social media community

Build engagement and trust on your social media networks using tactics and strategies. DMI’s Professional Diploma in Social Media Marketing will help you find your audience using research and social listening and cover the ins and outs of all the major platforms from Facebook to Instagram to Snapchat, YouTube, and TikTok. You will also learn social customer service, strategy and analytics so you can measure the performance of your campaigns. Enroll today!  

Clodagh O’Brien
Clodagh O’Brien

Clodagh O'Brien is a content creator and strategist. Over the last 12 years, she has created and managed content for many SMEs and global brands. She's passionate about digital marketing and the impact of technology on culture and society. You can find her on Twitter or LinkedIn.  

Upgrade to Power Membership to continue your access to thousands of articles, toolkits, podcasts, lessons and much much more.
Become a Power Member

CPD points available

This content is eligible for CPD points. Please sign in if you wish to track this in your account.