1. Protecting Your School and Supporting Faculty in Online Research Educause 2001 -- Track 2 Wednesday, October 31 9:30 a.m. - 10:20 a.m. Indianapolis, IN Room 107/108 Copyright, Lorna Hicks, Paul J. Millis, and Virginia E. Rezmierski, 2001. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission fromthe author.

4. Duke was BAD Duke was punished Let that be a lesson to you all

5. BD AD

6. Introduction

7. The Perils of Online Research Networks make online data collection fast and easy. The ease and speed with which data can be accessed can cause researchers to shortcut data security, subject's rights, and required research review procedures.

8. Presentation Themes: a)Guidelines for Human Subjects Review (HSR) b)Principles of Fair Information Practice (FIP) c)Responsible online research d)Protecting institutions against liability

9. Key Issues Part I: Human Subjects Review Finding subjects Numbers of subjects Permissions Informed Consent Part II: Principles of Fair Information Practice Data collection Surveying Data Transport Data Tabulation Part III: Protecting the Institution Data Sharing and Collaboration Data security Data Validity and reliability Data Intrusion and alteration

10. Key Technology Issues Data Collection Issues –Subject identification –Subject information and understanding –Subject informed consent Data Collection, Transport, Tabulation Issues –Confirmed identification of data providers –Protections from unwitting release or sharing Data Security Issues –Data validity and integrity protections –Data retention and destruction schedules

11. The Belmont Report: Ethical Principles and Guidelines for the Protection of Human Research Subjects 1979

12. Respect for Persons Beneficence Justice The Ethical Principles

13. Subjects, to the degree which they are capable, must be given the opportunity to chose what shall and shall not happen to them Respect for Persons:The Principle

14. Respect for Persons: The Practice Informed Consent: Information Understanding Choice

15. Respect for Persons: Issues The “Click” as Consent

16. APS Site Anger Disorder Survey “Note: You must be 18 years or older or have parental consent to go beyond this point in the questionnaire”

17. Respect for Persons: Issues Differentiating between Public and Private Spheres

18. Respect for Persons: Issues Deception

19. Beneficence: The Principle Persons are treated in an ethical manner by making efforts to secure their well being - to do good.

20. Beneficence: The Principle Persons are treated in an ethical manner by making efforts to secure their well being - to do good.

21. Beneficence: The Practice Risks must be justified and balanced with the benefits of the research either to individuals and society.

22. Beneficence: Issue Breach of confidentiality

23. Beneficence: Issue Harm in the data collection process

24. Stabbed? Survived a major earthquake? A sexual assault? Torture? War?

25. APS Site: Experiences Following Stress and Trauma Questionnaire

26. Some people find it useful to seek support following a stressful or traumatic life incident (for a comprehensive web site including a link to a great many support sites we recommend David Baldwin’s Trauma Information Page).

27. Justice: The Principle Risks and benefits of participating in research should be fairly distributed.

28. Justice: The Practice Be fair

29. Don’t ask people held in less regard to bear the risks of research for the benefit of those who are held in higher regard.

30. Selection criteria should be related to the subject under study. Don’t just use people because they are available and easy to manipulate.

31. Research Survey for the International Sexuality Description Project (ISDP) A re you over the age of 18? If so, we would very much appreciate your participation in this study!

32. Introduction to FIP

33. Fair Information Practice A general term for a set of standards governing the collection and use of personal data and addressing issues of privacy and accuracy Intended to foster individual control over personal information, limit data collection and place responsibilities over data collection

34. Code of Fair Information Practice Health, Education, & Welfare -- 1972 Current European Standards for Privacy Code of Fair Information Practice

35. Principle 1: Notification

36. Definition: –Subjects must be informed of what information is being collected, by whom, why, what steps are being taken to secure it, and what are the consequences of withholding information Key Issues: –monitoring tools may be used for gathering personal information profiles without the subjects knowledge Recommendations: –Subjects need to be notified of whose authority the information is being managed

37. Principle 2: Minimization

38. Definition: –emphasis on gathering the minimum amount of relevant private subject information Key Issues: –potentially private information on individuals is increasingly available from transactions –backups and archival copies of research records can linger on systems Recommendations: –Avoid collection for collection’s sake or for “potential future use” (epistemological use) –Limit automated collection of data by systems & logs

