Re: [Air-l] internet research and confidentiality
At 11:48 AM 12/21/2004, you wrote:
We had this issue a while ago on this list, and I just want to repeat my view:
Blogging, Webpublishing and Usenet posting are demonstrably public activities. Unless you render the concept of "private" so ambigious that it becomes virtually unusable, this is an empirical fact, not a normative statement.
Therefore, publishing research on these kinds of communications does not violate any privacy/confidentialty laws. At least that is the case for most countries that guarantee some freedom of speech rights.
While I have no idea about the bylaws of specific universities or professional associations, I would strongly caution against regulations that curtail the rights of academics vis-a-vis non-affiliated citizens or even journalists.
Of course, some exceptions with respect to vulnerable persons apply, but by and large vulnerable persons do not do blogging.
BTW, you are not doing (experimental) research on human subjects, but on communications.
Thomas
That is your view, it is a common one, and you are entitled to it. However, there are other views that are equally valid. If you read the guidelines you would understand that they are simply that, not regulations. But, like it or not, some regulations, created not by AoIR but by various governments and institutions, do apply. What is legal in one jurisdiction is not always legal in another. What is legal is not always ethical. And what is legal and ethical is not always approved by an IRB. I'm simply pointing out -- as is AoIR in adopting the guidelines -- that this is not a simple, "one size fits all" issue. Much depends on the researcher, the nature of the research, where the institution happens to be located, and the views of the individual IRB. The guidelines are intended to help researchers like Oriana sort it all out. ------ Mark D. Johns, Ph.D. Asst. Professor of Communication/Linguistics, Luther College, Decorah, Iowa http://faculty.luther.edu/~johnsmar/ ----------------------------------------------- "Get the facts first. You can distort them later." ---Mark Twain
Unless I missed it no one has directly presented bloggers as journalists -- we don't ask journalists for their approval and get IRB forms when we do a content analysis on TV shows, news programs, or written items such as articles in newspapers, magazines, or journals. So, perhaps blogs aren't the new new media! (Two things: yes, people have stated that blogs are public, but I mean something different, and two, I'm thinking outloud, I'm not saying one should or should not get IRB approval -- this is a sort of meta-analysis of the ideas as I saw them -- blogs are often presented as an important adjunct to, or challenge to, journalism, but here were are clearly treating them differently -- this probably makes some sense given the often much more personal nature of some blogs, but nonetheless it is an interesting angle.) ndp... On Dec 21, 2004, at 1:40 PM, Mark D. Johns wrote:
At 11:48 AM 12/21/2004, you wrote:
We had this issue a while ago on this list, and I just want to repeat my view:
Blogging, Webpublishing and Usenet posting are demonstrably public activities. Unless you render the concept of "private" so ambigious that it becomes virtually unusable, this is an empirical fact, not a normative statement.
Therefore, publishing research on these kinds of communications does not violate any privacy/confidentialty laws. At least that is the case for most countries that guarantee some freedom of speech rights.
While I have no idea about the bylaws of specific universities or professional associations, I would strongly caution against regulations that curtail the rights of academics vis-a-vis non-affiliated citizens or even journalists.
Of course, some exceptions with respect to vulnerable persons apply, but by and large vulnerable persons do not do blogging.
BTW, you are not doing (experimental) research on human subjects, but on communications.
Thomas
That is your view, it is a common one, and you are entitled to it. However, there are other views that are equally valid. If you read the guidelines you would understand that they are simply that, not regulations. But, like it or not, some regulations, created not by AoIR but by various governments and institutions, do apply. What is legal in one jurisdiction is not always legal in another. What is legal is not always ethical. And what is legal and ethical is not always approved by an IRB. I'm simply pointing out -- as is AoIR in adopting the guidelines -- that this is not a simple, "one size fits all" issue. Much depends on the researcher, the nature of the research, where the institution happens to be located, and the views of the individual IRB. The guidelines are intended to help researchers like Oriana sort it all out.
------ Mark D. Johns, Ph.D. Asst. Professor of Communication/Linguistics, Luther College, Decorah, Iowa http://faculty.luther.edu/~johnsmar/ ----------------------------------------------- "Get the facts first. You can distort them later." ---Mark Twain _______________________________________________ The Air-l-aoir.org@listserv.aoir.org mailing list is provided by the Association of Internet Researchers http://aoir.org Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
Join the Association of Internet Researchers: http://aoir.org/airjoin.html
--------------------------------------------- Nathaniel Poor, Ph.D. Lecturer Communication Studies University of Michigan www.umich.edu/~natpoor
I think we've talked about this a bit before: Does Internet help diminish old languages and create new ones at the same time? http://www.langmaker.com/ and Esperanto, of course: http://www.esperanto.net/ a link to Toki Pona: http://www.tokipona.org/ This is the original article ... sorry, it's all in Polish: http://serwisy.gazeta.pl/kultura/1,34169,2459055.html?nltxx=1721533&nltdt=20... Jarek
At 18:40 21/12/2004, Mark D. Johns wrote:
At 11:48 AM 12/21/2004, Thomas Koenig wrote:
Blogging, Webpublishing and Usenet posting are demonstrably public activities. Unless you render the concept of "private" so ambigious that it becomes virtually unusable, this is an empirical fact, not a normative statement.
