Mark Zuckerberg’s testimony before the U.S. Senate didn’t sway us from our previously posted perspective, at least in terms of what Facebook’s fiasco means for marketers.  If you are looking for more catastrophizing around the near-term death of social marketing, you’ve come to the wrong blog post.

What did catch our attention: how poorly the social darling of Wall Street is handling the basics of crisis management.  Marketers, learn from Facebook’s missteps.  A brand in crisis needs to manage four components simultaneously:


Make your communication and action swift and frequent.  Facebook had a sense of the potential abuse of consumer data by 2014, when it announced it was “changing the entire platform to dramatically limit the data apps could access”.   But it wasn’t until major news outlets exposed Cambridge Analytica’s actions in 2015 and 2018 that Facebook publicly reacted.  Why did it take so long to formally address the story?  They should have informed the public back in 2014 when they found out about the misuse of data.  Delays in communication come across as failures in….


Make your communications open and honest – because little stays secret for long in this age of camera phones, social sharing, and values-based consumers.  So, when Facebook shares that 50 million people were affected and then updates it to 87 million people, we have to wonder: Did Facebook not know what was happening with all the data it’s been collecting, or did it know and just not govern it properly?  Is the company just figuring everything out now?  In any case, it all looks bad. Vague answers and flip flops  make users doubt the effectiveness of your…


Back up your communications in a crisis with deeds that are laid out in an easy to find, easy to consume manner.  Facebook was relatively quick to address operations – in 2018.  Within a week or two, it made user privacy settings more accessible, more transparent, and easier to adjust. And for developers, it severed certain API access and data endpoints and deprecated APIs that lacked security.  All great.  But it could have better avoided all this if it had done more in 2014: more rigorously QA’d the entire process that Cambridge Analytica used and better verified Cambridge Analytica’s deletion of Facebook data, even applying legal force if necessary?  While Facebook may be doing a fair job at action, its poorer efforts in timing and transparency result in a perceived lack of…


Address your customer’s needs, including the emotional ones, first.  Brands crave a relationship with consumers but retrench into self-protection mode when in crisis.  Mark Zuckerberg’s apologetic post and full-page ad apologies aside, Facebook lacked an empathy to users’ emotional concerns (whether those concerns are valid or not).  If Facebook really cared about users understanding data usage, should these disclosures be buried in lengthy terms and conditions?  Posting fixes via its blog results in a cumbersome laundry list that readers have to find and mine. Peripatetic communication put Facebook first, not users or marketers.  This prioritization damages brand trust.  One on-going survey cites that confidence in Facebook’s commitment to protecting user data has plummeted 66% since the scandal.

Now What?

It’s easy to be Monday morning quarterback, judging a brand crisis unfolding from afar.  I’m not suggesting that managing any of this is easy.  If Facebook wants to stay true to its hacker culture, it will have to fail fast and course correct.  Last year we wrote a report on social crisis management that offers lessons for all brands including letting your brand pillars be your guide, documenting your tolerance for brand risk, and establishing a prescriptive crisis management plan. 

This week, another brand crisis landed in the news.  Starbucks is facing boycotts and damaged consumer perception in the wake of a racial incident in Philadelphia.  It’s impractical to directly compare Facebook and Starbucks here.  They are vastly different entities – different business models, value propositions, operating models, and crises.  But many people start their day with both brands.  Each is woven into the rituals of consumers’ routine, just a click away by app.  Each brand has made a commitment to bring people together.

So far Starbucks has shown a fast response, full disclosure and acknowledgement about what happened and what it is doing, a promise to close 8,000 US stores costing millions, and an emphatic testimony by both executive chairman and CEO.  Of the victims, CEO Kevin Johnson said: “I’d like to have a dialogue with them so that I can ensure that we have opportunity to really understand the situation and show some compassion and empathy for the experience they went through.”  Mark Zuckerberg is not likely to meet with all 50 87 million data breach victims any time soon.

Facebook is a revolutionary company, so much so that even Congress doesn’t know what to do with.  But often, it feels like Facebook is reacting to problems because it never anticipated or planned for it – they didn’t see Russian hacking coming nor how to deal with it until after the election.  And, Zuckerberg keeps saying to Congress, “I started this company in my dorm room” as if even he has no clue where his company is headed.

The most important thing brands can learn from Facebook’s errors is to be proactive with 1) clear brand pillars, 2) knowledge of your risk tolerance, and 3) a crisis management plan.

As for Mark, maybe he can meet with Kevin for advice over coffee.  IRL.

A huge thank you to Erna Alfred Liousas and Jessica Liu for their major contributions to this blog.