Environmental Social Governance (ESG)

ESG Wrap Aug - The ethics of privacy in social media

By AMP Capital

This month we take a deep dive into data security, privacy and other ESG issues affecting social media.

How social media companies protect their users’ privacy is a hot topic because without the trust of their users, the social media business model – particularly for “free” services – falls apart.

The trust users place in social media companies goes beyond a desire to simply have their information protected from theft by hackers. Users also trust that social media companies will only access and use their personal information in ways that they expect, such as advertising. However, with the rise of fake news, fake profiles and algorithm-driven psychographic profiling, users are increasingly at risk of having more than their shopping habits influenced. Social media companies must perform a very delicate balancing act between retaining the trust of their users and managing their relationships with commercial and other influences.

How social media companies manage privacy and commercial pressures is only part of the story. As platforms for a rapidly growing portion of public and private discourse, social media companies are also playing a key role in what content their users do and don’t see. What is viewed as free speech by one user may well be felt as persecution by another and social media companies – profit-driven corporations which are not democratically elected – are taking on the role of being arbiters.

The growth of social media companies has almost literally been exponential since the early 2000s and the global patchwork of privacy laws has struggled to match their increase in size and sophistication. Similarly, reaching a consensus on the requisite ethical behaviour to retain social license to operate is a long way off and may never be reached at all. So these issues are largely being tackled by the social media companies themselves.

Privacy and data security risks are not limited to social media companies – you would be hard-pressed to find any person, organisation or business that doesn’t hold customer information of some description. Many companies collect personal data of their customers however this is often a by-product of their core business. The concern is that companies offering free services – such as the ability to share photos and messages with friends – in exchange for personal information are more at risk of breaching their users’ trust in terms of how that data is secured and used. The additional and unique nature with social media is the very personal information that is often being shared. It is this confluence of factors – the quantity, nature and commerciality of personal data – that leads some people to conclude that the business models of many social media companies may pose serious risks to users’ privacy.

What is social media?

Social media comprises technologies like websites and applications/apps that enable users to create and share information and to network. Social media technologies include blogs, forums, business and social networks, photo/video sharing, social gaming and virtual worlds. The most popular social media networks worldwide as of July 2018, are listed here.

How do social media companies make money?

The business model of a social media company is typically centred on collecting user data and then using that data to sell advertising space. By collecting profile information, monitoring what pages are liked and tracking what other websites are visited, social media companies aim to identify specific types of users on their platforms and target advertisements accordingly.

Through better-targeted advertising, those buying the advertising space get better bang for their buck as the conversion rate (i.e. someone purchasing your goods or services as a result of seeing the advertisement) is likely to be higher than with other, less targeted advertising. Think of the relative effectiveness (and economy) of placing advertisements for meat-alternative products on Facebook appearing for users who are known to be vegan or vegetarian, versus a billboard by a highway advertising the same. Even if there is no box on Facebook to state your dietary preferences, if you’re tracked liking posts about veganism and visiting vegan websites then the algorithms used by social media platforms can very quickly figure it out for themselves.

Why all the fuss about privacy?

People typically like to retain some degree of privacy about themselves. It could be to reduce the risk of identify theft, avoid surveillance or a preference to not share sensitive and personal information in a public forum.

Most social media users are cognisant that the price they pay for their “free” access to the platform is that their data and personal information will be used to subject them to targeted advertising. This is similar to accessing free-to-air commercial television, the main difference being the greater precision with which advertising or other content can be targeted within social media.

But what if some other person or some other entity gets hold of that same information without the user’s permission? What if that information is used to influence the user’s behaviour in ways they do not expect? For example, in ways beyond using advertising to market a particular good or service to influencing political or social opinions. These are some of the main concerns surrounding how social media companies handle privacy.

Keeping personal information secure

How social media companies handle privacy and data security are critical elements to business success – companies must balance monetising the data they gather and retaining the trust of their users. Whether by accident or by illegal activity, data breaches hurt businesses in terms of fines and/or sanctions by regulators and compensation sought by damaged parties but also in terms of reputation, with people feeling less inclined to do business with those companies that cannot keep their personal information secure. This is particularly important for social media companies whose business model is based on retaining the trust of its users in order to collect and use their data.

Is privacy a human right?

Article 12 of the 1948 Universal Declaration of Human Rights (UDHR) states that “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. Everyone has the right to the protection of the law against such interference or attacks”.

The UDHR is not legally binding in itself – it is only through how it is interpreted and ratified that it actually has a legal impact. The legal nature of privacy is determined by a patchwork of country- and region-based rules and regulations – an increasingly inadequate system in the face of a huge and rapidly growing global information economy.