Therefore, publishing research on these kinds of communications does not violate any privacy/confidentialty laws. At least that is the case for most countries that guarantee some freedom of speech rights.
While I have no idea about the bylaws of specific universities or professional associations, I would strongly caution against regulations that curtail the rights of academics vis-a-vis non-affiliated citizens or even journalists.
Of course, some exceptions with respect to vulnerable persons apply, but by and large vulnerable persons do not do blogging.
BTW, you are not doing (experimental) research on human subjects, but on communications.
Thomas
That is your view, it is a common one, and you are entitled to it.
Some of it is my view, but some of it are empirically testable factual statements.
If you read the guidelines you would understand that they are simply that, not regulations.
I did read the guidelines and I am very aware that these are guidelines, but these are also guidelines I personally happen to disagree with in some respects. And even if "guidelines" are not legally binding, they still steer you into one direction or the other. There are other guidelines of other professional associations, too. When I read the guidelines of those associations, where I pay membership fees, I disagree much less, in fact, I agree. The American Sociological Association states, for instance: "(c) Sociologists may conduct research in public places or use publicly available information about individuals (e.g., naturalistic observations in public places, analysis of public records, or archival research) without obtaining consent. If, under such circumstances, sociologists have any doubt whatsoever about the need for informed consent, they consult with institutional review boards or, in the absence of such boards, with another authoritative body with expertise on the ethics of research before proceeding with such research. (d) In undertaking research with vulnerable populations (e.g., youth, recent immigrant populations, the mentally ill), sociologists take special care to ensure that the voluntary nature of the research is understood and that consent is not coerced. In all other respects, sociologists adhere to the principles set forth in 12.01(a)-(c)." (http://www.asanet.org/members/ecostand2.html) Now, this is pretty much what I have said (put more eloquently, to be sure), even though I did not even know about the wording of these guidelines until half hour ago(talk about disciplinary bias).
But, like it or not, some regulations, created not by AoIR but by various governments and institutions, do apply.
Yes, and I am still to see that national laws of democratic states that would prohibit the quotation of blogs. If they would, pretty much all blogging itself would be illegal, because most blogs quote each other on a constant basis. My guess is, that at least in the US and Germany, a law that would prohibit free speech in such a manner would be ruled unconsitutional by the supreme courts.
What is legal in one jurisdiction is not always legal in another.
Sure.
What is legal is not always ethical.
Agreed.
And what is legal and ethical is not always approved by an IRB.
Unfortunately also true.
I'm simply pointing out -- as is AoIR in adopting the guidelines -- that this is not a simple, "one size fits all" issue.
I do not think that I advocate a "one size fits all" approach. But I do want to have a law that allows in principle for quotation of blogs and the like, and then specifies some narrow exemptions to that rule. Just like the ASA guidelines do. Thomas -- thomas koenig, ph.d. department of social sciences, loughborough university http://www.lboro.ac.uk/research/mmethods/staff/thomas/index.html
On Dec 21, 2004, at 5:03 PM, Thomas Koenig wrote:
At 18:40 21/12/2004, Mark D. Johns wrote:
At 11:48 AM 12/21/2004, Thomas Koenig wrote:
Blogging, Webpublishing and Usenet posting are demonstrably public activities. '
they are clearly and demonstrably public if and only if there is no assumption of privacy built into blog. an assumption of privacy might be having to login to view the blog, or being inside a password protected system, or being in a community of blogs in which some data is only viewable by certain members of the community. those are case that move the blog toward requiring confidentiality because the authors have an assumption that some of their information is only for friends/family/themselves, etc. if there are no known access barriers to the information, then yes, it is likely public, but we have to take care because it will not always be obvious. jeremy hunsinger jhuns@vt.edu www.cddc.vt.edu jeremy.tmttlt.com www.tmttlt.com () ascii ribbon campaign - against html mail /\ - against microsoft attachments Jeremy Hunsinger Center for Digital Discourse and Culture () ascii ribbon campaign - against html mail /\ - against microsoft attachments
Selon jeremy hunsinger <jhuns@vt.edu>:
At 11:48 AM 12/21/2004, Thomas Koenig wrote:
Blogging, Webpublishing and Usenet posting are demonstrably public activities. '
they are clearly and demonstrably public if and only if there is no assumption of privacy built into blog.
