Privacy and ethical concerns of social media

Privacy and ethical concerns have become more relevant in social media due to the prevalence of “explore”, “discover” or “for you” tabs and pages.


“Discover” pages on social media deliver content that the app thinks that the user would likely be interested in. This is based on several factors including user interactions, video information, account settings and device settings. These are individually weighted based on the social media algorithms. This has raised some ears regarding profiling and related privacy concerns, particularly with regard to the processing of personal data of minors. 


While automated decisions are allowed, as long as there are no legal ramifications, specific care and attention needs to be applied to the use of the personal data of minors. 


The decisions made which cause specific content to show up on “explore” and “discover” pages are by and large automated decisions based on profiling of individuals’ personal data. While this may benefit several organizations and individuals allowing large volumes of data to be analyzed and decisions made very quickly, showing only what is considered to be the most relevant content to the individual, there are certain risks involved. Much of the profiling which occurs is inconspicuous to the individual and may quite possibly have adverse effects. GDPR Article 22 does not prohibit automated decisions, not even regarding some minors, as long as those decisions do not have any legal or similarly significant effect on the individual. Working Party 29, now known as the EDPB states that “ solely automated decision making which influences a child’s choices and behavior, could potentially have a legal or similarly significant effect on them, depending upon the nature of the choices and behaviors in question.“ As a requirement of the GDPR, specific protection needs to be applied to the use of personal data when creating personality or user profiles specifically for children or to be used by children. 


Much of the data processed by social media apps require consent, however most minors are not able to provide their own consent. 


According to the latest updates of the EU ePrivacy rules much of the data processed by social media apps and websites may require consent. In many parts of the world, most minors are not legally able to provide their own consent. The age of consent in this regard varies around the world, and in some countries it can even reach up to 16 years old. However in the UK specifically, children aged 13 or over are able to provide their own consent. The parents or guardians of children younger than this are the ones who must provide consent on their behalf. As a data controller, it is important to know which data requires consent, from whom, and how this consent will be collected, and which data can be processed based on another lawful basis different to consent.


In developing social media apps and features it is important to consider several ethical principles. 


Trustworthy AI should be lawful, ethical and robust. In developing social media apps and features, it is important to ensure that the data is kept secure, the algorithms are explainable and that the content delivered to the user does not include any biases. Ethical principles like technical robustness, privacy, transparency and non-discrimination are considered paramount. Because social media algorithms serve up content to users on explore and discover pages, it is imperative that the decisions made by these AI systems are incredibly transparent and that attention is paid to whether, or how these systems may possibly be discriminatory. An AI ethics assessment can provide incredible insight into how fair these AI decisions may actually be, and how to ethically and lawfully go about developing the algorithms for social media apps and platforms. 


We recently published a short vlog on our YouTube channel exploring the privacy and ethical concerns in social media. Be sure to check it out, like, comment and subscribe to our channel for more AI ethics and privacy content. 

Does your company have all of the mandated safeguards in place to ensure compliance with the ePrivacy, GDPR and Data Protection Act 2018 in handling customer data? Aphaia provides ePrivacy, GDPR and Data Protection Act 2018 consultancy services, including data protection impact assessments, EU AI Ethics Assessments and Data Protection Officer outsourcing. We can help your company get on track towards full compliance.

Digitising European Industry

Aphaia attends Third Stakeholder Forum on Digitising European Industry

The forum was focused on Artificial Intelligence and Digital Innovation Hubs.

Third Stakeholder Forum on Digitising European Industry took place in Madrid from the 13th to the 15th of November 2019. It brought together more than 600 attendees and 50 panellists who addressed topics like the opportunities that the AI offers to the European market and the investment required for the digitalization of the industry, among others.

The Stakeholder Forum is a public event organised on a yearly basis by the European Commission and one Member State within the context of the Digitising European Industry initiative (DEI).

Europe is home to great innovators and disruptors in their specific technological fields. Investment in trustworthy AI and support of local Digital Innovation Hubs can give Europe a competitive advantage at an international level. Initiatives like Digitising European Industry and the Coordinated Plan on Artificial Intelligence allow Member-States and regions to be closer to that objective.

As frontrunners in AI ethics assessment, one of the talkswe enjoy the most was “Artificial Intelligence for industry: putting ethics into business practice”. The panel was composed of renowned professionals in the AI field, namely:

Richard Benjamins (Data & AI Ambassador, Telefonica)
Meeri Haataja (Co-founder and CEO of Saidot)
Joanna Goodey (High-Level Expert Group on AI)
Aida Ponce (Senior Researcher, European Trade Union Institute)
Moisés Barrio (Legal Counsel for the Spanish Council of State)
Lucilla Sioli (Director for Artificial Intelligence and Digital Industry, European Commission)

This session gave stakeholders an opportunity to discuss the EU AI ethics guidelines, and the next steps to ensure that AI is developed in an ethical manner.

According to Lucia Sioli, AI ethics are one of the AI challenges in Europe, together with investment and education. AI ethics because we have to develop trustworthy AI which is respectful with our core values; investment because all Member States have to work together to be able to create strength in this area and education because AI will create new jobs that we will have to cover.

Diving further on the role of AI ethics, each speaker explained their position:

For Richard Benjamins the trickiest part is implementing AI into into business practice. “There is no experience. The design process is important and it should be based on five pillars: the principles themselves, awareness and training, self-assessment list, tools and governance. We should focus on self-awareness”.

