I’m very happy that our paper An analysis of the Consequences of the General Data Protection Regulation on Social Network Research has now been accepted for publication on ACM Transactions on Social Computing [you can read a pre-print below or -soon- on arxiv]. I believe this can actually be a useful paper and not just a line to add on a cv (nothing wrong with that!).
The paper has a very hands-on approach, trying to address many of the actual concerns that people working with social network and social media data might have. Nevertheless, I think that considering the paper, as well as GDPR, just a list of dos and don’ts, would mean to miss an opportunity to think about the good that might come out of GDPR. GDPR offers an opportunity to computational researchers working with online data to re-think our approach to data collection, data storage and data sharing, keeping in mind that behind those csv files there are people – data subjects with rights- that we, lost as we are in our research, often fail to consider.
It is not (just) a matter of consent, privacy or APIs access. By forcing us to map the whole data flow and all the actors involved, GDPR gives us the opportunity to pause and ask ourselves key questions – such as How long will we store the data? What if we tried to obtain consent? etc. – even if we might not like the answers.