“I’m sorry, so sorry.” In the 1960s, it was a hit song by the 15-year old American singer Brenda Lee, crooning about unrequited love. In the 21st century, “sorry, so sorry” has become the tragic modus operandi for banks, businesses and social media behemoths. Time and time again, mega companies exploit customer data for nefarious reasons, walk away with a slap on the wrist — and occasionally a hefty fine or two — and spit out a “we’ll do better” PR campaign.

“Today, we’re renewing our commitment to you — and working to earn back your trust,” Wells Fargo wrote in an ad caption after being busted for opening millions of customer bank accounts without permission.

“From now on, [we’ll] do more to keep you safe and protect your privacy,” Facebook declared after a spree of bad press, tanking stocks, and public backlash over its handling of fake news and selling user information.

The reasons companies lie are obvious. The first is financial pressure: Stock prices and investors don’t always respond well to transparency. Second, ego. With no incentive to admit errors, businesses are sticking consumers in an unjust loop, doomed to repeat itself until real change happens.

Why do we, as consumers, accept dishonesty and hollow apologies as the status quo? And how can change come about?

Deception 411

If Mark Zuckerberg had laid out what Facebook does — collects user data and sells it for profit — there would be no actual need to ask these questions. We would have made informed decisions about what platforms and businesses we wanted to give our time, attention, information, and, in many cases, money.

Instead, we’re facing another “sorry” campaign that shifts blame elsewhere.

Earlier this year, we learned that Russia meddled in the U.S. presidential election via the Facebook platform. Next came the Cambridge Analytica news — a massive data privacy scandal that affected 87 million Facebook users. This was followed by persistent Russian troll farms spreading fake news on the platform, and topped off with Facebook’s own boy genius producing unsettling Congressional testimony on the topics of how the company handles data.

More recently Facebook has once again found itself defending deceptive and shady practices. Gizmodo reported this week that Facebook allows its advertising partners to target a Facebook user by their phone number — where users gave Facebook that phone number for the implicit purpose of enabling 2FA account security. In addition, Facebook will harvest phone numbers from other users’ imported contact lists — associating those contacts to user profiles in what is referred to as “shadow contact information” — even when those users have not provided their phone numbers to Facebook directly.

Facebook was not being transparent or honest about what it does with your collected data, and sadly it can currently do this legally because no privacy laws exist in the U.S. for this sort of thing.

Companies like Facebook are proving they can’t just be trusted to do the right thing.

Yes, the social media giant is making moves to clean up its tainted reputation. It is not, however, making genuine moves to fix the problem.

Equation to solve

“Sorry, not sorry” campaigns do nothing to move toward a more principled stance.

Cut to a national ad campaign in which Facebook attempts to own its snafus around “spam, clickbait, fake news, and data misuse.” It’s a classic deception where, if you watch and listen closely, Facebook seems to paint itself as the unsuspecting victim. The ad does little to explain Facebook’s laissez-faire role once its users’ data was sold. Uber ran a similar blame-shifting ad, “Moving Forward” that brushed off its well-publicized missteps and attributed them to its previous leadership team as if we’re supposed to assume things will be different going forward.

The new privacy wave through regulation

What will usher in an era of honesty? Is policy framework or regulation the answer?

Privacy regulations like GDPR, the European Union’s wide-reaching laws on data use and privacy, mark a new beginning that will force more transparent practices. Following suit, countries like India, China, Singapore, and Saudi Arabia are also issuing new data privacy laws, meaning that approximately 70 percent of potential internet users worldwide are being divided under complex legislation surrounding personal information and intellectual property use.

Stateside, there’s growing media attention around the fact that private companies, including Facebook, Google, Twitter, and other tech giants, are dominating the advertising, speech, and news space. One interesting proposition put forward is to regulate these companies like public utilities.

It’s too soon to tell which combination of policy and regulation will break the “sorry, not sorry” cycle. One thing is essential: Consumers must demand that platforms hold themselves accountable. It hasn’t happened yet because, in general, there’s been a lack of insight into how or why our data is used. Now that our very democracy is at stake, consumers are beginning to realize that social media always came at a cost. Only when we act democratic and pressure companies to stop harvesting the derivatives of our identities and selling them for profit will the “sorry, not sorry” phenomenon stop.

Can we break the cycle?

Once upon a time, Google’s motto was “Don’t be evil.” Today that motto is said with snark and sarcasm.

Facebook’s Zuckerberg often talks about doing the right thing while actively doing the opposite.

Equifax is still conducting business as usual even after allowing hackers to make off with the financial data of 143 million Americans.

Wells Fargo apologized for fraudulently opening millions of accounts for its customers while simultaneously incentivizing its bankers to sell customers bogus auto insurance.

Clearly, these companies and others like them cannot be trusted to “do the right thing” on their own.

Therefore it is up to us, as consumers to penalize bad behavior and reward good behavior. The two mechanisms available to us are voting with our feet and wallets and voting for representation in our government so that we can enact legislation to safeguard consumer privacy.

Founders and business leaders need to remember that integrity, transparency, and fairness can be inclusive of profit and growth. The old quote “Love means never having to say you’re sorry” needs to be updated to “Not being an ass in the first place means not having to say ‘we’re sorry’ with multimillion-dollar ad campaigns.”

Joshua Strebel is CEO of Pagely.