We will be gaining valuable feedback on our app via a survey form – produced using Google Forms – which gauges information on a users preferences when socialising, as well as aspects of app design they prefer or do not prefer. Given the recent scandal concerning Cambridge Analytica, who collected personal information from users via a psychological research app, it is extremely pertinent that we are able to assure both users of our research survey and users of our app that their data will be handled in a secure way which is compliant not only with new GDPR regulations, but users’ own expectations of how an app should secure their data.
For our survey data, it was not necessary to collect any personal, identifying details about our respondents, and so our survey responses were able to be made anonymous. Our survey collected the opinions of users based on their socialising experience, their experiences of using similar apps, and what their functionality preferences would be for the app. In terms of ethical issues which may arise in filling out the University of Southampton’s ERGO2 ethics forms, our survey did not flag up any issues, as it is a low risk, non-invasive study. Our survey results will be stored on secure personal laptops and deleted once the study is complete, circa June 2018. In comparison to the Cambridge Analytica example, our survey has a clear method of data collection which also has a clear method of storage, deletion and explanation of use to the user. Facebook users who have used Cambridge Analytica’s survey were not informed of how their data would be used, and not only were deliberately mislead as to the true purpose of the survey, but their submissions were also used as a backdoor to obtain users’ friend data. This is a clear and obvious example of how not to conduct online survey, which has flagrant disregard for user privacy, as well as having a misleading agenda behind the collection of the data the company originally stated to be collecting via their psychological survey guise. Under current DPA regulations, due to the anonymous nature of our survey, it will not be subject to DPA regulations. Nevertheless, the DPA form has still been completed, and we will adhere to DPA policies for best practice.
Attached below are the forms used for our ethics, DPA (correct as of submission date), and risk assessment for our project, as well as our survey from Google.