Restricting access to data

While research data should be shared, there are often valid reasons why they should not be shared openly or, to put it another way, why access to them should be restricted. In some cases you may not be able to share your data at all, though this can often be avoided by careful planning.

There are several techniques you can use to restrict access to data, and you do not have to apply the same level of restriction to all your files. You can also provide different versions of your data: perhaps a fully anonymised and redacted version for open sharing and a fully detailed version for restricted sharing.

In any case, it is important that you document why and how you intend to restrict access to your data, as you will be asked for this information at various points.

If you are unsure as to whether you could or should make your data openly available, please contact the Library's Research Data Service before you publish your data.

Justifying access restrictions

Personal data

Research data involving human participants must be handled in accordance with the Data Protection Act 1998. This legislation protects data that could be linked to specific individuals, and in particular it gives those individuals control over how the data are used and shared. This means that personal data should not be made available to any third party without the explicit, written, informed consent of the person to which it relates.

Your ability to share data therefore depends entirely on the wording of your consent form. This should specify what you are allowed to share, to whom, and under what conditions, although the terms you actually impose will almost certainly be more extensively defined than in the consent form.

If a version of the data has been anonymised effectively, that version no longer falls under the terms of the Act and can be shared openly, though it is still best practice to obtain consent for this.

Other sensitive data

Even if data are not personal in the sense defined in the Data Protection Act, it still may not be ethical to share them openly. Inappropriate release of some types of data might put research participants, the public or vulnerable groups at risk:

  • Domestic energy usage data could be used to determine occupancy patterns in participants' homes.
  • Disease statistics might require anonymisation to avoid them being used to identify the location of villages in a war zone.
  • Spatial data that would reveal the location of an endangered species can be justifiably withheld to protect the species from poachers. This would also apply to the location of rare fossil specimens.

In these or similar situations it may still be possible to share a version of the dataset that has been made safe, in which case it should be made clear to future users which variables have been redacted, aggregated or anonymised in the dataset and why.

If you are unsure whether your data are sensitive in this sense, please contact the Library's Research Data Service for advice.

Intellectual Property Rights

You must not share data if you do not have the right to do so. This is not usually an issue for original research data since the Intellectual Property Rights are typically held by the University or the person who gathered the data. For more detail, see the University's Intellectual Property Policy or seek advice from Research Commercialisation and Contracts.

The issue does arise where research is funded by an external partner, or where an external partner makes a contribution to a project, and that partner is awarded Intellectual Property Rights in the results, including the research data. This usually means that the results must be kept confidential by the University and only released under a publication protocol agreed by all parties.

The issue can also arise for third-party data, if you are not permitted to redistribute them data directly. In such cases, your documentation and data access statement should, as far as possible, provide details of where the study data were obtained so that other researchers can obtain or request access to the same data. For more complex cases, you should also provide instructions on how to process and combine the third-party data to arrive at the same dataset you used.

Contractual obligations

Your ability to share data may be restricted by the terms of contracts or collaboration agreements covering the research. This is likely to happen if you work with commercial collaborators or otherwise handle commercially sensitive data.

As with personal data, it may be possible to negotiate terms under which such data might be shared; for example, restricting access to certain users and purposes, and subject to the user entering into a non-disclosure agreement.

Classified information

The University's Information Classification Framework defines a classification scheme and associated handling protocol setting out the access restrictions for three tiers of sensitive information. Most of the criteria it uses are covered above, but if your research data would be classified for another reason under the Framework, please contact the Library's Research Data Service for advice.

Applying access restrictions

Access to data doesn't mean that everything has to either be openly available to the public or completely restricted:

  • You could restrict some parts of your dataset while sharing others openly. For example, you might restrict access to raw data containing personal identifiers, but openly share the remaining data.
  • You could create different versions of your dataset, such that the sensitive version is restricted while the non-sensitive one is shared openly.
  • You could share your dataset only with certain users.

These options should always be considered in preference to a complete restriction on the whole dataset.

Anonymising data

One way of making data less sensitive is to anonymise it, that is, remove both direct and indirect identifiers, so that variables cannot be combined to reveal the identity of an individual or organisation.

While anonymisation sounds a simple thing to do, it can be easy to miss information that indirectly identifies participants, or that is hidden in some way:

  • If a dataset indicates that just one or two participants in an area have a particular characteristic, that can lead to them being identified. The same issue can arise in a less obvious way if the number of participants changes by one or two over a defined time period. Such issues can usually be avoided by reducing precision, either aggregating to larger areas or periods, or rounding/grouping the numbers in a consistent and documented way.
  • Version history information hidden in Word documents, for example, can reveal who has edited the document. Often the most secure way to remove this kind of information is to migrate the file to a simpler format that either does not support embedded metadata, such as plain text or comma-separated variable (CSV), or makes them easier to inspect and remove, such as rich text format (RTF).
  • Tags in digital photographs can identify when and where the picture was taken. Such information can be edited with special tools such as ExifTool. The Audio Visual Unit can provide help and advice on this.

If by anonymising the data you make it impossible to use them to validate your findings, you should mention this fact in your accompanying documentation and data access statement.

For more information on anonymising your data, see the guidance provided by the UK Data Service.

Restricting access to classes of users

Some data archives allow you to require potential users to register before they are able to access data files. This allows the data archive to monitor who accesses the data, and provides additional opportunities for them to make users aware of the conditions of use.

Some archives may go further and allow you to grant access only to registered users that meet certain criteria; for example, that the user should be employed in a research role at a recognised research institution.

Granting access upon request

If you need to apply restrictions that it would be hard for an archive to implement effectively, you can nominate a contact whose permission must be obtained before access to the data is granted.

This might be necessary if you need to check whether the user is working on a suitable project, whether the user has a conflict of interest, or if the user would first need to enter into certain agreements or partnerships.

Applying contractual terms

Non-disclosure or confidentiality agreements are a type of contract used for sharing sensitive data with specific individuals for specific purposes and under specific terms. Contact Research & Innovation Services if you require a non-disclosure agreement for your data.

For more information, see the Research & Innovation Services guidance on research contracts.

Restricting data discoverability

In rare situations it might be necessary to restrict access to both the data and to metadata describing the data. If you think this might apply to your research, please contact the Library's Research Data Service who will be able to advise on how best to comply with policy requirements for sharing data.

Dealing with requests for access

You may receive a request for access to your research data or for information about your research from outside the expected channels. Various pieces of legislation govern whether you are obliged to supply the requsted information, and within what timeframe. You should therefore read such requests carefully and, if appropriate, forward them to the appropriate specialist team within the University, which will be able to advise you on how to proceed.

If the request is for personal information, or if it specifically mentions the Data Protection Act, you should refer the request to the Data Protection team. Requests made under the Data Protection Act should normally be from the person to whom the information relates.

If the request is for environmental information, the Environmental Information Regulations (EIR) may apply. Otherwise, the request may fall under the definition of a Freedom of Information (FOI) request; see the University guidance on identifying FOI requests. Note in particular that the request need not mention the Freedom of Information Act or the Environmental Information Regulations in order for the respective legislation to apply. Unless you are sure the request is not a valid FOI or EIR request, refer it immediately to the Freedom of Information Officer; the urgency comes from the 20 working day legal deadline to respond to requests.