Meeri Haataja provided a startup perspective which work with large organisations both in private and public sector: “We have a consensus about what the principles are, but we should think about how to put this into practice, focused on transparency. Transparency provides a window to see if the principles are in place. We need to establishindustrial specific standards and common practices”.

Joanna Goodey explained that, as a member of AIHLEG, she is often asked: what are the challenges of regulating AI? What are the challenges if we don’t regulate AI? She thinks this is not black or white. “We need strong evidence from different sectors, not only industry but also e.g lawyers who work in industry. We need to draw lessons about what they have done so far”.

Aida Ponce showed her concerns about technologies that impact workplaces and workers. “AI is a very transversal technology, it can potentially transform lives, business models, work places, workers and jobs. You may be thinking that we have seen this before with the industrial revolution, and the answer is yes, but what is different is that AI has three characteristics not seen before: a lot of data, many uncertainties that every day are emerging and we don’t understand (complexity of world) and volatilityof technology”.

Moises Barrio asserted that “We need binding legal regulation. Approach to AI has to be done with legal rules. Ethical rules do not have legal guarantees (in case of not compliance there are no penalties, fines, etc.). Self-regulation is not enough in this area. If standards are just optional some actors will not comply with them. When drafting regulation the voices of the companies are relevant but they cannot be regulators”.

It is our opinion that we are still on the very first stage of regulating AI, that is why we first need to learn what we are talking about and how the industry is applying it, and then, after such initial approach, the relevant bodies in Europe will be able to decide if Regulation is necessary or codes of conduct are enough instead.

If your company is currently considering procuring or developing an AI system, Aphaia’s AI ethics assessments  will assist in ensuring that it falls within the scope of the EU’s and UK’s ethical framework.

South Summit 2019

Aphaia at South Summit 2019!

Aphaia attended the 2019 South Summit in Madrid, Spain.

South Summit 2019 took place last week in La Nave, Madrid (Spain). South Summit is an innovation and investing event that has been held annually since 2013.

South Summit provides startups, investors and corporations seeking to improve their global competitiveness with the chance to connect and create interesting business opportunities. Technology is the common thread among them all.

South Summit brings together the most disruptive ideas that will be market game changers in the following years in several industries like fintech, insurtech, ecomerce, marketing, or healthcare.

Some amazing startups we had the chance to meet are Hoop Carpool, a sustainable mobility startup that promote car sharing for daily trips to the office or to the University; IDOVEN, that uses AI to detect heart problems to prevent cardiac disease, heart attacks and sudden death and GATACA, that provides digital identity solutions to deliver fast and secure access to digital services worldwide.

One of the highlights of South Summit is their Startup Competition, where 100 finalists out of more than 3000 participants show their projects to an expert jury. South Summit 2019 global winners are the following ones:

Startup Competition Winner: Streamloots – Audience monetization for eSports.

Most disruptive startup: Bdeo – Providing visual intelligence to the Insurtech Industry.

Most scalable product: Influencity – Influencer Data-Driven technology.

Best team: Jubel – AI for travel expert advisor services.

Glovo and Badi were finalist startups in South Summit previous editions.

Aphaia helps startups to comply with the relevant data protection, telecom, AI and IoT legislation both before launching their products and services and during the whole product life-cycle.

If you need advice to comply with the GDPR and other relevant legislation in your startup, Aphaia offers both AI ethics and Data Protection Impact Assessments, among other services. Contact us and let us know how we can help you.  


Aphaia attends FOAN2019

8th International conference on Fiber Optics in Access Networks (FOAN2019) was held 2-4 September on Swissotel, Sarajevo.

More than 60 talks were delivered by the most top professionals in the Telecoms field, including people from Industry, Academy, Government and Regulatory Agencies during FOAN2019. The event brought together attendees from all around the world, from southern and eastern Europe, Japan and US, among others.

During the three whole days, the participants were able to share their thoughts and projects, plus enjoy two networking dinners in the beautiful old town of Sarajevo.

Special mention to Edvin Skaljo, who as a chair, together with the rest of the team, made this all possible.

The talks, focused on Fiber Optics in Access Networks, addressed the field from several different perspectives: IoT, Big Data, 5G, IP Rights, Data Protection and Smart Cities, etc. Some workshops and student demo sessionswere run in parallel in another room of the venue. Local TV and press came to FOAN2019 and documented the different activities and talks.

Aphaia was invited to deliver a speech and to moderate a Panel Discussion. Our Partner Cristina Contero Almagro offered a talk about Smart Cities and Privacy and alsochaired a Panel Discussion about Smart Cities and Regulation on the Day Three of FOAN2019.

She presented some of the main privacy and security challenges that Smart Cities are currently tackling, like the potential data breach risks and the need of identifying an adequate legitimate basis for the processing.

The guests of the Panel Discussion were Igor Jurcic, head of marketing Business group for VSE/SME; Tarik Hamzic, Vice President of Operations at Ministry of Programming in Bosnia and Herzegovina; Aleksandar Mastilovic, Expert Adviser to the Director General at Communications Regulatory Agency of Bosnia and Herzegovina and Aljo Mujcic, Professor at University of Tuzla (Bosnia), Faculty of electrical/engineering. They discussed three pillars of the Smart Cities’ Regulation: Smart Cities concept, Smart Cities and Academy and Smart Cities Investment.

FOAN2019 was an enriching experience we are very grateful to have been part of, and we are already looking forward for FOAN2020!


Do you require assistance with GDPR and Data Protection Act 2018 compliance? Aphaia provides both GDPR adaptation consultancy services, including data protection impact assessments, and Data Protection Officer outsourcing.