Kirk Klasson

The Curse of the Walled Garden… Facebook’s Inevitable Implosion Begins

So, you’re a tech savvy executive, you go to all the right conferences, ask all the gottcha questions, think two moves in front of the industry and three moves in front of your competition. So why is it that in the last twelve months you’ve doubled down on products and services that have under performed your company’s expectations by at least 30 percent, sunk a ton of money in irreparable junk and cost your organization an incalculable amount of time, effort and opportunity cost?

So this would make you:

  1. an Intel customer
  2. a Chief Data Officer on your third iteration of Big Data, this time using AI
  3. a marketer who subscribes to Facebook’s engagement demo
  4. someone looking for opportunities elsewhere
  5. all of the above

(If you complete our survey in the next ten days we will send you a copy of this white paper free of charge.)

If your answer was “e) all of the above”, take heart, these things happen, and when they do the appropriate response is for everyone to change jobs and develop a selective case of amnesia. This technology stuff can be tricky and some risks are inevitable no matter what mitigation strategy you might employ. And to be fair, there were only about 100 people on the planet that could have anticipated that “speculative processing” architectures would create a significant data vulnerability and most of those folks were either in universities or working at Intel and already under NDA.

However, for those of you who spent boatloads of your company’s hard earned cash in Facebook campaigns it must have been because you skipped Internet 101. The notion that Facebook “owned the customer” and could provide businesses efficient access to their desires and wallets was suspicious if not downright specious from the get go.

Let’s start with the notion that nobody, least of all Facebook, could accurately state how many real, active users were on their site. In their own collateral and press briefings Facebook admitted that as many as 11% of their users could not be authenticated and then along about 2015 someone pointed out that an appreciable and growing number of Facebook users were, in fact, deceased (see Facebook: The Cadillac of Social Media – March 2016). And I don’t care how skilled a marketing person you might be, that’s a tough sell.

Recently, this lack of subscriber authenticity was compounded when it became known that, for a host of “personalities”, Twitter “followers” where simply purchased for pennies/thousand and that Google search ranks were routinely skewed through spam. In fact, the entire universe of social media platforms appears to have been and remains easily bought and botanized. And since most social media platforms peg their value to the influence they wield over consumers, it increasingly appears that there is no there there, or at least none that can be objectively verified.

Even more troubling was the idea that Facebook was following a familiar path, the well worn walk to the mythical Walled Garden, the only place where one would need to go to be globally connected on the Internet, a model tried and discredited by the likes of AOL and Yahoo! and pretty soon, if they stay on course, Verizon (see Big Bets and Long Tails – June 2013).

Walled Gardens arose from the notion that visitor value is measured by time on-site, eyeballs on glass, a common media metric that even today remains largely unsubstantiated. But as we pointed out back in 2012 (see Trouble in Paradise – May 2012) site duration is inversely proportional to site subscription or membership which meant that the longer one subscribes to a particular site the shorter their visits would become over time. So, unless you could capture all of a visitor’s available Internet time, they would eventually and inevitably become a wasting asset.

Source: On Technology//On Strategy Blog

Further as these platforms matured it became evident that their value didn’t grow as projected by Metcalf network laws but rather by content contribution factors (see Social Subsidization and Diminishing Returns – March 2015) and that the “locality” of content and visitor was more important than the sheer number of subscribers to a given platform. Consequently, acquiring 2 billion subscribers adds absolutely no value to a platform like Facebook, in fact, subscriber growth leads to the dilution of value per user over time.

Also critical to achieving Walled Garden status is the uncontestable assertion that the entity in question can be thoroughly trusted, one whose status as a confidant, in preserving personal information as well as curating web based information, was unimpeachable. The wheels fell off this once it was generally recognized that as a content distributor, especially content that purported to be news, Facebook was incapable of distinguishing what was real and what was made up political propaganda. Their credibility was further impugned with the announcement made just this week that they intend to make public their “privacy principles” or exactly how they intend to handle users’ personal information, a move precipitated by the EU’s soon to be enacted GDPR (see Privacy, Blockchain and Balkanization – December 2017).

