He has a point. Twitter is like public announcements. If you don't want anyone knowing you're suicidal then don't post...but then the four percent kinda means this post is pointless.
Yes, Samaritans, the law does apply to you. Even if you mean well
Earlier this week suicide prevention and counselling charity the Samaritans launched an app that scans Twitter timelines and alerts users whenever anyone appears to be depressed. Yet the backlash against this creepy automated scanning is astonishing – and the Samaritans appear to be ducking their legal obligations. As we …
COMMENTS
-
Sunday 2nd November 2014 12:12 GMT Mage
stop their Radar app from processing your tweets
Nonsense.
It's a stupid parasite on the Internet that is SUPPOSED to make your Tweet absolutely public. If you don't want something public, don't post it to Twitter or Facebook.
I do think the app is a bit misguided, but it is not breaking any privacy. The users gave that up by Tweeting.
Icon because Samaritans, The Twitter users and the author of article are showing as much sense.
-
-
-
Sunday 2nd November 2014 13:25 GMT The Mole
Re: stop their Radar app from processing your tweets
The twitter comments may be public which means Samaritans may legitimately collect them.
However the processing of these public comments is another issue. By processing them, the Samaritans are generating new information - an assessment of the individuals mental health, they are then storing and publishing this new information to third parties. The new information under the DPA would be classed as sensitive personal data ((e) his physical or mental health or condition,) which requires explicit and informed consent of the subject being processed. The fact that the information is likely to be inaccurate makes the processing and distribution of it even worse.
A case of good intentions but a failure to understand the implications of what is being performed. It shouldn't detract from the dedicated work the Samaritans do do though.
-
Sunday 2nd November 2014 18:04 GMT Tapeador
Re: stop their Radar app from processing your tweets
"The new information under the DPA would be classed as sensitive personal data ((e) his physical or mental health or condition,) which requires explicit and informed consent of the subject being processed"
Actually the DPA 1998 sch 2(1) tells us that processing is permissible where "[it] is necessary in order to protect the vital interests of the data subject."
If protecting their life is not protecting their vital interests I don't know what is! Although then the question arises I admit, whether what they do here is indeed necessary to serve the end they set for it, and in fact does so (and at what cost, perhaps).
-
Sunday 2nd November 2014 19:53 GMT The Mole
Re: stop their Radar app from processing your tweets
If they were able to predict suicide with an incredibly high accuracy, and if they were then passing the information to somebody in authority then perhaps they could argue it. But they aren't. They are passing incredibly sensitive and probably inaccurate personal data to random strangers with a strong potential to harm the interests of the data subject.
-
This post has been deleted by its author
-
-
Sunday 2nd November 2014 22:07 GMT John 209
Re: stop their Radar app from processing your tweets
Along the same line, I think Radar smacks more of practicing clinical psychology/psychiatry without a license as well as libel, defamation or slander, than invasion of privacy per se (the latter for the reasons given by others).
Practicing clinical psychology/psychiatry without a license because Radar itself has no certification or license as a mental-health practitioner (as required in all states of the U.S., at least, probably elsewhere), yet it is representing itself as able to make conclusions about the mental condition of individuals and distributing those conclusions to others. Libel, defamation or slander, because some of the mental states they are inferring from the tweets are those known to carry prejudicial stigma in the public's mind and would likely have adverse effects for the individual so judged.
Laws against such misrepresentation (licensing of psychologists and psychiatrists) were enacted explicitly to protect the public from such ad hoc quackery. Even if they have based their algorithms on published peer-reviewed research, that would not qualify them to apply the conclusions of that research where they are not licensed to do so, when it is not invited (as you point out), and distribute the results - good intentions notwithstanding. It's not the same as busy bodies gossiping and exchanging opinions about so and so behind his or her back.
-
-
Sunday 2nd November 2014 14:45 GMT The Axe
DPA applies to processing of your tweets
No inconsistency exists. Tweets are public and can be viewed by the public, processing of the information in a tweet involves personal data. It is the processing of the tweet to determine the mental state of the tweeter that is against the DPA, not that the tweet can be viewed publicly.
