| NOTAS: | Published as part of Governing Platforms, a research project by AlgorithmWatch, in partnership with the European Policy Centre and the University of Amsterdam’s Institute for Information Law, with support by Civitates
"A new study shows that the GDPR needn’t stand in the way of meaningful research access to platform data; looks to health and environmental sectors for best practices in privacy-respecting data sharing frameworks. In February 2020, after heated discussions between Facebook and the research community, the platform announced that it would release nearly a billion gigabytes of raw data through its partnership with Social Science One. The partnership, which allows select researchers to investigate the effects of social media on elections and democracy, was delayed by nearly two years after Facebook raised concerns about compliance with the EU’s General Data Protection Regulation (GDPR). However, a new AlgorithmWatch study examining best practices in research access frameworks shows that this claim, used by Facebook and other platforms in apparent attempts to thwart external scrutiny, doesn’t hold water. Drawing on examples from the environmental and health sectors, the study shows how data protection concerns can be mitigated through the introduction of mandatory data sharing frameworks, with an independent EU-institution at the center. The study’s findings come at a critical time. The European Commission is moving forward with its plans to increase and harmonize the responsibilities of online platforms and reinforce oversight over platforms’ content moderation policies through the announced Digital Services Act (DSA) package. The Commission is also considering special rules for large platforms with significant network effects, like Facebook or Google. Noting that self-regulatory efforts have failed to bring about true accountability, the study argues that especially such large platforms should be subject to binding disclosure requirements in the same way that large polluters are required to report emissions data to member state and EU level authorities. Wary of the sensitivity of certain kinds of data as well as legitimate concerns related to user privacy, the authors recommend that an independent EU body act as an intermediary between the disclosing corporations and recipients. Such an institution would maintain relevant access infrastructures including virtual secure operating environments, public databases, websites and forums. It would also play an important role in verifying and pre-processing corporate data in order to ensure it is suitable for disclosure." |