It’s more than a little curious, let alone disconcerting, that a site that has exploited personal information since 2004 is just getting around to issuing its “privacy principles”; almost as disconcerting as the fact that millions of users, excluding bots, pets, avatars, and the deceased, have ignored this fact for the past 13 years.

Lest you doubt the pending implosion of this globe trotting colossus consider the following tidbit from a shop that measures the volume and consequently value of social media when it comes to influencing the engagement of prospects through the sheer number of referrals. Facebook is tracking to a rather telling trend.


Finally, you know the gig is up when you find yourself the subject of an angst-riddled profile in Vanity Fair. Kind of fitting and more than a little ironic since exploiting personal vanity is what got this whole thing started (see Life is High School – July 2010). In a profile entitled “This Is Serious”: Facebook Begins Its Downward Spiral” Nick Bilton explores the anxiety that haunts Facebook’s founder and his need to make right the company’s legacy. Apparently, the folks at Facebook were recently made aware that using their product had numerous deleterious effects on children, to the point where luminary tech executives were no longer letting their children use the platform. The whole thing reads a bit like a Greek tragedy where our protagonist, the unassailable King Zuck, stumbles through a private reality, a walk in the woods to a familiar garden, where he wakes to find that he has killed his best friend and slept with his own mother. Something, as Bilton points out, that’s not really at odds with Facebook’s current culture.

But my money says this story won’t end with a bang but a whimper. As more and more people, and marketers, understand the breadth and depth of the entire Facebook scheme, as well as the less than savory predilections of other social platforms, they will exercise their GDPR “right to be forgotten”, or at least forgotten by the likes of Facebook.


Oh no, you di’int

Just when you thought that Facebook couldn’t become more tone deaf when it comes to exploiting personal information along comes word of the addition of Onavo Protect as an opt-in option on its ever expanding platform.

Onavo is a proprietary Facebook Private VPN which is advertised as a utility to protect users from accidentally wandering into malicious sites and nefarious places. What you don’t learn from the brochure is that Onavo is basically Facebook spy-ware, watching every move you make and alerting all your Facebook corporate friends about your personal internet behaviors so they can find a way to co-opt and profit from them, aka improve your user experience.

According to numerous sites that are watching this non-sense unfold there are already more than 33 million installs of Onavo across iOS and Google Play devices. In a comment provided to TechCrunch Facebook said that “Onavo…acts as a secure connection to protect people from potentially harmful sites. The app may collect your mobile data traffic to help us recognize tactics that bad actors use.”

What they fail to mention is that that’s not all they’re collecting and collecting such information is in clear violation of the EU’s GDPR protecting personal information. But if you’re naive enough to “opt-in” and download this app without fully understanding what it is about, then you deserve to have your personal information compromised.(see Privacy, Blockchain and Balkanization – December 2017)


Oh, and did you hear the one about…

how P & G reduced its digital advertising in 2017? Last summer P & G announced that they had reduced the ad dollars spent on all digital platforms by $100m and that it had no measurable effect on sales. Well, they were back in the news just last week with an update. Turns out that they had actually reduced their 2017 digital ad spend by $200m dollars with no measurable decrease in sales and a significant portion of those dollars were with held from the two major digital platforms Google and Facebook.

Which only proves that if you are still spending all your marketing budget on social media platforms you need to have your head examined.


Algorithms or Platform Fatigue? You Decide.

New metrics are emerging that suggest that Facebook has indeed hit a bump or a hole or a wall. Fast Company recently reported that Facebook’s time on site metrics declined by 18% during the fourth quarter of 2017. Facebook itself has indicated that due to changes in its news feed algorithm it anticipated that engagement might decline slightly. However, recode just came out with some new data published by AdStage that would seem to indicate that impressions, those ad thingies that result from engagement, have been declining since March of last year and the algorithm changes to the news feed weren’t introduced until the very beginning of 2018.

Facebook impression growth declines as costs increase

While recode is quick to point out that the AdStage data is very limited, more like datum than data, would anyone be surprised by the trends that it suggests?

Site duration is inversely proportional to site subscription. Its the gravity that tears down Walled Gardens. Verizon might want to take note.


Rut-Row. Did Facebook just violate its 2011 FTC consent decree?