It is hoped that the General Data Protection Regulation (GDPR) introduced by the European Union in May 2018 will set something of a global benchmark for managing privacy. The GDPR may catalyse a cultural shift towards data privacy, significantly impacting the information economy. In the US, the proposed CONSENT Act and other proposed legislation, would require data-gathering social networks to get clear consent from users before being able to “use, share, or sell any personal information.”

What about other human rights?

When it comes to handling other human rights such as the freedoms of thought, opinion, word etc the path is even less clear. For example, how do we handle conflicts of human rights within social media – is there a point at which censoring or removing hate speech from social media is an infringement on the right to freedom of thought and opinion? How do we determine and agree where those tipping points are? Google has attempted to make headway by unveiling ethical principles on artificial intelligence, these can be found here.

Other considerations regarding the ethics of social media

A large-scale investigation into the tobacco industry found child labour rife over three continents and on the rise particularly in developing countries.

Content Management

Social media companies have been in the headlines regarding concerns on the spread of misinformation, fake news, fake accounts, hate speech and depictions of violence. In February 2018, one of the world's largest advertisers, Unilever, threatened to boycott companies like Facebook and Google if they failed to properly police illegal content. Since January 2015 Facebook has had algorithms in place designed to filter out this type of content and the company announced a major overhaul of how it aims to counteract this content in December 2016. The issue remains a huge one for Facebook and other social media providers as allowing such content at the very least erodes the trust of its users.

Is social media addictive/causing social harm?

Social media companies have been accused of using tactics similar to those used by the gambling industry to get their users “hooked” on their platforms. There has also been speculation that users experience a release of dopamine whenever they receive likes or comments on posts. Harm may also be caused to unsophisticated users who do not fully comprehend the nature of social media with online expressions being automatically recorded and archived. It can also be hard to identify original content versus modified content and of course the potential visibility of content is enormous. Finally, there is public/private blurring with not all audiences being visible.

Government surveillance

First of all, one for the conspiracy theorists… On 4 February 2007 the Pentagon killed off its “LifeLog” project which was designed to "trace the 'threads' of an individual's life in terms of events, states, and relationships", and had the ability to "take in all of a subject's experience, from phone numbers dialled and e-mail messages viewed to every breath taken, step made and place gone". On the same day that the project was killed off, Facebook was launched.

Fast forward to 2013, former National Security Agency (NSA) contractor Edward Snowden leaked classified information from the Agency, revealing numerous global surveillance programs being run with the cooperation of various telecommunications companies and governments. The leaks by Snowden and the response by the US government put a spotlight on how governments require telecommunication companies to collect data and the subsequent use of that by governments. The issue of privacy is not just about use of information by private companies but also by governments.

Where to from here?

Social media companies offer myriad social benefits including enabling users to connect to friends and family but also in terms of freedom of speech. With social media, freedom of speech is no longer limited to the “elites” who have control over traditional media. Everyone can be heard globally, for better or worse. It has also helped foster political movements including playing a major role in enabling massive protests in Tunisia and Egypt to bring down dictatorships.

On the flip-side, newly empowered voices are not necessarily desirables voices – Facebook Live broadcasts numerous counts of appalling violence and all social media companies face a constant fight against the spread of hatred and bullying let alone the implied responsibility of acting as some form of moderator of public discourse. There is also the fine line between effective marketing and privacy intrusion.

Being aware of these issues and how social media companies are managing them will help social media users make better, informed decisions about which ones to invest their time in. Similarly, investors will be able to make better, informed decisions about which ones to invest their money in.

Share this article

Important notes

While every care has been taken in the preparation of this article, AMP Capital Investors Limited (ABN 59 001 777 591, AFSL 232497) and AMP Capital Funds Management Limited (ABN 15 159 557 721, AFSL 426455)  (AMP Capital) makes no representations or warranties as to the accuracy or completeness of any statement in it including, without limitation, any forecasts. Past performance is not a reliable indicator of future performance. This article has been prepared for the purpose of providing general information, without taking account of any particular investor’s objectives, financial situation or needs. An investor should, before making any investment decisions, consider the appropriateness of the information in this article, and seek professional advice, having regard to the investor’s objectives, financial situation and needs. This article is solely for the use of the party to whom it is provided and must not be provided to any other person or entity without the express written consent of AMP Capital.


This article is not intended for distribution or use in any jurisdiction where it would be contrary to applicable laws, regulations or directives and does not constitute a recommendation, offer, solicitation or invitation to invest.

Cookies & Tracking on our website.  We use basic cookies to help remember selections you make on the website and to make the site work. We also use non-essential cookies, website tracking as well as analytics - so we can amongst other things, show which of our products and services may be relevant for you, and tailor marketing (if you have agreed to this). More details about our use of cookies and website analytics can be found here
You can turn off cookie collection and/or website tracking by updating your cookies & tracking preferences in your browser settings.