39. Principle 3: Secondary Use

40. Definition: –when personal information is gathered from a subject, it should only be used for the purpose for which it was collected Key Issues : –Data mining is seductive; it is easy to use data for secondary purposes with no human authorization –Biometrics used for authentication have the potential for use in human research

41. Principle 4: Nondisclosure & Consent

42. Definition: keeping personally identifiable information about subjects from third parties Key Issues: –consent to use information is an ongoing issue –ease with which information in an electronic form can be accessed, manipulated, and transported Recommendations: –Authenticating with ‘something you have’, does not allow an intruder access through sniffing –The only source of information about subjects should be the people themselves –Use an “opt-in” strategy for consent

43. Principle 5: Need to Know

44. Definition: an individual seeking access to personally identifiable subject information should be granted access only if access is required as part of an official and legitimate function related to the research Key Issues: –Ensuring that specific information is viewed and retrieved ethically from data warehouses becomes more difficult –Context determines what is private under the law

45. Principle 6: Data Accuracy, Inspection & Review

46. Definition: information collected and maintained must be accurate ant the subjects have the right to examine the information and request changes Key Issues: –Privacy rights include the opportunity to for subjects inspect information about themselves –Data synchronization Recommendations: –Consider how distributed databases are to be synchronized –Periodically ask subjects to review critical data for accuracy

47. Principle 7: Information Security, Integrity, & Accountability

48. Principle 7: Security, Integrity, & Accountability Definitions: –Security : protection of user files and resources from loss, damage, inappropriate access and unauthorized disclosure of or use of private information – Integrity : reasonable assurance that data will not be subject to unauthorized modification –Accountability: ability to explain security-related events and to link them to the originator Key Issues: –What means can be employed to validate the identity of users and determine their access Recommendations: –Firewall technology may be applied –Encryption allows for scrambling of some or all data in ways that are computationally secure –Risk management discussions are important

49. Principle 8: Education

50. Definition: researchers have a basic responsibility to educate not only their subjects by their staff about privacy rights of subjects and the implications of use and misuse of personal information Key issues: –Required as part of informed consent

51. Subjects Rights in Terms of Technology Persons who are fair subjects of data systems should: –be informed of the existence of such systems –have identified for them what data about them is on record –be given assurances that such data will be re-used only for intended purposes –be given opportunity to request an amendment or correction to their records –be certain that those responsible for data systems take reasonable precautions to prevent misuse of data

52. Auditing Human Subjects Research

53. Based upon –Regulation Title 45 Code of Federal Regulations, Part 46 –University Policy –Fair Information Practices

54. Why is auditing performed? To protect the university and its personnel –Ensure compliance with regulations and policy designed to protect human subjects

55. What to look at Solicitation for participants Documentation of informed consent Data collection instruments Data collected Correspondence with subjects Letters of complaint Reports of adverse events Training records for investigators IRB minutes

56. TOP 10 RECOMMENDATIONS 1.Training for IRP boards so that they understand networks, data storage, data access, and security issues 2.Training for faculty or a list of issues for electronic network research regarding the above 3.Strong permissions and informed consent processes so as to protect "subject trust" for our future research. 4.Special care and restrictions to protect against secondary use of data given electronic ease 5.Emphasis on minimization and care to collect only what is required --given ease in electronic collection 6.Special training for faculty regarding identification of subjects and protection of minors given anonymity online 7.Attention to authentication and authorization mechanisms to protect access to research data 8.Cautions for all faculty and researchers about shortcutting the IRB review process 9.Cautions to all faculty and researchers regarding abusive or coercive practices with secretaries or students 10.Strong emphasis on FIP, IRB processes, and Network Security for all

57. Case Studies

58. Vignette 1 Professor Ben is interested in helping corporations learn more about the effectiveness of their investment in information technology. Specifically, he wants to explore whether a practice of wide connectivity within a company and to the Internet increases the productivity of employees, increases their effectiveness, and improves overall employee/employer communication. Since many of the companies he is involving in the study already have policies regarding interception of employee email, he does not feel it necessary to gain further permission to collect data from the employee email. The corporate sponsors and participants will gain privileged access to the research findings. Companies will also have access to proprietary monitoring tools during the research. Subjects for this research will be drawn from the employee pool by simply sampling their email and network use statistics. Subjects are not notified further that research is being done. Part of the study will involve anonymous subjects and part will involve participants where names and IP addresses are available. The researcher will not connect names with data at the time the research results are reported in publications.