Word is coming out that a recent breach involving Cambridge Analytica’s use of Facebook’s user data may have violated its 2011 consent decree with the FTC. If this turns out to be the case, Facebook could face fines of up to $40,000 per user. Estimates are that as many as 50m user identities may be involved.

So that’s $40,000 X 50,000,000. You do the math.

But fear not. In the spirit of disregarding all things to do with the Federales, trust that Moonbat will furnish Facebook with an exemption based on its status as a ward of the country’s foremost sanctuary state.

PS. If anybody can find Mark Zuckerberg, please let him know that Facebook is toast. By way of a reminder, he looks a bit like this.


Mr. Zuckerberg goes to Washington

Ok, so after two days of scintillating televised testimony, what have we learned about Facebook, trust and privacy?

Not much.

We learned that most of the members of Congress, outside the bounds of their own Facebook pages, don’t have a clue what Facebook is and what Facebook does. Next, we found out that next to Congress, the person most clueless about Facebook is Zuckerberg, who really couldn’t answer most of the questions without submitting them to “his team” which no doubt has as many lawyers and PR consultants as it does technologists. Finally, after all the drama and pageantry, we have no idea what if anything will change as a result of all the posturing and dissembling we just witnessed.

But a couple of pending events would seem to be inevitable. The FTC will no doubt issue a report of findings about whether or not Facebook was in violation of its 2011 consent decree. As always, my money is on the political consequences that may result from any action the FTC may take. So, being ignorant of what Facebook may do to them personally, Congress will urge the FTC to do as little as possible until Congress can pass regulations that will sort all this stuff out.

Next, there will be a bunch of noise about the bills currently making their way through Congress. This would include Senators Markey’s and Blumenthal’s newly introduced Privacy Bill of Rights and Representative Marsha Blackburn’s Browser Act. Currently, neither of these bills have sufficient traction to make it to a vote let alone into law and nothing is going to happen until after the mid-terms anyway.

Which brings us to the most pressing and pertinent inevitability: the EU’s introduction of GDPR (see Privacy, Blockchains and Balkanization – December 2017). The most obvious course of action Congress could and should take would be to harmonize any future regulations with those outlined by the GDPR. And in about a month we will actually have an opportunity to watch it happen. Some of the crucial concerns will be whether or not or to what degree Internet services like Facebook will be able to grandfather existing user agreements. The regs seem to indicate that this option will not be available. If so, the next question will be how and to what degree of granularity and specificity will users be solicited to opt-in and provide affirmative consent to services such as Facebook. Most Internet services have relied on the fact that most users don’t read let alone thoughtfully consider the user agreements they consent to. And all of this is about to change.

Get some popcorn; it ought to be a blockbuster.


Wait a tick….

Well this is interesting. Recode just reported that the new Facebook, the one that actually cares about its users, “disabled”, not deleted, 1.3 billion “fake” accounts over the last two quarters. Facebook indicated that most of these accounts were bots and were used for spreading spam or conducting illicit activities.

The fact that they volunteered that the accounts were on-the-air would also indicate that the accounts were indeed active. So, it would be logical to conclude that prior to their disablement, not deletion, they were included in Facebook’s reported active accounts number of 2 billion. So one would have to ask, what is the real number of active accounts? Is it 2 billion or, after disablement of 1.3 billion, 700 million?

So just by doing a little routine maintenance, Facebook users declined by over 50%? Seems a tad disingenuous not to mention this back when they started disabling suspect accounts in 4Q17. Kinda speaks to a lack of honesty in their representation of reach and influence, don’t cha think? So, basically the new Facebook is just like the old Facebook, maybe just a tad more slippery.


And it just keeps getting better…

In the burgeoning drama that is all things Facebook, the story seems to evolve and grow on an almost daily basis. Kind of like a drug resistant strain of gonorrhea. Last week, confident that it was impossible for Google and Facebook to ever truly comply with GDPR, privacy lawyers in the EU preemptively filed suits to the tune of over $8 billion dollars against them. An amount that will likely fall well short of the fines that may follow.

