GDPR Assessment on Social Media Data Analysis using Machine Learning Algorithms

Verified

Added on 2023/04/11

AI Summary

This paper explores the General Data Protection Regulation (GDPR) assessment on social media data analysis using machine learning algorithms (ML). It discusses the use of automated intelligence (AI) and ML algorithms in data mining for digital marketing. The paper highlights the ethical concerns and the importance of GDPR compliance in ensuring user privacy and data protection. It also explores the potential of blockchain technology in securing personal data and giving users control over their data.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Abstract
This paper explores the General Data Protection Regulation (GDPR) assessment on social Media
data analysis using machine learning Algorithms (ML). With over 3Billion users on social media
worldwide, Digital marketing is taking advantage of marketing their products on social media.
Companies are so much into Data mining whereby automated intelligence (AI) and machine
learning algorithms (ML) are used to mine personal data for Digital marketing. Since Data
mining involves many participants, the ethical issues have to be observed during Data processing
to ensure the user is aware of several factors before the whole process is complete. This paper
shows how GDPR is involved to ensure ethical issues are fully put into consideration by users
and organizations as social media data is being analyzed for personalized ads and other uses.
Rules and Regulations have been set to guide the process and guarantee safety for social media
users all over the world. Without rules, the analysis might end up causing harm to the users while
benefiting businesses. The paper highlights some GDPR that must be updated since they don’t
put social media into consideration yet most of the internet users are on social media. This paper
also discusses the future of digital marketing by use of blockchain as a solution for social media
data management. It goes further to explain how decentralization by blockchain helps secure
personal data and help data users own and control their data.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Contents
Abstract............................................................................................................................................1
Introduction......................................................................................................................................2
Use of Automated Intelligence (AI) and machine learning Algorithms (ML)............................4
Challenges due to Ethical concerns.............................................................................................5
GDPR and compliance.................................................................................................................8
Use of Blockchain as a solution in Advertising.........................................................................11
Conclusion.....................................................................................................................................13
References......................................................................................................................................14

Introduction
People all over the world have embraced the use of internet more so the use of social media
platforms. Many have subscribed to these sites such as Facebook, Twitter, Instagram, LinkedIn,
and others. Digital marketing has capitalized on this growing number of social Media thus
analyzing their data for their business gain. Young people are always looking forward to being
the next trending Instagram photo, tweet or YouTube blogger. As a result, they end up providing
so much information which is in turn analyzed by machine learning algorithms (ML) and
automated machines. The automated machines go through all the information that is posted on
social media to know which product will suit the user. This data is mined and used to create
personalized ads that automatically pop up online when the user is browsing. The data is
collected and used without the owner's consent, and some companies store the already used data
to be used for another purpose without the user's consent. This poses questions of just how safe
that personal data is.
Facebook is the largest social media network in the world. Since its inception, Facebook has
collected over 300 petabytes of personal data across its network. According to Meire, Ballings,
and Van den Poel ( 2016), the received data is analyzed and used in companies for innovation
and economic growth. As data mining increases, concerns have been raised by the public about
the privacy of the personal data collected and the use of the collected data. The public wants to
own their data and is informed why their data is being collected to stop their sensitive data from
being accessed by the public. General data protection regulations (GDPR) have laid down some
rules that are to be followed, but this isn’t the best solution. A permanent solution has to be
invented to ensure there is fair play in this whole process. With the introduction of Blockchain,
there is definitely hope for both users and businesses because it provides complete safety of the
process. Blockchain Encrypts data making it hard to be accessed.

AI is an Automated Machine Intelligence System is rapidly replacing humans by carrying out
human tasks to increase the quality and quantity of interactions on social media between
customers and businesses. Automated Intelligence (AI) analyses the information of a person to
create a personalized advertisement that will automatically pop up especially on social media
like Facebook, Twitter, Instagram and other platforms all over the world (Crawford and Calo,
2016 )
These automated machines have been programmed to analyze by going through every browsing
history and collecting information without considering the negative outcome. Some of the
information collected by the AI machines is very sensitive and should never land in the hands of
the public; otherwise, it could cause a lot of harm to the user. Going through peoples profiles
without their consent is unethical because some of the information shared is private even if they
post in public on social media it doesn't give a right to any company to use it. Social media users
have a right to choose what they want to see and what they don't want to see, analyzing them to
do a personalized ad might make some users feel like they are being forced to watch these ads.
The tools analyze customers, competitors, campaigns and the industry by going through user’s
profiles, posts, clicks on a link, likes, comments or views for a video, events among other
information that is shared on social media platforms across the world (Yuste et al., 2017)
Use of Automated Intelligence (AI) and machine learning Algorithms (ML)
Automated intelligence tools are used to analyze users by going through their posts, comments,
videos, and the entire user profile to identify the influencers of a brand. The profile of
subscribers is analyzed to see their interests and if the user has a huge following. It goes through
the post engagement as it gauges to see if that profile suits the brand and question. The process is
done without the consent of the user and as a result, the collected data mind end up in the public

