Ethics in market research

IT is not any conference where the event's co-chairman, in his welcoming address, would remind the participants about their mobile phones and say: “Please don't turn it off.”

Well, this is the Market Research in the Mobile World conference, an international conference that had been held in the United States and Europe, and this year it is hosted in Asia for the first time in Kuala Lumpur. The co-chair, incidentally, does add that attendees should put their mobile devices in silent mode.

Organised by Merlien Institute, the two-day conference which ended Thursday featured a panel discussion on ethical standards and privacy issues.

The only mention of the recently-enforced Personal Data Protection Act comes from its sole Malaysian panellist, the Marketing Research Society of Malaysia president Barry Ooi, who wrote a commentary on the Act for StarBizWeek a few weeks ago. However, the discussion does raise many unresolved privacy issues that would make one wonder just how far such an Act goes in protecting consumers' personal data from wrongful use in the market/opinion research business.

Mobile Marketing Research Association (MMRA) executive director Mark Michelson, who moderates the discussion, notes that the privacy laws vary across countries, presenting challenges for cross-border market research. The European Union itself has 27 different versions of the law.

On the big issues around mobile research and privacy, he quotes marketing research specialist Kristin Luck as referring to these during a conference in Amsterdam.

The issues revolve around online tracking data (passive data that's constantly being monitored), meta-data in photos (photos can become personally identifiable as the viewer can see where and when they are taken), geo-location, to wandering device IDs, too complex privacy policies, and fees for SMS and data streaming.

“No matter what business you're in, you should not share someone's personal information without their permission. But as researchers in particular, we have a responsibility to respondents so that they'll continue to share information - their lives - with us,” Michelson says.

MMRA, which was founded in the US, has created a condensed set of guidelines for researchers (see table).

On whether it is possible for market researchers to be very transparent with research participants, Ooi from Malaysia says in some projects, disclosing the client's name (the company commissioning the research) is a sensitive issue.

MasterCard privacy and data protection counsel Derek Ho, who qualifies that whatever he says is his personal opinions and not necessarily his employer's, says it is necessary to tell the respondents the purposes of the surveys and how the data will be used for the sake of retaining trust.

However, he does mention the difficulty of fitting an entire privacy policy on the small screen of a mobile phone without the user having to scroll down. “The policy should give you a snapshot of what the collected data are being used for and who the researcher will disclose it to,” Ho says.

He adds that another obstacle for researcher is that few people even read privacy policies - for example, when using Google Analytics.

Ooi, meanwhile, questions the need to provide a privacy policy to respondents although he thinks every research organisation should adopt a strict privacy policy in their practices. “Why scare potential respondents off and introduce more barriers to doing better research for our clients?” he asks.

But if a client's identity is not revealed to research respondents, who would the latter sue if the privacy law is broken?

Ho says: “Most people don't have the resources to pursue a large company, especially if they are out of jurisdiction or are not getting anything out of it. The first port of call is always with the regulator.”

Market Research Society Singapore executive committee member Martin Tomlinson says perhaps researchers could reveal the client's name at the end of survey, but he would personally challenge it as he feels it is not necessary to reveal the client's name. “The researcher is operating on a code of practice. It is also about the researcher protecting the respondent from the client who wants to potentially use that data for something it is not designed for,” he says.

During the question-and-answer session later, one of the participants suggest the establishment of an organisation, funded by the players involved, to protect respondents in cases of privacy breaches.

Studies may require taking a lot of photos and videos, including inside people's homes and at retail stores. Panel moderator Michelson asks whether it is possible to protect the respondents' identity by, say, smudging every photo and video.

Ho says there is a growing trend around the world relating to “privacy by design”, which requires researchers to look at the whole project lifecycle of the respondents' data from collection to storage to when it is destroyed. He says big data, like oil, is a great resource and needs to be protected.

Can researchers do everything to ensure data confidentiality is not compromised despite the thousands of images used in surveys? Dan Foreman, president of Esomar (the Europe-based body that is the world's reference point for market research), answers bluntly: “You can't. To some extent, you have to accept these things (problems) are inevitable. In tomorrow's world, the complete right to privacy and anonymity is gone. You can do your best to destroy something, but there is a chain of (data) custody. Somewhere else, though not in your research project, those same photos will exist and they will be accessible to others and may be taken by someone who is not a (responsible) member of a body like MMRA.”

Ooi says if the rule on not compromising respondents' confidentiality is adopted strictly, researchers can forget about using mobile technology as a research tool as “you'll never be in a position to (totally) ensure that the respondents aren't at risk.”

MMRA has created a list of commitments to research respondents which, among others, says respondents' participation should be voluntary, Foreman says: “Every time you go on Google somewhere, at some stage you click on I accept the terms and conditions.' Beyond that, I haven't volunteered for anything, yet all my data are being recorded, they're serving certain ads to me and so on, so it's kind of voluntary but it is implied voluntary. I think that will get even more fuzzy.”

The list also says participating in surveys should be free, but Tomlinson says this is relatively difficult because different markets have different mobile service billing systems, whether on prepaid plan, contract plan or others. “I can't see how researchers can go about managing this,” he says.

The industry players seem sincere in wanting to take steps in maintaining respondents' trust, but the unresolved issues make one wonder whether those in the industry themselves have the confidence to participate in consumer polls.