And then a week later, the New York Times runs an article that basically makes their case by exposing the fact that Facebook completely deceived Congress back in April by not bothering to mention that they concealed a deal they had reached with device manufactures that surreptitiously divulged the personal information of Facebook users and most of their friends. Turns out four of those device makers are in China and one of them the US classifies as a potential spy.

I mean, when it comes to fiascos, it just doesn’t get much better than this. And the implication is obvious: the management team at this shop is pathologically incapable of telling the truth. That’s right, the very same people you have entrusted with not only your, but, thanks to social graphography, all of your friends’, personal information. Way to go genius.

But wait… there’s more. Pew Research recently released its latest survey on social media usage and there appears to be an emerging trend. Teenage users are seeking social media alternatives and it doesn’t appear that Facebook is holding their attention the way it used to.

Source: Pew Research 2017 poll results for teen social media use

Source: Pew Research 2014-2015 poll results for teen social media use

So, in addition to disabling 1.3B user accounts over the last 2 quarters because they were bots and spammers (see above) it’s beginning to appear that active teen accounts are also on the decline. And since teens are the consumer cohort of the future, ad sales will follow them wherever they go.

Maybe its just because Facebook has become the preferred social media for grandparents to keep up with the youngins. And nobody’s targeting grandma anymore. After all, that cohort is about to expire (see Facebook: The Cadillac of Social Media? – March 2016).


Facebook Goes to China

The New York Times recently reported that after years of trying Facebook has finally opened a subsidiary in China, not a full fledged services subsidiary but more of a research and development outpost where it can woo the locals into joining the cult of the Zuck.

When it comes to technology, China does nothing, absolutely nothing, without first understanding what actions and policies would accrue to its own benefit. So you can bet that they have carefully scrutinized this move and have gamed it out to their complete satisfaction.

Take cyber security for instance. China is very liberal when allowing foreign entities to encrypt data communications. Most companies are free to employ any encryption technology they prefer; only catch being whatever they install they have to surrender all the private keys to the Chinese government. There’s no secret like an open secret.

Now it has been widely reported that China is investing billions in AI for purposes of facial recognition (see Waking the Neuromorphic – February 2018). And who does faces like Facebook?

Talk about a match made in heaven.


July 26, 2018

FB: Common Shares

Source: NASDAQ: FB Market Summary

It ain’t about the hype; it’s about the fundamentals.


Oh no, you d’int, Part II

So, as reported in the WSJ and other outlets, Apple decided that Facebook’s Onavo Protect, did not conform to its privacy standards and, after talking it over with Facebook, had it removed from its App Store. You remember Onavo (see above), the Facebook spyware that followed your every browse to learn everything about you? So it brings up an interesting point. Will Facebook share this little bit of news with all of its users? Or will it sweep it under the rug with all the rest of its decisions about user privacy? When it comes to Facebook, one really has to wonder, why is it so hard to do the right thing?



Well, this was inevitable.

Facebook just announced that in a recent attack, Sept 28th, the personal information of up to 50 million users has been breached. According to the NYT’s the attack exploited a bug in the site’s “view as” feature which was added to give users greater control over their privacy. Zuckerberg was quoted as saying that “We have a major security effort at the company that hardens all our surfaces”.

Dad gum it!

I’m a big proponent of hardened surfaces. Use ’em every chance I get.

But here’s the good news. Facebook users are a lot like folks that are into tattoos. You wouldn’t put ink all over yourself if you didn’t want people to look. Even when you stick ’em in the most intimate of places, tucked under all your clothes, you still want people to look, you just want to make their effort commensurate with the reward.

So, rest easy Facebook lovers. Somebody went to a whole lotta trouble just to see what you been hiding there in your personal information. I’m sure they won’t be telling anybody about what they just saw.


An Annus Horribilis    January – December 2018

So, in the interests of wrapping things up, if you believe there’s no such thing as bad PR, it’s been a really great year for Facebook.

