Today's Wall Street Journal had Twitter abuzz about social media monitoring and privacy in closed communities ('Scrapers' Dig Deep for Data on Web). Specifically, a health discussion board and a social media analysis vendor using individual accounts to access personally identifiable health information. It's obviously an ethical question, but whose ethics apply? As far as I can tell? Nobody's (yet).
People are sharing personal stuff online, sometimes sharing more than they realize. We need to be careful about how we handle this information, but from what I can see, the ethical standards are just as siloed as the measurement standards. People brought along whatever ethics they subscribed to before they started dealing with social media, but the existing standards don't really cover the new activities.
Think about the different functional roles where you might find companies using social media data:
- Market research
Market researchers have strong ethical standards that come from social science research. They get into things like informed consent, but does that really apply to data mining of publicly available data? Do they apply if the data is aggregated, and no personally identifiable information is preserved? What ethical standards apply to desk research?
Jeffrey Henning wrote about the etiquette of eavesdropping and presented a webinar on consumer attitudes towards social media market research. The short version is that people persist in expecting privacy in their online conversations, despite the public nature of the forums they use. But does their expectation of privacy online translate into an ethical obligation for researchers?
- Public relations
PR ethics say a lot of being honest and transparent in public statements, representing the client and the profession well… but what about the ethics of monitoring and measurement? A recent discussion of ethics in PR measurement suggests that that conversation has only just begun.
WOMMA takes strong positions on its members' marketing activities, but the closest it comes to mentioning monitoring or research is when it commits to "promote an environment of trust between the consumer and marketer." Other marketing codes I found had a similar emphasis on outbound marketing over inbound information collection.
Update: WOMMA also calls for members to "respect the rights of any online or offline communications venue (such as a web site, blog, discussion forum, traditional media, and live setting) to create and enforce its own rules as it sees fit."
- Customer service
Is customer service sufficiently organized as a discipline to have its own code of ethics, or does it simply inherit the company's overall standards? I'll bet you that any existing ethics deal with one-on-one interactions with customers.
- Human resources
HR ethics related to personal information are based on information that companies aren't supposed to use in hiring decisions. danah boyd shared some thoughts on regulating the use of social media data in hiring.
SCIP's code of ethics doesn't commit to much more than obeying the law. Other types of intelligence organizations get some leeway even on that. If you don't want competitors spying on you, your only real defense is to learn about INFOSEC.
- The source of the data?
- What you do with it?
- The job title/professional affiliation of the user? What if the labels themselves lack agreed definitions?
- No ethics, just laws?
- Nothing—there are no rules?
Update: Is it time for Ethical Standards for Listening Vendors?