Navigation auf uzh.ch
Sociologist Peter* conducts research into the needs and concerns of refugees. To do so, he evaluates data from a Telegram channel using scraping procedures (automatic collection). When designing his research project, he is not sure what the rules are around collecting and processing the data. Is it legal for him to use these data? Does he have to inform the people involved? What about identifying information?
An online self-assessment tool is now available to researchers like Peter to clarify these data protection and ethical issues. DESAT – Data Protection and Ethics Self-Assessment Tool – supports all UZH researchers who deal with people or their data, whether in the context of observations, surveys or experiments.
The DESAT self-assessment tool is a simple way for researchers to ensure they are complying with legal regulations and thus avoid risks.
“The DESAT self-assessment tool helps researchers work responsibly and in accordance with privacy and ethics principles. It’s a simple way for researchers to ensure they are complying with legal regulations and thus avoid risks,” says Elisabeth Stark, Vice President Research.
Christian Schwarzenegger, Vice President Faculty Affairs and Scientific Information, adds: “The amount of available data is growing all the time, and as a result the data protection requirements for research practice are also increasing. DESAT encourages researchers to engage with data protection issues and increases the university’s and our researchers’ compliance with the applicable legal requirements.”
Until recently, researchers with questions about data protection or ethics had to contact the UZH Legal Services and Data Protection Office, their faculty ethics committee or the Cantonal Ethics Committee. This entailed precise documentation of their plans and a case-by-case review by staff in the supporting department. DESAT simplifies and streamlines this review process. “Researchers can now use this new tool to check data protection and ethical requirements themselves, and they are only referred to the relevant specialist departments in case of complex questions,” says Markus Christen of the Digital Society Initiative (DSI). Christen is responsible for the DESAT project together with the UZH data protection law team headed up by Markus Golder.
DESAT encourages researchers to engage with data protection issues and increases the university’s and our researchers’ compliance with the applicable legal requirements.
DESAT is an integrated module in AVA, the application for submitting research project proposals and managing third-party funding processes at UZH. The self-assessment tool is an optional step in the approval process for research projects. It comprises an interactive questionnaire with predefined multiple choice answers. The first section looks at aspects of data protection relevant to research, with questions such as: who is collecting, analyzing, storing and processing the data, and with whom is it shared? Does the project also involve personal data requiring special protection, such as religious or political views? The questionnaire also clarifies which data protection law – the cantonal or the EU law – applies.
The second block of questions concerns ethical guidelines, firstly checking whether a research project falls within the scope of the Human Research Act and must therefore be submitted to the Cantonal Ethics Committee. The tool then assesses whether the researcher needs to contact one of the UZH faculty ethics committees to clarify further questions – for example, if vulnerable persons are involved in the research or sensitive data are collected.
By examining all of these fundamental questions, researchers can identify the data protection and ethical issues relevant to their project. They can identify possible weak spots in their experimental design or empirical data collection at an early stage and receive assistance. In case of complex questions or if they cannot meet the requirements, researchers are encouraged to contact UZH’s data protection law team, the DSI or their faculty ethics committee to discuss the next steps.
“DESAT systematically guides researchers through the data protection and ethical aspects of their individual projects, making them aware of the issues and helping them meet the relevant requirements,” says Markus Golder. Typical blind spots are quickly identified. For example, informed consent of the people involved is generally required when processing personal data, but anonymized data can also raise ethical questions. In addition, researchers gain valuable insights for their own research by interacting with their faculty ethics committee.
After completing the online assessment, researchers receive a report documenting the systematic review of their project and pointing out any further necessary steps or open questions. When applying for funding or publishing results, this report can be used to demonstrate how the specific aspects of data protection and ethics will be or were dealt with in the research project.
UZH members interested in learning about DESAT will get the opportunity at the launch event today, Wednesday, 27 September. The ramifications of the new data protection law which recently entered into force in Switzerland will also be discussed at the event (see box).
*Name changed