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

eye, and if there is any sensitive data collected, it could end up causing harm to the user. Since
influencers are brands on their own, their data should be treated with a lot of privacy (Jimenez-
Marquez et al., 2019)
The tool also follows trending hashtags online by analyzing how many people have shared it and
what they are saying about the hashtag. It also explains how far the hash tag has gone in terms of
location, engagements, reach and mentions. Viral posts are not left out either, and all this is done
with the business in mind to market their products and services without thinking how this
process might affect the user (Oliveira, 2018)
Social media enables its users to write their hobbies in their profile while signing up and this
information followed by several posts to back it up is enough reason to show their interests.
Analytics tools go through all this information to know what product might interest the user; then
this kind of information is used by marketers to make money. The devices go as far as analyzing
people's sentiments by judging posts. Emotions and opinions are analyzed by machine learning
algorithms which process natural language then pair data with negative, positive and neutral
labels then this information is decoded in the tool as an emotion. This analysis is done basically
to discover what people feel about product trending topics or service. This could be dangerous
especially if the opinion being analyzed is political (Bouadjenek, Hacid, and Bouzeghoub,2016)
The analytics tools are trained to recognize brand photos or logos of products that have no
accompanying text. Whenever a customer uploads a picture of a brand and doesn't mention the
name of the product the tool runs analyzes the product by its logo or the picture.
Last but not least most platforms like Facebook, Twitter, and Instagram, have come up with an
automated way through which their users can chat with them automatically, message them and

get feedback without the use of humans. An application of AI is installed to respond to messages
and questions online automatically. This chat box might not give not satisfactory answers to
users, especially when they ask new questions that have not been automated or if the user wants
clarification of the given answer (Gupta, 2018)
Challenges due to Ethical concerns
Researchers are harvesting data from social media platforms which represent people’s feelings,
behavior, relationships and attitudes for research purposes a process that can be ethically wrong
where data is made public. Research ethics guidelines have been implemented to guide social
media mining (Kosinski et al., 2015)
The United Kingdom has come up with ethical research guidelines to govern the researchers on
how to handle the data processing efficiency and transparency. According to the Research
Councils United Kingdom (RCUK) regulations, researchers should seek the consent from the
social media users before using their data and also urges researchers to maintain the anonymity
of the person whose data is being used for research. This is to ensure the data won’t be linked to
an individual if accessed or made public.
Research councils united kingdom (RCUK) published 13 guidelines, but only four of them
mention the use of social media and these four are the British psychological society (BPS),
International Association of internet researchers (IAoIR), Economics and research council
(ESRC) and the National Institute of Health Research (NIHR) . Out of the 156 health-related
issues involving social media data, only 50 raise ethical concerns and only two guidelines from
United Kingdom institutions refer to RCUK ethics guidelines of Mining social media data
(Taylor and Pagliari, 2018)

According to Alter, and Vardigan, (2015), the gaps in social media mining are caused by the
inconsistency in the given guidelines. RCUK fails to address social media widely in its rules
giving companies an opportunity to exploit users by using ways that are not mentioned in the
regulations provided. For RCUK to really help social media users, then it must update its rules
and add more regulations that directly address social media data analysis by not just identifying
social media as a source of data and a channel for networking but also the use of social media for
research. Apart from showing privacy concerns, the rules should also show concern on the
societal and moral implications of using the information shared on social media for other reasons
other than research purposes.
The European Parliament and the Council of the European Union have its regulations that protect
personal data. According to article 8(1) of the charter fundamental rights, it is a fundamental
right to protect the individuals whose personal data is being collected while article 16(1) of the
treaty on the functioning of the European Union (TFEU) states that everyone has a right to the
protection of their data. This leads to social progress and the wellbeing of the individual.
Supervisory authorities should be notified about the processing of personal data according to
Directive 95/46/EC, but it fails to address the issue of improving personal data an issue that
should be looked into and updated to reduce risks to the rights and freedoms of individuals and
ensure the protection of data and compliance with regulations. The regulations allow free
movement of data whereby an individual has the right transfer data. Personal data should be
lawfully and fairly processed with transparency, and any further use of the collected data should
be stated by article 89/(1) (Edwards, 2016)

