25 March 2014, Proceedings of the National Academy of Sciences: Kramer, Facebook Core Data Science Team, et al: Experimental evidence of massive-scale emotional contagion through social networks (PDF)
July 2, 2014
After Uproar, European Regulators Question Facebook on Psychological Testing
By VINDU GOEL
Facebook could be in hot water with Europe's privacy regulators.
The social network is facing potential investigations after it disclosed last week  that it deliberately manipulated the emotional content of the news feeds by changing the posts displayed to nearly 700,000 users to see if emotions were contagious.
The company did not seek explicit permission from the affected people -- roughly one out of every 2,500 users of the social network at the time of the experiment -- and some critics have suggested that the research violated its terms of service with its customers. Facebook has said that customers gave blanket permission for research as a condition of using the service.
In response to widespread public anger, several European data protection agencies are examining whether Facebook broke local privacy laws when it conducted the weeklong investigation in January 2012.
That includes Ireland's Office of the Data Protection Commissioner, which regulates Facebook's global operations outside North America because the company has its international headquarters in Dublin. The Irish regulator has sent a series of questions to Facebook related to potential privacy issues, including whether the company got consent from users for the study, according to a spokeswoman.
The Information Commissioner's Office of Britain also said that it was looking into potential privacy breaches that may have affected the country's residents, though a spokesman of the office said that it was too early to know whether Facebook had broken the law. It is unknown where the users who were part of the experiment were located. Some 80 percent of Facebook's 1.2 billion users are based outside North America.
"We're aware of this issue, and will be speaking to Facebook, as well as liaising with the Irish data protection authority, to learn more about the circumstances," a spokesman for the British regulator said in a statement.
Neither regulator, however, has launched an official investigation into Facebook's practices. Earlier, the Financial Times reported that the British regulator had begun an investigation on the case.
In the study, which lasted one week in January 2012, Facebook changed the number of positive and negative posts that some users saw in their feeds to gauge how emotions can affect social media.
Richard Allan, Facebook's director of policy in Europe, said that it was clear that people had been upset by the study.
"We want to do better in the future and are improving our process based on this feedback," he said in a statement. "The study was done with appropriate protections for people's information, and we are happy to answer any questions regulators may have."
The Federal Trade Commission, the American regulator that oversees Facebook's conduct under a 20-year consent decree, has not publicly expressed similar interest in the case, which has caused an uproar over the company's ethics and prompted the lead researcher on the project to apologize. 
Facebook's chief operating officer, Sheryl Sandberg, addressed the study in India on Wednesday in a meeting with entrepreneurs and women to promote her book "Lean In" and in an interview with the Indian TV network NDTV.
"We clearly communicated really badly about this and that we really regret," Ms. Sandberg said in the NDTV interview.  "We do research in an ongoing way, in a very privacy protective way, to improve our services and this was done with that goal."
Ms. Sandberg also expressed confidence that the company will weather any regulatory inquiries. "We are in communication with regulators all over the world and this will be OK," she said in the interview.
This is not the first time that Facebook has fallen foul of Europe's tough privacy rules.
In 2011, the social network was forced to revamp its privacy settings  after an audit by Ireland's regulator found that some of the company's policies did not meet Europe's data protection rules.
Mark Scott contributed reporting from London.