Data, ethics and anonymisation in a changing digital communications world

This is the last in a series of three articles examining the legal and ethical dilemmas faced when using new mediums and data sources for healthcare market research and data analytics, following on from a BHBIA meeting. This piece looks at online and social media tools and explains how to remain within the rules on anonymisation and personal data.

Research practitioners know the importance of listening to, as well as engaging with, the public in order to deliver effective and credible insight to clients. Online and social medial tools and platforms, such as blogs, Facebook and Twitter are well-established communication networks that researchers are increasingly looking to in order to maximise their potential for market research. Social media offers valuable information about what people are thinking right now.

This article examines anonymisation as a key to utilising social media for market research. Understanding of its benefits as a research tool must be accompanied by appreciation of the importance of maintaining public trust in research through following legal and ethical rules and guidelines, which is why the Data Protection Act 1998 (DPA) and the Market Research Society (MRS) Code of Conduct are so important in this rapidly evolving area of research.

“Ethical considerations in both online and offline research are underpinned by the same fundamental legal framework”

 

 

Ethical considerations in both online and offline research are underpinned by the same fundamental legal framework. The guiding construct underpinning the DPA can be summarised as that of ‘informed consent’, which has two key components in terms of the fundamental rights of individuals being asked for, or providing, information about themselves:

• Transparency – ensuring individuals have a clear and unambiguous understanding of the purpose(s) of collecting the data and how it will be used;

• Consent – at the time that the data is collected, individuals must give their consent to their data being collected and also have the opportunity to opt out of any subsequent uses of the data.

This raises some interesting points in the context of using online or social media for research purposes: How do social media users think their data will be used? What is an acceptable use of their data? Is there an expectation of anonymity on the part of the user? Do expectations vary according to the tool or platform the user is on? Can anonymity ever be guaranteed in this context? In this regard, it is useful to look at some DPA definitions concerning anonymity and personal data, along with the appropriate rules in the MRS Code of Conduct.

Anonymisation

Anonymisation is the process of turning data into a form which does not identify individuals and where identification is not likely to take place. This allows much wider use of the information. The DPA controls how organisations use ‘personal data’ – that is, information which allows individuals to be identified.

Personal data

The DPA says that ‘personal data’ means: data which relate to a living individual who can be identified (a) from those data, or (b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller, and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.

Personal data has to be about a living person, meaning that the DPA does not apply to mortality or other records about the deceased, although such data could still be protected by confidentiality or other legal rules.

What is not personal data?

From the definition above, it follows that information, or a combination of information, that does not relate to and identify an individual, is not personal data. Clearly, effective anonymisation depends on a sound understanding of what constitutes personal data.

The DPA requires all organisations that process personal data to protect it from inappropriate use or disclosure. However, the same organisations may want to, or be required to, publish information derived from the personal data they hold. For example, health service organisations are required to protect the identities of individual patients but may also be required to publish statistics about patient outcomes. Anonymisation helps organisations comply with their data protection obligations while enabling them to make information available to the public. Any organisation processing personal data has to comply with the data protection principles. The principles regulate the disclosure of personal data, and in some circumstances can prevent this. This means that, in general, it is easier to disclose anonymised data than personal data as fewer legal restrictions apply. It is also easier to use anonymised data in new and different ways because the DPA’s purpose-limitation rules do not apply to it.

Is anonymisation always necessary?

The primary reason for undertaking anonymisation is to protect individuals’ privacy when making available the data resources that activities such as research and planning rely on. It is legitimate to use personal data for certain purposes, for example where the intention is to inform decisions about particular individuals, or to provide services to them.

Much medical research involves access to patients’ personal data and is carried out on the basis of patient consent and involvement. However, where the use of personal data is not necessary, then the objective should generally be to use anonymised data instead. In some cases there will be no alternative to using personal data for research and certain other purposes. This might be the case where there is a need to contact individuals to ask them about the treatment they have received or the service they have subscribed to, for example. The Information Commissioner’s Office recognises the special utility of personal data and that it is not always necessary or possible to use anonymised data instead of personal data.

Is anonymisation always possible?

The Information Commissioner recognises that some collections of personal data do not lend themselves well to anonymisation – voluminous collections of paper records held in a variety of formats, for example. Although the sensitivity of data generally decreases with the passage of time, the inappropriate release of records many decades old, like criminal records, could still have a severely detrimental effect on an individual. That is why the security of data that cannot be anonymised is paramount.

How does this work for online and social media research?

The MRS Guidelines for Online Research state that researchers should avoid intruding on the privacy of online participants. Personal information (other than that which has already been made available for purposes including research) should not be sought from, or about, participants without their prior knowledge and agreement.

So, in accordance with the principle of voluntary informed participation, information identifying participants (personal data) must not be collected from participants without their consent.

Researchers who use techniques to uniquely identify participants, such as cookies, unique IP addresses, digital fingerprinting or browser profiling, must provide clear and comprehensive information to participants at the time of collection about the data collected, who will have access to it and the purposes for which it will be used.

 

“It is not acceptable for a researcher to pose as a non-researcher, to lurk on a network or forum”

 

Researchers who participate in a social network or forum must declare their presence, their role as a researcher, the identity of the organisation they work for, what information they intend to collect, what it will be used for and who will have access to it. It is not acceptable for a researcher to pose as a non-researcher, to lurk on a network or forum, or to passively collect personal data without prior consent
Researchers conducting social media monitoring, text analytics or sentiment analysis should take steps to avoid collecting personal data. Researchers must ensure that any personal data is not processed further without consent.

Researchers purchasing or otherwise accessing datasets or samples containing personal data for analysis must ensure that the data was fairly and lawfully obtained by the supplier.

Researching children

The MRS definition of a child is ‘a person under the age of 16’. Children have the same rights as adults within the DPA.

If it is known that participants may include children, members must ensure the participants are asked to confirm their age before any other personal information is requested. Further, if the age given is under 16, the child must be excluded from giving further personal information until the appropriate permission from a responsible adult has been obtained and verified.

Members must ensure that information about other individuals is not collected from a child unless for the purposes of gaining permission from a responsible adult.

Recognising the particular difficulties of ensuring consent in online research, consent must be obtained in a form that is verifiable. Email communications on their own are considered insecure and must not be accepted as a verifiable form of consent in isolation and so must be supplemented by a second form of consent, for example a telephone call or a letter. Where researchers have a pre-existing relationship with parents (e.g. they are current panel members) it may be possible to verify consent electronically through the use of passwords, exchange of tokens, etc.

As this article demonstrates, special care must be exercised when using online or social media platforms for research purposes. Advances in technology present challenges regarding anonymisation in ways that may not be immediately obvious, such as entering a quote from a social media site into an Internet Search Engine, which could lead to the identification of the poster. However the overriding principle remains the same whether researching online or offline: maintenance of public trust through transparency and consent.

About the author:

Julie Corney is Standards & Compliance Co-ordinator at the Market Research Society (MRS). The MRS helps its members and company partners to engage in their business activities whilst keeping within the law and the ethics of the industry.

The MRS standards team members are experts on the MRS Code of Conduct and related UK legislation such as the DPA. Contact them on Tel: 020 7490 4911 or email codeline@mrs.org.uk

About the BHBIA: The core aim of the BHBIA is to promote the excellence with integrity of business intelligence in the healthcare industry. Members are drawn from pharmaceutical/ healthcare companies and the agencies/consultancies that supply business intelligence services to those companies. Find out more about the BHBIA here.

Read the previous article in this series:

Electronic health records expose privacy fears