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Based on the ethical issues outlined in Conway's taxonomy, privacy and the difference between
traditional and social media research have been addressed as well as informed consent and the
use of Institutional review board (IRB), but none of these regulations consider the economic
value of personal data.
In the United Kingdom, ethics guidelines that consider the use of social media were given, but
no specific examples were given to guide researchers on risk issues in their assessment. Due to
the lack of specific guidelines, questions have been raised about ethical dilemmas. The
guidelines highlight the use of social media as a source of research causing uncertainties on how
to apply ethical concepts that are likely to be interpreted differently by researchers and social
media users as well as the sensitivity of discussed topics. The economic and social research
council (ESRC) guidelines, advice researchers to stick to the regulations and get permission
from social media users, so as not to cross the legislative (Perez and Del Bosque, 2015). The
British Psychological Research( BPS) guidelines, on the other hand, has issued ten guidelines
which include private versus public space, verifying identity, withdrawal, deception, control,
protection of researchers, participants and data protection. Currently, new BPs guidelines are
being tested, but they do not specifically refer to social media thus giving researchers a leeway to
be unethical in the data mining process. Sensitive data about medical information is to be
provided by the medical research council (MRC), but the guidelines don’t give specific guidance
for researchers using social media data.T here are uncertainties in the regulations mentioned
above, and this leads to irregularities in the whole process. To avoid ethical implications, these
regulations should be revised and updated.

GDPR and compliance
The European Union (EU) and the European Economic Area ( EEA) have come up with general
data protection regulations( GDPR) that give individuals control over their data. These
regulations apply to everybody within the European Union (EU) and (EEA). Requirements and
provisions are highlighted about personal data processing on social media. Before the general
data protection regulations (GDPR) were implemented, marketers were using targeted ads for
social media users, but after issuing of the GDPR, most companies have been sending emails to
their potential clients asking if they could add them on their mailing list. GDPR was enforced in
May 2018 by the European Union (EU) and any company that doesn't comply with risks a
20million euros fine or 4% of the company’s annual global turnover. Marketers are concerned
about how these regulations will change their businesses since they are not allowed to send opt-
in emails or automatically drop cookies without consent from the user. To be compliant, social
media marketers need to be aware of all the information concerning European Union(EU)
residents they are connected to as well as coming up with a way to update their private policies
(Butterworth, 2018)
GDPR is meant to protect personal data by guiding the process of data collection, storage, and
usage. These requirements apply to companies that hold personal data of people within the
European Union (EU)and businesses that are not in the (EU ) but process data of any EU
resident. General data protection regulations (GDPR) define personal data as information which
can be used to directly or indirectly identify someone. This includes location data, cookies, email
address, and IP address. According to GDPR, If the personal data being collected belongs to an
EU resident, then consent must be obtained, and it should be voluntary and the user should be
informed about what is being collected, how it will be collected and who it may be shared within

a simple, clear language that can be understood. The consent issued must also meet GDPR
standards like explaining the reason and purpose of data, naming third parties and explaining
how the consent can be withdrawn. When the personal data has to be used for many purposes the
user should be informed of every purpose and be allowed to give consent or decline each purpose
separately. There should also be a manual setting to enable the user to opt into stricter settings.
Under GDPR, users can control their data since they have a right to access their data as well as
the right to be forgotten which allow them to ask for their data to be erased. Individuals must be
informed of any data breach within 72 hours if the breach poses a risk to the individual. A data
protection officer (DPO) must be appointed by companies to monitor sensitive information about
health, race and genetic data. Companies should never collect data from individuals who are
below 16 years of age. Without consent from their parents. Companies should also have clear
policies to maintain compliance (Thomas, 2019)
Businesses that mine data from social media are required to provide safeguards that protect
personal data. They should use privacy settings that ensure peoples data is not made available
publicly without the knowledge of the user and neither can it be used to for identification of
individuals without separately storing additional information. GDPR ensures data processing is
done under the law and it gives users a right to revoke their consent whenever they wish. Miners
cannot use that data if the consent has been revoked. Before processing data, GDPR stipulates
for companies to state the purpose of collecting the data as well as disclosing how long they plan
to retain the data. The user should be aware of the process, and why the data has to be analyzed
and if the company intends to sell data to the 3rd party outside EEA, there must be communicated

