Data Access for Researchers: Feedback to the European Commission
The Centre for Democracy & Resilience has submitted feedback to the European Commission’s consultation on the Draft Delegated Regulation for Data Access under the Digital Services Act (DSA). Drawing on GLOBSEC researchers' extensive experience in monitoring, analysing, and countering efforts and trends undermining Union’s security and stability, including systemic risks falling under the DSA, since 2016, as well as results of a recent GLOBSEC-led survey filled by 54 researchers across 21 (mostly European) countries, we highlighted key recommendations to improve data access for researchers while ensuring fairness, usability, and transparency.
Key Recommendations include:
- Expanding data types for systemic risk analysis
- Improving application processes
- Ensuring fair and inclusive mediation process
- Defining timelines and ensuring data quality for social media companies
- Speeding up data access for previously vetted researchers
- Providing real-time access to anonymized data
More details of our feedback in the text or in the pdf below.
Within the Recitals outlining the Delegated Act, GLOBSEC recommends considering the following:
- Recital 11: requiring inclusion of outcomes or evaluations of scientific merits of research organisations applying for data is highly discriminatory against smaller civil society organisations (CSOs) which do not participate in large-scale scientific EU-funded projects. These CSOs often come from smaller member states and supplement the lack of university-led research. Especially in the CEE context, most of the research on FIMI or disinformation conducted over the years in the region was led by CSOs and think tanks, not academic institutions or university-affiliated researchers. We thus believe the provision “Where available, the data access application should include the outcomes of evaluations concerning the scientific merits of the research projects conducted by the research organisation of affiliation or the entity providing the funding, including references to evaluation processes conducted in relation to EU funded projects.” should be deleted.
- Recital 12: listing examples of data linked to studying systemic risks is of high importance, and all data types currently included are of high relevance. We, however, recommend adding a reference not only to users but also to user-created groups, pages, or professional accounts. On Facebook, for example, these are the ones with high reach and influence on users.
Within the Act’s specific articles, GLOBSEC suggests the following:
- Article 6: Consider adding guidelines and tutorials for successful data access application for research organisations. These should be included in the publicly available information on the data access portal. According to GLOBSEC-conducted survey, 15% of respondents lacked organisational readiness to apply for access.
- Article 9.4(d): Consider deleting the condition. It is a requirement difficult to assess by the Digital Services Coordinators and might lead to unrealistic conditions or expectations imposed on the research organisations, which can be misused to prevent the organisation from receiving the access.
- Article 12.6: The modification of the request following the amendment cannot be handled solely by the Digital Services Coordinators, as they may not have the capacity or capability to assess all consequences of the amendment for the researchers. At the same time, the researchers should have a right to be informed about the status and potential changes of their application. We propose changing language to “The Digital Services Coordinator of establishment shall consult assessments of such proposals with the principal researcher to enquire about the suitability of any alternative proposals submitted by the data provider for attaining the objectives of the research project proposed in the data access application.”
- Article 13.5: We find the lack of participation of principal researchers in the process which decides about the fate of their request highly discriminatory and not following the principle of fairness. We thus propose the following amendment: “The Digital Services Coordinator of establishment shall invite the principal researcher to join the mediation as a party to help reach an agreement that supports the objectives of the research project in relation to which the data was requested.”
- Article 13.6: In accordance with the reasoning provided in the point above, we suggest the following amendment: “The data provider, the Digital Services Coordinator of establishment and the principal researcher, shall act in good faith throughout the mediation.“
- Article 14: Given that the choice of experts lies solely in hands of the Digital Services Coordinator and the selection process might be compromised by personal preferences or political influences over the Digital Services Coordinator, we suggest adding the following conditions under Article 14:
- At least 3 experts should be consulted, whereas 2 should be associated with an institution or organisation not residing in the same Member State as the Digital Services Coordinator issuing the request for consultation.
Other considerations and recommendations:
- Overall, the Delegated Act specifies the rights and obligations for the Digital Services Coordinator, it, however, fails to specify them in detail for the data providers. There is currently a lack of clarity regarding:
- A timeline for data providers to issue their decisions on data provision. Specification of deadlines and timelines for data providers is crucial, as the amendment process and mediation could be prolonged to months, making the original request for research irrelevant. The maximum period for the whole process from data access request to granting (or denying) access should be specified, as it is a key aspect for researchers who will often be applying for access within time-limited or time-sensitive projects.
- Assurance of the quality of data provided by the data providers. While a considerable number of checks will be imposed on researchers, there is no possibility for the researchers to appeal or question the quality of data or access provided by the data providers.
- Once researchers are vetted, consider adding facilitated vetting procedure for further requests from these researchers, and from other researchers from the same organisation or institution. This would alleviate the workload of the Digital Services Coordinator and speed up the process.
- Lastly, as the results of the survey showcase, the request for data under Article 40(4) does not fully meet the needs of the researchers in continuously assessing systemic risks in the Union’s information environment and in effectively reacting to real-life events. The need for access and to anonymised data that would allow researchers to monitor and download data (in machine-readable formats) related to engagement, networks, advertising, algorithmic recommendations and content moderation decisions, which would be fully anonymised, but include both real-time and historic data, has been underscored by many events that threatened security and stability of individual member states, including harmful content spread during floods in Valencia, or foreign interference linked to presidential elections in Romania on TikTok. We believe such solution can be a part of the DSA data access portal as a non-public dashboard accessible to vetted researchers for a reasonable period of time, e.g. at least 12 months, which would allow cross-platform monitoring and data analysis.