Like most consumers, “CBS Morning News” Host Gayle King finds it creepy when ads appear in her social media feed for products and services she discussed in private online conversations or which she might have looked at while casually surfing the web.

“I swear I think you guys are listening,” she recently told Instagram head Adam Mosseri in an interview on her show. “I know you are gonna say you’re not.”

Mosseri politely insisted that Instagram, which is owned by Facebook, doesn’t spy on its users by reading their messages or listening in on their microphones, though he acknowledged that many people might not believe his explanation given his parent company’s poor reputation when it comes to privacy issues. 

Like other major websites such as Google, Instagram sells advertising based on data it collects from cookies about  users’ behavior. This enables advertisers to target potential customers more precisely than with traditional media.

A 2009 study, recently cited by the Wall Street Journal, found that advertisers were willing to pay almost three times as much for ads that behaviorally target consumers compared to those that don’t. Advertisers believe those ads  are more effective.

While it feels creepy, worries over behavioral targeting are much ado about nothing, Mosseri says. 

 “So maybe you’re really into food and restaurants,” Mosseri told King. “You saw a restaurant on Facebook or Instagram and you really like the thing. It’s top of mind, maybe it’s subconscious and then it bubbles up later. I think this kind of thing happens often in a way that’s really subtle.”

The company’s critics see it differently.

Facebook is facing a fine of as much as $5 billion from the Federal Trade Commission for failing to prevent the data it collected on users from being used by outside companies without  customers’ authorization, according to media reports.

The largest social network also is facing calls from Democratic presidential candidate Sen. Elizabeth Warren (D-Mass.) and others to break up because of concerns about the company’s business practices. 

Further government regulation is going to hit Facebook’s bottom line regardless of the outcome of the 2020 presidential election.

Facebook and other U.S. companies also face a  challenge complying with a recently enacted E.U. privacy rule called the General Data Protection Regulation (GDPR), which feature a “right” for consumers to be forgotten.

According to an analysis by Forbes, U.S. Fortune 500 companies are expected to spend $7.8 billion to comply with GDPR, which was effective as of May. Members of the U.K.’s FTSE 350 Index spent another $1.8 billion.

Facebook, which has 20% of its users in Europe, has spent millions on GDPR compliance and has assembled “the largest cross functional team” in its history to oversee the process, according to Forbes.

Concern over data protection isn’t confined to Facebook.  

Yahoo, Target and Equifax are among companies hammered in recent years for their response to attacks from hackers that compromised the personal information of tens of millions of their customers.According to Market Research Engine, spending on data protection in the U.S. is expected to growth at an annual rate of 15% over the next few years before reaching more than $120 billion in 2023.  Such a large rising tide should lift boats of all sizes.