For all intents and purposes, Facebook’s fatuous altruistic mission of creating and enriching a globally connected community has been exposed by a litany of embarrassing fiascos, the likes seldom seen in techdom, to be little more than a greedy, conceited farce. Facebook’s total disregard for its users, the “dumb fucks” that earn them billions, proved completely commensurate with the managerial contempt and technical incompetence with which they treated their data; the kind of wanton arrogance that easily earned success often confers on the titans of technology. And how fitting that none other than the New York Times recently reported that Facebook retained some dark-side spin masters to insinuate that their woes were part of a broader, insidious, yet fictitious, anti-Semitic smear, a tactic right out of the Russian Handbook of Internet Trolling as issued by the Facebook Ministry of Misinformation and the veritable apex of unabashed and unembarrassed hypocrisy.

And yet, nothing untoward, no righteous retribution, has befallen Facebook.

The FTC hasn’t brought forward a fine even though there is abundant evidence that Facebook’s 2011 consent decree was violated. Congressional testimony hasn’t produced anything apart from a bunch of privacy induced hand wringing. Facebook management has declined to be interviewed by numerous government entities on four different continents with complete impunity. Sure, some users have elected to remove their data but materially fewer than the accounts that Facebook deactivated on its own after discovering they were just a bunch of bots and spammers. The stock price has gotten a bit of a hair cut. And the GDPR has proven to be little more than an annoying inconvenience causing the export of non-indigenous data and a superficial re-write of euro-centric user agreements rendering them even more opaque than the last iteration.

In many respects, it seems this lack of consequence has more to do with the perceived lack of injury to the party that is the primary component of Facebook’s business model, the users, than it has to do with the violation of more abstract notions concerning privacy in general. After all, exactly how are FTC or GDPR fines apportioned to the users whose privacy and data have been compromised? Are the damages awarded to the parties whose information was breached or are they awarded to the bureaucracies of sovereign entities whose policies have been violated? Under Article 82 of the GDPR individuals have the legal right to claim damages and seek compensation but exactly how this might occur is not clearly established and could prove prohibitively expensive for individual users. Further, there is little if any incentive to assign culpability to the parties who benefit most from the costless “externalities” that user data provides to social media sites, the advertisers. This asymmetric relationship of “stakeholders” to culpability and restitution seem to have allowed Facebook, Google, Amazon and others to fall into a largely consequence free crack, enormous profits for very little risk and even less responsibility.

What if the proposed fines for violations of privacy were levied on all of the parties who actually stand to benefit from this business model? Not just the social media, retailers and search sites who profit as the careless custodians of personal information but the brokers, middlemen and advertisers who seek to use that information to profitably engage those same consumers? It might be argued that any fine levied against a social media site would eventually be borne as a pass through to its customers. However, in the economic scheme of things, most of these fines would be little more than a rounding error for the likes of Google and Facebook and the same for many of the advertisers who employ them. Reputational damage, however, might be given greater consideration. What if under a globally harmonized privacy policy not only the media sites but all the parties in their paid-for-value-chain are equally fined and that those fines would, by law, have to be publically disclosed on those participants web sites as well as any public financial disclosures. Some UK MP’s recently raised this issue by implying that Facebook and Google advertisers have the moral obligation to boycott these platforms as a means to incentivize more appropriate behavior. Citing public interest and extraordinary circumstances, Parliament recently suspended any pretense to search and seizure protocols and raided the hotel room of Six4Three founder Ted Kramer to secure Facebook e-mails relating to changes in its privacy policies. Given favorable political conditions, moral obligations often find their way to legal ones.

An inkling of this thinking recently roiled the adtech world when French data protection agency CNIL issued a ruling against demand side platform Vectuary. CNIL’s judgment was that individual consent provided to a publisher, distributor or broker does not, through pre-existing contractual agreements, extend to any of its trading partners and that consent for the use of personal information by those parties would have to be obtained discretely and explicitly. The implication here is that the subsequent exploitation of personal information by trading partners without explicit consent is tantamount to a violation of GDPR rules protecting personal information. Facebook would be quick to point out that it doesn’t share personal information but employs an algorithm that “hashes it” in a way that allows demographic and profile information to be “discovered” for use in individually targeted advertising, a technical distinction that really doesn’t amount to a discernable difference. Like it or not, it appears that the culpability, and consequential liability, of violating personal information is about to extend throughout the entire adtech value chain.