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

to the data subject. These rules enable companies to create a good reputation as well as building
trust with their clients. If the process is not well handled, then it might end up not only causing
harm to the user but also tarnishing the image of the company in question. These GDPR laws
offer privacy to both the public and the users as they guide the companies on how to use the
collected data in a way that it will benefit society and not just the company.
The purpose of the rules is to reassure the public and the user of the company’s integrity while
employees are reassured of the trustworthy of the company they work in. Recital 7 of GDPR
gives individuals control over their data if it is clear they own it. When an individual gets a right
of ownership of their data, it's legal for the person to profit from that data. The rules also give
the user a right to request for his data to be deleted, to stop further use of the collected data and
stop 3rd parties from processing their data. This applies to companies who hire outside
researchers to do data mining for them. Any data whose consent has been revoked should also be
erased from the servers; this is according to article 17 of GDPR. Recital (40) of GDPR states
that, for data processing to be lawful, data of individuals which is known as personalized data
should be processed with consent from the user. But Recital (54) allows processing of particular
categories of personal data without consent for reasons of public interest. For an individual to
give permission, he/she must understand for what that data might be used in the future and how it
is supposed to be used. Data protection officers are to be employed to manage compliance of the
GDPR laws (Albrecht, 2016)
Use of Blockchain as a solution in Advertising
A blockchain is Set of digital record that acts as a Ledger between two parties to record data
efficiently and permanently. It is a new technology of logging information whereby information

is stored in different servers.Once information enters a blockchain, there is no way it can be
tampered with thus making it reliable. Due to the rapid increase of companies using automated
machines to analyze personal data for business gain, block chain is being adopted for security
purpose of registering all transactions (Zyskind, and Nathan, 2015)
Blockchain offers a solution to social media users who use mobile phones to download and
install apps that require data processing of personal data for business-related reasons like
personalized adverts. A private key is issued to the users to be used to access data and manage it
and also for storage and retrieval of data. Whenever there is a transaction, the blockchain will
verify whether it belongs to the user or service. If it belongs to the service, the permissions are
checked thus giving the user a chance to change permissions given to service at any time by
permitting a transaction with new sets of permissions. Access to previously stored data can also
be revoked by a user for privacy purposes (Neisse, Steri, and Nai-Fovino 2017)
The blockchain is capable of restructuring how users consume content on social media, and this
has already been done on some platforms like kik which is a chat app for teens. Kik launched a
cryptocurrency called kin that is designed to bring digital apps and services to the network. The
aim is to create an in-app that enables companies to advertise directly to users through chat and
collect payment and users can also benefit from the app by using it to sell services to other users
on the app. Blockchain does not only generates in-app value and real-world economic value but
also engage users. In some countries like North Korea, China, and Syria, the government can
block users from accessing social media and some content, but blockchain enables users to
access the content by providing a distributed ledger that ensures valid access to content is not
blocked. It combats fake content circulating on social media leading to authenticity. False

content is being circulated on social media, and this includes fraudulent services and products
that might cost the user if not scrutinized and validated. Blockchain helps create a trusted,
interactive and rewarding experience on social media platforms (Nayak and Dutta, 2017)
Apart from the above mentioned, blockchain helps to prove the identity of a person and gives
them access to opportunities politically, economically and socially. With blockchain, individuals
have control over personal data. This enables them to control and share their data anonymously.
With its ability to decentralize information, the information is distributed in several servers
making it impossible for anyone to tamper with the information because it cannot be tracked. It
also offers total control to the user because whatever the user posts on social media can never be
traced or duplicated. If the user can decide to delete the data, it is automatically erased from all
the servers. Third parties cannot access it or benefit from it. With the automatic pop-ups of
advertisements on social media, blockchain provides a solution by giving the user control to
choose what to be seen ad what not to be viewed. It’s therefore easy to decide which
advertisements to see and which ones to avoid. Blockchain gives the user a chance to choose ads
that benefit them and not those that only help the advertiser. Lastly but not least, blockchain
based platforms enable the user to make money through the activities they engage in on social
media (Karafiloski, and Mishev, 2017)
Conclusion
Poor integration of ethical guidelines and concepts has led to researchers using social media data
to be unaware of ethical mining. Not all given instructions refer directly to the use of social
media data except but a few. There should be an improvement in the already available guidelines
to address ethical issues on social media data mining nationally and internationally. Researchers