We thus agree on Usenet and webpublishing.
an assumption of privacy might be having to login to view the blog, or being inside a password protected system, or being in a community of blogs in which some data is only viewable by certain members of the community. those are case that move the blog toward requiring confidentiality because the authors have an assumption that some of their information is only for friends/family/themselves, etc. if there are no known access barriers to the information, then yes, it is likely public, but we have to take care because it will not always be obvious.
I disagree. If somebody, inadvertendly or deliberately, publishes his or her blog with the false assumption of privacy, it is still public. Even a password is not always sufficient basis for a claim to privacy. Many of the password protected message boards, where oftentimes binaries are exchanged, are password protected through an automated system, that's still public, as the only reason for the password is the avoidance of indexing through search machines. On the other hand, if someone creates a "blog" purely for his family/friends/etc. and password protects it, then, of course, I am not allowed to hack the site or use means of deception to gain access. That should go without saying. Even if I would be a legitimate friend of the person, the data would be off-limits. To me, all these exceptions appear obvious, so maybe our differences boil simply down to semantics. Thomas -- thomas koenig, ph.d. department of social sciences, loughborough university, u.k. http://www.lboro.ac.uk/research/mmethods/staff/thomas/index.html
On Dec 22, 2004, at 10:32 AM, Thomas Koenig wrote:
Selon jeremy hunsinger <jhuns@vt.edu>:
At 11:48 AM 12/21/2004, Thomas Koenig wrote:
Blogging, Webpublishing and Usenet posting are demonstrably public activities. '
they are clearly and demonstrably public if and only if there is no assumption of privacy built into blog.
We thus agree on Usenet and webpublishing.
yes, broadcast usenet is public, private applications of usenet do exist though. and in generally, publishing is publishing is publishing, it is not a simple question, certain things are published and we have rights to, and certain things may or may not be published and we have rights to, and certain things may not have been published at all, are stolen or appropriated and nothing is clear about who has rights to what, where, when, and how, and there we have to be careful, which is the key point is that you should do a minimally diligent investigation and not just 'assume' things are what they might appear to be from your view. If a binary which is distributed under an individual license is 'published' on a bulletin board, you probably do not have any rights to it. or for instance, if I'm at the university and certain parts of the material are published in my view, are they published for everyones view or are they limited to only people on the university network, (this is less of a problem with universities than perhaps with corporations into knowledge management and control). we have to be aware that what we see on the internet because of our situation in the world may not be as clearly defined as we think. We may in fact be seeing things on the internet that we have licensed or otherwise accepted other forms of rights limitations, assumptions about, and therefore need to be careful to ensure that what we are viewing is within the bounds of our current regime of laws, norms, etc.
an assumption of privacy might be having to login to view the blog, or being inside a password protected system, or being in a community of blogs in which some data is only viewable by certain members of the community. those are case that move the blog toward requiring confidentiality because the authors have an assumption that some of their information is only for friends/family/themselves, etc. if there are no known access barriers to the information, then yes, it is likely public, but we have to take care because it will not always be obvious.
I disagree. If somebody, inadvertendly or deliberately, publishes his or her blog with the false assumption of privacy, it is still public.
it very much depends, in the u.s., this is unclear. for instance, If i drop my bank statement on the sidewalk, it cannot merely be republished as public information. perhaps in the u.k. and europe it too is unclear, but i'd suggest looking at your local laws. certain things are private and need to be regarded as such.
Even a password is not always sufficient basis for a claim to privacy. Many of the password protected message boards, where oftentimes binaries are exchanged, are password protected through an automated system, that's still public, as the only reason for the password is the avoidance of indexing through search machines.
here i agree in principle, but we have to make sure we understand and can represent the situation, because in other cases, that password may in fact represent a barrier to access and thus ensure privacy, it depends on the situation, the group, and is not universal.
On the other hand, if someone creates a "blog" purely for his family/friends/etc. and password protects it, then, of course, I am not allowed to hack the site or use means of deception to gain access. That should go without saying. Even if I would be a legitimate friend of the person, the data would be off-limits.
i agree.
