To what extent should you be using social media for business purposes?

To what extent should you be using social media for business purposes?

To what extent should you be using social media for business purposes?

 

In the last 10 years, the number of social media users has almost tripled, increasing from 0.97 billion to 2.82 billion and this number is still growing. However, this increase doesn’t just include individuals, it also includes businesses. The past few years has seen an increase in the number of businesses taking advantage of the different social media platforms on the market and using them as a base for free or cheap advertising. Using social media to advertise a business is all well and good, but what do you think about businesses using social media for complaint handling and customer enquires?

 

Last month, my colleague and I attended an event on social technology, online communications and the cloud. During this event a social media user recommended using social media as a platform to engage heavily with customers, not just for advertising and marketing purposes. The user explained that the company in which they work uses social media platforms such as Facebook and Twitter to engage with new and existing customers. For example, if an existing customer wants to make a complaint or has an enquiry, they are encouraged to contact the company via their customer facing Facebook page. A member of their communications team would then pick up the message and reply to the customer with a solution within a reasonable amount of time, usually 2 hours. Although this may be convenient for the customer and cost effective for the company, it is not good practice under GDPR and the draft European ePrivacy Regulation.

 

Imagine if a customer/client has a problem with a product or service your company provides and wants to make a complaint. If they were to make a complaint on Facebook messenger, they would potentially need to include some additional information in their message so that you are able to identify them as a customer/client. This information could include their name, email address, phone number, home address, etc. In addition, their IP address would be attached to that message. All of this information is recognised as personally identifiable information under GDPR and therefore the GDPR applies. You may be thinking well if it doesn’t contain personal data, we must be fine to use social media for such purposes however, this is where the draft ePrivacy Regulation comes in. You may have heard of the ePrivacy and Electronic Communications Directive of 2002. Well, the draft ePrivacy Regulation will replace this directive. The fact that the new law will be a regulation rather than a directive is important as that means it will be a legal act and will be automatically enforceable in its entirety across all EU member states, much like GDPR. However, whilst GDPR is concerned with the protection of personal data and ensuring the smooth flow of data between member states, the ePrivacy Regulation will focus more on the protection of privacy when data is being communicated electronically, whether that data includes personal data or not. So, whether or the messages contain personal data they are still regulated.

 

GDPR and the draft ePrivacy Regulation makes it clear that sufficient security measures should be in place in order to protect the data that is collected by a company, for example end to end encryption. The question is whether companies such as Facebook and Twitter have these security measures in place? The simple answer is no.

 

Let’s think for a second. Have you ever seen an advert on Facebook or another social media platform that relates to something you have recently discussed? This happens because tech giants such as Facebook have access to all of the communications that take place on their platform, just like Google does for Gmail. Tech giants access this data, run analytics and then use it for advertising purposes. This is why most social media channels, instant messaging apps, Gmail, Slack and other free online communication products are not suitable for business use.

So, let’s go back to the scenario of a customer sending a message through social media. That message won’t just been seen by you and your staff, but it could also be seen by the company who’s site you are using. For this reason, you cannot guarantee the security of your client’s data.

 

What are our recommendations when it comes to using social media in a commercial environment?

1. Keep the use of social media to strictly marketing and advertising purposes only.
2. If free platforms such as Slack or Gmail are to be used, they should be used strictly for non-commercial use only.
3. If a customer/client tries to engage with your company over social media regarding an issue or complaint, the conversation should be taken to a different platform (e.g. s secure email) straight away.
4. Before using any platform for commercial use, ensure you read the privacy policy and terms of use to confirm sufficient security measures are in place. If in doubt seek professional advice.