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

that deal with social media data should state the ethics guidelines they are following in their
research as institutional review board IRB integrate this in their approval documentation.
Sensitive data and personal data shouldn't be entrusted to third parties because this could lead to
misuse. Users should be able to own their data and have full control without limiting companies
the ability to offer personalized services like advertisements. Blockchain should be used as an
access control moderator. It's good for a user to be able to know how their data is being used and
companies to focus on using data without being so concerned about privacy issues.
Decentralization, data collection, storage, and sharing of sensitive data have become simpler. All
laws and regulations can also be automatically programmed into the blockchain to be
automatically enforced.
References
Albrecht, J.P., 2016. How the GDPR will change the world. Eur. Data Prot. L. Rev., 2, p.287.
Alter, G.C. and Vardigan, M., 2015. Addressing global data sharing challenge. Journal of
Empirical Research on Human Research Ethics, 10(3), pp.317-323.
Bouadjenek, M.R., Hacid, H. and Bouzeghoub, M., 2016. Social networks and information
retrieval, how are they converging? A survey, taxonomy and an analysis of social information
retrieval approaches and platforms. Information Systems, 56, pp.1-18.
Butterworth, M., 2018. The ICO and artificial intelligence: The role of fairness in the GDPR
framework. Computer Law & Security Review, 34(2), pp.257-268.
Crawford, K. and Calo, R., 2016. There is a blind spot in AI research. Nature News, 538(7625),
p.311.

Edwards, L., 2016. Privacy, security and data protection in smart cities: A critical EU law
perspective. Eur. Data Prot. L. Rev., 2, p.28.
Gupta, A.T., 2018. A Software System Proposing the Processing of Crowdsourced Data to
Monitor a Flood Event: An AI Approach. Open Water Journal, 5(2), p.2.
Jimenez-Marquez, J.L., Gonzalez-Carrasco, I., Lopez-Cuadrado, J.L. and Ruiz-Mezcua, B.,
2019. Towards a big data framework for analyzing social media content. International Journal of
Information Management, 44, pp.1-12.
Karafiloski, E. and Mishev, A., 2017, July. Block chain solutions for big data challenges: A
literature review. In IEEE EUROCON 2017-17th International Conference on Smart
Technologies (pp. 763-768). IEEE.
Kosinski, M., Matz, S.C., Gosling, S.D., Popov, V. and Stillwell, D., 2015. Facebook as a
research tool for the social sciences: Opportunities, challenges, ethical considerations, and
practical guidelines. American Psychologist, 70(6), p.543.
Meire, M., Ballings, M. and Van den Poel, D., 2016. The added value of auxiliary data in
sentiment analysis of Facebook posts. Decision Support Systems, 89, pp.98-112.
Nayak, A. and Dutta, K., 2017, June. Block chain: The perfect data protection tool. In 2017
International Conference on Intelligent Computing and Control (I2C2) (pp. 1-3). IEEE.
Neisse, R., Steri, G. and Nai-Fovino, I., 2017, August. A block chain-based approach for data
accountability and provenance tracking. In Proceedings of the 12th International Conference on
Availability, Reliability and Security (p. 14). ACM.

Perez, A. and Del Bosque, I.R., 2015. An integrative framework to understand how CSR affects
customer loyalty through identification, emotions and satisfaction. Journal of Business
Ethics, 129(3), pp.571-584.
Oliveira, E., 2018. Beneficial AI: the next battlefield. Journal of Innovation Management, 5(4),
pp.6-17.
Taylor, J. and Pagliari, C., 2018. Mining social media data: How are research sponsors and
researchers addressing the ethical challenges?. Research Ethics, 14(2), pp.1-39.
Thomas, I., 2019. The impact of the General Data Protection Regulation on digital marketing and
analytics. Applied Marketing Analytics, 4(3), pp.194-205.
Yuste, R., Goering, S., Bi, G., Carmena, J.M., Carter, A., Fins, J.J., Friesen, P., Gallant, J.,
Huggins, J.E., Illes, J. and Kellmeyer, P., 2017. Four ethical priorities for neurotechnologies and
AI. Nature News, 551(7679), p.159.
Zyskind, G. and Nathan, O., 2015, May. Decentralizing privacy: Using block chain to protect
personal data. In 2015 IEEE Security and Privacy Workshsops (pp. 180-184). IEEE.