Thus far, most governments have been reluctant to pursue these kinds of remedies, keeping faith that responsible business entities are best served by market conditions and conscientious internal governance. But here again, thanks to ownership issues, Facebook stands apart, and the board of directors, valley made titans who deeply understand the license that success confers on entrepreneurs, are hesitant to interfere in the on-going train wreck that Facebook has become. To the point where one has to wonder, exactly what constituency does Facebook’s board serve? Shareholders have lost 40% of their value, from $220/share to $131/share since the beginning of the year and by the looks of things, platform abandonment, slower user growth, advertising alternatives, that trend will continue well into 2019. And the governance at Facebook, if there is any, is entirely vested in its primary owner who just happens to be the Chairman and CEO. This isn’t necessarily a bad thing. Hundreds of private enterprises are owner led. But leading a publically traded entity, whose revenues are predicated on the public trust of personal data, is a challenge of much greater scope and responsibility and thus far the leadership of this organization has proven pathologically incapable of doing the right thing even when it pertains the least of what really matters.

We started this thread by suggesting that Facebook’s end will not come with a bang but a whimper and this year was but the nascent sounds of such. Violating user trust, dissembling in front of Congress, eschewing transparency and honesty, unapologetically spying on user browser activity; just another Tuesday at Facebook. And, lets face it, all of management’s protestation and attestation that things are really different are wanting in almost every dimension but most especially credulity.

And why might that be?

The biggest thing Facebook has going for it is human nature, a bonfire of vanities so intense that it consumes any initiative for real connection and replaces it with the inauthentic glass gazing of envy and schadenfreude, the preferred crack of society’s status conscious twitterati. Ever wonder why Facebook’s endless incompetence and feigned concern never enrage dedicated Facebook users? Because, at bottom, they just don’t care. Steal my identity, compromise my values, poison my opinions, tempt my inhibitions, ruin my reputation but just let me keep on watching how the other half lives, regardless of which half that might be. The Truman Show on a wristwatch brought to you by the brands your friends most want to buy. Now that’s livin’!

Facebook’s other key advantage is that there really aren’t, at least not at this moment, a bunch of viable alternatives. So you download your data from Facebook. Then what? Jam it into Frenzy and hope that somebody can find it? Stand up an Amber from Latticeworks? Wait for Tim Berners-Lee to get Inrupt out of the garage? Maybe. But you had better have more technical chops than your average soccer mom if you’re gonna make this fly. Facebook has been notorious for acquiring its competition before they become a genuine threat but given the distain with which they have treated regulatory entities, this isn’t likely to continue much longer. So there will be an opening for competition to grow and prosper.

As far as governance goes, unless there is a complete change in leadership and culture, don’t bet on it. This entity is completely entwined with the founder’s ego that is admittedly modeled on the rise, but not the demise, of Julius Caesar. Its published culture of social altruism and technical acumen has nothing to do with its real one; the one so aptly captured in the title of the Times recent article, “Delay, Deny, Deflect”, a slogan that even the board finds hard to publically support or disown. Perhaps a mentor along the lines of a Bill Gates might gently persuade young Julius that a life of philanthropy would be a more noble legacy than the one he currently pursues, but again those odds are long and given the ownership structure, few potential surrogates would relish the idea that they are only a whim away from being dispatched by a temperamental tyrant.

For those interested in watching the entire saga unfold pay attention to the harmonization of privacy policies between sovereign, globally connected, trading partners. Eventually, the US will move away from its laissez-faire privacy policies and move towards the principles out lined in GDPR. At that point the CNIL ruling on Vectuary will no longer be some obscure outlier but be accepted treatment of privacy issues in the adtech industry; custody and consent of personal information will matter more than the profits of Facebook, Google and Amazon. Along the way alternatives will emerge that will slowly siphon-off the value proposition of dominant, established social media players and usher in their final disposition.

In the end, all the current drama surrounding Facebook’s denouement will become a waste of time and when the moment finally comes, nobody, not even Facebook, will be watching.


Graphic courtesy of Flora Grubb Gardens, San Francisco, CA all other images, statistics, illustrations and citations, etc. derived and included under fair use/royalty free provisions.




Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Insights on Technology and Strategy