Data Privacy Laws

Legal research with personal data

Image by Gerd Altmann/CC0

Research projects especially when publishing their results have to consider a number of legal regulations. Certain reserach methods are subject to strict data privacy/protection laws. Projects involving sensitive data especially involving human subjects in medical and psychological research may also be required to pass an evaluation by an ethics committee. [1]

Research that includes obtaining personal data is expected to conform to high ethical standards during the project as well as when sharing the data, such as recommended by professional bodies, institutions and funders (e.g. the German Medical Association, the German Psychologist and Sociologist Associations, DFG or international funders).

sensitive, personal and otherwise confidential data can be shared and made available in ethically and legally correct ways if the following aspects are considered from the start of the project (see UK Data Archive):

  1. In order to obtain informed consent the subjects must be informed on how the data will be managed and shared.
  2. The purpose of sharing the data must be made clear.
  3. Where applicable/necessary the identity of individual participants has to be protected by  anonymisation of personal data .
  4. Access to the data should be controlled/regulated.
  5. Many funders (e.g. DFG) but also many publisher demand an evaluation by an ethics committee in some cases.

Anonymisation and legal regulations

Conforming to data privacy laws and protecting the personality rights of study participants is a central requirement for the archiving and re-use of personal reserach data. In order to conform to data privacy laws, sensitive research data have to be anonymized. Anonymization is the removal of personal and personalised information from research data. [2] The Federal Data Protection Act (Bundesdatenschutzgesetz) contains specific regulations on the use of personal data for research purposes. It stipulates that personal data which are gathered or stored for scientific purposes can only be used within the framework of those regulations (image 1). In general the principles of necessity, data avoidance and data economy ("gather, process and use as little personal data as possible") should be considered. Generally, personal data have to be anonymized at the earliest possible point in the research project. Up to that point data that can be used to identify a person have to be stored separately from other data and may only be used in conjunction as far as necessary for research purposes. [3] These regulations can be found in the Federal Protection Act § 3 paragraph 6 and paragraph 1. Special protection is given to sensitive personal data. That includes characteristics like ethnicity, political opinion, religious and philosophical denomination, union membership, health and sexuality. Sensitive personal data may only be used under special circumstances. (BDSG § 3 paragraph 9).


How to anonymise data?

There is a difference between anonymising qualitative and quantitative data. More information on anonymising these two kinds of data can be found on the website of the UK Data Archive .

Data can be anonymised by:
Removal of directly identifying characteristics like name and address
Aggregation of information or reduction of variable precision, for example substituting birth dates by group age
Generalising of personal data
Using pseudonyms
Hiding variable outliers for example by top-coding salaries
Characteristics that might reveal the identity of a person:
direct identifiers: name, address, postal code, telephone number
indirect identifiers which could reveal an identity if combined with other sources of information such as information about profession, employment or outliers in age and salary
Special consideration should be given to:
relational data which could expose relationships between variables of associated data sets
georeferential data where identifying spatial references also have a geographical value

Obtaining consent

Scientists are required by the ethics codex of their discipline (DGP and BGP, DGS and BGS, DVPW, BÄK) as well as by law to obtain consent. This applies to study participants as well as for information gathere das part of a study. Where possible consent should include all future uses such as data sharing, preservation and long-term sue of research data. The German Data Forum (Rat für Sozial-und Wirtschaftsdaten) provides recommendations and consent form templates (in German). More information and downloads can be found on the DIPF website.

Recommendations
Inform participants on how research data will be stored, preserved and used in the long term
Inform participants how confidentiality is protected, for example by anonymisation
Obtain written consent for data transfer

Protection of confidential information in repositories

By using data centres or archives it is possible to limit the access to confidential and sensitive data as well as providing access to data for research and education purposes. Data stored in data centres and archives are usually not openly accessible and their use is generally limited to certain purposes. USers of data centres sign an end user license agreement which stipulates certain usage conditions such as not using the data commercially and not attempting to identify potentially identifiable individuals. Which kind of access will be permitted is agreed upon together with the author.

Data centres can impose additional access limitations for confidential data such as:

  • special permit from the data author
  • a data embargo for a certain period of time
  • access only for approved researchers
  • access to the data via a secure connection which allows analysis but no download

Definitions

 „Anonymisation is the changing of personal data in such a way that individual characteristics can not, or only by use of disporportionate time, cost and effort, be attributed to a particular determinable natural person.“ § 3 paragraph 6 BDSG

„The law distinguishes approval, consent and permission." (Rechtslexikon.net 2014). Consent is approval that was expressly given beforehand (§ 183 BGB) whereas permission is given after the fact. (§ 184 BGB).“

„Personal data is information concerning personal circumstances of a determinable natural person (concerned party).“ § 3 paragraph 1 BDSG

„(…) information that does not explicitly and immediately identify a determinable person, but which might enable the identification of a person's identity by using other information.“ (Metschke & Wellbrock 2002:19)

„Especially sensitive data ("particular kinds") of natural persons are protected by special regulations“. § 3 paragraph 9 BDSG 

Data which are given in confidence between two parties or which were promised confidential, that is private, treatment. (see UK Data Archive).

[Translate to Englisch:]

Einzelnachweise

  1. Unger, H., & Simon, D., Ethikkommissionen in den Sozialwissenschaften-historische Entwicklungen und internationale Kontroversen (No. 253). Working Paper Series des Rates für Sozial-und Wirtschaftsdaten, 2016
  2. Meyermann, A. & Porzelt, M., Hinweise zur Anonymisierung von qualitativen Daten. In: forschungsdaten bildung informiert, Nr. 1. Frankfurt am Main: Deutsches Institut für Internationale Pädagogische Forschung, 2014.
  3. Ludwig, J., & Enke, H. (Eds.), Leitfaden zum Forschungsdaten-Management. Handreichungen aus dem WissGrid-Projekt. Glückstadt: Verlag Werner Hülsbusch, 2013