Questions for Zuckerberg and Cambridge. Rory Cellan-Jones discusses the implications of Zuckerburg’s two-day interrogation on this week’s Tech Tent podcast. Highly recommend giving it a listen:
We zero in on what Mark Zuckerberg failed to answer during his US congressional appearances, about just how much data Facebook collects - and the control users have over it. We also try to find out whether something bad is going on at University of Cambridge when it comes to academic use of Facebook data, as Mr Zuckerberg suggested.
The tiny Cambridge department sucked into Facebook big data furore. Writing for the FT,
Hannah Murphy deep dives on the Cambridge Psychometrics Centre run by Professor John Rust, who is “adamant that it broke no rules and always gained consent to access users’ data”. Furthermore:
Prof Rust is blunt in acknowledging the risks of the centre’s collaborations, but argues they are necessary to produce valuable research in the fast-changing digital world.
“Academics are out of our depth in appreciating how companies use data to target products,” he said.
“But someone has to study what’s going on in cyber space. Are we really going to leave it to companies? There has to be academic research . . . it belongs to society, it should not be only in the realm of Silicon Valley.”
Outlining the five trends in the use and management of customer data. EXCELLENT
write-up by Jim Conning, managing director of Royal Mail Data Services, on the current top five customer data trends. Recommend reading the full article if any of these topics resonate:
- The GDPR is now the biggest worry for marketers and data practitioners
- Marketing challenges around data
- Using data to improve marketing success
- Collecting and managing customer data
- Dealing with data quality
Explicit vs. unambiguous consent: what’s the difference? Britt van den Heuvel
explains the key differences between the types of consent and when each is required. Explicit consent is required for “personal and (crucially) sensitive data” to be processed. So:
Explicit consent consists of nothing less than presenting the data subject with an explicit statement regarding the specific personal data to be collected and an explicit action by the subject agreeing with this statement (such as ticking a box saying ‘I agree’).
Simply stated: the data subject should quite literally and explicitly say “I consent” for consent to be considered explicit.
Whereas “consent for regular, non-sensitive personal data doesn’t necessarily need to be explicit, but it does need to be unambiguous”:
Say a person wants to answer an online competition. They enter several optional pieces of information, including their email address. Above the field it is stated that ‘we will use your email to keep you up to date on special offers’.
By entering their email address after reading the notice, the subject consents to giving their information (that is, their email address) without ever explicitly stating ‘I consent’ or ‘I agree’.
The affirmative action of entering their email is enough to constitute unambiguous consent, even though it is implicit and not said ‘out loud’.
