Since a few years, solid regulation for protection of privacy is in place in Europe. As Sprockler user, you have to deal with this GDPR, and you might find it annoying as it requires you to have a few things in place. Remember that it is a good thing we have the GDPR because a lot of pressure is put on privacy on the Internet. This does not only cause personalized adds, it also makes sure you only see news items ‘the big five’ (Google, Amazon, Facebook, Apple and Microsoft) have analysed and identified as items you would be interested in. This is how your bubble starts. Try it out: create for example a new Google account and search for things you don’t usually look for. You will be amazed. After an hour of Internet, you will have joined another bubble.
Protection of privacy is in fact a precondition for countering fake news, preventing polarization and the loss of democratic values. That is why the GDPR is great. This is also why the GDPR fits Sprockler perfectly. The most important aspects are namely:
- You must have a reason (called a ‘basis’ in the GDPR) for requesting and using personal data for your research. An order from a client is a good reason.
- You must not leave personal data lying around in mails, on stickers, etc. The Sprockler server is a secure environment. Personal data can be stores there properly for the duration of the research.
- Respondents may exercise their ‘privacy rights’. Just as you can ask any organization that has your personal data to allow you to inspect them, correct them and remove them.
In short: the GDPR is great. The point is not that we want to comply with the GDPR because of the chance of sanctions (the chance is very slim). The point is that the GDPR is very good legislation that will contribute to a good Internet without fake news.
What you have to do
- The User handles personal data in a good way (as you would want your personal data tob e handled). This means that you do not leave personal data such as names and e-mail addresses lying around.
- You need an assignment (in terms of GDPR a basis) with a processor agreement (a standard agreement for Sprockler is available via the website).
- Personal data from research may not be kept forever (and in fact only for the duration of the project).
- Your own login data cannot be kept on the Sprockler server indefinitely. After a period of 3 months without logging in, you will receive an email whether or not you wish to continue using Sprockler. If you do not respond within 1 month, we will delete your account (and with that, your data).
- You must inform respondents of their rights to access their data and have their data deleted at their request.
- These are the most important issues. If there is sufficient interest, Arjan de Jager will give a second webinar about the GDPR for Sprockler users on 21 June 2021 at 20:00 pm CEST. Register via firstname.lastname@example.org.