Mumsnet Corpus

[TokyoBouncyBall]

Not a TAAT, but a bit of googling as a result of a now deleted thread has led me to this:

https://fold.aston.ac.uk/handle/123456789/18

I note it says that the License is uncertain. Can you confirm that you have given permission for posts to be used in this way, or is there something that Aston might like to look into?

I note it says Users who wish to access this dataset must make a detailed application to FoLD and the researcher, as well as potentially gain additional agreement from an external organisation before they can be approved for access.

Given one of the uses it is being put to, I think it is a bit dubious to say the least.

I know this is a bit flippant, but given that they've been using it to train AI to find authors, can we not send them Aston and email and tell them that they need to work out which usernames are mine and then delete the data...

Should I start a new thread? For names?

You'll put your own current names, any that you can think of that have left or been banned, like langcleg.

I'll pull together some words to add tomorrow because I'm shattered now.

Theres no rush for this, Justine might come back with more info and I'd like to not leave any usernames out if possible.

On the usernames thread, I'll post what I send and any reply.

I know it's well intentioned but there's no way any data controller is going to delete anonymised data without evidence that it's your own data that you're requesting be deleted.

Haven't they agreed to delete everything?

They have!

Soooo how do we ask for this without outing ourselves?

The whole point is we dont want to dox ourselves. I've had many usernames, I'm hardly going to send one email with all my usernames, I'm not going to set up 30 emails for each username, and if i did the username would be part of the email address, therefore anonymous.

So why are people asking for their data to be deleted? What am I missing?

Because even anonymised posts in a published article can be tracked back to specific users. By deleting the posts from here it removes that chain.

Well, to be honest, it did occur to me that Kredens and co may well have a better idea of my various usernames over the last fourteen years than I do! (I have deleted my account and re-registered at various points, including once when my username was part of a hack). I would have to wrack my brains to remember them all.

That’s a fair point.
Although it puts the onus on users here to spend the time doing that, and MN to spend the time actioning it, while the doxy dudes (and other researchers) keep on doing what they are doing.

I think Aston has breached GDPR.

I want to email their DPO, Samantha Burns, to ask the following:

“I would like to make a data subject access request to know what is the lawful basis Aston is using for processing my data, scraped from Mumsnet, under article 6 of the UKGDPR

I would like to know the conditions for processing my special category data that Aston is using, including my philosophical beliefs, scraped from Mumsnet, under article 9 of the UKGDPR .

I would like to know if a DPIA was carried out by Aston University in their data scraping activities of Mumsnet.”

I don’t believe that Aston has the appropriate lawful basis, conditions for processing or that they have conducted a DPIA. With this information, I would go to the ICO.

I cannot write to the DPO at Aston myself, as I may interact with them in a professional capacity.

If anyone is contacting the DPO at Aston, please can they ask these questions as written here?

many thanks

I thought posters were referring to asking Aston to delete data?

There seem to be crossed wires here.

Mumsnet will delete posts if there's a risk of being identified. You don't need to give all your usernames as they're already recorded against your account.

There is no way for Aston, or any researchers who've published using Aston's MN corpus, to link RL identities to posts/names on their (already or soon to be deleted) MN corpus, and no way for posters to prove who they are to request deletions of data. I could email and say 'hey, I'm langcleg, delete everything I've written' but there's no way to prove that either way.

Ultimately, the use of anonymous at source data like this gives us as data subjects fewer rights to our data as we are unable to prove it even is our data.

Aston has breached the DPA but we can't do anything about it because before the ICO will get involved we have to have spoken to Aston's DP Officer... and we can't do that without outing ourselves.

Have I got that right?

I know they have said they will delete the data, but that seems to be due to a private agreement with Justine.

I also want them held to account for DPA violations.

Dr Spartacular, I think the point is that Aston may use an isolated quote, but someone could put that into Google and find the user and from there, find their posts.
For example, one of the quotes used by Tim Grant, if you put it into Google, you can find the post it is from. What appears as about eight or nine words of a quote to illustrate language in his book chapter is easily linkable to a post which talks about a DC’s medical issues. It would then be possible to use the Advance search function to see what else that poster had posted. Theoretically, that poster could be identifiable to someone who knew them or of them or indeed their DC.

To be clear, all I did was put the quote into Google to see if the open parenting forum Grant referred to was MN. I have not done any further searching. But it would be possible. So for all Aston say they do not intend to identify people and that was not the intention, it is possible that people could be identifiable.

@DrSpartacular it is not anonymised. It is pseudonymised. It is personal data and it is our right to make a subject access request to Aston.

People make these requests all the time to organisations that only have the pseudonymised data without the key. That organisation would then liaise with the organisation that provided them with the data in the first place.

It is not our problem how or if Aston feel the need to verify us (not always necessary). If we do not find their response adequate, we can then go to the ICO who can investigate what has happened here.

Normally, they should have got this data through the proper means from Mumsnet and would have reached an agreement about how to deal with subject access requests.

You can make a subject access request about lots of things, not just deletion of data.

Your rights linked here

https://ico.org.uk/for-organisations/law-enforcement/guide-to-le-processing/individual-rights/#:~:text=the%20right%20of%20access%3B,subject%20to%20automated%20decision%2Dmaking.

Not the latest data scrape intent on identifying our so-called hate crimes, they haven’t

Also, they’ve only agreed to delete the first big scrape. They have not yet said they will delete the smaller more recent one which may be for proving that we are all transphobic

There is no way for Aston, or any researchers who've published using Aston's MN corpus, to link RL identities to posts/names

Of course there is. We see it all the time on MN that posters ask for their threads to be deleted because they are too identifying, or other parties recognise themselves in the description and join in. Why to do think this won’t apply to posts Aston draw attention to? Or posters that might be known or linked to Aston researchers? Or live in areas where they live?

Of course there is. We see it all the time on MN that posters ask for their threads to be deleted because they are too identifying, or other parties recognise themselves in the description and join in.

But that risk already exists by posting on here. Most people know already that tabloids swipe threads from here, which presents a far greater risk of being identified.

I don't dispute that Aston's data scraping, dodgy use of data they don't have consent to use, and their playing in the sandbox of women's lives is all abhorrent, but they've agreed to delete it. What I do think needs to happen is that this whole issue needs to be drawn to the attention of all MNers highlighting how to request post/history deleting. Because it's the MN posting histories where risks of identification are strongest.

Yes, that's right.

The ICO told me that if one feels unable to speak to the DPO directly, one can complain to the ICO and ask for them to mount an investigation.

I recognised my sister from one single solitary all on its lonesome post on here. Aston really don't have a fucking clue what they are doing!

I've recognised mums from nursery, preschool and school before. I've also recognised the same troll over 30 times from the OP, and that wasn't the poo troll either 😀It can be surprisingly easy.

But that risk already exists by posting on here. Most people know already that tabloids swipe threads from here, which presents a far greater risk of being identified.

Tabloids might but there is another important distinction here. Tabloids are the public. Aston University are part of The State. They are a public authority. We might not think of them as being part of the apparatus of the state but that is what they are. They are part of the same organisation that runs the police, tax and benefits system, education etc.