-
Sunday 2nd November 2014 23:11 GMT SDoradus
Re: stop their Radar app from processing your tweets
At first blush, the DPA certainly does apply for the reasons given by the writer of the article. That doesn't mean criminal charges are probable because in the UK there's a director of public prosecutions who would have to sign off on that. I believe that it's possible to bring a private prosecution but the cost would be prohibitive. Even given a prosecution, a judge would have to agree with the writer's (admittedly persuasive) interpretation of the law as applied to the facts.
On the other hand a civil action, whether privacy or nuisance based, might well succeed and might actually be profitable.
-
Tuesday 4th November 2014 00:25 GMT Anonymous Coward
Re: stop their Radar app from processing your tweets
Simple. Data protection helps protect (some, not all) of an individual's privacy interests. However, data protection does a lot other things besides protect those interests. In other words, although they intersect, data protection is not the same thing as privacy.
-
-
-
-
-
Sunday 2nd November 2014 13:32 GMT Anonymous Coward
One hand
I agree that false positives etc may be bad, annoying etc.
On the other a family member attempted to commit suicide, a friend found them and stopped them, a few months later he attempted to kill himself again, this time nobody stopped him. Looking back at his facebook etc, it becomes obvious what mental state he was in, and a warning of that type to one of his closer friends might have very well saved his life.
-
Sunday 2nd November 2014 13:49 GMT Mephistro
Re: One hand
"...and a warning of that type to one of his closer friends might have very well saved his life."
One or several of his closer friends should be close enough to him to notice there was something wrong, and acted consequently.
Seriously, leaving this kind of task to an app is beyond stupid.
And to those who claim that this is not personal information because it was posted in a public forum, please think again. The fact that you went out yesterday and stayed for an hour in a café may not be personal information, but if someone compiles a list of all the places you have been, with date and time, that list very clearly breaks your right to privacy. In other words, data aggregation can transform public data into private data.
-
Sunday 2nd November 2014 20:34 GMT Anonymous Coward
Re: One hand
Also, that "Ought to be close enough to notice..." phrase is b******ks.
My cousin hanged himself. None of his family or friends realised he was intending to do this, they all thought he was doing great.
The counsellors told us that it is quite common for someone feeling suicidal to appear to get much better once they've made the decision to actually carry it out. So we all thought he was fine, but actually he'd just finally decided that it was all over bar the shouting.
So if the 'signals' it picks up are like the example, then it's worse than useless.
Aside from that, the act of processing the data immediately moves it under the DPA.
Secondly, the resulting data is effectively the same as a psychiatrist's case notes - automated, coarse and probably wrong, but still, that's practically the most personal data possible.
-
-
Monday 3rd November 2014 09:02 GMT Anonymous Coward
Re: Another hand
A text indicating that the soon to be ex wife someone is in litigation with is feeling suicidal could save their soon to be widower a lot of money once he piles on a few extra legal messages to push her over the edge.
It's a good thing and a bad thing and zero effort has been made to limit the badness.
-
-
Sunday 2nd November 2014 17:50 GMT Anonymous Coward
They don't miss a trick
In related news, the Samaritans also put stickers with their phone number on all the machines that issue parking tickets at Beachy Head.
But I've never been totally convinced that if I was about to jump I'd bother stopping to buy a parking ticket first - especially as there's no "indefinite" parking period offered.
-
Sunday 2nd November 2014 18:34 GMT Scroticus Canis
UK twat-twit audience will gather to watch
Obviously the Samaritans have forgotten the UK public's response to David Blaine and his daft starving in a glass box stunt; having people waving hamburgers and pizzas at him while they chowed down or hitting golf balls at the box, etc... This app will just enable like minded 'tards to gather to watch the suicide spectacle with suitable cat-calls: "that's not how you tie a hangman's knot mush" or "ten extra points if you land on the Range Rover darlin' ".
-
Sunday 2nd November 2014 20:12 GMT Anonymous Coward
I can't believe a journalist wrote this story.