59. Vignette 2 Research scientist Carol wants to understand the performance behavior and patterns of web use of the secretarial and office staff of her department. She is particularly interested in the uses that they make of data transfer and file transfer technologies. She arranges to have small cameras mounted on their computers so that she can see and capture the uses that each employee makes of the web and campus networks. Since these are department employees and not students, she sees no reason why they have to give specific permissions for this research. It is designed to improve the ease with which they use file transfer technologies. Since this is a project completed entirely within the department and using only department employees, she does not go through the process of Human Subjects Review. The office personnel begin to feel increasingly uncomfortable in their roles. They complain to the Dean that they feel under surveillance and feel pressured into cooperating since they were not consulted, but do want to help the department improve processes and procedures.

60. Vignette 3 Researcher Ken is interested in knowing more about the search strategies of individuals using the web e.g., Do they search for broad topics first and then narrower ones? Do they jump from one topic to another in a rather random set of actions? Do they follow one theme and for how long before changing directions? Ken has a number of students who use the public computer laboratory near his office. He wants to mount cameras behind the students focused both on the keyboard and on the screen. He has established a process for capturing keystroke monitoring to augment the information he collects through the cameras. Additionally, he collects cookie information from each of the machines following a search process. Students are told about the research objective and told that if they use any of the specifically designated machines to do their work, they will be part of the research study. By sitting at a particular machine, Ken concludes that they have given their consent for participation. A team of assistant researchers analyzes the research data. No participant names, ages, or faces are captured during the data collection process. The Human Subject Review team reviews Ken’s research project. They are somewhat unclear as to the extent and nature of the information that Ken is able to collect on the subjects, but approve the research project.

61. Vignette 4 Electronic communication is the subject Tonya’s research. One part of the study involves an electronic conference in which the researcher will track the conversation of particular users by content subject. This means that identities cannot be avoided. When users sign on to the conference the first time, they are told explicitly about the research that is underway and have an opportunity to opt-out of the research. This will not deter their ability to participate in the conference. The researcher believes that it is highly unlikely that anyone under 18 will participate in this conference. By participating in the electronic conference, the researcher has access to all of the discussions that are started. This information, already available to the public, will be data for her study. A second part of the study involves the collection of site logs which show how often particular users visited the site and which pages they visited. Electronic logs will be kept secure once collected. Participants will now know about the log data being captured. Data will be reported, at the end of the study, in aggregate. Therefore the specific use patterns of individuals in this part of the study, will not be tied to names. The research was submitted for Human Subject Review.

62. Vignette 5 At one school, the department has a particular interest in the development of e- commerce and the use of the web for various types of product sales. Researcher Toby designs a study that will investigate auction behaviors online. The researcher will use a survey to collect data regarding electronic auctions. The research considers the return of surveys to be the sign of consent to participate in the study since the research purposes will be disclosed in a cover letter on the survey. The second part of the study is collection and analysis of extensive data regarding product-bidding history, and bidder profiles which are collected by e-Bay already. The researchers do not feel it necessary to gather permissions for this portion of the study either since bidder profiling is already being done on e-Bay. The third portion of the study involves some deception. The researchers will provide an auction site and will auction goods of value. However, they will insert negative language into the bidder profiles of some of the bidders in an attempt to determine if such negative language actually changes the behavior of bidders in the auction. No permissions are requested for participation in this portion of the study either since it is felt that such knowledge would affect the naturally occurring auction processes.

63. Vignette 6 The Web offers such convenience for contacting many different people that Research Matu decides to contact participants using this method. 100 different higher education institutions are identified and eight individuals within each institution for a total of 800 subjects. A survey instrument is designed that will collect information about technology development and transfer. A cover letter is attached to each survey that explains the nature of the research and its purpose. Individuals will be informed by electronic mail, that participation in the study is voluntary. They are assured that neither their unit nor their own name will be reported in the study. An individual identifier number is assigned to each potential participant prior to the mailing of the survey forms. The names and identification number list are kept in separate locations in the researcher’s office.

64. Thank you.