This study aimed to develop recommendations for enhancing the protection of user rights in the digital environment by implementing transparent mechanisms for monitoring compliance with human rights and optimising regulatory acts. The study included a comprehensive analysis of the legal regulation of the use of social media for marketing purposes, the specifics of user data processing and their impact on privacy, personal autonomy and freedom of choice. The analysis found that existing mechanisms for protecting personal data on social networks are insufficient, and current regulatory acts do not fully ensure transparency in information processing. In particular, users are often unaware of the scope of the data being collected and processed by social platforms, indicating a problem of insufficient awareness and the complexity of obtaining consent for data processing. It was found that social networks use personalised content algorithms, which not only aim to optimise advertising but can also shape users' digital behaviour by restricting their access to alternative information. The study also showed that Ukraine’s current legislation contains significant gaps in the area of digital privacy, particularly concerning the consent of users for personal data processing, the responsibility of platforms for confidentiality breaches, and the regulation of automated decision-making systems in marketing strategies. An analysis of international standards, notably the General Data Protection Regulation, revealed substantial differences between the European and Ukrainian models of personal data protection. Based on the identified shortcomings, the study formulated recommendations for improving personal data protection mechanisms, including strengthening the responsibility of technology companies for confidentiality breaches, including imposing significant fines for the unlawful collection and use of personal data
Legal regulation of the use of social media for marketing purposes: Aspects of human rights and constitutional guarantees
Abstract
Keywords
confidential information; digitalisation; ethical standards; commercial strategies; information privacy; digital ethics
[1] A leak of personal data of patients was revealed in one of the largest private clinics in Dnipro. (2020). Retrieved from https://interfax.com.ua/news/general/692349.html.
[2] Almeida, D., Shmarko, K., & Lomas, E. (2022). The ethics of facial recognition technologies, surveillance, and accountability in an age of artificial intelligence: A comparative analysis of US, EU, and UK regulatory frameworks. AI and Ethics, 2(3), 377-387. doi: 10.1007/s43681-021-00077-w.
[3] Andresen, K.A. (2011). Marketing through social networks: Business considerations-from brand to privacy. William Mitchell Law Review, 38(1), article number 10.
[4] Arrigo, E., Liberati, C., & Mariani, P. (2021). Social media data and users’ preferences: A statistical analysis to support marketing communication. Big Data Research, 24, article number 100189. doi: 10.1016/j.bdr.2021.100189.
[5] Balkin, J.M. (2021). How to regulate (and not regulate) social media. Journal of Free Speech Law, 1(1), 71-96.
[6] Baruh, L., & Popescu, M. (2017). Big data analytics and the limits of privacy self-management. New Media & Society, 19(4), 579-596. doi: 10.1177/1461444815614001.
[7] Bryntsev, O. (2021). Actual problems of personal data protection in Ukraine. In S.V. Glibko & K.V. Efremova (Eds.), Collection of scientific works Research Institute of Legal Support for Innovative Development of the National Academy of Legal Sciences of Ukraine (pp. 43-48). Kharkiv: Research Institute of Legal Support for Innovative Development of the National Academy of Legal Sciences of Ukraine.
[8] California Consumer Privacy Act. (2018, June). Retrieved from https://leginfo.legislature.ca.gov/faces/codes_displayText.xhtml?division=3.&part=4.&lawCode=CIV&title=1.81.5.
[9] Cambridge Analytica. (2018). Facebook data-harvest firm to shut. Retrieved from https://www.bbc.com/news/business-43983958.
[10] Chirak, I.M. (2023). The economics of social media. Ternopil: Western Ukrainian National University.
[11] Constitution of Ukraine. (1996, June). Retrieved from https://zakon.rada.gov.ua/laws/show/en/254%D0%BA/96-%D0%B2%D1%80#Text.
[12] Dahlgren, P.M. (2021). A critical review of filter bubbles and a comparison with selective exposure. Nordicom Review, 42(1), 15-33. doi: 10.2478/nor-2021-0002.
[13] Directive of the European Parliament and of the Council No. 95/46/EC “On the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data”. (1995, October). Retrieved from https://eur-lex.europa.eu/eli/dir/1995/46/oj/eng.
[14] Directive of the European Parliament and of the Council No. 97/66/EC “Concerning the processing of personal data and the protection of privacy in the telecommunications sector”. (1997, December). Retrieved from https://eur-lex.europa.eu/eli/dir/1997/66/oj/eng.
[15] Dyakovsky, O. (2023). Comparative characteristics of personal data protection under national and european legislation. Juridical Scientific and Electronic Journal, 8, 278-280. doi: 10.32782/2524-0374/2023-8/64.