What if Steve Balmer or Tim Cook or Dead Steve Jobs or Google Inc. sent The Register a letter demanding that they delete every record of every public statement they ever made, whether they got this directly or from a third party, and forbidding them from collecting further data in the future? Would El Reg be obliged comply?
After all, El Reg has large institutional collection of potentially embarrassing quotations and screenshots, they use this collection primarily to generate private wealth, and they have never sought authorization to store and republish this data.
If not, why should Samaritans be obliged to comply with a similar order? At least they don't try to monetize the data they collect.
Tweeting is publishing. A public tweet isn't personal data, it is published data. Yes, people may use your statements against you. It has always been thus, so think before you speak.
-
Monday 3rd November 2014 14:07 GMT adrianww
Re: I can't believe a journalist wrote this story.
...and I can't believe that you actually read the article or that anyone could be myopic enough to miss the point quite so spectacularly as you have done.
However, in the interests of spelling it out, if the bizarre scenario that you describe were to arise, then El Reg would, indeed, be obliged to comply. Or, failing that, to take the matter up with the Information Commissioner or other relevant authority or even, in the extreme case, to mount a defence in court on the basis of wider public interest, etc. It's the law, you maroon. That's how it works. Or don't you think that El Reg has to abide by the DPA too?
More importantly, any public pronouncements reported by the Register are just that - reported. No further automated data processing operation is performed on the content of those pronouncements. Articles are written to discuss particular subjects and, in some of those articles, comments made by relevant and/or connected persons are reported verbatim (give or take the occasional typo). At most, the writer of an article may offer their own opinion as to meanings (hidden or otherwise) but that is not the same as performing any kind of data processing operation on the original information.
The scenario is, therefore, completely unlike what is done by the Samaritans Radar app, which does perform some kind of automated data processing upon the original tweets. Which is why it probably does fall within the remit of the Data Protection Act, regardless of the public nature of those tweets. The Samaritans, worthy and worthwhile as they are, can't just wave their hand like some kindly old Alec Guinness and say "We don't believe the DPA applies to us in this case. This is not the data processing system you're looking for." If they want to do the kind of thing that they're trying to do with Samaritans Radar, they're going to need to dot the i's and cross the t's with the Information Commissioner's Office to ensure that they are complying with the relevant legislation. And, if they do fall within the remit of the DPA (as they may well do), then they'll need to respond to things like Section 12 notifications correctly.
Now look what you've done. I'd always promised that I'd never use a facepalm icon for anything I read on the Internet - regardless of how dim it may be - because it seems a bit rude really. And now you've gone and made me do it. I hope you're pleased with yourself.
-
-
Sunday 2nd November 2014 20:23 GMT stu 4
quite right - 1st world problems.
"“This app monitors tweets,” continued Baines, “processes them with an automated algorithm, which selects tweets if they contain the right keywords, pushes this information to a third party, and then retains the tweet and may match it with others from the same person. All without the subject of this being aware."
yeh -so just like google does with every fucking search and every fucking email!!
But samaritans try to something with that data more beneficial than selling you targeted shite to buy and SAVE LIVES!!!!
get the fuck back on your hobby horse and fuck right off - if you use twitter you are already effectively broadcasting your (inane) thoughts to everyone* - you have not a leg to stand on by then complaining that someone tries to make use of that public data.
utterly pathetic article.
*hell I'd argue that any twatter (or facepuke) user has mental health problems… but that's neither here nor there...
-
Monday 3rd November 2014 14:20 GMT adrianww
Re: quite right - 1st world problems.
Yes, and here in the UK, Google has to abide by the DPA just like everyone else and, if you serve them with a Section 12 notice, they have to act upon it and stop processing any information about you. Which is the whole point here - it applies to Google, it applies to anyone or any organisation who holds or processes personally identifiable information and, given what Samaritans Radar is trying to do, it very probably applies to them too.
Furthermore, when you use Google, you know full well that they will be taking the information that you provide and using it in the various (and, perhaps, sometimes nefarious) ways that they do. However, you don't know what the Samaritans Radar app is doing since it isn't YOU who opts to use it or have your tweets monitored by it.
So...10 out of 10 for a nice idea on the part of the Samaritans, but minus several million for good thinking and all that.
