“Research data are data that are used as primary sources to support technical or scientific enquiry, research, scholarship, or creative practice, and that are used as evidence in the research process and/or are commonly accepted in the research community as necessary to validate research findings and results. Research data may be experimental data, observational data, operational data, third party data, public sector data, monitoring data, processed data, or repurposed data. What is considered relevant research data is often highly contextual, and determining what counts as such should be guided by disciplinary norms.”– Frequently Asked Questions Tri-Agency Research Data Management Policy
Breaches of privacy in data reveal the importance of good data management practices. The consequences of a breach can include personal harm to those whose data was leaked, internal or external investigations, delays in research, reputational damage, and loss of funding. In designing data management plans (DMPs), researchers must ensure that their plan meets privacy legislation in all of the jurisdictions in which the research takes place. Researchers should consider using a range of data protection measures during the “data life-cycle”. These include,
When you’re considering how you will gather data, and whether the data can be shared once your project is complete, you will need to think through whether participants will be: Directly identifiable, indirectly identifiable, coded, anonymized, or anonymous. This will determine how you can share your data, how secure your data will need to be over the course of your project, and how you will store (and potentially destroy) the data upon the completion of your project.
Determine the data disclosure risk levels and decide whether data can be retained or deposited
Data disclosure risk levels | Low risk | Medium risk | High risk | Extreme risk |
---|---|---|---|---|
Definition | Public data Identifiability [no] Vulnerability [no] Sensitivity [no] |
Identifiability [can be de-identified] Vulnerability [no] Sensitivity [maybe] |
Identifiability [yes] Vulnerability [maybe] Sensitivity [yes] |
Identifiability [yes] Vulnerability [yes] Sensitivity [yes] |
Retention | Data may be retained indefinitely | Data may be retained indefinitely | Data may be retained indefinitely | Data must be destroyed |
Deposit | Data should be deposited with unrestricted access | De-identified data should be deposited with unrestricted access | De-identified data should be deposited with restricted access | Data should not be deposited anywhere |
Adapted from "Human Participant Research Data Risk Matrix" by Portage Network. CC BY-NC 4.0.
In your DMP, describe how you will obtain permissions for your project. This should include what you want to do (e.g., create derivative artwork, deposit data); who to ask when permission is needed for what you want to do; and, if granted, what the conditions are.
Include a description concerning ownership, licensing, and intellectual property rights of the data. Terms of reuse must be clearly stated, in line with the relevant legal and ethical requirements where applicable (e.g., subject consent, permissions, restrictions, etc.).
Obtaining permissions to create, document, and use artwork in arts-based research can be complex, for example, when non-participants are depicted in artwork or artwork is co-created or co-owned, made by minors, or derived from other copyrighted work (e.g., collages made of photographs, remixed songs). Compliance with privacy and copyright law is a common issue in arts-based research and may restrict what data you can create, collect, preserve, and share.
Familiarity with Canadian copyright law is especially important in arts-based research (see the ECU Copyright Guide, Copyright Act of Canada, Canadian Intellectual Property Office (CIPO), Éducaloi, and Artists’ Legal Outreach). Obtaining permissions is key to managing privacy and copyright compliance and will help you select or develop an end-user license. Permissions should be very specific to the use or the destination of the data. Avoid blanket releases (DEFINITION)
It is also important to know about ethical and legal issues pertaining to the cultural context(s) in which you do arts-based research. For example, Indigenous data sovereignty and governance are essential to address in all aspects of research data management in projects with and affecting First Nations, Inuit, and Métis communities and lands (see First Nations Information Governance Centre (FNIGC), Inuit Tapiriit Kanatami (ITK), and Global Indigenous Data Alliance (GIDA)), including collective ownership of traditional knowledge and cultural expressions (see UBC Library and ISED Canada).
ECU Contacts:
Library: library@ecuad.ca
Research Ethics Board: ethics@ecuad.ca
Copyright: dvkam@ecuad.ca
Privacy: privacy@ecuad.ca
library@ecuad.ca 604-844-3840 520 East 1st Avenue, Vancouver, BC