[16] Ennan, R.E. (2024). Digitalization of law and formation of digital law. Uzhhorod National University Herald Series Law, 1(83), 200-205. doi: 10.24144/2307-3322.2024.83.1.29.
[17] European Convention on Human Rights. (1950, November). Retrieved from https://www.echr.coe.int/european-convention-on-human-rights.
[18] Farmkhaus, P. (2023). Social networks as a tool for state communication with citizens: Analysis of problems and paths for optimization. Scientific Notes of Taurida V I Vernadsky University Series Public Administration, 6, 169-174. doi: 10.32782/tnu-2663-6468/2023.6/27.
[19] Felzmann, H., Villaronga, E.F., Lutz, C., & Tamò-Larrieux, A. (2019). Transparency you can trust: Transparency requirements for artificial intelligence between legal norms and contextual concerns. Big Data & Society, 6(1). doi: 10.1177/2053951719860542.
[20] Google to pay $391.5 million for secretly tracking users’ location history. (2022). Retrieved from https://interfax.com.ua/news/telecom/872134.html.
[21] Gyzhko, M., & Montrin, I. (2023). Theoretical foundations of marketing in social networks. In A.A. Mazaraki (Ed.), Brand management: Marketing technologies: Abstracts of the 5th international scientific and practical conference (pp. 300-301). Kyiv: State Trade and Economic University.
[22] Havur, G., Sande, M.V., & Kirrane, S. (2020). Greater control and transparency in personal data processing. In S. Furnell, P. Mori, E. Weippl & O. Camp (Eds.), Proceedings of the 6th international conference on information systems security and privacy (pp. 655-662). Valletta: SciTePress. doi: 10.5220/0009143206550662.
[23] How personal data became a bargaining chip for political forces in elections. (2021). Retrieved from https://cedem.org.ua/analytics/personalni-dani-vybory/.
[24] Humenyuk, V. (2024). Legal regulation of facial recognition technologies in the EU, the USA and Ukraine: Private and public law aspects. Kyiv: National University “Kyiv-Mohyla Academy”.
[25] Jansen, B.J., Aldous, K.K., Salminen, J., Almerekhi, H., & Jung, S.G. (2024). Understanding audiences, customers, and users via analytics: An introduction to the employment of web, social, and other types of digital people data. Cham: Springer. doi: 10.1007/978-3-031-41933-1.
[26] Khadzhiradieva, S., Bezverkhniuk, T., Nazarenko, O., Bazyka, S., & Dotsenko, T. (2024). Personal data protection: Between human rights protection and national security. Social and Legal Studios, 7(3), 245-256. doi: 10.32518/sals3.2024.245.
[27] Khrupovych, S.E., & Borysova, T.M. (2021). Using artificial intelligence in marketing analysis of unstructured data. Marketing and Digital Technologies, 5(1), 17-26. doi: 10.15276/mdt.5.1.2021.2.
[28] Krat, O.O. (2020). Organization of marketing activities in social networks. Poltava: Poltava University of Economics and Trade.
[29] Kravchuk, V.O. (2024a). Administrative-legal protection tasks of personal data in social networks. Precarpathian Legal Bulletin, 2(55), 65-68. doi: 10.32782/pyuv.v2.2024.14.
[30] Kravchuk, V.O. (2024b). Personal data protection in social networks in the EU, the USA and China. In I.V. Zhukova & E.O. Romanenko (Eds.), Modern aspects of science modernization: Status, problems, development trends: Materials of the XXXV international scientific and practical conference(pp. 90-96). Istanbul: Public Scientific Organization “All-Ukrainian Assembly of Doctors of Science in Public Administration”.
[31] Kravets, R.Yu. (2021). Use of personal data in advertising and sales. Retrieved from http://protocol.ua/ua/vikoristannya_personalnih_danih_v_reklami_ta_prodagah/#google_vignette.
[32] Kroll, T., & Stieglitz, S. (2021). Digital nudging and privacy: Improving decisions about self-disclosure in social networks. Behaviour and Information Technology, 40(1), 1-19. doi: 10.1080/0144929x.2019.1584644.
[33] Kubay, K., Gazin, A., Horbal, A., Shulga, E., & Shapovalenko, E. (2016). Open data open guide. Retrieved from https://socialdata.org.ua/manual/.
[34] Law of Ukraine No. 2297-VI “On Personal Data Protection”. (2010, June). Retrieved from https://zakon.rada.gov.ua/laws/show/en/2297-17#Text.
[35] Law of Ukraine No. 675-VIII “On Electronic Commerce (E-Commerce)”. (2015, September). Retrieved from https://zakon.rada.gov.ua/laws/show/en/675-19#Text.