-
-
Sunday 2nd November 2014 20:25 GMT Henry Wertz 1
I say again...
I said on the original article, and say again, Tweets are public. I wasn't sure of the status of private tweets, the Samaritans clarify that they do not process private tweets even if the user is subscribed. I'm not at all sure if the Data Protection Act does apply or not.
That said, they really should respond to Section 12 requests by saying they don't think the Data Protection Act applies, but they'll honor your request anyway, rather than insisting on people subscribing on twitter to do it.
-
Sunday 2nd November 2014 20:34 GMT Mitoo Bobsworth
On a personal note.
I do not have a twitter account.
I do manage depression (it runs in the family).
However, if I did have a twitter account & was on the receiving end of the Samaritan-bot, I do believe such a non-human and non-perceptive response would only serve to provoke any emotional disharmony I may be feeling. While the Samaritans may be well intentioned, in this instance their approach and thinking has been ill-considered, clumsy and rather lacking discernment - and may well serve as a trigger for the very event they wish to prevent. An inhuman response to a human affectation is not, to my thinking or experience, appropriate.
-
-
Monday 3rd November 2014 01:55 GMT Mitoo Bobsworth
Re: On a personal note.
@ robmobz
Perhaps I wasn't clear - it's the sense of isolation that is the issue - real, personal contact & interaction (for me at least) is important during depressive episodes. An algorithm that blindly makes assumptions on word combinations & then sends it to 'followers' (not necessarily friends/confidants or people in proximity to assist) has a likelihood to promote that mood during the episode. One could receive an abundance of supportive & uplifting tweets, but they can mean little absent the immediate physical presence of a real human being. I seek the presence of real people & good friends whenever I need a boost - that's much more tangible for me.
I can only guess you haven't been through the experience - lucky you!
-
-
-
Sunday 2nd November 2014 21:11 GMT Gary F
I wouldn't call the author's test tweet a "false positive". If I saw someone tweet that I'd be concerned. Most people wouldn't know that was a quote from some song lyrics. The app was correct in identifying that tweet. A false positive would be if some words were taken out of context and incorrectly caused the app to react.
-
This post has been deleted by its author
-
-
Monday 3rd November 2014 02:38 GMT dan1980
@AC
It would be a cold person who was disparaging of your plight. However, the concept you are essentially aligning with is the same one that is used to justify mass surveillance and all manner of 'nanny-state' laws. It's the idea saving a few lives is worth invading the privacy or curtailing the liberties of the many.
It's an argument that is always ongoing and most people agree that losing some amount of freedom is a justifiable price to pay to prevent a large amount of danger, but the situation gets murkier the more freedom you are being asked (told) to sacrifice and the smaller the pay off.
But, of course, twitter is a broadcast medium so if you want to communicate in another way then there are dozens of other tools and sites to choose from.
It's an interesting area and my point in answer to your post was really only that "it's good because it might save lives" is not that strong an argument.
-
-
-
Monday 3rd November 2014 04:03 GMT Eddy Ito
Sorry, I meant to post a link to the Mark Cuban video, here it is.
-
-
Monday 3rd November 2014 09:48 GMT Ben Liddicott
Domestic purposes
So the purpose of the processing is to enable you as an individual to be notified of certain tweets, and for you as an individual to possibly do something about them? The Samaritans are doing the processing but only on behalf of individuals who want these notifications about those they follow?
Sounds like "Domestic purposes" to me, which is an absolute exception to the DPA.
-
Monday 3rd November 2014 16:46 GMT adrianww
Re: Domestic purposes
I'm not a lawyer (although I've had quite a lot of dealings with them for reasons that aren't relevant here) but I don't think that this would stand up. The c.29 Part IV, s.36 "Domestic Purposes" exemption is stated as follows (from legislation.gov.uk):
"Personal data processed by an individual only for the purposes of that individual’s personal, family or household affairs (including recreational purposes) are exempt from the data protection principles and the provisions of Parts II and III."
As I see it, there are two important points in there.
