Now that Custom Audiences are available to all advertisers, there’s been a rush of products and services created to help you “take advantage” of the tool in potentially shady ways.
Of course, most who are doing this do not realize they are violating Facebook’s terms regarding use of Custom Audiences. But ignorance won’t keep you from becoming Facebook’s target.
If you aren’t familiar with Custom Audiences, this is Facebook’s amazing feature that allows you to target users who are also on your customer list (email addresses, Facebook UIDs and phone numbers being the most common method). Advertisers can upload their customer list into Power Editor or the self-serve ad tool and target them in ads.
Some have seen this as an opportunity to create software that scrapes UIDs and email addresses from Pages and groups to generate Custom Audiences from them. If you do this, you’re fighting with fire.
Facebook’s Custom Audience Terms of Service
I encourage you to read Facebook’s TOS that relate to Custom Audiences. But I’m going to highlight a couple of the points that apply to some of the common ways advertisers are currently breaking the rules.
Here is how those terms begin (emphasis is my own):
Without limiting any agreement between you and Facebook, by clicking “I accept” and uploading this data, you agree to the following:
A. You represent and warrant with respect to the data that you are using as part of your creation of a custom audience that you (or your data provider) have provided appropriate notice to and secured any necessary consent from the data subjects whose data you are using, which explains your use of the data, including as needed to be in compliance with all applicable laws, regulations and industry guidelines. If you have not collected the data directly, you confirm, without limiting anything in these terms, that you have all necessary rights and permissions to use the data.
We can assume that this also includes buying lists, though that may be a bit murkier.
Let’s move on…
B. You confirm that the data you are using to create your custom audience does not relate to any data subject who has exercised an option to opt out of having that data used by you or on your behalf for targeted advertising. To the extent a data subject makes such a request after you have used data relating to that data subject to create a custom audience, you agree to remove that data from the custom audience.
My Interpretation: This could mean one of two things, in my opinion. First, you are not to target anyone who has opted out of your email list. Since Custom Audiences are not dynamic, you should regularly update the list to make sure you are only using email addresses you have permission to use.
It could also mean that if someone has explicitly asked you not to use their data in this way that you are required to remove them from targeting.
I have heard of some marketers using lists of people who have opted out of their email newsletter as a way to bring them back in with targeted advertising. Depending on how you interpret the passage above, this may very well be against Facebook’s terms.
[UPDATE: Thanks to reader Sarah Sal who pointed out that Facebook also has an anti-scraping policy. So this is very clearly against Facebook’s terms.]
Is it Unethical?
The act of scraping, buying or using data you do not have permission to use appears to be against Facebook’s Terms of Service. So it’s wrong in the sense that Facebook prohibits it.
But is it unethical? That’s a tougher question. You are already able to target users based on their buying histories, lifestyle and home ownership status through the use of Partner Categories. While the response to this may be that people willingly gave up this info to Facebook’s partners in this case (and they then were granted that permission), an email address is no less sensitive than the data accumulated with Partner Categories.
And no one knows how you target them in ads. You could target them based on age, gender, interests and a long list of things.
But I can’t fight the feeling that this is simply the wrong thing to do. And I often let that gut reaction guide me.
Is it Worthwhile?
We’ve established that the process of scraping email addresses and UIDs for use in Custom Audiences is probably against Facebook’s rules. So the next question: Does the reward outweigh the risk?
I honestly don’t understand why anyone would do this. If you want to target the Fans of Social Media Examiner, you don’t need to scrape Fan user data and create a Custom Audience to do that. You just need to include Social Media Examiner within Precise Interests.
The only potential value I see in this practice is that you can create a Lookalike Audience from that list. But I just don’t see that payoff coming close to outweighing the risk of getting shut down.
I can understand the argument that the act of scraping this data for use in Custom Audiences is no worse than a long list of tactics that Facebook allows.
In fact, you might even compare this to a couple of Facebook rules that have recently been loosened, most notably cover photo and contest rules. There wasn’t necessarily anything unethical about doing those things before, but it was against Facebook’s terms.
While I do believe this is an unethical practice, that could be put up for debate. But using data that you do not have permission to use does appear to be against Facebook’s terms. This means you could be shut down as a result.
Frankly, I could never in good conscience tell a client that this is something they should consider doing. And unless Facebook changes or clarifies their terms, I’ll never use it as part of my own strategy.
What is your interpretation of the rules? Is this something you’d do? Do you believe it’s unethical?
Let me know in the comments below!