[36] Lehka, О.V. (2021). Current issues of personal data protection: Domestic and international experience. Legal Position, 2(31), 74-79. doi: 10.32836/2521-6473.2021-2.15.
[37] Levinson, J. (2010). Guerrilla marketing for nonprofits. Irvine: Entrepreneur Press.
[38] Maksymova, J., Rudyk, O., & Zaletska, I. (2023). Use of social media for effective activities of modern enterprises. Economy and Society, 47. doi: 10.32782/2524-0072/2023-47-75.
[39] Marynin, D.L. (2024). Big data collection and processing methods used in modern systems. Scientific Notes of Taurida National V.I. Vernadsky University Series Technical Sciences, 35(74(2)), 369-375. doi: 10.32782/2663-5941/2024.2/51.
[40] Mori, Y. (2021). TikTok accused of illegally collecting personal data of underage users. Retrieved from https://suspilne.media/culture/124635-tiktok-zvinuvaucut-u-nezakonnomu-zbori-osobistih-danih-nepovnolitnih-koristuvaciv/.
[41] Nicholls, S.G., Langan, S.M., & Benchimol, E.I. (2016). Reporting and transparency in big data: The nexus of ethics and methodology. In B.D. Mittelstadt & L. Floridi (Eds.), The ethics of biomedical big data (pp. 339-365). Cham: Springer. doi: 10.1007/978-3-319-33525-4_15.
[42] Ovcharenko, Ya.O. (2018). General data protection regulation aand possibility to apply it in Ukraine. Legal Scientific Electronic Journal, 3, 236-239.
[43] Pew Research Center. (n.d.). Retrieved from https://www.pewresearch.org/.
[44] Rayko, D.V., Masalab, O.V., & Alekseev, O.S. (2024). Ethical aspects of digital marketing and their impact on consumers and society. In E.I. Sokol (Ed.), Information technologies: Science, engineering, technology, education, health: Abstracts of the 32nd international scientific and practical conference. Kharkiv: National Technical University “Kharkiv Polytechnic Institute”.
[45] Regulation of the European Parliament and of the Council No. 2016/679 “On the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data, and Repealing Directive 95/46/EC (General Data Protection Regulation)”. (2016, April). Retrieved from https://eur-lex.europa.eu/eli/reg/2016/679/oj/eng.
[46] Santos, C., Nouwens, M., Toth, M., Bielova, N., & Roca, V. (2021). Consent management platforms under the GDPR: Processors and/or controllers? In N. Gruschka, L.F.C. Antunes, K. Rannenberg & P. Drogkaris (Eds.), 9th Annual privacy forum: Proceedings: Privacy technologies and policy (pp. 47-69). Cham: Springer. doi: 10.1007/978-3-030-76663-4_3.
[47] Shmatok, M. (2024). The role of social media in creating and naging the brand image of a small business. Scientific View: Economics and Management, 1(85), 91-97. doi: 10.32782/2521-666X/2024-85-14.
[48] Solove, D.J. (2007). The future of reputation: Gossip, rumor, and privacy on the internet. New Haven, London: Yale University Press.
[49] Sukhorolsky, P. (2016). The right to be forgotten in the legal system of the European Union: Realities, problems and prospects. In The science of international law at the turn of the century. Trends in development and transformation: A special edition of scientific articles (pp. 90-101). Lviv: Ivan Franko National University of Lviv.
[50] Svitlyk, Y. (2023). The most famous hacker attacks that hit the whole world. Retrieved from https://root-nation.com/en/articles-en/tech-en/en-most-famous-hacker-attacks/.
[51] Tidy, J. (2021). How your personal data is being scraped from social media. Retrieved from https://www.bbc.com/news/business-57841239.
[52] Tucker, C.E. (2014). Social networks, personalized advertising, and privacy controls. Journal of Marketing Research, 51(5), 546-562. doi: 10.1509/jmr.10.0355.
[53] Tymoshenko, O. (2023). Protection of personal data in civil legal relations: National legal provision through the prism of the practice of the European Court of Human Rights. Analytical and Comparative Jurisprudence, 4, 165-172. doi: 10.24144/2788-6018.2023.04.27.
[54] Westin, A.F. (2003). Social and political dimensions of privacy. Journal of Social Issues, 59(2), 431-453. doi: 10.1111/1540-4560.00072.
[55] Ylitalo, J. (2024). Smart phones and data collection: Autonomous agency in everyday experience. Espoo: Aalto University.
[56] Zhang, W., & Rodgers, S. (2023). Linking ethnicity targeting with artificial intelligence and data collection: Perceptions and behavioral responses of black consumers. Journal of Current Issues & Research in Advertising, 44(3), 37-391. doi: 10.1080/10641734.2023.2212022.