First, it stipulates that the data is processed by the individual, not by a third party on their behalf. I suspect that the letter (and intent) of the act probably wouldn't be construed by a court as permitting some third party - and certainly not an organisation of any sort - to carry out data processing on the individual's behalf. At least, not without a specific contract between that individual and the organisation in question (by which I refer to a more formal and direct contract than any that may be implied by someone simply opting to use a free service available to all).
Second, it stipulates that the individual may carry out processing "only for the purposes of that individual's personal, family or household affairs (including recreational purposes)". While it could possibly be argued that someone wanting to monitor the tweets of a close friend or relative because they are worried about their mental state may fall into the realm of "personal, family or household affairs", it would probably also be argued that such processing would only fall fully within the remit of the Domestic Purposes exemption if the person being monitored had a demonstrable familial or personal connection with the person doing the monitoring (and, if the lawyers wanted to push the point, was even aware of it and had given some form of consent). In the absence of that, it is difficult to see how the "personal, family or household" affairs clause could be deemed to apply. Since, in the case of the Samaritans app, there is no mechanism to check or demonstrate that such a connection exists between the person being monitored and the person doing the monitoring, it is hard to see how it can be seen as falling within the remit of s.36.
In any case, I'm sure that determining any of this in a court would be a bit of a legal bun fight that would earn a couple of barristers a tidy few grand. And I still suspect that the exemption would ultimately be found not to apply (mostly on the first leg above, but also quite possibly on the second given the app in its current form).
-
-
Monday 3rd November 2014 13:19 GMT hugo tyson
It's the processing that makes the data subject to the Act, no?
Sure, all the input is public. But if a company googles your name then does analysis (automated or not) to separate the several individuals with that name, and builds a profile of you, then uses that to make statements - true or not - about you available to some or many or all other individuals, then that analysis is subject to Data Protection under the Act, surely?
-
Monday 3rd November 2014 20:55 GMT Jamie Jones
Huh?
So if I cry in public that I'm going to kill myself, and someone "unknown to me" (*shock*) "hears it without my knowledge" (*shock #2*) and reports it, they are invading my privacy?
A few years ago I was indeed that 'unknown someone' in relation to one unfortunate neighbour... I should be locked up!
-
Tuesday 4th November 2014 08:41 GMT Anonymous Coward
the system fundamentally won't work...
...because people at genuine risk of committing suicide are not always in the same category as people that post on social networks (or indeed give any outward warning) about doing it.
While, of course, there are exceptions - I have had some (admittedly anecdotal) insight into this, and it's a tragic fact that people who shout 'I'm gonna do it!' don't always, but quietly ill and upset people just go ahead and without conveniently announcing their intentions.
Hence, I have great trepidation about what sort of algorithm is at play here, that can intelligently parse and grok a person's public statements for signs of depression. I would bet it's just a simple keyword matcher, and that is woefully under spec for something as amorphous and complex as depression.
I happen to agree that the Samaritans have overstepped the legal mark, albeit in a scenario in which they meant to do well. I have experiences of being the de facto 'negative person' for shooting down ideas, simply because I asked if anyone had checked whether a proposal was *allowed* or that legal clearances were possible. It's probably the case that unfortunately, the Samaritans didn't have a voice asking that question during development.
In any case, it was a bad idea with lovely intentions.
-
Wednesday 5th November 2014 22:33 GMT tlhonmey
From the information presented in this article, I would say that whether or not the law applies depends on how the app works. If it harvests Twitter data and sends it off to the Samaritans for processing, and then displays the result, then yes, the law as phrased would apply to them. And, since the law does not require you to give them anything other than your name, a single person who demands they stop processing data, and withholds their Twitter handle can force them to shut down the entire service.
If, on the other hand, all processing is performed locally on the smartphone in question, then your notice needs to be directed to those of your twitter followers who use the app. The Samaritans would no more be liable for their software being misused by people who do not comply with legal notifications than would the manufacturer of the time clock in the example you gave if some employer chose to misuse it.
And then it also gets to their position about it not being reasonable for you to expect privacy when posting things to third-party sites on the Internet. Which is yet another can of worms to deal with.