Are You Part of a Research Study Without Realising It?

Introduction

Whether browsing a website, installing an app, or engaging with a social media plug-in, it’s second nature to click “Accept all.” Yet in doing so, we may be contributing data to systems designed to study and influence our behaviour and effectively become participants in the research process without our informed consent.

💻From Cookies to Consent

These days, most people are aware that cookies track browsing behaviour. They allow website owners to identify popular pages, resolve performance issues, and personalise content for users. In principle, there is nothing wrong with this.

However, the challenge lies in what is hidden behind the vague labels on cookie pop-ups. Categories such as “Performance,” “Analytics,” or “Experience enhancement” may sound harmless, but some of these cookies can involve the collection of data for research purposes.

📊For example:

• Analytics cookies like Google Analytics or Meta Pixel collect and analyse user data at scale. Collective data from these tools sometimes ends up in academic or market research projects.

  
  

• Advertising cookies build behavioural profiles that can be shared, in anonymised form, with research partners exploring consumer trends.

  
  

These examples might not seem alarming, but they show how easily ordinary browsing can become a form of research participation on a large-scale without clear or informed consent.

🔬 An Illustrative Example

One of the most striking examples came from Facebook’s 2014 “emotional contagion” experiment, where researchers altered the content shown in users’ news feeds to test whether exposure to positive or negative posts affected their own mood.

The study was published in a scientific journal but the 700,000 users involved had no idea they were taking part in an experiment. The backlash was immediate, with critics highlighting the lack of transparency and informed consent.

https://www.bbc.co.uk/news/technology-28051930

In the years since, similar issues have arisen with apps collecting location data for “research” that later appeared in marketing datasets, as well as in collaborations between research institutions and technology companies where the distinction between service delivery and research has sometimes been unclear.

🛡️Organisational Responsibilities

Under UK data protection law, organisations must be open and specific about what data they collect and how they intend to use it, even when it’s anonymised. The obligation to be transparent remains.

In other words, consent is only meaningful if people understand what they’re agreeing to.

• Be specific - don’t hide research under generic cookie categories like “performance” or “experience.”

  
  

• Give real choice - users should be able to say yes to necessary cookies but no to research or profiling.

  
  

• Review partnerships - if analytics data might be used in research, make sure contracts, policies, and privacy notices reflect that.

  
  

👍What You Can Do

For individuals, a quick check of your cookie settings or browser privacy options can go a long way. You might be surprised at just how many tracking tools are running behind the scenes.

Taking a few moments to review your choices helps ensure you stay in control of your data!

If you’re concerned about your own organisational responsibilities call Richard Jenkins 024 7698 0613 or email richard@clariclegal.co.uk for a no obligation chat.

Disclaimer:

This article is for general informational purposes only and does not constitute legal advice.