To me, all these exceptions appear obvious, so maybe our differences boil simply down to semantics.
well my basic argument is to not take our assumptions about the data at face value, but to actually make sure we are clearly using public data or ethically acquired data. i don't think we can make universal statements about what is public or private because that is hotly contested and there is no universally agreement. we have to make some effort to know about our data and be able to make our case should that be required. we should not just assume everything on the web is public, because it clearly isn't, nor should we assume that any data we can acquire from the web is going to be public, we have to make sure that it is public before we use it as public.
Thomas -- thomas koenig, ph.d. department of social sciences, loughborough university, u.k. http://www.lboro.ac.uk/research/mmethods/staff/thomas/index.html _______________________________________________ The Air-l-aoir.org@listserv.aoir.org mailing list is provided by the Association of Internet Researchers http://aoir.org Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
Join the Association of Internet Researchers: http://aoir.org/airjoin.html
At 17:01 22/12/2004, jeremy hunsinger wrote:
On Dec 22, 2004, at 10:32 AM, Thomas Koenig wrote:
I disagree. If somebody, inadvertendly or deliberately, publishes his or her blog with the false assumption of privacy, it is still public.
it very much depends, in the u.s., this is unclear. for instance, If i drop my bank statement on the sidewalk, it cannot merely be republished as public information. perhaps in the u.k. and europe it too is unclear, but i'd suggest looking at your local laws. certain things are private and need to be regarded as such.
Even though I do not know anything about the local laws, I would be surprised, if it would be legal to publish and/or quote an inadvertendly lost bank statement anywhere in the EU. I fail to see the analogy to a blog, though. Because of a simple typo, I receive many private, oftentimes sensitive, emails to one of my email accounts. Not in my wildest dreams I would use these wrongly adressed mails as data or make them accesible to anyone other than the sender and the intended adressee, because, obviously, I was not the intended adressee. That is an apprpropriate analogy for the lost bank statement, I think. I also can see, that many people are not aware that some of their files are avalable on the web, when they store them on a common drive that happens to be public, i.e. pages like http://www.lboro.ac.uk/research/mmethods/stuff/ (This directory appears as on the "G:" drive on my computer. These might be off-limits, too. How, in contrast, do you inadvertendly publish a blog? Thomas -- thomas koenig, ph.d. department of social sciences, loughborough university http://www.lboro.ac.uk/research/mmethods/staff/thomas/index.html
On Dec 22, 2004, at 1:47 PM, Thomas Koenig wrote:
At 17:01 22/12/2004, jeremy hunsinger wrote:
On Dec 22, 2004, at 10:32 AM, Thomas Koenig wrote:
I disagree. If somebody, inadvertendly or deliberately, publishes his or her blog with the false assumption of privacy, it is still public.
it very much depends, in the u.s., this is unclear. for instance, If i drop my bank statement on the sidewalk, it cannot merely be republished as public information. perhaps in the u.k. and europe it too is unclear, but i'd suggest looking at your local laws. certain things are private and need to be regarded as such.
Even though I do not know anything about the local laws, I would be surprised, if it would be legal to publish and/or quote an inadvertendly lost bank statement anywhere in the EU. I fail to see the analogy to a blog, though.
sometimes protected information is released inadvertantly, on blogs as well as any other media.
Because of a simple typo, I receive many private, oftentimes sensitive, emails to one of my email accounts. Not in my wildest dreams I would use these wrongly adressed mails as data or make them accesible to anyone other than the sender and the intended adressee, because, obviously, I was not the intended adressee. That is an apprpropriate analogy for the lost bank statement, I think.
we agree then, not all web accessible information is public.
I also can see, that many people are not aware that some of their files are avalable on the web, when they store them on a common drive that happens to be public, i.e. pages like
http://www.lboro.ac.uk/research/mmethods/stuff/
(This directory appears as on the "G:" drive on my computer.
These might be off-limits, too.
How, in contrast, do you inadvertendly publish a blog?
there are many forms of blogs, and there are innumerable ways that mistakes can be made, care and judgment is required when approaching blogs as much as any other informational system. I think we more or less agree that your former universalization "Blogging, Webpublishing and Usenet posting are demonstrably public activities. '" just needs tempered a bit, in most cases it is likely the case, but there are hard cases out there that demonstrate that we need to use good judgment over and above our assumption that they are demonstrably public.
Thomas
-- thomas koenig, ph.d. department of social sciences, loughborough university http://www.lboro.ac.uk/research/mmethods/staff/thomas/index.html _______________________________________________ The Air-l-aoir.org@listserv.aoir.org mailing list is provided by the Association of Internet Researchers http://aoir.org Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
Join the Association of Internet Researchers: http://aoir.org/airjoin.html
participants (5)
-
J. J. -
jeremy hunsinger -
Mark D. Johns -
Nathaniel Poor -
Thomas Koenig