Feeds

Journal that published Facebook emoto-furtle study: Proper boffins get CONSENT

There's a thing called 'Common Rule'. Heard of it, Mr Z?

Protecting users from Firesheep and other Sidejacking attacks with SSL

Facebook's ethical standards do not meet those of most researchers who conduct studies on human subjects, the journal which published the "secret", emotion-manipulative research on nearly 700,000 of the social network's users has said.

The journal of the Proceedings of the National Academy of Sciences (PDF), has now made a statement about its publication of the controversial paper Experimental evidence of massive-scale emotional contagion through social networks. The study was co-authored by Facebook's data scientist Adam Kramer and researchers from the University of Cornell in New York and the University of California, San Francisco.

The journal did not apologise for publishing the research, which has come under fire from privacy groups and data regulators in the UK and Ireland as the data subjects, well Facebookers, were allegedly not explicitly asked for their consent.

Instead, PNAS appeared to put the blame on Facebook for behaving like, well, Facebook.

It said the Mark Zuckerberg-run company had made it clear in its Ts&Cs that, by creating a Facebook account, users were making an informed decision to consent to such research taking place.

However, that claim has been challenged by critics who say that the network's Data Use Policy did not state such activity in 2012 when the secret experiment was carried out. It's this complaint that the UK's Information Commissioner and Ireland's data watchdog - which is ultimately responsible for keeping an eye on the company's information-handling within the EU - are currently examining.

PNAS said:

Obtaining informed consent and allowing participants to opt out are best practices in most instances under the US Department of Health and Human Services Policy for the Protection of Human Research Subjects. (the "Common Rule").

Adherence to the Common Rule is PNAS policy, but as a private company Facebook was under no obligation to conform to the provisions of the Common Rule when it collected the data used by the authors, and the Common Rule does not preclude their use of the data.

The journal said its editors had decided to publish the paper based on what the authors had said about the research - that the work was "consistent with Facebook's Data Use Policy".

"It is nevertheless a matter of concern that the collection of the data by Facebook may have involved practices that were not fully consistent with the principles of obtaining informed consent and allowing participants to opt out," PNAS added.

On Wednesday, Facebook's COO Sheryl Sandberg didn't say sorry for conducting the research, but simply said: "It was poorly communicated. And for that communication we apologise. We never meant to upset you." ®

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.